From 4920d88e60c1ca4af34c3ac16a199c4acea54a34 Mon Sep 17 00:00:00 2001 From: corymhall <43035978+corymhall@users.noreply.github.com> Date: Wed, 14 Aug 2024 10:13:45 -0400 Subject: [PATCH 1/6] Remove mappings to classic resources There are some resources that were originally mapped to classic resources because the native version did not exist yet. They now exist so we should remove them. This will be a breaking change. BREAKING CHANGE: remove mappings to classic resources where native versions now exist --- package.json | 1 + src/aws-resource-mappings.ts | 370 ----------------------------------- 2 files changed, 1 insertion(+), 370 deletions(-) diff --git a/package.json b/package.json index a6d67926..f9974593 100644 --- a/package.json +++ b/package.json @@ -2,6 +2,7 @@ "name": "@pulumi/cdk", "version": "${VERSION}", "description": "Pulumi/CDK Interop SDK", + "main": "lib/index.js", "repository": { "type": "git", "url": "git+https://github.com/pulumi/pulumi-cdk.git" diff --git a/src/aws-resource-mappings.ts b/src/aws-resource-mappings.ts index 71a3d88e..f3e0a961 100644 --- a/src/aws-resource-mappings.ts +++ b/src/aws-resource-mappings.ts @@ -16,7 +16,6 @@ import * as pulumi from '@pulumi/pulumi'; import * as aws from '@pulumi/aws'; import { CfnElement } from 'aws-cdk-lib'; import { ResourceMapping, normalize } from './interop'; -import { debug } from '@pulumi/pulumi/log'; function maybe(v: T | undefined, fn: (t: T) => U): U | undefined { if (v === undefined) { @@ -50,8 +49,6 @@ export function mapToAwsResource( const props = normalize(rawProps); switch (typeName) { // ApiGatewayV2 - case 'AWS::ApiGatewayV2::Api': - return new aws.apigatewayv2.Api(logicalId, props, options); case 'AWS::ApiGatewayV2::Deployment': return new aws.apigatewayv2.Deployment(logicalId, props, options); case 'AWS::ApiGatewayV2::Integration': @@ -100,345 +97,6 @@ export function mapToAwsResource( return mapDynamoDBTable(element, logicalId, typeName, rawProps, props, options); // EC2 - case 'AWS::EC2::EIP': - return new aws.ec2.Eip( - logicalId, - { - instance: props.instanceId, - publicIpv4Pool: props.publicIpv4Pool, - tags: tags(props.tags), - vpc: props.domain ? pulumi.output(props.domain).apply((domain) => domain === 'vpc') : undefined, - }, - options, - ); - case 'AWS::EC2::SecurityGroup': { - debug(`AWS::EC2::SecurityGroup props: ${JSON.stringify(props)}`); - const securityGroup = new aws.ec2.SecurityGroup( - logicalId, - { - description: props.groupDescription, - egress: (props.securityGroupEgress || []).map((e: any) => { - const egress = { - description: e.description, - protocol: e.ipProtocol, - fromPort: e.fromPort, - toPort: e.toPort, - cidrBlocks: e.cidrIp ? [e.cidrIp] : undefined, - ipv6CidrBlocks: e.cidrIpv6 ? [e.cidrIpv6] : undefined, - prefixListIds: e.destinationPrefixListId ? [e.destinationPrefixListId] : undefined, - securityGroups: e.destinationSecurityGroupId || [], - }; - if (egress.fromPort === undefined && egress.toPort === undefined && egress.protocol == '-1') { - egress.fromPort = 0; - egress.toPort = 0; - } - return egress; - }), - ingress: (props.securityGroupIngress || []).map((i: any) => { - return { - description: i.description, - protocol: i.ipProtocol, - fromPort: i.fromPort, - toPort: i.toPort, - cidrBlocks: i.cidrIp ? [i.cidrIp] : undefined, - ipv6CidrBlocks: i.cidrIpv6 ? [i.cidrIpv6] : undefined, - prefixListIds: i.destinationPrefixListId ? [i.destinationPrefixListId] : undefined, - securityGroups: (i.sourceSecurityGroupId || []).concat( - ...(i.sourceSecurityGroupName || []), - ), - }; - }), - tags: tags(props.tags), - vpcId: props.vpcId, - revokeRulesOnDelete: true, // FIXME: is this right? - }, - options, - ); - return { - resource: securityGroup, - attributes: { groupId: securityGroup.id }, - }; - } - case 'AWS::EC2::SecurityGroupEgress': - debug(`AWS::EC2::SecurityGroupEgress props: ${JSON.stringify(props)}`); - return new aws.ec2.SecurityGroupRule( - logicalId, - { - protocol: props.ipProtocol, - fromPort: props.fromPort, - toPort: props.toPort, - sourceSecurityGroupId: props.destinationSecurityGroupId, - securityGroupId: props.groupId, - prefixListIds: props.destinationPrefixListId, - cidrBlocks: props.cidrIp ? [props.cidrIp] : undefined, - ipv6CidrBlocks: props.cidrIpv6 ? [props.cidrIpv6] : undefined, - type: 'egress', - }, - options, - ); - case 'AWS::EC2::SecurityGroupIngress': - debug(`AWS::EC2::SecurityGroupIngress props: ${JSON.stringify(props)}: cidr_blocks: ${props.cidrIp}`); - return new aws.ec2.SecurityGroupRule( - logicalId, - { - protocol: props.ipProtocol, - fromPort: props.fromPort, - toPort: props.toPort, - securityGroupId: props.groupId, - prefixListIds: props.sourcePrefixListId, - sourceSecurityGroupId: props.sourceSecurityGroupId, - cidrBlocks: props.cidrIp ? [props.cidrIp] : undefined, - ipv6CidrBlocks: props.cidrIpv6 ? [props.cidrIpv6] : undefined, - type: 'ingress', - }, - options, - ); - case 'AWS::EC2::VPCGatewayAttachment': - // Create either an internet gateway attachment or a VPC gateway attachment - // depending on the payload. - if (props.vpnGatewayId === undefined) { - return new aws.ec2.InternetGatewayAttachment( - logicalId, - { - internetGatewayId: props.internetGatewayId, - vpcId: props.vpcId, - }, - options, - ); - } - return new aws.ec2.VpnGatewayAttachment( - logicalId, - { - vpcId: props.vpcId, - vpnGatewayId: props.vpnGatewayId, - }, - options, - ); - case 'AWS::ElasticLoadBalancingV2::LoadBalancer': { - debug(`AWS::ElasticLoadBalancingV2::LoadBalancer props: ${JSON.stringify(props)}`); - const lb = new aws.lb.LoadBalancer( - logicalId, - { - ipAddressType: props.ipAddressType, - loadBalancerType: props.type, - securityGroups: props.securityGroups, - subnets: props.subnets, - subnetMappings: props.subnetMappings?.map( - (m: any) => - { - allocationId: m.allocationId, - ipv6Address: m.iPv6Address, - privateIpv4Address: m.privateIPv4Address, - subnetId: m.subnetId, - }, - ), - tags: tags(props.tags), - internal: props.scheme ? props.scheme == 'internal' : false, - }, - options, - ); - return { - resource: lb, - attributes: { dNSName: lb.dnsName }, - }; - } - case 'AWS::ElasticLoadBalancingV2::TargetGroup': { - debug(`AWS::ElasticLoadBalancingV2::TargetGroup props: ${JSON.stringify(props)}`); - const tgAttributes = targetGroupAttributesMap(props.targetGroupAttributes); - debug(`${logicalId} tgAttributes ${JSON.stringify(tgAttributes)}`); - const tg = new aws.lb.TargetGroup( - logicalId, - { - healthCheck: { - enabled: props.healthCheckEnabled, - interval: props.healthCheckIntervalSeconds, - path: props.healthCheckPath, - port: props.healthCheckPort, - protocol: props.healthCheckProtocol, - timeout: props.healthCheckTimeoutSeconds, - matcher: props.matcher ? props.matcher.httpCode || props.matcher.grpcCode : undefined, - healthyThreshold: props.healthyThresholdCount, - }, - // logicalId can be too big and cause autonaming to spill beyond 32 char limit for names - name: props.name ?? (logicalId.length > 24 ? logicalId.slice(-32) : undefined), - port: props.port, - protocol: props.protocol, - protocolVersion: props.protocolVersion, - vpcId: props.vpcId, - tags: tags(props.tags), - targetType: props.targetType, - stickiness: stickiness(tgAttributes), - deregistrationDelay: maybeTargetGroupAttribute( - tgAttributes, - 'deregistration_delay.timeout_seconds', - ), - connectionTermination: maybeTargetGroupAttribute( - tgAttributes, - 'deregistration_delay.connection_termination.enabled', - ), - proxyProtocolV2: maybeTargetGroupAttribute(tgAttributes, 'proxy_protocol_v2.enabled'), - preserveClientIp: maybeTargetGroupAttribute(tgAttributes, 'preserve_client_ip.enabled'), - lambdaMultiValueHeadersEnabled: maybeTargetGroupAttribute( - tgAttributes, - 'lambda.multi_value_headers.enabled', - ), - slowStart: maybeTargetGroupAttribute(tgAttributes, 'slow_start.duration_seconds'), - loadBalancingAlgorithmType: maybeTargetGroupAttribute( - tgAttributes, - 'load_balancing.algorithm.type', - ), - }, - options, - ); - return { - resource: tg, - attributes: { - targetGroupFullName: tg.arnSuffix, - targetGroupName: tg.name, - }, - }; - } - case 'AWS::AutoScaling::AutoScalingGroup': { - debug(`AWS::AutoScaling::AutoScalingGroup props: ${JSON.stringify(props)}`); - return new aws.autoscaling.Group( - logicalId, - { - availabilityZones: props.availabilityZones, - maxSize: parseInt(props.maxSize), - minSize: parseInt(props.minSize), - capacityRebalance: props.capacityRebalance ? JSON.parse(props.capacityRebalance) : undefined, - defaultCooldown: props.cooldown ? parseInt(props.cooldown) : undefined, - desiredCapacity: props.desiredCapacity ? parseInt(props.desiredCapacity) : undefined, - healthCheckGracePeriod: props.healthCheckGracePeriod - ? parseInt(props.healthCheckGracePeriod) - : undefined, - healthCheckType: props.healthCheckType, - launchConfiguration: props.launchConfigurationName, - launchTemplate: props.launchTemplate?.map( - (t: any) => - { - id: t.launchTemplateId, - name: t.launchTemplateName, - version: t.version, - }, - ), - initialLifecycleHooks: props.lifecycleHookSpecificationList?.map( - (s: any) => - { - defaultResult: s.defaultReason, - heartbeatTimeout: s.heartbeatTimeout, - lifecycleTransition: s.lifecycleTransition, - notificationMetadata: s.notificationMetadata, - notificationTargetArn: s.notificationTargetArn, - roleArn: s.roleArn, - name: s.lifeCycleHookName, - }, - ), - loadBalancers: props.loadBalancerNames, - maxInstanceLifetime: props.maxInstanceLifetime, - // mixedInstancesPolicy: FIXME! - protectFromScaleIn: props.newInstancesProtectedFromScaleIn, - placementGroup: props.placementGroup, - serviceLinkedRoleArn: props.serviceLinkedRoleArn, - tags: props.tags?.map( - (m: { key: any; propagateAtLaunch: any; value: any }) => - { - key: m.key, - propagateAtLaunch: m.propagateAtLaunch, - value: m.value, - }, - ), - targetGroupArns: props.targetGroupArns, - terminationPolicies: props.terminationPolicies, - vpcZoneIdentifiers: props.vpcZoneIdentifier, - }, - options, - ); - } - case 'AWS::AutoScaling::ScalingPolicy': { - return new aws.autoscaling.Policy( - logicalId, - { - adjustmentType: props.adjustmentType, - autoscalingGroupName: props.autoScalingGroupName, - cooldown: props.cooldown ? parseInt(props.cooldown) : undefined, - estimatedInstanceWarmup: props.estimatedInstanceWarmup - ? parseInt(props.estimatedInstanceWarmup) - : undefined, - metricAggregationType: props.metricAggregationType, - minAdjustmentMagnitude: props.minAdjustmentMagnitude, - policyType: props.policyType, - predictiveScalingConfiguration: props.predictiveScalingConfiguration, - scalingAdjustment: props.scalingAdjustment, - stepAdjustments: props.stepAdjustments, - targetTrackingConfiguration: props.targetTrackingConfiguration, - }, - options, - ); - } - case 'AWS::EC2::Route': - return new aws.ec2.Route( - logicalId, - { - routeTableId: props.routeTableId, - carrierGatewayId: props.carrierGatewayId, - destinationCidrBlock: props.destinationCidrBlock, - destinationIpv6CidrBlock: props.destinationIpv6CidrBlock, - egressOnlyGatewayId: props.egressOnlyInternetGatewayId, - gatewayId: props.gatewayId, - localGatewayId: props.localGatewayId, - natGatewayId: props.natGatewayId, - networkInterfaceId: props.networkInterfaceId, - transitGatewayId: props.transitGatewayId, - vpcEndpointId: props.vpcEndpointId, - vpcPeeringConnectionId: props.vpcPeeringConnectionId, - }, - options, - ); - case 'AWS::EC2::NatGateway': - return new aws.ec2.NatGateway( - logicalId, - { - subnetId: props.subnetId, - allocationId: props.allocationId, - connectivityType: props.connectivityType, - tags: tags(props.tags), - }, - options, - ); - case 'AWS::ApplicationAutoScaling::ScalableTarget': { - const target = new aws.appautoscaling.Target( - logicalId, - { - maxCapacity: props.maxCapacity, - minCapacity: props.minCapacity, - resourceId: props.resourceId, - roleArn: props.roleArn, - scalableDimension: props.scalableDimension, - serviceNamespace: props.serviceNamespace, - }, - options, - ); - props.ScheduledActions?.map( - (action: any) => - new aws.appautoscaling.ScheduledAction( - logicalId + action.scheduledActionName, - { - resourceId: target.resourceId, - scalableDimension: target.scalableDimension, - scalableTargetAction: action.scalableTargetAction, - schedule: action.schedule, - serviceNamespace: target.serviceNamespace, - startTime: action.startTime, - endTime: action.endTime, - timezone: action.timezone, - name: action.scheduledActionName, - }, - options, - ), - ); - return target; - } // IAM case 'AWS::IAM::Policy': { const policy = new aws.iam.Policy( @@ -484,34 +142,6 @@ export function mapToAwsResource( return policy; } - // Lambda - case 'AWS::Lambda::Permission': - // TODO: throw on the presence of functionUrlAuthType / principalOrgId? - return new aws.lambda.Permission( - logicalId, - { - action: props.action, - eventSourceToken: props.eventSourceToken, - function: props.functionName, - principal: props.principal, - sourceAccount: props.sourceAccount, - sourceArn: props.sourceArn, - statementId: logicalId, - }, - options, - ); - - // S3 - case 'AWS::S3::BucketPolicy': - return new aws.s3.BucketPolicy( - logicalId, - { - bucket: rawProps.Bucket, - policy: rawProps.PolicyDocument, - }, - options, - ); - default: return undefined; } From 0af75504f820201b24c58883cf0684cb4e6370ac Mon Sep 17 00:00:00 2001 From: corymhall <43035978+corymhall@users.noreply.github.com> Date: Wed, 14 Aug 2024 13:39:29 -0400 Subject: [PATCH 2/6] removing more resources --- src/aws-resource-mappings.ts | 130 +--------------------------- src/cfn-resource-mappings.ts | 8 +- src/interop.ts | 2 +- tests/aws-resource-mappings.test.ts | 30 +------ 4 files changed, 6 insertions(+), 164 deletions(-) diff --git a/src/aws-resource-mappings.ts b/src/aws-resource-mappings.ts index f3e0a961..8bd68c60 100644 --- a/src/aws-resource-mappings.ts +++ b/src/aws-resource-mappings.ts @@ -39,6 +39,9 @@ function tags(tags: pulumi.Input[]> | undefined): AwsTags ); } +/** + * Any resource that does not currently exist in CCAPI can be mapped to an aws classic resource. + */ export function mapToAwsResource( element: CfnElement, logicalId: string, @@ -92,11 +95,6 @@ export function mapToAwsResource( options, ); - // DynamoDB - case 'AWS::DynamoDB::Table': - return mapDynamoDBTable(element, logicalId, typeName, rawProps, props, options); - - // EC2 // IAM case 'AWS::IAM::Policy': { const policy = new aws.iam.Policy( @@ -146,125 +144,3 @@ export function mapToAwsResource( return undefined; } } - -function mapDynamoDBTable( - element: CfnElement, - logicalId: string, - typeName: string, - rawProps: any, - props: any, - options: pulumi.ResourceOptions, -): aws.dynamodb.Table { - function hashKey(schema: any): string | undefined { - return schema.find((k: any) => k.keyType === 'HASH')?.attributeName; - } - - function rangeKey(schema: any): string | undefined { - return schema.find((k: any) => k.keyType === 'RANGE')?.attributeName; - } - - const attributes = props.attributeDefinitions?.map((attr: any) => ({ - name: attr.attributeName, - type: attr.attributeType, - })); - - const globalSecondaryIndexes = props.globalSecondaryIndexes?.map((index: any) => ({ - hashKey: hashKey(index.keySchema), - name: index.indexName, - nonKeyAttributes: props.projection.nonKeyAttributes, - projectionType: props.projection.projectionType, - rangeKey: rangeKey(index.keySchema), - readCapacity: props.provisionedThroughput?.readCapacityUnits, - writeCapacity: props.provisionedThroughput?.writeCapacityUnits, - })); - - const localSecondaryIndexes = props.localSecondaryIndexes?.map((index: any) => ({ - name: index.indexName, - nonKeyAttributes: index.projection.nonKeyAttributes, - projectionType: index.projection.projectionType, - rangeKey: rangeKey(index.keySchema), - })); - - const pointInTimeRecovery = maybe(props.pointInTimeRecoverySpecification, (spec) => ({ - enabled: spec.pointInTimeRecoveryEnabled, - })); - - const serverSideEncryption = maybe(props.sSESpecification, (spec) => ({ - enabled: spec.sSEEnabled, - kmsKeyArn: spec.kMSMasterKeyId, - })); - - return new aws.dynamodb.Table( - logicalId, - { - attributes: attributes, - billingMode: props.billingMode, - globalSecondaryIndexes: globalSecondaryIndexes, - hashKey: hashKey(props.keySchema), - localSecondaryIndexes: localSecondaryIndexes, - name: props.tableName, - pointInTimeRecovery: pointInTimeRecovery, - rangeKey: rangeKey(props.keySchema), - readCapacity: props.provisionedThroughput?.readCapacityUnits, - serverSideEncryption: serverSideEncryption, - streamEnabled: props.streamSpecification !== undefined, - streamViewType: props.streamSpecification?.streamViewType, - tableClass: props.tableClass, - tags: tags(props.tags), - ttl: props.timeToLiveSpecification, - writeCapacity: props.provisionedThroughput?.writeCapacityUnits, - }, - options, - ); -} - -function stickiness(targetGroupAttributes: any): pulumi.Input | undefined { - if (targetGroupAttributes === undefined) { - return undefined; - } - - const enabled = targetGroupAttributes['stickiness.enabled'] - ? JSON.parse(targetGroupAttributes['stickiness.enabled']) - : false; - if (!enabled) { - return undefined; - } - - let cookieDuration = undefined; - if ('stickiness.app_cookie.duration_seconds' in targetGroupAttributes) { - cookieDuration = targetGroupAttributes['stickiness.app_cookie.duration_seconds']; - } else if ('stickiness.lb_cookie.duration_seconds' in targetGroupAttributes) { - cookieDuration = targetGroupAttributes['stickiness.lb_cookie.duration_seconds']; - } - return { - enabled: enabled, - type: maybeTargetGroupAttribute(targetGroupAttributes, 'stickiness.type'), - cookieName: maybeTargetGroupAttribute(targetGroupAttributes, 'stickiness.app_cookie.cookie_name'), - cookieDuration: cookieDuration, - }; -} - -function maybeTargetGroupAttribute(targetGroupAttributes: any, key: string): any { - if (targetGroupAttributes === undefined) { - return undefined; - } - - let val = undefined; - if (key in targetGroupAttributes) { - val = targetGroupAttributes[key]; - } - return val; -} - -function targetGroupAttributesMap(targetGroupAttributes: any) { - if (targetGroupAttributes === undefined) { - return undefined; - } - - const attrsMap: { [name: string]: any } = {}; - const attrs = targetGroupAttributes as Array; - for (const attr of attrs) { - attrsMap[attr.key] = attr.value; - } - return attrsMap; -} diff --git a/src/cfn-resource-mappings.ts b/src/cfn-resource-mappings.ts index 3fd28f38..75968bb3 100644 --- a/src/cfn-resource-mappings.ts +++ b/src/cfn-resource-mappings.ts @@ -13,7 +13,7 @@ // limitations under the License. import * as pulumi from '@pulumi/pulumi'; -import { ecs, iam, apprunner, lambda, s3, s3objectlambda } from '@pulumi/aws-native'; +import { iam, lambda, s3, s3objectlambda } from '@pulumi/aws-native'; import { CfnElement, Token, Reference, Tokenization } from 'aws-cdk-lib'; import { CfnResource, ResourceMapping, normalize } from './interop'; import { debug } from '@pulumi/pulumi/log'; @@ -29,12 +29,6 @@ export function mapToCfnResource( const props = normalize(rawProps); debug(`mapToCfnResource typeName: ${typeName} props: ${JSON.stringify(props)}`); switch (typeName) { - case 'AWS::AppRunner::Service': - return new apprunner.Service(logicalId, props, options); - case 'AWS::ECS::Cluster': - return new ecs.Cluster(logicalId, props, options); - case 'AWS::ECS::TaskDefinition': - return new ecs.TaskDefinition(logicalId, props, options); case 'AWS::IAM::Role': { // policyDocument and assumeRolePolicyDocument are both Json types // so we need the raw names diff --git a/src/interop.ts b/src/interop.ts index cfaabb63..7a62676a 100644 --- a/src/interop.ts +++ b/src/interop.ts @@ -16,7 +16,7 @@ import * as cdk from 'aws-cdk-lib'; import * as pulumi from '@pulumi/pulumi'; import { debug } from '@pulumi/pulumi/log'; import { IConstruct } from 'constructs'; -import { moduleName, toSdkName, typeToken } from './naming'; +import { toSdkName, typeToken } from './naming'; export function firstToLower(str: string) { return str.replace(/\w\S*/g, function (txt) { diff --git a/tests/aws-resource-mappings.test.ts b/tests/aws-resource-mappings.test.ts index eeced9b5..09c5b4db 100644 --- a/tests/aws-resource-mappings.test.ts +++ b/tests/aws-resource-mappings.test.ts @@ -22,33 +22,5 @@ beforeAll(() => { }); describe('AWS Resource Mappings', () => { - test('maps autoscaling.Group props', () => { - // GIVEN - const cfnType = 'AWS::AutoScaling::AutoScalingGroup'; - const logicalId = 'my-resource'; - const cfnProps = { - TargetGroupARNs: ['arn'], - VPCZoneIdentifier: ['ids'], - }; - // WHEN - mapToAwsResource( - new CfnResource(new Stack(), logicalId, { - type: cfnType, - properties: cfnProps, - }), - logicalId, - cfnType, - cfnProps, - {}, - ); - // THEN - expect(aws.autoscaling.Group).toHaveBeenCalledWith( - logicalId, - expect.objectContaining({ - targetGroupArns: ['arn'], - vpcZoneIdentifiers: ['ids'], - }), - {}, - ); - }); + test('todo test', () => {}); }); From 998fdf8b82dab2716608988e34717ef38a38f98e Mon Sep 17 00:00:00 2001 From: corymhall <43035978+corymhall@users.noreply.github.com> Date: Thu, 15 Aug 2024 08:53:20 -0400 Subject: [PATCH 3/6] updating aws-native version and removing more mappings --- package.json | 2 +- src/aws-resource-mappings.ts | 24 ------------------------ yarn.lock | 29 ++++++++++++++++++++++------- 3 files changed, 23 insertions(+), 32 deletions(-) diff --git a/package.json b/package.json index f9974593..86f9bcda 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,7 @@ "devDependencies": { "@aws-cdk/aws-apprunner-alpha": "2.20.0-alpha.0", "@pulumi/aws": "^6.32.0", - "@pulumi/aws-native": "^0.108.0", + "@pulumi/aws-native": "^0.117.0", "@pulumi/docker": "^4.5.0", "@pulumi/pulumi": "^3.117.0", "@types/archiver": "^6.0.2", diff --git a/src/aws-resource-mappings.ts b/src/aws-resource-mappings.ts index 8bd68c60..7adad58c 100644 --- a/src/aws-resource-mappings.ts +++ b/src/aws-resource-mappings.ts @@ -52,30 +52,6 @@ export function mapToAwsResource( const props = normalize(rawProps); switch (typeName) { // ApiGatewayV2 - case 'AWS::ApiGatewayV2::Deployment': - return new aws.apigatewayv2.Deployment(logicalId, props, options); - case 'AWS::ApiGatewayV2::Integration': - return new aws.apigatewayv2.Integration( - logicalId, - { - ...props, - requestParameters: rawProps.RequestParameters, - requestTemplates: rawProps.RequestTemplates, - responseParameters: rawProps.ResponseParameters, - tlsConfig: maybe(props.tlsConfig, (_) => ({ insecureSkipVerification: true })), - }, - options, - ); - case 'AWS::ApiGatewayV2::Route': - return new aws.apigatewayv2.Route( - logicalId, - { - ...props, - requestModels: rawProps.RequestModels, - requestParameters: rawProps.RequestParameters, - }, - options, - ); case 'AWS::ApiGatewayV2::Stage': return new aws.apigatewayv2.Stage( logicalId, diff --git a/yarn.lock b/yarn.lock index 42e32ae7..c412b79a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1015,10 +1015,10 @@ resolved "https://registry.yarnpkg.com/@protobufjs/utf8/-/utf8-1.1.0.tgz#a777360b5b39a1a2e5106f8e858f2fd2d060c570" integrity sha512-Vvn3zZrhQZkkBE8LSuW3em98c0FwgO4nxzv6OdSxPKJIEKY2bGbHn+mhGIPerzI4twdxaP8/0+06HBpwf345Lw== -"@pulumi/aws-native@^0.108.0": - version "0.108.4" - resolved "https://registry.yarnpkg.com/@pulumi/aws-native/-/aws-native-0.108.4.tgz#293e6f7bc25135f51ba950bdfaba3e202bbcd48c" - integrity sha512-M5gCKORRP4b+oXO6vNZA6X+j/ALBYY/LgCfzsqSuOBi5ZiT+nCVMKuLpJj4a8FdQTyfMfgzKiJuOreh3m4rh4g== +"@pulumi/aws-native@^0.117.0": + version "0.117.0" + resolved "https://registry.yarnpkg.com/@pulumi/aws-native/-/aws-native-0.117.0.tgz#aa237ba41bd679fc84df620295c5294c7dda4672" + integrity sha512-qkS5FwRCW41jpl964XeLO/4MG9dh50BPvBC0jB3ERnOziiDSfN43lMixFz2bLeNh8/jdlmQ/YtuX2wt6VvBiYg== dependencies: "@pulumi/pulumi" "^3.42.0" @@ -4496,8 +4496,7 @@ string_decoder@~1.1.1: dependencies: safe-buffer "~5.1.0" -"strip-ansi-cjs@npm:strip-ansi@^6.0.1", strip-ansi@^6.0.0, strip-ansi@^6.0.1: - name strip-ansi-cjs +"strip-ansi-cjs@npm:strip-ansi@^6.0.1": version "6.0.1" resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9" integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A== @@ -4511,6 +4510,13 @@ strip-ansi@^5.2.0: dependencies: ansi-regex "^4.1.0" +strip-ansi@^6.0.0, strip-ansi@^6.0.1: + version "6.0.1" + resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9" + integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A== + dependencies: + ansi-regex "^5.0.1" + strip-ansi@^7.0.1: version "7.1.0" resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-7.1.0.tgz#d5b6568ca689d8561370b0707685d22434faff45" @@ -4835,7 +4841,16 @@ word-wrap@^1.2.5: resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.5.tgz#d2c45c6dd4fbce621a66f136cbe328afd0410b34" integrity sha512-BN22B5eaMMI9UMtjrGd5g5eCYPpCPDUy0FJXbYsaT5zYxjFOckS53SQDE3pWkVoWpHXVb3BrYcEN4Twa55B5cA== -"wrap-ansi-cjs@npm:wrap-ansi@^7.0.0", wrap-ansi@7.0.0, wrap-ansi@^7.0.0, wrap-ansi@^8.1.0: +"wrap-ansi-cjs@npm:wrap-ansi@^7.0.0": + version "7.0.0" + resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" + integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q== + dependencies: + ansi-styles "^4.0.0" + string-width "^4.1.0" + strip-ansi "^6.0.0" + +wrap-ansi@7.0.0, wrap-ansi@^7.0.0, wrap-ansi@^8.1.0: version "7.0.0" resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43" integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q== From 0180e21b3a8a29b20d97bcfc427f46f782289d8f Mon Sep 17 00:00:00 2001 From: corymhall <43035978+corymhall@users.noreply.github.com> Date: Thu, 15 Aug 2024 09:13:45 -0400 Subject: [PATCH 4/6] integration type actually not supported --- src/aws-resource-mappings.ts | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/aws-resource-mappings.ts b/src/aws-resource-mappings.ts index 7adad58c..7ad37358 100644 --- a/src/aws-resource-mappings.ts +++ b/src/aws-resource-mappings.ts @@ -52,6 +52,18 @@ export function mapToAwsResource( const props = normalize(rawProps); switch (typeName) { // ApiGatewayV2 + case 'AWS::ApiGatewayV2::Integration': + return new aws.apigatewayv2.Integration( + logicalId, + { + ...props, + requestParameters: rawProps.RequestParameters, + requestTemplates: rawProps.RequestTemplates, + responseParameters: rawProps.ResponseParameters, + tlsConfig: maybe(props.tlsConfig, (_) => ({ insecureSkipVerification: true })), + }, + options, + ); case 'AWS::ApiGatewayV2::Stage': return new aws.apigatewayv2.Stage( logicalId, From dd5309d4c70e7369340f90fb7aff1c4b4a14a346 Mon Sep 17 00:00:00 2001 From: corymhall <43035978+corymhall@users.noreply.github.com> Date: Thu, 15 Aug 2024 10:35:07 -0400 Subject: [PATCH 5/6] updating examples deps --- examples/alb/package.json | 2 +- examples/api-websocket-lambda-dynamodb/package.json | 2 +- examples/apprunner/package.json | 2 +- examples/appsvc/package.json | 2 +- examples/cron-lambda/package.json | 2 +- examples/ec2-instance/package.json | 2 +- examples/ecscluster/package.json | 2 +- examples/fargate/package.json | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/examples/alb/package.json b/examples/alb/package.json index e2cdf19a..42f4d817 100644 --- a/examples/alb/package.json +++ b/examples/alb/package.json @@ -5,7 +5,7 @@ }, "dependencies": { "@pulumi/aws": "^4.6.0", - "@pulumi/aws-native": "^0.108.0", + "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", "constructs": "^10.0.111" diff --git a/examples/api-websocket-lambda-dynamodb/package.json b/examples/api-websocket-lambda-dynamodb/package.json index 1fe664a4..90b3f0e4 100644 --- a/examples/api-websocket-lambda-dynamodb/package.json +++ b/examples/api-websocket-lambda-dynamodb/package.json @@ -5,7 +5,7 @@ }, "dependencies": { "@pulumi/aws": "^4.6.0", - "@pulumi/aws-native": "^0.108.0", + "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", "constructs": "^10.0.111" diff --git a/examples/apprunner/package.json b/examples/apprunner/package.json index 7af028f4..e2900471 100644 --- a/examples/apprunner/package.json +++ b/examples/apprunner/package.json @@ -6,7 +6,7 @@ "dependencies": { "@pulumi/aws": "^4.6.0", "@pulumi/awsx": "^0.32.0", - "@pulumi/aws-native": "^0.108.0", + "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", "constructs": "^10.0.111", diff --git a/examples/appsvc/package.json b/examples/appsvc/package.json index e2cdf19a..42f4d817 100644 --- a/examples/appsvc/package.json +++ b/examples/appsvc/package.json @@ -5,7 +5,7 @@ }, "dependencies": { "@pulumi/aws": "^4.6.0", - "@pulumi/aws-native": "^0.108.0", + "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", "constructs": "^10.0.111" diff --git a/examples/cron-lambda/package.json b/examples/cron-lambda/package.json index 6d7c9d19..a1281a3e 100644 --- a/examples/cron-lambda/package.json +++ b/examples/cron-lambda/package.json @@ -6,7 +6,7 @@ "dependencies": { "@pulumi/aws": "^4.6.0", "@pulumi/awsx": "^0.32.0", - "@pulumi/aws-native": "^0.108.0", + "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", "constructs": "^10.0.111" diff --git a/examples/ec2-instance/package.json b/examples/ec2-instance/package.json index e2cdf19a..42f4d817 100644 --- a/examples/ec2-instance/package.json +++ b/examples/ec2-instance/package.json @@ -5,7 +5,7 @@ }, "dependencies": { "@pulumi/aws": "^4.6.0", - "@pulumi/aws-native": "^0.108.0", + "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", "constructs": "^10.0.111" diff --git a/examples/ecscluster/package.json b/examples/ecscluster/package.json index e2cdf19a..42f4d817 100644 --- a/examples/ecscluster/package.json +++ b/examples/ecscluster/package.json @@ -5,7 +5,7 @@ }, "dependencies": { "@pulumi/aws": "^4.6.0", - "@pulumi/aws-native": "^0.108.0", + "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", "constructs": "^10.0.111" diff --git a/examples/fargate/package.json b/examples/fargate/package.json index e2cdf19a..42f4d817 100644 --- a/examples/fargate/package.json +++ b/examples/fargate/package.json @@ -5,7 +5,7 @@ }, "dependencies": { "@pulumi/aws": "^4.6.0", - "@pulumi/aws-native": "^0.108.0", + "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", "constructs": "^10.0.111" From 4f673dd1eaffd3411dda6a2892075e1e0777578e Mon Sep 17 00:00:00 2001 From: corymhall <43035978+corymhall@users.noreply.github.com> Date: Fri, 16 Aug 2024 15:03:55 -0400 Subject: [PATCH 6/6] handle json types in normalize --- .github/workflows/run-acceptance-tests.yml | 6 +- examples/alb/package.json | 6 +- .../package.json | 6 +- examples/apprunner/package.json | 4 +- examples/appsvc/package.json | 8 +- examples/cron-lambda/package.json | 8 +- examples/ec2-instance/package.json | 8 +- examples/ecscluster/package.json | 8 +- examples/fargate/package.json | 6 +- examples/s3-object-lambda/index.ts | 2 +- examples/s3-object-lambda/package.json | 3 +- .../{lib => src}/s3-object-lambda-stack.ts | 3 + package.json | 4 +- schemas/metadata.json | 212857 +++++++++++++++ src/aws-resource-mappings.ts | 2 +- src/cfn-resource-mappings.ts | 75 +- src/interop.ts | 272 +- tests/cfn-resource-mappings.test.ts | 24 +- tests/naming.test.ts | 18 +- 19 files changed, 213164 insertions(+), 156 deletions(-) rename examples/s3-object-lambda/{lib => src}/s3-object-lambda-stack.ts (98%) create mode 100644 schemas/metadata.json diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index 17efc943..df6e1384 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -60,6 +60,10 @@ jobs: role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Unshallow clone for tags run: git fetch --prune --unshallow --tags + - name: Install pulumictl + uses: jaxxstorm/action-install-gh-release@v1.10.0 + with: + repo: pulumi/pulumictl - name: Setup Node uses: actions/setup-node@v4 with: @@ -78,7 +82,7 @@ jobs: - name: Run unit tests run: yarn run test - name: yarn link - run: pushd lib && yarn link && popd + run: yarn link - name: set script-shell run: yarn config set script-shell /bin/bash - name: Set up gotestfmt diff --git a/examples/alb/package.json b/examples/alb/package.json index 42f4d817..d29e92de 100644 --- a/examples/alb/package.json +++ b/examples/alb/package.json @@ -8,9 +8,7 @@ "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", - "constructs": "^10.0.111" - }, - "peerDependencies": { - "@pulumi/cdk": "^0.0.1" + "constructs": "^10.0.111", + "@pulumi/cdk": "^0.5.0" } } diff --git a/examples/api-websocket-lambda-dynamodb/package.json b/examples/api-websocket-lambda-dynamodb/package.json index 90b3f0e4..6d7583fe 100644 --- a/examples/api-websocket-lambda-dynamodb/package.json +++ b/examples/api-websocket-lambda-dynamodb/package.json @@ -8,9 +8,7 @@ "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", + "@pulumi/cdk": "^0.5.0", "constructs": "^10.0.111" - }, - "peerDependencies": { - "@pulumi/cdk": "^0.0.1" - } + } } diff --git a/examples/apprunner/package.json b/examples/apprunner/package.json index e2900471..4e29a914 100644 --- a/examples/apprunner/package.json +++ b/examples/apprunner/package.json @@ -10,9 +10,7 @@ "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", "constructs": "^10.0.111", + "@pulumi/cdk": "^0.5.0", "@aws-cdk/aws-apprunner-alpha": "2.20.0-alpha.0" - }, - "peerDependencies": { - "@pulumi/cdk": "^0.0.1" } } diff --git a/examples/appsvc/package.json b/examples/appsvc/package.json index 42f4d817..3c38c385 100644 --- a/examples/appsvc/package.json +++ b/examples/appsvc/package.json @@ -8,9 +8,7 @@ "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", - "constructs": "^10.0.111" - }, - "peerDependencies": { - "@pulumi/cdk": "^0.0.1" - } + "constructs": "^10.0.111", + "@pulumi/cdk": "^0.5.0" + } } diff --git a/examples/cron-lambda/package.json b/examples/cron-lambda/package.json index a1281a3e..d63b4eb5 100644 --- a/examples/cron-lambda/package.json +++ b/examples/cron-lambda/package.json @@ -9,9 +9,7 @@ "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", - "constructs": "^10.0.111" - }, - "peerDependencies": { - "@pulumi/cdk": "^0.0.1" - } + "constructs": "^10.0.111", + "@pulumi/cdk": "^0.5.0" + } } diff --git a/examples/ec2-instance/package.json b/examples/ec2-instance/package.json index 42f4d817..3c38c385 100644 --- a/examples/ec2-instance/package.json +++ b/examples/ec2-instance/package.json @@ -8,9 +8,7 @@ "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", - "constructs": "^10.0.111" - }, - "peerDependencies": { - "@pulumi/cdk": "^0.0.1" - } + "constructs": "^10.0.111", + "@pulumi/cdk": "^0.5.0" + } } diff --git a/examples/ecscluster/package.json b/examples/ecscluster/package.json index 42f4d817..3c38c385 100644 --- a/examples/ecscluster/package.json +++ b/examples/ecscluster/package.json @@ -8,9 +8,7 @@ "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", - "constructs": "^10.0.111" - }, - "peerDependencies": { - "@pulumi/cdk": "^0.0.1" - } + "constructs": "^10.0.111", + "@pulumi/cdk": "^0.5.0" + } } diff --git a/examples/fargate/package.json b/examples/fargate/package.json index 42f4d817..d29e92de 100644 --- a/examples/fargate/package.json +++ b/examples/fargate/package.json @@ -8,9 +8,7 @@ "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", - "constructs": "^10.0.111" - }, - "peerDependencies": { - "@pulumi/cdk": "^0.0.1" + "constructs": "^10.0.111", + "@pulumi/cdk": "^0.5.0" } } diff --git a/examples/s3-object-lambda/index.ts b/examples/s3-object-lambda/index.ts index cdfd382c..4754b8bb 100644 --- a/examples/s3-object-lambda/index.ts +++ b/examples/s3-object-lambda/index.ts @@ -1,4 +1,4 @@ -import { S3ObjectLambdaStack } from './lib/s3-object-lambda-stack'; +import { S3ObjectLambdaStack } from './src/s3-object-lambda-stack'; const s = new S3ObjectLambdaStack('stack'); export const exampleBucketArn = s.exampleBucketArn; diff --git a/examples/s3-object-lambda/package.json b/examples/s3-object-lambda/package.json index 902a37d7..e6f0aff7 100644 --- a/examples/s3-object-lambda/package.json +++ b/examples/s3-object-lambda/package.json @@ -4,7 +4,8 @@ "@types/node": "^20.0.0" }, "dependencies": { - "@pulumi/cdk": "^0.4", + "@pulumi/cdk": "^0.5.0", + "@pulumi/aws-native": "^0.117.0", "@pulumi/pulumi": "^3.0.0", "aws-cdk-lib": "^2.20.0", "constructs": "^10.0.111" diff --git a/examples/s3-object-lambda/lib/s3-object-lambda-stack.ts b/examples/s3-object-lambda/src/s3-object-lambda-stack.ts similarity index 98% rename from examples/s3-object-lambda/lib/s3-object-lambda-stack.ts rename to examples/s3-object-lambda/src/s3-object-lambda-stack.ts index e87c1d0a..758ec23a 100644 --- a/examples/s3-object-lambda/lib/s3-object-lambda-stack.ts +++ b/examples/s3-object-lambda/src/s3-object-lambda-stack.ts @@ -49,6 +49,9 @@ export class S3ObjectLambdaStack extends pulumicdk.Stack { runtime: lambda.Runtime.NODEJS_20_X, handler: 'index.handler', code: lambda.Code.fromAsset('resources/retrieve-transformed-object-lambda'), + environment: { + KEY: 'Value', + }, }); // Object lambda s3 access diff --git a/package.json b/package.json index 86f9bcda..5ece15e5 100644 --- a/package.json +++ b/package.json @@ -62,8 +62,8 @@ "lint": "./node_modules/.bin/eslint --ext .js,.jsx,.ts,.tsx --fix --no-error-on-unmatched-pattern src", "format": "./node_modules/.bin/prettier --write \"src/**/*.ts\" \"examples/**/*.ts\"", "test": "jest --passWithNoTests --updateSnapshot", - "test-examples": "cd lib && yarn link && cd .. && cd examples && go test -timeout 2h -v .", - "test-examples-gotestfmt": "cd lib && yarn link && cd .. && cd examples && set -euo pipefail && go test -json -v -count=1 -cover -timeout 2h -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt" + "test-examples": "yarn link && cd examples && go test -timeout 2h -v .", + "test-examples-gotestfmt": "yarn link && cd examples && set -euo pipefail && go test -json -v -count=1 -cover -timeout 2h -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt" }, "files": [ "*" diff --git a/schemas/metadata.json b/schemas/metadata.json new file mode 100644 index 00000000..be5d41e1 --- /dev/null +++ b/schemas/metadata.json @@ -0,0 +1,212857 @@ +{ + "resources": { + "aws-native:accessanalyzer:Analyzer": { + "cf": "AWS::AccessAnalyzer::Analyzer", + "inputs": { + "analyzerConfiguration": { + "$ref": "#/types/aws-native:accessanalyzer:AnalyzerConfigurationProperties", + "description": "The configuration for the analyzer" + }, + "analyzerName": { + "type": "string", + "description": "Analyzer name" + }, + "archiveRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:accessanalyzer:AnalyzerArchiveRule" + }, + "description": "Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "type": { + "type": "string", + "description": "The type of the analyzer, must be one of ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS or ORGANIZATION_UNUSED_ACCESS" + } + }, + "outputs": { + "analyzerConfiguration": { + "$ref": "#/types/aws-native:accessanalyzer:AnalyzerConfigurationProperties", + "description": "The configuration for the analyzer", + "replaceOnChanges": true + }, + "analyzerName": { + "type": "string", + "description": "Analyzer name", + "replaceOnChanges": true + }, + "archiveRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:accessanalyzer:AnalyzerArchiveRule" + }, + "description": "Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule." + }, + "arn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the analyzer" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "type": { + "type": "string", + "description": "The type of the analyzer, must be one of ACCOUNT, ORGANIZATION, ACCOUNT_UNUSED_ACCESS or ORGANIZATION_UNUSED_ACCESS", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "analyzerName", + "minLength": 1, + "maxLength": 1024 + }, + "required": [ + "type" + ], + "createOnly": [ + "analyzerConfiguration", + "analyzerName", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:acmpca:Certificate": { + "cf": "AWS::ACMPCA::Certificate", + "inputs": { + "apiPassthrough": { + "$ref": "#/types/aws-native:acmpca:CertificateApiPassthrough", + "description": "Specifies X.509 certificate information to be included in the issued certificate. An ``APIPassthrough`` or ``APICSRPassthrough`` template variant must be selected, or else this parameter is ignored." + }, + "certificateAuthorityArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the private CA issues the certificate." + }, + "certificateSigningRequest": { + "type": "string", + "description": "The certificate signing request (CSR) for the certificate." + }, + "signingAlgorithm": { + "type": "string", + "description": "The name of the algorithm that will be used to sign the certificate to be issued. \n This parameter should not be confused with the ``SigningAlgorithm`` parameter used to sign a CSR in the ``CreateCertificateAuthority`` action.\n The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key." + }, + "templateArn": { + "type": "string", + "description": "Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, PCAshort defaults to the ``EndEntityCertificate/V1`` template. For more information about PCAshort templates, see [Using Templates](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html)." + }, + "validity": { + "$ref": "#/types/aws-native:acmpca:CertificateValidity", + "description": "The period of time during which the certificate will be valid." + }, + "validityNotBefore": { + "$ref": "#/types/aws-native:acmpca:CertificateValidity", + "description": "Information describing the start of the validity period of the certificate. This parameter sets the \"Not Before\" date for the certificate.\n By default, when issuing a certificate, PCAshort sets the \"Not Before\" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ``ValidityNotBefore`` parameter can be used to customize the \"Not Before\" value. \n Unlike the ``Validity`` parameter, the ``ValidityNotBefore`` parameter is optional.\n The ``ValidityNotBefore`` value is expressed as an explicit date and time, using the ``Validity`` type value ``ABSOLUTE``." + } + }, + "outputs": { + "apiPassthrough": { + "$ref": "#/types/aws-native:acmpca:CertificateApiPassthrough", + "description": "Specifies X.509 certificate information to be included in the issued certificate. An ``APIPassthrough`` or ``APICSRPassthrough`` template variant must be selected, or else this parameter is ignored.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the issued certificate." + }, + "certificate": { + "type": "string", + "description": "The issued Base64 PEM-encoded certificate.", + "language": { + "csharp": { + "name": "CertificateValue" + } + } + }, + "certificateAuthorityArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the private CA issues the certificate.", + "replaceOnChanges": true + }, + "certificateSigningRequest": { + "type": "string", + "description": "The certificate signing request (CSR) for the certificate.", + "replaceOnChanges": true + }, + "signingAlgorithm": { + "type": "string", + "description": "The name of the algorithm that will be used to sign the certificate to be issued. \n This parameter should not be confused with the ``SigningAlgorithm`` parameter used to sign a CSR in the ``CreateCertificateAuthority`` action.\n The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.", + "replaceOnChanges": true + }, + "templateArn": { + "type": "string", + "description": "Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, PCAshort defaults to the ``EndEntityCertificate/V1`` template. For more information about PCAshort templates, see [Using Templates](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html).", + "replaceOnChanges": true + }, + "validity": { + "$ref": "#/types/aws-native:acmpca:CertificateValidity", + "description": "The period of time during which the certificate will be valid.", + "replaceOnChanges": true + }, + "validityNotBefore": { + "$ref": "#/types/aws-native:acmpca:CertificateValidity", + "description": "Information describing the start of the validity period of the certificate. This parameter sets the \"Not Before\" date for the certificate.\n By default, when issuing a certificate, PCAshort sets the \"Not Before\" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ``ValidityNotBefore`` parameter can be used to customize the \"Not Before\" value. \n Unlike the ``Validity`` parameter, the ``ValidityNotBefore`` parameter is optional.\n The ``ValidityNotBefore`` value is expressed as an explicit date and time, using the ``Validity`` type value ``ABSOLUTE``.", + "replaceOnChanges": true + } + }, + "required": [ + "certificateAuthorityArn", + "certificateSigningRequest", + "signingAlgorithm", + "validity" + ], + "createOnly": [ + "apiPassthrough", + "certificateAuthorityArn", + "certificateSigningRequest", + "signingAlgorithm", + "templateArn", + "validity", + "validityNotBefore" + ], + "writeOnly": [ + "apiPassthrough", + "certificateSigningRequest", + "signingAlgorithm", + "templateArn", + "validity", + "validityNotBefore" + ] + }, + "aws-native:acmpca:CertificateAuthority": { + "cf": "AWS::ACMPCA::CertificateAuthority", + "inputs": { + "csrExtensions": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityCsrExtensions", + "description": "Structure that contains CSR pass through extension information used by the CreateCertificateAuthority action." + }, + "keyAlgorithm": { + "type": "string", + "description": "Public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate." + }, + "keyStorageSecurityStandard": { + "type": "string", + "description": "KeyStorageSecurityStadard defines a cryptographic key management compliance standard used for handling CA keys." + }, + "revocationConfiguration": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityRevocationConfiguration", + "description": "Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions." + }, + "signingAlgorithm": { + "type": "string", + "description": "Algorithm your CA uses to sign certificate requests." + }, + "subject": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthoritySubject", + "description": "Structure that contains X.500 distinguished name information for your CA." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that will be attached to the new private CA. You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see [Controlling Access Using IAM Tags](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html) ." + }, + "type": { + "type": "string", + "description": "The type of the certificate authority." + }, + "usageMode": { + "type": "string", + "description": "Usage mode of the ceritificate authority." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the certificate authority." + }, + "certificateSigningRequest": { + "type": "string", + "description": "The base64 PEM-encoded certificate signing request (CSR) for your certificate authority certificate." + }, + "csrExtensions": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityCsrExtensions", + "description": "Structure that contains CSR pass through extension information used by the CreateCertificateAuthority action.", + "replaceOnChanges": true + }, + "keyAlgorithm": { + "type": "string", + "description": "Public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate.", + "replaceOnChanges": true + }, + "keyStorageSecurityStandard": { + "type": "string", + "description": "KeyStorageSecurityStadard defines a cryptographic key management compliance standard used for handling CA keys.", + "replaceOnChanges": true + }, + "revocationConfiguration": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityRevocationConfiguration", + "description": "Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions." + }, + "signingAlgorithm": { + "type": "string", + "description": "Algorithm your CA uses to sign certificate requests.", + "replaceOnChanges": true + }, + "subject": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthoritySubject", + "description": "Structure that contains X.500 distinguished name information for your CA.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that will be attached to the new private CA. You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see [Controlling Access Using IAM Tags](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html) ." + }, + "type": { + "type": "string", + "description": "The type of the certificate authority.", + "replaceOnChanges": true + }, + "usageMode": { + "type": "string", + "description": "Usage mode of the ceritificate authority.", + "replaceOnChanges": true + } + }, + "required": [ + "keyAlgorithm", + "signingAlgorithm", + "subject", + "type" + ], + "createOnly": [ + "csrExtensions", + "keyAlgorithm", + "keyStorageSecurityStandard", + "signingAlgorithm", + "subject", + "type", + "usageMode" + ], + "writeOnly": [ + "csrExtensions", + "keyStorageSecurityStandard", + "revocationConfiguration", + "subject", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:acmpca:CertificateAuthorityActivation": { + "cf": "AWS::ACMPCA::CertificateAuthorityActivation", + "inputs": { + "certificate": { + "type": "string", + "description": "Certificate Authority certificate that will be installed in the Certificate Authority." + }, + "certificateAuthorityArn": { + "type": "string", + "description": "Arn of the Certificate Authority." + }, + "certificateChain": { + "type": "string", + "description": "Certificate chain for the Certificate Authority certificate." + }, + "status": { + "type": "string", + "description": "The status of the Certificate Authority." + } + }, + "outputs": { + "certificate": { + "type": "string", + "description": "Certificate Authority certificate that will be installed in the Certificate Authority." + }, + "certificateAuthorityArn": { + "type": "string", + "description": "Arn of the Certificate Authority.", + "replaceOnChanges": true + }, + "certificateChain": { + "type": "string", + "description": "Certificate chain for the Certificate Authority certificate." + }, + "completeCertificateChain": { + "type": "string", + "description": "The complete certificate chain, including the Certificate Authority certificate." + }, + "status": { + "type": "string", + "description": "The status of the Certificate Authority." + } + }, + "required": [ + "certificate", + "certificateAuthorityArn" + ], + "createOnly": [ + "certificateAuthorityArn" + ], + "writeOnly": [ + "certificate", + "certificateChain" + ] + }, + "aws-native:acmpca:Permission": { + "cf": "AWS::ACMPCA::Permission", + "inputs": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions that the specified AWS service principal can use. Actions IssueCertificate, GetCertificate and ListPermissions must be provided." + }, + "certificateAuthorityArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Private Certificate Authority that grants the permission." + }, + "principal": { + "type": "string", + "description": "The AWS service or identity that receives the permission. At this time, the only valid principal is acm.amazonaws.com." + }, + "sourceAccount": { + "type": "string", + "description": "The ID of the calling account." + } + }, + "outputs": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions that the specified AWS service principal can use. Actions IssueCertificate, GetCertificate and ListPermissions must be provided.", + "replaceOnChanges": true + }, + "certificateAuthorityArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Private Certificate Authority that grants the permission.", + "replaceOnChanges": true + }, + "principal": { + "type": "string", + "description": "The AWS service or identity that receives the permission. At this time, the only valid principal is acm.amazonaws.com.", + "replaceOnChanges": true + }, + "sourceAccount": { + "type": "string", + "description": "The ID of the calling account.", + "replaceOnChanges": true + } + }, + "required": [ + "actions", + "certificateAuthorityArn", + "principal" + ], + "createOnly": [ + "actions", + "certificateAuthorityArn", + "principal", + "sourceAccount" + ] + }, + "aws-native:amplify:App": { + "cf": "AWS::Amplify::App", + "inputs": { + "accessToken": { + "type": "string", + "description": "The personal access token for a GitHub repository for an Amplify app. The personal access token is used to authorize access to a GitHub repository using the Amplify GitHub App. The token is not stored.\n\nUse `AccessToken` for GitHub repositories only. To authorize access to a repository provider such as Bitbucket or CodeCommit, use `OauthToken` .\n\nYou must specify either `AccessToken` or `OauthToken` when you create a new app.\n\nExisting Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see [Migrating an existing OAuth app to the Amplify GitHub App](https://docs.aws.amazon.com/amplify/latest/userguide/setting-up-GitHub-access.html#migrating-to-github-app-auth) in the *Amplify User Guide* ." + }, + "autoBranchCreationConfig": { + "$ref": "#/types/aws-native:amplify:AppAutoBranchCreationConfig", + "description": "Sets the configuration for your automatic branch creation." + }, + "basicAuthConfig": { + "$ref": "#/types/aws-native:amplify:AppBasicAuthConfig", + "description": "The credentials for basic authorization for an Amplify app. You must base64-encode the authorization credentials and provide them in the format `user:password` ." + }, + "buildSpec": { + "type": "string", + "description": "The build specification (build spec) for an Amplify app." + }, + "customHeaders": { + "type": "string", + "description": "The custom HTTP headers for an Amplify app." + }, + "customRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplify:AppCustomRule" + }, + "description": "The custom rewrite and redirect rules for an Amplify app." + }, + "description": { + "type": "string", + "description": "The description of the Amplify app." + }, + "enableBranchAutoDeletion": { + "type": "boolean", + "description": "Automatically disconnect a branch in Amplify Hosting when you delete a branch from your Git repository." + }, + "environmentVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplify:AppEnvironmentVariable" + }, + "description": "The environment variables for the Amplify app.\n\nFor a list of the environment variables that are accessible to Amplify by default, see [Amplify Environment variables](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-console-environment-variables.html) in the *Amplify Hosting User Guide* ." + }, + "iamServiceRole": { + "type": "string", + "description": "AWS Identity and Access Management ( IAM ) service role for the Amazon Resource Name (ARN) of the Amplify app." + }, + "name": { + "type": "string", + "description": "The name of the Amplify app." + }, + "oauthToken": { + "type": "string", + "description": "The OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key using SSH cloning. The OAuth token is not stored.\n\nUse `OauthToken` for repository providers other than GitHub, such as Bitbucket or CodeCommit. To authorize access to GitHub as your repository provider, use `AccessToken` .\n\nYou must specify either `OauthToken` or `AccessToken` when you create a new app.\n\nExisting Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see [Migrating an existing OAuth app to the Amplify GitHub App](https://docs.aws.amazon.com/amplify/latest/userguide/setting-up-GitHub-access.html#migrating-to-github-app-auth) in the *Amplify User Guide* ." + }, + "platform": { + "$ref": "#/types/aws-native:amplify:AppPlatform", + "description": "The platform for the Amplify app. For a static app, set the platform type to `WEB` . For a dynamic server-side rendered (SSR) app, set the platform type to `WEB_COMPUTE` . For an app requiring Amplify Hosting's original SSR support only, set the platform type to `WEB_DYNAMIC` ." + }, + "repository": { + "type": "string", + "description": "The Git repository for the Amplify app." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tag for an Amplify app." + } + }, + "outputs": { + "accessToken": { + "type": "string", + "description": "The personal access token for a GitHub repository for an Amplify app. The personal access token is used to authorize access to a GitHub repository using the Amplify GitHub App. The token is not stored.\n\nUse `AccessToken` for GitHub repositories only. To authorize access to a repository provider such as Bitbucket or CodeCommit, use `OauthToken` .\n\nYou must specify either `AccessToken` or `OauthToken` when you create a new app.\n\nExisting Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see [Migrating an existing OAuth app to the Amplify GitHub App](https://docs.aws.amazon.com/amplify/latest/userguide/setting-up-GitHub-access.html#migrating-to-github-app-auth) in the *Amplify User Guide* ." + }, + "appId": { + "type": "string", + "description": "Unique Id for the Amplify App." + }, + "appName": { + "type": "string", + "description": "Name for the Amplify App." + }, + "arn": { + "type": "string", + "description": "ARN for the Amplify App." + }, + "autoBranchCreationConfig": { + "$ref": "#/types/aws-native:amplify:AppAutoBranchCreationConfig", + "description": "Sets the configuration for your automatic branch creation." + }, + "basicAuthConfig": { + "$ref": "#/types/aws-native:amplify:AppBasicAuthConfig", + "description": "The credentials for basic authorization for an Amplify app. You must base64-encode the authorization credentials and provide them in the format `user:password` ." + }, + "buildSpec": { + "type": "string", + "description": "The build specification (build spec) for an Amplify app." + }, + "customHeaders": { + "type": "string", + "description": "The custom HTTP headers for an Amplify app." + }, + "customRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplify:AppCustomRule" + }, + "description": "The custom rewrite and redirect rules for an Amplify app." + }, + "defaultDomain": { + "type": "string", + "description": "Default domain for the Amplify App." + }, + "description": { + "type": "string", + "description": "The description of the Amplify app." + }, + "enableBranchAutoDeletion": { + "type": "boolean", + "description": "Automatically disconnect a branch in Amplify Hosting when you delete a branch from your Git repository." + }, + "environmentVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplify:AppEnvironmentVariable" + }, + "description": "The environment variables for the Amplify app.\n\nFor a list of the environment variables that are accessible to Amplify by default, see [Amplify Environment variables](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-console-environment-variables.html) in the *Amplify Hosting User Guide* ." + }, + "iamServiceRole": { + "type": "string", + "description": "AWS Identity and Access Management ( IAM ) service role for the Amazon Resource Name (ARN) of the Amplify app." + }, + "name": { + "type": "string", + "description": "The name of the Amplify app." + }, + "oauthToken": { + "type": "string", + "description": "The OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key using SSH cloning. The OAuth token is not stored.\n\nUse `OauthToken` for repository providers other than GitHub, such as Bitbucket or CodeCommit. To authorize access to GitHub as your repository provider, use `AccessToken` .\n\nYou must specify either `OauthToken` or `AccessToken` when you create a new app.\n\nExisting Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see [Migrating an existing OAuth app to the Amplify GitHub App](https://docs.aws.amazon.com/amplify/latest/userguide/setting-up-GitHub-access.html#migrating-to-github-app-auth) in the *Amplify User Guide* ." + }, + "platform": { + "$ref": "#/types/aws-native:amplify:AppPlatform", + "description": "The platform for the Amplify app. For a static app, set the platform type to `WEB` . For a dynamic server-side rendered (SSR) app, set the platform type to `WEB_COMPUTE` . For an app requiring Amplify Hosting's original SSR support only, set the platform type to `WEB_DYNAMIC` ." + }, + "repository": { + "type": "string", + "description": "The Git repository for the Amplify app." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tag for an Amplify app." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "writeOnly": [ + "accessToken", + "autoBranchCreationConfig", + "basicAuthConfig", + "oauthToken" + ], + "irreversibleNames": { + "iamServiceRole": "IAMServiceRole" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:amplify:Branch": { + "cf": "AWS::Amplify::Branch", + "inputs": { + "appId": { + "type": "string", + "description": "The unique ID for an Amplify app." + }, + "backend": { + "$ref": "#/types/aws-native:amplify:BranchBackend", + "description": "The backend for a `Branch` of an Amplify app. Use for a backend created from an AWS CloudFormation stack.\n\nThis field is available to Amplify Gen 2 apps only. When you deploy an application with Amplify Gen 2, you provision the app's backend infrastructure using Typescript code." + }, + "basicAuthConfig": { + "$ref": "#/types/aws-native:amplify:BranchBasicAuthConfig", + "description": "The basic authorization credentials for a branch of an Amplify app. You must base64-encode the authorization credentials and provide them in the format `user:password` ." + }, + "branchName": { + "type": "string", + "description": "The name for the branch." + }, + "buildSpec": { + "type": "string", + "description": "The build specification (build spec) for the branch." + }, + "description": { + "type": "string", + "description": "The description for the branch that is part of an Amplify app." + }, + "enableAutoBuild": { + "type": "boolean", + "description": "Enables auto building for the branch." + }, + "enablePerformanceMode": { + "type": "boolean", + "description": "Enables performance mode for the branch.\n\nPerformance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out." + }, + "enablePullRequestPreview": { + "type": "boolean", + "description": "Specifies whether Amplify Hosting creates a preview for each pull request that is made for this branch. If this property is enabled, Amplify deploys your app to a unique preview URL after each pull request is opened. Development and QA teams can use this preview to test the pull request before it's merged into a production or integration branch.\n\nTo provide backend support for your preview, Amplify automatically provisions a temporary backend environment that it deletes when the pull request is closed. If you want to specify a dedicated backend environment for your previews, use the `PullRequestEnvironmentName` property.\n\nFor more information, see [Web Previews](https://docs.aws.amazon.com/amplify/latest/userguide/pr-previews.html) in the *AWS Amplify Hosting User Guide* ." + }, + "environmentVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplify:BranchEnvironmentVariable" + }, + "description": "The environment variables for the branch." + }, + "framework": { + "type": "string", + "description": "The framework for the branch." + }, + "pullRequestEnvironmentName": { + "type": "string", + "description": "If pull request previews are enabled for this branch, you can use this property to specify a dedicated backend environment for your previews. For example, you could specify an environment named `prod` , `test` , or `dev` that you initialized with the Amplify CLI and mapped to this branch.\n\nTo enable pull request previews, set the `EnablePullRequestPreview` property to `true` .\n\nIf you don't specify an environment, Amplify Hosting provides backend support for each preview by automatically provisioning a temporary backend environment. Amplify Hosting deletes this environment when the pull request is closed.\n\nFor more information about creating backend environments, see [Feature Branch Deployments and Team Workflows](https://docs.aws.amazon.com/amplify/latest/userguide/multi-environments.html) in the *AWS Amplify Hosting User Guide* ." + }, + "stage": { + "$ref": "#/types/aws-native:amplify:BranchStage", + "description": "Describes the current stage for the branch." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tag for the branch." + } + }, + "outputs": { + "appId": { + "type": "string", + "description": "The unique ID for an Amplify app.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "ARN for a branch, part of an Amplify App." + }, + "backend": { + "$ref": "#/types/aws-native:amplify:BranchBackend", + "description": "The backend for a `Branch` of an Amplify app. Use for a backend created from an AWS CloudFormation stack.\n\nThis field is available to Amplify Gen 2 apps only. When you deploy an application with Amplify Gen 2, you provision the app's backend infrastructure using Typescript code." + }, + "basicAuthConfig": { + "$ref": "#/types/aws-native:amplify:BranchBasicAuthConfig", + "description": "The basic authorization credentials for a branch of an Amplify app. You must base64-encode the authorization credentials and provide them in the format `user:password` ." + }, + "branchName": { + "type": "string", + "description": "The name for the branch.", + "replaceOnChanges": true + }, + "buildSpec": { + "type": "string", + "description": "The build specification (build spec) for the branch." + }, + "description": { + "type": "string", + "description": "The description for the branch that is part of an Amplify app." + }, + "enableAutoBuild": { + "type": "boolean", + "description": "Enables auto building for the branch." + }, + "enablePerformanceMode": { + "type": "boolean", + "description": "Enables performance mode for the branch.\n\nPerformance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out." + }, + "enablePullRequestPreview": { + "type": "boolean", + "description": "Specifies whether Amplify Hosting creates a preview for each pull request that is made for this branch. If this property is enabled, Amplify deploys your app to a unique preview URL after each pull request is opened. Development and QA teams can use this preview to test the pull request before it's merged into a production or integration branch.\n\nTo provide backend support for your preview, Amplify automatically provisions a temporary backend environment that it deletes when the pull request is closed. If you want to specify a dedicated backend environment for your previews, use the `PullRequestEnvironmentName` property.\n\nFor more information, see [Web Previews](https://docs.aws.amazon.com/amplify/latest/userguide/pr-previews.html) in the *AWS Amplify Hosting User Guide* ." + }, + "environmentVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplify:BranchEnvironmentVariable" + }, + "description": "The environment variables for the branch." + }, + "framework": { + "type": "string", + "description": "The framework for the branch." + }, + "pullRequestEnvironmentName": { + "type": "string", + "description": "If pull request previews are enabled for this branch, you can use this property to specify a dedicated backend environment for your previews. For example, you could specify an environment named `prod` , `test` , or `dev` that you initialized with the Amplify CLI and mapped to this branch.\n\nTo enable pull request previews, set the `EnablePullRequestPreview` property to `true` .\n\nIf you don't specify an environment, Amplify Hosting provides backend support for each preview by automatically provisioning a temporary backend environment. Amplify Hosting deletes this environment when the pull request is closed.\n\nFor more information about creating backend environments, see [Feature Branch Deployments and Team Workflows](https://docs.aws.amazon.com/amplify/latest/userguide/multi-environments.html) in the *AWS Amplify Hosting User Guide* ." + }, + "stage": { + "$ref": "#/types/aws-native:amplify:BranchStage", + "description": "Describes the current stage for the branch." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tag for the branch." + } + }, + "autoNamingSpec": { + "sdkName": "branchName", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "appId" + ], + "createOnly": [ + "appId", + "branchName" + ], + "writeOnly": [ + "basicAuthConfig" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:amplify:Domain": { + "cf": "AWS::Amplify::Domain", + "inputs": { + "appId": { + "type": "string", + "description": "The unique ID for an Amplify app." + }, + "autoSubDomainCreationPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Sets the branch patterns for automatic subdomain creation." + }, + "autoSubDomainIamRole": { + "type": "string", + "description": "The required AWS Identity and Access Management (IAMlong) service role for the Amazon Resource Name (ARN) for automatically creating subdomains." + }, + "certificateSettings": { + "$ref": "#/types/aws-native:amplify:DomainCertificateSettings", + "description": "The type of SSL/TLS certificate to use for your custom domain. If you don't specify a certificate type, Amplify uses the default certificate that it provisions and manages for you." + }, + "domainName": { + "type": "string", + "description": "The domain name for the domain association." + }, + "enableAutoSubDomain": { + "type": "boolean", + "description": "Enables the automated creation of subdomains for branches." + }, + "subDomainSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplify:DomainSubDomainSetting" + }, + "description": "The setting for the subdomain." + } + }, + "outputs": { + "appId": { + "type": "string", + "description": "The unique ID for an Amplify app.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "ARN for the Domain Association." + }, + "autoSubDomainCreationPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Sets the branch patterns for automatic subdomain creation." + }, + "autoSubDomainIamRole": { + "type": "string", + "description": "The required AWS Identity and Access Management (IAMlong) service role for the Amazon Resource Name (ARN) for automatically creating subdomains." + }, + "certificate": { + "$ref": "#/types/aws-native:amplify:DomainCertificate" + }, + "certificateRecord": { + "type": "string", + "description": "DNS Record for certificate verification." + }, + "certificateSettings": { + "$ref": "#/types/aws-native:amplify:DomainCertificateSettings", + "description": "The type of SSL/TLS certificate to use for your custom domain. If you don't specify a certificate type, Amplify uses the default certificate that it provisions and manages for you." + }, + "domainName": { + "type": "string", + "description": "The domain name for the domain association.", + "replaceOnChanges": true + }, + "domainStatus": { + "type": "string", + "description": "Status for the Domain Association." + }, + "enableAutoSubDomain": { + "type": "boolean", + "description": "Enables the automated creation of subdomains for branches." + }, + "statusReason": { + "type": "string", + "description": "Reason for the current status of the domain." + }, + "subDomainSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplify:DomainSubDomainSetting" + }, + "description": "The setting for the subdomain." + }, + "updateStatus": { + "type": "string", + "description": "The status of the domain update operation that is currently in progress. The following list describes the valid update states.\n\n- **REQUESTING_CERTIFICATE** - The certificate is in the process of being updated.\n- **PENDING_VERIFICATION** - Indicates that an Amplify managed certificate is in the process of being verified. This occurs during the creation of a custom domain or when a custom domain is updated to use a managed certificate.\n- **IMPORTING_CUSTOM_CERTIFICATE** - Indicates that an Amplify custom certificate is in the process of being imported. This occurs during the creation of a custom domain or when a custom domain is updated to use a custom certificate.\n- **PENDING_DEPLOYMENT** - Indicates that the subdomain or certificate changes are being propagated.\n- **AWAITING_APP_CNAME** - Amplify is waiting for CNAME records corresponding to subdomains to be propagated. If your custom domain is on Route 53, Amplify handles this for you automatically. For more information about custom domains, see [Setting up custom domains](https://docs.aws.amazon.com/amplify/latest/userguide/custom-domains.html) in the *Amplify Hosting User Guide* .\n- **UPDATE_COMPLETE** - The certificate has been associated with a domain.\n- **UPDATE_FAILED** - The certificate has failed to be provisioned or associated, and there is no existing active certificate to roll back to." + } + }, + "autoNamingSpec": { + "sdkName": "domainName", + "maxLength": 255 + }, + "required": [ + "appId", + "subDomainSettings" + ], + "createOnly": [ + "appId", + "domainName" + ], + "writeOnly": [ + "certificateSettings" + ], + "irreversibleNames": { + "autoSubDomainIamRole": "AutoSubDomainIAMRole" + } + }, + "aws-native:amplifyuibuilder:Component": { + "cf": "AWS::AmplifyUIBuilder::Component", + "inputs": { + "appId": { + "type": "string", + "description": "The unique ID of the Amplify app associated with the component." + }, + "bindingProperties": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentBindingPropertiesValue" + }, + "description": "The information to connect a component's properties to data at runtime. You can't specify `tags` as a valid property for `bindingProperties` ." + }, + "children": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentChild" + }, + "description": "A list of the component's `ComponentChild` instances." + }, + "collectionProperties": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentDataConfiguration" + }, + "description": "The data binding configuration for the component's properties. Use this for a collection component. You can't specify `tags` as a valid property for `collectionProperties` ." + }, + "componentType": { + "type": "string", + "description": "The type of the component. This can be an Amplify custom UI component or another custom component." + }, + "environmentName": { + "type": "string", + "description": "The name of the backend environment that is a part of the Amplify app." + }, + "events": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentEvent" + }, + "description": "Describes the events that can be raised on the component. Use for the workflow feature in Amplify Studio that allows you to bind events and actions to components." + }, + "name": { + "type": "string", + "description": "The name of the component." + }, + "overrides": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Describes the component's properties that can be overriden in a customized instance of the component. You can't specify `tags` as a valid property for `overrides` ." + }, + "properties": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty" + }, + "description": "Describes the component's properties. You can't specify `tags` as a valid property for `properties` ." + }, + "schemaVersion": { + "type": "string", + "description": "The schema version of the component when it was imported." + }, + "sourceId": { + "type": "string", + "description": "The unique ID of the component in its original source system, such as Figma." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "One or more key-value pairs to use when tagging the component." + }, + "variants": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentVariant" + }, + "description": "A list of the component's variants. A variant is a unique style configuration of a main component." + } + }, + "outputs": { + "appId": { + "type": "string", + "description": "The unique ID of the Amplify app associated with the component.", + "replaceOnChanges": true + }, + "awsId": { + "type": "string", + "description": "The unique ID of the component." + }, + "bindingProperties": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentBindingPropertiesValue" + }, + "description": "The information to connect a component's properties to data at runtime. You can't specify `tags` as a valid property for `bindingProperties` ." + }, + "children": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentChild" + }, + "description": "A list of the component's `ComponentChild` instances." + }, + "collectionProperties": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentDataConfiguration" + }, + "description": "The data binding configuration for the component's properties. Use this for a collection component. You can't specify `tags` as a valid property for `collectionProperties` ." + }, + "componentType": { + "type": "string", + "description": "The type of the component. This can be an Amplify custom UI component or another custom component." + }, + "createdAt": { + "type": "string", + "description": "The time that the component was created." + }, + "environmentName": { + "type": "string", + "description": "The name of the backend environment that is a part of the Amplify app.", + "replaceOnChanges": true + }, + "events": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentEvent" + }, + "description": "Describes the events that can be raised on the component. Use for the workflow feature in Amplify Studio that allows you to bind events and actions to components." + }, + "modifiedAt": { + "type": "string", + "description": "The time that the component was modified." + }, + "name": { + "type": "string", + "description": "The name of the component." + }, + "overrides": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "Describes the component's properties that can be overriden in a customized instance of the component. You can't specify `tags` as a valid property for `overrides` ." + }, + "properties": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty" + }, + "description": "Describes the component's properties. You can't specify `tags` as a valid property for `properties` ." + }, + "schemaVersion": { + "type": "string", + "description": "The schema version of the component when it was imported." + }, + "sourceId": { + "type": "string", + "description": "The unique ID of the component in its original source system, such as Figma." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "One or more key-value pairs to use when tagging the component." + }, + "variants": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentVariant" + }, + "description": "A list of the component's variants. A variant is a unique style configuration of a main component." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "createOnly": [ + "appId", + "environmentName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:amplifyuibuilder:Form": { + "cf": "AWS::AmplifyUIBuilder::Form", + "inputs": { + "appId": { + "type": "string", + "description": "The unique ID of the Amplify app associated with the form." + }, + "cta": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormCta", + "description": "The `FormCTA` object that stores the call to action configuration for the form." + }, + "dataType": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormDataTypeConfig", + "description": "The type of data source to use to create the form." + }, + "environmentName": { + "type": "string", + "description": "The name of the backend environment that is a part of the Amplify app." + }, + "fields": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldConfig" + }, + "description": "The configuration information for the form's fields." + }, + "formActionType": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormActionType", + "description": "Specifies whether to perform a create or update action on the form." + }, + "labelDecorator": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormLabelDecorator", + "description": "Specifies an icon or decoration to display on the form." + }, + "name": { + "type": "string", + "description": "The name of the form." + }, + "schemaVersion": { + "type": "string", + "description": "The schema version of the form." + }, + "sectionalElements": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormSectionalElement" + }, + "description": "The configuration information for the visual helper elements for the form. These elements are not associated with any data." + }, + "style": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormStyle", + "description": "The configuration for the form's style." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "One or more key-value pairs to use when tagging the form data." + } + }, + "outputs": { + "appId": { + "type": "string", + "description": "The unique ID of the Amplify app associated with the form.", + "replaceOnChanges": true + }, + "awsId": { + "type": "string", + "description": "The ID for the form." + }, + "cta": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormCta", + "description": "The `FormCTA` object that stores the call to action configuration for the form." + }, + "dataType": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormDataTypeConfig", + "description": "The type of data source to use to create the form." + }, + "environmentName": { + "type": "string", + "description": "The name of the backend environment that is a part of the Amplify app.", + "replaceOnChanges": true + }, + "fields": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldConfig" + }, + "description": "The configuration information for the form's fields." + }, + "formActionType": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormActionType", + "description": "Specifies whether to perform a create or update action on the form." + }, + "labelDecorator": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormLabelDecorator", + "description": "Specifies an icon or decoration to display on the form." + }, + "name": { + "type": "string", + "description": "The name of the form." + }, + "schemaVersion": { + "type": "string", + "description": "The schema version of the form." + }, + "sectionalElements": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormSectionalElement" + }, + "description": "The configuration information for the visual helper elements for the form. These elements are not associated with any data." + }, + "style": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormStyle", + "description": "The configuration for the form's style." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "One or more key-value pairs to use when tagging the form data." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "createOnly": [ + "appId", + "environmentName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:amplifyuibuilder:Theme": { + "cf": "AWS::AmplifyUIBuilder::Theme", + "inputs": { + "appId": { + "type": "string", + "description": "The unique ID for the Amplify app associated with the theme." + }, + "environmentName": { + "type": "string", + "description": "The name of the backend environment that is a part of the Amplify app." + }, + "name": { + "type": "string", + "description": "The name of the theme." + }, + "overrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ThemeValues" + }, + "description": "Describes the properties that can be overriden to customize a theme." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "One or more key-value pairs to use when tagging the theme." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ThemeValues" + }, + "description": "A list of key-value pairs that defines the properties of the theme." + } + }, + "outputs": { + "appId": { + "type": "string", + "description": "The unique ID for the Amplify app associated with the theme.", + "replaceOnChanges": true + }, + "awsId": { + "type": "string", + "description": "The ID for the theme." + }, + "createdAt": { + "type": "string", + "description": "The time that the theme was created." + }, + "environmentName": { + "type": "string", + "description": "The name of the backend environment that is a part of the Amplify app.", + "replaceOnChanges": true + }, + "modifiedAt": { + "type": "string", + "description": "The time that the theme was modified." + }, + "name": { + "type": "string", + "description": "The name of the theme." + }, + "overrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ThemeValues" + }, + "description": "Describes the properties that can be overriden to customize a theme." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "One or more key-value pairs to use when tagging the theme." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ThemeValues" + }, + "description": "A list of key-value pairs that defines the properties of the theme." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "createOnly": [ + "appId", + "environmentName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:apigateway:Account": { + "cf": "AWS::ApiGateway::Account", + "inputs": { + "cloudWatchRoleArn": { + "type": "string", + "description": "The ARN of an Amazon CloudWatch role for the current Account." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID for the account. For example: `abc123` ." + }, + "cloudWatchRoleArn": { + "type": "string", + "description": "The ARN of an Amazon CloudWatch role for the current Account." + } + }, + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:apigateway:ApiKey": { + "cf": "AWS::ApiGateway::ApiKey", + "inputs": { + "customerId": { + "type": "string", + "description": "An MKT customer identifier, when integrating with the AWS SaaS Marketplace." + }, + "description": { + "type": "string", + "description": "The description of the ApiKey." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether the ApiKey can be used by callers." + }, + "generateDistinctId": { + "type": "boolean", + "description": "Specifies whether (``true``) or not (``false``) the key identifier is distinct from the created API key value. This parameter is deprecated and should not be used." + }, + "name": { + "type": "string", + "description": "A name for the API key. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the API key name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "stageKeys": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigateway:ApiKeyStageKey" + }, + "description": "DEPRECATED FOR USAGE PLANS - Specifies stages associated with the API key." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters and must not start with ``aws:``. The tag value can be up to 256 characters." + }, + "value": { + "type": "string", + "description": "Specifies a value of the API key." + } + }, + "outputs": { + "apiKeyId": { + "type": "string", + "description": "The ID for the API key. For example: `abc123` ." + }, + "customerId": { + "type": "string", + "description": "An MKT customer identifier, when integrating with the AWS SaaS Marketplace." + }, + "description": { + "type": "string", + "description": "The description of the ApiKey." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether the ApiKey can be used by callers." + }, + "generateDistinctId": { + "type": "boolean", + "description": "Specifies whether (``true``) or not (``false``) the key identifier is distinct from the created API key value. This parameter is deprecated and should not be used.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "A name for the API key. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the API key name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "stageKeys": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigateway:ApiKeyStageKey" + }, + "description": "DEPRECATED FOR USAGE PLANS - Specifies stages associated with the API key." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters and must not start with ``aws:``. The tag value can be up to 256 characters." + }, + "value": { + "type": "string", + "description": "Specifies a value of the API key.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "generateDistinctId", + "name", + "value" + ], + "writeOnly": [ + "generateDistinctId" + ], + "irreversibleNames": { + "apiKeyId": "APIKeyId" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:apigateway:Authorizer": { + "cf": "AWS::ApiGateway::Authorizer", + "inputs": { + "authType": { + "type": "string", + "description": "Optional customer-defined field, used in OpenAPI imports and exports without functional impact." + }, + "authorizerCredentials": { + "type": "string", + "description": "Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null." + }, + "authorizerResultTtlInSeconds": { + "type": "integer", + "description": "The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour." + }, + "authorizerUri": { + "type": "string", + "description": "Specifies the authorizer's Uniform Resource Identifier (URI). For ``TOKEN`` or ``REQUEST`` authorizers, this must be a well-formed Lambda function URI, for example, ``arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations``. In general, the URI has this form ``arn:aws:apigateway:{region}:lambda:path/{service_api}``, where ``{region}`` is the same as the region hosting the Lambda function, ``path`` indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial ``/``. For Lambda functions, this is usually of the form ``/2015-03-31/functions/[FunctionARN]/invocations``." + }, + "identitySource": { + "type": "string", + "description": "The identity source for which authorization is requested. For a ``TOKEN`` or ``COGNITO_USER_POOLS`` authorizer, this is required and specifies the request header mapping expression for the custom header holding the authorization token submitted by the client. For example, if the token header name is ``Auth``, the header mapping expression is ``method.request.header.Auth``. For the ``REQUEST`` authorizer, this is required when authorization caching is enabled. The value is a comma-separated string of one or more mapping expressions of the specified request parameters. For example, if an ``Auth`` header, a ``Name`` query string parameter are defined as identity sources, this value is ``method.request.header.Auth, method.request.querystring.Name``. These parameters will be used to derive the authorization caching key and to perform runtime validation of the ``REQUEST`` authorizer by verifying all of the identity-related request parameters are present, not null and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 Unauthorized response without calling the Lambda function. The valid value is a string of comma-separated mapping expressions of the specified request parameters. When the authorization caching is not enabled, this property is optional." + }, + "identityValidationExpression": { + "type": "string", + "description": "A validation expression for the incoming identity token. For ``TOKEN`` authorizers, this value is a regular expression. For ``COGNITO_USER_POOLS`` authorizers, API Gateway will match the ``aud`` field of the incoming token from the client against the specified regular expression. It will invoke the authorizer's Lambda function when there is a match. Otherwise, it will return a 401 Unauthorized response without calling the Lambda function. The validation expression does not apply to the ``REQUEST`` authorizer." + }, + "name": { + "type": "string", + "description": "The name of the authorizer." + }, + "providerArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the Amazon Cognito user pool ARNs for the ``COGNITO_USER_POOLS`` authorizer. Each element is of this format: ``arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}``. For a ``TOKEN`` or ``REQUEST`` authorizer, this is not defined." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + }, + "type": { + "type": "string", + "description": "The authorizer type. Valid values are ``TOKEN`` for a Lambda function using a single authorization token submitted in a custom header, ``REQUEST`` for a Lambda function using incoming request parameters, and ``COGNITO_USER_POOLS`` for using an Amazon Cognito user pool." + } + }, + "outputs": { + "authType": { + "type": "string", + "description": "Optional customer-defined field, used in OpenAPI imports and exports without functional impact." + }, + "authorizerCredentials": { + "type": "string", + "description": "Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null." + }, + "authorizerId": { + "type": "string", + "description": "The ID for the authorizer. For example: `abc123` ." + }, + "authorizerResultTtlInSeconds": { + "type": "integer", + "description": "The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour." + }, + "authorizerUri": { + "type": "string", + "description": "Specifies the authorizer's Uniform Resource Identifier (URI). For ``TOKEN`` or ``REQUEST`` authorizers, this must be a well-formed Lambda function URI, for example, ``arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations``. In general, the URI has this form ``arn:aws:apigateway:{region}:lambda:path/{service_api}``, where ``{region}`` is the same as the region hosting the Lambda function, ``path`` indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial ``/``. For Lambda functions, this is usually of the form ``/2015-03-31/functions/[FunctionARN]/invocations``." + }, + "identitySource": { + "type": "string", + "description": "The identity source for which authorization is requested. For a ``TOKEN`` or ``COGNITO_USER_POOLS`` authorizer, this is required and specifies the request header mapping expression for the custom header holding the authorization token submitted by the client. For example, if the token header name is ``Auth``, the header mapping expression is ``method.request.header.Auth``. For the ``REQUEST`` authorizer, this is required when authorization caching is enabled. The value is a comma-separated string of one or more mapping expressions of the specified request parameters. For example, if an ``Auth`` header, a ``Name`` query string parameter are defined as identity sources, this value is ``method.request.header.Auth, method.request.querystring.Name``. These parameters will be used to derive the authorization caching key and to perform runtime validation of the ``REQUEST`` authorizer by verifying all of the identity-related request parameters are present, not null and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 Unauthorized response without calling the Lambda function. The valid value is a string of comma-separated mapping expressions of the specified request parameters. When the authorization caching is not enabled, this property is optional." + }, + "identityValidationExpression": { + "type": "string", + "description": "A validation expression for the incoming identity token. For ``TOKEN`` authorizers, this value is a regular expression. For ``COGNITO_USER_POOLS`` authorizers, API Gateway will match the ``aud`` field of the incoming token from the client against the specified regular expression. It will invoke the authorizer's Lambda function when there is a match. Otherwise, it will return a 401 Unauthorized response without calling the Lambda function. The validation expression does not apply to the ``REQUEST`` authorizer." + }, + "name": { + "type": "string", + "description": "The name of the authorizer." + }, + "providerArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the Amazon Cognito user pool ARNs for the ``COGNITO_USER_POOLS`` authorizer. Each element is of this format: ``arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}``. For a ``TOKEN`` or ``REQUEST`` authorizer, this is not defined." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi.", + "replaceOnChanges": true + }, + "type": { + "type": "string", + "description": "The authorizer type. Valid values are ``TOKEN`` for a Lambda function using a single authorization token submitted in a custom header, ``REQUEST`` for a Lambda function using incoming request parameters, and ``COGNITO_USER_POOLS`` for using an Amazon Cognito user pool." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "restApiId", + "type" + ], + "createOnly": [ + "restApiId" + ], + "irreversibleNames": { + "providerArns": "ProviderARNs" + } + }, + "aws-native:apigateway:BasePathMapping": { + "cf": "AWS::ApiGateway::BasePathMapping", + "inputs": { + "basePath": { + "type": "string", + "description": "The base path name that callers of the API must provide as part of the URL after the domain name." + }, + "domainName": { + "type": "string", + "description": "The domain name of the BasePathMapping resource to be described." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + }, + "stage": { + "type": "string", + "description": "The name of the associated stage." + } + }, + "outputs": { + "basePath": { + "type": "string", + "description": "The base path name that callers of the API must provide as part of the URL after the domain name.", + "replaceOnChanges": true + }, + "domainName": { + "type": "string", + "description": "The domain name of the BasePathMapping resource to be described.", + "replaceOnChanges": true + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + }, + "stage": { + "type": "string", + "description": "The name of the associated stage." + } + }, + "required": [ + "domainName" + ], + "createOnly": [ + "basePath", + "domainName" + ] + }, + "aws-native:apigateway:ClientCertificate": { + "cf": "AWS::ApiGateway::ClientCertificate", + "inputs": { + "description": { + "type": "string", + "description": "The description of the client certificate." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The collection of tags. Each tag element is associated with a given resource." + } + }, + "outputs": { + "clientCertificateId": { + "type": "string", + "description": "The ID for the client certificate. For example: `abc123` ." + }, + "description": { + "type": "string", + "description": "The description of the client certificate." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The collection of tags. Each tag element is associated with a given resource." + } + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:apigateway:Deployment": { + "cf": "AWS::ApiGateway::Deployment", + "inputs": { + "deploymentCanarySettings": { + "$ref": "#/types/aws-native:apigateway:DeploymentCanarySettings", + "description": "The input configuration for a canary deployment." + }, + "description": { + "type": "string", + "description": "The description for the Deployment resource to create." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + }, + "stageDescription": { + "$ref": "#/types/aws-native:apigateway:DeploymentStageDescription", + "description": "The description of the Stage resource for the Deployment resource to create. To specify a stage description, you must also provide a stage name." + }, + "stageName": { + "type": "string", + "description": "The name of the Stage resource for the Deployment resource to create." + } + }, + "outputs": { + "deploymentCanarySettings": { + "$ref": "#/types/aws-native:apigateway:DeploymentCanarySettings", + "description": "The input configuration for a canary deployment.", + "replaceOnChanges": true + }, + "deploymentId": { + "type": "string", + "description": "The ID for the deployment. For example: `abc123` ." + }, + "description": { + "type": "string", + "description": "The description for the Deployment resource to create." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi.", + "replaceOnChanges": true + }, + "stageDescription": { + "$ref": "#/types/aws-native:apigateway:DeploymentStageDescription", + "description": "The description of the Stage resource for the Deployment resource to create. To specify a stage description, you must also provide a stage name." + }, + "stageName": { + "type": "string", + "description": "The name of the Stage resource for the Deployment resource to create." + } + }, + "required": [ + "restApiId" + ], + "createOnly": [ + "deploymentCanarySettings", + "restApiId" + ], + "writeOnly": [ + "deploymentCanarySettings", + "stageDescription", + "stageName" + ] + }, + "aws-native:apigateway:DocumentationPart": { + "cf": "AWS::ApiGateway::DocumentationPart", + "inputs": { + "location": { + "$ref": "#/types/aws-native:apigateway:DocumentationPartLocation", + "description": "The location of the targeted API entity of the to-be-created documentation part." + }, + "properties": { + "type": "string", + "description": "The new documentation content map of the targeted API entity. Enclosed key-value pairs are API-specific, but only OpenAPI-compliant key-value pairs can be exported and, hence, published." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + } + }, + "outputs": { + "documentationPartId": { + "type": "string", + "description": "The ID for the documentation part." + }, + "location": { + "$ref": "#/types/aws-native:apigateway:DocumentationPartLocation", + "description": "The location of the targeted API entity of the to-be-created documentation part.", + "replaceOnChanges": true + }, + "properties": { + "type": "string", + "description": "The new documentation content map of the targeted API entity. Enclosed key-value pairs are API-specific, but only OpenAPI-compliant key-value pairs can be exported and, hence, published." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi.", + "replaceOnChanges": true + } + }, + "required": [ + "location", + "properties", + "restApiId" + ], + "createOnly": [ + "location", + "restApiId" + ] + }, + "aws-native:apigateway:DocumentationVersion": { + "cf": "AWS::ApiGateway::DocumentationVersion", + "inputs": { + "description": { + "type": "string", + "description": "A description about the new documentation snapshot." + }, + "documentationVersion": { + "type": "string", + "description": "The version identifier of the to-be-updated documentation version.", + "language": { + "csharp": { + "name": "DocumentationVersionValue" + } + } + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "A description about the new documentation snapshot." + }, + "documentationVersion": { + "type": "string", + "description": "The version identifier of the to-be-updated documentation version.", + "language": { + "csharp": { + "name": "DocumentationVersionValue" + } + }, + "replaceOnChanges": true + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi.", + "replaceOnChanges": true + } + }, + "required": [ + "documentationVersion", + "restApiId" + ], + "createOnly": [ + "documentationVersion", + "restApiId" + ] + }, + "aws-native:apigateway:DomainName": { + "cf": "AWS::ApiGateway::DomainName", + "inputs": { + "certificateArn": { + "type": "string", + "description": "The reference to an AWS -managed certificate that will be used by edge-optimized endpoint for this domain name. AWS Certificate Manager is the only supported source." + }, + "domainName": { + "type": "string", + "description": "The custom domain name as an API host name, for example, `my-api.example.com` .", + "language": { + "csharp": { + "name": "DomainNameValue" + } + } + }, + "endpointConfiguration": { + "$ref": "#/types/aws-native:apigateway:DomainNameEndpointConfiguration", + "description": "The endpoint configuration of this DomainName showing the endpoint types of the domain name." + }, + "mutualTlsAuthentication": { + "$ref": "#/types/aws-native:apigateway:DomainNameMutualTlsAuthentication", + "description": "The mutual TLS authentication configuration for a custom domain name. If specified, API Gateway performs two-way authentication between the client and the server. Clients must present a trusted certificate to access your API." + }, + "ownershipVerificationCertificateArn": { + "type": "string", + "description": "The ARN of the public certificate issued by ACM to validate ownership of your custom domain. Only required when configuring mutual TLS and using an ACM imported or private CA certificate ARN as the RegionalCertificateArn." + }, + "regionalCertificateArn": { + "type": "string", + "description": "The reference to an AWS -managed certificate that will be used for validating the regional domain name. AWS Certificate Manager is the only supported source." + }, + "securityPolicy": { + "type": "string", + "description": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are `TLS_1_0` and `TLS_1_2` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The collection of tags. Each tag element is associated with a given resource." + } + }, + "outputs": { + "certificateArn": { + "type": "string", + "description": "The reference to an AWS -managed certificate that will be used by edge-optimized endpoint for this domain name. AWS Certificate Manager is the only supported source." + }, + "distributionDomainName": { + "type": "string", + "description": "The Amazon CloudFront distribution domain name that's mapped to the custom domain name. This is only applicable for endpoints whose type is `EDGE` .\n\nExample: `d111111abcdef8.cloudfront.net`" + }, + "distributionHostedZoneId": { + "type": "string", + "description": "The region-agnostic Amazon Route 53 Hosted Zone ID of the edge-optimized endpoint. The only valid value is `Z2FDTNDATAQYW2` for all regions." + }, + "domainName": { + "type": "string", + "description": "The custom domain name as an API host name, for example, `my-api.example.com` .", + "language": { + "csharp": { + "name": "DomainNameValue" + } + }, + "replaceOnChanges": true + }, + "endpointConfiguration": { + "$ref": "#/types/aws-native:apigateway:DomainNameEndpointConfiguration", + "description": "The endpoint configuration of this DomainName showing the endpoint types of the domain name." + }, + "mutualTlsAuthentication": { + "$ref": "#/types/aws-native:apigateway:DomainNameMutualTlsAuthentication", + "description": "The mutual TLS authentication configuration for a custom domain name. If specified, API Gateway performs two-way authentication between the client and the server. Clients must present a trusted certificate to access your API." + }, + "ownershipVerificationCertificateArn": { + "type": "string", + "description": "The ARN of the public certificate issued by ACM to validate ownership of your custom domain. Only required when configuring mutual TLS and using an ACM imported or private CA certificate ARN as the RegionalCertificateArn." + }, + "regionalCertificateArn": { + "type": "string", + "description": "The reference to an AWS -managed certificate that will be used for validating the regional domain name. AWS Certificate Manager is the only supported source." + }, + "regionalDomainName": { + "type": "string", + "description": "The domain name associated with the regional endpoint for this custom domain name. You set up this association by adding a DNS record that points the custom domain name to this regional domain name." + }, + "regionalHostedZoneId": { + "type": "string", + "description": "The region-specific Amazon Route 53 Hosted Zone ID of the regional endpoint." + }, + "securityPolicy": { + "type": "string", + "description": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are `TLS_1_0` and `TLS_1_2` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The collection of tags. Each tag element is associated with a given resource." + } + }, + "createOnly": [ + "domainName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:apigateway:GatewayResponse": { + "cf": "AWS::ApiGateway::GatewayResponse", + "inputs": { + "responseParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Response parameters (paths, query strings and headers) of the GatewayResponse as a string-to-string map of key-value pairs." + }, + "responseTemplates": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Response templates of the GatewayResponse as a string-to-string map of key-value pairs." + }, + "responseType": { + "type": "string", + "description": "The response type of the associated GatewayResponse." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + }, + "statusCode": { + "type": "string", + "description": "The HTTP status code for this GatewayResponse." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID for the gateway response. For example: `abc123` ." + }, + "responseParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Response parameters (paths, query strings and headers) of the GatewayResponse as a string-to-string map of key-value pairs." + }, + "responseTemplates": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Response templates of the GatewayResponse as a string-to-string map of key-value pairs." + }, + "responseType": { + "type": "string", + "description": "The response type of the associated GatewayResponse.", + "replaceOnChanges": true + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi.", + "replaceOnChanges": true + }, + "statusCode": { + "type": "string", + "description": "The HTTP status code for this GatewayResponse." + } + }, + "required": [ + "responseType", + "restApiId" + ], + "createOnly": [ + "responseType", + "restApiId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:apigateway:Method": { + "cf": "AWS::ApiGateway::Method", + "inputs": { + "apiKeyRequired": { + "type": "boolean", + "description": "A boolean flag specifying whether a valid ApiKey is required to invoke this method." + }, + "authorizationScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of authorization scopes configured on the method. The scopes are used with a ``COGNITO_USER_POOLS`` authorizer to authorize the method invocation. The authorization works by matching the method scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any method scopes matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the method scope is configured, the client must provide an access token instead of an identity token for authorization purposes." + }, + "authorizationType": { + "type": "string", + "description": "The method's authorization type. This parameter is required. For valid values, see [Method](https://docs.aws.amazon.com/apigateway/latest/api/API_Method.html) in the *API Gateway API Reference*.\n If you specify the ``AuthorizerId`` property, specify ``CUSTOM`` or ``COGNITO_USER_POOLS`` for this property." + }, + "authorizerId": { + "type": "string", + "description": "The identifier of an authorizer to use on this method. The method's authorization type must be ``CUSTOM`` or ``COGNITO_USER_POOLS``." + }, + "httpMethod": { + "type": "string", + "description": "The method's HTTP verb." + }, + "integration": { + "$ref": "#/types/aws-native:apigateway:MethodIntegration", + "description": "Represents an ``HTTP``, ``HTTP_PROXY``, ``AWS``, ``AWS_PROXY``, or Mock integration." + }, + "methodResponses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigateway:MethodResponse" + }, + "description": "Gets a method response associated with a given HTTP status code." + }, + "operationName": { + "type": "string", + "description": "A human-friendly operation identifier for the method. For example, you can assign the ``operationName`` of ``ListPets`` for the ``GET /pets`` method in the ``PetStore`` example." + }, + "requestModels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value map specifying data schemas, represented by Model resources, (as the mapped value) of the request payloads of given content types (as the mapping key)." + }, + "requestParameters": { + "type": "object", + "additionalProperties": { + "oneOf": [ + { + "type": "boolean" + }, + { + "type": "string" + } + ] + }, + "description": "A key-value map defining required or optional method request parameters that can be accepted by API Gateway. A key is a method request parameter name matching the pattern of ``method.request.{location}.{name}``, where ``location`` is ``querystring``, ``path``, or ``header`` and ``name`` is a valid and unique parameter name. The value associated with the key is a Boolean flag indicating whether the parameter is required (``true``) or optional (``false``). The method request parameter names defined here are available in Integration to be mapped to integration request parameters or templates." + }, + "requestValidatorId": { + "type": "string", + "description": "The identifier of a RequestValidator for request validation." + }, + "resourceId": { + "type": "string", + "description": "The Resource identifier for the MethodResponse resource." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + } + }, + "outputs": { + "apiKeyRequired": { + "type": "boolean", + "description": "A boolean flag specifying whether a valid ApiKey is required to invoke this method." + }, + "authorizationScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of authorization scopes configured on the method. The scopes are used with a ``COGNITO_USER_POOLS`` authorizer to authorize the method invocation. The authorization works by matching the method scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any method scopes matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the method scope is configured, the client must provide an access token instead of an identity token for authorization purposes." + }, + "authorizationType": { + "type": "string", + "description": "The method's authorization type. This parameter is required. For valid values, see [Method](https://docs.aws.amazon.com/apigateway/latest/api/API_Method.html) in the *API Gateway API Reference*.\n If you specify the ``AuthorizerId`` property, specify ``CUSTOM`` or ``COGNITO_USER_POOLS`` for this property." + }, + "authorizerId": { + "type": "string", + "description": "The identifier of an authorizer to use on this method. The method's authorization type must be ``CUSTOM`` or ``COGNITO_USER_POOLS``." + }, + "httpMethod": { + "type": "string", + "description": "The method's HTTP verb.", + "replaceOnChanges": true + }, + "integration": { + "$ref": "#/types/aws-native:apigateway:MethodIntegration", + "description": "Represents an ``HTTP``, ``HTTP_PROXY``, ``AWS``, ``AWS_PROXY``, or Mock integration." + }, + "methodResponses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigateway:MethodResponse" + }, + "description": "Gets a method response associated with a given HTTP status code." + }, + "operationName": { + "type": "string", + "description": "A human-friendly operation identifier for the method. For example, you can assign the ``operationName`` of ``ListPets`` for the ``GET /pets`` method in the ``PetStore`` example." + }, + "requestModels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value map specifying data schemas, represented by Model resources, (as the mapped value) of the request payloads of given content types (as the mapping key)." + }, + "requestParameters": { + "type": "object", + "additionalProperties": { + "oneOf": [ + { + "type": "boolean" + }, + { + "type": "string" + } + ] + }, + "description": "A key-value map defining required or optional method request parameters that can be accepted by API Gateway. A key is a method request parameter name matching the pattern of ``method.request.{location}.{name}``, where ``location`` is ``querystring``, ``path``, or ``header`` and ``name`` is a valid and unique parameter name. The value associated with the key is a Boolean flag indicating whether the parameter is required (``true``) or optional (``false``). The method request parameter names defined here are available in Integration to be mapped to integration request parameters or templates." + }, + "requestValidatorId": { + "type": "string", + "description": "The identifier of a RequestValidator for request validation." + }, + "resourceId": { + "type": "string", + "description": "The Resource identifier for the MethodResponse resource.", + "replaceOnChanges": true + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi.", + "replaceOnChanges": true + } + }, + "required": [ + "httpMethod", + "resourceId", + "restApiId" + ], + "createOnly": [ + "httpMethod", + "resourceId", + "restApiId" + ] + }, + "aws-native:apigateway:Model": { + "cf": "AWS::ApiGateway::Model", + "inputs": { + "contentType": { + "type": "string", + "description": "The content-type for the model." + }, + "description": { + "type": "string", + "description": "The description of the model." + }, + "name": { + "type": "string", + "description": "A name for the model. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the model name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + }, + "schema": { + "$ref": "pulumi.json#/Any", + "description": "The schema for the model. For ``application/json`` models, this should be JSON schema draft 4 model. Do not include \"\\*/\" characters in the description of any properties because such \"\\*/\" characters may be interpreted as the closing marker for comments in some languages, such as Java or JavaScript, causing the installation of your API's SDK generated by API Gateway to fail.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGateway::Model` for more information about the expected schema for this property." + } + }, + "outputs": { + "contentType": { + "type": "string", + "description": "The content-type for the model.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the model." + }, + "name": { + "type": "string", + "description": "A name for the model. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the model name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi.", + "replaceOnChanges": true + }, + "schema": { + "$ref": "pulumi.json#/Any", + "description": "The schema for the model. For ``application/json`` models, this should be JSON schema draft 4 model. Do not include \"\\*/\" characters in the description of any properties because such \"\\*/\" characters may be interpreted as the closing marker for comments in some languages, such as Java or JavaScript, causing the installation of your API's SDK generated by API Gateway to fail.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGateway::Model` for more information about the expected schema for this property." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "restApiId" + ], + "createOnly": [ + "contentType", + "name", + "restApiId" + ] + }, + "aws-native:apigateway:RequestValidator": { + "cf": "AWS::ApiGateway::RequestValidator", + "inputs": { + "name": { + "type": "string", + "description": "The name of this RequestValidator" + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + }, + "validateRequestBody": { + "type": "boolean", + "description": "A Boolean flag to indicate whether to validate a request body according to the configured Model schema." + }, + "validateRequestParameters": { + "type": "boolean", + "description": "A Boolean flag to indicate whether to validate request parameters (``true``) or not (``false``)." + } + }, + "outputs": { + "name": { + "type": "string", + "description": "The name of this RequestValidator", + "replaceOnChanges": true + }, + "requestValidatorId": { + "type": "string", + "description": "The ID for the request validator. For example: `abc123` ." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi.", + "replaceOnChanges": true + }, + "validateRequestBody": { + "type": "boolean", + "description": "A Boolean flag to indicate whether to validate a request body according to the configured Model schema." + }, + "validateRequestParameters": { + "type": "boolean", + "description": "A Boolean flag to indicate whether to validate request parameters (``true``) or not (``false``)." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "restApiId" + ], + "createOnly": [ + "name", + "restApiId" + ] + }, + "aws-native:apigateway:Resource": { + "cf": "AWS::ApiGateway::Resource", + "inputs": { + "parentId": { + "type": "string", + "description": "The parent resource's identifier." + }, + "pathPart": { + "type": "string", + "description": "The last path segment for this resource." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + } + }, + "outputs": { + "parentId": { + "type": "string", + "description": "The parent resource's identifier.", + "replaceOnChanges": true + }, + "pathPart": { + "type": "string", + "description": "The last path segment for this resource.", + "replaceOnChanges": true + }, + "resourceId": { + "type": "string", + "description": "The ID for the resource. For example: `abc123` ." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi.", + "replaceOnChanges": true + } + }, + "required": [ + "parentId", + "pathPart", + "restApiId" + ], + "createOnly": [ + "parentId", + "pathPart", + "restApiId" + ] + }, + "aws-native:apigateway:RestApi": { + "cf": "AWS::ApiGateway::RestApi", + "inputs": { + "apiKeySourceType": { + "type": "string", + "description": "The source of the API key for metering requests according to a usage plan. Valid values are: ``HEADER`` to read the API key from the ``X-API-Key`` header of a request. ``AUTHORIZER`` to read the API key from the ``UsageIdentifierKey`` from a custom authorizer." + }, + "binaryMediaTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads." + }, + "body": { + "$ref": "pulumi.json#/Any", + "description": "An OpenAPI specification that defines a set of RESTful APIs in JSON format. For YAML templates, you can also provide the specification in YAML format.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGateway::RestApi` for more information about the expected schema for this property." + }, + "bodyS3Location": { + "$ref": "#/types/aws-native:apigateway:RestApiS3Location", + "description": "The Amazon Simple Storage Service (Amazon S3) location that points to an OpenAPI file, which defines a set of RESTful APIs in JSON or YAML format." + }, + "cloneFrom": { + "type": "string", + "description": "The ID of the RestApi that you want to clone from." + }, + "description": { + "type": "string", + "description": "The description of the RestApi." + }, + "disableExecuteApiEndpoint": { + "type": "boolean", + "description": "Specifies whether clients can invoke your API by using the default ``execute-api`` endpoint. By default, clients can invoke your API with the default ``https://{api_id}.execute-api.{region}.amazonaws.com`` endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint" + }, + "endpointConfiguration": { + "$ref": "#/types/aws-native:apigateway:RestApiEndpointConfiguration", + "description": "A list of the endpoint types of the API. Use this property when creating an API. When importing an existing API, specify the endpoint configuration types using the ``Parameters`` property." + }, + "failOnWarnings": { + "type": "boolean", + "description": "A query parameter to indicate whether to rollback the API update (``true``) or not (``false``) when a warning is encountered. The default value is ``false``." + }, + "minimumCompressionSize": { + "type": "integer", + "description": "A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size." + }, + "mode": { + "type": "string", + "description": "This property applies only when you use OpenAPI to define your REST API. The ``Mode`` determines how API Gateway handles resource updates.\n Valid values are ``overwrite`` or ``merge``. \n For ``overwrite``, the new API definition replaces the existing one. The existing API identifier remains unchanged.\n For ``merge``, the new API definition is merged with the existing API.\n If you don't specify this property, a default value is chosen. For REST APIs created before March 29, 2021, the default is ``overwrite``. For REST APIs created after March 29, 2021, the new API definition takes precedence, but any container types such as endpoint configurations and binary media types are merged with the existing API. \n Use the default mode to define top-level ``RestApi`` properties in addition to using OpenAPI. Generally, it's preferred to use API Gateway's OpenAPI extensions to model these properties." + }, + "name": { + "type": "string", + "description": "The name of the RestApi. A name is required if the REST API is not based on an OpenAPI specification." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Custom header parameters as part of the request. For example, to exclude DocumentationParts from an imported API, set ``ignore=documentation`` as a ``parameters`` value, as in the AWS CLI command of ``aws apigateway import-rest-api --parameters ignore=documentation --body 'file:///path/to/imported-api-body.json'``." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "A policy document that contains the permissions for the ``RestApi`` resource. To set the ARN for the policy, use the ``!Join`` intrinsic function with ``\"\"`` as delimiter and values of ``\"execute-api:/\"`` and ``\"*\"``.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGateway::RestApi` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters and must not start with ``aws:``. The tag value can be up to 256 characters." + } + }, + "outputs": { + "apiKeySourceType": { + "type": "string", + "description": "The source of the API key for metering requests according to a usage plan. Valid values are: ``HEADER`` to read the API key from the ``X-API-Key`` header of a request. ``AUTHORIZER`` to read the API key from the ``UsageIdentifierKey`` from a custom authorizer." + }, + "binaryMediaTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads." + }, + "body": { + "$ref": "pulumi.json#/Any", + "description": "An OpenAPI specification that defines a set of RESTful APIs in JSON format. For YAML templates, you can also provide the specification in YAML format.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGateway::RestApi` for more information about the expected schema for this property." + }, + "bodyS3Location": { + "$ref": "#/types/aws-native:apigateway:RestApiS3Location", + "description": "The Amazon Simple Storage Service (Amazon S3) location that points to an OpenAPI file, which defines a set of RESTful APIs in JSON or YAML format." + }, + "cloneFrom": { + "type": "string", + "description": "The ID of the RestApi that you want to clone from." + }, + "description": { + "type": "string", + "description": "The description of the RestApi." + }, + "disableExecuteApiEndpoint": { + "type": "boolean", + "description": "Specifies whether clients can invoke your API by using the default ``execute-api`` endpoint. By default, clients can invoke your API with the default ``https://{api_id}.execute-api.{region}.amazonaws.com`` endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint" + }, + "endpointConfiguration": { + "$ref": "#/types/aws-native:apigateway:RestApiEndpointConfiguration", + "description": "A list of the endpoint types of the API. Use this property when creating an API. When importing an existing API, specify the endpoint configuration types using the ``Parameters`` property." + }, + "failOnWarnings": { + "type": "boolean", + "description": "A query parameter to indicate whether to rollback the API update (``true``) or not (``false``) when a warning is encountered. The default value is ``false``." + }, + "minimumCompressionSize": { + "type": "integer", + "description": "A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size." + }, + "mode": { + "type": "string", + "description": "This property applies only when you use OpenAPI to define your REST API. The ``Mode`` determines how API Gateway handles resource updates.\n Valid values are ``overwrite`` or ``merge``. \n For ``overwrite``, the new API definition replaces the existing one. The existing API identifier remains unchanged.\n For ``merge``, the new API definition is merged with the existing API.\n If you don't specify this property, a default value is chosen. For REST APIs created before March 29, 2021, the default is ``overwrite``. For REST APIs created after March 29, 2021, the new API definition takes precedence, but any container types such as endpoint configurations and binary media types are merged with the existing API. \n Use the default mode to define top-level ``RestApi`` properties in addition to using OpenAPI. Generally, it's preferred to use API Gateway's OpenAPI extensions to model these properties." + }, + "name": { + "type": "string", + "description": "The name of the RestApi. A name is required if the REST API is not based on an OpenAPI specification." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Custom header parameters as part of the request. For example, to exclude DocumentationParts from an imported API, set ``ignore=documentation`` as a ``parameters`` value, as in the AWS CLI command of ``aws apigateway import-rest-api --parameters ignore=documentation --body 'file:///path/to/imported-api-body.json'``." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "A policy document that contains the permissions for the ``RestApi`` resource. To set the ARN for the policy, use the ``!Join`` intrinsic function with ``\"\"`` as delimiter and values of ``\"execute-api:/\"`` and ``\"*\"``.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGateway::RestApi` for more information about the expected schema for this property." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + }, + "rootResourceId": { + "type": "string", + "description": "The root resource ID for a `RestApi` resource, such as `a0bc123d4e` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters and must not start with ``aws:``. The tag value can be up to 256 characters." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "writeOnly": [ + "body", + "bodyS3Location", + "cloneFrom", + "failOnWarnings", + "mode", + "parameters" + ], + "irreversibleNames": { + "bodyS3Location": "BodyS3Location" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:apigateway:Stage": { + "cf": "AWS::ApiGateway::Stage", + "inputs": { + "accessLogSetting": { + "$ref": "#/types/aws-native:apigateway:StageAccessLogSetting", + "description": "Access log settings, including the access log format and access log destination ARN." + }, + "cacheClusterEnabled": { + "type": "boolean", + "description": "Specifies whether a cache cluster is enabled for the stage." + }, + "cacheClusterSize": { + "type": "string", + "description": "The stage's cache capacity in GB. For more information about choosing a cache size, see [Enabling API caching to enhance responsiveness](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html)." + }, + "canarySetting": { + "$ref": "#/types/aws-native:apigateway:StageCanarySetting", + "description": "Settings for the canary deployment in this stage." + }, + "clientCertificateId": { + "type": "string", + "description": "The identifier of a client certificate for an API stage." + }, + "deploymentId": { + "type": "string", + "description": "The identifier of the Deployment that the stage points to." + }, + "description": { + "type": "string", + "description": "The stage's description." + }, + "documentationVersion": { + "type": "string", + "description": "The version of the associated API documentation." + }, + "methodSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigateway:StageMethodSetting" + }, + "description": "A map that defines the method settings for a Stage resource. Keys (designated as ``/{method_setting_key`` below) are method paths defined as ``{resource_path}/{http_method}`` for an individual method override, or ``/\\*/\\*`` for overriding all methods in the stage." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + }, + "stageName": { + "type": "string", + "description": "The name of the stage is the first path segment in the Uniform Resource Identifier (URI) of a call to API Gateway. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The collection of tags. Each tag element is associated with a given resource." + }, + "tracingEnabled": { + "type": "boolean", + "description": "Specifies whether active tracing with X-ray is enabled for the Stage." + }, + "variables": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map (string-to-string map) that defines the stage variables, where the variable name is the key and the variable value is the value. Variable names are limited to alphanumeric characters. Values must match the following regular expression: ``[A-Za-z0-9-._~:/?#\u0026=,]+``." + } + }, + "outputs": { + "accessLogSetting": { + "$ref": "#/types/aws-native:apigateway:StageAccessLogSetting", + "description": "Access log settings, including the access log format and access log destination ARN." + }, + "cacheClusterEnabled": { + "type": "boolean", + "description": "Specifies whether a cache cluster is enabled for the stage." + }, + "cacheClusterSize": { + "type": "string", + "description": "The stage's cache capacity in GB. For more information about choosing a cache size, see [Enabling API caching to enhance responsiveness](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html)." + }, + "canarySetting": { + "$ref": "#/types/aws-native:apigateway:StageCanarySetting", + "description": "Settings for the canary deployment in this stage." + }, + "clientCertificateId": { + "type": "string", + "description": "The identifier of a client certificate for an API stage." + }, + "deploymentId": { + "type": "string", + "description": "The identifier of the Deployment that the stage points to." + }, + "description": { + "type": "string", + "description": "The stage's description." + }, + "documentationVersion": { + "type": "string", + "description": "The version of the associated API documentation." + }, + "methodSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigateway:StageMethodSetting" + }, + "description": "A map that defines the method settings for a Stage resource. Keys (designated as ``/{method_setting_key`` below) are method paths defined as ``{resource_path}/{http_method}`` for an individual method override, or ``/\\*/\\*`` for overriding all methods in the stage." + }, + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi.", + "replaceOnChanges": true + }, + "stageName": { + "type": "string", + "description": "The name of the stage is the first path segment in the Uniform Resource Identifier (URI) of a call to API Gateway. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The collection of tags. Each tag element is associated with a given resource." + }, + "tracingEnabled": { + "type": "boolean", + "description": "Specifies whether active tracing with X-ray is enabled for the Stage." + }, + "variables": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map (string-to-string map) that defines the stage variables, where the variable name is the key and the variable value is the value. Variable names are limited to alphanumeric characters. Values must match the following regular expression: ``[A-Za-z0-9-._~:/?#\u0026=,]+``." + } + }, + "autoNamingSpec": { + "sdkName": "stageName" + }, + "required": [ + "restApiId" + ], + "createOnly": [ + "restApiId", + "stageName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:apigateway:UsagePlan": { + "cf": "AWS::ApiGateway::UsagePlan", + "inputs": { + "apiStages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigateway:UsagePlanApiStage" + }, + "description": "The associated API stages of a usage plan." + }, + "description": { + "type": "string", + "description": "The description of a usage plan." + }, + "quota": { + "$ref": "#/types/aws-native:apigateway:UsagePlanQuotaSettings", + "description": "The target maximum number of permitted requests per a given unit time interval." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The collection of tags. Each tag element is associated with a given resource." + }, + "throttle": { + "$ref": "#/types/aws-native:apigateway:UsagePlanThrottleSettings", + "description": "A map containing method level throttling information for API stage in a usage plan." + }, + "usagePlanName": { + "type": "string", + "description": "The name of a usage plan." + } + }, + "outputs": { + "apiStages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigateway:UsagePlanApiStage" + }, + "description": "The associated API stages of a usage plan." + }, + "awsId": { + "type": "string", + "description": "The ID for the usage plan. For example: `abc123` ." + }, + "description": { + "type": "string", + "description": "The description of a usage plan." + }, + "quota": { + "$ref": "#/types/aws-native:apigateway:UsagePlanQuotaSettings", + "description": "The target maximum number of permitted requests per a given unit time interval." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The collection of tags. Each tag element is associated with a given resource." + }, + "throttle": { + "$ref": "#/types/aws-native:apigateway:UsagePlanThrottleSettings", + "description": "A map containing method level throttling information for API stage in a usage plan." + }, + "usagePlanName": { + "type": "string", + "description": "The name of a usage plan." + } + }, + "autoNamingSpec": { + "sdkName": "usagePlanName" + }, + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:apigateway:UsagePlanKey": { + "cf": "AWS::ApiGateway::UsagePlanKey", + "inputs": { + "keyId": { + "type": "string", + "description": "The Id of the UsagePlanKey resource." + }, + "keyType": { + "$ref": "#/types/aws-native:apigateway:UsagePlanKeyKeyType", + "description": "The type of a UsagePlanKey resource for a plan customer." + }, + "usagePlanId": { + "type": "string", + "description": "The Id of the UsagePlan resource representing the usage plan containing the UsagePlanKey resource representing a plan customer." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID for the usage plan key. For example: `abc123` ." + }, + "keyId": { + "type": "string", + "description": "The Id of the UsagePlanKey resource.", + "replaceOnChanges": true + }, + "keyType": { + "$ref": "#/types/aws-native:apigateway:UsagePlanKeyKeyType", + "description": "The type of a UsagePlanKey resource for a plan customer.", + "replaceOnChanges": true + }, + "usagePlanId": { + "type": "string", + "description": "The Id of the UsagePlan resource representing the usage plan containing the UsagePlanKey resource representing a plan customer.", + "replaceOnChanges": true + } + }, + "required": [ + "keyId", + "keyType", + "usagePlanId" + ], + "createOnly": [ + "keyId", + "keyType", + "usagePlanId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:apigateway:VpcLink": { + "cf": "AWS::ApiGateway::VpcLink", + "inputs": { + "description": { + "type": "string", + "description": "The description of the VPC link." + }, + "name": { + "type": "string", + "description": "The name used to label and identify the VPC link." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of arbitrary tags (key-value pairs) to associate with the VPC link." + }, + "targetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARN of the network load balancer of the VPC targeted by the VPC link. The network load balancer must be owned by the same AWS-account of the API owner." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the VPC link." + }, + "name": { + "type": "string", + "description": "The name used to label and identify the VPC link." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of arbitrary tags (key-value pairs) to associate with the VPC link." + }, + "targetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARN of the network load balancer of the VPC targeted by the VPC link. The network load balancer must be owned by the same AWS-account of the API owner.", + "replaceOnChanges": true + }, + "vpcLinkId": { + "type": "string", + "description": "The ID for the VPC link. For example: `abc123` ." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "targetArns" + ], + "createOnly": [ + "targetArns" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:apigatewayv2:Api": { + "cf": "AWS::ApiGatewayV2::Api", + "inputs": { + "apiKeySelectionExpression": { + "type": "string", + "description": "An API key selection expression. Supported only for WebSocket APIs. See [API Key Selection Expressions](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions)." + }, + "basePath": { + "type": "string", + "description": "Specifies how to interpret the base path of the API during import. Valid values are ``ignore``, ``prepend``, and ``split``. The default value is ``ignore``. To learn more, see [Set the OpenAPI basePath Property](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api-basePath.html). Supported only for HTTP APIs." + }, + "body": { + "$ref": "pulumi.json#/Any", + "description": "The OpenAPI definition. Supported only for HTTP APIs. To import an HTTP API, you must specify a ``Body`` or ``BodyS3Location``. If you specify a ``Body`` or ``BodyS3Location``, don't specify CloudFormation resources such as ``AWS::ApiGatewayV2::Authorizer`` or ``AWS::ApiGatewayV2::Route``. API Gateway doesn't support the combination of OpenAPI and CloudFormation resources.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Api` for more information about the expected schema for this property." + }, + "bodyS3Location": { + "$ref": "#/types/aws-native:apigatewayv2:ApiBodyS3Location", + "description": "The S3 location of an OpenAPI definition. Supported only for HTTP APIs. To import an HTTP API, you must specify a ``Body`` or ``BodyS3Location``. If you specify a ``Body`` or ``BodyS3Location``, don't specify CloudFormation resources such as ``AWS::ApiGatewayV2::Authorizer`` or ``AWS::ApiGatewayV2::Route``. API Gateway doesn't support the combination of OpenAPI and CloudFormation resources." + }, + "corsConfiguration": { + "$ref": "#/types/aws-native:apigatewayv2:ApiCors", + "description": "A CORS configuration. Supported only for HTTP APIs. See [Configuring CORS](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) for more information." + }, + "credentialsArn": { + "type": "string", + "description": "This property is part of quick create. It specifies the credentials required for the integration, if any. For a Lambda integration, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify ``arn:aws:iam::*:user/*``. To use resource-based permissions on supported AWS services, specify ``null``. Currently, this property is not used for HTTP integrations. Supported only for HTTP APIs." + }, + "description": { + "type": "string", + "description": "The description of the API." + }, + "disableExecuteApiEndpoint": { + "type": "boolean", + "description": "Specifies whether clients can invoke your API by using the default ``execute-api`` endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint." + }, + "disableSchemaValidation": { + "type": "boolean", + "description": "Avoid validating models when creating a deployment. Supported only for WebSocket APIs." + }, + "failOnWarnings": { + "type": "boolean", + "description": "Specifies whether to rollback the API creation when a warning is encountered. By default, API creation continues if a warning is encountered." + }, + "name": { + "type": "string", + "description": "The name of the API. Required unless you specify an OpenAPI definition for ``Body`` or ``S3BodyLocation``." + }, + "protocolType": { + "type": "string", + "description": "The API protocol. Valid values are ``WEBSOCKET`` or ``HTTP``. Required unless you specify an OpenAPI definition for ``Body`` or ``S3BodyLocation``." + }, + "routeKey": { + "type": "string", + "description": "This property is part of quick create. If you don't specify a ``routeKey``, a default route of ``$default`` is created. The ``$default`` route acts as a catch-all for any request made to your API, for a particular stage. The ``$default`` route key can't be modified. You can add routes after creating the API, and you can update the route keys of additional routes. Supported only for HTTP APIs." + }, + "routeSelectionExpression": { + "type": "string", + "description": "The route selection expression for the API. For HTTP APIs, the ``routeSelectionExpression`` must be ``${request.method} ${request.path}``. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The collection of tags. Each tag element is associated with a given resource." + }, + "target": { + "type": "string", + "description": "This property is part of quick create. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes. For HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN. The type of the integration will be HTTP_PROXY or AWS_PROXY, respectively. Supported only for HTTP APIs." + }, + "version": { + "type": "string", + "description": "A version identifier for the API." + } + }, + "outputs": { + "apiEndpoint": { + "type": "string", + "description": "The default endpoint for an API. For example: `https://abcdef.execute-api.us-west-2.amazonaws.com` ." + }, + "apiId": { + "type": "string", + "description": "The API identifier." + }, + "apiKeySelectionExpression": { + "type": "string", + "description": "An API key selection expression. Supported only for WebSocket APIs. See [API Key Selection Expressions](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions)." + }, + "basePath": { + "type": "string", + "description": "Specifies how to interpret the base path of the API during import. Valid values are ``ignore``, ``prepend``, and ``split``. The default value is ``ignore``. To learn more, see [Set the OpenAPI basePath Property](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api-basePath.html). Supported only for HTTP APIs." + }, + "body": { + "$ref": "pulumi.json#/Any", + "description": "The OpenAPI definition. Supported only for HTTP APIs. To import an HTTP API, you must specify a ``Body`` or ``BodyS3Location``. If you specify a ``Body`` or ``BodyS3Location``, don't specify CloudFormation resources such as ``AWS::ApiGatewayV2::Authorizer`` or ``AWS::ApiGatewayV2::Route``. API Gateway doesn't support the combination of OpenAPI and CloudFormation resources.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Api` for more information about the expected schema for this property." + }, + "bodyS3Location": { + "$ref": "#/types/aws-native:apigatewayv2:ApiBodyS3Location", + "description": "The S3 location of an OpenAPI definition. Supported only for HTTP APIs. To import an HTTP API, you must specify a ``Body`` or ``BodyS3Location``. If you specify a ``Body`` or ``BodyS3Location``, don't specify CloudFormation resources such as ``AWS::ApiGatewayV2::Authorizer`` or ``AWS::ApiGatewayV2::Route``. API Gateway doesn't support the combination of OpenAPI and CloudFormation resources." + }, + "corsConfiguration": { + "$ref": "#/types/aws-native:apigatewayv2:ApiCors", + "description": "A CORS configuration. Supported only for HTTP APIs. See [Configuring CORS](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) for more information." + }, + "credentialsArn": { + "type": "string", + "description": "This property is part of quick create. It specifies the credentials required for the integration, if any. For a Lambda integration, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify ``arn:aws:iam::*:user/*``. To use resource-based permissions on supported AWS services, specify ``null``. Currently, this property is not used for HTTP integrations. Supported only for HTTP APIs." + }, + "description": { + "type": "string", + "description": "The description of the API." + }, + "disableExecuteApiEndpoint": { + "type": "boolean", + "description": "Specifies whether clients can invoke your API by using the default ``execute-api`` endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint." + }, + "disableSchemaValidation": { + "type": "boolean", + "description": "Avoid validating models when creating a deployment. Supported only for WebSocket APIs." + }, + "failOnWarnings": { + "type": "boolean", + "description": "Specifies whether to rollback the API creation when a warning is encountered. By default, API creation continues if a warning is encountered." + }, + "name": { + "type": "string", + "description": "The name of the API. Required unless you specify an OpenAPI definition for ``Body`` or ``S3BodyLocation``." + }, + "protocolType": { + "type": "string", + "description": "The API protocol. Valid values are ``WEBSOCKET`` or ``HTTP``. Required unless you specify an OpenAPI definition for ``Body`` or ``S3BodyLocation``.", + "replaceOnChanges": true + }, + "routeKey": { + "type": "string", + "description": "This property is part of quick create. If you don't specify a ``routeKey``, a default route of ``$default`` is created. The ``$default`` route acts as a catch-all for any request made to your API, for a particular stage. The ``$default`` route key can't be modified. You can add routes after creating the API, and you can update the route keys of additional routes. Supported only for HTTP APIs." + }, + "routeSelectionExpression": { + "type": "string", + "description": "The route selection expression for the API. For HTTP APIs, the ``routeSelectionExpression`` must be ``${request.method} ${request.path}``. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The collection of tags. Each tag element is associated with a given resource." + }, + "target": { + "type": "string", + "description": "This property is part of quick create. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes. For HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN. The type of the integration will be HTTP_PROXY or AWS_PROXY, respectively. Supported only for HTTP APIs." + }, + "version": { + "type": "string", + "description": "A version identifier for the API." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "protocolType" + ], + "writeOnly": [ + "basePath", + "body", + "bodyS3Location", + "bodyS3Location/Bucket", + "bodyS3Location/Etag", + "bodyS3Location/Key", + "bodyS3Location/Version", + "credentialsArn", + "disableSchemaValidation", + "failOnWarnings", + "routeKey", + "target" + ], + "irreversibleNames": { + "bodyS3Location": "BodyS3Location" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:apigatewayv2:ApiMapping": { + "cf": "AWS::ApiGatewayV2::ApiMapping", + "inputs": { + "apiId": { + "type": "string", + "description": "The identifier of the API." + }, + "apiMappingKey": { + "type": "string", + "description": "The API mapping key." + }, + "domainName": { + "type": "string", + "description": "The domain name." + }, + "stage": { + "type": "string", + "description": "The API stage." + } + }, + "outputs": { + "apiId": { + "type": "string", + "description": "The identifier of the API." + }, + "apiMappingId": { + "type": "string", + "description": "The API mapping resource ID." + }, + "apiMappingKey": { + "type": "string", + "description": "The API mapping key." + }, + "domainName": { + "type": "string", + "description": "The domain name.", + "replaceOnChanges": true + }, + "stage": { + "type": "string", + "description": "The API stage." + } + }, + "required": [ + "apiId", + "domainName", + "stage" + ], + "createOnly": [ + "domainName" + ] + }, + "aws-native:apigatewayv2:Authorizer": { + "cf": "AWS::ApiGatewayV2::Authorizer", + "inputs": { + "apiId": { + "type": "string", + "description": "The API identifier." + }, + "authorizerCredentialsArn": { + "type": "string", + "description": "Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null. Supported only for ``REQUEST`` authorizers." + }, + "authorizerPayloadFormatVersion": { + "type": "string", + "description": "Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are ``1.0`` and ``2.0``. To learn more, see [Working with Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html)." + }, + "authorizerResultTtlInSeconds": { + "type": "integer", + "description": "The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers." + }, + "authorizerType": { + "type": "string", + "description": "The authorizer type. Specify ``REQUEST`` for a Lambda function using incoming request parameters. Specify ``JWT`` to use JSON Web Tokens (supported only for HTTP APIs)." + }, + "authorizerUri": { + "type": "string", + "description": "The authorizer's Uniform Resource Identifier (URI). For ``REQUEST`` authorizers, this must be a well-formed Lambda function URI, for example, ``arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations``. In general, the URI has this form: ``arn:aws:apigateway:{region}:lambda:path/{service_api}``, where *{region}* is the same as the region hosting the Lambda function, path indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial ``/``. For Lambda functions, this is usually of the form ``/2015-03-31/functions/[FunctionARN]/invocations``." + }, + "enableSimpleResponses": { + "type": "boolean", + "description": "Specifies whether a Lambda authorizer returns a response in a simple format. By default, a Lambda authorizer must return an IAM policy. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see [Working with Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html)." + }, + "identitySource": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The identity source for which authorization is requested.\n For a ``REQUEST`` authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with ``$``, for example, ``$request.header.Auth``, ``$request.querystring.Name``. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see [Working with Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html).\n For ``JWT``, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example ``$request.header.Authorization``." + }, + "identityValidationExpression": { + "type": "string", + "description": "This parameter is not used." + }, + "jwtConfiguration": { + "$ref": "#/types/aws-native:apigatewayv2:AuthorizerJwtConfiguration", + "description": "The ``JWTConfiguration`` property specifies the configuration of a JWT authorizer. Required for the ``JWT`` authorizer type. Supported only for HTTP APIs." + }, + "name": { + "type": "string", + "description": "The name of the authorizer." + } + }, + "outputs": { + "apiId": { + "type": "string", + "description": "The API identifier.", + "replaceOnChanges": true + }, + "authorizerCredentialsArn": { + "type": "string", + "description": "Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null. Supported only for ``REQUEST`` authorizers." + }, + "authorizerId": { + "type": "string", + "description": "The authorizer ID." + }, + "authorizerPayloadFormatVersion": { + "type": "string", + "description": "Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are ``1.0`` and ``2.0``. To learn more, see [Working with Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html)." + }, + "authorizerResultTtlInSeconds": { + "type": "integer", + "description": "The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers." + }, + "authorizerType": { + "type": "string", + "description": "The authorizer type. Specify ``REQUEST`` for a Lambda function using incoming request parameters. Specify ``JWT`` to use JSON Web Tokens (supported only for HTTP APIs)." + }, + "authorizerUri": { + "type": "string", + "description": "The authorizer's Uniform Resource Identifier (URI). For ``REQUEST`` authorizers, this must be a well-formed Lambda function URI, for example, ``arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations``. In general, the URI has this form: ``arn:aws:apigateway:{region}:lambda:path/{service_api}``, where *{region}* is the same as the region hosting the Lambda function, path indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial ``/``. For Lambda functions, this is usually of the form ``/2015-03-31/functions/[FunctionARN]/invocations``." + }, + "enableSimpleResponses": { + "type": "boolean", + "description": "Specifies whether a Lambda authorizer returns a response in a simple format. By default, a Lambda authorizer must return an IAM policy. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see [Working with Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html)." + }, + "identitySource": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The identity source for which authorization is requested.\n For a ``REQUEST`` authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with ``$``, for example, ``$request.header.Auth``, ``$request.querystring.Name``. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see [Working with Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html).\n For ``JWT``, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example ``$request.header.Authorization``." + }, + "identityValidationExpression": { + "type": "string", + "description": "This parameter is not used." + }, + "jwtConfiguration": { + "$ref": "#/types/aws-native:apigatewayv2:AuthorizerJwtConfiguration", + "description": "The ``JWTConfiguration`` property specifies the configuration of a JWT authorizer. Required for the ``JWT`` authorizer type. Supported only for HTTP APIs." + }, + "name": { + "type": "string", + "description": "The name of the authorizer." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "apiId", + "authorizerType" + ], + "createOnly": [ + "apiId" + ] + }, + "aws-native:apigatewayv2:Deployment": { + "cf": "AWS::ApiGatewayV2::Deployment", + "inputs": { + "apiId": { + "type": "string", + "description": "The API identifier." + }, + "description": { + "type": "string", + "description": "The description for the deployment resource." + }, + "stageName": { + "type": "string", + "description": "The name of an existing stage to associate with the deployment." + } + }, + "outputs": { + "apiId": { + "type": "string", + "description": "The API identifier.", + "replaceOnChanges": true + }, + "deploymentId": { + "type": "string", + "description": "The deployment ID." + }, + "description": { + "type": "string", + "description": "The description for the deployment resource." + }, + "stageName": { + "type": "string", + "description": "The name of an existing stage to associate with the deployment." + } + }, + "required": [ + "apiId" + ], + "createOnly": [ + "apiId" + ], + "writeOnly": [ + "stageName" + ], + "tagsProperty": "tags" + }, + "aws-native:apigatewayv2:DomainName": { + "cf": "AWS::ApiGatewayV2::DomainName", + "inputs": { + "domainName": { + "type": "string", + "description": "The custom domain name for your API in Amazon API Gateway. Uppercase letters are not supported.", + "language": { + "csharp": { + "name": "DomainNameValue" + } + } + }, + "domainNameConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigatewayv2:DomainNameConfiguration" + }, + "description": "The domain name configurations." + }, + "mutualTlsAuthentication": { + "$ref": "#/types/aws-native:apigatewayv2:DomainNameMutualTlsAuthentication", + "description": "The mutual TLS authentication configuration for a custom domain name." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The collection of tags associated with a domain name." + } + }, + "outputs": { + "domainName": { + "type": "string", + "description": "The custom domain name for your API in Amazon API Gateway. Uppercase letters are not supported.", + "language": { + "csharp": { + "name": "DomainNameValue" + } + }, + "replaceOnChanges": true + }, + "domainNameConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigatewayv2:DomainNameConfiguration" + }, + "description": "The domain name configurations." + }, + "mutualTlsAuthentication": { + "$ref": "#/types/aws-native:apigatewayv2:DomainNameMutualTlsAuthentication", + "description": "The mutual TLS authentication configuration for a custom domain name." + }, + "regionalDomainName": { + "type": "string", + "description": "The domain name associated with the regional endpoint for this custom domain name. You set up this association by adding a DNS record that points the custom domain name to this regional domain name." + }, + "regionalHostedZoneId": { + "type": "string", + "description": "The region-specific Amazon Route 53 Hosted Zone ID of the regional endpoint." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The collection of tags associated with a domain name." + } + }, + "required": [ + "domainName" + ], + "createOnly": [ + "domainName" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:apigatewayv2:Integration": { + "cf": "AWS::ApiGatewayV2::Integration", + "inputs": { + "apiId": { + "type": "string", + "description": "The API identifier." + }, + "connectionId": { + "type": "string", + "description": "The ID of the VPC link for a private integration. Supported only for HTTP APIs." + }, + "connectionType": { + "type": "string", + "description": "The type of the network connection to the integration endpoint. Specify `INTERNET` for connections through the public routable internet or `VPC_LINK` for private connections between API Gateway and resources in a VPC. The default value is `INTERNET` ." + }, + "contentHandlingStrategy": { + "type": "string", + "description": "Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT` , with the following behaviors:\n\n`CONVERT_TO_BINARY` : Converts a response payload from a Base64-encoded string to the corresponding binary blob.\n\n`CONVERT_TO_TEXT` : Converts a response payload from a binary blob to a Base64-encoded string.\n\nIf this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification." + }, + "credentialsArn": { + "type": "string", + "description": "Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::*:user/*` . To use resource-based permissions on supported AWS services, don't specify this parameter." + }, + "description": { + "type": "string", + "description": "The description of the integration." + }, + "integrationMethod": { + "type": "string", + "description": "Specifies the integration's HTTP method type. For WebSocket APIs, if you use a Lambda integration, you must set the integration method to `POST` ." + }, + "integrationSubtype": { + "type": "string", + "description": "Supported only for HTTP API `AWS_PROXY` integrations. Specifies the AWS service action to invoke. To learn more, see [Integration subtype reference](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services-reference.html) ." + }, + "integrationType": { + "type": "string", + "description": "The integration type of an integration. One of the following:\n\n`AWS` : for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.\n\n`AWS_PROXY` : for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.\n\n`HTTP` : for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.\n\n`HTTP_PROXY` : for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration. For HTTP API private integrations, use an `HTTP_PROXY` integration.\n\n`MOCK` : for integrating the route or method request with API Gateway as a \"loopback\" endpoint without invoking any backend. Supported only for WebSocket APIs." + }, + "integrationUri": { + "type": "string", + "description": "For a Lambda integration, specify the URI of a Lambda function.\n\nFor an HTTP integration, specify a fully-qualified URL.\n\nFor an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses `DiscoverInstances` to identify resources. You can use query parameters to target specific resources. To learn more, see [DiscoverInstances](https://docs.aws.amazon.com/cloud-map/latest/api/API_DiscoverInstances.html) . For private integrations, all resources must be owned by the same AWS account ." + }, + "passthroughBehavior": { + "type": "string", + "description": "Specifies the pass-through behavior for incoming requests based on the `Content-Type` header in the request, and the available mapping templates specified as the `requestTemplates` property on the `Integration` resource. There are three valid values: `WHEN_NO_MATCH` , `WHEN_NO_TEMPLATES` , and `NEVER` . Supported only for WebSocket APIs.\n\n`WHEN_NO_MATCH` passes the request body for unmapped content types through to the integration backend without transformation.\n\n`NEVER` rejects unmapped content types with an `HTTP 415 Unsupported Media Type` response.\n\n`WHEN_NO_TEMPLATES` allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same `HTTP 415 Unsupported Media Type` response." + }, + "payloadFormatVersion": { + "type": "string", + "description": "Specifies the format of the payload sent to an integration. Required for HTTP APIs. For HTTP APIs, supported values for Lambda proxy integrations are `1.0` and `2.0` . For all other integrations, `1.0` is the only supported value. To learn more, see [Working with AWS Lambda proxy integrations for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html) ." + }, + "requestParameters": { + "$ref": "pulumi.json#/Any", + "description": "For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of `method.request. {location} . {name}` , where `{location}` is `querystring` , `path` , or `header` ; and `{name}` must be a valid and unique method request parameter name.\n\nFor HTTP API integrations with a specified `integrationSubtype` , request parameters are a key-value map specifying parameters that are passed to `AWS_PROXY` integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Working with AWS service integrations for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services.html) .\n\nFor HTTP API integrations without a specified `integrationSubtype` request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern \u003caction\u003e:\u003cheader|querystring|path\u003e.\u003clocation\u003e where action can be `append` , `overwrite` or `remove` . For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Integration` for more information about the expected schema for this property." + }, + "requestTemplates": { + "$ref": "pulumi.json#/Any", + "description": "Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Integration` for more information about the expected schema for this property." + }, + "responseParameters": { + "$ref": "pulumi.json#/Any", + "description": "Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. The value is of type [`ResponseParameterList`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameterlist.html) . To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Integration` for more information about the expected schema for this property." + }, + "templateSelectionExpression": { + "type": "string", + "description": "The template selection expression for the integration. Supported only for WebSocket APIs." + }, + "timeoutInMillis": { + "type": "integer", + "description": "Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs." + }, + "tlsConfig": { + "$ref": "#/types/aws-native:apigatewayv2:IntegrationTlsConfig", + "description": "The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs." + } + }, + "outputs": { + "apiId": { + "type": "string", + "description": "The API identifier.", + "replaceOnChanges": true + }, + "awsId": { + "type": "string", + "description": "The identifier." + }, + "connectionId": { + "type": "string", + "description": "The ID of the VPC link for a private integration. Supported only for HTTP APIs." + }, + "connectionType": { + "type": "string", + "description": "The type of the network connection to the integration endpoint. Specify `INTERNET` for connections through the public routable internet or `VPC_LINK` for private connections between API Gateway and resources in a VPC. The default value is `INTERNET` ." + }, + "contentHandlingStrategy": { + "type": "string", + "description": "Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT` , with the following behaviors:\n\n`CONVERT_TO_BINARY` : Converts a response payload from a Base64-encoded string to the corresponding binary blob.\n\n`CONVERT_TO_TEXT` : Converts a response payload from a binary blob to a Base64-encoded string.\n\nIf this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification." + }, + "credentialsArn": { + "type": "string", + "description": "Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::*:user/*` . To use resource-based permissions on supported AWS services, don't specify this parameter." + }, + "description": { + "type": "string", + "description": "The description of the integration." + }, + "integrationMethod": { + "type": "string", + "description": "Specifies the integration's HTTP method type. For WebSocket APIs, if you use a Lambda integration, you must set the integration method to `POST` ." + }, + "integrationSubtype": { + "type": "string", + "description": "Supported only for HTTP API `AWS_PROXY` integrations. Specifies the AWS service action to invoke. To learn more, see [Integration subtype reference](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services-reference.html) ." + }, + "integrationType": { + "type": "string", + "description": "The integration type of an integration. One of the following:\n\n`AWS` : for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.\n\n`AWS_PROXY` : for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.\n\n`HTTP` : for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.\n\n`HTTP_PROXY` : for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration. For HTTP API private integrations, use an `HTTP_PROXY` integration.\n\n`MOCK` : for integrating the route or method request with API Gateway as a \"loopback\" endpoint without invoking any backend. Supported only for WebSocket APIs." + }, + "integrationUri": { + "type": "string", + "description": "For a Lambda integration, specify the URI of a Lambda function.\n\nFor an HTTP integration, specify a fully-qualified URL.\n\nFor an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses `DiscoverInstances` to identify resources. You can use query parameters to target specific resources. To learn more, see [DiscoverInstances](https://docs.aws.amazon.com/cloud-map/latest/api/API_DiscoverInstances.html) . For private integrations, all resources must be owned by the same AWS account ." + }, + "passthroughBehavior": { + "type": "string", + "description": "Specifies the pass-through behavior for incoming requests based on the `Content-Type` header in the request, and the available mapping templates specified as the `requestTemplates` property on the `Integration` resource. There are three valid values: `WHEN_NO_MATCH` , `WHEN_NO_TEMPLATES` , and `NEVER` . Supported only for WebSocket APIs.\n\n`WHEN_NO_MATCH` passes the request body for unmapped content types through to the integration backend without transformation.\n\n`NEVER` rejects unmapped content types with an `HTTP 415 Unsupported Media Type` response.\n\n`WHEN_NO_TEMPLATES` allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same `HTTP 415 Unsupported Media Type` response." + }, + "payloadFormatVersion": { + "type": "string", + "description": "Specifies the format of the payload sent to an integration. Required for HTTP APIs. For HTTP APIs, supported values for Lambda proxy integrations are `1.0` and `2.0` . For all other integrations, `1.0` is the only supported value. To learn more, see [Working with AWS Lambda proxy integrations for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html) ." + }, + "requestParameters": { + "$ref": "pulumi.json#/Any", + "description": "For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of `method.request. {location} . {name}` , where `{location}` is `querystring` , `path` , or `header` ; and `{name}` must be a valid and unique method request parameter name.\n\nFor HTTP API integrations with a specified `integrationSubtype` , request parameters are a key-value map specifying parameters that are passed to `AWS_PROXY` integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Working with AWS service integrations for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services.html) .\n\nFor HTTP API integrations without a specified `integrationSubtype` request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern \u003caction\u003e:\u003cheader|querystring|path\u003e.\u003clocation\u003e where action can be `append` , `overwrite` or `remove` . For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Integration` for more information about the expected schema for this property." + }, + "requestTemplates": { + "$ref": "pulumi.json#/Any", + "description": "Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Integration` for more information about the expected schema for this property." + }, + "responseParameters": { + "$ref": "pulumi.json#/Any", + "description": "Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. The value is of type [`ResponseParameterList`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameterlist.html) . To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Integration` for more information about the expected schema for this property." + }, + "templateSelectionExpression": { + "type": "string", + "description": "The template selection expression for the integration. Supported only for WebSocket APIs." + }, + "timeoutInMillis": { + "type": "integer", + "description": "Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs." + }, + "tlsConfig": { + "$ref": "#/types/aws-native:apigatewayv2:IntegrationTlsConfig", + "description": "The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs." + } + }, + "required": [ + "apiId", + "integrationType" + ], + "createOnly": [ + "apiId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:apigatewayv2:IntegrationResponse": { + "cf": "AWS::ApiGatewayV2::IntegrationResponse", + "inputs": { + "apiId": { + "type": "string", + "description": "The API identifier." + }, + "contentHandlingStrategy": { + "type": "string", + "description": "Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are ``CONVERT_TO_BINARY`` and ``CONVERT_TO_TEXT``, with the following behaviors:\n ``CONVERT_TO_BINARY``: Converts a response payload from a Base64-encoded string to the corresponding binary blob.\n ``CONVERT_TO_TEXT``: Converts a response payload from a binary blob to a Base64-encoded string.\n If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification." + }, + "integrationId": { + "type": "string", + "description": "The integration ID." + }, + "integrationResponseKey": { + "type": "string", + "description": "The integration response key." + }, + "responseParameters": { + "$ref": "pulumi.json#/Any", + "description": "A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of ``method.response.header.{name}``, where name is a valid and unique header name. The mapped non-static value must match the pattern of ``integration.response.header.{name}`` or ``integration.response.body.{JSON-expression}``, where ``{name}`` is a valid and unique response header name and ``{JSON-expression}`` is a valid JSON expression without the ``$`` prefix.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::IntegrationResponse` for more information about the expected schema for this property." + }, + "responseTemplates": { + "$ref": "pulumi.json#/Any", + "description": "The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::IntegrationResponse` for more information about the expected schema for this property." + }, + "templateSelectionExpression": { + "type": "string", + "description": "The template selection expression for the integration response. Supported only for WebSocket APIs." + } + }, + "outputs": { + "apiId": { + "type": "string", + "description": "The API identifier.", + "replaceOnChanges": true + }, + "contentHandlingStrategy": { + "type": "string", + "description": "Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are ``CONVERT_TO_BINARY`` and ``CONVERT_TO_TEXT``, with the following behaviors:\n ``CONVERT_TO_BINARY``: Converts a response payload from a Base64-encoded string to the corresponding binary blob.\n ``CONVERT_TO_TEXT``: Converts a response payload from a binary blob to a Base64-encoded string.\n If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification." + }, + "integrationId": { + "type": "string", + "description": "The integration ID.", + "replaceOnChanges": true + }, + "integrationResponseId": { + "type": "string", + "description": "The integration response ID." + }, + "integrationResponseKey": { + "type": "string", + "description": "The integration response key." + }, + "responseParameters": { + "$ref": "pulumi.json#/Any", + "description": "A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of ``method.response.header.{name}``, where name is a valid and unique header name. The mapped non-static value must match the pattern of ``integration.response.header.{name}`` or ``integration.response.body.{JSON-expression}``, where ``{name}`` is a valid and unique response header name and ``{JSON-expression}`` is a valid JSON expression without the ``$`` prefix.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::IntegrationResponse` for more information about the expected schema for this property." + }, + "responseTemplates": { + "$ref": "pulumi.json#/Any", + "description": "The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::IntegrationResponse` for more information about the expected schema for this property." + }, + "templateSelectionExpression": { + "type": "string", + "description": "The template selection expression for the integration response. Supported only for WebSocket APIs." + } + }, + "required": [ + "apiId", + "integrationId", + "integrationResponseKey" + ], + "createOnly": [ + "apiId", + "integrationId" + ] + }, + "aws-native:apigatewayv2:Model": { + "cf": "AWS::ApiGatewayV2::Model", + "inputs": { + "apiId": { + "type": "string", + "description": "The API identifier." + }, + "contentType": { + "type": "string", + "description": "The content-type for the model, for example, \"application/json\"." + }, + "description": { + "type": "string", + "description": "The description of the model." + }, + "name": { + "type": "string", + "description": "The name of the model." + }, + "schema": { + "$ref": "pulumi.json#/Any", + "description": "The schema for the model. For application/json models, this should be JSON schema draft 4 model.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Model` for more information about the expected schema for this property." + } + }, + "outputs": { + "apiId": { + "type": "string", + "description": "The API identifier.", + "replaceOnChanges": true + }, + "contentType": { + "type": "string", + "description": "The content-type for the model, for example, \"application/json\"." + }, + "description": { + "type": "string", + "description": "The description of the model." + }, + "modelId": { + "type": "string", + "description": "The model ID." + }, + "name": { + "type": "string", + "description": "The name of the model." + }, + "schema": { + "$ref": "pulumi.json#/Any", + "description": "The schema for the model. For application/json models, this should be JSON schema draft 4 model.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Model` for more information about the expected schema for this property." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "apiId", + "schema" + ], + "createOnly": [ + "apiId" + ] + }, + "aws-native:apigatewayv2:Route": { + "cf": "AWS::ApiGatewayV2::Route", + "inputs": { + "apiId": { + "type": "string", + "description": "The API identifier." + }, + "apiKeyRequired": { + "type": "boolean", + "description": "Specifies whether an API key is required for the route. Supported only for WebSocket APIs." + }, + "authorizationScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The authorization scopes supported by this route." + }, + "authorizationType": { + "type": "string", + "description": "The authorization type for the route. For WebSocket APIs, valid values are ``NONE`` for open access, ``AWS_IAM`` for using AWS IAM permissions, and ``CUSTOM`` for using a Lambda authorizer. For HTTP APIs, valid values are ``NONE`` for open access, ``JWT`` for using JSON Web Tokens, ``AWS_IAM`` for using AWS IAM permissions, and ``CUSTOM`` for using a Lambda authorizer." + }, + "authorizerId": { + "type": "string", + "description": "The identifier of the ``Authorizer`` resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer." + }, + "modelSelectionExpression": { + "type": "string", + "description": "The model selection expression for the route. Supported only for WebSocket APIs." + }, + "operationName": { + "type": "string", + "description": "The operation name for the route." + }, + "requestModels": { + "$ref": "pulumi.json#/Any", + "description": "The request models for the route. Supported only for WebSocket APIs.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Route` for more information about the expected schema for this property." + }, + "requestParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigatewayv2:RouteParameterConstraints" + }, + "description": "The request parameters for the route. Supported only for WebSocket APIs." + }, + "routeKey": { + "type": "string", + "description": "The route key for the route. For HTTP APIs, the route key can be either ``$default``, or a combination of an HTTP method and resource path, for example, ``GET /pets``." + }, + "routeResponseSelectionExpression": { + "type": "string", + "description": "The route response selection expression for the route. Supported only for WebSocket APIs." + }, + "target": { + "type": "string", + "description": "The target for the route." + } + }, + "outputs": { + "apiId": { + "type": "string", + "description": "The API identifier.", + "replaceOnChanges": true + }, + "apiKeyRequired": { + "type": "boolean", + "description": "Specifies whether an API key is required for the route. Supported only for WebSocket APIs." + }, + "authorizationScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The authorization scopes supported by this route." + }, + "authorizationType": { + "type": "string", + "description": "The authorization type for the route. For WebSocket APIs, valid values are ``NONE`` for open access, ``AWS_IAM`` for using AWS IAM permissions, and ``CUSTOM`` for using a Lambda authorizer. For HTTP APIs, valid values are ``NONE`` for open access, ``JWT`` for using JSON Web Tokens, ``AWS_IAM`` for using AWS IAM permissions, and ``CUSTOM`` for using a Lambda authorizer." + }, + "authorizerId": { + "type": "string", + "description": "The identifier of the ``Authorizer`` resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer." + }, + "modelSelectionExpression": { + "type": "string", + "description": "The model selection expression for the route. Supported only for WebSocket APIs." + }, + "operationName": { + "type": "string", + "description": "The operation name for the route." + }, + "requestModels": { + "$ref": "pulumi.json#/Any", + "description": "The request models for the route. Supported only for WebSocket APIs.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::Route` for more information about the expected schema for this property." + }, + "requestParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigatewayv2:RouteParameterConstraints" + }, + "description": "The request parameters for the route. Supported only for WebSocket APIs." + }, + "routeId": { + "type": "string", + "description": "The route ID." + }, + "routeKey": { + "type": "string", + "description": "The route key for the route. For HTTP APIs, the route key can be either ``$default``, or a combination of an HTTP method and resource path, for example, ``GET /pets``." + }, + "routeResponseSelectionExpression": { + "type": "string", + "description": "The route response selection expression for the route. Supported only for WebSocket APIs." + }, + "target": { + "type": "string", + "description": "The target for the route." + } + }, + "required": [ + "apiId", + "routeKey" + ], + "createOnly": [ + "apiId" + ], + "writeOnly": [ + "authorizerId", + "requestParameters" + ] + }, + "aws-native:apigatewayv2:RouteResponse": { + "cf": "AWS::ApiGatewayV2::RouteResponse", + "inputs": { + "apiId": { + "type": "string", + "description": "The API identifier." + }, + "modelSelectionExpression": { + "type": "string", + "description": "The model selection expression for the route response. Supported only for WebSocket APIs." + }, + "responseModels": { + "$ref": "pulumi.json#/Any", + "description": "The response models for the route response.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::RouteResponse` for more information about the expected schema for this property." + }, + "responseParameters": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:apigatewayv2:RouteResponseParameterConstraints" + }, + "description": "The route response parameters." + }, + "routeId": { + "type": "string", + "description": "The route ID." + }, + "routeResponseKey": { + "type": "string", + "description": "The route response key." + } + }, + "outputs": { + "apiId": { + "type": "string", + "description": "The API identifier.", + "replaceOnChanges": true + }, + "modelSelectionExpression": { + "type": "string", + "description": "The model selection expression for the route response. Supported only for WebSocket APIs." + }, + "responseModels": { + "$ref": "pulumi.json#/Any", + "description": "The response models for the route response.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ApiGatewayV2::RouteResponse` for more information about the expected schema for this property." + }, + "responseParameters": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:apigatewayv2:RouteResponseParameterConstraints" + }, + "description": "The route response parameters." + }, + "routeId": { + "type": "string", + "description": "The route ID.", + "replaceOnChanges": true + }, + "routeResponseId": { + "type": "string", + "description": "The route response ID." + }, + "routeResponseKey": { + "type": "string", + "description": "The route response key." + } + }, + "required": [ + "apiId", + "routeId", + "routeResponseKey" + ], + "createOnly": [ + "apiId", + "routeId" + ] + }, + "aws-native:apigatewayv2:VpcLink": { + "cf": "AWS::ApiGatewayV2::VpcLink", + "inputs": { + "name": { + "type": "string", + "description": "The name of the VPC link." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security group IDs for the VPC link." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of subnet IDs to include in the VPC link." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "This resource type use map for Tags, suggest to use List of Tag" + } + }, + "outputs": { + "name": { + "type": "string", + "description": "The name of the VPC link." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security group IDs for the VPC link.", + "replaceOnChanges": true + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of subnet IDs to include in the VPC link.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "This resource type use map for Tags, suggest to use List of Tag" + }, + "vpcLinkId": { + "type": "string", + "description": "The VPC link ID." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "subnetIds" + ], + "createOnly": [ + "securityGroupIds", + "subnetIds" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:appconfig:Application": { + "cf": "AWS::AppConfig::Application", + "inputs": { + "description": { + "type": "string", + "description": "A description of the application." + }, + "name": { + "type": "string", + "description": "A name for the application." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata to assign to the application. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define." + } + }, + "outputs": { + "applicationId": { + "type": "string", + "description": "The application Id" + }, + "description": { + "type": "string", + "description": "A description of the application." + }, + "name": { + "type": "string", + "description": "A name for the application." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata to assign to the application. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:appconfig:ConfigurationProfile": { + "cf": "AWS::AppConfig::ConfigurationProfile", + "inputs": { + "applicationId": { + "type": "string", + "description": "The application ID." + }, + "description": { + "type": "string", + "description": "A description of the configuration profile." + }, + "kmsKeyIdentifier": { + "type": "string", + "description": "The AWS Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated." + }, + "locationUri": { + "type": "string", + "description": "A URI to locate the configuration. You can specify the AWS AppConfig hosted configuration store, Systems Manager (SSM) document, an SSM Parameter Store parameter, or an Amazon S3 object." + }, + "name": { + "type": "string", + "description": "A name for the configuration profile." + }, + "retrievalRoleArn": { + "type": "string", + "description": "The ARN of an IAM role with permission to access the configuration at the specified LocationUri." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata to assign to the configuration profile. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define." + }, + "type": { + "type": "string", + "description": "The type of configurations contained in the profile. When calling this API, enter one of the following values for Type: AWS.AppConfig.FeatureFlags, AWS.Freeform" + }, + "validators": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appconfig:ConfigurationProfileValidators" + }, + "description": "A list of methods for validating the configuration." + } + }, + "outputs": { + "applicationId": { + "type": "string", + "description": "The application ID.", + "replaceOnChanges": true + }, + "configurationProfileId": { + "type": "string", + "description": "The configuration profile ID" + }, + "description": { + "type": "string", + "description": "A description of the configuration profile." + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name of the AWS Key Management Service key to encrypt new configuration data versions in the AWS AppConfig hosted configuration store. This attribute is only used for hosted configuration types. To encrypt data managed in other configuration stores, see the documentation for how to specify an AWS KMS key for that particular service." + }, + "kmsKeyIdentifier": { + "type": "string", + "description": "The AWS Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated." + }, + "locationUri": { + "type": "string", + "description": "A URI to locate the configuration. You can specify the AWS AppConfig hosted configuration store, Systems Manager (SSM) document, an SSM Parameter Store parameter, or an Amazon S3 object.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "A name for the configuration profile." + }, + "retrievalRoleArn": { + "type": "string", + "description": "The ARN of an IAM role with permission to access the configuration at the specified LocationUri." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata to assign to the configuration profile. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define." + }, + "type": { + "type": "string", + "description": "The type of configurations contained in the profile. When calling this API, enter one of the following values for Type: AWS.AppConfig.FeatureFlags, AWS.Freeform", + "replaceOnChanges": true + }, + "validators": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appconfig:ConfigurationProfileValidators" + }, + "description": "A list of methods for validating the configuration." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "applicationId", + "locationUri" + ], + "createOnly": [ + "applicationId", + "locationUri", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:appconfig:Environment": { + "cf": "AWS::AppConfig::Environment", + "inputs": { + "applicationId": { + "type": "string", + "description": "The application ID." + }, + "description": { + "type": "string", + "description": "A description of the environment." + }, + "monitors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appconfig:EnvironmentMonitor" + }, + "description": "Amazon CloudWatch alarms to monitor during the deployment process." + }, + "name": { + "type": "string", + "description": "A name for the environment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata to assign to the environment. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define." + } + }, + "outputs": { + "applicationId": { + "type": "string", + "description": "The application ID.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "A description of the environment." + }, + "environmentId": { + "type": "string", + "description": "The environment ID." + }, + "monitors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appconfig:EnvironmentMonitor" + }, + "description": "Amazon CloudWatch alarms to monitor during the deployment process." + }, + "name": { + "type": "string", + "description": "A name for the environment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata to assign to the environment. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "applicationId" + ], + "createOnly": [ + "applicationId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:appconfig:Extension": { + "cf": "AWS::AppConfig::Extension", + "inputs": { + "actions": { + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appconfig:ExtensionAction" + } + }, + "description": "The actions defined in the extension." + }, + "description": { + "type": "string", + "description": "Description of the extension." + }, + "latestVersionNumber": { + "type": "integer", + "description": "You can omit this field when you create an extension. When you create a new version, specify the most recent current version number. For example, you create version 3, enter 2 for this field." + }, + "name": { + "type": "string", + "description": "Name of the extension." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:appconfig:ExtensionParameter" + }, + "description": "The parameters accepted by the extension. You specify parameter values when you associate the extension to an AWS AppConfig resource by using the `CreateExtensionAssociation` API action. For AWS Lambda extension actions, these parameters are included in the Lambda request object." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value tags to apply to this resource." + } + }, + "outputs": { + "actions": { + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appconfig:ExtensionAction" + } + }, + "description": "The actions defined in the extension." + }, + "arn": { + "type": "string", + "description": "The system-generated Amazon Resource Name (ARN) for the extension." + }, + "awsId": { + "type": "string", + "description": "The system-generated ID of the extension." + }, + "description": { + "type": "string", + "description": "Description of the extension." + }, + "latestVersionNumber": { + "type": "integer", + "description": "You can omit this field when you create an extension. When you create a new version, specify the most recent current version number. For example, you create version 3, enter 2 for this field." + }, + "name": { + "type": "string", + "description": "Name of the extension.", + "replaceOnChanges": true + }, + "parameters": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:appconfig:ExtensionParameter" + }, + "description": "The parameters accepted by the extension. You specify parameter values when you associate the extension to an AWS AppConfig resource by using the `CreateExtensionAssociation` API action. For AWS Lambda extension actions, these parameters are included in the Lambda request object." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value tags to apply to this resource.", + "replaceOnChanges": true + }, + "versionNumber": { + "type": "integer", + "description": "The extension version number." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "actions" + ], + "createOnly": [ + "name", + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "writeOnly": [ + "latestVersionNumber", + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:appconfig:ExtensionAssociation": { + "cf": "AWS::AppConfig::ExtensionAssociation", + "inputs": { + "extensionIdentifier": { + "type": "string", + "description": "The name, the ID, or the Amazon Resource Name (ARN) of the extension." + }, + "extensionVersionNumber": { + "type": "integer", + "description": "The version number of the extension. If not specified, AWS AppConfig uses the maximum version of the extension." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The parameter names and values defined in the extensions. Extension parameters marked `Required` must be entered for this field." + }, + "resourceIdentifier": { + "type": "string", + "description": "The ARN of an application, configuration profile, or environment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the extension defined in the association." + }, + "awsId": { + "type": "string", + "description": "The system-generated ID for the association." + }, + "extensionArn": { + "type": "string", + "description": "The ARN of the extension defined in the association." + }, + "extensionIdentifier": { + "type": "string", + "description": "The name, the ID, or the Amazon Resource Name (ARN) of the extension.", + "replaceOnChanges": true + }, + "extensionVersionNumber": { + "type": "integer", + "description": "The version number of the extension. If not specified, AWS AppConfig uses the maximum version of the extension.", + "replaceOnChanges": true + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The parameter names and values defined in the extensions. Extension parameters marked `Required` must be entered for this field." + }, + "resourceArn": { + "type": "string", + "description": "The ARNs of applications, configuration profiles, or environments defined in the association." + }, + "resourceIdentifier": { + "type": "string", + "description": "The ARN of an application, configuration profile, or environment.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource.", + "replaceOnChanges": true + } + }, + "createOnly": [ + "extensionIdentifier", + "extensionVersionNumber", + "resourceIdentifier", + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "writeOnly": [ + "extensionIdentifier", + "resourceIdentifier", + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:appconfig:HostedConfigurationVersion": { + "cf": "AWS::AppConfig::HostedConfigurationVersion", + "inputs": { + "applicationId": { + "type": "string", + "description": "The application ID." + }, + "configurationProfileId": { + "type": "string", + "description": "The configuration profile ID." + }, + "content": { + "type": "string", + "description": "The content of the configuration or the configuration data." + }, + "contentType": { + "type": "string", + "description": "A standard MIME type describing the format of the configuration content." + }, + "description": { + "type": "string", + "description": "A description of the hosted configuration version." + }, + "latestVersionNumber": { + "type": "integer", + "description": "An optional locking token used to prevent race conditions from overwriting configuration updates when creating a new version. To ensure your data is not overwritten when creating multiple hosted configuration versions in rapid succession, specify the version number of the latest hosted configuration version." + }, + "versionLabel": { + "type": "string", + "description": "A user-defined label for an AWS AppConfig hosted configuration version." + } + }, + "outputs": { + "applicationId": { + "type": "string", + "description": "The application ID.", + "replaceOnChanges": true + }, + "configurationProfileId": { + "type": "string", + "description": "The configuration profile ID.", + "replaceOnChanges": true + }, + "content": { + "type": "string", + "description": "The content of the configuration or the configuration data.", + "replaceOnChanges": true + }, + "contentType": { + "type": "string", + "description": "A standard MIME type describing the format of the configuration content.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "A description of the hosted configuration version.", + "replaceOnChanges": true + }, + "latestVersionNumber": { + "type": "integer", + "description": "An optional locking token used to prevent race conditions from overwriting configuration updates when creating a new version. To ensure your data is not overwritten when creating multiple hosted configuration versions in rapid succession, specify the version number of the latest hosted configuration version.", + "replaceOnChanges": true + }, + "versionLabel": { + "type": "string", + "description": "A user-defined label for an AWS AppConfig hosted configuration version.", + "replaceOnChanges": true + }, + "versionNumber": { + "type": "string", + "description": "Current version number of hosted configuration version." + } + }, + "required": [ + "applicationId", + "configurationProfileId", + "content", + "contentType" + ], + "createOnly": [ + "applicationId", + "configurationProfileId", + "content", + "contentType", + "description", + "latestVersionNumber", + "versionLabel" + ], + "writeOnly": [ + "latestVersionNumber" + ] + }, + "aws-native:appflow:Connector": { + "cf": "AWS::AppFlow::Connector", + "inputs": { + "connectorLabel": { + "type": "string", + "description": " The name of the connector. The name is unique for each ConnectorRegistration in your AWS account." + }, + "connectorProvisioningConfig": { + "$ref": "#/types/aws-native:appflow:ConnectorProvisioningConfig", + "description": "Contains information about the configuration of the connector being registered." + }, + "connectorProvisioningType": { + "type": "string", + "description": "The provisioning type of the connector. Currently the only supported value is LAMBDA. " + }, + "description": { + "type": "string", + "description": "A description about the connector that's being registered." + } + }, + "outputs": { + "connectorArn": { + "type": "string", + "description": " The arn of the connector. The arn is unique for each ConnectorRegistration in your AWS account." + }, + "connectorLabel": { + "type": "string", + "description": " The name of the connector. The name is unique for each ConnectorRegistration in your AWS account.", + "replaceOnChanges": true + }, + "connectorProvisioningConfig": { + "$ref": "#/types/aws-native:appflow:ConnectorProvisioningConfig", + "description": "Contains information about the configuration of the connector being registered." + }, + "connectorProvisioningType": { + "type": "string", + "description": "The provisioning type of the connector. Currently the only supported value is LAMBDA. " + }, + "description": { + "type": "string", + "description": "A description about the connector that's being registered." + } + }, + "required": [ + "connectorProvisioningConfig", + "connectorProvisioningType" + ], + "createOnly": [ + "connectorLabel" + ] + }, + "aws-native:appflow:ConnectorProfile": { + "cf": "AWS::AppFlow::ConnectorProfile", + "inputs": { + "connectionMode": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectionMode", + "description": "Mode in which data transfer should be enabled. Private connection mode is currently enabled for Salesforce, Snowflake, Trendmicro and Singular" + }, + "connectorLabel": { + "type": "string", + "description": "The label of the connector. The label is unique for each ConnectorRegistration in your AWS account. Only needed if calling for CUSTOMCONNECTOR connector type/." + }, + "connectorProfileConfig": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConfig", + "description": "Connector specific configurations needed to create connector profile" + }, + "connectorProfileName": { + "type": "string", + "description": "The maximum number of items to retrieve in a single batch." + }, + "connectorType": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectorType", + "description": "List of Saas providers that need connector profile to be created" + }, + "kmsArn": { + "type": "string", + "description": "The ARN of the AWS Key Management Service (AWS KMS) key that's used to encrypt your function's environment variables. If it's not provided, AWS Lambda uses a default service key." + } + }, + "outputs": { + "connectionMode": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectionMode", + "description": "Mode in which data transfer should be enabled. Private connection mode is currently enabled for Salesforce, Snowflake, Trendmicro and Singular" + }, + "connectorLabel": { + "type": "string", + "description": "The label of the connector. The label is unique for each ConnectorRegistration in your AWS account. Only needed if calling for CUSTOMCONNECTOR connector type/.", + "replaceOnChanges": true + }, + "connectorProfileArn": { + "type": "string", + "description": "Unique identifier for connector profile resources" + }, + "connectorProfileConfig": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConfig", + "description": "Connector specific configurations needed to create connector profile" + }, + "connectorProfileName": { + "type": "string", + "description": "The maximum number of items to retrieve in a single batch.", + "replaceOnChanges": true + }, + "connectorType": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectorType", + "description": "List of Saas providers that need connector profile to be created", + "replaceOnChanges": true + }, + "credentialsArn": { + "type": "string", + "description": "A unique Arn for Connector-Profile resource" + }, + "kmsArn": { + "type": "string", + "description": "The ARN of the AWS Key Management Service (AWS KMS) key that's used to encrypt your function's environment variables. If it's not provided, AWS Lambda uses a default service key." + } + }, + "autoNamingSpec": { + "sdkName": "connectorProfileName", + "maxLength": 256 + }, + "required": [ + "connectionMode", + "connectorType" + ], + "createOnly": [ + "connectorLabel", + "connectorProfileName", + "connectorType" + ], + "writeOnly": [ + "connectorProfileConfig", + "kmsArn" + ], + "irreversibleNames": { + "kmsArn": "KMSArn" + } + }, + "aws-native:appflow:Flow": { + "cf": "AWS::AppFlow::Flow", + "inputs": { + "description": { + "type": "string", + "description": "Description of the flow." + }, + "destinationFlowConfigList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appflow:FlowDestinationFlowConfig" + }, + "description": "List of Destination connectors of the flow." + }, + "flowName": { + "type": "string", + "description": "Name of the flow." + }, + "flowStatus": { + "$ref": "#/types/aws-native:appflow:FlowStatus", + "description": "Flow activation status for Scheduled- and Event-triggered flows" + }, + "kmsArn": { + "type": "string", + "description": "The ARN of the AWS Key Management Service (AWS KMS) key that's used to encrypt your function's environment variables. If it's not provided, AWS Lambda uses a default service key." + }, + "metadataCatalogConfig": { + "$ref": "#/types/aws-native:appflow:FlowMetadataCatalogConfig", + "description": "Configurations of metadata catalog of the flow." + }, + "sourceFlowConfig": { + "$ref": "#/types/aws-native:appflow:FlowSourceFlowConfig", + "description": "Configurations of Source connector of the flow." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "List of Tags." + }, + "tasks": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appflow:FlowTask" + }, + "description": "List of tasks for the flow." + }, + "triggerConfig": { + "$ref": "#/types/aws-native:appflow:FlowTriggerConfig", + "description": "Trigger settings of the flow." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "Description of the flow." + }, + "destinationFlowConfigList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appflow:FlowDestinationFlowConfig" + }, + "description": "List of Destination connectors of the flow." + }, + "flowArn": { + "type": "string", + "description": "ARN identifier of the flow." + }, + "flowName": { + "type": "string", + "description": "Name of the flow.", + "replaceOnChanges": true + }, + "flowStatus": { + "$ref": "#/types/aws-native:appflow:FlowStatus", + "description": "Flow activation status for Scheduled- and Event-triggered flows" + }, + "kmsArn": { + "type": "string", + "description": "The ARN of the AWS Key Management Service (AWS KMS) key that's used to encrypt your function's environment variables. If it's not provided, AWS Lambda uses a default service key.", + "replaceOnChanges": true + }, + "metadataCatalogConfig": { + "$ref": "#/types/aws-native:appflow:FlowMetadataCatalogConfig", + "description": "Configurations of metadata catalog of the flow." + }, + "sourceFlowConfig": { + "$ref": "#/types/aws-native:appflow:FlowSourceFlowConfig", + "description": "Configurations of Source connector of the flow." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "List of Tags." + }, + "tasks": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appflow:FlowTask" + }, + "description": "List of tasks for the flow." + }, + "triggerConfig": { + "$ref": "#/types/aws-native:appflow:FlowTriggerConfig", + "description": "Trigger settings of the flow." + } + }, + "autoNamingSpec": { + "sdkName": "flowName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "destinationFlowConfigList", + "sourceFlowConfig", + "tasks", + "triggerConfig" + ], + "createOnly": [ + "flowName", + "kmsArn" + ], + "irreversibleNames": { + "kmsArn": "KMSArn" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:appintegrations:Application": { + "cf": "AWS::AppIntegrations::Application", + "inputs": { + "applicationSourceConfig": { + "$ref": "#/types/aws-native:appintegrations:ApplicationSourceConfigProperties", + "description": "Application source config" + }, + "description": { + "type": "string", + "description": "The application description." + }, + "name": { + "type": "string", + "description": "The name of the application." + }, + "namespace": { + "type": "string", + "description": "The namespace of the application." + }, + "permissions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The configuration of events or requests that the application has access to." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the application." + } + }, + "outputs": { + "applicationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the application." + }, + "applicationSourceConfig": { + "$ref": "#/types/aws-native:appintegrations:ApplicationSourceConfigProperties", + "description": "Application source config" + }, + "awsId": { + "type": "string", + "description": "The id of the application." + }, + "description": { + "type": "string", + "description": "The application description." + }, + "name": { + "type": "string", + "description": "The name of the application." + }, + "namespace": { + "type": "string", + "description": "The namespace of the application." + }, + "permissions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The configuration of events or requests that the application has access to." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the application." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "applicationSourceConfig", + "description" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:appintegrations:DataIntegration": { + "cf": "AWS::AppIntegrations::DataIntegration", + "inputs": { + "description": { + "type": "string", + "description": "The data integration description." + }, + "fileConfiguration": { + "$ref": "#/types/aws-native:appintegrations:DataIntegrationFileConfiguration", + "description": "The configuration for what files should be pulled from the source." + }, + "kmsKey": { + "type": "string", + "description": "The KMS key of the data integration." + }, + "name": { + "type": "string", + "description": "The name of the data integration." + }, + "objectConfiguration": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "The configuration for what data should be pulled from the source." + }, + "scheduleConfig": { + "$ref": "#/types/aws-native:appintegrations:DataIntegrationScheduleConfig", + "description": "The name of the data and how often it should be pulled from the source." + }, + "sourceUri": { + "type": "string", + "description": "The URI of the data source." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the data integration." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The unique identifer of the data integration." + }, + "dataIntegrationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the data integration." + }, + "description": { + "type": "string", + "description": "The data integration description." + }, + "fileConfiguration": { + "$ref": "#/types/aws-native:appintegrations:DataIntegrationFileConfiguration", + "description": "The configuration for what files should be pulled from the source." + }, + "kmsKey": { + "type": "string", + "description": "The KMS key of the data integration.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the data integration." + }, + "objectConfiguration": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "The configuration for what data should be pulled from the source." + }, + "scheduleConfig": { + "$ref": "#/types/aws-native:appintegrations:DataIntegrationScheduleConfig", + "description": "The name of the data and how often it should be pulled from the source.", + "replaceOnChanges": true + }, + "sourceUri": { + "type": "string", + "description": "The URI of the data source.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the data integration." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "kmsKey", + "sourceUri" + ], + "createOnly": [ + "kmsKey", + "scheduleConfig", + "sourceUri" + ], + "irreversibleNames": { + "awsId": "Id", + "sourceUri": "SourceURI" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:appintegrations:EventIntegration": { + "cf": "AWS::AppIntegrations::EventIntegration", + "inputs": { + "description": { + "type": "string", + "description": "The event integration description." + }, + "eventBridgeBus": { + "type": "string", + "description": "The Amazon Eventbridge bus for the event integration." + }, + "eventFilter": { + "$ref": "#/types/aws-native:appintegrations:EventIntegrationEventFilter", + "description": "The EventFilter (source) associated with the event integration." + }, + "name": { + "type": "string", + "description": "The name of the event integration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the event integration." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The event integration description." + }, + "eventBridgeBus": { + "type": "string", + "description": "The Amazon Eventbridge bus for the event integration.", + "replaceOnChanges": true + }, + "eventFilter": { + "$ref": "#/types/aws-native:appintegrations:EventIntegrationEventFilter", + "description": "The EventFilter (source) associated with the event integration.", + "replaceOnChanges": true + }, + "eventIntegrationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the event integration." + }, + "name": { + "type": "string", + "description": "The name of the event integration.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the event integration." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "eventBridgeBus", + "eventFilter" + ], + "createOnly": [ + "eventBridgeBus", + "eventFilter", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:applicationautoscaling:ScalableTarget": { + "cf": "AWS::ApplicationAutoScaling::ScalableTarget", + "inputs": { + "maxCapacity": { + "type": "integer", + "description": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand." + }, + "minCapacity": { + "type": "integer", + "description": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand." + }, + "resourceId": { + "type": "string", + "description": "The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.\n + ECS service - The resource type is ``service`` and the unique identifier is the cluster name and service name. Example: ``service/my-cluster/my-service``.\n + Spot Fleet - The resource type is ``spot-fleet-request`` and the unique identifier is the Spot Fleet request ID. Example: ``spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE``.\n + EMR cluster - The resource type is ``instancegroup`` and the unique identifier is the cluster ID and instance group ID. Example: ``instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0``.\n + AppStream 2.0 fleet - The resource type is ``fleet`` and the unique identifier is the fleet name. Example: ``fleet/sample-fleet``.\n + DynamoDB table - The resource type is ``table`` and the unique identifier is the table name. Example: ``table/my-table``.\n + DynamoDB global secondary index - The resource type is ``index`` and the unique identifier is the index name. Example: ``table/my-table/index/my-table-index``.\n + Aurora DB cluster - The resource type is ``cluster`` and the unique identifier is the cluster name. Example: ``cluster:my-db-cluster``.\n + SageMaker endpoint variant - The resource type is ``variant`` and the unique identifier is the resource ID. Example: ``endpoint/my-end-point/variant/KMeansClustering``.\n + Custom resources are not supported with a resource type. This parameter must specify the ``OutputValue`` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource).\n + Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: ``arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE``.\n + Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: ``arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE``.\n + Lambda provisioned concurrency - The resource type is ``function`` and the unique identifier is the function name with a function version or alias name suffix that is not ``$LATEST``. Example: ``function:my-function:prod`` or ``function:my-function:1``.\n + Amazon Keyspaces table - The resource type is ``table`` and the unique identifier is the table name. Example: ``keyspace/mykeyspace/table/mytable``.\n + Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: ``arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5``.\n + Amazon ElastiCache replication group - The resource type is ``replication-group`` and the unique identifier is the replication group name. Example: ``replication-group/mycluster``.\n + Neptune cluster - The resource type is ``cluster`` and the unique identifier is the cluster name. Example: ``cluster:mycluster``.\n + SageMaker serverless endpoint - The resource type is ``variant`` and the unique identifier is the resource ID. Example: ``endpoint/my-end-point/variant/KMeansClustering``.\n + SageMaker inference component - The resource type is ``inference-component`` and the unique identifier is the resource ID. Example: ``inference-component/my-inference-component``." + }, + "roleArn": { + "type": "string", + "description": "Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. This can be either an IAM service role that Application Auto Scaling can assume to make calls to other AWS resources on your behalf, or a service-linked role for the specified service. For more information, see [How Application Auto Scaling works with IAM](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html) in the *Application Auto Scaling User Guide*.\n To automatically create a service-linked role (recommended), specify the full ARN of the service-linked role in your stack template. To find the exact ARN of the service-linked role for your AWS or custom resource, see the [Service-linked roles](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html) topic in the *Application Auto Scaling User Guide*. Look for the ARN in the table at the bottom of the page." + }, + "scalableDimension": { + "type": "string", + "description": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.\n + ``ecs:service:DesiredCount`` - The desired task count of an ECS service.\n + ``elasticmapreduce:instancegroup:InstanceCount`` - The instance count of an EMR Instance Group.\n + ``ec2:spot-fleet-request:TargetCapacity`` - The target capacity of a Spot Fleet.\n + ``appstream:fleet:DesiredCapacity`` - The desired capacity of an AppStream 2.0 fleet.\n + ``dynamodb:table:ReadCapacityUnits`` - The provisioned read capacity for a DynamoDB table.\n + ``dynamodb:table:WriteCapacityUnits`` - The provisioned write capacity for a DynamoDB table.\n + ``dynamodb:index:ReadCapacityUnits`` - The provisioned read capacity for a DynamoDB global secondary index.\n + ``dynamodb:index:WriteCapacityUnits`` - The provisioned write capacity for a DynamoDB global secondary index.\n + ``rds:cluster:ReadReplicaCount`` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n + ``sagemaker:variant:DesiredInstanceCount`` - The number of EC2 instances for a SageMaker model endpoint variant.\n + ``custom-resource:ResourceType:Property`` - The scalable dimension for a custom resource provided by your own application or service.\n + ``comprehend:document-classifier-endpoint:DesiredInferenceUnits`` - The number of inference units for an Amazon Comprehend document classification endpoint.\n + ``comprehend:entity-recognizer-endpoint:DesiredInferenceUnits`` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n + ``lambda:function:ProvisionedConcurrency`` - The provisioned concurrency for a Lambda function.\n + ``cassandra:table:ReadCapacityUnits`` - The provisioned read capacity for an Amazon Keyspaces table.\n + ``cassandra:table:WriteCapacityUnits`` - The provisioned write capacity for an Amazon Keyspaces table.\n + ``kafka:broker-storage:VolumeSize`` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n + ``elasticache:replication-group:NodeGroups`` - The number of node groups for an Amazon ElastiCache replication group.\n + ``elasticache:replication-group:Replicas`` - The number of replicas per node group for an Amazon ElastiCache replication group.\n + ``neptune:cluster:ReadReplicaCount`` - The count of read replicas in an Amazon Neptune DB cluster.\n + ``sagemaker:variant:DesiredProvisionedConcurrency`` - The provisioned concurrency for a SageMaker serverless endpoint.\n + ``sagemaker:inference-component:DesiredCopyCount`` - The number of copies across an endpoint for a SageMaker inference component." + }, + "scheduledActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalableTargetScheduledAction" + }, + "description": "The scheduled actions for the scalable target. Duplicates aren't allowed." + }, + "serviceNamespace": { + "type": "string", + "description": "The namespace of the AWS service that provides the resource, or a ``custom-resource``." + }, + "suspendedState": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalableTargetSuspendedState", + "description": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to ``true`` suspends the specified scaling activities. Setting it to ``false`` (default) resumes the specified scaling activities. \n *Suspension Outcomes* \n + For ``DynamicScalingInSuspended``, while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended.\n + For ``DynamicScalingOutSuspended``, while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended.\n + For ``ScheduledScalingSuspended``, while a suspension is in effect, all scaling activities that involve scheduled actions are suspended." + } + }, + "outputs": { + "awsId": { + "type": "string" + }, + "maxCapacity": { + "type": "integer", + "description": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand." + }, + "minCapacity": { + "type": "integer", + "description": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand." + }, + "resourceId": { + "type": "string", + "description": "The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.\n + ECS service - The resource type is ``service`` and the unique identifier is the cluster name and service name. Example: ``service/my-cluster/my-service``.\n + Spot Fleet - The resource type is ``spot-fleet-request`` and the unique identifier is the Spot Fleet request ID. Example: ``spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE``.\n + EMR cluster - The resource type is ``instancegroup`` and the unique identifier is the cluster ID and instance group ID. Example: ``instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0``.\n + AppStream 2.0 fleet - The resource type is ``fleet`` and the unique identifier is the fleet name. Example: ``fleet/sample-fleet``.\n + DynamoDB table - The resource type is ``table`` and the unique identifier is the table name. Example: ``table/my-table``.\n + DynamoDB global secondary index - The resource type is ``index`` and the unique identifier is the index name. Example: ``table/my-table/index/my-table-index``.\n + Aurora DB cluster - The resource type is ``cluster`` and the unique identifier is the cluster name. Example: ``cluster:my-db-cluster``.\n + SageMaker endpoint variant - The resource type is ``variant`` and the unique identifier is the resource ID. Example: ``endpoint/my-end-point/variant/KMeansClustering``.\n + Custom resources are not supported with a resource type. This parameter must specify the ``OutputValue`` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource).\n + Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: ``arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE``.\n + Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: ``arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE``.\n + Lambda provisioned concurrency - The resource type is ``function`` and the unique identifier is the function name with a function version or alias name suffix that is not ``$LATEST``. Example: ``function:my-function:prod`` or ``function:my-function:1``.\n + Amazon Keyspaces table - The resource type is ``table`` and the unique identifier is the table name. Example: ``keyspace/mykeyspace/table/mytable``.\n + Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: ``arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5``.\n + Amazon ElastiCache replication group - The resource type is ``replication-group`` and the unique identifier is the replication group name. Example: ``replication-group/mycluster``.\n + Neptune cluster - The resource type is ``cluster`` and the unique identifier is the cluster name. Example: ``cluster:mycluster``.\n + SageMaker serverless endpoint - The resource type is ``variant`` and the unique identifier is the resource ID. Example: ``endpoint/my-end-point/variant/KMeansClustering``.\n + SageMaker inference component - The resource type is ``inference-component`` and the unique identifier is the resource ID. Example: ``inference-component/my-inference-component``.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. This can be either an IAM service role that Application Auto Scaling can assume to make calls to other AWS resources on your behalf, or a service-linked role for the specified service. For more information, see [How Application Auto Scaling works with IAM](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html) in the *Application Auto Scaling User Guide*.\n To automatically create a service-linked role (recommended), specify the full ARN of the service-linked role in your stack template. To find the exact ARN of the service-linked role for your AWS or custom resource, see the [Service-linked roles](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html) topic in the *Application Auto Scaling User Guide*. Look for the ARN in the table at the bottom of the page." + }, + "scalableDimension": { + "type": "string", + "description": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.\n + ``ecs:service:DesiredCount`` - The desired task count of an ECS service.\n + ``elasticmapreduce:instancegroup:InstanceCount`` - The instance count of an EMR Instance Group.\n + ``ec2:spot-fleet-request:TargetCapacity`` - The target capacity of a Spot Fleet.\n + ``appstream:fleet:DesiredCapacity`` - The desired capacity of an AppStream 2.0 fleet.\n + ``dynamodb:table:ReadCapacityUnits`` - The provisioned read capacity for a DynamoDB table.\n + ``dynamodb:table:WriteCapacityUnits`` - The provisioned write capacity for a DynamoDB table.\n + ``dynamodb:index:ReadCapacityUnits`` - The provisioned read capacity for a DynamoDB global secondary index.\n + ``dynamodb:index:WriteCapacityUnits`` - The provisioned write capacity for a DynamoDB global secondary index.\n + ``rds:cluster:ReadReplicaCount`` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n + ``sagemaker:variant:DesiredInstanceCount`` - The number of EC2 instances for a SageMaker model endpoint variant.\n + ``custom-resource:ResourceType:Property`` - The scalable dimension for a custom resource provided by your own application or service.\n + ``comprehend:document-classifier-endpoint:DesiredInferenceUnits`` - The number of inference units for an Amazon Comprehend document classification endpoint.\n + ``comprehend:entity-recognizer-endpoint:DesiredInferenceUnits`` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n + ``lambda:function:ProvisionedConcurrency`` - The provisioned concurrency for a Lambda function.\n + ``cassandra:table:ReadCapacityUnits`` - The provisioned read capacity for an Amazon Keyspaces table.\n + ``cassandra:table:WriteCapacityUnits`` - The provisioned write capacity for an Amazon Keyspaces table.\n + ``kafka:broker-storage:VolumeSize`` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n + ``elasticache:replication-group:NodeGroups`` - The number of node groups for an Amazon ElastiCache replication group.\n + ``elasticache:replication-group:Replicas`` - The number of replicas per node group for an Amazon ElastiCache replication group.\n + ``neptune:cluster:ReadReplicaCount`` - The count of read replicas in an Amazon Neptune DB cluster.\n + ``sagemaker:variant:DesiredProvisionedConcurrency`` - The provisioned concurrency for a SageMaker serverless endpoint.\n + ``sagemaker:inference-component:DesiredCopyCount`` - The number of copies across an endpoint for a SageMaker inference component.", + "replaceOnChanges": true + }, + "scheduledActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalableTargetScheduledAction" + }, + "description": "The scheduled actions for the scalable target. Duplicates aren't allowed." + }, + "serviceNamespace": { + "type": "string", + "description": "The namespace of the AWS service that provides the resource, or a ``custom-resource``.", + "replaceOnChanges": true + }, + "suspendedState": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalableTargetSuspendedState", + "description": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to ``true`` suspends the specified scaling activities. Setting it to ``false`` (default) resumes the specified scaling activities. \n *Suspension Outcomes* \n + For ``DynamicScalingInSuspended``, while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended.\n + For ``DynamicScalingOutSuspended``, while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended.\n + For ``ScheduledScalingSuspended``, while a suspension is in effect, all scaling activities that involve scheduled actions are suspended." + } + }, + "required": [ + "maxCapacity", + "minCapacity", + "resourceId", + "scalableDimension", + "serviceNamespace" + ], + "createOnly": [ + "resourceId", + "scalableDimension", + "serviceNamespace" + ], + "writeOnly": [ + "roleArn" + ], + "irreversibleNames": { + "awsId": "Id", + "roleArn": "RoleARN" + } + }, + "aws-native:applicationautoscaling:ScalingPolicy": { + "cf": "AWS::ApplicationAutoScaling::ScalingPolicy", + "inputs": { + "policyName": { + "type": "string", + "description": "The name of the scaling policy.\n Updates to the name of a target tracking scaling policy are not supported, unless you also update the metric used for scaling. To change only a target tracking scaling policy's name, first delete the policy by removing the existing ``AWS::ApplicationAutoScaling::ScalingPolicy`` resource from the template and updating the stack. Then, recreate the resource with the same settings and a different name." + }, + "policyType": { + "type": "string", + "description": "The scaling policy type.\n The following policy types are supported: \n ``TargetTrackingScaling``—Not supported for Amazon EMR\n ``StepScaling``—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces, Amazon MSK, Amazon ElastiCache, or Neptune." + }, + "resourceId": { + "type": "string", + "description": "The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.\n + ECS service - The resource type is ``service`` and the unique identifier is the cluster name and service name. Example: ``service/my-cluster/my-service``.\n + Spot Fleet - The resource type is ``spot-fleet-request`` and the unique identifier is the Spot Fleet request ID. Example: ``spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE``.\n + EMR cluster - The resource type is ``instancegroup`` and the unique identifier is the cluster ID and instance group ID. Example: ``instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0``.\n + AppStream 2.0 fleet - The resource type is ``fleet`` and the unique identifier is the fleet name. Example: ``fleet/sample-fleet``.\n + DynamoDB table - The resource type is ``table`` and the unique identifier is the table name. Example: ``table/my-table``.\n + DynamoDB global secondary index - The resource type is ``index`` and the unique identifier is the index name. Example: ``table/my-table/index/my-table-index``.\n + Aurora DB cluster - The resource type is ``cluster`` and the unique identifier is the cluster name. Example: ``cluster:my-db-cluster``.\n + SageMaker endpoint variant - The resource type is ``variant`` and the unique identifier is the resource ID. Example: ``endpoint/my-end-point/variant/KMeansClustering``.\n + Custom resources are not supported with a resource type. This parameter must specify the ``OutputValue`` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource).\n + Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: ``arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE``.\n + Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: ``arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE``.\n + Lambda provisioned concurrency - The resource type is ``function`` and the unique identifier is the function name with a function version or alias name suffix that is not ``$LATEST``. Example: ``function:my-function:prod`` or ``function:my-function:1``.\n + Amazon Keyspaces table - The resource type is ``table`` and the unique identifier is the table name. Example: ``keyspace/mykeyspace/table/mytable``.\n + Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: ``arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5``.\n + Amazon ElastiCache replication group - The resource type is ``replication-group`` and the unique identifier is the replication group name. Example: ``replication-group/mycluster``.\n + Neptune cluster - The resource type is ``cluster`` and the unique identifier is the cluster name. Example: ``cluster:mycluster``.\n + SageMaker serverless endpoint - The resource type is ``variant`` and the unique identifier is the resource ID. Example: ``endpoint/my-end-point/variant/KMeansClustering``.\n + SageMaker inference component - The resource type is ``inference-component`` and the unique identifier is the resource ID. Example: ``inference-component/my-inference-component``.\n + Pool of WorkSpaces - The resource type is ``workspacespool`` and the unique identifier is the pool ID. Example: ``workspacespool/wspool-123456``." + }, + "scalableDimension": { + "type": "string", + "description": "The scalable dimension. This string consists of the service namespace, resource type, and scaling property.\n + ``ecs:service:DesiredCount`` - The task count of an ECS service.\n + ``elasticmapreduce:instancegroup:InstanceCount`` - The instance count of an EMR Instance Group.\n + ``ec2:spot-fleet-request:TargetCapacity`` - The target capacity of a Spot Fleet.\n + ``appstream:fleet:DesiredCapacity`` - The capacity of an AppStream 2.0 fleet.\n + ``dynamodb:table:ReadCapacityUnits`` - The provisioned read capacity for a DynamoDB table.\n + ``dynamodb:table:WriteCapacityUnits`` - The provisioned write capacity for a DynamoDB table.\n + ``dynamodb:index:ReadCapacityUnits`` - The provisioned read capacity for a DynamoDB global secondary index.\n + ``dynamodb:index:WriteCapacityUnits`` - The provisioned write capacity for a DynamoDB global secondary index.\n + ``rds:cluster:ReadReplicaCount`` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n + ``sagemaker:variant:DesiredInstanceCount`` - The number of EC2 instances for a SageMaker model endpoint variant.\n + ``custom-resource:ResourceType:Property`` - The scalable dimension for a custom resource provided by your own application or service.\n + ``comprehend:document-classifier-endpoint:DesiredInferenceUnits`` - The number of inference units for an Amazon Comprehend document classification endpoint.\n + ``comprehend:entity-recognizer-endpoint:DesiredInferenceUnits`` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n + ``lambda:function:ProvisionedConcurrency`` - The provisioned concurrency for a Lambda function.\n + ``cassandra:table:ReadCapacityUnits`` - The provisioned read capacity for an Amazon Keyspaces table.\n + ``cassandra:table:WriteCapacityUnits`` - The provisioned write capacity for an Amazon Keyspaces table.\n + ``kafka:broker-storage:VolumeSize`` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n + ``elasticache:replication-group:NodeGroups`` - The number of node groups for an Amazon ElastiCache replication group.\n + ``elasticache:replication-group:Replicas`` - The number of replicas per node group for an Amazon ElastiCache replication group.\n + ``neptune:cluster:ReadReplicaCount`` - The count of read replicas in an Amazon Neptune DB cluster.\n + ``sagemaker:variant:DesiredProvisionedConcurrency`` - The provisioned concurrency for a SageMaker serverless endpoint.\n + ``sagemaker:inference-component:DesiredCopyCount`` - The number of copies across an endpoint for a SageMaker inference component.\n + ``workspaces:workspacespool:DesiredUserSessions`` - The number of user sessions for the WorkSpaces in the pool." + }, + "scalingTargetId": { + "type": "string", + "description": "The CloudFormation-generated ID of an Application Auto Scaling scalable target. For more information about the ID, see the Return Value section of the ``AWS::ApplicationAutoScaling::ScalableTarget`` resource.\n You must specify either the ``ScalingTargetId`` property, or the ``ResourceId``, ``ScalableDimension``, and ``ServiceNamespace`` properties, but not both." + }, + "serviceNamespace": { + "type": "string", + "description": "The namespace of the AWS service that provides the resource, or a ``custom-resource``." + }, + "stepScalingPolicyConfiguration": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyStepScalingPolicyConfiguration", + "description": "A step scaling policy." + }, + "targetTrackingScalingPolicyConfiguration": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyTargetTrackingScalingPolicyConfiguration", + "description": "A target tracking scaling policy." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the ARN of a scaling policy." + }, + "policyName": { + "type": "string", + "description": "The name of the scaling policy.\n Updates to the name of a target tracking scaling policy are not supported, unless you also update the metric used for scaling. To change only a target tracking scaling policy's name, first delete the policy by removing the existing ``AWS::ApplicationAutoScaling::ScalingPolicy`` resource from the template and updating the stack. Then, recreate the resource with the same settings and a different name.", + "replaceOnChanges": true + }, + "policyType": { + "type": "string", + "description": "The scaling policy type.\n The following policy types are supported: \n ``TargetTrackingScaling``—Not supported for Amazon EMR\n ``StepScaling``—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces, Amazon MSK, Amazon ElastiCache, or Neptune." + }, + "resourceId": { + "type": "string", + "description": "The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.\n + ECS service - The resource type is ``service`` and the unique identifier is the cluster name and service name. Example: ``service/my-cluster/my-service``.\n + Spot Fleet - The resource type is ``spot-fleet-request`` and the unique identifier is the Spot Fleet request ID. Example: ``spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE``.\n + EMR cluster - The resource type is ``instancegroup`` and the unique identifier is the cluster ID and instance group ID. Example: ``instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0``.\n + AppStream 2.0 fleet - The resource type is ``fleet`` and the unique identifier is the fleet name. Example: ``fleet/sample-fleet``.\n + DynamoDB table - The resource type is ``table`` and the unique identifier is the table name. Example: ``table/my-table``.\n + DynamoDB global secondary index - The resource type is ``index`` and the unique identifier is the index name. Example: ``table/my-table/index/my-table-index``.\n + Aurora DB cluster - The resource type is ``cluster`` and the unique identifier is the cluster name. Example: ``cluster:my-db-cluster``.\n + SageMaker endpoint variant - The resource type is ``variant`` and the unique identifier is the resource ID. Example: ``endpoint/my-end-point/variant/KMeansClustering``.\n + Custom resources are not supported with a resource type. This parameter must specify the ``OutputValue`` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource).\n + Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: ``arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE``.\n + Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: ``arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE``.\n + Lambda provisioned concurrency - The resource type is ``function`` and the unique identifier is the function name with a function version or alias name suffix that is not ``$LATEST``. Example: ``function:my-function:prod`` or ``function:my-function:1``.\n + Amazon Keyspaces table - The resource type is ``table`` and the unique identifier is the table name. Example: ``keyspace/mykeyspace/table/mytable``.\n + Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: ``arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5``.\n + Amazon ElastiCache replication group - The resource type is ``replication-group`` and the unique identifier is the replication group name. Example: ``replication-group/mycluster``.\n + Neptune cluster - The resource type is ``cluster`` and the unique identifier is the cluster name. Example: ``cluster:mycluster``.\n + SageMaker serverless endpoint - The resource type is ``variant`` and the unique identifier is the resource ID. Example: ``endpoint/my-end-point/variant/KMeansClustering``.\n + SageMaker inference component - The resource type is ``inference-component`` and the unique identifier is the resource ID. Example: ``inference-component/my-inference-component``.\n + Pool of WorkSpaces - The resource type is ``workspacespool`` and the unique identifier is the pool ID. Example: ``workspacespool/wspool-123456``.", + "replaceOnChanges": true + }, + "scalableDimension": { + "type": "string", + "description": "The scalable dimension. This string consists of the service namespace, resource type, and scaling property.\n + ``ecs:service:DesiredCount`` - The task count of an ECS service.\n + ``elasticmapreduce:instancegroup:InstanceCount`` - The instance count of an EMR Instance Group.\n + ``ec2:spot-fleet-request:TargetCapacity`` - The target capacity of a Spot Fleet.\n + ``appstream:fleet:DesiredCapacity`` - The capacity of an AppStream 2.0 fleet.\n + ``dynamodb:table:ReadCapacityUnits`` - The provisioned read capacity for a DynamoDB table.\n + ``dynamodb:table:WriteCapacityUnits`` - The provisioned write capacity for a DynamoDB table.\n + ``dynamodb:index:ReadCapacityUnits`` - The provisioned read capacity for a DynamoDB global secondary index.\n + ``dynamodb:index:WriteCapacityUnits`` - The provisioned write capacity for a DynamoDB global secondary index.\n + ``rds:cluster:ReadReplicaCount`` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n + ``sagemaker:variant:DesiredInstanceCount`` - The number of EC2 instances for a SageMaker model endpoint variant.\n + ``custom-resource:ResourceType:Property`` - The scalable dimension for a custom resource provided by your own application or service.\n + ``comprehend:document-classifier-endpoint:DesiredInferenceUnits`` - The number of inference units for an Amazon Comprehend document classification endpoint.\n + ``comprehend:entity-recognizer-endpoint:DesiredInferenceUnits`` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n + ``lambda:function:ProvisionedConcurrency`` - The provisioned concurrency for a Lambda function.\n + ``cassandra:table:ReadCapacityUnits`` - The provisioned read capacity for an Amazon Keyspaces table.\n + ``cassandra:table:WriteCapacityUnits`` - The provisioned write capacity for an Amazon Keyspaces table.\n + ``kafka:broker-storage:VolumeSize`` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n + ``elasticache:replication-group:NodeGroups`` - The number of node groups for an Amazon ElastiCache replication group.\n + ``elasticache:replication-group:Replicas`` - The number of replicas per node group for an Amazon ElastiCache replication group.\n + ``neptune:cluster:ReadReplicaCount`` - The count of read replicas in an Amazon Neptune DB cluster.\n + ``sagemaker:variant:DesiredProvisionedConcurrency`` - The provisioned concurrency for a SageMaker serverless endpoint.\n + ``sagemaker:inference-component:DesiredCopyCount`` - The number of copies across an endpoint for a SageMaker inference component.\n + ``workspaces:workspacespool:DesiredUserSessions`` - The number of user sessions for the WorkSpaces in the pool.", + "replaceOnChanges": true + }, + "scalingTargetId": { + "type": "string", + "description": "The CloudFormation-generated ID of an Application Auto Scaling scalable target. For more information about the ID, see the Return Value section of the ``AWS::ApplicationAutoScaling::ScalableTarget`` resource.\n You must specify either the ``ScalingTargetId`` property, or the ``ResourceId``, ``ScalableDimension``, and ``ServiceNamespace`` properties, but not both.", + "replaceOnChanges": true + }, + "serviceNamespace": { + "type": "string", + "description": "The namespace of the AWS service that provides the resource, or a ``custom-resource``.", + "replaceOnChanges": true + }, + "stepScalingPolicyConfiguration": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyStepScalingPolicyConfiguration", + "description": "A step scaling policy." + }, + "targetTrackingScalingPolicyConfiguration": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyTargetTrackingScalingPolicyConfiguration", + "description": "A target tracking scaling policy." + } + }, + "autoNamingSpec": { + "sdkName": "policyName" + }, + "required": [ + "policyType" + ], + "createOnly": [ + "policyName", + "resourceId", + "scalableDimension", + "scalingTargetId", + "serviceNamespace" + ], + "writeOnly": [ + "scalingTargetId", + "targetTrackingScalingPolicyConfiguration/PredefinedMetricSpecification/ResourceLabel" + ] + }, + "aws-native:applicationinsights:Application": { + "cf": "AWS::ApplicationInsights::Application", + "inputs": { + "attachMissingPermission": { + "type": "boolean", + "description": "If set to true, the managed policies for SSM and CW will be attached to the instance roles if they are missing" + }, + "autoConfigurationEnabled": { + "type": "boolean", + "description": "If set to true, application will be configured with recommended monitoring configuration." + }, + "componentMonitoringSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationComponentMonitoringSetting" + }, + "description": "The monitoring settings of the components." + }, + "customComponents": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationCustomComponent" + }, + "description": "The custom grouped components." + }, + "cweMonitorEnabled": { + "type": "boolean", + "description": "Indicates whether Application Insights can listen to CloudWatch events for the application resources." + }, + "groupingType": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationGroupingType", + "description": "The grouping type of the application" + }, + "logPatternSets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationLogPatternSet" + }, + "description": "The log pattern sets." + }, + "opsCenterEnabled": { + "type": "boolean", + "description": "When set to true, creates opsItems for any problems detected on an application." + }, + "opsItemSnsTopicArn": { + "type": "string", + "description": "The SNS topic provided to Application Insights that is associated to the created opsItem." + }, + "resourceGroupName": { + "type": "string", + "description": "The name of the resource group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of Application Insights application." + } + }, + "outputs": { + "applicationArn": { + "type": "string", + "description": "The ARN of the ApplicationInsights application." + }, + "attachMissingPermission": { + "type": "boolean", + "description": "If set to true, the managed policies for SSM and CW will be attached to the instance roles if they are missing" + }, + "autoConfigurationEnabled": { + "type": "boolean", + "description": "If set to true, application will be configured with recommended monitoring configuration." + }, + "componentMonitoringSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationComponentMonitoringSetting" + }, + "description": "The monitoring settings of the components." + }, + "customComponents": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationCustomComponent" + }, + "description": "The custom grouped components." + }, + "cweMonitorEnabled": { + "type": "boolean", + "description": "Indicates whether Application Insights can listen to CloudWatch events for the application resources." + }, + "groupingType": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationGroupingType", + "description": "The grouping type of the application", + "replaceOnChanges": true + }, + "logPatternSets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationLogPatternSet" + }, + "description": "The log pattern sets." + }, + "opsCenterEnabled": { + "type": "boolean", + "description": "When set to true, creates opsItems for any problems detected on an application." + }, + "opsItemSnsTopicArn": { + "type": "string", + "description": "The SNS topic provided to Application Insights that is associated to the created opsItem." + }, + "resourceGroupName": { + "type": "string", + "description": "The name of the resource group.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of Application Insights application." + } + }, + "required": [ + "resourceGroupName" + ], + "createOnly": [ + "groupingType", + "resourceGroupName" + ], + "writeOnly": [ + "attachMissingPermission", + "componentMonitoringSettings", + "customComponents", + "groupingType", + "logPatternSets", + "opsItemSnsTopicArn" + ], + "irreversibleNames": { + "applicationArn": "ApplicationARN", + "cweMonitorEnabled": "CWEMonitorEnabled", + "opsItemSnsTopicArn": "OpsItemSNSTopicArn" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:applicationsignals:ServiceLevelObjective": { + "cf": "AWS::ApplicationSignals::ServiceLevelObjective", + "inputs": { + "description": { + "type": "string", + "description": "An optional description for this SLO. Default is 'No description'" + }, + "goal": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveGoal", + "description": "This structure contains the attributes that determine the goal of an SLO. This includes the time period for evaluation and the attainment threshold." + }, + "name": { + "type": "string", + "description": "The name of this SLO." + }, + "sli": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveSli", + "description": "A structure containing information about the performance metric that this SLO monitors." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs to associate with the SLO. You can associate as many as 50 tags with an SLO. To be able to associate tags with the SLO when you create the SLO, you must have the cloudwatch:TagResource permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of this SLO." + }, + "createdTime": { + "type": "integer", + "description": "Epoch time in seconds of the time that this SLO was created" + }, + "description": { + "type": "string", + "description": "An optional description for this SLO. Default is 'No description'" + }, + "goal": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveGoal", + "description": "This structure contains the attributes that determine the goal of an SLO. This includes the time period for evaluation and the attainment threshold." + }, + "lastUpdatedTime": { + "type": "integer", + "description": "Epoch time in seconds of the time that this SLO was most recently updated" + }, + "name": { + "type": "string", + "description": "The name of this SLO.", + "replaceOnChanges": true + }, + "sli": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveSli", + "description": "A structure containing information about the performance metric that this SLO monitors." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs to associate with the SLO. You can associate as many as 50 tags with an SLO. To be able to associate tags with the SLO when you create the SLO, you must have the cloudwatch:TagResource permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "sli" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:apprunner:AutoScalingConfiguration": { + "cf": "AWS::AppRunner::AutoScalingConfiguration", + "inputs": { + "autoScalingConfigurationName": { + "type": "string", + "description": "The customer-provided auto scaling configuration name. When you use it for the first time in an AWS Region, App Runner creates revision number 1 of this name. When you use the same name in subsequent calls, App Runner creates incremental revisions of the configuration. The auto scaling configuration name can be used in multiple revisions of a configuration." + }, + "maxConcurrency": { + "type": "integer", + "description": "The maximum number of concurrent requests that an instance processes. If the number of concurrent requests exceeds this limit, App Runner scales the service up to use more instances to process the requests." + }, + "maxSize": { + "type": "integer", + "description": "The maximum number of instances that an App Runner service scales up to. At most MaxSize instances actively serve traffic for your service." + }, + "minSize": { + "type": "integer", + "description": "The minimum number of instances that App Runner provisions for a service. The service always has at least MinSize provisioned instances. Some of them actively serve traffic. The rest of them (provisioned and inactive instances) are a cost-effective compute capacity reserve and are ready to be quickly activated. You pay for memory usage of all the provisioned instances. You pay for CPU usage of only the active subset." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of metadata items that you can associate with your auto scaling configuration resource. A tag is a key-value pair." + } + }, + "outputs": { + "autoScalingConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of this auto scaling configuration." + }, + "autoScalingConfigurationName": { + "type": "string", + "description": "The customer-provided auto scaling configuration name. When you use it for the first time in an AWS Region, App Runner creates revision number 1 of this name. When you use the same name in subsequent calls, App Runner creates incremental revisions of the configuration. The auto scaling configuration name can be used in multiple revisions of a configuration.", + "replaceOnChanges": true + }, + "autoScalingConfigurationRevision": { + "type": "integer", + "description": "The revision of this auto scaling configuration. It's unique among all the active configurations (\"Status\": \"ACTIVE\") that share the same AutoScalingConfigurationName." + }, + "latest": { + "type": "boolean", + "description": "It's set to true for the configuration with the highest Revision among all configurations that share the same AutoScalingConfigurationName. It's set to false otherwise. App Runner temporarily doubles the number of provisioned instances during deployments, to maintain the same capacity for both old and new code." + }, + "maxConcurrency": { + "type": "integer", + "description": "The maximum number of concurrent requests that an instance processes. If the number of concurrent requests exceeds this limit, App Runner scales the service up to use more instances to process the requests.", + "replaceOnChanges": true + }, + "maxSize": { + "type": "integer", + "description": "The maximum number of instances that an App Runner service scales up to. At most MaxSize instances actively serve traffic for your service.", + "replaceOnChanges": true + }, + "minSize": { + "type": "integer", + "description": "The minimum number of instances that App Runner provisions for a service. The service always has at least MinSize provisioned instances. Some of them actively serve traffic. The rest of them (provisioned and inactive instances) are a cost-effective compute capacity reserve and are ready to be quickly activated. You pay for memory usage of all the provisioned instances. You pay for CPU usage of only the active subset.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of metadata items that you can associate with your auto scaling configuration resource. A tag is a key-value pair.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "autoScalingConfigurationName", + "minLength": 4, + "maxLength": 32 + }, + "createOnly": [ + "autoScalingConfigurationName", + "maxConcurrency", + "maxSize", + "minSize", + "tags" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:apprunner:ObservabilityConfiguration": { + "cf": "AWS::AppRunner::ObservabilityConfiguration", + "inputs": { + "observabilityConfigurationName": { + "type": "string", + "description": "A name for the observability configuration. When you use it for the first time in an AWS Region, App Runner creates revision number 1 of this name. When you use the same name in subsequent calls, App Runner creates incremental revisions of the configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of metadata items that you can associate with your observability configuration resource. A tag is a key-value pair." + }, + "traceConfiguration": { + "$ref": "#/types/aws-native:apprunner:ObservabilityConfigurationTraceConfiguration", + "description": "The configuration of the tracing feature within this observability configuration. If you don't specify it, App Runner doesn't enable tracing." + } + }, + "outputs": { + "latest": { + "type": "boolean", + "description": "It's set to true for the configuration with the highest Revision among all configurations that share the same Name. It's set to false otherwise." + }, + "observabilityConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of this ObservabilityConfiguration" + }, + "observabilityConfigurationName": { + "type": "string", + "description": "A name for the observability configuration. When you use it for the first time in an AWS Region, App Runner creates revision number 1 of this name. When you use the same name in subsequent calls, App Runner creates incremental revisions of the configuration.", + "replaceOnChanges": true + }, + "observabilityConfigurationRevision": { + "type": "integer", + "description": "The revision of this observability configuration. It's unique among all the active configurations ('Status': 'ACTIVE') that share the same ObservabilityConfigurationName." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of metadata items that you can associate with your observability configuration resource. A tag is a key-value pair.", + "replaceOnChanges": true + }, + "traceConfiguration": { + "$ref": "#/types/aws-native:apprunner:ObservabilityConfigurationTraceConfiguration", + "description": "The configuration of the tracing feature within this observability configuration. If you don't specify it, App Runner doesn't enable tracing.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "observabilityConfigurationName", + "minLength": 4, + "maxLength": 32 + }, + "createOnly": [ + "observabilityConfigurationName", + "tags", + "traceConfiguration" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:apprunner:Service": { + "cf": "AWS::AppRunner::Service", + "inputs": { + "autoScalingConfigurationArn": { + "type": "string", + "description": "Autoscaling configuration ARN" + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceEncryptionConfiguration", + "description": "An optional custom encryption key that App Runner uses to encrypt the copy of your source repository that it maintains and your service logs. By default, App Runner uses an AWS managed key ." + }, + "healthCheckConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceHealthCheckConfiguration", + "description": "The settings for the health check that AWS App Runner performs to monitor the health of the App Runner service." + }, + "instanceConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceInstanceConfiguration", + "description": "The runtime configuration of instances (scaling units) of your service." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceNetworkConfiguration", + "description": "Configuration settings related to network traffic of the web application that the App Runner service runs." + }, + "observabilityConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceObservabilityConfiguration", + "description": "The observability configuration of your service." + }, + "serviceName": { + "type": "string", + "description": "The AppRunner Service Name." + }, + "sourceConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceSourceConfiguration", + "description": "The source to deploy to the App Runner service. It can be a code or an image repository." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An optional list of metadata items that you can associate with the App Runner service resource. A tag is a key-value pair." + } + }, + "outputs": { + "autoScalingConfigurationArn": { + "type": "string", + "description": "Autoscaling configuration ARN" + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceEncryptionConfiguration", + "description": "An optional custom encryption key that App Runner uses to encrypt the copy of your source repository that it maintains and your service logs. By default, App Runner uses an AWS managed key .", + "replaceOnChanges": true + }, + "healthCheckConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceHealthCheckConfiguration", + "description": "The settings for the health check that AWS App Runner performs to monitor the health of the App Runner service." + }, + "instanceConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceInstanceConfiguration", + "description": "The runtime configuration of instances (scaling units) of your service." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceNetworkConfiguration", + "description": "Configuration settings related to network traffic of the web application that the App Runner service runs." + }, + "observabilityConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceObservabilityConfiguration", + "description": "The observability configuration of your service." + }, + "serviceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AppRunner Service." + }, + "serviceId": { + "type": "string", + "description": "The AppRunner Service Id" + }, + "serviceName": { + "type": "string", + "description": "The AppRunner Service Name.", + "replaceOnChanges": true + }, + "serviceUrl": { + "type": "string", + "description": "The Service Url of the AppRunner Service." + }, + "sourceConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceSourceConfiguration", + "description": "The source to deploy to the App Runner service. It can be a code or an image repository." + }, + "status": { + "type": "string", + "description": "AppRunner Service status." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An optional list of metadata items that you can associate with the App Runner service resource. A tag is a key-value pair.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "serviceName", + "minLength": 4, + "maxLength": 40 + }, + "required": [ + "sourceConfiguration" + ], + "createOnly": [ + "encryptionConfiguration", + "serviceName", + "tags" + ], + "writeOnly": [ + "autoScalingConfigurationArn", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:apprunner:VpcConnector": { + "cf": "AWS::AppRunner::VpcConnector", + "inputs": { + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair." + }, + "vpcConnectorName": { + "type": "string", + "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector." + } + }, + "outputs": { + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", + "replaceOnChanges": true + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.", + "replaceOnChanges": true + }, + "vpcConnectorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of this VPC connector." + }, + "vpcConnectorName": { + "type": "string", + "description": "A name for the VPC connector. If you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", + "replaceOnChanges": true + }, + "vpcConnectorRevision": { + "type": "integer", + "description": "The revision of this VPC connector. It's unique among all the active connectors (\"Status\": \"ACTIVE\") that share the same Name." + } + }, + "autoNamingSpec": { + "sdkName": "vpcConnectorName", + "minLength": 4, + "maxLength": 40 + }, + "required": [ + "subnets" + ], + "createOnly": [ + "securityGroups", + "subnets", + "tags", + "vpcConnectorName" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:apprunner:VpcIngressConnection": { + "cf": "AWS::AppRunner::VpcIngressConnection", + "inputs": { + "ingressVpcConfiguration": { + "$ref": "#/types/aws-native:apprunner:VpcIngressConnectionIngressVpcConfiguration", + "description": "Specifications for the customer’s Amazon VPC and the related AWS PrivateLink VPC endpoint that are used to create the VPC Ingress Connection resource." + }, + "serviceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An optional list of metadata items that you can associate with the VPC Ingress Connection resource. A tag is a key-value pair." + }, + "vpcIngressConnectionName": { + "type": "string", + "description": "The customer-provided Vpc Ingress Connection name." + } + }, + "outputs": { + "domainName": { + "type": "string", + "description": "The Domain name associated with the VPC Ingress Connection." + }, + "ingressVpcConfiguration": { + "$ref": "#/types/aws-native:apprunner:VpcIngressConnectionIngressVpcConfiguration", + "description": "Specifications for the customer’s Amazon VPC and the related AWS PrivateLink VPC endpoint that are used to create the VPC Ingress Connection resource." + }, + "serviceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:apprunner:VpcIngressConnectionStatus", + "description": "The current status of the VpcIngressConnection." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An optional list of metadata items that you can associate with the VPC Ingress Connection resource. A tag is a key-value pair.", + "replaceOnChanges": true + }, + "vpcIngressConnectionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the VpcIngressConnection." + }, + "vpcIngressConnectionName": { + "type": "string", + "description": "The customer-provided Vpc Ingress Connection name.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "vpcIngressConnectionName", + "minLength": 4, + "maxLength": 40 + }, + "required": [ + "ingressVpcConfiguration", + "serviceArn" + ], + "createOnly": [ + "serviceArn", + "tags", + "vpcIngressConnectionName" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:appstream:AppBlock": { + "cf": "AWS::AppStream::AppBlock", + "inputs": { + "description": { + "type": "string", + "description": "The description of the app block." + }, + "displayName": { + "type": "string", + "description": "The display name of the app block." + }, + "name": { + "type": "string", + "description": "The name of the app block.\n\n*Pattern* : `^[a-zA-Z0-9][a-zA-Z0-9_.-]{0,100}$`" + }, + "packagingType": { + "type": "string", + "description": "The packaging type of the app block." + }, + "postSetupScriptDetails": { + "$ref": "#/types/aws-native:appstream:AppBlockScriptDetails", + "description": "The post setup script details of the app block." + }, + "setupScriptDetails": { + "$ref": "#/types/aws-native:appstream:AppBlockScriptDetails", + "description": "The setup script details of the app block." + }, + "sourceS3Location": { + "$ref": "#/types/aws-native:appstream:AppBlockS3Location", + "description": "The source S3 location of the app block." + }, + "tags": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:appstream:AppBlockTag0Properties" + }, + { + "$ref": "#/types/aws-native:appstream:AppBlockTag1Properties" + } + ] + }, + "description": "The tags of the app block." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the app block." + }, + "createdTime": { + "type": "string", + "description": "The time when the app block was created." + }, + "description": { + "type": "string", + "description": "The description of the app block.", + "replaceOnChanges": true + }, + "displayName": { + "type": "string", + "description": "The display name of the app block.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the app block.\n\n*Pattern* : `^[a-zA-Z0-9][a-zA-Z0-9_.-]{0,100}$`", + "replaceOnChanges": true + }, + "packagingType": { + "type": "string", + "description": "The packaging type of the app block.", + "replaceOnChanges": true + }, + "postSetupScriptDetails": { + "$ref": "#/types/aws-native:appstream:AppBlockScriptDetails", + "description": "The post setup script details of the app block.", + "replaceOnChanges": true + }, + "setupScriptDetails": { + "$ref": "#/types/aws-native:appstream:AppBlockScriptDetails", + "description": "The setup script details of the app block.", + "replaceOnChanges": true + }, + "sourceS3Location": { + "$ref": "#/types/aws-native:appstream:AppBlockS3Location", + "description": "The source S3 location of the app block.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:appstream:AppBlockTag0Properties" + }, + { + "$ref": "#/types/aws-native:appstream:AppBlockTag1Properties" + } + ] + }, + "description": "The tags of the app block." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "sourceS3Location" + ], + "createOnly": [ + "description", + "displayName", + "name", + "packagingType", + "postSetupScriptDetails", + "setupScriptDetails", + "sourceS3Location" + ], + "writeOnly": [ + "tags" + ], + "irreversibleNames": { + "sourceS3Location": "SourceS3Location" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayWithAlternateType" + }, + "aws-native:appstream:AppBlockBuilder": { + "cf": "AWS::AppStream::AppBlockBuilder", + "inputs": { + "accessEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appstream:AppBlockBuilderAccessEndpoint" + }, + "description": "The access endpoints of the app block builder." + }, + "appBlockArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARN of the app block.\n\n*Maximum* : `1`" + }, + "description": { + "type": "string", + "description": "The description of the app block builder." + }, + "displayName": { + "type": "string", + "description": "The display name of the app block builder." + }, + "enableDefaultInternetAccess": { + "type": "boolean", + "description": "Indicates whether default internet access is enabled for the app block builder." + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the IAM role that is applied to the app block builder." + }, + "instanceType": { + "type": "string", + "description": "The instance type of the app block builder." + }, + "name": { + "type": "string", + "description": "The name of the app block builder." + }, + "platform": { + "type": "string", + "description": "The platform of the app block builder.\n\n*Allowed values* : `WINDOWS_SERVER_2019`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of the app block builder." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:appstream:AppBlockBuilderVpcConfig", + "description": "The VPC configuration for the app block builder." + } + }, + "outputs": { + "accessEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appstream:AppBlockBuilderAccessEndpoint" + }, + "description": "The access endpoints of the app block builder." + }, + "appBlockArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARN of the app block.\n\n*Maximum* : `1`" + }, + "arn": { + "type": "string", + "description": "The ARN of the app block builder." + }, + "createdTime": { + "type": "string", + "description": "The time when the app block builder was created." + }, + "description": { + "type": "string", + "description": "The description of the app block builder." + }, + "displayName": { + "type": "string", + "description": "The display name of the app block builder." + }, + "enableDefaultInternetAccess": { + "type": "boolean", + "description": "Indicates whether default internet access is enabled for the app block builder." + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the IAM role that is applied to the app block builder." + }, + "instanceType": { + "type": "string", + "description": "The instance type of the app block builder." + }, + "name": { + "type": "string", + "description": "The name of the app block builder.", + "replaceOnChanges": true + }, + "platform": { + "type": "string", + "description": "The platform of the app block builder.\n\n*Allowed values* : `WINDOWS_SERVER_2019`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of the app block builder." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:appstream:AppBlockBuilderVpcConfig", + "description": "The VPC configuration for the app block builder." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "instanceType", + "platform", + "vpcConfig" + ], + "createOnly": [ + "name" + ], + "writeOnly": [ + "appBlockArns", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:appstream:Application": { + "cf": "AWS::AppStream::Application", + "inputs": { + "appBlockArn": { + "type": "string", + "description": "The app block ARN with which the application should be associated." + }, + "attributesToDelete": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of attributes to delete from an application." + }, + "description": { + "type": "string", + "description": "The description of the application." + }, + "displayName": { + "type": "string", + "description": "The display name of the application. This name is visible to users in the application catalog." + }, + "iconS3Location": { + "$ref": "#/types/aws-native:appstream:ApplicationS3Location", + "description": "The icon S3 location of the application." + }, + "instanceFamilies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance families the application supports.\n\n*Allowed Values* : `GENERAL_PURPOSE` | `GRAPHICS_G4`" + }, + "launchParameters": { + "type": "string", + "description": "The launch parameters of the application." + }, + "launchPath": { + "type": "string", + "description": "The launch path of the application." + }, + "name": { + "type": "string", + "description": "The name of the application. This name is visible to users when a name is not specified in the DisplayName property.\n\n*Pattern* : `^[a-zA-Z0-9][a-zA-Z0-9_.-]{0,100}$`" + }, + "platforms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The platforms the application supports.\n\n*Allowed Values* : `WINDOWS_SERVER_2019` | `AMAZON_LINUX2`" + }, + "tags": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:appstream:ApplicationTag0Properties" + }, + { + "$ref": "#/types/aws-native:appstream:ApplicationTag1Properties" + } + ] + }, + "description": "The tags of the application." + }, + "workingDirectory": { + "type": "string", + "description": "The working directory of the application." + } + }, + "outputs": { + "appBlockArn": { + "type": "string", + "description": "The app block ARN with which the application should be associated." + }, + "arn": { + "type": "string", + "description": "The ARN of the application." + }, + "attributesToDelete": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of attributes to delete from an application." + }, + "createdTime": { + "type": "string", + "description": "The time when the application was created." + }, + "description": { + "type": "string", + "description": "The description of the application." + }, + "displayName": { + "type": "string", + "description": "The display name of the application. This name is visible to users in the application catalog." + }, + "iconS3Location": { + "$ref": "#/types/aws-native:appstream:ApplicationS3Location", + "description": "The icon S3 location of the application." + }, + "instanceFamilies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance families the application supports.\n\n*Allowed Values* : `GENERAL_PURPOSE` | `GRAPHICS_G4`", + "replaceOnChanges": true + }, + "launchParameters": { + "type": "string", + "description": "The launch parameters of the application." + }, + "launchPath": { + "type": "string", + "description": "The launch path of the application." + }, + "name": { + "type": "string", + "description": "The name of the application. This name is visible to users when a name is not specified in the DisplayName property.\n\n*Pattern* : `^[a-zA-Z0-9][a-zA-Z0-9_.-]{0,100}$`", + "replaceOnChanges": true + }, + "platforms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The platforms the application supports.\n\n*Allowed Values* : `WINDOWS_SERVER_2019` | `AMAZON_LINUX2`", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:appstream:ApplicationTag0Properties" + }, + { + "$ref": "#/types/aws-native:appstream:ApplicationTag1Properties" + } + ] + }, + "description": "The tags of the application." + }, + "workingDirectory": { + "type": "string", + "description": "The working directory of the application." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "appBlockArn", + "iconS3Location", + "instanceFamilies", + "launchPath", + "platforms" + ], + "createOnly": [ + "instanceFamilies", + "name", + "platforms" + ], + "writeOnly": [ + "attributesToDelete", + "tags" + ], + "irreversibleNames": { + "iconS3Location": "IconS3Location" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayWithAlternateType" + }, + "aws-native:appstream:ApplicationEntitlementAssociation": { + "cf": "AWS::AppStream::ApplicationEntitlementAssociation", + "inputs": { + "applicationIdentifier": { + "type": "string", + "description": "The identifier of the application." + }, + "entitlementName": { + "type": "string", + "description": "The name of the entitlement." + }, + "stackName": { + "type": "string", + "description": "The name of the stack." + } + }, + "outputs": { + "applicationIdentifier": { + "type": "string", + "description": "The identifier of the application.", + "replaceOnChanges": true + }, + "entitlementName": { + "type": "string", + "description": "The name of the entitlement.", + "replaceOnChanges": true + }, + "stackName": { + "type": "string", + "description": "The name of the stack.", + "replaceOnChanges": true + } + }, + "required": [ + "applicationIdentifier", + "entitlementName", + "stackName" + ], + "createOnly": [ + "applicationIdentifier", + "entitlementName", + "stackName" + ] + }, + "aws-native:appstream:ApplicationFleetAssociation": { + "cf": "AWS::AppStream::ApplicationFleetAssociation", + "inputs": { + "applicationArn": { + "type": "string", + "description": "The ARN of the application." + }, + "fleetName": { + "type": "string", + "description": "The name of the fleet." + } + }, + "outputs": { + "applicationArn": { + "type": "string", + "description": "The ARN of the application.", + "replaceOnChanges": true + }, + "fleetName": { + "type": "string", + "description": "The name of the fleet.", + "replaceOnChanges": true + } + }, + "required": [ + "applicationArn", + "fleetName" + ], + "createOnly": [ + "applicationArn", + "fleetName" + ] + }, + "aws-native:appstream:DirectoryConfig": { + "cf": "AWS::AppStream::DirectoryConfig", + "inputs": { + "certificateBasedAuthProperties": { + "$ref": "#/types/aws-native:appstream:DirectoryConfigCertificateBasedAuthProperties", + "description": "The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances." + }, + "directoryName": { + "type": "string", + "description": "The fully qualified name of the directory (for example, corp.example.com)." + }, + "organizationalUnitDistinguishedNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The distinguished names of the organizational units for computer accounts." + }, + "serviceAccountCredentials": { + "$ref": "#/types/aws-native:appstream:DirectoryConfigServiceAccountCredentials", + "description": "The credentials for the service account used by the streaming instance to connect to the directory. Do not use this parameter directly. Use `ServiceAccountCredentials` as an input parameter with `noEcho` as shown in the [Parameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html) . For best practices information, see [Do Not Embed Credentials in Your Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) ." + } + }, + "outputs": { + "certificateBasedAuthProperties": { + "$ref": "#/types/aws-native:appstream:DirectoryConfigCertificateBasedAuthProperties", + "description": "The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances." + }, + "directoryName": { + "type": "string", + "description": "The fully qualified name of the directory (for example, corp.example.com).", + "replaceOnChanges": true + }, + "organizationalUnitDistinguishedNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The distinguished names of the organizational units for computer accounts." + }, + "serviceAccountCredentials": { + "$ref": "#/types/aws-native:appstream:DirectoryConfigServiceAccountCredentials", + "description": "The credentials for the service account used by the streaming instance to connect to the directory. Do not use this parameter directly. Use `ServiceAccountCredentials` as an input parameter with `noEcho` as shown in the [Parameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html) . For best practices information, see [Do Not Embed Credentials in Your Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) ." + } + }, + "required": [ + "directoryName", + "organizationalUnitDistinguishedNames", + "serviceAccountCredentials" + ], + "createOnly": [ + "directoryName" + ], + "writeOnly": [ + "serviceAccountCredentials/AccountPassword" + ] + }, + "aws-native:appstream:Entitlement": { + "cf": "AWS::AppStream::Entitlement", + "inputs": { + "appVisibility": { + "type": "string", + "description": "Specifies whether to entitle all apps or only selected apps." + }, + "attributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appstream:EntitlementAttribute" + }, + "description": "The attributes of the entitlement." + }, + "description": { + "type": "string", + "description": "The description of the entitlement." + }, + "name": { + "type": "string", + "description": "The name of the entitlement." + }, + "stackName": { + "type": "string", + "description": "The name of the stack." + } + }, + "outputs": { + "appVisibility": { + "type": "string", + "description": "Specifies whether to entitle all apps or only selected apps." + }, + "attributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appstream:EntitlementAttribute" + }, + "description": "The attributes of the entitlement." + }, + "createdTime": { + "type": "string", + "description": "The time when the entitlement was created." + }, + "description": { + "type": "string", + "description": "The description of the entitlement." + }, + "lastModifiedTime": { + "type": "string", + "description": "The time when the entitlement was last modified." + }, + "name": { + "type": "string", + "description": "The name of the entitlement.", + "replaceOnChanges": true + }, + "stackName": { + "type": "string", + "description": "The name of the stack.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "appVisibility", + "attributes", + "stackName" + ], + "createOnly": [ + "name", + "stackName" + ] + }, + "aws-native:appstream:ImageBuilder": { + "cf": "AWS::AppStream::ImageBuilder", + "inputs": { + "accessEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appstream:ImageBuilderAccessEndpoint" + }, + "description": "The list of virtual private cloud (VPC) interface endpoint objects. Administrators can connect to the image builder only through the specified endpoints." + }, + "appstreamAgentVersion": { + "type": "string", + "description": "The version of the AppStream 2.0 agent to use for this image builder. To use the latest version of the AppStream 2.0 agent, specify [LATEST]." + }, + "description": { + "type": "string", + "description": "The description to display." + }, + "displayName": { + "type": "string", + "description": "The image builder name to display." + }, + "domainJoinInfo": { + "$ref": "#/types/aws-native:appstream:ImageBuilderDomainJoinInfo", + "description": "The name of the directory and organizational unit (OU) to use to join the image builder to a Microsoft Active Directory domain." + }, + "enableDefaultInternetAccess": { + "type": "boolean", + "description": "Enables or disables default internet access for the image builder." + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the IAM role that is applied to the image builder. To assume a role, the image builder calls the AWS Security Token Service `AssumeRole` API operation and passes the ARN of the role to use. The operation creates a new session with temporary credentials. AppStream 2.0 retrieves the temporary credentials and creates the *appstream_machine_role* credential profile on the instance.\n\nFor more information, see [Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances](https://docs.aws.amazon.com/appstream2/latest/developerguide/using-iam-roles-to-grant-permissions-to-applications-scripts-streaming-instances.html) in the *Amazon AppStream 2.0 Administration Guide* ." + }, + "imageArn": { + "type": "string", + "description": "The ARN of the public, private, or shared image to use." + }, + "imageName": { + "type": "string", + "description": "The name of the image used to create the image builder." + }, + "instanceType": { + "type": "string", + "description": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge" + }, + "name": { + "type": "string", + "description": "A unique name for the image builder." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:appstream:ImageBuilderVpcConfig", + "description": "The VPC configuration for the image builder. You can specify only one subnet." + } + }, + "outputs": { + "accessEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appstream:ImageBuilderAccessEndpoint" + }, + "description": "The list of virtual private cloud (VPC) interface endpoint objects. Administrators can connect to the image builder only through the specified endpoints." + }, + "appstreamAgentVersion": { + "type": "string", + "description": "The version of the AppStream 2.0 agent to use for this image builder. To use the latest version of the AppStream 2.0 agent, specify [LATEST]." + }, + "description": { + "type": "string", + "description": "The description to display." + }, + "displayName": { + "type": "string", + "description": "The image builder name to display." + }, + "domainJoinInfo": { + "$ref": "#/types/aws-native:appstream:ImageBuilderDomainJoinInfo", + "description": "The name of the directory and organizational unit (OU) to use to join the image builder to a Microsoft Active Directory domain." + }, + "enableDefaultInternetAccess": { + "type": "boolean", + "description": "Enables or disables default internet access for the image builder." + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the IAM role that is applied to the image builder. To assume a role, the image builder calls the AWS Security Token Service `AssumeRole` API operation and passes the ARN of the role to use. The operation creates a new session with temporary credentials. AppStream 2.0 retrieves the temporary credentials and creates the *appstream_machine_role* credential profile on the instance.\n\nFor more information, see [Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances](https://docs.aws.amazon.com/appstream2/latest/developerguide/using-iam-roles-to-grant-permissions-to-applications-scripts-streaming-instances.html) in the *Amazon AppStream 2.0 Administration Guide* ." + }, + "imageArn": { + "type": "string", + "description": "The ARN of the public, private, or shared image to use." + }, + "imageName": { + "type": "string", + "description": "The name of the image used to create the image builder." + }, + "instanceType": { + "type": "string", + "description": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge" + }, + "name": { + "type": "string", + "description": "A unique name for the image builder." + }, + "streamingUrl": { + "type": "string", + "description": "The URL to start an image builder streaming session, returned as a string." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:appstream:ImageBuilderVpcConfig", + "description": "The VPC configuration for the image builder. You can specify only one subnet." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "instanceType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:appsync:DomainName": { + "cf": "AWS::AppSync::DomainName", + "inputs": { + "certificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the certificate. This will be an AWS Certificate Manager certificate." + }, + "description": { + "type": "string", + "description": "The decription for your domain name." + }, + "domainName": { + "type": "string", + "description": "The domain name.", + "language": { + "csharp": { + "name": "DomainNameValue" + } + } + } + }, + "outputs": { + "appSyncDomainName": { + "type": "string", + "description": "The domain name provided by AWS AppSync ." + }, + "certificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the certificate. This will be an AWS Certificate Manager certificate.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The decription for your domain name." + }, + "domainName": { + "type": "string", + "description": "The domain name.", + "language": { + "csharp": { + "name": "DomainNameValue" + } + }, + "replaceOnChanges": true + }, + "hostedZoneId": { + "type": "string", + "description": "The ID of your Amazon Route 53 hosted zone." + } + }, + "required": [ + "certificateArn", + "domainName" + ], + "createOnly": [ + "certificateArn", + "domainName" + ] + }, + "aws-native:appsync:DomainNameApiAssociation": { + "cf": "AWS::AppSync::DomainNameApiAssociation", + "inputs": { + "apiId": { + "type": "string", + "description": "The API ID." + }, + "domainName": { + "type": "string", + "description": "The domain name." + } + }, + "outputs": { + "apiAssociationIdentifier": { + "type": "string" + }, + "apiId": { + "type": "string", + "description": "The API ID." + }, + "domainName": { + "type": "string", + "description": "The domain name.", + "replaceOnChanges": true + } + }, + "required": [ + "apiId", + "domainName" + ], + "createOnly": [ + "domainName" + ] + }, + "aws-native:appsync:FunctionConfiguration": { + "cf": "AWS::AppSync::FunctionConfiguration", + "inputs": { + "apiId": { + "type": "string", + "description": "The AWS AppSync GraphQL API that you want to attach using this function." + }, + "code": { + "type": "string", + "description": "The resolver code that contains the request and response functions. When code is used, the runtime is required. The runtime value must be APPSYNC_JS." + }, + "codeS3Location": { + "type": "string", + "description": "The Amazon S3 endpoint (where the code is located??)." + }, + "dataSourceName": { + "type": "string", + "description": "The name of data source this function will attach." + }, + "description": { + "type": "string", + "description": "The function description." + }, + "functionVersion": { + "type": "string", + "description": "The version of the request mapping template. Currently, only the 2018-05-29 version of the template is supported." + }, + "maxBatchSize": { + "type": "integer", + "description": "The maximum number of resolver request inputs that will be sent to a single AWS Lambda function in a BatchInvoke operation." + }, + "name": { + "type": "string", + "description": "The name of the function." + }, + "requestMappingTemplate": { + "type": "string", + "description": "The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template." + }, + "requestMappingTemplateS3Location": { + "type": "string", + "description": "Describes a Sync configuration for a resolver. Contains information on which Conflict Detection, as well as Resolution strategy, should be performed when the resolver is invoked." + }, + "responseMappingTemplate": { + "type": "string", + "description": "The Function response mapping template." + }, + "responseMappingTemplateS3Location": { + "type": "string", + "description": "The location of a response mapping template in an Amazon S3 bucket. Use this if you want to provision with a template file in Amazon S3 rather than embedding it in your CloudFormation template." + }, + "runtime": { + "$ref": "#/types/aws-native:appsync:FunctionConfigurationAppSyncRuntime", + "description": "Describes a runtime used by an AWS AppSync pipeline resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified." + }, + "syncConfig": { + "$ref": "#/types/aws-native:appsync:FunctionConfigurationSyncConfig", + "description": "Describes a Sync configuration for a resolver. Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked." + } + }, + "outputs": { + "apiId": { + "type": "string", + "description": "The AWS AppSync GraphQL API that you want to attach using this function.", + "replaceOnChanges": true + }, + "code": { + "type": "string", + "description": "The resolver code that contains the request and response functions. When code is used, the runtime is required. The runtime value must be APPSYNC_JS." + }, + "codeS3Location": { + "type": "string", + "description": "The Amazon S3 endpoint (where the code is located??)." + }, + "dataSourceName": { + "type": "string", + "description": "The name of data source this function will attach." + }, + "description": { + "type": "string", + "description": "The function description." + }, + "functionArn": { + "type": "string", + "description": "The ARN for the function generated by the service" + }, + "functionId": { + "type": "string", + "description": "The unique identifier for the function generated by the service" + }, + "functionVersion": { + "type": "string", + "description": "The version of the request mapping template. Currently, only the 2018-05-29 version of the template is supported." + }, + "maxBatchSize": { + "type": "integer", + "description": "The maximum number of resolver request inputs that will be sent to a single AWS Lambda function in a BatchInvoke operation." + }, + "name": { + "type": "string", + "description": "The name of the function." + }, + "requestMappingTemplate": { + "type": "string", + "description": "The Function request mapping template. Functions support only the 2018-05-29 version of the request mapping template." + }, + "requestMappingTemplateS3Location": { + "type": "string", + "description": "Describes a Sync configuration for a resolver. Contains information on which Conflict Detection, as well as Resolution strategy, should be performed when the resolver is invoked." + }, + "responseMappingTemplate": { + "type": "string", + "description": "The Function response mapping template." + }, + "responseMappingTemplateS3Location": { + "type": "string", + "description": "The location of a response mapping template in an Amazon S3 bucket. Use this if you want to provision with a template file in Amazon S3 rather than embedding it in your CloudFormation template." + }, + "runtime": { + "$ref": "#/types/aws-native:appsync:FunctionConfigurationAppSyncRuntime", + "description": "Describes a runtime used by an AWS AppSync pipeline resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified." + }, + "syncConfig": { + "$ref": "#/types/aws-native:appsync:FunctionConfigurationSyncConfig", + "description": "Describes a Sync configuration for a resolver. Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "apiId", + "dataSourceName" + ], + "createOnly": [ + "apiId" + ], + "writeOnly": [ + "codeS3Location", + "requestMappingTemplateS3Location", + "responseMappingTemplateS3Location" + ], + "irreversibleNames": { + "codeS3Location": "CodeS3Location", + "requestMappingTemplateS3Location": "RequestMappingTemplateS3Location", + "responseMappingTemplateS3Location": "ResponseMappingTemplateS3Location" + } + }, + "aws-native:appsync:Resolver": { + "cf": "AWS::AppSync::Resolver", + "inputs": { + "apiId": { + "type": "string", + "description": "The APSYlong GraphQL API to which you want to attach this resolver." + }, + "cachingConfig": { + "$ref": "#/types/aws-native:appsync:ResolverCachingConfig", + "description": "The caching configuration for the resolver." + }, + "code": { + "type": "string", + "description": "The ``resolver`` code that contains the request and response functions. When code is used, the ``runtime`` is required. The runtime value must be ``APPSYNC_JS``." + }, + "codeS3Location": { + "type": "string", + "description": "The Amazon S3 endpoint." + }, + "dataSourceName": { + "type": "string", + "description": "The resolver data source name." + }, + "fieldName": { + "type": "string", + "description": "The GraphQL field on a type that invokes the resolver." + }, + "kind": { + "type": "string", + "description": "The resolver type.\n + *UNIT*: A UNIT resolver type. A UNIT resolver is the default resolver type. You can use a UNIT resolver to run a GraphQL query against a single data source.\n + *PIPELINE*: A PIPELINE resolver type. You can use a PIPELINE resolver to invoke a series of ``Function`` objects in a serial manner. You can use a pipeline resolver to run a GraphQL query against multiple data sources." + }, + "maxBatchSize": { + "type": "integer", + "description": "The maximum number of resolver request inputs that will be sent to a single LAMlong function in a ``BatchInvoke`` operation." + }, + "metricsConfig": { + "$ref": "#/types/aws-native:appsync:ResolverMetricsConfig", + "description": "Enables or disables enhanced resolver metrics for specified resolvers. Note that ``MetricsConfig`` won't be used unless the ``resolverLevelMetricsBehavior`` value is set to ``PER_RESOLVER_METRICS``. If the ``resolverLevelMetricsBehavior`` is set to ``FULL_REQUEST_RESOLVER_METRICS`` instead, ``MetricsConfig`` will be ignored. However, you can still set its value." + }, + "pipelineConfig": { + "$ref": "#/types/aws-native:appsync:ResolverPipelineConfig", + "description": "Functions linked with the pipeline resolver." + }, + "requestMappingTemplate": { + "type": "string", + "description": "The request mapping template.\n Request mapping templates are optional when using a Lambda data source. For all other data sources, a request mapping template is required." + }, + "requestMappingTemplateS3Location": { + "type": "string", + "description": "The location of a request mapping template in an S3 bucket. Use this if you want to provision with a template file in S3 rather than embedding it in your CFNshort template." + }, + "responseMappingTemplate": { + "type": "string", + "description": "The response mapping template." + }, + "responseMappingTemplateS3Location": { + "type": "string", + "description": "The location of a response mapping template in an S3 bucket. Use this if you want to provision with a template file in S3 rather than embedding it in your CFNshort template." + }, + "runtime": { + "$ref": "#/types/aws-native:appsync:ResolverAppSyncRuntime", + "description": "Describes a runtime used by an APSYlong resolver or APSYlong function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified." + }, + "syncConfig": { + "$ref": "#/types/aws-native:appsync:ResolverSyncConfig", + "description": "The ``SyncConfig`` for a resolver attached to a versioned data source." + }, + "typeName": { + "type": "string", + "description": "The GraphQL type that invokes this resolver." + } + }, + "outputs": { + "apiId": { + "type": "string", + "description": "The APSYlong GraphQL API to which you want to attach this resolver.", + "replaceOnChanges": true + }, + "cachingConfig": { + "$ref": "#/types/aws-native:appsync:ResolverCachingConfig", + "description": "The caching configuration for the resolver." + }, + "code": { + "type": "string", + "description": "The ``resolver`` code that contains the request and response functions. When code is used, the ``runtime`` is required. The runtime value must be ``APPSYNC_JS``." + }, + "codeS3Location": { + "type": "string", + "description": "The Amazon S3 endpoint." + }, + "dataSourceName": { + "type": "string", + "description": "The resolver data source name." + }, + "fieldName": { + "type": "string", + "description": "The GraphQL field on a type that invokes the resolver.", + "replaceOnChanges": true + }, + "kind": { + "type": "string", + "description": "The resolver type.\n + *UNIT*: A UNIT resolver type. A UNIT resolver is the default resolver type. You can use a UNIT resolver to run a GraphQL query against a single data source.\n + *PIPELINE*: A PIPELINE resolver type. You can use a PIPELINE resolver to invoke a series of ``Function`` objects in a serial manner. You can use a pipeline resolver to run a GraphQL query against multiple data sources." + }, + "maxBatchSize": { + "type": "integer", + "description": "The maximum number of resolver request inputs that will be sent to a single LAMlong function in a ``BatchInvoke`` operation." + }, + "metricsConfig": { + "$ref": "#/types/aws-native:appsync:ResolverMetricsConfig", + "description": "Enables or disables enhanced resolver metrics for specified resolvers. Note that ``MetricsConfig`` won't be used unless the ``resolverLevelMetricsBehavior`` value is set to ``PER_RESOLVER_METRICS``. If the ``resolverLevelMetricsBehavior`` is set to ``FULL_REQUEST_RESOLVER_METRICS`` instead, ``MetricsConfig`` will be ignored. However, you can still set its value." + }, + "pipelineConfig": { + "$ref": "#/types/aws-native:appsync:ResolverPipelineConfig", + "description": "Functions linked with the pipeline resolver." + }, + "requestMappingTemplate": { + "type": "string", + "description": "The request mapping template.\n Request mapping templates are optional when using a Lambda data source. For all other data sources, a request mapping template is required." + }, + "requestMappingTemplateS3Location": { + "type": "string", + "description": "The location of a request mapping template in an S3 bucket. Use this if you want to provision with a template file in S3 rather than embedding it in your CFNshort template." + }, + "resolverArn": { + "type": "string", + "description": "ARN of the resolver, such as `arn:aws:appsync:us-east-1:123456789012:apis/graphqlapiid/types/typename/resolvers/resolvername` ." + }, + "responseMappingTemplate": { + "type": "string", + "description": "The response mapping template." + }, + "responseMappingTemplateS3Location": { + "type": "string", + "description": "The location of a response mapping template in an S3 bucket. Use this if you want to provision with a template file in S3 rather than embedding it in your CFNshort template." + }, + "runtime": { + "$ref": "#/types/aws-native:appsync:ResolverAppSyncRuntime", + "description": "Describes a runtime used by an APSYlong resolver or APSYlong function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified." + }, + "syncConfig": { + "$ref": "#/types/aws-native:appsync:ResolverSyncConfig", + "description": "The ``SyncConfig`` for a resolver attached to a versioned data source." + }, + "typeName": { + "type": "string", + "description": "The GraphQL type that invokes this resolver.", + "replaceOnChanges": true + } + }, + "required": [ + "apiId", + "fieldName", + "typeName" + ], + "createOnly": [ + "apiId", + "fieldName", + "typeName" + ], + "writeOnly": [ + "codeS3Location", + "requestMappingTemplateS3Location", + "responseMappingTemplateS3Location" + ], + "irreversibleNames": { + "codeS3Location": "CodeS3Location", + "requestMappingTemplateS3Location": "RequestMappingTemplateS3Location", + "responseMappingTemplateS3Location": "ResponseMappingTemplateS3Location" + } + }, + "aws-native:appsync:SourceApiAssociation": { + "cf": "AWS::AppSync::SourceApiAssociation", + "inputs": { + "description": { + "type": "string", + "description": "Description of the SourceApiAssociation." + }, + "mergedApiIdentifier": { + "type": "string", + "description": "Identifier of the Merged GraphQLApi to associate. It could be either GraphQLApi ApiId or ARN" + }, + "sourceApiAssociationConfig": { + "$ref": "#/types/aws-native:appsync:SourceApiAssociationConfig", + "description": "Customized configuration for SourceApiAssociation." + }, + "sourceApiIdentifier": { + "type": "string", + "description": "Identifier of the Source GraphQLApi to associate. It could be either GraphQLApi ApiId or ARN" + } + }, + "outputs": { + "associationArn": { + "type": "string", + "description": "ARN of the SourceApiAssociation." + }, + "associationId": { + "type": "string", + "description": "Id of the SourceApiAssociation." + }, + "description": { + "type": "string", + "description": "Description of the SourceApiAssociation." + }, + "lastSuccessfulMergeDate": { + "type": "string", + "description": "Date of last schema successful merge." + }, + "mergedApiArn": { + "type": "string", + "description": "ARN of the Merged API in the association." + }, + "mergedApiId": { + "type": "string", + "description": "GraphQLApiId of the Merged API in the association." + }, + "mergedApiIdentifier": { + "type": "string", + "description": "Identifier of the Merged GraphQLApi to associate. It could be either GraphQLApi ApiId or ARN", + "replaceOnChanges": true + }, + "sourceApiArn": { + "type": "string", + "description": "ARN of the source API in the association." + }, + "sourceApiAssociationConfig": { + "$ref": "#/types/aws-native:appsync:SourceApiAssociationConfig", + "description": "Customized configuration for SourceApiAssociation." + }, + "sourceApiAssociationStatus": { + "$ref": "#/types/aws-native:appsync:SourceApiAssociationStatus", + "description": "Current status of SourceApiAssociation." + }, + "sourceApiAssociationStatusDetail": { + "type": "string", + "description": "Current SourceApiAssociation status details." + }, + "sourceApiId": { + "type": "string", + "description": "GraphQLApiId of the source API in the association." + }, + "sourceApiIdentifier": { + "type": "string", + "description": "Identifier of the Source GraphQLApi to associate. It could be either GraphQLApi ApiId or ARN", + "replaceOnChanges": true + } + }, + "createOnly": [ + "mergedApiIdentifier", + "sourceApiIdentifier" + ], + "writeOnly": [ + "mergedApiIdentifier", + "sourceApiIdentifier" + ] + }, + "aws-native:aps:RuleGroupsNamespace": { + "cf": "AWS::APS::RuleGroupsNamespace", + "inputs": { + "data": { + "type": "string", + "description": "The RuleGroupsNamespace data." + }, + "name": { + "type": "string", + "description": "The RuleGroupsNamespace name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "workspace": { + "type": "string", + "description": "Required to identify a specific APS Workspace associated with this RuleGroupsNamespace." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The RuleGroupsNamespace ARN." + }, + "data": { + "type": "string", + "description": "The RuleGroupsNamespace data." + }, + "name": { + "type": "string", + "description": "The RuleGroupsNamespace name.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "workspace": { + "type": "string", + "description": "Required to identify a specific APS Workspace associated with this RuleGroupsNamespace.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "data", + "workspace" + ], + "createOnly": [ + "name", + "workspace" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:aps:Scraper": { + "cf": "AWS::APS::Scraper", + "inputs": { + "alias": { + "type": "string", + "description": "Scraper alias." + }, + "destination": { + "$ref": "#/types/aws-native:aps:ScraperDestination", + "description": "The Amazon Managed Service for Prometheus workspace the scraper sends metrics to." + }, + "scrapeConfiguration": { + "$ref": "#/types/aws-native:aps:ScraperScrapeConfiguration", + "description": "The configuration in use by the scraper." + }, + "source": { + "$ref": "#/types/aws-native:aps:ScraperSource", + "description": "The Amazon EKS cluster from which the scraper collects metrics." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "alias": { + "type": "string", + "description": "Scraper alias.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "Scraper ARN." + }, + "destination": { + "$ref": "#/types/aws-native:aps:ScraperDestination", + "description": "The Amazon Managed Service for Prometheus workspace the scraper sends metrics to.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "IAM role ARN for the scraper." + }, + "scrapeConfiguration": { + "$ref": "#/types/aws-native:aps:ScraperScrapeConfiguration", + "description": "The configuration in use by the scraper.", + "replaceOnChanges": true + }, + "scraperId": { + "type": "string", + "description": "Required to identify a specific scraper." + }, + "source": { + "$ref": "#/types/aws-native:aps:ScraperSource", + "description": "The Amazon EKS cluster from which the scraper collects metrics.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "destination", + "scrapeConfiguration", + "source" + ], + "createOnly": [ + "alias", + "destination", + "scrapeConfiguration", + "source" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:aps:Workspace": { + "cf": "AWS::APS::Workspace", + "inputs": { + "alertManagerDefinition": { + "type": "string", + "description": "The AMP Workspace alert manager definition data" + }, + "alias": { + "type": "string", + "description": "AMP Workspace alias." + }, + "kmsKeyArn": { + "type": "string", + "description": "KMS Key ARN used to encrypt and decrypt AMP workspace data." + }, + "loggingConfiguration": { + "$ref": "#/types/aws-native:aps:WorkspaceLoggingConfiguration", + "description": "Contains information about the logging configuration for the workspace." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "alertManagerDefinition": { + "type": "string", + "description": "The AMP Workspace alert manager definition data" + }, + "alias": { + "type": "string", + "description": "AMP Workspace alias." + }, + "arn": { + "type": "string", + "description": "Workspace arn." + }, + "kmsKeyArn": { + "type": "string", + "description": "KMS Key ARN used to encrypt and decrypt AMP workspace data.", + "replaceOnChanges": true + }, + "loggingConfiguration": { + "$ref": "#/types/aws-native:aps:WorkspaceLoggingConfiguration", + "description": "Contains information about the logging configuration for the workspace." + }, + "prometheusEndpoint": { + "type": "string", + "description": "AMP Workspace prometheus endpoint" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "workspaceId": { + "type": "string", + "description": "Required to identify a specific APS Workspace." + } + }, + "createOnly": [ + "kmsKeyArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:arczonalshift:AutoshiftObserverNotificationStatus": { + "cf": "AWS::ARCZonalShift::AutoshiftObserverNotificationStatus", + "inputs": { + "status": { + "$ref": "#/types/aws-native:arczonalshift:AutoshiftObserverNotificationStatusEnum" + } + }, + "outputs": { + "accountId": { + "type": "string" + }, + "region": { + "type": "string" + }, + "status": { + "$ref": "#/types/aws-native:arczonalshift:AutoshiftObserverNotificationStatusEnum", + "replaceOnChanges": true + } + }, + "required": [ + "status" + ], + "createOnly": [ + "status" + ] + }, + "aws-native:arczonalshift:ZonalAutoshiftConfiguration": { + "cf": "AWS::ARCZonalShift::ZonalAutoshiftConfiguration", + "inputs": { + "practiceRunConfiguration": { + "$ref": "#/types/aws-native:arczonalshift:ZonalAutoshiftConfigurationPracticeRunConfiguration", + "description": "A practice run configuration for a resource includes the Amazon CloudWatch alarms that you've specified for a practice run, as well as any blocked dates or blocked windows for the practice run. When a resource has a practice run configuration, Route 53 ARC shifts traffic for the resource weekly for practice runs.\n\nPractice runs are required for zonal autoshift. The zonal shifts that Route 53 ARC starts for practice runs help you to ensure that shifting away traffic from an Availability Zone during an autoshift is safe for your application.\n\nYou can update or delete a practice run configuration. Before you delete a practice run configuration, you must disable zonal autoshift for the resource. A practice run configuration is required when zonal autoshift is enabled." + }, + "resourceIdentifier": { + "type": "string", + "description": "The identifier for the resource that AWS shifts traffic for. The identifier is the Amazon Resource Name (ARN) for the resource.\n\nAt this time, supported resources are Network Load Balancers and Application Load Balancers with cross-zone load balancing turned off." + }, + "zonalAutoshiftStatus": { + "$ref": "#/types/aws-native:arczonalshift:ZonalAutoshiftConfigurationZonalAutoshiftStatus", + "description": "When zonal autoshift is `ENABLED` , you authorize AWS to shift away resource traffic for an application from an Availability Zone during events, on your behalf, to help reduce time to recovery. Traffic is also shifted away for the required weekly practice runs." + } + }, + "outputs": { + "practiceRunConfiguration": { + "$ref": "#/types/aws-native:arczonalshift:ZonalAutoshiftConfigurationPracticeRunConfiguration", + "description": "A practice run configuration for a resource includes the Amazon CloudWatch alarms that you've specified for a practice run, as well as any blocked dates or blocked windows for the practice run. When a resource has a practice run configuration, Route 53 ARC shifts traffic for the resource weekly for practice runs.\n\nPractice runs are required for zonal autoshift. The zonal shifts that Route 53 ARC starts for practice runs help you to ensure that shifting away traffic from an Availability Zone during an autoshift is safe for your application.\n\nYou can update or delete a practice run configuration. Before you delete a practice run configuration, you must disable zonal autoshift for the resource. A practice run configuration is required when zonal autoshift is enabled." + }, + "resourceIdentifier": { + "type": "string", + "description": "The identifier for the resource that AWS shifts traffic for. The identifier is the Amazon Resource Name (ARN) for the resource.\n\nAt this time, supported resources are Network Load Balancers and Application Load Balancers with cross-zone load balancing turned off.", + "replaceOnChanges": true + }, + "zonalAutoshiftStatus": { + "$ref": "#/types/aws-native:arczonalshift:ZonalAutoshiftConfigurationZonalAutoshiftStatus", + "description": "When zonal autoshift is `ENABLED` , you authorize AWS to shift away resource traffic for an application from an Availability Zone during events, on your behalf, to help reduce time to recovery. Traffic is also shifted away for the required weekly practice runs." + } + }, + "createOnly": [ + "resourceIdentifier" + ] + }, + "aws-native:athena:CapacityReservation": { + "cf": "AWS::Athena::CapacityReservation", + "inputs": { + "capacityAssignmentConfiguration": { + "$ref": "#/types/aws-native:athena:CapacityReservationCapacityAssignmentConfiguration", + "description": "Assigns Athena workgroups (and hence their queries) to capacity reservations. A capacity reservation can have only one capacity assignment configuration, but the capacity assignment configuration can be made up of multiple individual assignments. Each assignment specifies how Athena queries can consume capacity from the capacity reservation that their workgroup is mapped to." + }, + "name": { + "type": "string", + "description": "The reservation name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "targetDpus": { + "type": "integer", + "description": "The number of DPUs to request to be allocated to the reservation." + } + }, + "outputs": { + "allocatedDpus": { + "type": "integer", + "description": "The number of DPUs Athena has provisioned and allocated for the reservation" + }, + "arn": { + "type": "string", + "description": "The ARN of the capacity reservation." + }, + "capacityAssignmentConfiguration": { + "$ref": "#/types/aws-native:athena:CapacityReservationCapacityAssignmentConfiguration", + "description": "Assigns Athena workgroups (and hence their queries) to capacity reservations. A capacity reservation can have only one capacity assignment configuration, but the capacity assignment configuration can be made up of multiple individual assignments. Each assignment specifies how Athena queries can consume capacity from the capacity reservation that their workgroup is mapped to." + }, + "creationTime": { + "type": "string", + "description": "The date and time the reservation was created." + }, + "lastSuccessfulAllocationTime": { + "type": "string", + "description": "The timestamp when the last successful allocated was made" + }, + "name": { + "type": "string", + "description": "The reservation name.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:athena:CapacityReservationStatus", + "description": "The status of the reservation." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "targetDpus": { + "type": "integer", + "description": "The number of DPUs to request to be allocated to the reservation." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "targetDpus" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:athena:DataCatalog": { + "cf": "AWS::Athena::DataCatalog", + "inputs": { + "description": { + "type": "string", + "description": "A description of the data catalog to be created. " + }, + "name": { + "type": "string", + "description": "The name of the data catalog to create. The catalog name must be unique for the AWS account and can use a maximum of 128 alphanumeric, underscore, at sign, or hyphen characters. " + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Specifies the Lambda function or functions to use for creating the data catalog. This is a mapping whose values depend on the catalog type. " + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of comma separated tags to add to the data catalog that is created. " + }, + "type": { + "$ref": "#/types/aws-native:athena:DataCatalogType", + "description": "The type of data catalog to create: LAMBDA for a federated catalog, GLUE for AWS Glue Catalog, or HIVE for an external hive metastore. " + } + }, + "outputs": { + "description": { + "type": "string", + "description": "A description of the data catalog to be created. " + }, + "name": { + "type": "string", + "description": "The name of the data catalog to create. The catalog name must be unique for the AWS account and can use a maximum of 128 alphanumeric, underscore, at sign, or hyphen characters. ", + "replaceOnChanges": true + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Specifies the Lambda function or functions to use for creating the data catalog. This is a mapping whose values depend on the catalog type. " + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of comma separated tags to add to the data catalog that is created. " + }, + "type": { + "$ref": "#/types/aws-native:athena:DataCatalogType", + "description": "The type of data catalog to create: LAMBDA for a federated catalog, GLUE for AWS Glue Catalog, or HIVE for an external hive metastore. " + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "type" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:athena:NamedQuery": { + "cf": "AWS::Athena::NamedQuery", + "inputs": { + "database": { + "type": "string", + "description": "The database to which the query belongs." + }, + "description": { + "type": "string", + "description": "The query description." + }, + "name": { + "type": "string", + "description": "The query name." + }, + "queryString": { + "type": "string", + "description": "The contents of the query with all query statements." + }, + "workGroup": { + "type": "string", + "description": "The name of the workgroup that contains the named query." + } + }, + "outputs": { + "database": { + "type": "string", + "description": "The database to which the query belongs.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The query description.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The query name.", + "replaceOnChanges": true + }, + "namedQueryId": { + "type": "string", + "description": "The unique ID of the query." + }, + "queryString": { + "type": "string", + "description": "The contents of the query with all query statements.", + "replaceOnChanges": true + }, + "workGroup": { + "type": "string", + "description": "The name of the workgroup that contains the named query.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "database", + "queryString" + ], + "createOnly": [ + "database", + "description", + "name", + "queryString", + "workGroup" + ] + }, + "aws-native:athena:PreparedStatement": { + "cf": "AWS::Athena::PreparedStatement", + "inputs": { + "description": { + "type": "string", + "description": "The description of the prepared statement." + }, + "queryStatement": { + "type": "string", + "description": "The query string for the prepared statement." + }, + "statementName": { + "type": "string", + "description": "The name of the prepared statement." + }, + "workGroup": { + "type": "string", + "description": "The name of the workgroup to which the prepared statement belongs." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the prepared statement." + }, + "queryStatement": { + "type": "string", + "description": "The query string for the prepared statement." + }, + "statementName": { + "type": "string", + "description": "The name of the prepared statement.", + "replaceOnChanges": true + }, + "workGroup": { + "type": "string", + "description": "The name of the workgroup to which the prepared statement belongs.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "statementName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "queryStatement", + "workGroup" + ], + "createOnly": [ + "statementName", + "workGroup" + ] + }, + "aws-native:athena:WorkGroup": { + "cf": "AWS::Athena::WorkGroup", + "inputs": { + "description": { + "type": "string", + "description": "The workgroup description." + }, + "name": { + "type": "string", + "description": "The workGroup name." + }, + "recursiveDeleteOption": { + "type": "boolean", + "description": "The option to delete the workgroup and its contents even if the workgroup contains any named queries." + }, + "state": { + "$ref": "#/types/aws-native:athena:WorkGroupState", + "description": "The state of the workgroup: ENABLED or DISABLED." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags, separated by commas, that you want to attach to the workgroup as you create it" + }, + "workGroupConfiguration": { + "$ref": "#/types/aws-native:athena:WorkGroupConfiguration", + "description": "The workgroup configuration" + }, + "workGroupConfigurationUpdates": { + "$ref": "#/types/aws-native:athena:WorkGroupConfigurationUpdates", + "description": "The workgroup configuration update object" + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The date and time the workgroup was created." + }, + "description": { + "type": "string", + "description": "The workgroup description." + }, + "name": { + "type": "string", + "description": "The workGroup name.", + "replaceOnChanges": true + }, + "recursiveDeleteOption": { + "type": "boolean", + "description": "The option to delete the workgroup and its contents even if the workgroup contains any named queries." + }, + "state": { + "$ref": "#/types/aws-native:athena:WorkGroupState", + "description": "The state of the workgroup: ENABLED or DISABLED." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags, separated by commas, that you want to attach to the workgroup as you create it" + }, + "workGroupConfiguration": { + "$ref": "#/types/aws-native:athena:WorkGroupConfiguration", + "description": "The workgroup configuration" + }, + "workGroupConfigurationUpdates": { + "$ref": "#/types/aws-native:athena:WorkGroupConfigurationUpdates", + "description": "The workgroup configuration update object" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "name" + ], + "writeOnly": [ + "recursiveDeleteOption", + "workGroupConfiguration/AdditionalConfiguration", + "workGroupConfigurationUpdates" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:auditmanager:Assessment": { + "cf": "AWS::AuditManager::Assessment", + "inputs": { + "assessmentReportsDestination": { + "$ref": "#/types/aws-native:auditmanager:AssessmentReportsDestination", + "description": "The destination that evidence reports are stored in for the assessment." + }, + "awsAccount": { + "$ref": "#/types/aws-native:auditmanager:AssessmentAwsAccount", + "description": "The AWS account that's associated with the assessment." + }, + "delegations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:auditmanager:AssessmentDelegation" + }, + "description": "The list of delegations." + }, + "description": { + "type": "string", + "description": "The description of the assessment." + }, + "frameworkId": { + "type": "string", + "description": "The unique identifier for the framework." + }, + "name": { + "type": "string", + "description": "The name of the assessment." + }, + "roles": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:auditmanager:AssessmentRole" + }, + "description": "The list of roles for the specified assessment." + }, + "scope": { + "$ref": "#/types/aws-native:auditmanager:AssessmentScope", + "description": "The wrapper of AWS accounts and services that are in scope for the assessment." + }, + "status": { + "$ref": "#/types/aws-native:auditmanager:AssessmentStatus", + "description": "The overall status of the assessment.\n\nWhen you create a new assessment, the initial `Status` value is always `ACTIVE` . When you create an assessment, even if you specify the value as `INACTIVE` , the value overrides to `ACTIVE` .\n\nAfter you create an assessment, you can change the value of the `Status` property at any time. For example, when you want to stop collecting evidence for your assessment, you can change the assessment status to `INACTIVE` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with the assessment." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the assessment." + }, + "assessmentId": { + "type": "string", + "description": "The unique identifier for the assessment." + }, + "assessmentReportsDestination": { + "$ref": "#/types/aws-native:auditmanager:AssessmentReportsDestination", + "description": "The destination that evidence reports are stored in for the assessment." + }, + "awsAccount": { + "$ref": "#/types/aws-native:auditmanager:AssessmentAwsAccount", + "description": "The AWS account that's associated with the assessment.", + "replaceOnChanges": true + }, + "creationTime": { + "type": "number", + "description": "Specifies when the assessment was created." + }, + "delegations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:auditmanager:AssessmentDelegation" + }, + "description": "The list of delegations." + }, + "description": { + "type": "string", + "description": "The description of the assessment." + }, + "frameworkId": { + "type": "string", + "description": "The unique identifier for the framework.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the assessment." + }, + "roles": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:auditmanager:AssessmentRole" + }, + "description": "The list of roles for the specified assessment." + }, + "scope": { + "$ref": "#/types/aws-native:auditmanager:AssessmentScope", + "description": "The wrapper of AWS accounts and services that are in scope for the assessment." + }, + "status": { + "$ref": "#/types/aws-native:auditmanager:AssessmentStatus", + "description": "The overall status of the assessment.\n\nWhen you create a new assessment, the initial `Status` value is always `ACTIVE` . When you create an assessment, even if you specify the value as `INACTIVE` , the value overrides to `ACTIVE` .\n\nAfter you create an assessment, you can change the value of the `Status` property at any time. For example, when you want to stop collecting evidence for your assessment, you can change the assessment status to `INACTIVE` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with the assessment." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "awsAccount", + "frameworkId" + ], + "writeOnly": [ + "description", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:autoscaling:AutoScalingGroup": { + "cf": "AWS::AutoScaling::AutoScalingGroup", + "inputs": { + "autoScalingGroupName": { + "type": "string", + "description": "The name of the Auto Scaling group. This name must be unique per Region per account.\n The name can contain any ASCII character 33 to 126 including most punctuation characters, digits, and upper and lowercased letters.\n You cannot use a colon (:) in the name." + }, + "availabilityZones": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Availability Zones where instances in the Auto Scaling group can be created. Used for launching into the default VPC subnet in each Availability Zone when not using the ``VPCZoneIdentifier`` property, or for attaching a network interface when an existing network interface ID is specified in a launch template." + }, + "capacityRebalance": { + "type": "boolean", + "description": "Indicates whether Capacity Rebalancing is enabled. Otherwise, Capacity Rebalancing is disabled. When you turn on Capacity Rebalancing, Amazon EC2 Auto Scaling attempts to launch a Spot Instance whenever Amazon EC2 notifies that a Spot Instance is at an elevated risk of interruption. After launching a new instance, it then terminates an old instance. For more information, see [Use Capacity Rebalancing to handle Amazon EC2 Spot Interruptions](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-capacity-rebalancing.html) in the in the *Amazon EC2 Auto Scaling User Guide*." + }, + "context": { + "type": "string", + "description": "Reserved." + }, + "cooldown": { + "type": "string", + "description": "*Only needed if you use simple scaling policies.* \n The amount of time, in seconds, between one scaling activity ending and another one starting due to simple scaling policies. For more information, see [Scaling cooldowns for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-scaling-cooldowns.html) in the *Amazon EC2 Auto Scaling User Guide*.\n Default: ``300`` seconds" + }, + "defaultInstanceWarmup": { + "type": "integer", + "description": "The amount of time, in seconds, until a new instance is considered to have finished initializing and resource consumption to become stable after it enters the ``InService`` state. \n During an instance refresh, Amazon EC2 Auto Scaling waits for the warm-up period after it replaces an instance before it moves on to replacing the next instance. Amazon EC2 Auto Scaling also waits for the warm-up period before aggregating the metrics for new instances with existing instances in the Amazon CloudWatch metrics that are used for scaling, resulting in more reliable usage data. For more information, see [Set the default instance warmup for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-default-instance-warmup.html) in the *Amazon EC2 Auto Scaling User Guide*.\n To manage various warm-up settings at the group level, we recommend that you set the default instance warmup, *even if it is set to 0 seconds*. To remove a value that you previously set, include the property but specify ``-1`` for the value. However, we strongly recommend keeping the default instance warmup enabled by specifying a value of ``0`` or other nominal value.\n Default: None" + }, + "desiredCapacity": { + "type": "string", + "description": "The desired capacity is the initial capacity of the Auto Scaling group at the time of its creation and the capacity it attempts to maintain. It can scale beyond this capacity if you configure automatic scaling.\n The number must be greater than or equal to the minimum size of the group and less than or equal to the maximum size of the group. If you do not specify a desired capacity when creating the stack, the default is the minimum size of the group.\n CloudFormation marks the Auto Scaling group as successful (by setting its status to CREATE_COMPLETE) when the desired capacity is reached. However, if a maximum Spot price is set in the launch template or launch configuration that you specified, then desired capacity is not used as a criteria for success. Whether your request is fulfilled depends on Spot Instance capacity and your maximum price." + }, + "desiredCapacityType": { + "type": "string", + "description": "The unit of measurement for the value specified for desired capacity. Amazon EC2 Auto Scaling supports ``DesiredCapacityType`` for attribute-based instance type selection only. For more information, see [Create a mixed instances group using attribute-based instance type selection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-mixed-instances-group-attribute-based-instance-type-selection.html) in the *Amazon EC2 Auto Scaling User Guide*.\n By default, Amazon EC2 Auto Scaling specifies ``units``, which translates into number of instances.\n Valid values: ``units`` | ``vcpu`` | ``memory-mib``" + }, + "healthCheckGracePeriod": { + "type": "integer", + "description": "The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before checking the health status of an EC2 instance that has come into service and marking it unhealthy due to a failed health check. This is useful if your instances do not immediately pass their health checks after they enter the ``InService`` state. For more information, see [Set the health check grace period for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/health-check-grace-period.html) in the *Amazon EC2 Auto Scaling User Guide*.\n Default: ``0`` seconds" + }, + "healthCheckType": { + "type": "string", + "description": "A comma-separated value string of one or more health check types.\n The valid values are ``EC2``, ``ELB``, and ``VPC_LATTICE``. ``EC2`` is the default health check and cannot be disabled. For more information, see [Health checks for instances in an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-health-checks.html) in the *Amazon EC2 Auto Scaling User Guide*.\n Only specify ``EC2`` if you must clear a value that was previously set." + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance used to base the launch configuration on. For more information, see [Create an Auto Scaling group using an EC2 instance](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-from-instance.html) in the *Amazon EC2 Auto Scaling User Guide*.\n If you specify ``LaunchTemplate``, ``MixedInstancesPolicy``, or ``LaunchConfigurationName``, don't specify ``InstanceId``." + }, + "instanceMaintenancePolicy": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupInstanceMaintenancePolicy", + "description": "An instance maintenance policy. For more information, see [Set instance maintenance policy](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-maintenance-policy.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "launchConfigurationName": { + "type": "string", + "description": "The name of the launch configuration to use to launch instances.\n Required only if you don't specify ``LaunchTemplate``, ``MixedInstancesPolicy``, or ``InstanceId``." + }, + "launchTemplate": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupLaunchTemplateSpecification", + "description": "Information used to specify the launch template and version to use to launch instances. You can alternatively associate a launch template to the Auto Scaling group by specifying a ``MixedInstancesPolicy``. For more information about creating launch templates, see [Create a launch template for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon EC2 Auto Scaling User Guide*.\n If you omit this property, you must specify ``MixedInstancesPolicy``, ``LaunchConfigurationName``, or ``InstanceId``." + }, + "lifecycleHookSpecificationList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupLifecycleHookSpecification" + }, + "description": "One or more lifecycle hooks to add to the Auto Scaling group before instances are launched." + }, + "loadBalancerNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Classic Load Balancers associated with this Auto Scaling group. For Application Load Balancers, Network Load Balancers, and Gateway Load Balancers, specify the ``TargetGroupARNs`` property instead." + }, + "maxInstanceLifetime": { + "type": "integer", + "description": "The maximum amount of time, in seconds, that an instance can be in service. The default is null. If specified, the value must be either 0 or a number equal to or greater than 86,400 seconds (1 day). For more information, see [Replace Auto Scaling instances based on maximum instance lifetime](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-max-instance-lifetime.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "maxSize": { + "type": "string", + "description": "The maximum size of the group.\n With a mixed instances policy that uses instance weighting, Amazon EC2 Auto Scaling may need to go above ``MaxSize`` to meet your capacity requirements. In this event, Amazon EC2 Auto Scaling will never go above ``MaxSize`` by more than your largest instance weight (weights that define how many units each instance contributes to the desired capacity of the group)." + }, + "metricsCollection": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupMetricsCollection" + }, + "description": "Enables the monitoring of group metrics of an Auto Scaling group. By default, these metrics are disabled." + }, + "minSize": { + "type": "string", + "description": "The minimum size of the group." + }, + "mixedInstancesPolicy": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupMixedInstancesPolicy", + "description": "An embedded object that specifies a mixed instances policy.\n The policy includes properties that not only define the distribution of On-Demand Instances and Spot Instances, the maximum price to pay for Spot Instances (optional), and how the Auto Scaling group allocates instance types to fulfill On-Demand and Spot capacities, but also the properties that specify the instance configuration information—the launch template and instance types. The policy can also include a weight for each instance type and different launch templates for individual instance types.\n For more information, see [Auto Scaling groups with multiple instance types and purchase options](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-mixed-instances-groups.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "newInstancesProtectedFromScaleIn": { + "type": "boolean", + "description": "Indicates whether newly launched instances are protected from termination by Amazon EC2 Auto Scaling when scaling in. For more information about preventing instances from terminating on scale in, see [Use instance scale-in protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-protection.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "notificationConfiguration": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupNotificationConfiguration" + }, + "notificationConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupNotificationConfiguration" + }, + "description": "Configures an Auto Scaling group to send notifications when specified events take place." + }, + "placementGroup": { + "type": "string", + "description": "The name of the placement group into which to launch your instances. For more information, see [Placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) in the *Amazon EC2 User Guide for Linux Instances*.\n A *cluster* placement group is a logical grouping of instances within a single Availability Zone. You cannot specify multiple Availability Zones and a cluster placement group." + }, + "serviceLinkedRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service-linked role that the Auto Scaling group uses to call other AWS service on your behalf. By default, Amazon EC2 Auto Scaling uses a service-linked role named ``AWSServiceRoleForAutoScaling``, which it creates if it does not exist. For more information, see [Service-linked roles](https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-service-linked-role.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupTagProperty" + }, + "description": "One or more tags. You can tag your Auto Scaling group and propagate the tags to the Amazon EC2 instances it launches. Tags are not propagated to Amazon EBS volumes. To add tags to Amazon EBS volumes, specify the tags in a launch template but use caution. If the launch template specifies an instance tag with a key that is also specified for the Auto Scaling group, Amazon EC2 Auto Scaling overrides the value of that instance tag with the value specified by the Auto Scaling group. For more information, see [Tag Auto Scaling groups and instances](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-tagging.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "targetGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARN) of the Elastic Load Balancing target groups to associate with the Auto Scaling group. Instances are registered as targets with the target groups. The target groups receive incoming traffic and route requests to one or more registered targets. For more information, see [Use Elastic Load Balancing to distribute traffic across the instances in your Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-load-balancer.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "terminationPolicies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A policy or a list of policies that are used to select the instance to terminate. These policies are executed in the order that you list them. For more information, see [Configure termination policies for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-termination-policies.html) in the *Amazon EC2 Auto Scaling User Guide*.\n Valid values: ``Default`` | ``AllocationStrategy`` | ``ClosestToNextInstanceHour`` | ``NewestInstance`` | ``OldestInstance`` | ``OldestLaunchConfiguration`` | ``OldestLaunchTemplate`` | ``arn:aws:lambda:region:account-id:function:my-function:my-alias``" + }, + "vpcZoneIdentifier": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of subnet IDs for a virtual private cloud (VPC) where instances in the Auto Scaling group can be created.\n If this resource specifies public subnets and is also in a VPC that is defined in the same stack template, you must use the [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the [VPC-gateway attachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpc-gateway-attachment.html).\n When you update ``VPCZoneIdentifier``, this retains the same Auto Scaling group and replaces old instances with new ones, according to the specified subnets. You can optionally specify how CloudFormation handles these updates by using an [UpdatePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html).\n Required to launch instances into a nondefault VPC. If you specify ``VPCZoneIdentifier`` with ``AvailabilityZones``, the subnets that you specify for this property must reside in those Availability Zones." + } + }, + "outputs": { + "autoScalingGroupName": { + "type": "string", + "description": "The name of the Auto Scaling group. This name must be unique per Region per account.\n The name can contain any ASCII character 33 to 126 including most punctuation characters, digits, and upper and lowercased letters.\n You cannot use a colon (:) in the name.", + "replaceOnChanges": true + }, + "availabilityZones": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Availability Zones where instances in the Auto Scaling group can be created. Used for launching into the default VPC subnet in each Availability Zone when not using the ``VPCZoneIdentifier`` property, or for attaching a network interface when an existing network interface ID is specified in a launch template." + }, + "capacityRebalance": { + "type": "boolean", + "description": "Indicates whether Capacity Rebalancing is enabled. Otherwise, Capacity Rebalancing is disabled. When you turn on Capacity Rebalancing, Amazon EC2 Auto Scaling attempts to launch a Spot Instance whenever Amazon EC2 notifies that a Spot Instance is at an elevated risk of interruption. After launching a new instance, it then terminates an old instance. For more information, see [Use Capacity Rebalancing to handle Amazon EC2 Spot Interruptions](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-capacity-rebalancing.html) in the in the *Amazon EC2 Auto Scaling User Guide*." + }, + "context": { + "type": "string", + "description": "Reserved." + }, + "cooldown": { + "type": "string", + "description": "*Only needed if you use simple scaling policies.* \n The amount of time, in seconds, between one scaling activity ending and another one starting due to simple scaling policies. For more information, see [Scaling cooldowns for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-scaling-cooldowns.html) in the *Amazon EC2 Auto Scaling User Guide*.\n Default: ``300`` seconds" + }, + "defaultInstanceWarmup": { + "type": "integer", + "description": "The amount of time, in seconds, until a new instance is considered to have finished initializing and resource consumption to become stable after it enters the ``InService`` state. \n During an instance refresh, Amazon EC2 Auto Scaling waits for the warm-up period after it replaces an instance before it moves on to replacing the next instance. Amazon EC2 Auto Scaling also waits for the warm-up period before aggregating the metrics for new instances with existing instances in the Amazon CloudWatch metrics that are used for scaling, resulting in more reliable usage data. For more information, see [Set the default instance warmup for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-default-instance-warmup.html) in the *Amazon EC2 Auto Scaling User Guide*.\n To manage various warm-up settings at the group level, we recommend that you set the default instance warmup, *even if it is set to 0 seconds*. To remove a value that you previously set, include the property but specify ``-1`` for the value. However, we strongly recommend keeping the default instance warmup enabled by specifying a value of ``0`` or other nominal value.\n Default: None" + }, + "desiredCapacity": { + "type": "string", + "description": "The desired capacity is the initial capacity of the Auto Scaling group at the time of its creation and the capacity it attempts to maintain. It can scale beyond this capacity if you configure automatic scaling.\n The number must be greater than or equal to the minimum size of the group and less than or equal to the maximum size of the group. If you do not specify a desired capacity when creating the stack, the default is the minimum size of the group.\n CloudFormation marks the Auto Scaling group as successful (by setting its status to CREATE_COMPLETE) when the desired capacity is reached. However, if a maximum Spot price is set in the launch template or launch configuration that you specified, then desired capacity is not used as a criteria for success. Whether your request is fulfilled depends on Spot Instance capacity and your maximum price." + }, + "desiredCapacityType": { + "type": "string", + "description": "The unit of measurement for the value specified for desired capacity. Amazon EC2 Auto Scaling supports ``DesiredCapacityType`` for attribute-based instance type selection only. For more information, see [Create a mixed instances group using attribute-based instance type selection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-mixed-instances-group-attribute-based-instance-type-selection.html) in the *Amazon EC2 Auto Scaling User Guide*.\n By default, Amazon EC2 Auto Scaling specifies ``units``, which translates into number of instances.\n Valid values: ``units`` | ``vcpu`` | ``memory-mib``" + }, + "healthCheckGracePeriod": { + "type": "integer", + "description": "The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before checking the health status of an EC2 instance that has come into service and marking it unhealthy due to a failed health check. This is useful if your instances do not immediately pass their health checks after they enter the ``InService`` state. For more information, see [Set the health check grace period for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/health-check-grace-period.html) in the *Amazon EC2 Auto Scaling User Guide*.\n Default: ``0`` seconds" + }, + "healthCheckType": { + "type": "string", + "description": "A comma-separated value string of one or more health check types.\n The valid values are ``EC2``, ``ELB``, and ``VPC_LATTICE``. ``EC2`` is the default health check and cannot be disabled. For more information, see [Health checks for instances in an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-health-checks.html) in the *Amazon EC2 Auto Scaling User Guide*.\n Only specify ``EC2`` if you must clear a value that was previously set." + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance used to base the launch configuration on. For more information, see [Create an Auto Scaling group using an EC2 instance](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-from-instance.html) in the *Amazon EC2 Auto Scaling User Guide*.\n If you specify ``LaunchTemplate``, ``MixedInstancesPolicy``, or ``LaunchConfigurationName``, don't specify ``InstanceId``.", + "replaceOnChanges": true + }, + "instanceMaintenancePolicy": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupInstanceMaintenancePolicy", + "description": "An instance maintenance policy. For more information, see [Set instance maintenance policy](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-maintenance-policy.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "launchConfigurationName": { + "type": "string", + "description": "The name of the launch configuration to use to launch instances.\n Required only if you don't specify ``LaunchTemplate``, ``MixedInstancesPolicy``, or ``InstanceId``." + }, + "launchTemplate": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupLaunchTemplateSpecification", + "description": "Information used to specify the launch template and version to use to launch instances. You can alternatively associate a launch template to the Auto Scaling group by specifying a ``MixedInstancesPolicy``. For more information about creating launch templates, see [Create a launch template for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon EC2 Auto Scaling User Guide*.\n If you omit this property, you must specify ``MixedInstancesPolicy``, ``LaunchConfigurationName``, or ``InstanceId``." + }, + "lifecycleHookSpecificationList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupLifecycleHookSpecification" + }, + "description": "One or more lifecycle hooks to add to the Auto Scaling group before instances are launched." + }, + "loadBalancerNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Classic Load Balancers associated with this Auto Scaling group. For Application Load Balancers, Network Load Balancers, and Gateway Load Balancers, specify the ``TargetGroupARNs`` property instead." + }, + "maxInstanceLifetime": { + "type": "integer", + "description": "The maximum amount of time, in seconds, that an instance can be in service. The default is null. If specified, the value must be either 0 or a number equal to or greater than 86,400 seconds (1 day). For more information, see [Replace Auto Scaling instances based on maximum instance lifetime](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-max-instance-lifetime.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "maxSize": { + "type": "string", + "description": "The maximum size of the group.\n With a mixed instances policy that uses instance weighting, Amazon EC2 Auto Scaling may need to go above ``MaxSize`` to meet your capacity requirements. In this event, Amazon EC2 Auto Scaling will never go above ``MaxSize`` by more than your largest instance weight (weights that define how many units each instance contributes to the desired capacity of the group)." + }, + "metricsCollection": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupMetricsCollection" + }, + "description": "Enables the monitoring of group metrics of an Auto Scaling group. By default, these metrics are disabled." + }, + "minSize": { + "type": "string", + "description": "The minimum size of the group." + }, + "mixedInstancesPolicy": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupMixedInstancesPolicy", + "description": "An embedded object that specifies a mixed instances policy.\n The policy includes properties that not only define the distribution of On-Demand Instances and Spot Instances, the maximum price to pay for Spot Instances (optional), and how the Auto Scaling group allocates instance types to fulfill On-Demand and Spot capacities, but also the properties that specify the instance configuration information—the launch template and instance types. The policy can also include a weight for each instance type and different launch templates for individual instance types.\n For more information, see [Auto Scaling groups with multiple instance types and purchase options](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-mixed-instances-groups.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "newInstancesProtectedFromScaleIn": { + "type": "boolean", + "description": "Indicates whether newly launched instances are protected from termination by Amazon EC2 Auto Scaling when scaling in. For more information about preventing instances from terminating on scale in, see [Use instance scale-in protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-protection.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "notificationConfiguration": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupNotificationConfiguration" + }, + "notificationConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupNotificationConfiguration" + }, + "description": "Configures an Auto Scaling group to send notifications when specified events take place." + }, + "placementGroup": { + "type": "string", + "description": "The name of the placement group into which to launch your instances. For more information, see [Placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) in the *Amazon EC2 User Guide for Linux Instances*.\n A *cluster* placement group is a logical grouping of instances within a single Availability Zone. You cannot specify multiple Availability Zones and a cluster placement group." + }, + "serviceLinkedRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service-linked role that the Auto Scaling group uses to call other AWS service on your behalf. By default, Amazon EC2 Auto Scaling uses a service-linked role named ``AWSServiceRoleForAutoScaling``, which it creates if it does not exist. For more information, see [Service-linked roles](https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-service-linked-role.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupTagProperty" + }, + "description": "One or more tags. You can tag your Auto Scaling group and propagate the tags to the Amazon EC2 instances it launches. Tags are not propagated to Amazon EBS volumes. To add tags to Amazon EBS volumes, specify the tags in a launch template but use caution. If the launch template specifies an instance tag with a key that is also specified for the Auto Scaling group, Amazon EC2 Auto Scaling overrides the value of that instance tag with the value specified by the Auto Scaling group. For more information, see [Tag Auto Scaling groups and instances](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-tagging.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "targetGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARN) of the Elastic Load Balancing target groups to associate with the Auto Scaling group. Instances are registered as targets with the target groups. The target groups receive incoming traffic and route requests to one or more registered targets. For more information, see [Use Elastic Load Balancing to distribute traffic across the instances in your Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-load-balancer.html) in the *Amazon EC2 Auto Scaling User Guide*." + }, + "terminationPolicies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A policy or a list of policies that are used to select the instance to terminate. These policies are executed in the order that you list them. For more information, see [Configure termination policies for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-termination-policies.html) in the *Amazon EC2 Auto Scaling User Guide*.\n Valid values: ``Default`` | ``AllocationStrategy`` | ``ClosestToNextInstanceHour`` | ``NewestInstance`` | ``OldestInstance`` | ``OldestLaunchConfiguration`` | ``OldestLaunchTemplate`` | ``arn:aws:lambda:region:account-id:function:my-function:my-alias``" + }, + "vpcZoneIdentifier": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of subnet IDs for a virtual private cloud (VPC) where instances in the Auto Scaling group can be created.\n If this resource specifies public subnets and is also in a VPC that is defined in the same stack template, you must use the [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the [VPC-gateway attachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpc-gateway-attachment.html).\n When you update ``VPCZoneIdentifier``, this retains the same Auto Scaling group and replaces old instances with new ones, according to the specified subnets. You can optionally specify how CloudFormation handles these updates by using an [UpdatePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html).\n Required to launch instances into a nondefault VPC. If you specify ``VPCZoneIdentifier`` with ``AvailabilityZones``, the subnets that you specify for this property must reside in those Availability Zones." + } + }, + "autoNamingSpec": { + "sdkName": "autoScalingGroupName" + }, + "required": [ + "maxSize", + "minSize" + ], + "createOnly": [ + "autoScalingGroupName", + "instanceId" + ], + "writeOnly": [ + "instanceId" + ], + "irreversibleNames": { + "serviceLinkedRoleArn": "ServiceLinkedRoleARN", + "targetGroupArns": "TargetGroupARNs", + "vpcZoneIdentifier": "VPCZoneIdentifier" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayWithExtraProperties" + }, + "aws-native:autoscaling:LaunchConfiguration": { + "cf": "AWS::AutoScaling::LaunchConfiguration", + "inputs": { + "associatePublicIpAddress": { + "type": "boolean", + "description": "For Auto Scaling groups that are running in a virtual private cloud (VPC), specifies whether to assign a public IP address to the group's instances." + }, + "blockDeviceMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:LaunchConfigurationBlockDeviceMapping" + }, + "description": "Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes." + }, + "classicLinkVpcId": { + "type": "string", + "description": "The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to." + }, + "classicLinkVpcSecurityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of one or more security groups for the VPC that you specified in the ClassicLinkVPCId property." + }, + "ebsOptimized": { + "type": "boolean", + "description": "Specifies whether the launch configuration is optimized for EBS I/O (true) or not (false)." + }, + "iamInstanceProfile": { + "type": "string", + "description": "Provides the name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role." + }, + "imageId": { + "type": "string", + "description": "Provides the unique ID of the Amazon Machine Image (AMI) that was assigned during registration." + }, + "instanceId": { + "type": "string", + "description": "The ID of the Amazon EC2 instance you want to use to create the launch configuration." + }, + "instanceMonitoring": { + "type": "boolean", + "description": "Controls whether instances in this group are launched with detailed (true) or basic (false) monitoring." + }, + "instanceType": { + "type": "string", + "description": "Specifies the instance type of the EC2 instance." + }, + "kernelId": { + "type": "string", + "description": "Provides the ID of the kernel associated with the EC2 AMI." + }, + "keyName": { + "type": "string", + "description": "Provides the name of the EC2 key pair." + }, + "launchConfigurationName": { + "type": "string", + "description": "The name of the launch configuration. This name must be unique per Region per account." + }, + "metadataOptions": { + "$ref": "#/types/aws-native:autoscaling:LaunchConfigurationMetadataOptions", + "description": "The metadata options for the instances." + }, + "placementTenancy": { + "type": "string", + "description": "The tenancy of the instance, either default or dedicated." + }, + "ramDiskId": { + "type": "string", + "description": "The ID of the RAM disk to select." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list that contains the security groups to assign to the instances in the Auto Scaling group." + }, + "spotPrice": { + "type": "string", + "description": "The maximum hourly price you are willing to pay for any Spot Instances launched to fulfill the request." + }, + "userData": { + "type": "string", + "description": "The Base64-encoded user data to make available to the launched EC2 instances." + } + }, + "outputs": { + "associatePublicIpAddress": { + "type": "boolean", + "description": "For Auto Scaling groups that are running in a virtual private cloud (VPC), specifies whether to assign a public IP address to the group's instances.", + "replaceOnChanges": true + }, + "blockDeviceMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:LaunchConfigurationBlockDeviceMapping" + }, + "description": "Specifies how block devices are exposed to the instance. You can specify virtual devices and EBS volumes.", + "replaceOnChanges": true + }, + "classicLinkVpcId": { + "type": "string", + "description": "The ID of a ClassicLink-enabled VPC to link your EC2-Classic instances to.", + "replaceOnChanges": true + }, + "classicLinkVpcSecurityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of one or more security groups for the VPC that you specified in the ClassicLinkVPCId property.", + "replaceOnChanges": true + }, + "ebsOptimized": { + "type": "boolean", + "description": "Specifies whether the launch configuration is optimized for EBS I/O (true) or not (false).", + "replaceOnChanges": true + }, + "iamInstanceProfile": { + "type": "string", + "description": "Provides the name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role.", + "replaceOnChanges": true + }, + "imageId": { + "type": "string", + "description": "Provides the unique ID of the Amazon Machine Image (AMI) that was assigned during registration.", + "replaceOnChanges": true + }, + "instanceId": { + "type": "string", + "description": "The ID of the Amazon EC2 instance you want to use to create the launch configuration.", + "replaceOnChanges": true + }, + "instanceMonitoring": { + "type": "boolean", + "description": "Controls whether instances in this group are launched with detailed (true) or basic (false) monitoring.", + "replaceOnChanges": true + }, + "instanceType": { + "type": "string", + "description": "Specifies the instance type of the EC2 instance.", + "replaceOnChanges": true + }, + "kernelId": { + "type": "string", + "description": "Provides the ID of the kernel associated with the EC2 AMI.", + "replaceOnChanges": true + }, + "keyName": { + "type": "string", + "description": "Provides the name of the EC2 key pair.", + "replaceOnChanges": true + }, + "launchConfigurationName": { + "type": "string", + "description": "The name of the launch configuration. This name must be unique per Region per account.", + "replaceOnChanges": true + }, + "metadataOptions": { + "$ref": "#/types/aws-native:autoscaling:LaunchConfigurationMetadataOptions", + "description": "The metadata options for the instances.", + "replaceOnChanges": true + }, + "placementTenancy": { + "type": "string", + "description": "The tenancy of the instance, either default or dedicated.", + "replaceOnChanges": true + }, + "ramDiskId": { + "type": "string", + "description": "The ID of the RAM disk to select.", + "replaceOnChanges": true + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list that contains the security groups to assign to the instances in the Auto Scaling group.", + "replaceOnChanges": true + }, + "spotPrice": { + "type": "string", + "description": "The maximum hourly price you are willing to pay for any Spot Instances launched to fulfill the request.", + "replaceOnChanges": true + }, + "userData": { + "type": "string", + "description": "The Base64-encoded user data to make available to the launched EC2 instances.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "launchConfigurationName", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "imageId", + "instanceType" + ], + "createOnly": [ + "associatePublicIpAddress", + "blockDeviceMappings", + "classicLinkVpcId", + "classicLinkVpcSecurityGroups", + "ebsOptimized", + "iamInstanceProfile", + "imageId", + "instanceId", + "instanceMonitoring", + "instanceType", + "kernelId", + "keyName", + "launchConfigurationName", + "metadataOptions", + "placementTenancy", + "ramDiskId", + "securityGroups", + "spotPrice", + "userData" + ], + "writeOnly": [ + "instanceId" + ], + "irreversibleNames": { + "classicLinkVpcId": "ClassicLinkVPCId", + "classicLinkVpcSecurityGroups": "ClassicLinkVPCSecurityGroups" + } + }, + "aws-native:autoscaling:LifecycleHook": { + "cf": "AWS::AutoScaling::LifecycleHook", + "inputs": { + "autoScalingGroupName": { + "type": "string", + "description": "The name of the Auto Scaling group for the lifecycle hook." + }, + "defaultResult": { + "type": "string", + "description": "The action the Auto Scaling group takes when the lifecycle hook timeout elapses or if an unexpected failure occurs. The valid values are CONTINUE and ABANDON (default)." + }, + "heartbeatTimeout": { + "type": "integer", + "description": "The maximum time, in seconds, that can elapse before the lifecycle hook times out. The range is from 30 to 7200 seconds. The default value is 3600 seconds (1 hour). If the lifecycle hook times out, Amazon EC2 Auto Scaling performs the action that you specified in the DefaultResult property." + }, + "lifecycleHookName": { + "type": "string", + "description": "The name of the lifecycle hook." + }, + "lifecycleTransition": { + "type": "string", + "description": "The instance state to which you want to attach the lifecycle hook." + }, + "notificationMetadata": { + "type": "string", + "description": "Additional information that is included any time Amazon EC2 Auto Scaling sends a message to the notification target." + }, + "notificationTargetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the notification target that Amazon EC2 Auto Scaling uses to notify you when an instance is in the transition state for the lifecycle hook. You can specify an Amazon SQS queue or an Amazon SNS topic. The notification message includes the following information: lifecycle action token, user account ID, Auto Scaling group name, lifecycle hook name, instance ID, lifecycle transition, and notification metadata." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target, for example, an Amazon SNS topic or an Amazon SQS queue." + } + }, + "outputs": { + "autoScalingGroupName": { + "type": "string", + "description": "The name of the Auto Scaling group for the lifecycle hook.", + "replaceOnChanges": true + }, + "defaultResult": { + "type": "string", + "description": "The action the Auto Scaling group takes when the lifecycle hook timeout elapses or if an unexpected failure occurs. The valid values are CONTINUE and ABANDON (default)." + }, + "heartbeatTimeout": { + "type": "integer", + "description": "The maximum time, in seconds, that can elapse before the lifecycle hook times out. The range is from 30 to 7200 seconds. The default value is 3600 seconds (1 hour). If the lifecycle hook times out, Amazon EC2 Auto Scaling performs the action that you specified in the DefaultResult property." + }, + "lifecycleHookName": { + "type": "string", + "description": "The name of the lifecycle hook.", + "replaceOnChanges": true + }, + "lifecycleTransition": { + "type": "string", + "description": "The instance state to which you want to attach the lifecycle hook." + }, + "notificationMetadata": { + "type": "string", + "description": "Additional information that is included any time Amazon EC2 Auto Scaling sends a message to the notification target." + }, + "notificationTargetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the notification target that Amazon EC2 Auto Scaling uses to notify you when an instance is in the transition state for the lifecycle hook. You can specify an Amazon SQS queue or an Amazon SNS topic. The notification message includes the following information: lifecycle action token, user account ID, Auto Scaling group name, lifecycle hook name, instance ID, lifecycle transition, and notification metadata." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target, for example, an Amazon SNS topic or an Amazon SQS queue." + } + }, + "autoNamingSpec": { + "sdkName": "lifecycleHookName", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "autoScalingGroupName", + "lifecycleTransition" + ], + "createOnly": [ + "autoScalingGroupName", + "lifecycleHookName" + ], + "irreversibleNames": { + "notificationTargetArn": "NotificationTargetARN", + "roleArn": "RoleARN" + } + }, + "aws-native:autoscaling:ScalingPolicy": { + "cf": "AWS::AutoScaling::ScalingPolicy", + "inputs": { + "adjustmentType": { + "type": "string", + "description": "Specifies how the scaling adjustment is interpreted. The valid values are ChangeInCapacity, ExactCapacity, and PercentChangeInCapacity." + }, + "autoScalingGroupName": { + "type": "string", + "description": "The name of the Auto Scaling group." + }, + "cooldown": { + "type": "string", + "description": "The duration of the policy's cooldown period, in seconds. When a cooldown period is specified here, it overrides the default cooldown period defined for the Auto Scaling group." + }, + "estimatedInstanceWarmup": { + "type": "integer", + "description": "The estimated time, in seconds, until a newly launched instance can contribute to the CloudWatch metrics. If not provided, the default is to use the value from the default cooldown period for the Auto Scaling group. Valid only if the policy type is TargetTrackingScaling or StepScaling." + }, + "metricAggregationType": { + "type": "string", + "description": "The aggregation type for the CloudWatch metrics. The valid values are Minimum, Maximum, and Average. If the aggregation type is null, the value is treated as Average. Valid only if the policy type is StepScaling." + }, + "minAdjustmentMagnitude": { + "type": "integer", + "description": "The minimum value to scale by when the adjustment type is PercentChangeInCapacity. For example, suppose that you create a step scaling policy to scale out an Auto Scaling group by 25 percent and you specify a MinAdjustmentMagnitude of 2. If the group has 4 instances and the scaling policy is performed, 25 percent of 4 is 1. However, because you specified a MinAdjustmentMagnitude of 2, Amazon EC2 Auto Scaling scales out the group by 2 instances." + }, + "policyType": { + "type": "string", + "description": "One of the following policy types: TargetTrackingScaling, StepScaling, SimpleScaling (default), PredictiveScaling" + }, + "predictiveScalingConfiguration": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyPredictiveScalingConfiguration", + "description": "A predictive scaling policy. Includes support for predefined metrics only." + }, + "scalingAdjustment": { + "type": "integer", + "description": "The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity. For exact capacity, you must specify a positive value. Required if the policy type is SimpleScaling. (Not used with any other policy type.)" + }, + "stepAdjustments": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyStepAdjustment" + }, + "description": "A set of adjustments that enable you to scale based on the size of the alarm breach. Required if the policy type is StepScaling. (Not used with any other policy type.)" + }, + "targetTrackingConfiguration": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyTargetTrackingConfiguration", + "description": "A target tracking scaling policy. Includes support for predefined or customized metrics." + } + }, + "outputs": { + "adjustmentType": { + "type": "string", + "description": "Specifies how the scaling adjustment is interpreted. The valid values are ChangeInCapacity, ExactCapacity, and PercentChangeInCapacity." + }, + "arn": { + "type": "string", + "description": "The ARN of the AutoScaling scaling policy" + }, + "autoScalingGroupName": { + "type": "string", + "description": "The name of the Auto Scaling group.", + "replaceOnChanges": true + }, + "cooldown": { + "type": "string", + "description": "The duration of the policy's cooldown period, in seconds. When a cooldown period is specified here, it overrides the default cooldown period defined for the Auto Scaling group." + }, + "estimatedInstanceWarmup": { + "type": "integer", + "description": "The estimated time, in seconds, until a newly launched instance can contribute to the CloudWatch metrics. If not provided, the default is to use the value from the default cooldown period for the Auto Scaling group. Valid only if the policy type is TargetTrackingScaling or StepScaling." + }, + "metricAggregationType": { + "type": "string", + "description": "The aggregation type for the CloudWatch metrics. The valid values are Minimum, Maximum, and Average. If the aggregation type is null, the value is treated as Average. Valid only if the policy type is StepScaling." + }, + "minAdjustmentMagnitude": { + "type": "integer", + "description": "The minimum value to scale by when the adjustment type is PercentChangeInCapacity. For example, suppose that you create a step scaling policy to scale out an Auto Scaling group by 25 percent and you specify a MinAdjustmentMagnitude of 2. If the group has 4 instances and the scaling policy is performed, 25 percent of 4 is 1. However, because you specified a MinAdjustmentMagnitude of 2, Amazon EC2 Auto Scaling scales out the group by 2 instances." + }, + "policyName": { + "type": "string", + "description": "Returns the name of a scaling policy." + }, + "policyType": { + "type": "string", + "description": "One of the following policy types: TargetTrackingScaling, StepScaling, SimpleScaling (default), PredictiveScaling" + }, + "predictiveScalingConfiguration": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyPredictiveScalingConfiguration", + "description": "A predictive scaling policy. Includes support for predefined metrics only." + }, + "scalingAdjustment": { + "type": "integer", + "description": "The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity. For exact capacity, you must specify a positive value. Required if the policy type is SimpleScaling. (Not used with any other policy type.)" + }, + "stepAdjustments": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyStepAdjustment" + }, + "description": "A set of adjustments that enable you to scale based on the size of the alarm breach. Required if the policy type is StepScaling. (Not used with any other policy type.)" + }, + "targetTrackingConfiguration": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyTargetTrackingConfiguration", + "description": "A target tracking scaling policy. Includes support for predefined or customized metrics." + } + }, + "required": [ + "autoScalingGroupName" + ], + "createOnly": [ + "autoScalingGroupName" + ] + }, + "aws-native:autoscaling:ScheduledAction": { + "cf": "AWS::AutoScaling::ScheduledAction", + "inputs": { + "autoScalingGroupName": { + "type": "string", + "description": "The name of the Auto Scaling group." + }, + "desiredCapacity": { + "type": "integer", + "description": "The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain." + }, + "endTime": { + "type": "string", + "description": "The latest scheduled start time to return. If scheduled action names are provided, this parameter is ignored." + }, + "maxSize": { + "type": "integer", + "description": "The minimum size of the Auto Scaling group." + }, + "minSize": { + "type": "integer", + "description": "The minimum size of the Auto Scaling group." + }, + "recurrence": { + "type": "string", + "description": "The recurring schedule for the action, in Unix cron syntax format. When StartTime and EndTime are specified with Recurrence , they form the boundaries of when the recurring action starts and stops." + }, + "startTime": { + "type": "string", + "description": "The earliest scheduled start time to return. If scheduled action names are provided, this parameter is ignored." + }, + "timeZone": { + "type": "string", + "description": "The time zone for the cron expression." + } + }, + "outputs": { + "autoScalingGroupName": { + "type": "string", + "description": "The name of the Auto Scaling group.", + "replaceOnChanges": true + }, + "desiredCapacity": { + "type": "integer", + "description": "The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain." + }, + "endTime": { + "type": "string", + "description": "The latest scheduled start time to return. If scheduled action names are provided, this parameter is ignored." + }, + "maxSize": { + "type": "integer", + "description": "The minimum size of the Auto Scaling group." + }, + "minSize": { + "type": "integer", + "description": "The minimum size of the Auto Scaling group." + }, + "recurrence": { + "type": "string", + "description": "The recurring schedule for the action, in Unix cron syntax format. When StartTime and EndTime are specified with Recurrence , they form the boundaries of when the recurring action starts and stops." + }, + "scheduledActionName": { + "type": "string", + "description": "Auto-generated unique identifier" + }, + "startTime": { + "type": "string", + "description": "The earliest scheduled start time to return. If scheduled action names are provided, this parameter is ignored." + }, + "timeZone": { + "type": "string", + "description": "The time zone for the cron expression." + } + }, + "required": [ + "autoScalingGroupName" + ], + "createOnly": [ + "autoScalingGroupName" + ] + }, + "aws-native:autoscaling:WarmPool": { + "cf": "AWS::AutoScaling::WarmPool", + "inputs": { + "autoScalingGroupName": { + "type": "string", + "description": "The name of the Auto Scaling group." + }, + "instanceReusePolicy": { + "$ref": "#/types/aws-native:autoscaling:WarmPoolInstanceReusePolicy", + "description": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in." + }, + "maxGroupPreparedCapacity": { + "type": "integer", + "description": "Specifies the maximum number of instances that are allowed to be in the warm pool or in any state except `Terminated` for the Auto Scaling group. This is an optional property. Specify it only if you do not want the warm pool size to be determined by the difference between the group's maximum capacity and its desired capacity.\n\n\u003e If a value for `MaxGroupPreparedCapacity` is not specified, Amazon EC2 Auto Scaling launches and maintains the difference between the group's maximum capacity and its desired capacity. If you specify a value for `MaxGroupPreparedCapacity` , Amazon EC2 Auto Scaling uses the difference between the `MaxGroupPreparedCapacity` and the desired capacity instead.\n\u003e \n\u003e The size of the warm pool is dynamic. Only when `MaxGroupPreparedCapacity` and `MinSize` are set to the same value does the warm pool have an absolute size. \n\nIf the desired capacity of the Auto Scaling group is higher than the `MaxGroupPreparedCapacity` , the capacity of the warm pool is 0, unless you specify a value for `MinSize` . To remove a value that you previously set, include the property but specify -1 for the value." + }, + "minSize": { + "type": "integer", + "description": "Specifies the minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified." + }, + "poolState": { + "type": "string", + "description": "Sets the instance state to transition to after the lifecycle actions are complete. Default is `Stopped` ." + } + }, + "outputs": { + "autoScalingGroupName": { + "type": "string", + "description": "The name of the Auto Scaling group.", + "replaceOnChanges": true + }, + "instanceReusePolicy": { + "$ref": "#/types/aws-native:autoscaling:WarmPoolInstanceReusePolicy", + "description": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in." + }, + "maxGroupPreparedCapacity": { + "type": "integer", + "description": "Specifies the maximum number of instances that are allowed to be in the warm pool or in any state except `Terminated` for the Auto Scaling group. This is an optional property. Specify it only if you do not want the warm pool size to be determined by the difference between the group's maximum capacity and its desired capacity.\n\n\u003e If a value for `MaxGroupPreparedCapacity` is not specified, Amazon EC2 Auto Scaling launches and maintains the difference between the group's maximum capacity and its desired capacity. If you specify a value for `MaxGroupPreparedCapacity` , Amazon EC2 Auto Scaling uses the difference between the `MaxGroupPreparedCapacity` and the desired capacity instead.\n\u003e \n\u003e The size of the warm pool is dynamic. Only when `MaxGroupPreparedCapacity` and `MinSize` are set to the same value does the warm pool have an absolute size. \n\nIf the desired capacity of the Auto Scaling group is higher than the `MaxGroupPreparedCapacity` , the capacity of the warm pool is 0, unless you specify a value for `MinSize` . To remove a value that you previously set, include the property but specify -1 for the value." + }, + "minSize": { + "type": "integer", + "description": "Specifies the minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified." + }, + "poolState": { + "type": "string", + "description": "Sets the instance state to transition to after the lifecycle actions are complete. Default is `Stopped` ." + } + }, + "required": [ + "autoScalingGroupName" + ], + "createOnly": [ + "autoScalingGroupName" + ] + }, + "aws-native:b2bi:Capability": { + "cf": "AWS::B2BI::Capability", + "inputs": { + "configuration": { + "$ref": "#/types/aws-native:b2bi:CapabilityConfigurationProperties", + "description": "Specifies a structure that contains the details for a capability." + }, + "instructionsDocuments": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:b2bi:CapabilityS3Location" + }, + "description": "Specifies one or more locations in Amazon S3, each specifying an EDI document that can be used with this capability. Each item contains the name of the bucket and the key, to identify the document's location." + }, + "name": { + "type": "string", + "description": "The display name of the capability." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the key-value pairs assigned to ARNs that you can use to group and search for resources by type. You can attach this metadata to resources (capabilities, partnerships, and so on) for any purpose." + }, + "type": { + "$ref": "#/types/aws-native:b2bi:CapabilityType", + "description": "Returns the type of the capability. Currently, only `edi` is supported." + } + }, + "outputs": { + "capabilityArn": { + "type": "string", + "description": "Returns an Amazon Resource Name (ARN) for a specific AWS resource, such as a capability, partnership, profile, or transformer." + }, + "capabilityId": { + "type": "string", + "description": "Returns a system-assigned unique identifier for the capability." + }, + "configuration": { + "$ref": "#/types/aws-native:b2bi:CapabilityConfigurationProperties", + "description": "Specifies a structure that contains the details for a capability." + }, + "createdAt": { + "type": "string", + "description": "Returns a timestamp for creation date and time of the capability." + }, + "instructionsDocuments": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:b2bi:CapabilityS3Location" + }, + "description": "Specifies one or more locations in Amazon S3, each specifying an EDI document that can be used with this capability. Each item contains the name of the bucket and the key, to identify the document's location." + }, + "modifiedAt": { + "type": "string", + "description": "Returns a timestamp that identifies the most recent date and time that the capability was modified." + }, + "name": { + "type": "string", + "description": "The display name of the capability." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the key-value pairs assigned to ARNs that you can use to group and search for resources by type. You can attach this metadata to resources (capabilities, partnerships, and so on) for any purpose." + }, + "type": { + "$ref": "#/types/aws-native:b2bi:CapabilityType", + "description": "Returns the type of the capability. Currently, only `edi` is supported.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 254 + }, + "required": [ + "configuration", + "type" + ], + "createOnly": [ + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:b2bi:Partnership": { + "cf": "AWS::B2BI::Partnership", + "inputs": { + "capabilities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Returns one or more capabilities associated with this partnership." + }, + "email": { + "type": "string" + }, + "name": { + "type": "string", + "description": "Returns the name of the partnership." + }, + "phone": { + "type": "string" + }, + "profileId": { + "type": "string", + "description": "Returns the unique, system-generated identifier for the profile connected to this partnership." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A key-value pair for a specific partnership. Tags are metadata that you can use to search for and group capabilities for various purposes." + } + }, + "outputs": { + "capabilities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Returns one or more capabilities associated with this partnership." + }, + "createdAt": { + "type": "string", + "description": "Returns a timestamp for creation date and time of the partnership." + }, + "email": { + "type": "string", + "replaceOnChanges": true + }, + "modifiedAt": { + "type": "string", + "description": "Returns a timestamp that identifies the most recent date and time that the partnership was modified." + }, + "name": { + "type": "string", + "description": "Returns the name of the partnership." + }, + "partnershipArn": { + "type": "string", + "description": "Returns an Amazon Resource Name (ARN) for a specific AWS resource, such as a capability, partnership, profile, or transformer." + }, + "partnershipId": { + "type": "string", + "description": "Returns the unique, system-generated identifier for a partnership." + }, + "phone": { + "type": "string", + "replaceOnChanges": true + }, + "profileId": { + "type": "string", + "description": "Returns the unique, system-generated identifier for the profile connected to this partnership.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A key-value pair for a specific partnership. Tags are metadata that you can use to search for and group capabilities for various purposes." + }, + "tradingPartnerId": { + "type": "string", + "description": "Returns the unique, system-generated identifier for a trading partner." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 254 + }, + "required": [ + "email", + "profileId" + ], + "createOnly": [ + "email", + "phone", + "profileId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:b2bi:Profile": { + "cf": "AWS::B2BI::Profile", + "inputs": { + "businessName": { + "type": "string", + "description": "Returns the name for the business associated with this profile." + }, + "email": { + "type": "string" + }, + "logging": { + "$ref": "#/types/aws-native:b2bi:ProfileLogging", + "description": "Specifies whether or not logging is enabled for this profile." + }, + "name": { + "type": "string", + "description": "Returns the display name for profile." + }, + "phone": { + "type": "string" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A key-value pair for a specific profile. Tags are metadata that you can use to search for and group capabilities for various purposes." + } + }, + "outputs": { + "businessName": { + "type": "string", + "description": "Returns the name for the business associated with this profile." + }, + "createdAt": { + "type": "string", + "description": "Returns the timestamp for creation date and time of the profile." + }, + "email": { + "type": "string" + }, + "logGroupName": { + "type": "string", + "description": "Returns the name of the logging group." + }, + "logging": { + "$ref": "#/types/aws-native:b2bi:ProfileLogging", + "description": "Specifies whether or not logging is enabled for this profile.", + "replaceOnChanges": true + }, + "modifiedAt": { + "type": "string", + "description": "Returns the timestamp that identifies the most recent date and time that the profile was modified." + }, + "name": { + "type": "string", + "description": "Returns the display name for profile." + }, + "phone": { + "type": "string" + }, + "profileArn": { + "type": "string", + "description": "Returns an Amazon Resource Name (ARN) for the profile." + }, + "profileId": { + "type": "string" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A key-value pair for a specific profile. Tags are metadata that you can use to search for and group capabilities for various purposes." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 254 + }, + "required": [ + "businessName", + "logging", + "phone" + ], + "createOnly": [ + "logging" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:b2bi:Transformer": { + "cf": "AWS::B2BI::Transformer", + "inputs": { + "ediType": { + "$ref": "#/types/aws-native:b2bi:TransformerEdiTypeProperties", + "description": "Returns the details for the EDI standard that is being used for the transformer. Currently, only X12 is supported. X12 is a set of standards and corresponding messages that define specific business documents." + }, + "fileFormat": { + "$ref": "#/types/aws-native:b2bi:TransformerFileFormat", + "description": "Returns that the currently supported file formats for EDI transformations are `JSON` and `XML` ." + }, + "mappingTemplate": { + "type": "string", + "description": "Returns a sample EDI document that is used by a transformer as a guide for processing the EDI data." + }, + "name": { + "type": "string", + "description": "Returns the descriptive name for the transformer." + }, + "sampleDocument": { + "type": "string", + "description": "Returns a sample EDI document that is used by a transformer as a guide for processing the EDI data." + }, + "status": { + "$ref": "#/types/aws-native:b2bi:TransformerStatus", + "description": "Returns the state of the newly created transformer. The transformer can be either `active` or `inactive` . For the transformer to be used in a capability, its status must `active` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A key-value pair for a specific transformer. Tags are metadata that you can use to search for and group capabilities for various purposes." + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "Returns a timestamp indicating when the transformer was created. For example, `2023-07-20T19:58:44.624Z` ." + }, + "ediType": { + "$ref": "#/types/aws-native:b2bi:TransformerEdiTypeProperties", + "description": "Returns the details for the EDI standard that is being used for the transformer. Currently, only X12 is supported. X12 is a set of standards and corresponding messages that define specific business documents." + }, + "fileFormat": { + "$ref": "#/types/aws-native:b2bi:TransformerFileFormat", + "description": "Returns that the currently supported file formats for EDI transformations are `JSON` and `XML` ." + }, + "mappingTemplate": { + "type": "string", + "description": "Returns a sample EDI document that is used by a transformer as a guide for processing the EDI data." + }, + "modifiedAt": { + "type": "string", + "description": "Returns a timestamp representing the date and time for the most recent change for the transformer object." + }, + "name": { + "type": "string", + "description": "Returns the descriptive name for the transformer." + }, + "sampleDocument": { + "type": "string", + "description": "Returns a sample EDI document that is used by a transformer as a guide for processing the EDI data." + }, + "status": { + "$ref": "#/types/aws-native:b2bi:TransformerStatus", + "description": "Returns the state of the newly created transformer. The transformer can be either `active` or `inactive` . For the transformer to be used in a capability, its status must `active` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A key-value pair for a specific transformer. Tags are metadata that you can use to search for and group capabilities for various purposes." + }, + "transformerArn": { + "type": "string", + "description": "Returns an Amazon Resource Name (ARN) for a specific transformer." + }, + "transformerId": { + "type": "string", + "description": "The system-assigned unique identifier for the transformer." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 254 + }, + "required": [ + "ediType", + "fileFormat", + "mappingTemplate", + "status" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:backup:BackupPlan": { + "cf": "AWS::Backup::BackupPlan", + "inputs": { + "backupPlan": { + "$ref": "#/types/aws-native:backup:BackupPlanResourceType", + "description": "Uniquely identifies the backup plan to be associated with the selection of resources.", + "language": { + "csharp": { + "name": "BackupPlanValue" + } + } + }, + "backupPlanTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags to assign to the backup plan." + } + }, + "outputs": { + "backupPlan": { + "$ref": "#/types/aws-native:backup:BackupPlanResourceType", + "description": "Uniquely identifies the backup plan to be associated with the selection of resources.", + "language": { + "csharp": { + "name": "BackupPlanValue" + } + } + }, + "backupPlanArn": { + "type": "string", + "description": "An Amazon Resource Name (ARN) that uniquely identifies a backup plan; for example, `arn:aws:backup:us-east-1:123456789012:plan:8F81F553-3A74-4A3F-B93D-B3360DC80C50` ." + }, + "backupPlanId": { + "type": "string", + "description": "Uniquely identifies a backup plan." + }, + "backupPlanTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags to assign to the backup plan." + }, + "versionId": { + "type": "string", + "description": "Unique, randomly generated, Unicode, UTF-8 encoded strings that are at most 1,024 bytes long. Version Ids cannot be edited." + } + }, + "required": [ + "backupPlan" + ], + "tagsProperty": "backupPlanTags", + "tagsStyle": "stringMap" + }, + "aws-native:backup:BackupSelection": { + "cf": "AWS::Backup::BackupSelection", + "inputs": { + "backupPlanId": { + "type": "string", + "description": "Uniquely identifies a backup plan." + }, + "backupSelection": { + "$ref": "#/types/aws-native:backup:BackupSelectionResourceType", + "description": "Specifies the body of a request to assign a set of resources to a backup plan.\n\nIt includes an array of resources, an optional array of patterns to exclude resources, an optional role to provide access to the AWS service the resource belongs to, and an optional array of tags used to identify a set of resources.", + "language": { + "csharp": { + "name": "BackupSelectionValue" + } + } + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "Uniquely identifies the backup selection." + }, + "backupPlanId": { + "type": "string", + "description": "Uniquely identifies a backup plan.", + "replaceOnChanges": true + }, + "backupSelection": { + "$ref": "#/types/aws-native:backup:BackupSelectionResourceType", + "description": "Specifies the body of a request to assign a set of resources to a backup plan.\n\nIt includes an array of resources, an optional array of patterns to exclude resources, an optional role to provide access to the AWS service the resource belongs to, and an optional array of tags used to identify a set of resources.", + "language": { + "csharp": { + "name": "BackupSelectionValue" + } + }, + "replaceOnChanges": true + }, + "selectionId": { + "type": "string", + "description": "Uniquely identifies a request to assign a set of resources to a backup plan." + } + }, + "required": [ + "backupPlanId", + "backupSelection" + ], + "createOnly": [ + "backupPlanId", + "backupSelection" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:backup:BackupVault": { + "cf": "AWS::Backup::BackupVault", + "inputs": { + "accessPolicy": { + "$ref": "pulumi.json#/Any", + "description": "A resource-based policy that is used to manage access permissions on the target backup vault.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Backup::BackupVault` for more information about the expected schema for this property." + }, + "backupVaultName": { + "type": "string", + "description": "The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created." + }, + "backupVaultTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags to assign to the backup vault." + }, + "encryptionKeyArn": { + "type": "string", + "description": "A server-side encryption key you can specify to encrypt your backups from services that support full AWS Backup management; for example, `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` . If you specify a key, you must specify its ARN, not its alias. If you do not specify a key, AWS Backup creates a KMS key for you by default.\n\nTo learn which AWS Backup services support full AWS Backup management and how AWS Backup handles encryption for backups from services that do not yet support full AWS Backup , see [Encryption for backups in AWS Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/encryption.html)" + }, + "lockConfiguration": { + "$ref": "#/types/aws-native:backup:BackupVaultLockConfigurationType", + "description": "Configuration for [AWS Backup Vault Lock](https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html) ." + }, + "notifications": { + "$ref": "#/types/aws-native:backup:BackupVaultNotificationObjectType", + "description": "The SNS event notifications for the specified backup vault." + } + }, + "outputs": { + "accessPolicy": { + "$ref": "pulumi.json#/Any", + "description": "A resource-based policy that is used to manage access permissions on the target backup vault.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Backup::BackupVault` for more information about the expected schema for this property." + }, + "backupVaultArn": { + "type": "string", + "description": "An Amazon Resource Name (ARN) that uniquely identifies a backup vault; for example, `arn:aws:backup:us-east-1:123456789012:backup-vault:aBackupVault` ." + }, + "backupVaultName": { + "type": "string", + "description": "The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created.", + "replaceOnChanges": true + }, + "backupVaultTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags to assign to the backup vault." + }, + "encryptionKeyArn": { + "type": "string", + "description": "A server-side encryption key you can specify to encrypt your backups from services that support full AWS Backup management; for example, `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` . If you specify a key, you must specify its ARN, not its alias. If you do not specify a key, AWS Backup creates a KMS key for you by default.\n\nTo learn which AWS Backup services support full AWS Backup management and how AWS Backup handles encryption for backups from services that do not yet support full AWS Backup , see [Encryption for backups in AWS Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/encryption.html)", + "replaceOnChanges": true + }, + "lockConfiguration": { + "$ref": "#/types/aws-native:backup:BackupVaultLockConfigurationType", + "description": "Configuration for [AWS Backup Vault Lock](https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html) ." + }, + "notifications": { + "$ref": "#/types/aws-native:backup:BackupVaultNotificationObjectType", + "description": "The SNS event notifications for the specified backup vault." + } + }, + "autoNamingSpec": { + "sdkName": "backupVaultName" + }, + "createOnly": [ + "backupVaultName", + "encryptionKeyArn" + ], + "writeOnly": [ + "lockConfiguration/ChangeableForDays" + ], + "tagsProperty": "backupVaultTags", + "tagsStyle": "stringMap" + }, + "aws-native:backup:Framework": { + "cf": "AWS::Backup::Framework", + "inputs": { + "frameworkControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:FrameworkControl" + }, + "description": "Contains detailed information about all of the controls of a framework. Each framework must contain at least one control." + }, + "frameworkDescription": { + "type": "string", + "description": "An optional description of the framework with a maximum 1,024 characters." + }, + "frameworkName": { + "type": "string", + "description": "The unique name of a framework. This name is between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_)." + }, + "frameworkTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The date and time that a framework is created, in ISO 8601 representation. The value of CreationTime is accurate to milliseconds. For example, 2020-07-10T15:00:00.000-08:00 represents the 10th of July 2020 at 3:00 PM 8 hours behind UTC." + }, + "deploymentStatus": { + "type": "string", + "description": "The deployment status of a framework. The statuses are: `CREATE_IN_PROGRESS | UPDATE_IN_PROGRESS | DELETE_IN_PROGRESS | COMPLETED | FAILED`" + }, + "frameworkArn": { + "type": "string", + "description": "An Amazon Resource Name (ARN) that uniquely identifies Framework as a resource" + }, + "frameworkControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:FrameworkControl" + }, + "description": "Contains detailed information about all of the controls of a framework. Each framework must contain at least one control." + }, + "frameworkDescription": { + "type": "string", + "description": "An optional description of the framework with a maximum 1,024 characters." + }, + "frameworkName": { + "type": "string", + "description": "The unique name of a framework. This name is between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).", + "replaceOnChanges": true + }, + "frameworkStatus": { + "type": "string", + "description": "A framework consists of one or more controls. Each control governs a resource, such as backup plans, backup selections, backup vaults, or recovery points. You can also turn AWS Config recording on or off for each resource. The statuses are:\n\n`ACTIVE` when recording is turned on for all resources governed by the framework.\n\n`PARTIALLY_ACTIVE` when recording is turned off for at least one resource governed by the framework.\n\n`INACTIVE` when recording is turned off for all resources governed by the framework.\n\n`UNAVAILABLE` when AWS Backup is unable to validate recording status at this time." + }, + "frameworkTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair." + } + }, + "autoNamingSpec": { + "sdkName": "frameworkName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "frameworkControls" + ], + "createOnly": [ + "frameworkName" + ], + "tagsProperty": "frameworkTags", + "tagsStyle": "keyValueArray" + }, + "aws-native:backup:ReportPlan": { + "cf": "AWS::Backup::ReportPlan", + "inputs": { + "reportDeliveryChannel": { + "$ref": "#/types/aws-native:backup:ReportDeliveryChannelProperties", + "description": "A structure that contains information about where and how to deliver your reports, specifically your Amazon S3 bucket name, S3 key prefix, and the formats of your reports." + }, + "reportPlanDescription": { + "type": "string", + "description": "An optional description of the report plan with a maximum of 1,024 characters." + }, + "reportPlanName": { + "type": "string", + "description": "The unique name of the report plan. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_)." + }, + "reportPlanTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the report plans that you create. Each tag is a key-value pair." + }, + "reportSetting": { + "$ref": "#/types/aws-native:backup:ReportSettingProperties", + "description": "Identifies the report template for the report. Reports are built using a report template." + } + }, + "outputs": { + "reportDeliveryChannel": { + "$ref": "#/types/aws-native:backup:ReportDeliveryChannelProperties", + "description": "A structure that contains information about where and how to deliver your reports, specifically your Amazon S3 bucket name, S3 key prefix, and the formats of your reports." + }, + "reportPlanArn": { + "type": "string", + "description": "An Amazon Resource Name (ARN) that uniquely identifies a resource. The format of the ARN depends on the resource type." + }, + "reportPlanDescription": { + "type": "string", + "description": "An optional description of the report plan with a maximum of 1,024 characters." + }, + "reportPlanName": { + "type": "string", + "description": "The unique name of the report plan. The name must be between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).", + "replaceOnChanges": true + }, + "reportPlanTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the report plans that you create. Each tag is a key-value pair." + }, + "reportSetting": { + "$ref": "#/types/aws-native:backup:ReportSettingProperties", + "description": "Identifies the report template for the report. Reports are built using a report template." + } + }, + "autoNamingSpec": { + "sdkName": "reportPlanName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "reportDeliveryChannel", + "reportSetting" + ], + "createOnly": [ + "reportPlanName" + ], + "tagsProperty": "reportPlanTags", + "tagsStyle": "keyValueArray" + }, + "aws-native:backup:RestoreTestingPlan": { + "cf": "AWS::Backup::RestoreTestingPlan", + "inputs": { + "recoveryPointSelection": { + "$ref": "#/types/aws-native:backup:RestoreTestingPlanRestoreTestingRecoveryPointSelection", + "description": "The specified criteria to assign a set of resources, such as recovery point types or backup vaults." + }, + "restoreTestingPlanName": { + "type": "string", + "description": "The RestoreTestingPlanName is a unique string that is the name of the restore testing plan. This cannot be changed after creation, and it must consist of only alphanumeric characters and underscores." + }, + "scheduleExpression": { + "type": "string", + "description": "A CRON expression in specified timezone when a restore testing plan is executed." + }, + "scheduleExpressionTimezone": { + "type": "string", + "description": "Optional. This is the timezone in which the schedule expression is set. By default, ScheduleExpressions are in UTC. You can modify this to a specified timezone." + }, + "startWindowHours": { + "type": "integer", + "description": "Defaults to 24 hours.\n\nA value in hours after a restore test is scheduled before a job will be canceled if it doesn't start successfully. This value is optional. If this value is included, this parameter has a maximum value of 168 hours (one week)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Optional tags to include. A tag is a key-value pair you can use to manage, filter, and search for your resources. Allowed characters include UTF-8 letters,numbers, spaces, and the following characters: `+ - = . _ : /.`" + } + }, + "outputs": { + "recoveryPointSelection": { + "$ref": "#/types/aws-native:backup:RestoreTestingPlanRestoreTestingRecoveryPointSelection", + "description": "The specified criteria to assign a set of resources, such as recovery point types or backup vaults." + }, + "restoreTestingPlanArn": { + "type": "string", + "description": "An Amazon Resource Name (ARN) that uniquely identifies a restore testing plan." + }, + "restoreTestingPlanName": { + "type": "string", + "description": "The RestoreTestingPlanName is a unique string that is the name of the restore testing plan. This cannot be changed after creation, and it must consist of only alphanumeric characters and underscores.", + "replaceOnChanges": true + }, + "scheduleExpression": { + "type": "string", + "description": "A CRON expression in specified timezone when a restore testing plan is executed." + }, + "scheduleExpressionTimezone": { + "type": "string", + "description": "Optional. This is the timezone in which the schedule expression is set. By default, ScheduleExpressions are in UTC. You can modify this to a specified timezone." + }, + "startWindowHours": { + "type": "integer", + "description": "Defaults to 24 hours.\n\nA value in hours after a restore test is scheduled before a job will be canceled if it doesn't start successfully. This value is optional. If this value is included, this parameter has a maximum value of 168 hours (one week)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Optional tags to include. A tag is a key-value pair you can use to manage, filter, and search for your resources. Allowed characters include UTF-8 letters,numbers, spaces, and the following characters: `+ - = . _ : /.`" + } + }, + "autoNamingSpec": { + "sdkName": "restoreTestingPlanName" + }, + "required": [ + "recoveryPointSelection", + "scheduleExpression" + ], + "createOnly": [ + "restoreTestingPlanName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:backup:RestoreTestingSelection": { + "cf": "AWS::Backup::RestoreTestingSelection", + "inputs": { + "iamRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that AWS Backup uses to create the target resource; for example: `arn:aws:iam::123456789012:role/S3Access` ." + }, + "protectedResourceArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "You can include specific ARNs, such as `ProtectedResourceArns: [\"arn:aws:...\", \"arn:aws:...\"]` or you can include a wildcard: `ProtectedResourceArns: [\"*\"]` , but not both." + }, + "protectedResourceConditions": { + "$ref": "#/types/aws-native:backup:RestoreTestingSelectionProtectedResourceConditions", + "description": "In a resource testing selection, this parameter filters by specific conditions such as `StringEquals` or `StringNotEquals` ." + }, + "protectedResourceType": { + "type": "string", + "description": "The type of AWS resource included in a resource testing selection; for example, an Amazon EBS volume or an Amazon RDS database." + }, + "restoreMetadataOverrides": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "You can override certain restore metadata keys by including the parameter `RestoreMetadataOverrides` in the body of `RestoreTestingSelection` . Key values are not case sensitive.\n\nSee the complete list of [restore testing inferred metadata](https://docs.aws.amazon.com/aws-backup/latest/devguide/restore-testing-inferred-metadata.html) ." + }, + "restoreTestingPlanName": { + "type": "string", + "description": "Unique string that is the name of the restore testing plan.\n\nThe name cannot be changed after creation. The name must consist of only alphanumeric characters and underscores. Maximum length is 50." + }, + "restoreTestingSelectionName": { + "type": "string", + "description": "The unique name of the restore testing selection that belongs to the related restore testing plan." + }, + "validationWindowHours": { + "type": "integer", + "description": "This is amount of hours (1 to 168) available to run a validation script on the data. The data will be deleted upon the completion of the validation script or the end of the specified retention period, whichever comes first." + } + }, + "outputs": { + "iamRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that AWS Backup uses to create the target resource; for example: `arn:aws:iam::123456789012:role/S3Access` ." + }, + "protectedResourceArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "You can include specific ARNs, such as `ProtectedResourceArns: [\"arn:aws:...\", \"arn:aws:...\"]` or you can include a wildcard: `ProtectedResourceArns: [\"*\"]` , but not both." + }, + "protectedResourceConditions": { + "$ref": "#/types/aws-native:backup:RestoreTestingSelectionProtectedResourceConditions", + "description": "In a resource testing selection, this parameter filters by specific conditions such as `StringEquals` or `StringNotEquals` ." + }, + "protectedResourceType": { + "type": "string", + "description": "The type of AWS resource included in a resource testing selection; for example, an Amazon EBS volume or an Amazon RDS database.", + "replaceOnChanges": true + }, + "restoreMetadataOverrides": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "You can override certain restore metadata keys by including the parameter `RestoreMetadataOverrides` in the body of `RestoreTestingSelection` . Key values are not case sensitive.\n\nSee the complete list of [restore testing inferred metadata](https://docs.aws.amazon.com/aws-backup/latest/devguide/restore-testing-inferred-metadata.html) ." + }, + "restoreTestingPlanName": { + "type": "string", + "description": "Unique string that is the name of the restore testing plan.\n\nThe name cannot be changed after creation. The name must consist of only alphanumeric characters and underscores. Maximum length is 50.", + "replaceOnChanges": true + }, + "restoreTestingSelectionName": { + "type": "string", + "description": "The unique name of the restore testing selection that belongs to the related restore testing plan.", + "replaceOnChanges": true + }, + "validationWindowHours": { + "type": "integer", + "description": "This is amount of hours (1 to 168) available to run a validation script on the data. The data will be deleted upon the completion of the validation script or the end of the specified retention period, whichever comes first." + } + }, + "autoNamingSpec": { + "sdkName": "restoreTestingSelectionName" + }, + "required": [ + "iamRoleArn", + "protectedResourceType", + "restoreTestingPlanName" + ], + "createOnly": [ + "protectedResourceType", + "restoreTestingPlanName", + "restoreTestingSelectionName" + ] + }, + "aws-native:backupgateway:Hypervisor": { + "cf": "AWS::BackupGateway::Hypervisor", + "inputs": { + "host": { + "type": "string", + "description": "The server host of the hypervisor. This can be either an IP address or a fully-qualified domain name (FQDN)." + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Key Management Service used to encrypt the hypervisor." + }, + "logGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the group of gateways within the requested log." + }, + "name": { + "type": "string", + "description": "The name of the hypervisor." + }, + "password": { + "type": "string", + "description": "The password for the hypervisor." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags of the hypervisor configuration to import." + }, + "username": { + "type": "string", + "description": "The username for the hypervisor." + } + }, + "outputs": { + "host": { + "type": "string", + "description": "The server host of the hypervisor. This can be either an IP address or a fully-qualified domain name (FQDN)." + }, + "hypervisorArn": { + "type": "string", + "description": "Returns `HypervisorArn` , an Amazon Resource Name (ARN) that uniquely identifies a Hypervisor. For example: `arn:aws:backup-gateway:us-east-1:123456789012:hypervisor/hype-1234D67D`" + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Key Management Service used to encrypt the hypervisor.", + "replaceOnChanges": true + }, + "logGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the group of gateways within the requested log." + }, + "name": { + "type": "string", + "description": "The name of the hypervisor." + }, + "password": { + "type": "string", + "description": "The password for the hypervisor." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags of the hypervisor configuration to import.", + "replaceOnChanges": true + }, + "username": { + "type": "string", + "description": "The username for the hypervisor." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 100 + }, + "createOnly": [ + "kmsKeyArn", + "tags" + ], + "writeOnly": [ + "kmsKeyArn", + "logGroupArn", + "name", + "password", + "tags", + "username" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:batch:ComputeEnvironment": { + "cf": "AWS::Batch::ComputeEnvironment", + "inputs": { + "computeEnvironmentName": { + "type": "string", + "description": "The name for your compute environment. It can be up to 128 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_)." + }, + "computeResources": { + "$ref": "#/types/aws-native:batch:ComputeEnvironmentComputeResources", + "description": "The ComputeResources property type specifies details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. For more information, see [Compute Environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the ** ." + }, + "eksConfiguration": { + "$ref": "#/types/aws-native:batch:ComputeEnvironmentEksConfiguration", + "description": "The details for the Amazon EKS cluster that supports the compute environment." + }, + "replaceComputeEnvironment": { + "type": "boolean", + "description": "Specifies whether the compute environment is replaced if an update is made that requires replacing the instances in the compute environment. The default value is `true` . To enable more properties to be updated, set this property to `false` . When changing the value of this property to `false` , do not change any other properties at the same time. If other properties are changed at the same time, and the change needs to be rolled back but it can't, it's possible for the stack to go into the `UPDATE_ROLLBACK_FAILED` state. You can't update a stack that is in the `UPDATE_ROLLBACK_FAILED` state. However, if you can continue to roll it back, you can return the stack to its original settings and then try to update it again. For more information, see [Continue rolling back an update](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-continueupdaterollback.html) in the *AWS CloudFormation User Guide* .\n\nThe properties that can't be changed without replacing the compute environment are in the [`ComputeResources`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html) property type: [`AllocationStrategy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-allocationstrategy) , [`BidPercentage`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-bidpercentage) , [`Ec2Configuration`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-ec2configuration) , [`Ec2KeyPair`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-ec2keypair) , [`Ec2KeyPair`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-ec2keypair) , [`ImageId`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-imageid) , [`InstanceRole`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-instancerole) , [`InstanceTypes`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-instancetypes) , [`LaunchTemplate`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-launchtemplate) , [`MaxvCpus`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-maxvcpus) , [`MinvCpus`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-minvcpus) , [`PlacementGroup`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-placementgroup) , [`SecurityGroupIds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-securitygroupids) , [`Subnets`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-subnets) , [Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-tags) , [`Type`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-type) , and [`UpdateToLatestImageVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-updatetolatestimageversion) ." + }, + "serviceRole": { + "type": "string", + "description": "The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf. For more information, see [AWS Batch service IAM role](https://docs.aws.amazon.com/batch/latest/userguide/service_IAM_role.html) in the *AWS Batch User Guide* .\n\n\u003e If your account already created the AWS Batch service-linked role, that role is used by default for your compute environment unless you specify a different role here. If the AWS Batch service-linked role doesn't exist in your account, and no role is specified here, the service attempts to create the AWS Batch service-linked role in your account. \n\nIf your specified role has a path other than `/` , then you must specify either the full role ARN (recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` , specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .\n\n\u003e Depending on how you created your AWS Batch service role, its ARN might contain the `service-role` path prefix. When you only specify the name of the service role, AWS Batch assumes that your ARN doesn't use the `service-role` path prefix. Because of this, we recommend that you specify the full ARN of your service role when you create compute environments." + }, + "state": { + "type": "string", + "description": "The state of the compute environment. If the state is `ENABLED` , then the compute environment accepts jobs from a queue and can scale out automatically based on queues.\n\nIf the state is `ENABLED` , then the AWS Batch scheduler can attempt to place jobs from an associated job queue on the compute resources within the environment. If the compute environment is managed, then it can scale its instances out or in automatically, based on the job queue demand.\n\nIf the state is `DISABLED` , then the AWS Batch scheduler doesn't attempt to place jobs within the environment. Jobs in a `STARTING` or `RUNNING` state continue to progress normally. Managed compute environments in the `DISABLED` state don't scale out.\n\n\u003e Compute environments in a `DISABLED` state may continue to incur billing charges. To prevent additional charges, turn off and then delete the compute environment. For more information, see [State](https://docs.aws.amazon.com/batch/latest/userguide/compute_environment_parameters.html#compute_environment_state) in the *AWS Batch User Guide* . \n\nWhen an instance is idle, the instance scales down to the `minvCpus` value. However, the instance size doesn't change. For example, consider a `c5.8xlarge` instance with a `minvCpus` value of `4` and a `desiredvCpus` value of `36` . This instance doesn't scale down to a `c5.large` instance." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + }, + "type": { + "type": "string", + "description": "The type of the compute environment: `MANAGED` or `UNMANAGED` . For more information, see [Compute Environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the *AWS Batch User Guide* ." + }, + "unmanagedvCpus": { + "type": "integer", + "description": "The maximum number of vCPUs for an unmanaged compute environment. This parameter is only used for fair share scheduling to reserve vCPU capacity for new share identifiers. If this parameter isn't provided for a fair share job queue, no vCPU capacity is reserved.\n\n\u003e This parameter is only supported when the `type` parameter is set to `UNMANAGED` ." + }, + "updatePolicy": { + "$ref": "#/types/aws-native:batch:ComputeEnvironmentUpdatePolicy", + "description": "Specifies the infrastructure update policy for the compute environment. For more information about infrastructure updates, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* ." + } + }, + "outputs": { + "computeEnvironmentArn": { + "type": "string", + "description": "Returns the compute environment ARN, such as `batch: *us-east-1* : *111122223333* :compute-environment/ *ComputeEnvironmentName*` ." + }, + "computeEnvironmentName": { + "type": "string", + "description": "The name for your compute environment. It can be up to 128 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", + "replaceOnChanges": true + }, + "computeResources": { + "$ref": "#/types/aws-native:batch:ComputeEnvironmentComputeResources", + "description": "The ComputeResources property type specifies details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. For more information, see [Compute Environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the ** ." + }, + "eksConfiguration": { + "$ref": "#/types/aws-native:batch:ComputeEnvironmentEksConfiguration", + "description": "The details for the Amazon EKS cluster that supports the compute environment.", + "replaceOnChanges": true + }, + "replaceComputeEnvironment": { + "type": "boolean", + "description": "Specifies whether the compute environment is replaced if an update is made that requires replacing the instances in the compute environment. The default value is `true` . To enable more properties to be updated, set this property to `false` . When changing the value of this property to `false` , do not change any other properties at the same time. If other properties are changed at the same time, and the change needs to be rolled back but it can't, it's possible for the stack to go into the `UPDATE_ROLLBACK_FAILED` state. You can't update a stack that is in the `UPDATE_ROLLBACK_FAILED` state. However, if you can continue to roll it back, you can return the stack to its original settings and then try to update it again. For more information, see [Continue rolling back an update](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-continueupdaterollback.html) in the *AWS CloudFormation User Guide* .\n\nThe properties that can't be changed without replacing the compute environment are in the [`ComputeResources`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html) property type: [`AllocationStrategy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-allocationstrategy) , [`BidPercentage`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-bidpercentage) , [`Ec2Configuration`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-ec2configuration) , [`Ec2KeyPair`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-ec2keypair) , [`Ec2KeyPair`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-ec2keypair) , [`ImageId`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-imageid) , [`InstanceRole`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-instancerole) , [`InstanceTypes`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-instancetypes) , [`LaunchTemplate`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-launchtemplate) , [`MaxvCpus`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-maxvcpus) , [`MinvCpus`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-minvcpus) , [`PlacementGroup`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-placementgroup) , [`SecurityGroupIds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-securitygroupids) , [`Subnets`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-subnets) , [Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-tags) , [`Type`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-type) , and [`UpdateToLatestImageVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-updatetolatestimageversion) ." + }, + "serviceRole": { + "type": "string", + "description": "The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf. For more information, see [AWS Batch service IAM role](https://docs.aws.amazon.com/batch/latest/userguide/service_IAM_role.html) in the *AWS Batch User Guide* .\n\n\u003e If your account already created the AWS Batch service-linked role, that role is used by default for your compute environment unless you specify a different role here. If the AWS Batch service-linked role doesn't exist in your account, and no role is specified here, the service attempts to create the AWS Batch service-linked role in your account. \n\nIf your specified role has a path other than `/` , then you must specify either the full role ARN (recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` , specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .\n\n\u003e Depending on how you created your AWS Batch service role, its ARN might contain the `service-role` path prefix. When you only specify the name of the service role, AWS Batch assumes that your ARN doesn't use the `service-role` path prefix. Because of this, we recommend that you specify the full ARN of your service role when you create compute environments." + }, + "state": { + "type": "string", + "description": "The state of the compute environment. If the state is `ENABLED` , then the compute environment accepts jobs from a queue and can scale out automatically based on queues.\n\nIf the state is `ENABLED` , then the AWS Batch scheduler can attempt to place jobs from an associated job queue on the compute resources within the environment. If the compute environment is managed, then it can scale its instances out or in automatically, based on the job queue demand.\n\nIf the state is `DISABLED` , then the AWS Batch scheduler doesn't attempt to place jobs within the environment. Jobs in a `STARTING` or `RUNNING` state continue to progress normally. Managed compute environments in the `DISABLED` state don't scale out.\n\n\u003e Compute environments in a `DISABLED` state may continue to incur billing charges. To prevent additional charges, turn off and then delete the compute environment. For more information, see [State](https://docs.aws.amazon.com/batch/latest/userguide/compute_environment_parameters.html#compute_environment_state) in the *AWS Batch User Guide* . \n\nWhen an instance is idle, the instance scales down to the `minvCpus` value. However, the instance size doesn't change. For example, consider a `c5.8xlarge` instance with a `minvCpus` value of `4` and a `desiredvCpus` value of `36` . This instance doesn't scale down to a `c5.large` instance." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource.", + "replaceOnChanges": true + }, + "type": { + "type": "string", + "description": "The type of the compute environment: `MANAGED` or `UNMANAGED` . For more information, see [Compute Environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the *AWS Batch User Guide* .", + "replaceOnChanges": true + }, + "unmanagedvCpus": { + "type": "integer", + "description": "The maximum number of vCPUs for an unmanaged compute environment. This parameter is only used for fair share scheduling to reserve vCPU capacity for new share identifiers. If this parameter isn't provided for a fair share job queue, no vCPU capacity is reserved.\n\n\u003e This parameter is only supported when the `type` parameter is set to `UNMANAGED` ." + }, + "updatePolicy": { + "$ref": "#/types/aws-native:batch:ComputeEnvironmentUpdatePolicy", + "description": "Specifies the infrastructure update policy for the compute environment. For more information about infrastructure updates, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* ." + } + }, + "autoNamingSpec": { + "sdkName": "computeEnvironmentName" + }, + "required": [ + "type" + ], + "createOnly": [ + "computeEnvironmentName", + "computeResources/SpotIamFleetRole", + "eksConfiguration", + "tags", + "type" + ], + "writeOnly": [ + "computeResources/UpdateToLatestImageVersion", + "replaceComputeEnvironment", + "updatePolicy" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:batch:JobDefinition": { + "cf": "AWS::Batch::JobDefinition", + "inputs": { + "containerProperties": { + "$ref": "#/types/aws-native:batch:JobDefinitionContainerProperties", + "description": "An object with properties specific to Amazon ECS-based jobs. When `containerProperties` is used in the job definition, it can't be used in addition to `eksProperties` , `ecsProperties` , or `nodeProperties` ." + }, + "ecsProperties": { + "$ref": "#/types/aws-native:batch:JobDefinitionEcsProperties", + "description": "An object that contains the properties for the Amazon ECS resources of a job.When `ecsProperties` is used in the job definition, it can't be used in addition to `containerProperties` , `eksProperties` , or `nodeProperties` ." + }, + "eksProperties": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksProperties", + "description": "An object with properties that are specific to Amazon EKS-based jobs. When `eksProperties` is used in the job definition, it can't be used in addition to `containerProperties` , `ecsProperties` , or `nodeProperties` ." + }, + "jobDefinitionName": { + "type": "string", + "description": "The name of the job definition." + }, + "nodeProperties": { + "$ref": "#/types/aws-native:batch:JobDefinitionNodeProperties", + "description": "An object with properties that are specific to multi-node parallel jobs. When `nodeProperties` is used in the job definition, it can't be used in addition to `containerProperties` , `ecsProperties` , or `eksProperties` .\n\n\u003e If the job runs on Fargate resources, don't specify `nodeProperties` . Use `containerProperties` instead." + }, + "parameters": { + "$ref": "pulumi.json#/Any", + "description": "Default parameters or parameter substitution placeholders that are set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a `SubmitJob` request override any corresponding parameter defaults from the job definition. For more information about specifying parameters, see [Job definition parameters](https://docs.aws.amazon.com/batch/latest/userguide/job_definition_parameters.html) in the *AWS Batch User Guide* .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Batch::JobDefinition` for more information about the expected schema for this property." + }, + "platformCapabilities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The platform capabilities required by the job definition. If no value is specified, it defaults to `EC2` . Jobs run on Fargate resources specify `FARGATE` ." + }, + "propagateTags": { + "type": "boolean", + "description": "Specifies whether to propagate the tags from the job or job definition to the corresponding Amazon ECS task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the tasks when the tasks are created. For tags with the same name, job tags are given priority over job definitions tags. If the total number of combined tags from the job and job definition is over 50, the job is moved to the `FAILED` state." + }, + "retryStrategy": { + "$ref": "#/types/aws-native:batch:JobDefinitionRetryStrategy", + "description": "The retry strategy to use for failed jobs that are submitted with this job definition." + }, + "schedulingPriority": { + "type": "integer", + "description": "The scheduling priority of the job definition. This only affects jobs in job queues with a fair share policy. Jobs with a higher scheduling priority are scheduled before jobs with a lower scheduling priority." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "The tags that are applied to the job definition.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Batch::JobDefinition` for more information about the expected schema for this property." + }, + "timeout": { + "$ref": "#/types/aws-native:batch:JobDefinitionTimeout", + "description": "The timeout time for jobs that are submitted with this job definition. After the amount of time you specify passes, AWS Batch terminates your jobs if they aren't finished." + }, + "type": { + "type": "string", + "description": "The type of job definition. For more information about multi-node parallel jobs, see [Creating a multi-node parallel job definition](https://docs.aws.amazon.com/batch/latest/userguide/multi-node-job-def.html) in the *AWS Batch User Guide* .\n\n- If the value is `container` , then one of the following is required: `containerProperties` , `ecsProperties` , or `eksProperties` .\n- If the value is `multinode` , then `nodeProperties` is required.\n\n\u003e If the job is run on Fargate resources, then `multinode` isn't supported." + } + }, + "outputs": { + "awsId": { + "type": "string" + }, + "containerProperties": { + "$ref": "#/types/aws-native:batch:JobDefinitionContainerProperties", + "description": "An object with properties specific to Amazon ECS-based jobs. When `containerProperties` is used in the job definition, it can't be used in addition to `eksProperties` , `ecsProperties` , or `nodeProperties` ." + }, + "ecsProperties": { + "$ref": "#/types/aws-native:batch:JobDefinitionEcsProperties", + "description": "An object that contains the properties for the Amazon ECS resources of a job.When `ecsProperties` is used in the job definition, it can't be used in addition to `containerProperties` , `eksProperties` , or `nodeProperties` ." + }, + "eksProperties": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksProperties", + "description": "An object with properties that are specific to Amazon EKS-based jobs. When `eksProperties` is used in the job definition, it can't be used in addition to `containerProperties` , `ecsProperties` , or `nodeProperties` ." + }, + "jobDefinitionName": { + "type": "string", + "description": "The name of the job definition.", + "replaceOnChanges": true + }, + "nodeProperties": { + "$ref": "#/types/aws-native:batch:JobDefinitionNodeProperties", + "description": "An object with properties that are specific to multi-node parallel jobs. When `nodeProperties` is used in the job definition, it can't be used in addition to `containerProperties` , `ecsProperties` , or `eksProperties` .\n\n\u003e If the job runs on Fargate resources, don't specify `nodeProperties` . Use `containerProperties` instead." + }, + "parameters": { + "$ref": "pulumi.json#/Any", + "description": "Default parameters or parameter substitution placeholders that are set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a `SubmitJob` request override any corresponding parameter defaults from the job definition. For more information about specifying parameters, see [Job definition parameters](https://docs.aws.amazon.com/batch/latest/userguide/job_definition_parameters.html) in the *AWS Batch User Guide* .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Batch::JobDefinition` for more information about the expected schema for this property." + }, + "platformCapabilities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The platform capabilities required by the job definition. If no value is specified, it defaults to `EC2` . Jobs run on Fargate resources specify `FARGATE` ." + }, + "propagateTags": { + "type": "boolean", + "description": "Specifies whether to propagate the tags from the job or job definition to the corresponding Amazon ECS task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the tasks when the tasks are created. For tags with the same name, job tags are given priority over job definitions tags. If the total number of combined tags from the job and job definition is over 50, the job is moved to the `FAILED` state." + }, + "retryStrategy": { + "$ref": "#/types/aws-native:batch:JobDefinitionRetryStrategy", + "description": "The retry strategy to use for failed jobs that are submitted with this job definition." + }, + "schedulingPriority": { + "type": "integer", + "description": "The scheduling priority of the job definition. This only affects jobs in job queues with a fair share policy. Jobs with a higher scheduling priority are scheduled before jobs with a lower scheduling priority." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "The tags that are applied to the job definition.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Batch::JobDefinition` for more information about the expected schema for this property.", + "replaceOnChanges": true + }, + "timeout": { + "$ref": "#/types/aws-native:batch:JobDefinitionTimeout", + "description": "The timeout time for jobs that are submitted with this job definition. After the amount of time you specify passes, AWS Batch terminates your jobs if they aren't finished." + }, + "type": { + "type": "string", + "description": "The type of job definition. For more information about multi-node parallel jobs, see [Creating a multi-node parallel job definition](https://docs.aws.amazon.com/batch/latest/userguide/multi-node-job-def.html) in the *AWS Batch User Guide* .\n\n- If the value is `container` , then one of the following is required: `containerProperties` , `ecsProperties` , or `eksProperties` .\n- If the value is `multinode` , then `nodeProperties` is required.\n\n\u003e If the job is run on Fargate resources, then `multinode` isn't supported." + } + }, + "autoNamingSpec": { + "sdkName": "jobDefinitionName" + }, + "required": [ + "type" + ], + "createOnly": [ + "jobDefinitionName", + "tags" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "untyped" + }, + "aws-native:batch:JobQueue": { + "cf": "AWS::Batch::JobQueue", + "inputs": { + "computeEnvironmentOrder": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobQueueComputeEnvironmentOrder" + }, + "description": "The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment runs a specific job. Compute environments must be in the `VALID` state before you can associate them with a job queue. You can associate up to three compute environments with a job queue. All of the compute environments must be either EC2 ( `EC2` or `SPOT` ) or Fargate ( `FARGATE` or `FARGATE_SPOT` ); EC2 and Fargate compute environments can't be mixed.\n\n\u003e All compute environments that are associated with a job queue must share the same architecture. AWS Batch doesn't support mixing compute environment architecture types in a single job queue." + }, + "jobQueueName": { + "type": "string", + "description": "The name of the job queue. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_)." + }, + "jobStateTimeLimitActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobQueueJobStateTimeLimitAction" + }, + "description": "The set of actions that AWS Batch perform on jobs that remain at the head of the job queue in the specified state longer than specified times. AWS Batch will perform each action after `maxTimeSeconds` has passed." + }, + "priority": { + "type": "integer", + "description": "The priority of the job queue. Job queues with a higher priority (or a higher integer value for the `priority` parameter) are evaluated first when associated with the same compute environment. Priority is determined in descending order. For example, a job queue with a priority value of `10` is given scheduling preference over a job queue with a priority value of `1` . All of the compute environments must be either EC2 ( `EC2` or `SPOT` ) or Fargate ( `FARGATE` or `FARGATE_SPOT` ); EC2 and Fargate compute environments can't be mixed." + }, + "schedulingPolicyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the scheduling policy. The format is `aws: *Partition* :batch: *Region* : *Account* :scheduling-policy/ *Name*` . For example, `aws:aws:batch:us-west-2:123456789012:scheduling-policy/MySchedulingPolicy` ." + }, + "state": { + "$ref": "#/types/aws-native:batch:JobQueueState", + "description": "The state of the job queue. If the job queue state is `ENABLED` , it is able to accept jobs. If the job queue state is `DISABLED` , new jobs can't be added to the queue, but jobs already in the queue can finish." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + } + }, + "outputs": { + "computeEnvironmentOrder": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobQueueComputeEnvironmentOrder" + }, + "description": "The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment runs a specific job. Compute environments must be in the `VALID` state before you can associate them with a job queue. You can associate up to three compute environments with a job queue. All of the compute environments must be either EC2 ( `EC2` or `SPOT` ) or Fargate ( `FARGATE` or `FARGATE_SPOT` ); EC2 and Fargate compute environments can't be mixed.\n\n\u003e All compute environments that are associated with a job queue must share the same architecture. AWS Batch doesn't support mixing compute environment architecture types in a single job queue." + }, + "jobQueueArn": { + "type": "string", + "description": "Returns the job queue ARN, such as `batch: *us-east-1* : *111122223333* :job-queue/ *JobQueueName*` ." + }, + "jobQueueName": { + "type": "string", + "description": "The name of the job queue. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", + "replaceOnChanges": true + }, + "jobStateTimeLimitActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobQueueJobStateTimeLimitAction" + }, + "description": "The set of actions that AWS Batch perform on jobs that remain at the head of the job queue in the specified state longer than specified times. AWS Batch will perform each action after `maxTimeSeconds` has passed." + }, + "priority": { + "type": "integer", + "description": "The priority of the job queue. Job queues with a higher priority (or a higher integer value for the `priority` parameter) are evaluated first when associated with the same compute environment. Priority is determined in descending order. For example, a job queue with a priority value of `10` is given scheduling preference over a job queue with a priority value of `1` . All of the compute environments must be either EC2 ( `EC2` or `SPOT` ) or Fargate ( `FARGATE` or `FARGATE_SPOT` ); EC2 and Fargate compute environments can't be mixed." + }, + "schedulingPolicyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the scheduling policy. The format is `aws: *Partition* :batch: *Region* : *Account* :scheduling-policy/ *Name*` . For example, `aws:aws:batch:us-west-2:123456789012:scheduling-policy/MySchedulingPolicy` ." + }, + "state": { + "$ref": "#/types/aws-native:batch:JobQueueState", + "description": "The state of the job queue. If the job queue state is `ENABLED` , it is able to accept jobs. If the job queue state is `DISABLED` , new jobs can't be added to the queue, but jobs already in the queue can finish." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "jobQueueName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "computeEnvironmentOrder", + "priority" + ], + "createOnly": [ + "jobQueueName", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:batch:SchedulingPolicy": { + "cf": "AWS::Batch::SchedulingPolicy", + "inputs": { + "fairsharePolicy": { + "$ref": "#/types/aws-native:batch:SchedulingPolicyFairsharePolicy", + "description": "The fair share policy of the scheduling policy." + }, + "name": { + "type": "string", + "description": "Name of Scheduling Policy." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the scheduling policy ARN, such as `batch: *us-east-1* : *111122223333* :scheduling-policy/ *HighPriority*` ." + }, + "fairsharePolicy": { + "$ref": "#/types/aws-native:batch:SchedulingPolicyFairsharePolicy", + "description": "The fair share policy of the scheduling policy." + }, + "name": { + "type": "string", + "description": "Name of Scheduling Policy.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "name", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:bedrock:Agent": { + "cf": "AWS::Bedrock::Agent", + "inputs": { + "actionGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:AgentActionGroup" + }, + "description": "List of ActionGroups" + }, + "agentName": { + "type": "string", + "description": "Name for a resource." + }, + "agentResourceRoleArn": { + "type": "string", + "description": "ARN of a IAM role." + }, + "autoPrepare": { + "type": "boolean", + "description": "Specifies whether to automatically prepare after creating or updating the agent." + }, + "customerEncryptionKeyArn": { + "type": "string", + "description": "A KMS key ARN" + }, + "description": { + "type": "string", + "description": "Description of the Resource." + }, + "foundationModel": { + "type": "string", + "description": "ARN or name of a Bedrock model." + }, + "guardrailConfiguration": { + "$ref": "#/types/aws-native:bedrock:AgentGuardrailConfiguration", + "description": "Details about the guardrail associated with the agent." + }, + "idleSessionTtlInSeconds": { + "type": "number", + "description": "Max Session Time." + }, + "instruction": { + "type": "string", + "description": "Instruction for the agent." + }, + "knowledgeBases": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:AgentKnowledgeBase" + }, + "description": "List of Agent Knowledge Bases" + }, + "promptOverrideConfiguration": { + "$ref": "#/types/aws-native:bedrock:AgentPromptOverrideConfiguration", + "description": "Contains configurations to override prompt templates in different parts of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html) ." + }, + "skipResourceInUseCheckOnDelete": { + "type": "boolean", + "description": "Specifies whether to allow deleting agent while it is in use." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + }, + "testAliasTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + } + }, + "outputs": { + "actionGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:AgentActionGroup" + }, + "description": "List of ActionGroups" + }, + "agentArn": { + "type": "string", + "description": "Arn representation of the Agent." + }, + "agentId": { + "type": "string", + "description": "Identifier for a resource." + }, + "agentName": { + "type": "string", + "description": "Name for a resource." + }, + "agentResourceRoleArn": { + "type": "string", + "description": "ARN of a IAM role." + }, + "agentStatus": { + "$ref": "#/types/aws-native:bedrock:AgentStatus", + "description": "The status of the agent and whether it is ready for use. The following statuses are possible:\n\n- CREATING – The agent is being created.\n- PREPARING – The agent is being prepared.\n- PREPARED – The agent is prepared and ready to be invoked.\n- NOT_PREPARED – The agent has been created but not yet prepared.\n- FAILED – The agent API operation failed.\n- UPDATING – The agent is being updated.\n- DELETING – The agent is being deleted." + }, + "agentVersion": { + "type": "string", + "description": "Draft Agent Version." + }, + "autoPrepare": { + "type": "boolean", + "description": "Specifies whether to automatically prepare after creating or updating the agent." + }, + "createdAt": { + "type": "string", + "description": "Time Stamp." + }, + "customerEncryptionKeyArn": { + "type": "string", + "description": "A KMS key ARN" + }, + "description": { + "type": "string", + "description": "Description of the Resource." + }, + "failureReasons": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Failure Reasons for Error." + }, + "foundationModel": { + "type": "string", + "description": "ARN or name of a Bedrock model." + }, + "guardrailConfiguration": { + "$ref": "#/types/aws-native:bedrock:AgentGuardrailConfiguration", + "description": "Details about the guardrail associated with the agent." + }, + "idleSessionTtlInSeconds": { + "type": "number", + "description": "Max Session Time." + }, + "instruction": { + "type": "string", + "description": "Instruction for the agent." + }, + "knowledgeBases": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:AgentKnowledgeBase" + }, + "description": "List of Agent Knowledge Bases" + }, + "preparedAt": { + "type": "string", + "description": "Time Stamp." + }, + "promptOverrideConfiguration": { + "$ref": "#/types/aws-native:bedrock:AgentPromptOverrideConfiguration", + "description": "Contains configurations to override prompt templates in different parts of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html) ." + }, + "recommendedActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The recommended actions users can take to resolve an error in failureReasons." + }, + "skipResourceInUseCheckOnDelete": { + "type": "boolean", + "description": "Specifies whether to allow deleting agent while it is in use." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + }, + "testAliasTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + }, + "updatedAt": { + "type": "string", + "description": "Time Stamp." + } + }, + "autoNamingSpec": { + "sdkName": "agentName" + }, + "writeOnly": [ + "actionGroups/*/SkipResourceInUseCheckOnDelete", + "autoPrepare", + "skipResourceInUseCheckOnDelete" + ], + "irreversibleNames": { + "idleSessionTtlInSeconds": "IdleSessionTTLInSeconds" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:bedrock:AgentAlias": { + "cf": "AWS::Bedrock::AgentAlias", + "inputs": { + "agentAliasName": { + "type": "string", + "description": "Name for a resource." + }, + "agentId": { + "type": "string", + "description": "Identifier for a resource." + }, + "description": { + "type": "string", + "description": "Description of the Resource." + }, + "routingConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:AgentAliasRoutingConfigurationListItem" + }, + "description": "Routing configuration for an Agent alias." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + } + }, + "outputs": { + "agentAliasArn": { + "type": "string", + "description": "Arn representation of the Agent Alias." + }, + "agentAliasHistoryEvents": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:AgentAliasHistoryEvent" + }, + "description": "The list of history events for an alias for an Agent." + }, + "agentAliasId": { + "type": "string", + "description": "Id for an Agent Alias generated at the server side." + }, + "agentAliasName": { + "type": "string", + "description": "Name for a resource." + }, + "agentAliasStatus": { + "$ref": "#/types/aws-native:bedrock:AgentAliasStatus", + "description": "The status of the alias of the agent and whether it is ready for use. The following statuses are possible:\n\n- CREATING – The agent alias is being created.\n- PREPARED – The agent alias is finished being created or updated and is ready to be invoked.\n- FAILED – The agent alias API operation failed.\n- UPDATING – The agent alias is being updated.\n- DELETING – The agent alias is being deleted." + }, + "agentId": { + "type": "string", + "description": "Identifier for a resource.", + "replaceOnChanges": true + }, + "createdAt": { + "type": "string", + "description": "Time Stamp." + }, + "description": { + "type": "string", + "description": "Description of the Resource." + }, + "routingConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:AgentAliasRoutingConfigurationListItem" + }, + "description": "Routing configuration for an Agent alias." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + }, + "updatedAt": { + "type": "string", + "description": "Time Stamp." + } + }, + "autoNamingSpec": { + "sdkName": "agentAliasName" + }, + "required": [ + "agentId" + ], + "createOnly": [ + "agentId" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:bedrock:DataSource": { + "cf": "AWS::Bedrock::DataSource", + "inputs": { + "dataDeletionPolicy": { + "$ref": "#/types/aws-native:bedrock:DataSourceDataDeletionPolicy", + "description": "The data deletion policy for the data source." + }, + "dataSourceConfiguration": { + "$ref": "#/types/aws-native:bedrock:DataSourceConfiguration", + "description": "The connection configuration for the data source." + }, + "description": { + "type": "string", + "description": "Description of the Resource." + }, + "knowledgeBaseId": { + "type": "string", + "description": "The unique identifier of the knowledge base to which to add the data source." + }, + "name": { + "type": "string", + "description": "The name of the data source." + }, + "serverSideEncryptionConfiguration": { + "$ref": "#/types/aws-native:bedrock:DataSourceServerSideEncryptionConfiguration", + "description": "Contains details about the configuration of the server-side encryption." + }, + "vectorIngestionConfiguration": { + "$ref": "#/types/aws-native:bedrock:DataSourceVectorIngestionConfiguration", + "description": "Contains details about how to ingest the documents in the data source." + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "The time at which the data source was created." + }, + "dataDeletionPolicy": { + "$ref": "#/types/aws-native:bedrock:DataSourceDataDeletionPolicy", + "description": "The data deletion policy for the data source." + }, + "dataSourceConfiguration": { + "$ref": "#/types/aws-native:bedrock:DataSourceConfiguration", + "description": "The connection configuration for the data source." + }, + "dataSourceId": { + "type": "string", + "description": "Identifier for a resource." + }, + "dataSourceStatus": { + "$ref": "#/types/aws-native:bedrock:DataSourceStatus", + "description": "The status of the data source. The following statuses are possible:\n\n- Available – The data source has been created and is ready for ingestion into the knowledge base.\n- Deleting – The data source is being deleted." + }, + "description": { + "type": "string", + "description": "Description of the Resource." + }, + "failureReasons": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The details of the failure reasons related to the data source." + }, + "knowledgeBaseId": { + "type": "string", + "description": "The unique identifier of the knowledge base to which to add the data source.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the data source." + }, + "serverSideEncryptionConfiguration": { + "$ref": "#/types/aws-native:bedrock:DataSourceServerSideEncryptionConfiguration", + "description": "Contains details about the configuration of the server-side encryption." + }, + "updatedAt": { + "type": "string", + "description": "The time at which the knowledge base was last updated." + }, + "vectorIngestionConfiguration": { + "$ref": "#/types/aws-native:bedrock:DataSourceVectorIngestionConfiguration", + "description": "Contains details about how to ingest the documents in the data source.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "dataSourceConfiguration", + "knowledgeBaseId" + ], + "createOnly": [ + "knowledgeBaseId", + "vectorIngestionConfiguration" + ] + }, + "aws-native:bedrock:Flow": { + "cf": "AWS::Bedrock::Flow", + "inputs": { + "customerEncryptionKeyArn": { + "type": "string", + "description": "A KMS key ARN" + }, + "definition": { + "$ref": "#/types/aws-native:bedrock:FlowDefinition", + "description": "The definition of the nodes and connections between the nodes in the flow." + }, + "definitionS3Location": { + "$ref": "#/types/aws-native:bedrock:FlowS3Location", + "description": "The Amazon S3 location of the flow definition." + }, + "definitionString": { + "type": "string", + "description": "A JSON string containing a Definition with the same schema as the Definition property of this resource" + }, + "definitionSubstitutions": { + "type": "object", + "additionalProperties": { + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "boolean" + } + ] + }, + "description": "A map that specifies the mappings for placeholder variables in the prompt flow definition. This enables the customer to inject values obtained at runtime. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map. Only supported with the `DefinitionString` and `DefinitionS3Location` fields.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` ." + }, + "description": { + "type": "string", + "description": "Description of the flow" + }, + "executionRoleArn": { + "type": "string", + "description": "ARN of a IAM role" + }, + "name": { + "type": "string", + "description": "Name for the flow" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + }, + "testAliasTags": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Arn representation of the Flow" + }, + "awsId": { + "type": "string", + "description": "Identifier for a Flow" + }, + "createdAt": { + "type": "string", + "description": "Time Stamp." + }, + "customerEncryptionKeyArn": { + "type": "string", + "description": "A KMS key ARN" + }, + "definition": { + "$ref": "#/types/aws-native:bedrock:FlowDefinition", + "description": "The definition of the nodes and connections between the nodes in the flow." + }, + "definitionS3Location": { + "$ref": "#/types/aws-native:bedrock:FlowS3Location", + "description": "The Amazon S3 location of the flow definition." + }, + "definitionString": { + "type": "string", + "description": "A JSON string containing a Definition with the same schema as the Definition property of this resource" + }, + "definitionSubstitutions": { + "type": "object", + "additionalProperties": { + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "boolean" + } + ] + }, + "description": "A map that specifies the mappings for placeholder variables in the prompt flow definition. This enables the customer to inject values obtained at runtime. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map. Only supported with the `DefinitionString` and `DefinitionS3Location` fields.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` ." + }, + "description": { + "type": "string", + "description": "Description of the flow" + }, + "executionRoleArn": { + "type": "string", + "description": "ARN of a IAM role" + }, + "name": { + "type": "string", + "description": "Name for the flow" + }, + "status": { + "$ref": "#/types/aws-native:bedrock:FlowStatus", + "description": "The status of the flow. The following statuses are possible:\n\n- NotPrepared – The flow has been created or updated, but hasn't been prepared. If you just created the flow, you can't test it. If you updated the flow, the `DRAFT` version won't contain the latest changes for testing. Send a [PrepareFlow](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent_PrepareFlow.html) request to package the latest changes into the `DRAFT` version.\n- Preparing – The flow is being prepared so that the `DRAFT` version contains the latest changes for testing.\n- Prepared – The flow is prepared and the `DRAFT` version contains the latest changes for testing.\n- Failed – The last API operation that you invoked on the flow failed. Send a [GetFlow](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent_GetFlow.html) request and check the error message in the `validations` field." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + }, + "testAliasTags": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "updatedAt": { + "type": "string", + "description": "Time Stamp." + }, + "version": { + "type": "string", + "description": "Draft Version." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "executionRoleArn" + ], + "writeOnly": [ + "definitionS3Location", + "definitionString", + "definitionSubstitutions" + ], + "irreversibleNames": { + "awsId": "Id", + "definitionS3Location": "DefinitionS3Location" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:bedrock:FlowAlias": { + "cf": "AWS::Bedrock::FlowAlias", + "inputs": { + "description": { + "type": "string", + "description": "Description of the Resource." + }, + "flowArn": { + "type": "string", + "description": "Arn representation of the Flow" + }, + "name": { + "type": "string", + "description": "Name for a resource." + }, + "routingConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowAliasRoutingConfigurationListItem" + }, + "description": "Routing configuration for a Flow alias." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Arn of the Flow Alias" + }, + "awsId": { + "type": "string", + "description": "Id for a Flow Alias generated at the server side." + }, + "createdAt": { + "type": "string", + "description": "Time Stamp." + }, + "description": { + "type": "string", + "description": "Description of the Resource." + }, + "flowArn": { + "type": "string", + "description": "Arn representation of the Flow", + "replaceOnChanges": true + }, + "flowId": { + "type": "string", + "description": "Identifier for a flow resource." + }, + "name": { + "type": "string", + "description": "Name for a resource." + }, + "routingConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowAliasRoutingConfigurationListItem" + }, + "description": "Routing configuration for a Flow alias." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + }, + "updatedAt": { + "type": "string", + "description": "Time Stamp." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "flowArn", + "routingConfiguration" + ], + "createOnly": [ + "flowArn" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:bedrock:FlowVersion": { + "cf": "AWS::Bedrock::FlowVersion", + "inputs": { + "description": { + "type": "string", + "description": "Description of the flow version" + }, + "flowArn": { + "type": "string", + "description": "Arn representation of the Flow" + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "Time Stamp." + }, + "definition": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowDefinition" + }, + "description": { + "type": "string", + "description": "Description of the flow version", + "replaceOnChanges": true + }, + "executionRoleArn": { + "type": "string", + "description": "ARN of a IAM role" + }, + "flowArn": { + "type": "string", + "description": "Arn representation of the Flow", + "replaceOnChanges": true + }, + "flowId": { + "type": "string", + "description": "Identifier for a Flow" + }, + "name": { + "type": "string", + "description": "Name for the flow" + }, + "status": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowStatus", + "description": "The status of the flow." + }, + "version": { + "type": "string", + "description": "Numerical Version." + } + }, + "required": [ + "flowArn" + ], + "createOnly": [ + "description", + "flowArn" + ] + }, + "aws-native:bedrock:Guardrail": { + "cf": "AWS::Bedrock::Guardrail", + "inputs": { + "blockedInputMessaging": { + "type": "string", + "description": "Messaging for when violations are detected in text" + }, + "blockedOutputsMessaging": { + "type": "string", + "description": "Messaging for when violations are detected in text" + }, + "contentPolicyConfig": { + "$ref": "#/types/aws-native:bedrock:GuardrailContentPolicyConfig", + "description": "The content filter policies to configure for the guardrail." + }, + "contextualGroundingPolicyConfig": { + "$ref": "#/types/aws-native:bedrock:GuardrailContextualGroundingPolicyConfig" + }, + "description": { + "type": "string", + "description": "Description of the guardrail or its version" + }, + "kmsKeyArn": { + "type": "string", + "description": "The KMS key with which the guardrail was encrypted at rest" + }, + "name": { + "type": "string", + "description": "Name of the guardrail" + }, + "sensitiveInformationPolicyConfig": { + "$ref": "#/types/aws-native:bedrock:GuardrailSensitiveInformationPolicyConfig", + "description": "The sensitive information policy to configure for the guardrail." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "List of Tags" + }, + "topicPolicyConfig": { + "$ref": "#/types/aws-native:bedrock:GuardrailTopicPolicyConfig", + "description": "The topic policies to configure for the guardrail." + }, + "wordPolicyConfig": { + "$ref": "#/types/aws-native:bedrock:GuardrailWordPolicyConfig", + "description": "The word policy you configure for the guardrail." + } + }, + "outputs": { + "blockedInputMessaging": { + "type": "string", + "description": "Messaging for when violations are detected in text" + }, + "blockedOutputsMessaging": { + "type": "string", + "description": "Messaging for when violations are detected in text" + }, + "contentPolicyConfig": { + "$ref": "#/types/aws-native:bedrock:GuardrailContentPolicyConfig", + "description": "The content filter policies to configure for the guardrail." + }, + "contextualGroundingPolicyConfig": { + "$ref": "#/types/aws-native:bedrock:GuardrailContextualGroundingPolicyConfig" + }, + "createdAt": { + "type": "string", + "description": "Time Stamp" + }, + "description": { + "type": "string", + "description": "Description of the guardrail or its version" + }, + "failureRecommendations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of failure recommendations" + }, + "guardrailArn": { + "type": "string", + "description": "Arn representation for the guardrail" + }, + "guardrailId": { + "type": "string", + "description": "Unique id for the guardrail" + }, + "kmsKeyArn": { + "type": "string", + "description": "The KMS key with which the guardrail was encrypted at rest" + }, + "name": { + "type": "string", + "description": "Name of the guardrail" + }, + "sensitiveInformationPolicyConfig": { + "$ref": "#/types/aws-native:bedrock:GuardrailSensitiveInformationPolicyConfig", + "description": "The sensitive information policy to configure for the guardrail." + }, + "status": { + "$ref": "#/types/aws-native:bedrock:GuardrailStatus", + "description": "The status of the guardrail." + }, + "statusReasons": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of status reasons" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "List of Tags" + }, + "topicPolicyConfig": { + "$ref": "#/types/aws-native:bedrock:GuardrailTopicPolicyConfig", + "description": "The topic policies to configure for the guardrail." + }, + "updatedAt": { + "type": "string", + "description": "Time Stamp" + }, + "version": { + "type": "string", + "description": "Guardrail version" + }, + "wordPolicyConfig": { + "$ref": "#/types/aws-native:bedrock:GuardrailWordPolicyConfig", + "description": "The word policy you configure for the guardrail." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 50 + }, + "required": [ + "blockedInputMessaging", + "blockedOutputsMessaging" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:bedrock:GuardrailVersion": { + "cf": "AWS::Bedrock::GuardrailVersion", + "inputs": { + "description": { + "type": "string", + "description": "Description of the Guardrail version" + }, + "guardrailIdentifier": { + "type": "string", + "description": "Identifier (GuardrailId or GuardrailArn) for the guardrail" + } + }, + "outputs": { + "description": { + "type": "string", + "description": "Description of the Guardrail version", + "replaceOnChanges": true + }, + "guardrailArn": { + "type": "string", + "description": "Arn representation for the guardrail" + }, + "guardrailId": { + "type": "string", + "description": "Unique id for the guardrail" + }, + "guardrailIdentifier": { + "type": "string", + "description": "Identifier (GuardrailId or GuardrailArn) for the guardrail", + "replaceOnChanges": true + }, + "version": { + "type": "string", + "description": "Guardrail version" + } + }, + "required": [ + "guardrailIdentifier" + ], + "createOnly": [ + "description", + "guardrailIdentifier" + ], + "writeOnly": [ + "guardrailIdentifier" + ] + }, + "aws-native:bedrock:KnowledgeBase": { + "cf": "AWS::Bedrock::KnowledgeBase", + "inputs": { + "description": { + "type": "string", + "description": "Description of the Resource." + }, + "knowledgeBaseConfiguration": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseConfiguration", + "description": "Contains details about the embeddings configuration of the knowledge base." + }, + "name": { + "type": "string", + "description": "The name of the knowledge base." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role with permissions to invoke API operations on the knowledge base. The ARN must begin with AmazonBedrockExecutionRoleForKnowledgeBase_" + }, + "storageConfiguration": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseStorageConfiguration", + "description": "Contains details about the storage configuration of the knowledge base." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "The time at which the knowledge base was created." + }, + "description": { + "type": "string", + "description": "Description of the Resource." + }, + "failureReasons": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of reasons that the API operation on the knowledge base failed." + }, + "knowledgeBaseArn": { + "type": "string", + "description": "The ARN of the knowledge base." + }, + "knowledgeBaseConfiguration": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseConfiguration", + "description": "Contains details about the embeddings configuration of the knowledge base.", + "replaceOnChanges": true + }, + "knowledgeBaseId": { + "type": "string", + "description": "The unique identifier of the knowledge base." + }, + "name": { + "type": "string", + "description": "The name of the knowledge base." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role with permissions to invoke API operations on the knowledge base. The ARN must begin with AmazonBedrockExecutionRoleForKnowledgeBase_" + }, + "status": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseStatus", + "description": "The status of the knowledge base." + }, + "storageConfiguration": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseStorageConfiguration", + "description": "Contains details about the storage configuration of the knowledge base.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + }, + "updatedAt": { + "type": "string", + "description": "The time at which the knowledge base was last updated." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "knowledgeBaseConfiguration", + "roleArn", + "storageConfiguration" + ], + "createOnly": [ + "knowledgeBaseConfiguration", + "storageConfiguration" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:bedrock:Prompt": { + "cf": "AWS::Bedrock::Prompt", + "inputs": { + "customerEncryptionKeyArn": { + "type": "string", + "description": "A KMS key ARN" + }, + "defaultVariant": { + "type": "string", + "description": "Name for a variant." + }, + "description": { + "type": "string", + "description": "Name for a prompt resource." + }, + "name": { + "type": "string", + "description": "Name for a prompt resource." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + }, + "variants": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:PromptVariant" + }, + "description": "List of prompt variants" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "ARN of a prompt resource possibly with a version" + }, + "awsId": { + "type": "string", + "description": "Identifier for a Prompt" + }, + "createdAt": { + "type": "string", + "description": "Time Stamp." + }, + "customerEncryptionKeyArn": { + "type": "string", + "description": "A KMS key ARN" + }, + "defaultVariant": { + "type": "string", + "description": "Name for a variant." + }, + "description": { + "type": "string", + "description": "Name for a prompt resource." + }, + "name": { + "type": "string", + "description": "Name for a prompt resource." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)" + }, + "updatedAt": { + "type": "string", + "description": "Time Stamp." + }, + "variants": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:PromptVariant" + }, + "description": "List of prompt variants" + }, + "version": { + "type": "string", + "description": "Draft Version." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "writeOnly": [ + "variants/*/TemplateConfiguration/Text/TextS3Location" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:bedrock:PromptVersion": { + "cf": "AWS::Bedrock::PromptVersion", + "inputs": { + "description": { + "type": "string", + "description": "Description for a prompt version resource." + }, + "promptArn": { + "type": "string", + "description": "ARN of a prompt resource possibly with a version" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "ARN of a prompt version resource" + }, + "createdAt": { + "type": "string", + "description": "Time Stamp." + }, + "defaultVariant": { + "type": "string", + "description": "Name for a variant." + }, + "description": { + "type": "string", + "description": "Description for a prompt version resource.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Name for a prompt resource." + }, + "promptArn": { + "type": "string", + "description": "ARN of a prompt resource possibly with a version", + "replaceOnChanges": true + }, + "promptId": { + "type": "string", + "description": "Identifier for a Prompt" + }, + "updatedAt": { + "type": "string", + "description": "Time Stamp." + }, + "variants": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:PromptVersionPromptVariant" + }, + "description": "List of prompt variants" + }, + "version": { + "type": "string", + "description": "Version." + } + }, + "required": [ + "promptArn" + ], + "createOnly": [ + "description", + "promptArn" + ] + }, + "aws-native:budgets:BudgetsAction": { + "cf": "AWS::Budgets::BudgetsAction", + "inputs": { + "actionThreshold": { + "$ref": "#/types/aws-native:budgets:BudgetsActionActionThreshold", + "description": "The trigger threshold of the action." + }, + "actionType": { + "$ref": "#/types/aws-native:budgets:BudgetsActionActionType", + "description": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition." + }, + "approvalModel": { + "$ref": "#/types/aws-native:budgets:BudgetsActionApprovalModel", + "description": "This specifies if the action needs manual or automatic approval." + }, + "budgetName": { + "type": "string", + "description": "A string that represents the budget name. \":\" and \"\\\" characters aren't allowed." + }, + "definition": { + "$ref": "#/types/aws-native:budgets:BudgetsActionDefinition", + "description": "Specifies all of the type-specific parameters." + }, + "executionRoleArn": { + "type": "string", + "description": "The role passed for action execution and reversion. Roles and actions must be in the same account." + }, + "notificationType": { + "$ref": "#/types/aws-native:budgets:BudgetsActionNotificationType", + "description": "The type of a notification." + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An optional list of tags to associate with the specified budget action. Each tag consists of a key and a value, and each key must be unique for the resource." + }, + "subscribers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:budgets:BudgetsActionSubscriber" + }, + "description": "A list of subscribers." + } + }, + "outputs": { + "actionId": { + "type": "string", + "description": "A system-generated universally unique identifier (UUID) for the action." + }, + "actionThreshold": { + "$ref": "#/types/aws-native:budgets:BudgetsActionActionThreshold", + "description": "The trigger threshold of the action." + }, + "actionType": { + "$ref": "#/types/aws-native:budgets:BudgetsActionActionType", + "description": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition.", + "replaceOnChanges": true + }, + "approvalModel": { + "$ref": "#/types/aws-native:budgets:BudgetsActionApprovalModel", + "description": "This specifies if the action needs manual or automatic approval." + }, + "budgetName": { + "type": "string", + "description": "A string that represents the budget name. \":\" and \"\\\" characters aren't allowed.", + "replaceOnChanges": true + }, + "definition": { + "$ref": "#/types/aws-native:budgets:BudgetsActionDefinition", + "description": "Specifies all of the type-specific parameters." + }, + "executionRoleArn": { + "type": "string", + "description": "The role passed for action execution and reversion. Roles and actions must be in the same account." + }, + "notificationType": { + "$ref": "#/types/aws-native:budgets:BudgetsActionNotificationType", + "description": "The type of a notification." + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An optional list of tags to associate with the specified budget action. Each tag consists of a key and a value, and each key must be unique for the resource." + }, + "subscribers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:budgets:BudgetsActionSubscriber" + }, + "description": "A list of subscribers." + } + }, + "required": [ + "actionThreshold", + "actionType", + "budgetName", + "definition", + "executionRoleArn", + "notificationType", + "subscribers" + ], + "createOnly": [ + "actionType", + "budgetName" + ], + "tagsProperty": "resourceTags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cassandra:Keyspace": { + "cf": "AWS::Cassandra::Keyspace", + "inputs": { + "keyspaceName": { + "type": "string", + "description": "Name for Cassandra keyspace" + }, + "replicationSpecification": { + "$ref": "#/types/aws-native:cassandra:KeyspaceReplicationSpecification", + "description": "Specifies the `ReplicationStrategy` of a keyspace. The options are:\n\n- `SINGLE_REGION` for a single Region keyspace (optional) or\n- `MULTI_REGION` for a multi-Region keyspace\n\nIf no `ReplicationStrategy` is provided, the default is `SINGLE_REGION` . If you choose `MULTI_REGION` , you must also provide a `RegionList` with the AWS Regions that the keyspace is replicated in." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "keyspaceName": { + "type": "string", + "description": "Name for Cassandra keyspace", + "replaceOnChanges": true + }, + "replicationSpecification": { + "$ref": "#/types/aws-native:cassandra:KeyspaceReplicationSpecification", + "description": "Specifies the `ReplicationStrategy` of a keyspace. The options are:\n\n- `SINGLE_REGION` for a single Region keyspace (optional) or\n- `MULTI_REGION` for a multi-Region keyspace\n\nIf no `ReplicationStrategy` is provided, the default is `SINGLE_REGION` . If you choose `MULTI_REGION` , you must also provide a `RegionList` with the AWS Regions that the keyspace is replicated in.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "keyspaceName" + }, + "createOnly": [ + "keyspaceName", + "replicationSpecification" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cassandra:Table": { + "cf": "AWS::Cassandra::Table", + "inputs": { + "autoScalingSpecifications": { + "$ref": "#/types/aws-native:cassandra:TableAutoScalingSpecification", + "description": "The optional auto scaling capacity settings for a table in provisioned capacity mode." + }, + "billingMode": { + "$ref": "#/types/aws-native:cassandra:TableBillingMode", + "description": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode." + }, + "clientSideTimestampsEnabled": { + "type": "boolean", + "description": "Indicates whether client side timestamps are enabled (true) or disabled (false) on the table. False by default, once it is enabled it cannot be disabled again." + }, + "clusteringKeyColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cassandra:TableClusteringKeyColumn" + }, + "description": "Clustering key columns of the table" + }, + "defaultTimeToLive": { + "type": "integer", + "description": "Default TTL (Time To Live) in seconds, where zero is disabled. If the value is greater than zero, TTL is enabled for the entire table and an expiration timestamp is added to each column." + }, + "encryptionSpecification": { + "$ref": "#/types/aws-native:cassandra:TableEncryptionSpecification", + "description": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - The key is owned by Amazon Keyspaces .\n- *Customer managed key* - The key is stored in your account and is created, owned, and managed by you.\n\n\u003e If you choose encryption with a customer managed key, you must specify a valid customer managed KMS key with permissions granted to Amazon Keyspaces.\n\nFor more information, see [Encryption at rest in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html) in the *Amazon Keyspaces Developer Guide* ." + }, + "keyspaceName": { + "type": "string", + "description": "Name for Cassandra keyspace" + }, + "partitionKeyColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cassandra:TableColumn" + }, + "description": "Partition key columns of the table" + }, + "pointInTimeRecoveryEnabled": { + "type": "boolean", + "description": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table" + }, + "regularColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cassandra:TableColumn" + }, + "description": "Non-key columns of the table" + }, + "replicaSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cassandra:TableReplicaSpecification" + }, + "description": "The AWS Region specific settings of a multi-Region table.\n\nFor a multi-Region table, you can configure the table's read capacity differently per AWS Region. You can do this by configuring the following parameters.\n\n- `region` : The Region where these settings are applied. (Required)\n- `readCapacityUnits` : The provisioned read capacity units. (Optional)\n- `readCapacityAutoScaling` : The read capacity auto scaling settings for the table. (Optional)" + }, + "tableName": { + "type": "string", + "description": "Name for Cassandra table" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource" + } + }, + "outputs": { + "autoScalingSpecifications": { + "$ref": "#/types/aws-native:cassandra:TableAutoScalingSpecification", + "description": "The optional auto scaling capacity settings for a table in provisioned capacity mode." + }, + "billingMode": { + "$ref": "#/types/aws-native:cassandra:TableBillingMode", + "description": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode." + }, + "clientSideTimestampsEnabled": { + "type": "boolean", + "description": "Indicates whether client side timestamps are enabled (true) or disabled (false) on the table. False by default, once it is enabled it cannot be disabled again.", + "replaceOnChanges": true + }, + "clusteringKeyColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cassandra:TableClusteringKeyColumn" + }, + "description": "Clustering key columns of the table", + "replaceOnChanges": true + }, + "defaultTimeToLive": { + "type": "integer", + "description": "Default TTL (Time To Live) in seconds, where zero is disabled. If the value is greater than zero, TTL is enabled for the entire table and an expiration timestamp is added to each column." + }, + "encryptionSpecification": { + "$ref": "#/types/aws-native:cassandra:TableEncryptionSpecification", + "description": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - The key is owned by Amazon Keyspaces .\n- *Customer managed key* - The key is stored in your account and is created, owned, and managed by you.\n\n\u003e If you choose encryption with a customer managed key, you must specify a valid customer managed KMS key with permissions granted to Amazon Keyspaces.\n\nFor more information, see [Encryption at rest in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html) in the *Amazon Keyspaces Developer Guide* ." + }, + "keyspaceName": { + "type": "string", + "description": "Name for Cassandra keyspace", + "replaceOnChanges": true + }, + "partitionKeyColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cassandra:TableColumn" + }, + "description": "Partition key columns of the table", + "replaceOnChanges": true + }, + "pointInTimeRecoveryEnabled": { + "type": "boolean", + "description": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table" + }, + "regularColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cassandra:TableColumn" + }, + "description": "Non-key columns of the table" + }, + "replicaSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cassandra:TableReplicaSpecification" + }, + "description": "The AWS Region specific settings of a multi-Region table.\n\nFor a multi-Region table, you can configure the table's read capacity differently per AWS Region. You can do this by configuring the following parameters.\n\n- `region` : The Region where these settings are applied. (Required)\n- `readCapacityUnits` : The provisioned read capacity units. (Optional)\n- `readCapacityAutoScaling` : The read capacity auto scaling settings for the table. (Optional)" + }, + "tableName": { + "type": "string", + "description": "Name for Cassandra table", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource" + } + }, + "autoNamingSpec": { + "sdkName": "tableName" + }, + "required": [ + "keyspaceName", + "partitionKeyColumns" + ], + "createOnly": [ + "clientSideTimestampsEnabled", + "clusteringKeyColumns", + "keyspaceName", + "partitionKeyColumns", + "tableName" + ], + "writeOnly": [ + "autoScalingSpecifications", + "replicaSpecifications" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ce:AnomalyMonitor": { + "cf": "AWS::CE::AnomalyMonitor", + "inputs": { + "monitorDimension": { + "$ref": "#/types/aws-native:ce:AnomalyMonitorMonitorDimension", + "description": "The dimensions to evaluate" + }, + "monitorName": { + "type": "string", + "description": "The name of the monitor." + }, + "monitorSpecification": { + "type": "string", + "description": "The array of `MonitorSpecification` in JSON array format. For instance, you can use `MonitorSpecification` to specify a tag, Cost Category, or linked account for your custom anomaly monitor. For further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalymonitor.html#aws-resource-ce-anomalymonitor--examples) section of this page." + }, + "monitorType": { + "$ref": "#/types/aws-native:ce:AnomalyMonitorMonitorType", + "description": "The possible type values." + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ce:AnomalyMonitorResourceTag" + }, + "description": "Tags to assign to monitor." + } + }, + "outputs": { + "creationDate": { + "type": "string", + "description": "The date when the monitor was created. " + }, + "dimensionalValueCount": { + "type": "integer", + "description": "The value for evaluated dimensions." + }, + "lastEvaluatedDate": { + "type": "string", + "description": "The date when the monitor last evaluated for anomalies." + }, + "lastUpdatedDate": { + "type": "string", + "description": "The date when the monitor was last updated." + }, + "monitorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) value for the monitor." + }, + "monitorDimension": { + "$ref": "#/types/aws-native:ce:AnomalyMonitorMonitorDimension", + "description": "The dimensions to evaluate", + "replaceOnChanges": true + }, + "monitorName": { + "type": "string", + "description": "The name of the monitor." + }, + "monitorSpecification": { + "type": "string", + "description": "The array of `MonitorSpecification` in JSON array format. For instance, you can use `MonitorSpecification` to specify a tag, Cost Category, or linked account for your custom anomaly monitor. For further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalymonitor.html#aws-resource-ce-anomalymonitor--examples) section of this page.", + "replaceOnChanges": true + }, + "monitorType": { + "$ref": "#/types/aws-native:ce:AnomalyMonitorMonitorType", + "description": "The possible type values.", + "replaceOnChanges": true + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ce:AnomalyMonitorResourceTag" + }, + "description": "Tags to assign to monitor.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "monitorName", + "maxLength": 1024 + }, + "required": [ + "monitorType" + ], + "createOnly": [ + "monitorDimension", + "monitorSpecification", + "monitorType", + "resourceTags" + ], + "writeOnly": [ + "resourceTags" + ] + }, + "aws-native:ce:AnomalySubscription": { + "cf": "AWS::CE::AnomalySubscription", + "inputs": { + "frequency": { + "$ref": "#/types/aws-native:ce:AnomalySubscriptionFrequency", + "description": "The frequency at which anomaly reports are sent over email. " + }, + "monitorArnList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of cost anomaly monitors." + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ce:AnomalySubscriptionResourceTag" + }, + "description": "Tags to assign to subscription." + }, + "subscribers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ce:AnomalySubscriptionSubscriber" + }, + "description": "A list of subscriber" + }, + "subscriptionName": { + "type": "string", + "description": "The name of the subscription." + }, + "threshold": { + "type": "number", + "description": "The dollar value that triggers a notification if the threshold is exceeded. " + }, + "thresholdExpression": { + "type": "string", + "description": "An Expression object in JSON String format used to specify the anomalies that you want to generate alerts for." + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "The accountId" + }, + "frequency": { + "$ref": "#/types/aws-native:ce:AnomalySubscriptionFrequency", + "description": "The frequency at which anomaly reports are sent over email. " + }, + "monitorArnList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of cost anomaly monitors." + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ce:AnomalySubscriptionResourceTag" + }, + "description": "Tags to assign to subscription.", + "replaceOnChanges": true + }, + "subscribers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ce:AnomalySubscriptionSubscriber" + }, + "description": "A list of subscriber" + }, + "subscriptionArn": { + "type": "string", + "description": "The `AnomalySubscription` Amazon Resource Name (ARN)." + }, + "subscriptionName": { + "type": "string", + "description": "The name of the subscription." + }, + "threshold": { + "type": "number", + "description": "The dollar value that triggers a notification if the threshold is exceeded. " + }, + "thresholdExpression": { + "type": "string", + "description": "An Expression object in JSON String format used to specify the anomalies that you want to generate alerts for." + } + }, + "autoNamingSpec": { + "sdkName": "subscriptionName", + "maxLength": 1024 + }, + "required": [ + "frequency", + "monitorArnList", + "subscribers" + ], + "createOnly": [ + "resourceTags" + ], + "writeOnly": [ + "resourceTags" + ] + }, + "aws-native:ce:CostCategory": { + "cf": "AWS::CE::CostCategory", + "inputs": { + "defaultValue": { + "type": "string", + "description": "The default value for the cost category" + }, + "name": { + "type": "string", + "description": "The unique name of the Cost Category." + }, + "ruleVersion": { + "$ref": "#/types/aws-native:ce:CostCategoryRuleVersion", + "description": "The rule schema version in this particular Cost Category." + }, + "rules": { + "type": "string", + "description": "JSON array format of Expression in Billing and Cost Management API" + }, + "splitChargeRules": { + "type": "string", + "description": "Json array format of CostCategorySplitChargeRule in Billing and Cost Management API" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Cost category ARN" + }, + "defaultValue": { + "type": "string", + "description": "The default value for the cost category" + }, + "effectiveStart": { + "type": "string", + "description": "The Cost Category's effective start date." + }, + "name": { + "type": "string", + "description": "The unique name of the Cost Category.", + "replaceOnChanges": true + }, + "ruleVersion": { + "$ref": "#/types/aws-native:ce:CostCategoryRuleVersion", + "description": "The rule schema version in this particular Cost Category." + }, + "rules": { + "type": "string", + "description": "JSON array format of Expression in Billing and Cost Management API" + }, + "splitChargeRules": { + "type": "string", + "description": "Json array format of CostCategorySplitChargeRule in Billing and Cost Management API" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 50 + }, + "required": [ + "ruleVersion", + "rules" + ], + "createOnly": [ + "name" + ] + }, + "aws-native:certificatemanager:Account": { + "cf": "AWS::CertificateManager::Account", + "inputs": { + "expiryEventsConfiguration": { + "$ref": "#/types/aws-native:certificatemanager:AccountExpiryEventsConfiguration", + "description": "Object containing expiration events options associated with an AWS account . For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference." + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "ID of the AWS account that owns the certificate." + }, + "expiryEventsConfiguration": { + "$ref": "#/types/aws-native:certificatemanager:AccountExpiryEventsConfiguration", + "description": "Object containing expiration events options associated with an AWS account . For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference." + } + }, + "required": [ + "expiryEventsConfiguration" + ] + }, + "aws-native:chatbot:MicrosoftTeamsChannelConfiguration": { + "cf": "AWS::Chatbot::MicrosoftTeamsChannelConfiguration", + "inputs": { + "configurationName": { + "type": "string", + "description": "The name of the configuration" + }, + "guardrailPolicies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set." + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the IAM role that defines the permissions for AWS Chatbot" + }, + "loggingLevel": { + "type": "string", + "description": "Specifies the logging level for this configuration:ERROR,INFO or NONE. This property affects the log entries pushed to Amazon CloudWatch logs" + }, + "snsTopicArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "ARNs of SNS topics which delivers notifications to AWS Chatbot, for example CloudWatch alarm notifications." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the configuration" + }, + "teamId": { + "type": "string", + "description": "The id of the Microsoft Teams team" + }, + "teamsChannelId": { + "type": "string", + "description": "The id of the Microsoft Teams channel" + }, + "teamsTenantId": { + "type": "string", + "description": "The id of the Microsoft Teams tenant" + }, + "userRoleRequired": { + "type": "boolean", + "description": "Enables use of a user role requirement in your chat configuration" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the configuration" + }, + "configurationName": { + "type": "string", + "description": "The name of the configuration", + "replaceOnChanges": true + }, + "guardrailPolicies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set." + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the IAM role that defines the permissions for AWS Chatbot" + }, + "loggingLevel": { + "type": "string", + "description": "Specifies the logging level for this configuration:ERROR,INFO or NONE. This property affects the log entries pushed to Amazon CloudWatch logs" + }, + "snsTopicArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "ARNs of SNS topics which delivers notifications to AWS Chatbot, for example CloudWatch alarm notifications." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the configuration" + }, + "teamId": { + "type": "string", + "description": "The id of the Microsoft Teams team", + "replaceOnChanges": true + }, + "teamsChannelId": { + "type": "string", + "description": "The id of the Microsoft Teams channel" + }, + "teamsTenantId": { + "type": "string", + "description": "The id of the Microsoft Teams tenant", + "replaceOnChanges": true + }, + "userRoleRequired": { + "type": "boolean", + "description": "Enables use of a user role requirement in your chat configuration" + } + }, + "autoNamingSpec": { + "sdkName": "configurationName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "iamRoleArn", + "teamId", + "teamsChannelId", + "teamsTenantId" + ], + "createOnly": [ + "configurationName", + "teamId", + "teamsTenantId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:chatbot:SlackChannelConfiguration": { + "cf": "AWS::Chatbot::SlackChannelConfiguration", + "inputs": { + "configurationName": { + "type": "string", + "description": "The name of the configuration" + }, + "guardrailPolicies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set." + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the IAM role that defines the permissions for AWS Chatbot" + }, + "loggingLevel": { + "type": "string", + "description": "Specifies the logging level for this configuration:ERROR,INFO or NONE. This property affects the log entries pushed to Amazon CloudWatch logs" + }, + "slackChannelId": { + "type": "string", + "description": "The id of the Slack channel" + }, + "slackWorkspaceId": { + "type": "string", + "description": "The id of the Slack workspace" + }, + "snsTopicArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "ARNs of SNS topics which delivers notifications to AWS Chatbot, for example CloudWatch alarm notifications." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the configuration" + }, + "userRoleRequired": { + "type": "boolean", + "description": "Enables use of a user role requirement in your chat configuration" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the configuration" + }, + "configurationName": { + "type": "string", + "description": "The name of the configuration", + "replaceOnChanges": true + }, + "guardrailPolicies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set." + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the IAM role that defines the permissions for AWS Chatbot" + }, + "loggingLevel": { + "type": "string", + "description": "Specifies the logging level for this configuration:ERROR,INFO or NONE. This property affects the log entries pushed to Amazon CloudWatch logs" + }, + "slackChannelId": { + "type": "string", + "description": "The id of the Slack channel" + }, + "slackWorkspaceId": { + "type": "string", + "description": "The id of the Slack workspace", + "replaceOnChanges": true + }, + "snsTopicArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "ARNs of SNS topics which delivers notifications to AWS Chatbot, for example CloudWatch alarm notifications." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the configuration" + }, + "userRoleRequired": { + "type": "boolean", + "description": "Enables use of a user role requirement in your chat configuration" + } + }, + "autoNamingSpec": { + "sdkName": "configurationName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "iamRoleArn", + "slackChannelId", + "slackWorkspaceId" + ], + "createOnly": [ + "configurationName", + "slackWorkspaceId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cleanrooms:AnalysisTemplate": { + "cf": "AWS::CleanRooms::AnalysisTemplate", + "inputs": { + "analysisParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:AnalysisTemplateAnalysisParameter" + }, + "description": "The member who can query can provide this placeholder for a literal data value in an analysis template" + }, + "description": { + "type": "string", + "description": "The description of the analysis template." + }, + "format": { + "$ref": "#/types/aws-native:cleanrooms:AnalysisTemplateFormat", + "description": "The format of the analysis template." + }, + "membershipIdentifier": { + "type": "string", + "description": "The identifier for a membership resource." + }, + "name": { + "type": "string", + "description": "The name of the analysis template." + }, + "source": { + "$ref": "#/types/aws-native:cleanrooms:AnalysisTemplateAnalysisSource", + "description": "The source of the analysis template." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms analysis template." + } + }, + "outputs": { + "analysisParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:AnalysisTemplateAnalysisParameter" + }, + "description": "The member who can query can provide this placeholder for a literal data value in an analysis template", + "replaceOnChanges": true + }, + "analysisTemplateIdentifier": { + "type": "string", + "description": "Returns the identifier for the analysis template.\n\nExample: `a1b2c3d4-5678-90ab-cdef-EXAMPLE2222`" + }, + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) of the analysis template.\n\nExample: `arn:aws:cleanrooms:us-east-1:111122223333:membership/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111/analysistemplates/a1b2c3d4-5678-90ab-cdef-EXAMPLE2222`" + }, + "collaborationArn": { + "type": "string", + "description": "Returns the unique ARN for the analysis template’s associated collaboration.\n\nExample: `arn:aws:cleanrooms:us-east-1:111122223333:collaboration/a1b2c3d4-5678-90ab-cdef-EXAMPLE33333`" + }, + "collaborationIdentifier": { + "type": "string", + "description": "Returns the unique ID for the associated collaboration of the analysis template.\n\nExample: `a1b2c3d4-5678-90ab-cdef-EXAMPLE33333`" + }, + "description": { + "type": "string", + "description": "The description of the analysis template." + }, + "format": { + "$ref": "#/types/aws-native:cleanrooms:AnalysisTemplateFormat", + "description": "The format of the analysis template.", + "replaceOnChanges": true + }, + "membershipArn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) of the member who created the analysis template.\n\nExample: `arn:aws:cleanrooms:us-east-1:111122223333:membership/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`" + }, + "membershipIdentifier": { + "type": "string", + "description": "The identifier for a membership resource.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the analysis template.", + "replaceOnChanges": true + }, + "schema": { + "$ref": "#/types/aws-native:cleanrooms:AnalysisTemplateAnalysisSchema" + }, + "source": { + "$ref": "#/types/aws-native:cleanrooms:AnalysisTemplateAnalysisSource", + "description": "The source of the analysis template.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms analysis template." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "required": [ + "format", + "membershipIdentifier", + "source" + ], + "createOnly": [ + "analysisParameters", + "analysisParameters/DefaultValue", + "analysisParameters/Name", + "analysisParameters/Type", + "format", + "membershipIdentifier", + "name", + "source", + "source/Text" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cleanrooms:Collaboration": { + "cf": "AWS::CleanRooms::Collaboration", + "inputs": { + "creatorDisplayName": { + "type": "string", + "description": "A display name of the collaboration creator." + }, + "creatorMemberAbilities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationMemberAbility" + }, + "description": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS`" + }, + "creatorPaymentConfiguration": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationPaymentConfiguration", + "description": "An object representing the collaboration member's payment responsibilities set by the collaboration creator." + }, + "dataEncryptionMetadata": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationDataEncryptionMetadata", + "description": "The settings for client-side encryption for cryptographic computing." + }, + "description": { + "type": "string", + "description": "A description of the collaboration provided by the collaboration owner." + }, + "members": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationMemberSpecification" + }, + "description": "A list of initial members, not including the creator. This list is immutable." + }, + "name": { + "type": "string", + "description": "A human-readable identifier provided by the collaboration owner. Display names are not unique." + }, + "queryLogStatus": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationQueryLogStatus", + "description": "An indicator as to whether query logging has been enabled or disabled for the collaboration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms collaboration." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) of the specified collaboration.\n\nExample: `arn:aws:cleanrooms:us-east-1:111122223333:collaboration/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`" + }, + "collaborationIdentifier": { + "type": "string", + "description": "Returns the unique identifier of the specified collaboration.\n\nExample: `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`" + }, + "creatorDisplayName": { + "type": "string", + "description": "A display name of the collaboration creator.", + "replaceOnChanges": true + }, + "creatorMemberAbilities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationMemberAbility" + }, + "description": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS`", + "replaceOnChanges": true + }, + "creatorPaymentConfiguration": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationPaymentConfiguration", + "description": "An object representing the collaboration member's payment responsibilities set by the collaboration creator.", + "replaceOnChanges": true + }, + "dataEncryptionMetadata": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationDataEncryptionMetadata", + "description": "The settings for client-side encryption for cryptographic computing.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "A description of the collaboration provided by the collaboration owner." + }, + "members": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationMemberSpecification" + }, + "description": "A list of initial members, not including the creator. This list is immutable.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "A human-readable identifier provided by the collaboration owner. Display names are not unique." + }, + "queryLogStatus": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationQueryLogStatus", + "description": "An indicator as to whether query logging has been enabled or disabled for the collaboration.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms collaboration." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "creatorDisplayName", + "creatorMemberAbilities", + "description", + "members", + "queryLogStatus" + ], + "createOnly": [ + "creatorDisplayName", + "creatorMemberAbilities", + "creatorPaymentConfiguration", + "dataEncryptionMetadata", + "members", + "queryLogStatus" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cleanrooms:ConfiguredTable": { + "cf": "AWS::CleanRooms::ConfiguredTable", + "inputs": { + "allowedColumns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The columns within the underlying AWS Glue table that can be utilized within collaborations." + }, + "analysisMethod": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisMethod", + "description": "The analysis method for the configured table. The only valid value is currently `DIRECT_QUERY`." + }, + "analysisRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisRule" + }, + "description": "The analysis rule that was created for the configured table." + }, + "description": { + "type": "string", + "description": "A description for the configured table." + }, + "name": { + "type": "string", + "description": "A name for the configured table." + }, + "tableReference": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableTableReference", + "description": "The AWS Glue table that this configured table represents." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms collaboration." + } + }, + "outputs": { + "allowedColumns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The columns within the underlying AWS Glue table that can be utilized within collaborations.", + "replaceOnChanges": true + }, + "analysisMethod": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisMethod", + "description": "The analysis method for the configured table. The only valid value is currently `DIRECT_QUERY`.", + "replaceOnChanges": true + }, + "analysisRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisRule" + }, + "description": "The analysis rule that was created for the configured table." + }, + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) of the specified configured table.\n\nExample: `arn:aws:cleanrooms:us-east-1:111122223333:configuredtable/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`" + }, + "configuredTableIdentifier": { + "type": "string", + "description": "Returns the unique identifier of the specified configured table.\n\nExample: `a1b2c3d4-5678-90ab-cdef-EXAMPLE33333`" + }, + "description": { + "type": "string", + "description": "A description for the configured table." + }, + "name": { + "type": "string", + "description": "A name for the configured table." + }, + "tableReference": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableTableReference", + "description": "The AWS Glue table that this configured table represents.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms collaboration." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "allowedColumns", + "analysisMethod", + "tableReference" + ], + "createOnly": [ + "allowedColumns", + "analysisMethod", + "tableReference" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cleanrooms:ConfiguredTableAssociation": { + "cf": "AWS::CleanRooms::ConfiguredTableAssociation", + "inputs": { + "configuredTableAssociationAnalysisRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRule" + }, + "description": "An analysis rule for a configured table association. This analysis rule specifies how data from the table can be used within its associated collaboration. In the console, the `ConfiguredTableAssociationAnalysisRule` is referred to as the *collaboration analysis rule* ." + }, + "configuredTableIdentifier": { + "type": "string", + "description": "A unique identifier for the configured table to be associated to. Currently accepts a configured table ID." + }, + "description": { + "type": "string", + "description": "A description of the configured table association." + }, + "membershipIdentifier": { + "type": "string", + "description": "The unique ID for the membership this configured table association belongs to." + }, + "name": { + "type": "string", + "description": "The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data." + }, + "roleArn": { + "type": "string", + "description": "The service will assume this role to access catalog metadata and query the table." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms collaboration." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) of the specified configured table association.\n\nExample: `arn:aws:cleanrooms:us-east-1:111122223333:configuredtable/a1b2c3d4-5678-90ab-cdef-EXAMPLE33333`" + }, + "configuredTableAssociationAnalysisRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRule" + }, + "description": "An analysis rule for a configured table association. This analysis rule specifies how data from the table can be used within its associated collaboration. In the console, the `ConfiguredTableAssociationAnalysisRule` is referred to as the *collaboration analysis rule* ." + }, + "configuredTableAssociationIdentifier": { + "type": "string", + "description": "Returns the unique identifier of the specified configured table association.\n\nExample: `a1b2c3d4-5678-90ab-cdef-EXAMPLE33333`" + }, + "configuredTableIdentifier": { + "type": "string", + "description": "A unique identifier for the configured table to be associated to. Currently accepts a configured table ID.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "A description of the configured table association." + }, + "membershipIdentifier": { + "type": "string", + "description": "The unique ID for the membership this configured table association belongs to.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The service will assume this role to access catalog metadata and query the table." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms collaboration." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "required": [ + "configuredTableIdentifier", + "membershipIdentifier", + "roleArn" + ], + "createOnly": [ + "configuredTableIdentifier", + "membershipIdentifier", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cleanrooms:IdMappingTable": { + "cf": "AWS::CleanRooms::IdMappingTable", + "inputs": { + "description": { + "type": "string", + "description": "The description of the ID mapping table." + }, + "inputReferenceConfig": { + "$ref": "#/types/aws-native:cleanrooms:IdMappingTableInputReferenceConfig", + "description": "The input reference configuration for the ID mapping table." + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS KMS key." + }, + "membershipIdentifier": { + "type": "string", + "description": "The unique identifier of the membership resource for the ID mapping table." + }, + "name": { + "type": "string", + "description": "The name of the ID mapping table." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the ID mapping table." + }, + "collaborationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the collaboration that contains this ID mapping table." + }, + "collaborationIdentifier": { + "type": "string" + }, + "description": { + "type": "string", + "description": "The description of the ID mapping table." + }, + "idMappingTableIdentifier": { + "type": "string" + }, + "inputReferenceConfig": { + "$ref": "#/types/aws-native:cleanrooms:IdMappingTableInputReferenceConfig", + "description": "The input reference configuration for the ID mapping table.", + "replaceOnChanges": true + }, + "inputReferenceProperties": { + "$ref": "#/types/aws-native:cleanrooms:IdMappingTableInputReferenceProperties" + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS KMS key." + }, + "membershipArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the membership resource for the ID mapping table." + }, + "membershipIdentifier": { + "type": "string", + "description": "The unique identifier of the membership resource for the ID mapping table.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the ID mapping table.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "required": [ + "inputReferenceConfig", + "membershipIdentifier" + ], + "createOnly": [ + "inputReferenceConfig", + "membershipIdentifier", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cleanrooms:IdNamespaceAssociation": { + "cf": "AWS::CleanRooms::IdNamespaceAssociation", + "inputs": { + "description": { + "type": "string", + "description": "The description of the ID namespace association." + }, + "idMappingConfig": { + "$ref": "#/types/aws-native:cleanrooms:IdNamespaceAssociationIdMappingConfig", + "description": "The configuration settings for the ID mapping table." + }, + "inputReferenceConfig": { + "$ref": "#/types/aws-native:cleanrooms:IdNamespaceAssociationInputReferenceConfig", + "description": "The input reference configuration for the ID namespace association." + }, + "membershipIdentifier": { + "type": "string", + "description": "The unique identifier of the membership that contains the ID namespace association." + }, + "name": { + "type": "string", + "description": "The name of this ID namespace association." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the ID namespace association." + }, + "collaborationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the collaboration that contains this ID namespace association." + }, + "collaborationIdentifier": { + "type": "string" + }, + "description": { + "type": "string", + "description": "The description of the ID namespace association." + }, + "idMappingConfig": { + "$ref": "#/types/aws-native:cleanrooms:IdNamespaceAssociationIdMappingConfig", + "description": "The configuration settings for the ID mapping table." + }, + "idNamespaceAssociationIdentifier": { + "type": "string" + }, + "inputReferenceConfig": { + "$ref": "#/types/aws-native:cleanrooms:IdNamespaceAssociationInputReferenceConfig", + "description": "The input reference configuration for the ID namespace association.", + "replaceOnChanges": true + }, + "inputReferenceProperties": { + "$ref": "#/types/aws-native:cleanrooms:IdNamespaceAssociationInputReferenceProperties" + }, + "membershipArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the membership resource for this ID namespace association." + }, + "membershipIdentifier": { + "type": "string", + "description": "The unique identifier of the membership that contains the ID namespace association.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of this ID namespace association." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "inputReferenceConfig", + "membershipIdentifier" + ], + "createOnly": [ + "inputReferenceConfig", + "membershipIdentifier" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cleanrooms:Membership": { + "cf": "AWS::CleanRooms::Membership", + "inputs": { + "collaborationIdentifier": { + "type": "string", + "description": "The unique ID for the associated collaboration." + }, + "defaultResultConfiguration": { + "$ref": "#/types/aws-native:cleanrooms:MembershipProtectedQueryResultConfiguration", + "description": "The default protected query result configuration as specified by the member who can receive results." + }, + "paymentConfiguration": { + "$ref": "#/types/aws-native:cleanrooms:MembershipPaymentConfiguration", + "description": "The payment responsibilities accepted by the collaboration member." + }, + "queryLogStatus": { + "$ref": "#/types/aws-native:cleanrooms:MembershipQueryLogStatus", + "description": "An indicator as to whether query logging has been enabled or disabled for the membership." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms membership." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) of the specified membership.\n\nExample: `arn:aws:cleanrooms:us-east-1:111122223333:membership/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`" + }, + "collaborationArn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) of the specified collaboration.\n\nExample: `arn:aws:cleanrooms:us-east-1:111122223333:collaboration/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`" + }, + "collaborationCreatorAccountId": { + "type": "string", + "description": "Returns the unique identifier of the specified collaboration creator account.\n\nExample: `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111`" + }, + "collaborationIdentifier": { + "type": "string", + "description": "The unique ID for the associated collaboration.", + "replaceOnChanges": true + }, + "defaultResultConfiguration": { + "$ref": "#/types/aws-native:cleanrooms:MembershipProtectedQueryResultConfiguration", + "description": "The default protected query result configuration as specified by the member who can receive results." + }, + "membershipIdentifier": { + "type": "string", + "description": "Returns the unique identifier of the specified membership.\n\nExample: `a1b2c3d4-5678-90ab-cdef-EXAMPLE22222`" + }, + "paymentConfiguration": { + "$ref": "#/types/aws-native:cleanrooms:MembershipPaymentConfiguration", + "description": "The payment responsibilities accepted by the collaboration member." + }, + "queryLogStatus": { + "$ref": "#/types/aws-native:cleanrooms:MembershipQueryLogStatus", + "description": "An indicator as to whether query logging has been enabled or disabled for the membership." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms membership." + } + }, + "required": [ + "collaborationIdentifier", + "queryLogStatus" + ], + "createOnly": [ + "collaborationIdentifier" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cleanrooms:PrivacyBudgetTemplate": { + "cf": "AWS::CleanRooms::PrivacyBudgetTemplate", + "inputs": { + "autoRefresh": { + "$ref": "#/types/aws-native:cleanrooms:PrivacyBudgetTemplateAutoRefresh", + "description": "How often the privacy budget refreshes.\n\n\u003e If you plan to regularly bring new data into the collaboration, use `CALENDAR_MONTH` to automatically get a new privacy budget for the collaboration every calendar month. Choosing this option allows arbitrary amounts of information to be revealed about rows of the data when repeatedly queried across refreshes. Avoid choosing this if the same rows will be repeatedly queried between privacy budget refreshes." + }, + "membershipIdentifier": { + "type": "string", + "description": "The identifier for a membership resource." + }, + "parameters": { + "$ref": "#/types/aws-native:cleanrooms:ParametersProperties", + "description": "Specifies the epsilon and noise parameters for the privacy budget template." + }, + "privacyBudgetType": { + "$ref": "#/types/aws-native:cleanrooms:PrivacyBudgetTemplatePrivacyBudgetType", + "description": "Specifies the type of the privacy budget template." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms privacy budget template." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the privacy budget template." + }, + "autoRefresh": { + "$ref": "#/types/aws-native:cleanrooms:PrivacyBudgetTemplateAutoRefresh", + "description": "How often the privacy budget refreshes.\n\n\u003e If you plan to regularly bring new data into the collaboration, use `CALENDAR_MONTH` to automatically get a new privacy budget for the collaboration every calendar month. Choosing this option allows arbitrary amounts of information to be revealed about rows of the data when repeatedly queried across refreshes. Avoid choosing this if the same rows will be repeatedly queried between privacy budget refreshes.", + "replaceOnChanges": true + }, + "collaborationArn": { + "type": "string", + "description": "The ARN of the collaboration that contains this privacy budget template." + }, + "collaborationIdentifier": { + "type": "string", + "description": "The unique ID of the collaboration that contains this privacy budget template." + }, + "membershipArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the member who created the privacy budget template." + }, + "membershipIdentifier": { + "type": "string", + "description": "The identifier for a membership resource.", + "replaceOnChanges": true + }, + "parameters": { + "$ref": "#/types/aws-native:cleanrooms:ParametersProperties", + "description": "Specifies the epsilon and noise parameters for the privacy budget template." + }, + "privacyBudgetTemplateIdentifier": { + "type": "string", + "description": "A unique identifier for one of your memberships for a collaboration. The privacy budget template is created in the collaboration that this membership belongs to. Accepts a membership ID." + }, + "privacyBudgetType": { + "$ref": "#/types/aws-native:cleanrooms:PrivacyBudgetTemplatePrivacyBudgetType", + "description": "Specifies the type of the privacy budget template.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms privacy budget template." + } + }, + "required": [ + "autoRefresh", + "membershipIdentifier", + "parameters", + "privacyBudgetType" + ], + "createOnly": [ + "autoRefresh", + "membershipIdentifier", + "privacyBudgetType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cleanroomsml:TrainingDataset": { + "cf": "AWS::CleanRoomsML::TrainingDataset", + "inputs": { + "description": { + "type": "string", + "description": "The description of the training dataset." + }, + "name": { + "type": "string", + "description": "The name of the training dataset." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms-ml training dataset." + }, + "trainingData": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanroomsml:TrainingDatasetDataset" + }, + "description": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the training dataset.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the training dataset.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:cleanroomsml:TrainingDatasetStatus", + "description": "The status of the training dataset." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this cleanrooms-ml training dataset." + }, + "trainingData": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanroomsml:TrainingDatasetDataset" + }, + "description": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", + "replaceOnChanges": true + }, + "trainingDatasetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the training dataset." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "roleArn", + "trainingData" + ], + "createOnly": [ + "description", + "name", + "roleArn", + "trainingData" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cloudformation:HookDefaultVersion": { + "cf": "AWS::CloudFormation::HookDefaultVersion", + "inputs": { + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type." + }, + "typeVersionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type version." + }, + "versionId": { + "type": "string", + "description": "The ID of an existing version of the hook to set as the default." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type. This is used to uniquely identify a HookDefaultVersion" + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type." + }, + "typeVersionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type version." + }, + "versionId": { + "type": "string", + "description": "The ID of an existing version of the hook to set as the default." + } + } + }, + "aws-native:cloudformation:HookTypeConfig": { + "cf": "AWS::CloudFormation::HookTypeConfig", + "inputs": { + "configuration": { + "type": "string", + "description": "The configuration data for the extension, in this account and region." + }, + "configurationAlias": { + "$ref": "#/types/aws-native:cloudformation:HookTypeConfigConfigurationAlias", + "description": "An alias by which to refer to this extension configuration data." + }, + "typeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type without version number." + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type." + } + }, + "outputs": { + "configuration": { + "type": "string", + "description": "The configuration data for the extension, in this account and region." + }, + "configurationAlias": { + "$ref": "#/types/aws-native:cloudformation:HookTypeConfigConfigurationAlias", + "description": "An alias by which to refer to this extension configuration data.", + "replaceOnChanges": true + }, + "configurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the configuration data, in this account and region." + }, + "typeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type without version number." + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type." + } + }, + "createOnly": [ + "configurationAlias" + ] + }, + "aws-native:cloudformation:HookVersion": { + "cf": "AWS::CloudFormation::HookVersion", + "inputs": { + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM execution role to use to register the type. If your resource type calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your resource type with the appropriate credentials." + }, + "loggingConfig": { + "$ref": "#/types/aws-native:cloudformation:HookVersionLoggingConfig", + "description": "Specifies logging configuration information for a type." + }, + "schemaHandlerPackage": { + "type": "string", + "description": "A url to the S3 bucket containing the schema handler package that contains the schema, event handlers, and associated files for the type you want to register.\n\nFor information on generating a schema handler package for the type you want to register, see submit in the CloudFormation CLI User Guide." + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type, here the HookVersion. This is used to uniquely identify a HookVersion resource" + }, + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM execution role to use to register the type. If your resource type calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your resource type with the appropriate credentials.", + "replaceOnChanges": true + }, + "isDefaultVersion": { + "type": "boolean", + "description": "Indicates if this type version is the current default version" + }, + "loggingConfig": { + "$ref": "#/types/aws-native:cloudformation:HookVersionLoggingConfig", + "description": "Specifies logging configuration information for a type.", + "replaceOnChanges": true + }, + "schemaHandlerPackage": { + "type": "string", + "description": "A url to the S3 bucket containing the schema handler package that contains the schema, event handlers, and associated files for the type you want to register.\n\nFor information on generating a schema handler package for the type you want to register, see submit in the CloudFormation CLI User Guide.", + "replaceOnChanges": true + }, + "typeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type without the versionID." + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type.", + "replaceOnChanges": true + }, + "versionId": { + "type": "string", + "description": "The ID of the version of the type represented by this hook instance." + }, + "visibility": { + "$ref": "#/types/aws-native:cloudformation:HookVersionVisibility", + "description": "The scope at which the type is visible and usable in CloudFormation operations.\n\nValid values include:\n\nPRIVATE: The type is only visible and usable within the account in which it is registered. Currently, AWS CloudFormation marks any types you register as PRIVATE.\n\nPUBLIC: The type is publically visible and usable within any Amazon account." + } + }, + "required": [ + "schemaHandlerPackage", + "typeName" + ], + "createOnly": [ + "executionRoleArn", + "loggingConfig", + "schemaHandlerPackage", + "typeName" + ], + "writeOnly": [ + "schemaHandlerPackage" + ] + }, + "aws-native:cloudformation:ModuleDefaultVersion": { + "cf": "AWS::CloudFormation::ModuleDefaultVersion", + "inputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the module version to set as the default version." + }, + "moduleName": { + "type": "string", + "description": "The name of a module existing in the registry." + }, + "versionId": { + "type": "string", + "description": "The ID of an existing version of the named module to set as the default." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the module version to set as the default version.", + "replaceOnChanges": true + }, + "moduleName": { + "type": "string", + "description": "The name of a module existing in the registry.", + "replaceOnChanges": true + }, + "versionId": { + "type": "string", + "description": "The ID of an existing version of the named module to set as the default.", + "replaceOnChanges": true + } + }, + "createOnly": [ + "arn", + "moduleName", + "versionId" + ], + "writeOnly": [ + "moduleName", + "versionId" + ] + }, + "aws-native:cloudformation:ModuleVersion": { + "cf": "AWS::CloudFormation::ModuleVersion", + "inputs": { + "moduleName": { + "type": "string", + "description": "The name of the module being registered.\n\nRecommended module naming pattern: company_or_organization::service::type::MODULE." + }, + "modulePackage": { + "type": "string", + "description": "The url to the S3 bucket containing the schema and template fragment for the module you want to register." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the module." + }, + "description": { + "type": "string", + "description": "The description of the registered module." + }, + "documentationUrl": { + "type": "string", + "description": "The URL of a page providing detailed documentation for this module." + }, + "isDefaultVersion": { + "type": "boolean", + "description": "Indicator of whether this module version is the current default version" + }, + "moduleName": { + "type": "string", + "description": "The name of the module being registered.\n\nRecommended module naming pattern: company_or_organization::service::type::MODULE.", + "replaceOnChanges": true + }, + "modulePackage": { + "type": "string", + "description": "The url to the S3 bucket containing the schema and template fragment for the module you want to register.", + "replaceOnChanges": true + }, + "schema": { + "type": "string", + "description": "The schema defining input parameters to and resources generated by the module." + }, + "timeCreated": { + "type": "string", + "description": "The time that the specified module version was registered." + }, + "versionId": { + "type": "string", + "description": "The version ID of the module represented by this module instance." + }, + "visibility": { + "$ref": "#/types/aws-native:cloudformation:ModuleVersionVisibility", + "description": "The scope at which the type is visible and usable in CloudFormation operations.\n\nThe only allowed value at present is:\n\nPRIVATE: The type is only visible and usable within the account in which it is registered. Currently, AWS CloudFormation marks any types you register as PRIVATE." + } + }, + "required": [ + "moduleName", + "modulePackage" + ], + "createOnly": [ + "moduleName", + "modulePackage" + ], + "writeOnly": [ + "modulePackage" + ] + }, + "aws-native:cloudformation:PublicTypeVersion": { + "cf": "AWS::CloudFormation::PublicTypeVersion", + "inputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the extension." + }, + "logDeliveryBucket": { + "type": "string", + "description": "A url to the S3 bucket where logs for the testType run will be available" + }, + "publicVersionNumber": { + "type": "string", + "description": "The version number of a public third-party extension" + }, + "type": { + "$ref": "#/types/aws-native:cloudformation:PublicTypeVersionType", + "description": "The kind of extension" + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the extension.", + "replaceOnChanges": true + }, + "logDeliveryBucket": { + "type": "string", + "description": "A url to the S3 bucket where logs for the testType run will be available", + "replaceOnChanges": true + }, + "publicTypeArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) assigned to the public extension upon publication" + }, + "publicVersionNumber": { + "type": "string", + "description": "The version number of a public third-party extension", + "replaceOnChanges": true + }, + "publisherId": { + "type": "string", + "description": "The publisher id assigned by CloudFormation for publishing in this region." + }, + "type": { + "$ref": "#/types/aws-native:cloudformation:PublicTypeVersionType", + "description": "The kind of extension", + "replaceOnChanges": true + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type.", + "replaceOnChanges": true + }, + "typeVersionArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the extension with the versionId." + } + }, + "createOnly": [ + "arn", + "logDeliveryBucket", + "publicVersionNumber", + "type", + "typeName" + ], + "writeOnly": [ + "arn" + ] + }, + "aws-native:cloudformation:Publisher": { + "cf": "AWS::CloudFormation::Publisher", + "inputs": { + "acceptTermsAndConditions": { + "type": "boolean", + "description": "Whether you accept the terms and conditions for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to publish public extensions to the CloudFormation registry. The terms and conditions can be found at https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf" + }, + "connectionArn": { + "type": "string", + "description": "If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account." + } + }, + "outputs": { + "acceptTermsAndConditions": { + "type": "boolean", + "description": "Whether you accept the terms and conditions for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to publish public extensions to the CloudFormation registry. The terms and conditions can be found at https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf", + "replaceOnChanges": true + }, + "connectionArn": { + "type": "string", + "description": "If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account.", + "replaceOnChanges": true + }, + "identityProvider": { + "$ref": "#/types/aws-native:cloudformation:PublisherIdentityProvider", + "description": "The type of account used as the identity provider when registering this publisher with CloudFormation." + }, + "publisherId": { + "type": "string", + "description": "The publisher id assigned by CloudFormation for publishing in this region." + }, + "publisherProfile": { + "type": "string", + "description": "The URL to the publisher's profile with the identity provider." + }, + "publisherStatus": { + "$ref": "#/types/aws-native:cloudformation:PublisherStatus", + "description": "Whether the publisher is verified." + } + }, + "required": [ + "acceptTermsAndConditions" + ], + "createOnly": [ + "acceptTermsAndConditions", + "connectionArn" + ], + "writeOnly": [ + "connectionArn" + ] + }, + "aws-native:cloudformation:ResourceDefaultVersion": { + "cf": "AWS::CloudFormation::ResourceDefaultVersion", + "inputs": { + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type." + }, + "typeVersionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type version." + }, + "versionId": { + "type": "string", + "description": "The ID of an existing version of the resource to set as the default." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type. This is used to uniquely identify a ResourceDefaultVersion" + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type." + }, + "typeVersionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type version." + }, + "versionId": { + "type": "string", + "description": "The ID of an existing version of the resource to set as the default." + } + } + }, + "aws-native:cloudformation:ResourceVersion": { + "cf": "AWS::CloudFormation::ResourceVersion", + "inputs": { + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM execution role to use to register the type. If your resource type calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your resource type with the appropriate credentials." + }, + "loggingConfig": { + "$ref": "#/types/aws-native:cloudformation:ResourceVersionLoggingConfig", + "description": "Specifies logging configuration information for a type." + }, + "schemaHandlerPackage": { + "type": "string", + "description": "A url to the S3 bucket containing the schema handler package that contains the schema, event handlers, and associated files for the type you want to register.\n\nFor information on generating a schema handler package for the type you want to register, see submit in the CloudFormation CLI User Guide." + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type, here the ResourceVersion. This is used to uniquely identify a ResourceVersion resource" + }, + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM execution role to use to register the type. If your resource type calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your resource type with the appropriate credentials.", + "replaceOnChanges": true + }, + "isDefaultVersion": { + "type": "boolean", + "description": "Indicates if this type version is the current default version" + }, + "loggingConfig": { + "$ref": "#/types/aws-native:cloudformation:ResourceVersionLoggingConfig", + "description": "Specifies logging configuration information for a type.", + "replaceOnChanges": true + }, + "provisioningType": { + "$ref": "#/types/aws-native:cloudformation:ResourceVersionProvisioningType", + "description": "The provisioning behavior of the type. AWS CloudFormation determines the provisioning type during registration, based on the types of handlers in the schema handler package submitted." + }, + "schemaHandlerPackage": { + "type": "string", + "description": "A url to the S3 bucket containing the schema handler package that contains the schema, event handlers, and associated files for the type you want to register.\n\nFor information on generating a schema handler package for the type you want to register, see submit in the CloudFormation CLI User Guide.", + "replaceOnChanges": true + }, + "typeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the type without the versionID." + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type.", + "replaceOnChanges": true + }, + "versionId": { + "type": "string", + "description": "The ID of the version of the type represented by this resource instance." + }, + "visibility": { + "$ref": "#/types/aws-native:cloudformation:ResourceVersionVisibility", + "description": "The scope at which the type is visible and usable in CloudFormation operations.\n\nValid values include:\n\nPRIVATE: The type is only visible and usable within the account in which it is registered. Currently, AWS CloudFormation marks any types you register as PRIVATE.\n\nPUBLIC: The type is publically visible and usable within any Amazon account." + } + }, + "required": [ + "schemaHandlerPackage", + "typeName" + ], + "createOnly": [ + "executionRoleArn", + "loggingConfig", + "schemaHandlerPackage", + "typeName" + ], + "writeOnly": [ + "schemaHandlerPackage" + ] + }, + "aws-native:cloudformation:Stack": { + "cf": "AWS::CloudFormation::Stack", + "inputs": { + "capabilities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudformation:StackCapabilitiesItem" + }, + "description": "In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for AWS CloudFormation to create the stack.\n\n- `CAPABILITY_IAM` and `CAPABILITY_NAMED_IAM`\n\nSome stack templates might include resources that can affect permissions in your AWS account ; for example, by creating new AWS Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.\n\nThe following IAM resources require you to specify either the `CAPABILITY_IAM` or `CAPABILITY_NAMED_IAM` capability.\n\n- If you have IAM resources, you can specify either capability.\n- If you have IAM resources with custom names, you *must* specify `CAPABILITY_NAMED_IAM` .\n- If you don't specify either of these capabilities, AWS CloudFormation returns an `InsufficientCapabilities` error.\n\nIf your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.\n\n- [`AWS::IAM::AccessKey`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html)\n- [`AWS::IAM::Group`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html)\n- [`AWS::IAM::InstanceProfile`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html)\n- [`AWS::IAM::Policy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html)\n- [`AWS::IAM::Role`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html)\n- [`AWS::IAM::User`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html)\n- [`AWS::IAM::UserToGroupAddition`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-addusertogroup.html)\n\nFor more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#capabilities) .\n- `CAPABILITY_AUTO_EXPAND`\n\nSome template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually creating the stack. If your stack template contains one or more macros, and you choose to create a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the [AWS::Include](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/create-reusable-transform-function-snippets-and-add-to-your-template-with-aws-include-transform.html) and [AWS::Serverless](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-aws-serverless.html) transforms, which are macros hosted by AWS CloudFormation .\n\nIf you want to create a stack from a stack template that contains macros *and* nested stacks, you must create the stack directly from the template using this capability.\n\n\u003e You should only create stacks directly from a stack template that contains macros if you know what processing the macro performs.\n\u003e \n\u003e Each macro relies on an underlying Lambda service function for processing stack templates. Be aware that the Lambda function owner can update the function operation without AWS CloudFormation being notified. \n\nFor more information, see [Using AWS CloudFormation macros to perform custom processing on templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-macros.html) ." + }, + "description": { + "type": "string", + "description": "A user-defined description associated with the stack." + }, + "disableRollback": { + "type": "boolean", + "description": "Set to `true` to disable rollback of the stack if stack creation failed. You can specify either `DisableRollback` or `OnFailure` , but not both.\n\nDefault: `false`" + }, + "enableTerminationProtection": { + "type": "boolean", + "description": "Whether to enable termination protection on the specified stack. If a user attempts to delete a stack with termination protection enabled, the operation fails and the stack remains unchanged. For more information, see [Protecting a Stack From Being Deleted](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-protect-stacks.html) in the *AWS CloudFormation User Guide* . Termination protection is deactivated on stacks by default.\n\nFor [nested stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-nested-stacks.html) , termination protection is set on the root stack and can't be changed directly on the nested stack." + }, + "notificationArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Simple Notification Service (Amazon SNS) topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI)." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter.\n\n\u003e If you use the `Ref` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type `String` . In other words, you can't pass values that are of type `CommaDelimitedList` to nested stacks. \n\nConditional. Required if the nested stack requires input parameters.\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that AWS CloudFormation assumes to create the stack. AWS CloudFormation uses the role's credentials to make calls on your behalf. AWS CloudFormation always uses this role for all future operations on the stack. Provided that users have permission to operate on the stack, AWS CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least privilege.\n\nIf you don't specify a value, AWS CloudFormation uses the role that was previously associated with the stack. If no role is available, AWS CloudFormation uses a temporary session that's generated from your user credentials." + }, + "stackName": { + "type": "string", + "description": "The name that's associated with the stack. The name must be unique in the Region in which you are creating the stack.\n\n\u003e A stack name can contain only alphanumeric characters (case sensitive) and hyphens. It must start with an alphabetical character and can't be longer than 128 characters." + }, + "stackPolicyBody": { + "$ref": "pulumi.json#/Any", + "description": "Structure containing the stack policy body. For more information, go to [Prevent Updates to Stack Resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html) in the *AWS CloudFormation User Guide* . You can specify either the `StackPolicyBody` or the `StackPolicyURL` parameter, but not both.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::CloudFormation::Stack` for more information about the expected schema for this property." + }, + "stackPolicyUrl": { + "type": "string", + "description": "Location of a file containing the stack policy. The URL must point to a policy (maximum size: 16 KB) located in an S3 bucket in the same Region as the stack. You can specify either the `StackPolicyBody` or the `StackPolicyURL` parameter, but not both." + }, + "stackStatusReason": { + "type": "string", + "description": "Success/failure message associated with the stack status." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs to associate with this stack. AWS CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified." + }, + "templateBody": { + "$ref": "pulumi.json#/Any", + "description": "Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information, go to [Template anatomy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-anatomy.html) in the AWS CloudFormation User Guide.\n\nConditional: You must specify either the `TemplateBody` or the `TemplateURL` parameter, but not both.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::CloudFormation::Stack` for more information about the expected schema for this property." + }, + "templateUrl": { + "type": "string", + "description": "Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that's located in an Amazon S3 bucket. For more information, see [Template anatomy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-anatomy.html) .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced." + }, + "timeoutInMinutes": { + "type": "integer", + "description": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported." + } + }, + "outputs": { + "capabilities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudformation:StackCapabilitiesItem" + }, + "description": "In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for AWS CloudFormation to create the stack.\n\n- `CAPABILITY_IAM` and `CAPABILITY_NAMED_IAM`\n\nSome stack templates might include resources that can affect permissions in your AWS account ; for example, by creating new AWS Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities.\n\nThe following IAM resources require you to specify either the `CAPABILITY_IAM` or `CAPABILITY_NAMED_IAM` capability.\n\n- If you have IAM resources, you can specify either capability.\n- If you have IAM resources with custom names, you *must* specify `CAPABILITY_NAMED_IAM` .\n- If you don't specify either of these capabilities, AWS CloudFormation returns an `InsufficientCapabilities` error.\n\nIf your stack template contains these resources, we recommend that you review all permissions associated with them and edit their permissions if necessary.\n\n- [`AWS::IAM::AccessKey`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-accesskey.html)\n- [`AWS::IAM::Group`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-group.html)\n- [`AWS::IAM::InstanceProfile`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html)\n- [`AWS::IAM::Policy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-policy.html)\n- [`AWS::IAM::Role`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html)\n- [`AWS::IAM::User`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-user.html)\n- [`AWS::IAM::UserToGroupAddition`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iam-addusertogroup.html)\n\nFor more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#capabilities) .\n- `CAPABILITY_AUTO_EXPAND`\n\nSome template contain macros. Macros perform custom processing on templates; this can include simple actions like find-and-replace operations, all the way to extensive transformations of entire templates. Because of this, users typically create a change set from the processed template, so that they can review the changes resulting from the macros before actually creating the stack. If your stack template contains one or more macros, and you choose to create a stack directly from the processed template, without first reviewing the resulting changes in a change set, you must acknowledge this capability. This includes the [AWS::Include](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/create-reusable-transform-function-snippets-and-add-to-your-template-with-aws-include-transform.html) and [AWS::Serverless](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/transform-aws-serverless.html) transforms, which are macros hosted by AWS CloudFormation .\n\nIf you want to create a stack from a stack template that contains macros *and* nested stacks, you must create the stack directly from the template using this capability.\n\n\u003e You should only create stacks directly from a stack template that contains macros if you know what processing the macro performs.\n\u003e \n\u003e Each macro relies on an underlying Lambda service function for processing stack templates. Be aware that the Lambda function owner can update the function operation without AWS CloudFormation being notified. \n\nFor more information, see [Using AWS CloudFormation macros to perform custom processing on templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-macros.html) ." + }, + "changeSetId": { + "type": "string", + "description": "The unique ID of the change set." + }, + "creationTime": { + "type": "string", + "description": "The time at which the stack was created." + }, + "description": { + "type": "string", + "description": "A user-defined description associated with the stack." + }, + "disableRollback": { + "type": "boolean", + "description": "Set to `true` to disable rollback of the stack if stack creation failed. You can specify either `DisableRollback` or `OnFailure` , but not both.\n\nDefault: `false`" + }, + "enableTerminationProtection": { + "type": "boolean", + "description": "Whether to enable termination protection on the specified stack. If a user attempts to delete a stack with termination protection enabled, the operation fails and the stack remains unchanged. For more information, see [Protecting a Stack From Being Deleted](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-protect-stacks.html) in the *AWS CloudFormation User Guide* . Termination protection is deactivated on stacks by default.\n\nFor [nested stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-nested-stacks.html) , termination protection is set on the root stack and can't be changed directly on the nested stack." + }, + "lastUpdateTime": { + "type": "string", + "description": "The time the stack was last updated. This field will only be returned if the stack has been updated at least once." + }, + "notificationArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Simple Notification Service (Amazon SNS) topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI)." + }, + "outputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudformation:StackOutput" + }, + "description": "A list of output structures." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter.\n\n\u003e If you use the `Ref` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type `String` . In other words, you can't pass values that are of type `CommaDelimitedList` to nested stacks. \n\nConditional. Required if the nested stack requires input parameters.\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced." + }, + "parentId": { + "type": "string", + "description": "For nested stacks--stacks created as resources for another stack--the stack ID of the direct parent of this stack. For the first level of nested stacks, the root stack is also the parent stack.\n\nFor more information, see [Working with Nested Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-nested-stacks.html) in the *AWS CloudFormation User Guide* ." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that AWS CloudFormation assumes to create the stack. AWS CloudFormation uses the role's credentials to make calls on your behalf. AWS CloudFormation always uses this role for all future operations on the stack. Provided that users have permission to operate on the stack, AWS CloudFormation uses this role even if the users don't have permission to pass it. Ensure that the role grants least privilege.\n\nIf you don't specify a value, AWS CloudFormation uses the role that was previously associated with the stack. If no role is available, AWS CloudFormation uses a temporary session that's generated from your user credentials." + }, + "rootId": { + "type": "string", + "description": "For nested stacks--stacks created as resources for another stack--the stack ID of the top-level stack to which the nested stack ultimately belongs.\n\nFor more information, see [Working with Nested Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-nested-stacks.html) in the *AWS CloudFormation User Guide* ." + }, + "stackId": { + "type": "string", + "description": "Unique identifier of the stack." + }, + "stackName": { + "type": "string", + "description": "The name that's associated with the stack. The name must be unique in the Region in which you are creating the stack.\n\n\u003e A stack name can contain only alphanumeric characters (case sensitive) and hyphens. It must start with an alphabetical character and can't be longer than 128 characters.", + "replaceOnChanges": true + }, + "stackPolicyBody": { + "$ref": "pulumi.json#/Any", + "description": "Structure containing the stack policy body. For more information, go to [Prevent Updates to Stack Resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html) in the *AWS CloudFormation User Guide* . You can specify either the `StackPolicyBody` or the `StackPolicyURL` parameter, but not both.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::CloudFormation::Stack` for more information about the expected schema for this property." + }, + "stackPolicyUrl": { + "type": "string", + "description": "Location of a file containing the stack policy. The URL must point to a policy (maximum size: 16 KB) located in an S3 bucket in the same Region as the stack. You can specify either the `StackPolicyBody` or the `StackPolicyURL` parameter, but not both." + }, + "stackStatus": { + "$ref": "#/types/aws-native:cloudformation:StackStatus", + "description": "Current status of the stack." + }, + "stackStatusReason": { + "type": "string", + "description": "Success/failure message associated with the stack status." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs to associate with this stack. AWS CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified." + }, + "templateBody": { + "$ref": "pulumi.json#/Any", + "description": "Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes. For more information, go to [Template anatomy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-anatomy.html) in the AWS CloudFormation User Guide.\n\nConditional: You must specify either the `TemplateBody` or the `TemplateURL` parameter, but not both.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::CloudFormation::Stack` for more information about the expected schema for this property." + }, + "templateUrl": { + "type": "string", + "description": "Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that's located in an Amazon S3 bucket. For more information, see [Template anatomy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-anatomy.html) .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced." + }, + "timeoutInMinutes": { + "type": "integer", + "description": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported." + } + }, + "autoNamingSpec": { + "sdkName": "stackName" + }, + "createOnly": [ + "stackName" + ], + "writeOnly": [ + "stackPolicyUrl", + "templateUrl" + ], + "irreversibleNames": { + "notificationArns": "NotificationARNs", + "roleArn": "RoleARN", + "stackPolicyUrl": "StackPolicyURL", + "templateUrl": "TemplateURL" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cloudformation:StackSet": { + "cf": "AWS::CloudFormation::StackSet", + "inputs": { + "administrationRoleArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account." + }, + "autoDeployment": { + "$ref": "#/types/aws-native:cloudformation:StackSetAutoDeployment", + "description": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to the target organization or organizational unit (OU). Specify only if PermissionModel is SERVICE_MANAGED." + }, + "callAs": { + "$ref": "#/types/aws-native:cloudformation:StackSetCallAs", + "description": "Specifies the AWS account that you are acting from. By default, SELF is specified. For self-managed permissions, specify SELF; for service-managed permissions, if you are signed in to the organization's management account, specify SELF. If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN." + }, + "capabilities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudformation:StackSetCapability" + }, + "description": "In some cases, you must explicitly acknowledge that your stack set template contains certain capabilities in order for AWS CloudFormation to create the stack set and related stack instances." + }, + "description": { + "type": "string", + "description": "A description of the stack set. You can use the description to identify the stack set's purpose or other important information." + }, + "executionRoleName": { + "type": "string", + "description": "The name of the IAM execution role to use to create the stack set. If you do not specify an execution role, AWS CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation." + }, + "managedExecution": { + "$ref": "#/types/aws-native:cloudformation:ManagedExecutionProperties", + "description": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations." + }, + "operationPreferences": { + "$ref": "#/types/aws-native:cloudformation:StackSetOperationPreferences", + "description": "The user-specified preferences for how AWS CloudFormation performs a stack set operation." + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudformation:StackSetParameter" + }, + "description": "The input parameters for the stack set template." + }, + "permissionModel": { + "$ref": "#/types/aws-native:cloudformation:StackSetPermissionModel", + "description": "Describes how the IAM roles required for stack set operations are created. By default, SELF-MANAGED is specified." + }, + "stackInstancesGroup": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudformation:StackSetStackInstances" + }, + "description": "A group of stack instances with parameters in some specific accounts and regions." + }, + "stackSetName": { + "type": "string", + "description": "The name to associate with the stack set. The name must be unique in the Region where you create your stack set." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The key-value pairs to associate with this stack set and the stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the stacks. A maximum number of 50 tags can be specified." + }, + "templateBody": { + "type": "string", + "description": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes." + }, + "templateUrl": { + "type": "string", + "description": "Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that is located in an Amazon S3 bucket." + } + }, + "outputs": { + "administrationRoleArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account." + }, + "autoDeployment": { + "$ref": "#/types/aws-native:cloudformation:StackSetAutoDeployment", + "description": "Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to the target organization or organizational unit (OU). Specify only if PermissionModel is SERVICE_MANAGED." + }, + "callAs": { + "$ref": "#/types/aws-native:cloudformation:StackSetCallAs", + "description": "Specifies the AWS account that you are acting from. By default, SELF is specified. For self-managed permissions, specify SELF; for service-managed permissions, if you are signed in to the organization's management account, specify SELF. If you are signed in to a delegated administrator account, specify DELEGATED_ADMIN." + }, + "capabilities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudformation:StackSetCapability" + }, + "description": "In some cases, you must explicitly acknowledge that your stack set template contains certain capabilities in order for AWS CloudFormation to create the stack set and related stack instances." + }, + "description": { + "type": "string", + "description": "A description of the stack set. You can use the description to identify the stack set's purpose or other important information." + }, + "executionRoleName": { + "type": "string", + "description": "The name of the IAM execution role to use to create the stack set. If you do not specify an execution role, AWS CloudFormation uses the AWSCloudFormationStackSetExecutionRole role for the stack set operation." + }, + "managedExecution": { + "$ref": "#/types/aws-native:cloudformation:ManagedExecutionProperties", + "description": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations." + }, + "operationPreferences": { + "$ref": "#/types/aws-native:cloudformation:StackSetOperationPreferences", + "description": "The user-specified preferences for how AWS CloudFormation performs a stack set operation." + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudformation:StackSetParameter" + }, + "description": "The input parameters for the stack set template." + }, + "permissionModel": { + "$ref": "#/types/aws-native:cloudformation:StackSetPermissionModel", + "description": "Describes how the IAM roles required for stack set operations are created. By default, SELF-MANAGED is specified.", + "replaceOnChanges": true + }, + "stackInstancesGroup": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudformation:StackSetStackInstances" + }, + "description": "A group of stack instances with parameters in some specific accounts and regions." + }, + "stackSetId": { + "type": "string", + "description": "The ID of the stack set that you're creating." + }, + "stackSetName": { + "type": "string", + "description": "The name to associate with the stack set. The name must be unique in the Region where you create your stack set.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The key-value pairs to associate with this stack set and the stacks created from it. AWS CloudFormation also propagates these tags to supported resources that are created in the stacks. A maximum number of 50 tags can be specified." + }, + "templateBody": { + "type": "string", + "description": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes." + }, + "templateUrl": { + "type": "string", + "description": "Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that is located in an Amazon S3 bucket." + } + }, + "autoNamingSpec": { + "sdkName": "stackSetName", + "maxLength": 128 + }, + "required": [ + "permissionModel" + ], + "createOnly": [ + "permissionModel", + "stackSetName" + ], + "writeOnly": [ + "callAs", + "operationPreferences", + "stackInstancesGroup", + "templateUrl" + ], + "irreversibleNames": { + "administrationRoleArn": "AdministrationRoleARN", + "templateUrl": "TemplateURL" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cloudformation:TypeActivation": { + "cf": "AWS::CloudFormation::TypeActivation", + "inputs": { + "autoUpdate": { + "type": "boolean", + "description": "Whether to automatically update the extension in this account and region when a new minor version is published by the extension publisher. Major versions released by the publisher must be manually updated." + }, + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM execution role to use to register the type. If your resource type calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your resource type with the appropriate credentials." + }, + "loggingConfig": { + "$ref": "#/types/aws-native:cloudformation:TypeActivationLoggingConfig", + "description": "Specifies logging configuration information for a type." + }, + "majorVersion": { + "type": "string", + "description": "The Major Version of the type you want to enable" + }, + "publicTypeArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) assigned to the public extension upon publication" + }, + "publisherId": { + "type": "string", + "description": "The publisher id assigned by CloudFormation for publishing in this region." + }, + "type": { + "$ref": "#/types/aws-native:cloudformation:TypeActivationType", + "description": "The kind of extension" + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type." + }, + "typeNameAlias": { + "type": "string", + "description": "An alias to assign to the public extension in this account and region. If you specify an alias for the extension, you must then use the alias to refer to the extension in your templates." + }, + "versionBump": { + "$ref": "#/types/aws-native:cloudformation:TypeActivationVersionBump", + "description": "Manually updates a previously-enabled type to a new major or minor version, if available. You can also use this parameter to update the value of AutoUpdateEnabled" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the extension." + }, + "autoUpdate": { + "type": "boolean", + "description": "Whether to automatically update the extension in this account and region when a new minor version is published by the extension publisher. Major versions released by the publisher must be manually updated." + }, + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM execution role to use to register the type. If your resource type calls AWS APIs in any of its handlers, you must create an IAM execution role that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. CloudFormation then assumes that execution role to provide your resource type with the appropriate credentials." + }, + "loggingConfig": { + "$ref": "#/types/aws-native:cloudformation:TypeActivationLoggingConfig", + "description": "Specifies logging configuration information for a type.", + "replaceOnChanges": true + }, + "majorVersion": { + "type": "string", + "description": "The Major Version of the type you want to enable" + }, + "publicTypeArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) assigned to the public extension upon publication" + }, + "publisherId": { + "type": "string", + "description": "The publisher id assigned by CloudFormation for publishing in this region." + }, + "type": { + "$ref": "#/types/aws-native:cloudformation:TypeActivationType", + "description": "The kind of extension" + }, + "typeName": { + "type": "string", + "description": "The name of the type being registered.\n\nWe recommend that type names adhere to the following pattern: company_or_organization::service::type." + }, + "typeNameAlias": { + "type": "string", + "description": "An alias to assign to the public extension in this account and region. If you specify an alias for the extension, you must then use the alias to refer to the extension in your templates." + }, + "versionBump": { + "$ref": "#/types/aws-native:cloudformation:TypeActivationVersionBump", + "description": "Manually updates a previously-enabled type to a new major or minor version, if available. You can also use this parameter to update the value of AutoUpdateEnabled" + } + }, + "createOnly": [ + "loggingConfig" + ], + "writeOnly": [ + "autoUpdate", + "executionRoleArn", + "loggingConfig", + "majorVersion", + "type", + "versionBump" + ] + }, + "aws-native:cloudfront:CachePolicy": { + "cf": "AWS::CloudFront::CachePolicy", + "inputs": { + "cachePolicyConfig": { + "$ref": "#/types/aws-native:cloudfront:CachePolicyConfig", + "description": "The cache policy configuration." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The unique identifier for the cache policy. For example: `2766f7b2-75c5-41c6-8f06-bf4303a2f2f5` ." + }, + "cachePolicyConfig": { + "$ref": "#/types/aws-native:cloudfront:CachePolicyConfig", + "description": "The cache policy configuration." + }, + "lastModifiedTime": { + "type": "string", + "description": "The date and time when the cache policy was last modified." + } + }, + "required": [ + "cachePolicyConfig" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cloudfront:CloudFrontOriginAccessIdentity": { + "cf": "AWS::CloudFront::CloudFrontOriginAccessIdentity", + "inputs": { + "cloudFrontOriginAccessIdentityConfig": { + "$ref": "#/types/aws-native:cloudfront:CloudFrontOriginAccessIdentityConfig", + "description": "The current configuration information for the identity." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID for the origin access identity, for example, `E74FTE3AJFJ256A` ." + }, + "cloudFrontOriginAccessIdentityConfig": { + "$ref": "#/types/aws-native:cloudfront:CloudFrontOriginAccessIdentityConfig", + "description": "The current configuration information for the identity." + }, + "s3CanonicalUserId": { + "type": "string", + "description": "The Amazon S3 canonical user ID for the origin access identity, used when giving the origin access identity read permission to an object in Amazon S3. For example: `b970b42360b81c8ddbd79d2f5df0069ba9033c8a79655752abe380cd6d63ba8bcf23384d568fcf89fc49700b5e11a0fd` ." + } + }, + "required": [ + "cloudFrontOriginAccessIdentityConfig" + ], + "irreversibleNames": { + "awsId": "Id", + "s3CanonicalUserId": "S3CanonicalUserId" + } + }, + "aws-native:cloudfront:ContinuousDeploymentPolicy": { + "cf": "AWS::CloudFront::ContinuousDeploymentPolicy", + "inputs": { + "continuousDeploymentPolicyConfig": { + "$ref": "#/types/aws-native:cloudfront:ContinuousDeploymentPolicyConfig", + "description": "Contains the configuration for a continuous deployment policy." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The identifier of the cotinuous deployment policy." + }, + "continuousDeploymentPolicyConfig": { + "$ref": "#/types/aws-native:cloudfront:ContinuousDeploymentPolicyConfig", + "description": "Contains the configuration for a continuous deployment policy." + }, + "lastModifiedTime": { + "type": "string", + "description": "The date and time when the continuous deployment policy was last modified." + } + }, + "required": [ + "continuousDeploymentPolicyConfig" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cloudfront:Distribution": { + "cf": "AWS::CloudFront::Distribution", + "inputs": { + "distributionConfig": { + "$ref": "#/types/aws-native:cloudfront:DistributionConfig", + "description": "The distribution's configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A complex type that contains zero or more ``Tag`` elements." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The distribution's identifier. For example: `E1U5RQF7T870K0` ." + }, + "distributionConfig": { + "$ref": "#/types/aws-native:cloudfront:DistributionConfig", + "description": "The distribution's configuration." + }, + "domainName": { + "type": "string", + "description": "The domain name of the resource, such as `d111111abcdef8.cloudfront.net` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A complex type that contains zero or more ``Tag`` elements." + } + }, + "required": [ + "distributionConfig" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cloudfront:Function": { + "cf": "AWS::CloudFront::Function", + "inputs": { + "autoPublish": { + "type": "boolean", + "description": "A flag that determines whether to automatically publish the function to the `LIVE` stage when it’s created. To automatically publish to the `LIVE` stage, set this property to `true` ." + }, + "functionCode": { + "type": "string", + "description": "The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* ." + }, + "functionConfig": { + "$ref": "#/types/aws-native:cloudfront:FunctionConfig", + "description": "Contains configuration information about a CloudFront function." + }, + "functionMetadata": { + "$ref": "#/types/aws-native:cloudfront:FunctionMetadata", + "description": "Contains metadata about a CloudFront function." + }, + "name": { + "type": "string", + "description": "A name to identify the function." + } + }, + "outputs": { + "autoPublish": { + "type": "boolean", + "description": "A flag that determines whether to automatically publish the function to the `LIVE` stage when it’s created. To automatically publish to the `LIVE` stage, set this property to `true` ." + }, + "functionArn": { + "type": "string", + "description": "The ARN of the function. For example:\n\n`arn:aws:cloudfront::123456789012:function/ExampleFunction` .\n\nTo get the function ARN, use the following syntax:\n\n`!GetAtt *Function_Logical_ID* .FunctionMetadata.FunctionARN`" + }, + "functionCode": { + "type": "string", + "description": "The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* ." + }, + "functionConfig": { + "$ref": "#/types/aws-native:cloudfront:FunctionConfig", + "description": "Contains configuration information about a CloudFront function." + }, + "functionMetadata": { + "$ref": "#/types/aws-native:cloudfront:FunctionMetadata", + "description": "Contains metadata about a CloudFront function." + }, + "name": { + "type": "string", + "description": "A name to identify the function." + }, + "stage": { + "type": "string" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "functionCode", + "functionConfig" + ], + "writeOnly": [ + "autoPublish" + ], + "irreversibleNames": { + "functionArn": "FunctionARN" + } + }, + "aws-native:cloudfront:KeyGroup": { + "cf": "AWS::CloudFront::KeyGroup", + "inputs": { + "keyGroupConfig": { + "$ref": "#/types/aws-native:cloudfront:KeyGroupConfig", + "description": "The key group configuration." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The identifier for the key group." + }, + "keyGroupConfig": { + "$ref": "#/types/aws-native:cloudfront:KeyGroupConfig", + "description": "The key group configuration." + }, + "lastModifiedTime": { + "type": "string", + "description": "The date and time when the key group was last modified." + } + }, + "required": [ + "keyGroupConfig" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cloudfront:KeyValueStore": { + "cf": "AWS::CloudFront::KeyValueStore", + "inputs": { + "comment": { + "type": "string", + "description": "A comment for the key value store." + }, + "importSource": { + "$ref": "#/types/aws-native:cloudfront:KeyValueStoreImportSource", + "description": "The import source for the key value store." + }, + "name": { + "type": "string", + "description": "The name of the key value store." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the key value store." + }, + "awsId": { + "type": "string", + "description": "The unique Id for the key value store." + }, + "comment": { + "type": "string", + "description": "A comment for the key value store." + }, + "importSource": { + "$ref": "#/types/aws-native:cloudfront:KeyValueStoreImportSource", + "description": "The import source for the key value store." + }, + "name": { + "type": "string", + "description": "The name of the key value store.", + "replaceOnChanges": true + }, + "status": { + "type": "string", + "description": "The current status of the key value store. For more information, see [Key value store statuses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/kvs-with-functions-create.html#key-value-store-status) in the *.*" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "name" + ], + "writeOnly": [ + "importSource" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cloudfront:MonitoringSubscription": { + "cf": "AWS::CloudFront::MonitoringSubscription", + "inputs": { + "distributionId": { + "type": "string", + "description": "The ID of the distribution that you are enabling metrics for." + }, + "monitoringSubscription": { + "$ref": "#/types/aws-native:cloudfront:MonitoringSubscription", + "description": "A subscription configuration for additional CloudWatch metrics.", + "language": { + "csharp": { + "name": "MonitoringSubscriptionValue" + } + } + } + }, + "outputs": { + "distributionId": { + "type": "string", + "description": "The ID of the distribution that you are enabling metrics for.", + "replaceOnChanges": true + }, + "monitoringSubscription": { + "$ref": "#/types/aws-native:cloudfront:MonitoringSubscription", + "description": "A subscription configuration for additional CloudWatch metrics.", + "language": { + "csharp": { + "name": "MonitoringSubscriptionValue" + } + } + } + }, + "required": [ + "distributionId", + "monitoringSubscription" + ], + "createOnly": [ + "distributionId" + ] + }, + "aws-native:cloudfront:OriginAccessControl": { + "cf": "AWS::CloudFront::OriginAccessControl", + "inputs": { + "originAccessControlConfig": { + "$ref": "#/types/aws-native:cloudfront:OriginAccessControlConfig", + "description": "The origin access control." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The unique identifier of the origin access control." + }, + "originAccessControlConfig": { + "$ref": "#/types/aws-native:cloudfront:OriginAccessControlConfig", + "description": "The origin access control." + } + }, + "required": [ + "originAccessControlConfig" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cloudfront:OriginRequestPolicy": { + "cf": "AWS::CloudFront::OriginRequestPolicy", + "inputs": { + "originRequestPolicyConfig": { + "$ref": "#/types/aws-native:cloudfront:OriginRequestPolicyConfig", + "description": "The origin request policy configuration." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The unique identifier for the origin request policy. For example: `befd7079-9bbc-4ebf-8ade-498a3694176c` ." + }, + "lastModifiedTime": { + "type": "string", + "description": "The date and time when the origin request policy was last modified." + }, + "originRequestPolicyConfig": { + "$ref": "#/types/aws-native:cloudfront:OriginRequestPolicyConfig", + "description": "The origin request policy configuration." + } + }, + "required": [ + "originRequestPolicyConfig" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cloudfront:PublicKey": { + "cf": "AWS::CloudFront::PublicKey", + "inputs": { + "publicKeyConfig": { + "$ref": "#/types/aws-native:cloudfront:PublicKeyConfig", + "description": "Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) ." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The identifier of the public key." + }, + "createdTime": { + "type": "string", + "description": "The date and time when the public key was uploaded." + }, + "publicKeyConfig": { + "$ref": "#/types/aws-native:cloudfront:PublicKeyConfig", + "description": "Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) ." + } + }, + "required": [ + "publicKeyConfig" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cloudfront:RealtimeLogConfig": { + "cf": "AWS::CloudFront::RealtimeLogConfig", + "inputs": { + "endPoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:RealtimeLogConfigEndPoint" + }, + "description": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration." + }, + "fields": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.\n\nFor more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* ." + }, + "name": { + "type": "string", + "description": "The unique name of this real-time log configuration." + }, + "samplingRate": { + "type": "number", + "description": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the real-time log configuration. For example: `arn:aws:cloudfront::111122223333:realtime-log-config/ExampleNameForRealtimeLogConfig` ." + }, + "endPoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:RealtimeLogConfigEndPoint" + }, + "description": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration." + }, + "fields": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.\n\nFor more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* ." + }, + "name": { + "type": "string", + "description": "The unique name of this real-time log configuration.", + "replaceOnChanges": true + }, + "samplingRate": { + "type": "number", + "description": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "endPoints", + "fields", + "samplingRate" + ], + "createOnly": [ + "name" + ] + }, + "aws-native:cloudfront:ResponseHeadersPolicy": { + "cf": "AWS::CloudFront::ResponseHeadersPolicy", + "inputs": { + "responseHeadersPolicyConfig": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyConfig", + "description": "A response headers policy configuration." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The unique identifier for the response headers policy. For example: `57f99797-3b20-4e1b-a728-27972a74082a` ." + }, + "lastModifiedTime": { + "type": "string", + "description": "The date and time when the response headers policy was last modified." + }, + "responseHeadersPolicyConfig": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyConfig", + "description": "A response headers policy configuration." + } + }, + "required": [ + "responseHeadersPolicyConfig" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cloudtrail:Channel": { + "cf": "AWS::CloudTrail::Channel", + "inputs": { + "destinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:ChannelDestination" + }, + "description": "One or more resources to which events arriving through a channel are logged and stored." + }, + "name": { + "type": "string", + "description": "The name of the channel." + }, + "source": { + "type": "string", + "description": "The ARN of an on-premises storage solution or application, or a partner event source." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "channelArn": { + "type": "string", + "description": "`Ref` returns the ARN of the CloudTrail channel, such as `arn:aws:cloudtrail:us-east-2:123456789012:channel/01234567890` ." + }, + "destinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:ChannelDestination" + }, + "description": "One or more resources to which events arriving through a channel are logged and stored." + }, + "name": { + "type": "string", + "description": "The name of the channel." + }, + "source": { + "type": "string", + "description": "The ARN of an on-premises storage solution or application, or a partner event source.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "source" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cloudtrail:EventDataStore": { + "cf": "AWS::CloudTrail::EventDataStore", + "inputs": { + "advancedEventSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:EventDataStoreAdvancedEventSelector" + }, + "description": "The advanced event selectors that were used to select events for the data store." + }, + "billingMode": { + "type": "string", + "description": "The mode that the event data store will use to charge for event storage." + }, + "federationEnabled": { + "type": "boolean", + "description": "Indicates whether federation is enabled on an event data store." + }, + "federationRoleArn": { + "type": "string", + "description": "The ARN of the role used for event data store federation." + }, + "ingestionEnabled": { + "type": "boolean", + "description": "Indicates whether the event data store is ingesting events." + }, + "insightSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:EventDataStoreInsightSelector" + }, + "description": "Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store." + }, + "insightsDestination": { + "type": "string", + "description": "Specifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store" + }, + "kmsKeyId": { + "type": "string", + "description": "Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier." + }, + "multiRegionEnabled": { + "type": "boolean", + "description": "Indicates whether the event data store includes events from all regions, or only from the region in which it was created." + }, + "name": { + "type": "string", + "description": "The name of the event data store." + }, + "organizationEnabled": { + "type": "boolean", + "description": "Indicates that an event data store is collecting logged events for an organization." + }, + "retentionPeriod": { + "type": "integer", + "description": "The retention period, in days." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags." + }, + "terminationProtectionEnabled": { + "type": "boolean", + "description": "Indicates whether the event data store is protected from termination." + } + }, + "outputs": { + "advancedEventSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:EventDataStoreAdvancedEventSelector" + }, + "description": "The advanced event selectors that were used to select events for the data store." + }, + "billingMode": { + "type": "string", + "description": "The mode that the event data store will use to charge for event storage." + }, + "createdTimestamp": { + "type": "string", + "description": "The timestamp of the event data store's creation." + }, + "eventDataStoreArn": { + "type": "string", + "description": "The ARN of the event data store." + }, + "federationEnabled": { + "type": "boolean", + "description": "Indicates whether federation is enabled on an event data store." + }, + "federationRoleArn": { + "type": "string", + "description": "The ARN of the role used for event data store federation." + }, + "ingestionEnabled": { + "type": "boolean", + "description": "Indicates whether the event data store is ingesting events." + }, + "insightSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:EventDataStoreInsightSelector" + }, + "description": "Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing event data store. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store." + }, + "insightsDestination": { + "type": "string", + "description": "Specifies the ARN of the event data store that will collect Insights events. Both InsightSelectors and InsightsDestination need to have a value in order to enable Insights events on an event data store" + }, + "kmsKeyId": { + "type": "string", + "description": "Specifies the KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier." + }, + "multiRegionEnabled": { + "type": "boolean", + "description": "Indicates whether the event data store includes events from all regions, or only from the region in which it was created." + }, + "name": { + "type": "string", + "description": "The name of the event data store." + }, + "organizationEnabled": { + "type": "boolean", + "description": "Indicates that an event data store is collecting logged events for an organization." + }, + "retentionPeriod": { + "type": "integer", + "description": "The retention period, in days." + }, + "status": { + "type": "string", + "description": "The status of an event data store. Values are STARTING_INGESTION, ENABLED, STOPPING_INGESTION, STOPPED_INGESTION and PENDING_DELETION." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags." + }, + "terminationProtectionEnabled": { + "type": "boolean", + "description": "Indicates whether the event data store is protected from termination." + }, + "updatedTimestamp": { + "type": "string", + "description": "The timestamp showing when an event data store was updated, if applicable. UpdatedTimestamp is always either the same or newer than the time shown in CreatedTimestamp." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cloudtrail:ResourcePolicy": { + "cf": "AWS::CloudTrail::ResourcePolicy", + "inputs": { + "resourceArn": { + "type": "string", + "description": "The ARN of the AWS CloudTrail resource to which the policy applies." + }, + "resourcePolicy": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified resource. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::CloudTrail::ResourcePolicy` for more information about the expected schema for this property.", + "language": { + "csharp": { + "name": "ResourcePolicyValue" + } + } + } + }, + "outputs": { + "resourceArn": { + "type": "string", + "description": "The ARN of the AWS CloudTrail resource to which the policy applies.", + "replaceOnChanges": true + }, + "resourcePolicy": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified resource. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::CloudTrail::ResourcePolicy` for more information about the expected schema for this property.", + "language": { + "csharp": { + "name": "ResourcePolicyValue" + } + } + } + }, + "required": [ + "resourceArn", + "resourcePolicy" + ], + "createOnly": [ + "resourceArn" + ] + }, + "aws-native:cloudtrail:Trail": { + "cf": "AWS::CloudTrail::Trail", + "inputs": { + "advancedEventSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:TrailAdvancedEventSelector" + }, + "description": "The advanced event selectors that were used to select events for the data store." + }, + "cloudWatchLogsLogGroupArn": { + "type": "string", + "description": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs will be delivered. Not required unless you specify CloudWatchLogsRoleArn." + }, + "cloudWatchLogsRoleArn": { + "type": "string", + "description": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group." + }, + "enableLogFileValidation": { + "type": "boolean", + "description": "Specifies whether log file validation is enabled. The default is false." + }, + "eventSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:TrailEventSelector" + }, + "description": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event. You can configure up to five event selectors for a trail." + }, + "includeGlobalServiceEvents": { + "type": "boolean", + "description": "Specifies whether the trail is publishing events from global services such as IAM to the log files." + }, + "insightSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:TrailInsightSelector" + }, + "description": "Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing trail." + }, + "isLogging": { + "type": "boolean", + "description": "Whether the CloudTrail is currently logging AWS API calls." + }, + "isMultiRegionTrail": { + "type": "boolean", + "description": "Specifies whether the trail applies only to the current region or to all regions. The default is false. If the trail exists only in the current region and this value is set to true, shadow trails (replications of the trail) will be created in the other regions. If the trail exists in all regions and this value is set to false, the trail will remain in the region where it was created, and its shadow trails in other regions will be deleted. As a best practice, consider using trails that log events in all regions." + }, + "isOrganizationTrail": { + "type": "boolean", + "description": "Specifies whether the trail is created for all accounts in an organization in AWS Organizations, or only for the current AWS account. The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the master account for an organization in AWS Organizations." + }, + "kmsKeyId": { + "type": "string", + "description": "Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier." + }, + "s3BucketName": { + "type": "string", + "description": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See Amazon S3 Bucket Naming Requirements." + }, + "s3KeyPrefix": { + "type": "string", + "description": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files. The maximum length is 200 characters." + }, + "snsTopicName": { + "type": "string", + "description": "Specifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A custom set of tags (key-value pairs) for this trail." + }, + "trailName": { + "type": "string", + "description": "Specifies the name of the trail. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)\n- Start with a letter or number, and end with a letter or number\n- Be between 3 and 128 characters\n- Have no adjacent periods, underscores or dashes. Names like `my-_namespace` and `my--namespace` are not valid.\n- Not be in IP address format (for example, 192.168.5.4)" + } + }, + "outputs": { + "advancedEventSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:TrailAdvancedEventSelector" + }, + "description": "The advanced event selectors that were used to select events for the data store." + }, + "arn": { + "type": "string", + "description": "`Ref` returns the ARN of the CloudTrail trail, such as `arn:aws:cloudtrail:us-east-2:123456789012:trail/myCloudTrail` ." + }, + "cloudWatchLogsLogGroupArn": { + "type": "string", + "description": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs will be delivered. Not required unless you specify CloudWatchLogsRoleArn." + }, + "cloudWatchLogsRoleArn": { + "type": "string", + "description": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group." + }, + "enableLogFileValidation": { + "type": "boolean", + "description": "Specifies whether log file validation is enabled. The default is false." + }, + "eventSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:TrailEventSelector" + }, + "description": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event. You can configure up to five event selectors for a trail." + }, + "includeGlobalServiceEvents": { + "type": "boolean", + "description": "Specifies whether the trail is publishing events from global services such as IAM to the log files." + }, + "insightSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:TrailInsightSelector" + }, + "description": "Lets you enable Insights event logging by specifying the Insights selectors that you want to enable on an existing trail." + }, + "isLogging": { + "type": "boolean", + "description": "Whether the CloudTrail is currently logging AWS API calls." + }, + "isMultiRegionTrail": { + "type": "boolean", + "description": "Specifies whether the trail applies only to the current region or to all regions. The default is false. If the trail exists only in the current region and this value is set to true, shadow trails (replications of the trail) will be created in the other regions. If the trail exists in all regions and this value is set to false, the trail will remain in the region where it was created, and its shadow trails in other regions will be deleted. As a best practice, consider using trails that log events in all regions." + }, + "isOrganizationTrail": { + "type": "boolean", + "description": "Specifies whether the trail is created for all accounts in an organization in AWS Organizations, or only for the current AWS account. The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the master account for an organization in AWS Organizations." + }, + "kmsKeyId": { + "type": "string", + "description": "Specifies the KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by 'alias/', a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier." + }, + "s3BucketName": { + "type": "string", + "description": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See Amazon S3 Bucket Naming Requirements." + }, + "s3KeyPrefix": { + "type": "string", + "description": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see Finding Your CloudTrail Log Files. The maximum length is 200 characters." + }, + "snsTopicArn": { + "type": "string", + "description": "`Ref` returns the ARN of the Amazon SNS topic that's associated with the CloudTrail trail, such as `arn:aws:sns:us-east-2:123456789012:mySNSTopic` ." + }, + "snsTopicName": { + "type": "string", + "description": "Specifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A custom set of tags (key-value pairs) for this trail." + }, + "trailName": { + "type": "string", + "description": "Specifies the name of the trail. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)\n- Start with a letter or number, and end with a letter or number\n- Be between 3 and 128 characters\n- Have no adjacent periods, underscores or dashes. Names like `my-_namespace` and `my--namespace` are not valid.\n- Not be in IP address format (for example, 192.168.5.4)", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "trailName", + "minLength": 3, + "maxLength": 128 + }, + "required": [ + "isLogging", + "s3BucketName" + ], + "createOnly": [ + "trailName" + ], + "irreversibleNames": { + "kmsKeyId": "KMSKeyId", + "s3BucketName": "S3BucketName", + "s3KeyPrefix": "S3KeyPrefix" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cloudwatch:Alarm": { + "cf": "AWS::CloudWatch::Alarm", + "inputs": { + "actionsEnabled": { + "type": "boolean", + "description": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE." + }, + "alarmActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *API Reference*." + }, + "alarmDescription": { + "type": "string", + "description": "The description of the alarm." + }, + "alarmName": { + "type": "string", + "description": "The name of the alarm. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the alarm name. \n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "comparisonOperator": { + "type": "string", + "description": "The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand." + }, + "datapointsToAlarm": { + "type": "integer", + "description": "The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an \"M out of N\" alarm. In that case, this value is the M, and the value that you set for ``EvaluationPeriods`` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *User Guide*.\n If you omit this parameter, CW uses the same value here that you set for ``EvaluationPeriods``, and the alarm goes to alarm state if that many consecutive periods are breaching." + }, + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:AlarmDimension" + }, + "description": "The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify ``Dimensions``. Instead, you use ``Metrics``." + }, + "evaluateLowSampleCountPercentile": { + "type": "string", + "description": "Used only for alarms based on percentiles. If ``ignore``, the alarm state does not change during periods with too few data points to be statistically significant. If ``evaluate`` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available." + }, + "evaluationPeriods": { + "type": "integer", + "description": "The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an \"M out of N\" alarm, this value is the N, and ``DatapointsToAlarm`` is the M.\n For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *User Guide*." + }, + "extendedStatistic": { + "type": "string", + "description": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n For an alarm based on a metric, you must specify either ``Statistic`` or ``ExtendedStatistic`` but not both.\n For an alarm based on a math expression, you can't specify ``ExtendedStatistic``. Instead, you use ``Metrics``." + }, + "insufficientDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions to execute when this alarm transitions to the ``INSUFFICIENT_DATA`` state from any other state. Each action is specified as an Amazon Resource Name (ARN)." + }, + "metricName": { + "type": "string", + "description": "The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use ``Metrics`` instead and you can't specify ``MetricName``." + }, + "metrics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:AlarmMetricDataQuery" + }, + "description": "An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.\n If you specify the ``Metrics`` parameter, you cannot specify ``MetricName``, ``Dimensions``, ``Period``, ``Namespace``, ``Statistic``, ``ExtendedStatistic``, or ``Unit``." + }, + "namespace": { + "type": "string", + "description": "The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify ``Namespace`` and you use ``Metrics`` instead.\n For a list of namespaces for metrics from AWS services, see [Services That Publish Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)" + }, + "okActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions to execute when this alarm transitions to the ``OK`` state from any other state. Each action is specified as an Amazon Resource Name (ARN)." + }, + "period": { + "type": "integer", + "description": "The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 30, 60, and any multiple of 60.\n For an alarm based on a math expression, you can't specify ``Period``, and instead you use the ``Metrics`` parameter.\n *Minimum:* 10" + }, + "statistic": { + "type": "string", + "description": "The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use ``ExtendedStatistic``.\n For an alarm based on a metric, you must specify either ``Statistic`` or ``ExtendedStatistic`` but not both.\n For an alarm based on a math expression, you can't specify ``Statistic``. Instead, you use ``Metrics``." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values." + }, + "threshold": { + "type": "number", + "description": "The value to compare with the specified statistic." + }, + "thresholdMetricId": { + "type": "string", + "description": "In an alarm based on an anomaly detection model, this is the ID of the ``ANOMALY_DETECTION_BAND`` function used as the threshold for the alarm." + }, + "treatMissingData": { + "type": "string", + "description": "Sets how this alarm is to handle missing data points. Valid values are ``breaching``, ``notBreaching``, ``ignore``, and ``missing``. For more information, see [Configuring How Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon User Guide*.\n If you omit this parameter, the default behavior of ``missing`` is used." + }, + "unit": { + "type": "string", + "description": "The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a ``Metrics`` array.\n You can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None." + } + }, + "outputs": { + "actionsEnabled": { + "type": "boolean", + "description": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE." + }, + "alarmActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *API Reference*." + }, + "alarmDescription": { + "type": "string", + "description": "The description of the alarm." + }, + "alarmName": { + "type": "string", + "description": "The name of the alarm. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the alarm name. \n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The ARN of the CloudWatch alarm, such as `arn:aws:cloudwatch:us-west-2:123456789012:alarm:myCloudWatchAlarm-CPUAlarm-UXMMZK36R55Z` ." + }, + "comparisonOperator": { + "type": "string", + "description": "The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand." + }, + "datapointsToAlarm": { + "type": "integer", + "description": "The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an \"M out of N\" alarm. In that case, this value is the M, and the value that you set for ``EvaluationPeriods`` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *User Guide*.\n If you omit this parameter, CW uses the same value here that you set for ``EvaluationPeriods``, and the alarm goes to alarm state if that many consecutive periods are breaching." + }, + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:AlarmDimension" + }, + "description": "The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify ``Dimensions``. Instead, you use ``Metrics``." + }, + "evaluateLowSampleCountPercentile": { + "type": "string", + "description": "Used only for alarms based on percentiles. If ``ignore``, the alarm state does not change during periods with too few data points to be statistically significant. If ``evaluate`` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available." + }, + "evaluationPeriods": { + "type": "integer", + "description": "The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an \"M out of N\" alarm, this value is the N, and ``DatapointsToAlarm`` is the M.\n For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *User Guide*." + }, + "extendedStatistic": { + "type": "string", + "description": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n For an alarm based on a metric, you must specify either ``Statistic`` or ``ExtendedStatistic`` but not both.\n For an alarm based on a math expression, you can't specify ``ExtendedStatistic``. Instead, you use ``Metrics``." + }, + "insufficientDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions to execute when this alarm transitions to the ``INSUFFICIENT_DATA`` state from any other state. Each action is specified as an Amazon Resource Name (ARN)." + }, + "metricName": { + "type": "string", + "description": "The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use ``Metrics`` instead and you can't specify ``MetricName``." + }, + "metrics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:AlarmMetricDataQuery" + }, + "description": "An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.\n If you specify the ``Metrics`` parameter, you cannot specify ``MetricName``, ``Dimensions``, ``Period``, ``Namespace``, ``Statistic``, ``ExtendedStatistic``, or ``Unit``." + }, + "namespace": { + "type": "string", + "description": "The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify ``Namespace`` and you use ``Metrics`` instead.\n For a list of namespaces for metrics from AWS services, see [Services That Publish Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)" + }, + "okActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions to execute when this alarm transitions to the ``OK`` state from any other state. Each action is specified as an Amazon Resource Name (ARN)." + }, + "period": { + "type": "integer", + "description": "The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 30, 60, and any multiple of 60.\n For an alarm based on a math expression, you can't specify ``Period``, and instead you use the ``Metrics`` parameter.\n *Minimum:* 10" + }, + "statistic": { + "type": "string", + "description": "The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use ``ExtendedStatistic``.\n For an alarm based on a metric, you must specify either ``Statistic`` or ``ExtendedStatistic`` but not both.\n For an alarm based on a math expression, you can't specify ``Statistic``. Instead, you use ``Metrics``." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values." + }, + "threshold": { + "type": "number", + "description": "The value to compare with the specified statistic." + }, + "thresholdMetricId": { + "type": "string", + "description": "In an alarm based on an anomaly detection model, this is the ID of the ``ANOMALY_DETECTION_BAND`` function used as the threshold for the alarm." + }, + "treatMissingData": { + "type": "string", + "description": "Sets how this alarm is to handle missing data points. Valid values are ``breaching``, ``notBreaching``, ``ignore``, and ``missing``. For more information, see [Configuring How Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon User Guide*.\n If you omit this parameter, the default behavior of ``missing`` is used." + }, + "unit": { + "type": "string", + "description": "The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a ``Metrics`` array.\n You can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None." + } + }, + "autoNamingSpec": { + "sdkName": "alarmName" + }, + "required": [ + "comparisonOperator", + "evaluationPeriods" + ], + "createOnly": [ + "alarmName" + ], + "irreversibleNames": { + "okActions": "OKActions" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cloudwatch:CompositeAlarm": { + "cf": "AWS::CloudWatch::CompositeAlarm", + "inputs": { + "actionsEnabled": { + "type": "boolean", + "description": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE." + }, + "actionsSuppressor": { + "type": "string", + "description": "Actions will be suppressed if the suppressor alarm is in the ALARM state. ActionsSuppressor can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm. " + }, + "actionsSuppressorExtensionPeriod": { + "type": "integer", + "description": "Actions will be suppressed if WaitPeriod is active. The length of time that actions are suppressed is in seconds." + }, + "actionsSuppressorWaitPeriod": { + "type": "integer", + "description": "Actions will be suppressed if ExtensionPeriod is active. The length of time that actions are suppressed is in seconds." + }, + "alarmActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN)." + }, + "alarmDescription": { + "type": "string", + "description": "The description of the alarm" + }, + "alarmName": { + "type": "string", + "description": "The name of the Composite Alarm" + }, + "alarmRule": { + "type": "string", + "description": "Expression which aggregates the state of other Alarms (Metric or Composite Alarms)" + }, + "insufficientDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN)." + }, + "okActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs to associate with the composite alarm. You can associate as many as 50 tags with an alarm." + } + }, + "outputs": { + "actionsEnabled": { + "type": "boolean", + "description": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE." + }, + "actionsSuppressor": { + "type": "string", + "description": "Actions will be suppressed if the suppressor alarm is in the ALARM state. ActionsSuppressor can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm. " + }, + "actionsSuppressorExtensionPeriod": { + "type": "integer", + "description": "Actions will be suppressed if WaitPeriod is active. The length of time that actions are suppressed is in seconds." + }, + "actionsSuppressorWaitPeriod": { + "type": "integer", + "description": "Actions will be suppressed if ExtensionPeriod is active. The length of time that actions are suppressed is in seconds." + }, + "alarmActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN)." + }, + "alarmDescription": { + "type": "string", + "description": "The description of the alarm" + }, + "alarmName": { + "type": "string", + "description": "The name of the Composite Alarm", + "replaceOnChanges": true + }, + "alarmRule": { + "type": "string", + "description": "Expression which aggregates the state of other Alarms (Metric or Composite Alarms)" + }, + "arn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the alarm" + }, + "insufficientDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN)." + }, + "okActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs to associate with the composite alarm. You can associate as many as 50 tags with an alarm." + } + }, + "autoNamingSpec": { + "sdkName": "alarmName", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "alarmRule" + ], + "createOnly": [ + "alarmName" + ], + "irreversibleNames": { + "okActions": "OKActions" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cloudwatch:Dashboard": { + "cf": "AWS::CloudWatch::Dashboard", + "inputs": { + "dashboardBody": { + "type": "string", + "description": "The detailed information about the dashboard in JSON format, including the widgets to include and their location on the dashboard" + }, + "dashboardName": { + "type": "string", + "description": "The name of the dashboard. The name must be between 1 and 255 characters. If you do not specify a name, one will be generated automatically." + } + }, + "outputs": { + "dashboardBody": { + "type": "string", + "description": "The detailed information about the dashboard in JSON format, including the widgets to include and their location on the dashboard" + }, + "dashboardName": { + "type": "string", + "description": "The name of the dashboard. The name must be between 1 and 255 characters. If you do not specify a name, one will be generated automatically.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "dashboardName" + }, + "required": [ + "dashboardBody" + ], + "createOnly": [ + "dashboardName" + ] + }, + "aws-native:cloudwatch:MetricStream": { + "cf": "AWS::CloudWatch::MetricStream", + "inputs": { + "excludeFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:MetricStreamFilter" + }, + "description": "Define which metrics will be not streamed. Metrics matched by multiple instances of MetricStreamFilter are joined with an OR operation by default. If both IncludeFilters and ExcludeFilters are omitted, all metrics in the account will be streamed. IncludeFilters and ExcludeFilters are mutually exclusive. Default to null." + }, + "firehoseArn": { + "type": "string", + "description": "The ARN of the Kinesis Firehose where to stream the data." + }, + "includeFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:MetricStreamFilter" + }, + "description": "Define which metrics will be streamed. Metrics matched by multiple instances of MetricStreamFilter are joined with an OR operation by default. If both IncludeFilters and ExcludeFilters are omitted, all metrics in the account will be streamed. IncludeFilters and ExcludeFilters are mutually exclusive. Default to null." + }, + "includeLinkedAccountsMetrics": { + "type": "boolean", + "description": "If you are creating a metric stream in a monitoring account, specify true to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is false." + }, + "name": { + "type": "string", + "description": "Name of the metric stream." + }, + "outputFormat": { + "type": "string", + "description": "The output format of the data streamed to the Kinesis Firehose." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that provides access to the Kinesis Firehose." + }, + "statisticsConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:MetricStreamStatisticsConfiguration" + }, + "description": "By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A set of tags to assign to the delivery stream." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Amazon Resource Name of the metric stream." + }, + "creationDate": { + "type": "string", + "description": "The date of creation of the metric stream." + }, + "excludeFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:MetricStreamFilter" + }, + "description": "Define which metrics will be not streamed. Metrics matched by multiple instances of MetricStreamFilter are joined with an OR operation by default. If both IncludeFilters and ExcludeFilters are omitted, all metrics in the account will be streamed. IncludeFilters and ExcludeFilters are mutually exclusive. Default to null." + }, + "firehoseArn": { + "type": "string", + "description": "The ARN of the Kinesis Firehose where to stream the data." + }, + "includeFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:MetricStreamFilter" + }, + "description": "Define which metrics will be streamed. Metrics matched by multiple instances of MetricStreamFilter are joined with an OR operation by default. If both IncludeFilters and ExcludeFilters are omitted, all metrics in the account will be streamed. IncludeFilters and ExcludeFilters are mutually exclusive. Default to null." + }, + "includeLinkedAccountsMetrics": { + "type": "boolean", + "description": "If you are creating a metric stream in a monitoring account, specify true to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is false." + }, + "lastUpdateDate": { + "type": "string", + "description": "The date of the last update of the metric stream." + }, + "name": { + "type": "string", + "description": "Name of the metric stream.", + "replaceOnChanges": true + }, + "outputFormat": { + "type": "string", + "description": "The output format of the data streamed to the Kinesis Firehose." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that provides access to the Kinesis Firehose." + }, + "state": { + "type": "string", + "description": "Displays the state of the Metric Stream." + }, + "statisticsConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:MetricStreamStatisticsConfiguration" + }, + "description": "By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A set of tags to assign to the delivery stream." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "createOnly": [ + "name" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codeartifact:Domain": { + "cf": "AWS::CodeArtifact::Domain", + "inputs": { + "domainName": { + "type": "string", + "description": "The name of the domain." + }, + "encryptionKey": { + "type": "string", + "description": "The ARN of an AWS Key Management Service (AWS KMS) key associated with a domain." + }, + "permissionsPolicyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The access control resource policy on the provided domain.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::CodeArtifact::Domain` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the domain." + }, + "domainName": { + "type": "string", + "description": "The name of the domain.", + "replaceOnChanges": true + }, + "encryptionKey": { + "type": "string", + "description": "The ARN of an AWS Key Management Service (AWS KMS) key associated with a domain.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the domain. This field is used for GetAtt" + }, + "owner": { + "type": "string", + "description": "The 12-digit account ID of the AWS account that owns the domain. This field is used for GetAtt" + }, + "permissionsPolicyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The access control resource policy on the provided domain.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::CodeArtifact::Domain` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "domainName", + "minLength": 2, + "maxLength": 50 + }, + "createOnly": [ + "domainName", + "encryptionKey" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codeartifact:PackageGroup": { + "cf": "AWS::CodeArtifact::PackageGroup", + "inputs": { + "contactInfo": { + "type": "string", + "description": "The contact info of the package group." + }, + "description": { + "type": "string", + "description": "The text description of the package group." + }, + "domainName": { + "type": "string", + "description": "The name of the domain that contains the package group." + }, + "domainOwner": { + "type": "string", + "description": "The 12-digit account ID of the AWS account that owns the domain." + }, + "originConfiguration": { + "$ref": "#/types/aws-native:codeartifact:PackageGroupOriginConfiguration", + "description": "The package origin configuration of the package group." + }, + "pattern": { + "type": "string", + "description": "The package group pattern that is used to gather packages." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to the package group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the package group." + }, + "contactInfo": { + "type": "string", + "description": "The contact info of the package group." + }, + "description": { + "type": "string", + "description": "The text description of the package group." + }, + "domainName": { + "type": "string", + "description": "The name of the domain that contains the package group.", + "replaceOnChanges": true + }, + "domainOwner": { + "type": "string", + "description": "The 12-digit account ID of the AWS account that owns the domain." + }, + "originConfiguration": { + "$ref": "#/types/aws-native:codeartifact:PackageGroupOriginConfiguration", + "description": "The package origin configuration of the package group." + }, + "pattern": { + "type": "string", + "description": "The package group pattern that is used to gather packages.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to the package group." + } + }, + "required": [ + "domainName", + "pattern" + ], + "createOnly": [ + "domainName", + "pattern" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codeartifact:Repository": { + "cf": "AWS::CodeArtifact::Repository", + "inputs": { + "description": { + "type": "string", + "description": "A text description of the repository." + }, + "domainName": { + "type": "string", + "description": "The name of the domain that contains the repository." + }, + "domainOwner": { + "type": "string", + "description": "The 12-digit account ID of the AWS account that owns the domain." + }, + "externalConnections": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of external connections associated with the repository." + }, + "permissionsPolicyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The access control resource policy on the provided repository.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::CodeArtifact::Repository` for more information about the expected schema for this property." + }, + "repositoryName": { + "type": "string", + "description": "The name of the repository." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "upstreams": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of upstream repositories associated with the repository." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the repository." + }, + "description": { + "type": "string", + "description": "A text description of the repository." + }, + "domainName": { + "type": "string", + "description": "The name of the domain that contains the repository.", + "replaceOnChanges": true + }, + "domainOwner": { + "type": "string", + "description": "The 12-digit account ID of the AWS account that owns the domain.", + "replaceOnChanges": true + }, + "externalConnections": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of external connections associated with the repository." + }, + "name": { + "type": "string", + "description": "The name of the repository. This is used for GetAtt" + }, + "permissionsPolicyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The access control resource policy on the provided repository.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::CodeArtifact::Repository` for more information about the expected schema for this property." + }, + "repositoryName": { + "type": "string", + "description": "The name of the repository.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "upstreams": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of upstream repositories associated with the repository." + } + }, + "autoNamingSpec": { + "sdkName": "repositoryName", + "minLength": 2, + "maxLength": 100 + }, + "required": [ + "domainName" + ], + "createOnly": [ + "domainName", + "domainOwner", + "repositoryName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codebuild:Fleet": { + "cf": "AWS::CodeBuild::Fleet", + "inputs": { + "baseCapacity": { + "type": "integer", + "description": "The initial number of machines allocated to the compute fleet, which defines the number of builds that can run in parallel." + }, + "computeType": { + "$ref": "#/types/aws-native:codebuild:FleetComputeType", + "description": "Information about the compute resources the compute fleet uses. Available values include:\n\n- `BUILD_GENERAL1_SMALL` : Use up to 3 GB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 7 GB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 3 GB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 15 GB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide.*" + }, + "environmentType": { + "$ref": "#/types/aws-native:codebuild:FleetEnvironmentType", + "description": "The environment type of the compute fleet.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney).\n- The environment type `WINDOWS_SERVER_2019_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland).\n- The environment type `WINDOWS_SERVER_2022_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai).\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* ." + }, + "fleetServiceRole": { + "type": "string", + "description": "The service role associated with the compute fleet. For more information, see [Allow a user to add a permission policy for a fleet service role](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-permission-policy-fleet-service-role.html) in the *AWS CodeBuild User Guide* ." + }, + "fleetVpcConfig": { + "$ref": "#/types/aws-native:codebuild:FleetVpcConfig", + "description": "Information about the VPC configuration that AWS CodeBuild accesses." + }, + "name": { + "type": "string", + "description": "The name of the compute fleet." + }, + "overflowBehavior": { + "$ref": "#/types/aws-native:codebuild:FleetOverflowBehavior", + "description": "The compute fleet overflow behavior.\n\n- For overflow behavior `QUEUE` , your overflow builds need to wait on the existing fleet instance to become available.\n- For overflow behavior `ON_DEMAND` , your overflow builds run on CodeBuild on-demand.\n\n\u003e If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see [Example policy statement to allow CodeBuild access to AWS services required to create a VPC network interface](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tag key and value pairs associated with this compute fleet.\n\nThese tags are available for use by AWS services that support AWS CodeBuild compute fleet tags." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the compute fleet." + }, + "baseCapacity": { + "type": "integer", + "description": "The initial number of machines allocated to the compute fleet, which defines the number of builds that can run in parallel." + }, + "computeType": { + "$ref": "#/types/aws-native:codebuild:FleetComputeType", + "description": "Information about the compute resources the compute fleet uses. Available values include:\n\n- `BUILD_GENERAL1_SMALL` : Use up to 3 GB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 7 GB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 3 GB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 15 GB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide.*" + }, + "environmentType": { + "$ref": "#/types/aws-native:codebuild:FleetEnvironmentType", + "description": "The environment type of the compute fleet.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney).\n- The environment type `WINDOWS_SERVER_2019_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland).\n- The environment type `WINDOWS_SERVER_2022_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai).\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* ." + }, + "fleetServiceRole": { + "type": "string", + "description": "The service role associated with the compute fleet. For more information, see [Allow a user to add a permission policy for a fleet service role](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-permission-policy-fleet-service-role.html) in the *AWS CodeBuild User Guide* ." + }, + "fleetVpcConfig": { + "$ref": "#/types/aws-native:codebuild:FleetVpcConfig", + "description": "Information about the VPC configuration that AWS CodeBuild accesses." + }, + "name": { + "type": "string", + "description": "The name of the compute fleet." + }, + "overflowBehavior": { + "$ref": "#/types/aws-native:codebuild:FleetOverflowBehavior", + "description": "The compute fleet overflow behavior.\n\n- For overflow behavior `QUEUE` , your overflow builds need to wait on the existing fleet instance to become available.\n- For overflow behavior `ON_DEMAND` , your overflow builds run on CodeBuild on-demand.\n\n\u003e If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see [Example policy statement to allow CodeBuild access to AWS services required to create a VPC network interface](https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tag key and value pairs associated with this compute fleet.\n\nThese tags are available for use by AWS services that support AWS CodeBuild compute fleet tags." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 2, + "maxLength": 128 + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codeconnections:Connection": { + "cf": "AWS::CodeConnections::Connection", + "inputs": { + "connectionName": { + "type": "string", + "description": "The name of the connection. Connection names must be unique in an AWS user account." + }, + "hostArn": { + "type": "string", + "description": "The host arn configured to represent the infrastructure where your third-party provider is installed. You must specify either a ProviderType or a HostArn." + }, + "providerType": { + "type": "string", + "description": "The name of the external provider where your third-party code repository is configured. You must specify either a ProviderType or a HostArn." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the tags applied to a connection." + } + }, + "outputs": { + "connectionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the connection. The ARN is used as the connection reference when the connection is shared between AWS services." + }, + "connectionName": { + "type": "string", + "description": "The name of the connection. Connection names must be unique in an AWS user account.", + "replaceOnChanges": true + }, + "connectionStatus": { + "type": "string", + "description": "The current status of the connection." + }, + "hostArn": { + "type": "string", + "description": "The host arn configured to represent the infrastructure where your third-party provider is installed. You must specify either a ProviderType or a HostArn.", + "replaceOnChanges": true + }, + "ownerAccountId": { + "type": "string", + "description": "The name of the external provider where your third-party code repository is configured. For Bitbucket, this is the account ID of the owner of the Bitbucket repository." + }, + "providerType": { + "type": "string", + "description": "The name of the external provider where your third-party code repository is configured. You must specify either a ProviderType or a HostArn.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the tags applied to a connection." + } + }, + "autoNamingSpec": { + "sdkName": "connectionName", + "minLength": 1, + "maxLength": 32 + }, + "createOnly": [ + "connectionName", + "hostArn", + "providerType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codedeploy:Application": { + "cf": "AWS::CodeDeploy::Application", + "inputs": { + "applicationName": { + "type": "string", + "description": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name." + }, + "computePlatform": { + "type": "string", + "description": "The compute platform that CodeDeploy deploys the application to." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define. " + } + }, + "outputs": { + "applicationName": { + "type": "string", + "description": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name.", + "replaceOnChanges": true + }, + "computePlatform": { + "type": "string", + "description": "The compute platform that CodeDeploy deploys the application to.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define. " + } + }, + "autoNamingSpec": { + "sdkName": "applicationName" + }, + "createOnly": [ + "applicationName", + "computePlatform" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codedeploy:DeploymentConfig": { + "cf": "AWS::CodeDeploy::DeploymentConfig", + "inputs": { + "computePlatform": { + "type": "string", + "description": "The destination platform type for the deployment (Lambda, Server, or ECS)." + }, + "deploymentConfigName": { + "type": "string", + "description": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see Name Type." + }, + "minimumHealthyHosts": { + "$ref": "#/types/aws-native:codedeploy:DeploymentConfigMinimumHealthyHosts", + "description": "The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value." + }, + "trafficRoutingConfig": { + "$ref": "#/types/aws-native:codedeploy:DeploymentConfigTrafficRoutingConfig", + "description": "The configuration that specifies how the deployment traffic is routed." + }, + "zonalConfig": { + "$ref": "#/types/aws-native:codedeploy:DeploymentConfigZonalConfig", + "description": "The zonal deployment config that specifies how the zonal deployment behaves" + } + }, + "outputs": { + "computePlatform": { + "type": "string", + "description": "The destination platform type for the deployment (Lambda, Server, or ECS).", + "replaceOnChanges": true + }, + "deploymentConfigName": { + "type": "string", + "description": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see Name Type.", + "replaceOnChanges": true + }, + "minimumHealthyHosts": { + "$ref": "#/types/aws-native:codedeploy:DeploymentConfigMinimumHealthyHosts", + "description": "The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value.", + "replaceOnChanges": true + }, + "trafficRoutingConfig": { + "$ref": "#/types/aws-native:codedeploy:DeploymentConfigTrafficRoutingConfig", + "description": "The configuration that specifies how the deployment traffic is routed.", + "replaceOnChanges": true + }, + "zonalConfig": { + "$ref": "#/types/aws-native:codedeploy:DeploymentConfigZonalConfig", + "description": "The zonal deployment config that specifies how the zonal deployment behaves", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "deploymentConfigName" + }, + "createOnly": [ + "computePlatform", + "deploymentConfigName", + "minimumHealthyHosts", + "trafficRoutingConfig", + "zonalConfig" + ] + }, + "aws-native:codeguruprofiler:ProfilingGroup": { + "cf": "AWS::CodeGuruProfiler::ProfilingGroup", + "inputs": { + "agentPermissions": { + "$ref": "#/types/aws-native:codeguruprofiler:AgentPermissionsProperties", + "description": "The agent permissions attached to this profiling group." + }, + "anomalyDetectionNotificationConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codeguruprofiler:ProfilingGroupChannel" + }, + "description": "Configuration for Notification Channels for Anomaly Detection feature in CodeGuru Profiler which enables customers to detect anomalies in the application profile for those methods that represent the highest proportion of CPU time or latency" + }, + "computePlatform": { + "$ref": "#/types/aws-native:codeguruprofiler:ProfilingGroupComputePlatform", + "description": "The compute platform of the profiling group." + }, + "profilingGroupName": { + "type": "string", + "description": "The name of the profiling group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with a profiling group." + } + }, + "outputs": { + "agentPermissions": { + "$ref": "#/types/aws-native:codeguruprofiler:AgentPermissionsProperties", + "description": "The agent permissions attached to this profiling group." + }, + "anomalyDetectionNotificationConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codeguruprofiler:ProfilingGroupChannel" + }, + "description": "Configuration for Notification Channels for Anomaly Detection feature in CodeGuru Profiler which enables customers to detect anomalies in the application profile for those methods that represent the highest proportion of CPU time or latency" + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified profiling group." + }, + "computePlatform": { + "$ref": "#/types/aws-native:codeguruprofiler:ProfilingGroupComputePlatform", + "description": "The compute platform of the profiling group.", + "replaceOnChanges": true + }, + "profilingGroupName": { + "type": "string", + "description": "The name of the profiling group.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with a profiling group." + } + }, + "autoNamingSpec": { + "sdkName": "profilingGroupName", + "minLength": 1, + "maxLength": 255 + }, + "createOnly": [ + "computePlatform", + "profilingGroupName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codegurureviewer:RepositoryAssociation": { + "cf": "AWS::CodeGuruReviewer::RepositoryAssociation", + "inputs": { + "bucketName": { + "type": "string", + "description": "The name of the S3 bucket associated with an associated S3 repository. It must start with `codeguru-reviewer-`." + }, + "connectionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection." + }, + "name": { + "type": "string", + "description": "Name of the repository to be associated." + }, + "owner": { + "type": "string", + "description": "The owner of the repository. For a Bitbucket repository, this is the username for the account that owns the repository." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags associated with a repository association." + }, + "type": { + "$ref": "#/types/aws-native:codegurureviewer:RepositoryAssociationType", + "description": "The type of repository to be associated." + } + }, + "outputs": { + "associationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the repository association." + }, + "bucketName": { + "type": "string", + "description": "The name of the S3 bucket associated with an associated S3 repository. It must start with `codeguru-reviewer-`.", + "replaceOnChanges": true + }, + "connectionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Name of the repository to be associated.", + "replaceOnChanges": true + }, + "owner": { + "type": "string", + "description": "The owner of the repository. For a Bitbucket repository, this is the username for the account that owns the repository.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags associated with a repository association.", + "replaceOnChanges": true + }, + "type": { + "$ref": "#/types/aws-native:codegurureviewer:RepositoryAssociationType", + "description": "The type of repository to be associated.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "type" + ], + "createOnly": [ + "bucketName", + "connectionArn", + "name", + "owner", + "tags", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:codepipeline:CustomActionType": { + "cf": "AWS::CodePipeline::CustomActionType", + "inputs": { + "category": { + "type": "string", + "description": "The category of the custom action, such as a build action or a test action." + }, + "configurationProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:CustomActionTypeConfigurationProperties" + }, + "description": "The configuration properties for the custom action." + }, + "inputArtifactDetails": { + "$ref": "#/types/aws-native:codepipeline:CustomActionTypeArtifactDetails", + "description": "The details of the input artifact for the action, such as its commit ID." + }, + "outputArtifactDetails": { + "$ref": "#/types/aws-native:codepipeline:CustomActionTypeArtifactDetails", + "description": "The details of the output artifact of the action, such as its commit ID." + }, + "provider": { + "type": "string", + "description": "The provider of the service used in the custom action, such as AWS CodeDeploy." + }, + "settings": { + "$ref": "#/types/aws-native:codepipeline:CustomActionTypeSettings", + "description": "URLs that provide users information about this custom action." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the custom action." + }, + "version": { + "type": "string", + "description": "The version identifier of the custom action." + } + }, + "outputs": { + "awsId": { + "type": "string" + }, + "category": { + "type": "string", + "description": "The category of the custom action, such as a build action or a test action.", + "replaceOnChanges": true + }, + "configurationProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:CustomActionTypeConfigurationProperties" + }, + "description": "The configuration properties for the custom action.", + "replaceOnChanges": true + }, + "inputArtifactDetails": { + "$ref": "#/types/aws-native:codepipeline:CustomActionTypeArtifactDetails", + "description": "The details of the input artifact for the action, such as its commit ID.", + "replaceOnChanges": true + }, + "outputArtifactDetails": { + "$ref": "#/types/aws-native:codepipeline:CustomActionTypeArtifactDetails", + "description": "The details of the output artifact of the action, such as its commit ID.", + "replaceOnChanges": true + }, + "provider": { + "type": "string", + "description": "The provider of the service used in the custom action, such as AWS CodeDeploy.", + "replaceOnChanges": true + }, + "settings": { + "$ref": "#/types/aws-native:codepipeline:CustomActionTypeSettings", + "description": "URLs that provide users information about this custom action.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the custom action." + }, + "version": { + "type": "string", + "description": "The version identifier of the custom action.", + "replaceOnChanges": true + } + }, + "required": [ + "category", + "inputArtifactDetails", + "outputArtifactDetails", + "provider", + "version" + ], + "createOnly": [ + "category", + "configurationProperties", + "inputArtifactDetails", + "outputArtifactDetails", + "provider", + "settings", + "version" + ], + "writeOnly": [ + "configurationProperties/*/Type" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codepipeline:Pipeline": { + "cf": "AWS::CodePipeline::Pipeline", + "inputs": { + "artifactStore": { + "$ref": "#/types/aws-native:codepipeline:PipelineArtifactStore", + "description": "The S3 bucket where artifacts for the pipeline are stored." + }, + "artifactStores": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineArtifactStoreMap" + }, + "description": "A mapping of artifactStore objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline." + }, + "disableInboundStageTransitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineStageTransition" + }, + "description": "Represents the input of a DisableStageTransition action." + }, + "executionMode": { + "$ref": "#/types/aws-native:codepipeline:PipelineExecutionMode", + "description": "The method that the pipeline will use to handle multiple executions. The default mode is SUPERSEDED." + }, + "name": { + "type": "string", + "description": "The name of the pipeline." + }, + "pipelineType": { + "$ref": "#/types/aws-native:codepipeline:PipelineType", + "description": "CodePipeline provides the following pipeline types, which differ in characteristics and price, so that you can tailor your pipeline features and cost to the needs of your applications." + }, + "restartExecutionOnUpdate": { + "type": "boolean", + "description": "Indicates whether to rerun the CodePipeline pipeline after you update it." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for CodePipeline to use to either perform actions with no actionRoleArn, or to use to assume roles for actions with an actionRoleArn" + }, + "stages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineStageDeclaration" + }, + "description": "Represents information about a stage and its definition." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the tags applied to the pipeline." + }, + "triggers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineTriggerDeclaration" + }, + "description": "The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline." + }, + "variables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineVariableDeclaration" + }, + "description": "A list that defines the pipeline variables for a pipeline resource. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9@\\-_]+." + } + }, + "outputs": { + "artifactStore": { + "$ref": "#/types/aws-native:codepipeline:PipelineArtifactStore", + "description": "The S3 bucket where artifacts for the pipeline are stored." + }, + "artifactStores": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineArtifactStoreMap" + }, + "description": "A mapping of artifactStore objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline." + }, + "disableInboundStageTransitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineStageTransition" + }, + "description": "Represents the input of a DisableStageTransition action." + }, + "executionMode": { + "$ref": "#/types/aws-native:codepipeline:PipelineExecutionMode", + "description": "The method that the pipeline will use to handle multiple executions. The default mode is SUPERSEDED." + }, + "name": { + "type": "string", + "description": "The name of the pipeline.", + "replaceOnChanges": true + }, + "pipelineType": { + "$ref": "#/types/aws-native:codepipeline:PipelineType", + "description": "CodePipeline provides the following pipeline types, which differ in characteristics and price, so that you can tailor your pipeline features and cost to the needs of your applications." + }, + "restartExecutionOnUpdate": { + "type": "boolean", + "description": "Indicates whether to rerun the CodePipeline pipeline after you update it." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for CodePipeline to use to either perform actions with no actionRoleArn, or to use to assume roles for actions with an actionRoleArn" + }, + "stages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineStageDeclaration" + }, + "description": "Represents information about a stage and its definition." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the tags applied to the pipeline." + }, + "triggers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineTriggerDeclaration" + }, + "description": "The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline." + }, + "variables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineVariableDeclaration" + }, + "description": "A list that defines the pipeline variables for a pipeline resource. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9@\\-_]+." + }, + "version": { + "type": "string", + "description": "The version of the pipeline." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "roleArn", + "stages" + ], + "createOnly": [ + "name" + ], + "writeOnly": [ + "restartExecutionOnUpdate" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codestarconnections:Connection": { + "cf": "AWS::CodeStarConnections::Connection", + "inputs": { + "connectionName": { + "type": "string", + "description": "The name of the connection. Connection names must be unique in an AWS user account." + }, + "hostArn": { + "type": "string", + "description": "The host arn configured to represent the infrastructure where your third-party provider is installed. You must specify either a ProviderType or a HostArn." + }, + "providerType": { + "type": "string", + "description": "The name of the external provider where your third-party code repository is configured. You must specify either a ProviderType or a HostArn." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the tags applied to a connection." + } + }, + "outputs": { + "connectionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the connection. The ARN is used as the connection reference when the connection is shared between AWS services." + }, + "connectionName": { + "type": "string", + "description": "The name of the connection. Connection names must be unique in an AWS user account.", + "replaceOnChanges": true + }, + "connectionStatus": { + "type": "string", + "description": "The current status of the connection." + }, + "hostArn": { + "type": "string", + "description": "The host arn configured to represent the infrastructure where your third-party provider is installed. You must specify either a ProviderType or a HostArn.", + "replaceOnChanges": true + }, + "ownerAccountId": { + "type": "string", + "description": "The name of the external provider where your third-party code repository is configured. For Bitbucket, this is the account ID of the owner of the Bitbucket repository." + }, + "providerType": { + "type": "string", + "description": "The name of the external provider where your third-party code repository is configured. You must specify either a ProviderType or a HostArn.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the tags applied to a connection." + } + }, + "autoNamingSpec": { + "sdkName": "connectionName", + "minLength": 1, + "maxLength": 32 + }, + "createOnly": [ + "connectionName", + "hostArn", + "providerType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codestarconnections:RepositoryLink": { + "cf": "AWS::CodeStarConnections::RepositoryLink", + "inputs": { + "connectionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the CodeStarConnection. The ARN is used as the connection reference when the connection is shared between AWS services." + }, + "encryptionKeyArn": { + "type": "string", + "description": "The ARN of the KMS key that the customer can optionally specify to use to encrypt RepositoryLink properties. If not specified, a default key will be used." + }, + "ownerId": { + "type": "string", + "description": "the ID of the entity that owns the repository." + }, + "repositoryName": { + "type": "string", + "description": "The repository for which the link is being created." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the tags applied to a RepositoryLink." + } + }, + "outputs": { + "connectionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the CodeStarConnection. The ARN is used as the connection reference when the connection is shared between AWS services." + }, + "encryptionKeyArn": { + "type": "string", + "description": "The ARN of the KMS key that the customer can optionally specify to use to encrypt RepositoryLink properties. If not specified, a default key will be used." + }, + "ownerId": { + "type": "string", + "description": "the ID of the entity that owns the repository.", + "replaceOnChanges": true + }, + "providerType": { + "$ref": "#/types/aws-native:codestarconnections:RepositoryLinkProviderType", + "description": "The name of the external provider where your third-party code repository is configured." + }, + "repositoryLinkArn": { + "type": "string", + "description": "A unique Amazon Resource Name (ARN) to designate the repository link." + }, + "repositoryLinkId": { + "type": "string", + "description": "A UUID that uniquely identifies the RepositoryLink." + }, + "repositoryName": { + "type": "string", + "description": "The repository for which the link is being created.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the tags applied to a RepositoryLink." + } + }, + "required": [ + "connectionArn", + "ownerId", + "repositoryName" + ], + "createOnly": [ + "ownerId", + "repositoryName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:codestarconnections:SyncConfiguration": { + "cf": "AWS::CodeStarConnections::SyncConfiguration", + "inputs": { + "branch": { + "type": "string", + "description": "The name of the branch of the repository from which resources are to be synchronized," + }, + "configFile": { + "type": "string", + "description": "The source provider repository path of the sync configuration file of the respective SyncType." + }, + "publishDeploymentStatus": { + "$ref": "#/types/aws-native:codestarconnections:SyncConfigurationPublishDeploymentStatus", + "description": "Whether to enable or disable publishing of deployment status to source providers." + }, + "repositoryLinkId": { + "type": "string", + "description": "A UUID that uniquely identifies the RepositoryLink that the SyncConfig is associated with." + }, + "resourceName": { + "type": "string", + "description": "The name of the resource that is being synchronized to the repository." + }, + "roleArn": { + "type": "string", + "description": "The IAM Role that allows AWS to update CloudFormation stacks based on content in the specified repository." + }, + "syncType": { + "type": "string", + "description": "The type of resource synchronization service that is to be configured, for example, CFN_STACK_SYNC." + }, + "triggerResourceUpdateOn": { + "$ref": "#/types/aws-native:codestarconnections:SyncConfigurationTriggerResourceUpdateOn", + "description": "When to trigger Git sync to begin the stack update." + } + }, + "outputs": { + "branch": { + "type": "string", + "description": "The name of the branch of the repository from which resources are to be synchronized," + }, + "configFile": { + "type": "string", + "description": "The source provider repository path of the sync configuration file of the respective SyncType." + }, + "ownerId": { + "type": "string", + "description": "the ID of the entity that owns the repository." + }, + "providerType": { + "$ref": "#/types/aws-native:codestarconnections:SyncConfigurationProviderType", + "description": "The name of the external provider where your third-party code repository is configured." + }, + "publishDeploymentStatus": { + "$ref": "#/types/aws-native:codestarconnections:SyncConfigurationPublishDeploymentStatus", + "description": "Whether to enable or disable publishing of deployment status to source providers." + }, + "repositoryLinkId": { + "type": "string", + "description": "A UUID that uniquely identifies the RepositoryLink that the SyncConfig is associated with." + }, + "repositoryName": { + "type": "string", + "description": "The name of the repository that is being synced to." + }, + "resourceName": { + "type": "string", + "description": "The name of the resource that is being synchronized to the repository.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The IAM Role that allows AWS to update CloudFormation stacks based on content in the specified repository." + }, + "syncType": { + "type": "string", + "description": "The type of resource synchronization service that is to be configured, for example, CFN_STACK_SYNC.", + "replaceOnChanges": true + }, + "triggerResourceUpdateOn": { + "$ref": "#/types/aws-native:codestarconnections:SyncConfigurationTriggerResourceUpdateOn", + "description": "When to trigger Git sync to begin the stack update." + } + }, + "required": [ + "branch", + "configFile", + "repositoryLinkId", + "resourceName", + "roleArn", + "syncType" + ], + "createOnly": [ + "resourceName", + "syncType" + ] + }, + "aws-native:codestarnotifications:NotificationRule": { + "cf": "AWS::CodeStarNotifications::NotificationRule", + "inputs": { + "createdBy": { + "type": "string", + "description": "The name or email alias of the person who created the notification rule." + }, + "detailType": { + "$ref": "#/types/aws-native:codestarnotifications:NotificationRuleDetailType", + "description": "The level of detail to include in the notifications for this resource. `BASIC` will include only the contents of the event as it would appear in Amazon CloudWatch. `FULL` will include any supplemental information provided by AWS CodeStar Notifications and/or the service for the resource for which the notification is created." + }, + "eventTypeId": { + "type": "string", + "description": "The event type associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* ." + }, + "eventTypeIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of event types associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* ." + }, + "name": { + "type": "string", + "description": "The name for the notification rule. Notification rule names must be unique in your AWS account ." + }, + "resource": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the resource to associate with the notification rule. Supported resources include pipelines in AWS CodePipeline , repositories in AWS CodeCommit , and build projects in AWS CodeBuild ." + }, + "status": { + "$ref": "#/types/aws-native:codestarnotifications:NotificationRuleStatus", + "description": "The status of the notification rule. The default value is `ENABLED` . If the status is set to `DISABLED` , notifications aren't sent for the notification rule." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A list of tags to apply to this notification rule. Key names cannot start with \" `aws` \"." + }, + "targetAddress": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic or AWS Chatbot client." + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codestarnotifications:NotificationRuleTarget" + }, + "description": "A list of Amazon Resource Names (ARNs) of Amazon SNS topics and AWS Chatbot clients to associate with the notification rule." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the notification rule." + }, + "createdBy": { + "type": "string", + "description": "The name or email alias of the person who created the notification rule." + }, + "detailType": { + "$ref": "#/types/aws-native:codestarnotifications:NotificationRuleDetailType", + "description": "The level of detail to include in the notifications for this resource. `BASIC` will include only the contents of the event as it would appear in Amazon CloudWatch. `FULL` will include any supplemental information provided by AWS CodeStar Notifications and/or the service for the resource for which the notification is created." + }, + "eventTypeId": { + "type": "string", + "description": "The event type associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* ." + }, + "eventTypeIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of event types associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* ." + }, + "name": { + "type": "string", + "description": "The name for the notification rule. Notification rule names must be unique in your AWS account ." + }, + "resource": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the resource to associate with the notification rule. Supported resources include pipelines in AWS CodePipeline , repositories in AWS CodeCommit , and build projects in AWS CodeBuild .", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:codestarnotifications:NotificationRuleStatus", + "description": "The status of the notification rule. The default value is `ENABLED` . If the status is set to `DISABLED` , notifications aren't sent for the notification rule." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A list of tags to apply to this notification rule. Key names cannot start with \" `aws` \"." + }, + "targetAddress": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic or AWS Chatbot client." + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codestarnotifications:NotificationRuleTarget" + }, + "description": "A list of Amazon Resource Names (ARNs) of Amazon SNS topics and AWS Chatbot clients to associate with the notification rule." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "detailType", + "eventTypeIds", + "resource", + "targets" + ], + "createOnly": [ + "resource" + ], + "writeOnly": [ + "eventTypeId", + "targetAddress" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:cognito:IdentityPool": { + "cf": "AWS::Cognito::IdentityPool", + "inputs": { + "allowClassicFlow": { + "type": "boolean", + "description": "Enables the Basic (Classic) authentication flow." + }, + "allowUnauthenticatedIdentities": { + "type": "boolean", + "description": "Specifies whether the identity pool supports unauthenticated logins." + }, + "cognitoEvents": { + "$ref": "pulumi.json#/Any", + "description": "The events to configure.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::IdentityPool` for more information about the expected schema for this property." + }, + "cognitoIdentityProviders": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:IdentityPoolCognitoIdentityProvider" + }, + "description": "The Amazon Cognito user pools and their client IDs." + }, + "cognitoStreams": { + "$ref": "#/types/aws-native:cognito:IdentityPoolCognitoStreams", + "description": "Configuration options for configuring Amazon Cognito streams." + }, + "developerProviderName": { + "type": "string", + "description": "The \"domain\" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).\n\n*Minimum length* : 1\n\n*Maximum length* : 100" + }, + "identityPoolName": { + "type": "string", + "description": "The name of your Amazon Cognito identity pool.\n\n*Minimum length* : 1\n\n*Maximum length* : 128\n\n*Pattern* : `[\\w\\s+=,.@-]+`" + }, + "identityPoolTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "openIdConnectProviderArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the OpenID connect providers." + }, + "pushSync": { + "$ref": "#/types/aws-native:cognito:IdentityPoolPushSync", + "description": "The configuration options to be applied to the identity pool." + }, + "samlProviderArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers." + }, + "supportedLoginProviders": { + "$ref": "pulumi.json#/Any", + "description": "Key-value pairs that map provider names to provider app IDs.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::IdentityPool` for more information about the expected schema for this property." + } + }, + "outputs": { + "allowClassicFlow": { + "type": "boolean", + "description": "Enables the Basic (Classic) authentication flow." + }, + "allowUnauthenticatedIdentities": { + "type": "boolean", + "description": "Specifies whether the identity pool supports unauthenticated logins." + }, + "awsId": { + "type": "string" + }, + "cognitoEvents": { + "$ref": "pulumi.json#/Any", + "description": "The events to configure.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::IdentityPool` for more information about the expected schema for this property." + }, + "cognitoIdentityProviders": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:IdentityPoolCognitoIdentityProvider" + }, + "description": "The Amazon Cognito user pools and their client IDs." + }, + "cognitoStreams": { + "$ref": "#/types/aws-native:cognito:IdentityPoolCognitoStreams", + "description": "Configuration options for configuring Amazon Cognito streams." + }, + "developerProviderName": { + "type": "string", + "description": "The \"domain\" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).\n\n*Minimum length* : 1\n\n*Maximum length* : 100" + }, + "identityPoolName": { + "type": "string", + "description": "The name of your Amazon Cognito identity pool.\n\n*Minimum length* : 1\n\n*Maximum length* : 128\n\n*Pattern* : `[\\w\\s+=,.@-]+`" + }, + "identityPoolTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "name": { + "type": "string", + "description": "The name of the Amazon Cognito identity pool, returned as a string." + }, + "openIdConnectProviderArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the OpenID connect providers." + }, + "pushSync": { + "$ref": "#/types/aws-native:cognito:IdentityPoolPushSync", + "description": "The configuration options to be applied to the identity pool." + }, + "samlProviderArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers." + }, + "supportedLoginProviders": { + "$ref": "pulumi.json#/Any", + "description": "Key-value pairs that map provider names to provider app IDs.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::IdentityPool` for more information about the expected schema for this property." + } + }, + "autoNamingSpec": { + "sdkName": "identityPoolName" + }, + "required": [ + "allowUnauthenticatedIdentities" + ], + "writeOnly": [ + "cognitoEvents", + "cognitoStreams", + "pushSync" + ], + "irreversibleNames": { + "awsId": "Id", + "openIdConnectProviderArns": "OpenIdConnectProviderARNs", + "samlProviderArns": "SamlProviderARNs" + }, + "tagsProperty": "identityPoolTags", + "tagsStyle": "keyValueArray" + }, + "aws-native:cognito:IdentityPoolPrincipalTag": { + "cf": "AWS::Cognito::IdentityPoolPrincipalTag", + "inputs": { + "identityPoolId": { + "type": "string", + "description": "The identity pool that you want to associate with this principal tag map." + }, + "identityProviderName": { + "type": "string", + "description": "The identity pool identity provider (IdP) that you want to associate with this principal tag map." + }, + "principalTags": { + "$ref": "pulumi.json#/Any", + "description": "A JSON-formatted list of user claims and the principal tags that you want to associate with them. When Amazon Cognito requests credentials, it sets the value of the principal tag to the value of the user's claim.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::IdentityPoolPrincipalTag` for more information about the expected schema for this property." + }, + "useDefaults": { + "type": "boolean", + "description": "Use a default set of mappings between claims and tags for this provider, instead of a custom map." + } + }, + "outputs": { + "identityPoolId": { + "type": "string", + "description": "The identity pool that you want to associate with this principal tag map.", + "replaceOnChanges": true + }, + "identityProviderName": { + "type": "string", + "description": "The identity pool identity provider (IdP) that you want to associate with this principal tag map.", + "replaceOnChanges": true + }, + "principalTags": { + "$ref": "pulumi.json#/Any", + "description": "A JSON-formatted list of user claims and the principal tags that you want to associate with them. When Amazon Cognito requests credentials, it sets the value of the principal tag to the value of the user's claim.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::IdentityPoolPrincipalTag` for more information about the expected schema for this property." + }, + "useDefaults": { + "type": "boolean", + "description": "Use a default set of mappings between claims and tags for this provider, instead of a custom map." + } + }, + "required": [ + "identityPoolId", + "identityProviderName" + ], + "createOnly": [ + "identityPoolId", + "identityProviderName" + ] + }, + "aws-native:cognito:IdentityPoolRoleAttachment": { + "cf": "AWS::Cognito::IdentityPoolRoleAttachment", + "inputs": { + "identityPoolId": { + "type": "string", + "description": "An identity pool ID in the format `REGION:GUID` ." + }, + "roleMappings": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:cognito:IdentityPoolRoleAttachmentRoleMapping" + }, + "description": "How users for a specific identity provider are mapped to roles. This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .\n\nIf the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.\n\nFor more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) ." + }, + "roles": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The map of the roles associated with this pool. For a given role, the key is either \"authenticated\" or \"unauthenticated\". The value is the role ARN." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The resource ID." + }, + "identityPoolId": { + "type": "string", + "description": "An identity pool ID in the format `REGION:GUID` .", + "replaceOnChanges": true + }, + "roleMappings": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:cognito:IdentityPoolRoleAttachmentRoleMapping" + }, + "description": "How users for a specific identity provider are mapped to roles. This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .\n\nIf the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.\n\nFor more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) ." + }, + "roles": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The map of the roles associated with this pool. For a given role, the key is either \"authenticated\" or \"unauthenticated\". The value is the role ARN." + } + }, + "required": [ + "identityPoolId" + ], + "createOnly": [ + "identityPoolId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cognito:LogDeliveryConfiguration": { + "cf": "AWS::Cognito::LogDeliveryConfiguration", + "inputs": { + "logConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:LogDeliveryConfigurationLogConfiguration" + }, + "description": "A logging destination of a user pool. User pools can have multiple logging destinations for message-delivery and user-activity logs." + }, + "userPoolId": { + "type": "string", + "description": "The ID of the user pool where you configured logging." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "A user pool ID, for example `us-east-1_EXAMPLE` ." + }, + "logConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:LogDeliveryConfigurationLogConfiguration" + }, + "description": "A logging destination of a user pool. User pools can have multiple logging destinations for message-delivery and user-activity logs." + }, + "userPoolId": { + "type": "string", + "description": "The ID of the user pool where you configured logging.", + "replaceOnChanges": true + } + }, + "required": [ + "userPoolId" + ], + "createOnly": [ + "userPoolId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cognito:UserPool": { + "cf": "AWS::Cognito::UserPool", + "inputs": { + "accountRecoverySetting": { + "$ref": "#/types/aws-native:cognito:UserPoolAccountRecoverySetting", + "description": "Use this setting to define which verified available method a user can use to recover their password when they call `ForgotPassword` . It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email." + }, + "adminCreateUserConfig": { + "$ref": "#/types/aws-native:cognito:UserPoolAdminCreateUserConfig", + "description": "The configuration for creating a new user profile." + }, + "aliasAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Attributes supported as an alias for this user pool. Possible values: *phone_number* , *email* , or *preferred_username* .\n\n\u003e This user pool property cannot be updated." + }, + "autoVerifiedAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The attributes to be auto-verified. Possible values: *email* , *phone_number* ." + }, + "deletionProtection": { + "type": "string", + "description": "When active, `DeletionProtection` prevents accidental deletion of your user\npool. Before you can delete a user pool that you have protected against deletion, you\nmust deactivate this feature.\n\nWhen you try to delete a protected user pool in a `DeleteUserPool` API request, Amazon Cognito returns an `InvalidParameterException` error. To delete a protected user pool, send a new `DeleteUserPool` request after you deactivate deletion protection in an `UpdateUserPool` API request." + }, + "deviceConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolDeviceConfiguration", + "description": "The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.\n\n\u003e When you provide a value for any `DeviceConfiguration` field, you activate the Amazon Cognito device-remembering feature." + }, + "emailConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolEmailConfiguration", + "description": "The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool." + }, + "emailVerificationMessage": { + "type": "string", + "description": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html) ." + }, + "emailVerificationSubject": { + "type": "string", + "description": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html) ." + }, + "enabledMfas": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Enables MFA on a specified user pool. To disable all MFAs after it has been enabled, set MfaConfiguration to \"OFF\" and remove EnabledMfas. MFAs can only be all disabled if MfaConfiguration is OFF. Once SMS_MFA is enabled, SMS_MFA can only be disabled by setting MfaConfiguration to \"OFF\". Can be one of the following values:\n\n- `SMS_MFA` - Enables SMS MFA for the user pool. SMS_MFA can only be enabled if SMS configuration is provided.\n- `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.\n\nAllowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA`" + }, + "lambdaConfig": { + "$ref": "#/types/aws-native:cognito:UserPoolLambdaConfig", + "description": "The Lambda trigger configuration information for the new user pool.\n\n\u003e In a push model, event sources (such as Amazon S3 and custom applications) need permission to invoke a function. So you must make an extra call to add permission for these event sources to invoke your Lambda function.\n\u003e \n\u003e For more information on using the Lambda API to add permission, see [AddPermission](https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html) .\n\u003e \n\u003e For adding permission using the AWS CLI , see [add-permission](https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html) ." + }, + "mfaConfiguration": { + "type": "string", + "description": "The multi-factor authentication (MFA) configuration. Valid values include:\n\n- `OFF` MFA won't be used for any users.\n- `ON` MFA is required for all users to sign in.\n- `OPTIONAL` MFA will be required only for individual users who have an MFA factor activated." + }, + "policies": { + "$ref": "#/types/aws-native:cognito:UserPoolPolicies", + "description": "The policy associated with a user pool." + }, + "schema": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:UserPoolSchemaAttribute" + }, + "description": "The schema attributes for the new user pool. These attributes can be standard or custom attributes.\n\n\u003e During a user pool update, you can add new schema attributes but you cannot modify or delete an existing schema attribute." + }, + "smsAuthenticationMessage": { + "type": "string", + "description": "A string representing the SMS authentication message." + }, + "smsConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolSmsConfiguration", + "description": "The SMS configuration with the settings that your Amazon Cognito user pool must use to send an SMS message from your AWS account through Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account ." + }, + "smsVerificationMessage": { + "type": "string", + "description": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html) ." + }, + "userAttributeUpdateSettings": { + "$ref": "#/types/aws-native:cognito:UserPoolUserAttributeUpdateSettings", + "description": "The settings for updates to user attributes. These settings include the property `AttributesRequireVerificationBeforeUpdate` ,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see [Verifying updates to email addresses and phone numbers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates) ." + }, + "userPoolAddOns": { + "$ref": "#/types/aws-native:cognito:UserPoolAddOns", + "description": "User pool add-ons. Contains settings for activation of advanced security features. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to risky traffic to your user pool, set to `ENFORCED` .\n\nFor more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) ." + }, + "userPoolName": { + "type": "string", + "description": "A string used to name the user pool." + }, + "userPoolTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria." + }, + "usernameAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Determines whether email addresses or phone numbers can be specified as user names when a user signs up. Possible values: `phone_number` or `email` .\n\nThis user pool property cannot be updated." + }, + "usernameConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolUsernameConfiguration", + "description": "You can choose to set case sensitivity on the username input for the selected sign-in option. For example, when this is set to `False` , users will be able to sign in using either \"username\" or \"Username\". This configuration is immutable once it has been set." + }, + "verificationMessageTemplate": { + "$ref": "#/types/aws-native:cognito:UserPoolVerificationMessageTemplate", + "description": "The template for the verification message that the user sees when the app requests permission to access the user's information." + } + }, + "outputs": { + "accountRecoverySetting": { + "$ref": "#/types/aws-native:cognito:UserPoolAccountRecoverySetting", + "description": "Use this setting to define which verified available method a user can use to recover their password when they call `ForgotPassword` . It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email." + }, + "adminCreateUserConfig": { + "$ref": "#/types/aws-native:cognito:UserPoolAdminCreateUserConfig", + "description": "The configuration for creating a new user profile." + }, + "aliasAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Attributes supported as an alias for this user pool. Possible values: *phone_number* , *email* , or *preferred_username* .\n\n\u003e This user pool property cannot be updated." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the user pool, such as `arn:aws:cognito-idp:us-east-1:123412341234:userpool/us-east-1_123412341` ." + }, + "autoVerifiedAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The attributes to be auto-verified. Possible values: *email* , *phone_number* ." + }, + "deletionProtection": { + "type": "string", + "description": "When active, `DeletionProtection` prevents accidental deletion of your user\npool. Before you can delete a user pool that you have protected against deletion, you\nmust deactivate this feature.\n\nWhen you try to delete a protected user pool in a `DeleteUserPool` API request, Amazon Cognito returns an `InvalidParameterException` error. To delete a protected user pool, send a new `DeleteUserPool` request after you deactivate deletion protection in an `UpdateUserPool` API request." + }, + "deviceConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolDeviceConfiguration", + "description": "The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.\n\n\u003e When you provide a value for any `DeviceConfiguration` field, you activate the Amazon Cognito device-remembering feature." + }, + "emailConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolEmailConfiguration", + "description": "The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool." + }, + "emailVerificationMessage": { + "type": "string", + "description": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html) ." + }, + "emailVerificationSubject": { + "type": "string", + "description": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html) ." + }, + "enabledMfas": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Enables MFA on a specified user pool. To disable all MFAs after it has been enabled, set MfaConfiguration to \"OFF\" and remove EnabledMfas. MFAs can only be all disabled if MfaConfiguration is OFF. Once SMS_MFA is enabled, SMS_MFA can only be disabled by setting MfaConfiguration to \"OFF\". Can be one of the following values:\n\n- `SMS_MFA` - Enables SMS MFA for the user pool. SMS_MFA can only be enabled if SMS configuration is provided.\n- `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.\n\nAllowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA`" + }, + "lambdaConfig": { + "$ref": "#/types/aws-native:cognito:UserPoolLambdaConfig", + "description": "The Lambda trigger configuration information for the new user pool.\n\n\u003e In a push model, event sources (such as Amazon S3 and custom applications) need permission to invoke a function. So you must make an extra call to add permission for these event sources to invoke your Lambda function.\n\u003e \n\u003e For more information on using the Lambda API to add permission, see [AddPermission](https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html) .\n\u003e \n\u003e For adding permission using the AWS CLI , see [add-permission](https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html) ." + }, + "mfaConfiguration": { + "type": "string", + "description": "The multi-factor authentication (MFA) configuration. Valid values include:\n\n- `OFF` MFA won't be used for any users.\n- `ON` MFA is required for all users to sign in.\n- `OPTIONAL` MFA will be required only for individual users who have an MFA factor activated." + }, + "policies": { + "$ref": "#/types/aws-native:cognito:UserPoolPolicies", + "description": "The policy associated with a user pool." + }, + "providerName": { + "type": "string", + "description": "The provider name of the Amazon Cognito user pool, specified as a `String` ." + }, + "providerUrl": { + "type": "string", + "description": "The URL of the provider of the Amazon Cognito user pool, specified as a `String` ." + }, + "schema": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:UserPoolSchemaAttribute" + }, + "description": "The schema attributes for the new user pool. These attributes can be standard or custom attributes.\n\n\u003e During a user pool update, you can add new schema attributes but you cannot modify or delete an existing schema attribute." + }, + "smsAuthenticationMessage": { + "type": "string", + "description": "A string representing the SMS authentication message." + }, + "smsConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolSmsConfiguration", + "description": "The SMS configuration with the settings that your Amazon Cognito user pool must use to send an SMS message from your AWS account through Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account ." + }, + "smsVerificationMessage": { + "type": "string", + "description": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html) ." + }, + "userAttributeUpdateSettings": { + "$ref": "#/types/aws-native:cognito:UserPoolUserAttributeUpdateSettings", + "description": "The settings for updates to user attributes. These settings include the property `AttributesRequireVerificationBeforeUpdate` ,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see [Verifying updates to email addresses and phone numbers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates) ." + }, + "userPoolAddOns": { + "$ref": "#/types/aws-native:cognito:UserPoolAddOns", + "description": "User pool add-ons. Contains settings for activation of advanced security features. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to risky traffic to your user pool, set to `ENFORCED` .\n\nFor more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) ." + }, + "userPoolId": { + "type": "string", + "description": "The ID of the user pool." + }, + "userPoolName": { + "type": "string", + "description": "A string used to name the user pool." + }, + "userPoolTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria." + }, + "usernameAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Determines whether email addresses or phone numbers can be specified as user names when a user signs up. Possible values: `phone_number` or `email` .\n\nThis user pool property cannot be updated." + }, + "usernameConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolUsernameConfiguration", + "description": "You can choose to set case sensitivity on the username input for the selected sign-in option. For example, when this is set to `False` , users will be able to sign in using either \"username\" or \"Username\". This configuration is immutable once it has been set." + }, + "verificationMessageTemplate": { + "$ref": "#/types/aws-native:cognito:UserPoolVerificationMessageTemplate", + "description": "The template for the verification message that the user sees when the app requests permission to access the user's information." + } + }, + "autoNamingSpec": { + "sdkName": "userPoolName", + "minLength": 1, + "maxLength": 128 + }, + "writeOnly": [ + "enabledMfas" + ], + "irreversibleNames": { + "providerUrl": "ProviderURL" + }, + "tagsProperty": "userPoolTags", + "tagsStyle": "stringMap" + }, + "aws-native:cognito:UserPoolClient": { + "cf": "AWS::Cognito::UserPoolClient", + "inputs": { + "accessTokenValidity": { + "type": "integer", + "description": "The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for `AccessTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `AccessTokenValidity` to `10` and `TokenValidityUnits` to `hours` , your user can authorize access with their access token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours." + }, + "allowedOAuthFlows": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The OAuth grant types that you want your app client to generate. To create an app client that generates client credentials grants, you must add `client_credentials` as the only allowed OAuth flow.\n\n- **code** - Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the `/oauth2/token` endpoint.\n- **implicit** - Issue the access token (and, optionally, ID token, based on scopes) directly to your user.\n- **client_credentials** - Issue the access token from the `/oauth2/token` endpoint directly to a non-person user using a combination of the client ID and client secret." + }, + "allowedOAuthFlowsUserPoolClient": { + "type": "boolean", + "description": "Set to `true` to use OAuth 2.0 features in your user pool app client.\n\n`AllowedOAuthFlowsUserPoolClient` must be `true` before you can configure the following features in your app client.\n\n- `CallBackURLs` : Callback URLs.\n- `LogoutURLs` : Sign-out redirect URLs.\n- `AllowedOAuthScopes` : OAuth 2.0 scopes.\n- `AllowedOAuthFlows` : Support for authorization code, implicit, and client credentials OAuth 2.0 grants.\n\nTo use OAuth 2.0 features, configure one of these features in the Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API request. If you don't set a value for `AllowedOAuthFlowsUserPoolClient` in a request with the AWS CLI or SDKs, it defaults to `false` ." + }, + "allowedOAuthScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The allowed OAuth scopes. Possible values provided by OAuth are `phone` , `email` , `openid` , and `profile` . Possible values provided by AWS are `aws.cognito.signin.user.admin` . Custom scopes created in Resource Servers are also supported." + }, + "analyticsConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolClientAnalyticsConfiguration", + "description": "The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.\n\n\u003e In AWS Regions where Amazon Pinpoint isn't available, user pools only support sending events to Amazon Pinpoint projects in AWS Region us-east-1. In Regions where Amazon Pinpoint is available, user pools support sending events to Amazon Pinpoint projects within that same Region." + }, + "authSessionValidity": { + "type": "integer", + "description": "Amazon Cognito creates a session token for each API request in an authentication flow. `AuthSessionValidity` is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires." + }, + "callbackUrls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of allowed redirect (callback) URLs for the IdPs.\n\nA redirect URI must:\n\n- Be an absolute URI.\n- Be registered with the authorization server.\n- Not include a fragment component.\n\nSee [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported." + }, + "clientName": { + "type": "string", + "description": "The client name for the user pool client you would like to create." + }, + "defaultRedirectUri": { + "type": "string", + "description": "The default redirect URI. In app clients with one assigned IdP, replaces `redirect_uri` in authentication requests. Must be in the `CallbackURLs` list.\n\nA redirect URI must:\n\n- Be an absolute URI.\n- Be registered with the authorization server.\n- Not include a fragment component.\n\nFor more information, see [Default redirect URI](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#cognito-user-pools-app-idp-settings-about) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported." + }, + "enablePropagateAdditionalUserContextData": { + "type": "boolean", + "description": "Activates the propagation of additional user context data. For more information about propagation of user context data, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . If you don’t include this parameter, you can't send device fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate `EnablePropagateAdditionalUserContextData` in an app client that has a client secret." + }, + "enableTokenRevocation": { + "type": "boolean", + "description": "Activates or deactivates token revocation. For more information about revoking tokens, see [RevokeToken](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html) .\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client." + }, + "explicitAuthFlows": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n\u003e If you don't specify a value for `ExplicitAuthFlows` , your user client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nValid values include:\n\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` ." + }, + "generateSecret": { + "type": "boolean", + "description": "Boolean to specify whether you want to generate a secret for the user pool client being created." + }, + "idTokenValidity": { + "type": "integer", + "description": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours." + }, + "logoutUrls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of allowed logout URLs for the IdPs." + }, + "preventUserExistenceErrors": { + "type": "string", + "description": "Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool." + }, + "readAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of user attributes that you want your app client to have read-only access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list. An example of this kind of activity is when your user selects a link to view their profile information. Your app makes a [GetUser](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html) API request to retrieve and display your user's profile data.\n\nWhen you don't specify the `ReadAttributes` for your app client, your app can read the values of `email_verified` , `phone_number_verified` , and the Standard attributes of your user pool. When your user pool has read access to these default attributes, `ReadAttributes` doesn't return any information. Amazon Cognito only populates `ReadAttributes` in the API response if you have specified your own custom set of read attributes." + }, + "refreshTokenValidity": { + "type": "integer", + "description": "The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for `RefreshTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `RefreshTokenValidity` as `10` and `TokenValidityUnits` as `days` , your user can refresh their session and retrieve new access and ID tokens for 10 days.\n\nThe default time unit for `RefreshTokenValidity` in an API request is days. You can't set `RefreshTokenValidity` to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days." + }, + "supportedIdentityProviders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: `COGNITO` , `Facebook` , `Google` , `SignInWithApple` , and `LoginWithAmazon` . You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example `MySAMLIdP` or `MyOIDCIdP` ." + }, + "tokenValidityUnits": { + "$ref": "#/types/aws-native:cognito:UserPoolClientTokenValidityUnits", + "description": "The units in which the validity times are represented. The default unit for RefreshToken is days, and default for ID and access tokens are hours." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool where you want to create a user pool client." + }, + "writeAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list. An example of this kind of activity is when you present your user with a form to update their profile information and they change their last name. Your app then makes an [UpdateUserAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html) API request and sets `family_name` to the new value.\n\nWhen you don't specify the `WriteAttributes` for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, `WriteAttributes` doesn't return any information. Amazon Cognito only populates `WriteAttributes` in the API response if you have specified your own custom set of write attributes.\n\nIf your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying IdP Attribute Mappings for Your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) ." + } + }, + "outputs": { + "accessTokenValidity": { + "type": "integer", + "description": "The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for `AccessTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `AccessTokenValidity` to `10` and `TokenValidityUnits` to `hours` , your user can authorize access with their access token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours." + }, + "allowedOAuthFlows": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The OAuth grant types that you want your app client to generate. To create an app client that generates client credentials grants, you must add `client_credentials` as the only allowed OAuth flow.\n\n- **code** - Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the `/oauth2/token` endpoint.\n- **implicit** - Issue the access token (and, optionally, ID token, based on scopes) directly to your user.\n- **client_credentials** - Issue the access token from the `/oauth2/token` endpoint directly to a non-person user using a combination of the client ID and client secret." + }, + "allowedOAuthFlowsUserPoolClient": { + "type": "boolean", + "description": "Set to `true` to use OAuth 2.0 features in your user pool app client.\n\n`AllowedOAuthFlowsUserPoolClient` must be `true` before you can configure the following features in your app client.\n\n- `CallBackURLs` : Callback URLs.\n- `LogoutURLs` : Sign-out redirect URLs.\n- `AllowedOAuthScopes` : OAuth 2.0 scopes.\n- `AllowedOAuthFlows` : Support for authorization code, implicit, and client credentials OAuth 2.0 grants.\n\nTo use OAuth 2.0 features, configure one of these features in the Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API request. If you don't set a value for `AllowedOAuthFlowsUserPoolClient` in a request with the AWS CLI or SDKs, it defaults to `false` ." + }, + "allowedOAuthScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The allowed OAuth scopes. Possible values provided by OAuth are `phone` , `email` , `openid` , and `profile` . Possible values provided by AWS are `aws.cognito.signin.user.admin` . Custom scopes created in Resource Servers are also supported." + }, + "analyticsConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolClientAnalyticsConfiguration", + "description": "The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.\n\n\u003e In AWS Regions where Amazon Pinpoint isn't available, user pools only support sending events to Amazon Pinpoint projects in AWS Region us-east-1. In Regions where Amazon Pinpoint is available, user pools support sending events to Amazon Pinpoint projects within that same Region." + }, + "authSessionValidity": { + "type": "integer", + "description": "Amazon Cognito creates a session token for each API request in an authentication flow. `AuthSessionValidity` is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires." + }, + "callbackUrls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of allowed redirect (callback) URLs for the IdPs.\n\nA redirect URI must:\n\n- Be an absolute URI.\n- Be registered with the authorization server.\n- Not include a fragment component.\n\nSee [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported." + }, + "clientId": { + "type": "string", + "description": "The ID of the app client, for example `1example23456789` ." + }, + "clientName": { + "type": "string", + "description": "The client name for the user pool client you would like to create." + }, + "clientSecret": { + "type": "string" + }, + "defaultRedirectUri": { + "type": "string", + "description": "The default redirect URI. In app clients with one assigned IdP, replaces `redirect_uri` in authentication requests. Must be in the `CallbackURLs` list.\n\nA redirect URI must:\n\n- Be an absolute URI.\n- Be registered with the authorization server.\n- Not include a fragment component.\n\nFor more information, see [Default redirect URI](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#cognito-user-pools-app-idp-settings-about) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported." + }, + "enablePropagateAdditionalUserContextData": { + "type": "boolean", + "description": "Activates the propagation of additional user context data. For more information about propagation of user context data, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . If you don’t include this parameter, you can't send device fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate `EnablePropagateAdditionalUserContextData` in an app client that has a client secret." + }, + "enableTokenRevocation": { + "type": "boolean", + "description": "Activates or deactivates token revocation. For more information about revoking tokens, see [RevokeToken](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html) .\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client." + }, + "explicitAuthFlows": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n\u003e If you don't specify a value for `ExplicitAuthFlows` , your user client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nValid values include:\n\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` ." + }, + "generateSecret": { + "type": "boolean", + "description": "Boolean to specify whether you want to generate a secret for the user pool client being created.", + "replaceOnChanges": true + }, + "idTokenValidity": { + "type": "integer", + "description": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours." + }, + "logoutUrls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of allowed logout URLs for the IdPs." + }, + "name": { + "type": "string" + }, + "preventUserExistenceErrors": { + "type": "string", + "description": "Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool." + }, + "readAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of user attributes that you want your app client to have read-only access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list. An example of this kind of activity is when your user selects a link to view their profile information. Your app makes a [GetUser](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html) API request to retrieve and display your user's profile data.\n\nWhen you don't specify the `ReadAttributes` for your app client, your app can read the values of `email_verified` , `phone_number_verified` , and the Standard attributes of your user pool. When your user pool has read access to these default attributes, `ReadAttributes` doesn't return any information. Amazon Cognito only populates `ReadAttributes` in the API response if you have specified your own custom set of read attributes." + }, + "refreshTokenValidity": { + "type": "integer", + "description": "The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for `RefreshTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `RefreshTokenValidity` as `10` and `TokenValidityUnits` as `days` , your user can refresh their session and retrieve new access and ID tokens for 10 days.\n\nThe default time unit for `RefreshTokenValidity` in an API request is days. You can't set `RefreshTokenValidity` to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days." + }, + "supportedIdentityProviders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: `COGNITO` , `Facebook` , `Google` , `SignInWithApple` , and `LoginWithAmazon` . You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example `MySAMLIdP` or `MyOIDCIdP` ." + }, + "tokenValidityUnits": { + "$ref": "#/types/aws-native:cognito:UserPoolClientTokenValidityUnits", + "description": "The units in which the validity times are represented. The default unit for RefreshToken is days, and default for ID and access tokens are hours." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool where you want to create a user pool client.", + "replaceOnChanges": true + }, + "writeAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list. An example of this kind of activity is when you present your user with a form to update their profile information and they change their last name. Your app then makes an [UpdateUserAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html) API request and sets `family_name` to the new value.\n\nWhen you don't specify the `WriteAttributes` for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, `WriteAttributes` doesn't return any information. Amazon Cognito only populates `WriteAttributes` in the API response if you have specified your own custom set of write attributes.\n\nIf your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying IdP Attribute Mappings for Your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "clientName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "userPoolId" + ], + "createOnly": [ + "generateSecret", + "userPoolId" + ], + "irreversibleNames": { + "callbackUrls": "CallbackURLs", + "defaultRedirectUri": "DefaultRedirectURI", + "logoutUrls": "LogoutURLs" + } + }, + "aws-native:cognito:UserPoolDomain": { + "cf": "AWS::Cognito::UserPoolDomain", + "inputs": { + "customDomainConfig": { + "$ref": "#/types/aws-native:cognito:UserPoolDomainCustomDomainConfigType", + "description": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM." + }, + "domain": { + "type": "string", + "description": "The domain name for the domain that hosts the sign-up and sign-in pages for your application. For example: `auth.example.com` . If you're using a prefix domain, this field denotes the first part of the domain before `.auth.[region].amazoncognito.com` .\n\nThis string can include only lowercase letters, numbers, and hyphens. Don't use a hyphen for the first or last character. Use periods to separate subdomain names." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool where you want to associate a user pool domain." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The resource ID." + }, + "cloudFrontDistribution": { + "type": "string", + "description": "The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider." + }, + "customDomainConfig": { + "$ref": "#/types/aws-native:cognito:UserPoolDomainCustomDomainConfigType", + "description": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM." + }, + "domain": { + "type": "string", + "description": "The domain name for the domain that hosts the sign-up and sign-in pages for your application. For example: `auth.example.com` . If you're using a prefix domain, this field denotes the first part of the domain before `.auth.[region].amazoncognito.com` .\n\nThis string can include only lowercase letters, numbers, and hyphens. Don't use a hyphen for the first or last character. Use periods to separate subdomain names.", + "replaceOnChanges": true + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool where you want to associate a user pool domain.", + "replaceOnChanges": true + } + }, + "required": [ + "domain", + "userPoolId" + ], + "createOnly": [ + "domain", + "userPoolId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cognito:UserPoolGroup": { + "cf": "AWS::Cognito::UserPoolGroup", + "inputs": { + "description": { + "type": "string", + "description": "A string containing the description of the group." + }, + "groupName": { + "type": "string", + "description": "The name of the group. Must be unique." + }, + "precedence": { + "type": "integer", + "description": "A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.\n\nTwo groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.\n\nThe default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` ." + }, + "roleArn": { + "type": "string", + "description": "The role Amazon Resource Name (ARN) for the group." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "A string containing the description of the group." + }, + "groupName": { + "type": "string", + "description": "The name of the group. Must be unique.", + "replaceOnChanges": true + }, + "precedence": { + "type": "integer", + "description": "A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.\n\nTwo groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.\n\nThe default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` ." + }, + "roleArn": { + "type": "string", + "description": "The role Amazon Resource Name (ARN) for the group." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "groupName" + }, + "required": [ + "userPoolId" + ], + "createOnly": [ + "groupName", + "userPoolId" + ] + }, + "aws-native:cognito:UserPoolIdentityProvider": { + "cf": "AWS::Cognito::UserPoolIdentityProvider", + "inputs": { + "attributeMapping": { + "$ref": "pulumi.json#/Any", + "description": "A mapping of IdP attributes to standard and custom user pool attributes.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::UserPoolIdentityProvider` for more information about the expected schema for this property." + }, + "idpIdentifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IdP identifiers." + }, + "providerDetails": { + "$ref": "pulumi.json#/Any", + "description": "The scopes, URLs, and identifiers for your external identity provider. The following\nexamples describe the provider detail keys for each IdP type. These values and their\nschema are subject to change. Social IdP `authorize_scopes` values must match\nthe values listed here.\n\n- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .\n\nCreate or update request: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n- **SAML** - Create or update request with Metadata URL: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nCreate or update request with Metadata file: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nThe value of `MetadataFile` must be the plaintext metadata document with all quote (\") characters escaped by backslashes.\n\nDescribe response: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }`\n- **LoginWithAmazon** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }`\n- **Google** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }`\n- **SignInWithApple** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }`\n- **Facebook** - Create or update request: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }`\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::UserPoolIdentityProvider` for more information about the expected schema for this property." + }, + "providerName": { + "type": "string", + "description": "The IdP name." + }, + "providerType": { + "type": "string", + "description": "The IdP type." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID." + } + }, + "outputs": { + "attributeMapping": { + "$ref": "pulumi.json#/Any", + "description": "A mapping of IdP attributes to standard and custom user pool attributes.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::UserPoolIdentityProvider` for more information about the expected schema for this property." + }, + "awsId": { + "type": "string", + "description": "The resource ID." + }, + "idpIdentifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IdP identifiers." + }, + "providerDetails": { + "$ref": "pulumi.json#/Any", + "description": "The scopes, URLs, and identifiers for your external identity provider. The following\nexamples describe the provider detail keys for each IdP type. These values and their\nschema are subject to change. Social IdP `authorize_scopes` values must match\nthe values listed here.\n\n- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .\n\nCreate or update request: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n- **SAML** - Create or update request with Metadata URL: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nCreate or update request with Metadata file: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nThe value of `MetadataFile` must be the plaintext metadata document with all quote (\") characters escaped by backslashes.\n\nDescribe response: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }`\n- **LoginWithAmazon** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }`\n- **Google** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }`\n- **SignInWithApple** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }`\n- **Facebook** - Create or update request: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }`\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::UserPoolIdentityProvider` for more information about the expected schema for this property." + }, + "providerName": { + "type": "string", + "description": "The IdP name.", + "replaceOnChanges": true + }, + "providerType": { + "type": "string", + "description": "The IdP type.", + "replaceOnChanges": true + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "providerName" + }, + "required": [ + "providerType", + "userPoolId" + ], + "createOnly": [ + "providerName", + "providerType", + "userPoolId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:cognito:UserPoolResourceServer": { + "cf": "AWS::Cognito::UserPoolResourceServer", + "inputs": { + "identifier": { + "type": "string", + "description": "A unique resource server identifier for the resource server. This could be an HTTPS endpoint where the resource server is located. For example: `https://my-weather-api.example.com` ." + }, + "name": { + "type": "string", + "description": "A friendly name for the resource server." + }, + "scopes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:UserPoolResourceServerResourceServerScopeType" + }, + "description": "A list of scopes. Each scope is a map with keys `ScopeName` and `ScopeDescription` ." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool." + } + }, + "outputs": { + "identifier": { + "type": "string", + "description": "A unique resource server identifier for the resource server. This could be an HTTPS endpoint where the resource server is located. For example: `https://my-weather-api.example.com` .", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "A friendly name for the resource server." + }, + "scopes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:UserPoolResourceServerResourceServerScopeType" + }, + "description": "A list of scopes. Each scope is a map with keys `ScopeName` and `ScopeDescription` ." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "identifier", + "userPoolId" + ], + "createOnly": [ + "identifier", + "userPoolId" + ] + }, + "aws-native:cognito:UserPoolRiskConfigurationAttachment": { + "cf": "AWS::Cognito::UserPoolRiskConfigurationAttachment", + "inputs": { + "accountTakeoverRiskConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType", + "description": "The account takeover risk configuration object, including the `NotifyConfiguration` object and `Actions` to take if there is an account takeover." + }, + "clientId": { + "type": "string", + "description": "The app client ID. You can specify the risk configuration for a single client (with a specific ClientId) or for all clients (by setting the ClientId to `ALL` )." + }, + "compromisedCredentialsRiskConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType", + "description": "The compromised credentials risk configuration object, including the `EventFilter` and the `EventAction` ." + }, + "riskExceptionConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType", + "description": "The configuration to override the risk decision." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID." + } + }, + "outputs": { + "accountTakeoverRiskConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType", + "description": "The account takeover risk configuration object, including the `NotifyConfiguration` object and `Actions` to take if there is an account takeover." + }, + "clientId": { + "type": "string", + "description": "The app client ID. You can specify the risk configuration for a single client (with a specific ClientId) or for all clients (by setting the ClientId to `ALL` ).", + "replaceOnChanges": true + }, + "compromisedCredentialsRiskConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType", + "description": "The compromised credentials risk configuration object, including the `EventFilter` and the `EventAction` ." + }, + "riskExceptionConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType", + "description": "The configuration to override the risk decision." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID.", + "replaceOnChanges": true + } + }, + "required": [ + "clientId", + "userPoolId" + ], + "createOnly": [ + "clientId", + "userPoolId" + ] + }, + "aws-native:cognito:UserPoolUiCustomizationAttachment": { + "cf": "AWS::Cognito::UserPoolUICustomizationAttachment", + "inputs": { + "clientId": { + "type": "string", + "description": "The client ID for the client app. You can specify the UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId to `ALL` )." + }, + "css": { + "type": "string", + "description": "The CSS values in the UI customization." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool." + } + }, + "outputs": { + "clientId": { + "type": "string", + "description": "The client ID for the client app. You can specify the UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId to `ALL` ).", + "replaceOnChanges": true + }, + "css": { + "type": "string", + "description": "The CSS values in the UI customization." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool.", + "replaceOnChanges": true + } + }, + "required": [ + "clientId", + "userPoolId" + ], + "createOnly": [ + "clientId", + "userPoolId" + ], + "irreversibleNames": { + "css": "CSS" + } + }, + "aws-native:cognito:UserPoolUser": { + "cf": "AWS::Cognito::UserPoolUser", + "inputs": { + "clientMetadata": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.\n\nYou create custom workflows by assigning AWS Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `clientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.\n\nFor more information, see [Customizing user pool Workflows with Lambda Triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .\n\n\u003e When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:\n\u003e \n\u003e - Store the ClientMetadata value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.\n\u003e - Validate the ClientMetadata value.\n\u003e - Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information." + }, + "desiredDeliveryMediums": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specify `\"EMAIL\"` if email will be used to send the welcome message. Specify `\"SMS\"` if the phone number will be used. The default value is `\"SMS\"` . You can specify more than one value." + }, + "forceAliasCreation": { + "type": "boolean", + "description": "This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` . Otherwise, it is ignored.\n\nIf this parameter is set to `True` and the phone number or email address specified in the UserAttributes parameter already exists as an alias with a different user, the API call will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias.\n\nIf this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` ." + }, + "messageAction": { + "type": "string", + "description": "Set to `RESEND` to resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to `SUPPRESS` to suppress sending the message. You can specify only one value." + }, + "userAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:UserPoolUserAttributeType" + }, + "description": "An array of name-value pairs that contain user attributes and attribute values." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool where the user will be created." + }, + "username": { + "type": "string", + "description": "The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.\n\n- The username can't be a duplicate of another username in the same user pool.\n- You can't change the value of a username after you create it.\n- You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) ." + }, + "validationData": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:UserPoolUserAttributeType" + }, + "description": "Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain.\n\nYour Lambda function can analyze this additional data and act on it. Your function might perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs. Validation data might also affect the response that your function returns to Amazon Cognito, like automatically confirming the user if they sign up from within your network.\n\nFor more information about the pre sign-up Lambda trigger, see [Pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) ." + } + }, + "outputs": { + "clientMetadata": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.\n\nYou create custom workflows by assigning AWS Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `clientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.\n\nFor more information, see [Customizing user pool Workflows with Lambda Triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .\n\n\u003e When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:\n\u003e \n\u003e - Store the ClientMetadata value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.\n\u003e - Validate the ClientMetadata value.\n\u003e - Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.", + "replaceOnChanges": true + }, + "desiredDeliveryMediums": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specify `\"EMAIL\"` if email will be used to send the welcome message. Specify `\"SMS\"` if the phone number will be used. The default value is `\"SMS\"` . You can specify more than one value.", + "replaceOnChanges": true + }, + "forceAliasCreation": { + "type": "boolean", + "description": "This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` . Otherwise, it is ignored.\n\nIf this parameter is set to `True` and the phone number or email address specified in the UserAttributes parameter already exists as an alias with a different user, the API call will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias.\n\nIf this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` .", + "replaceOnChanges": true + }, + "messageAction": { + "type": "string", + "description": "Set to `RESEND` to resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to `SUPPRESS` to suppress sending the message. You can specify only one value.", + "replaceOnChanges": true + }, + "userAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:UserPoolUserAttributeType" + }, + "description": "An array of name-value pairs that contain user attributes and attribute values.", + "replaceOnChanges": true + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool where the user will be created.", + "replaceOnChanges": true + }, + "username": { + "type": "string", + "description": "The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.\n\n- The username can't be a duplicate of another username in the same user pool.\n- You can't change the value of a username after you create it.\n- You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", + "replaceOnChanges": true + }, + "validationData": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:UserPoolUserAttributeType" + }, + "description": "Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain.\n\nYour Lambda function can analyze this additional data and act on it. Your function might perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs. Validation data might also affect the response that your function returns to Amazon Cognito, like automatically confirming the user if they sign up from within your network.\n\nFor more information about the pre sign-up Lambda trigger, see [Pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) .", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "username" + }, + "required": [ + "userPoolId" + ], + "createOnly": [ + "clientMetadata", + "desiredDeliveryMediums", + "forceAliasCreation", + "messageAction", + "userAttributes", + "userPoolId", + "username", + "validationData" + ], + "writeOnly": [ + "clientMetadata", + "desiredDeliveryMediums", + "forceAliasCreation", + "messageAction", + "validationData" + ] + }, + "aws-native:cognito:UserPoolUserToGroupAttachment": { + "cf": "AWS::Cognito::UserPoolUserToGroupAttachment", + "inputs": { + "groupName": { + "type": "string", + "description": "The name of the group that you want to add your user to." + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool." + }, + "username": { + "type": "string" + } + }, + "outputs": { + "groupName": { + "type": "string", + "description": "The name of the group that you want to add your user to.", + "replaceOnChanges": true + }, + "userPoolId": { + "type": "string", + "description": "The user pool ID for the user pool.", + "replaceOnChanges": true + }, + "username": { + "type": "string", + "replaceOnChanges": true + } + }, + "required": [ + "groupName", + "userPoolId", + "username" + ], + "createOnly": [ + "groupName", + "userPoolId", + "username" + ] + }, + "aws-native:comprehend:DocumentClassifier": { + "cf": "AWS::Comprehend::DocumentClassifier", + "inputs": { + "dataAccessRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend read access to your input data." + }, + "documentClassifierName": { + "type": "string", + "description": "The name of the document classifier." + }, + "inputDataConfig": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierInputDataConfig", + "description": "Specifies the format and location of the input data for the job." + }, + "languageCode": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierLanguageCode", + "description": "The language of the input documents. You can specify any of the languages supported by Amazon Comprehend. All documents must be in the same language." + }, + "mode": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierMode", + "description": "Indicates the mode in which the classifier will be trained. The classifier can be trained in multi-class (single-label) mode or multi-label mode. Multi-class mode identifies a single class label for each document and multi-label mode identifies one or more class labels for each document. Multiple labels for an individual document are separated by a delimiter. The default delimiter between labels is a pipe (|)." + }, + "modelKmsKeyId": { + "type": "string", + "description": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`" + }, + "modelPolicy": { + "type": "string", + "description": "The resource-based policy to attach to your custom document classifier model. You can use this policy to allow another AWS account to import your custom model.\n\nProvide your policy as a JSON body that you enter as a UTF-8 encoded string without line breaks. To provide valid JSON, enclose the attribute names and values in double quotes. If the JSON body is also enclosed in double quotes, then you must escape the double quotes that are inside the policy:\n\n`\"{\\\"attribute\\\": \\\"value\\\", \\\"attribute\\\": [\\\"value\\\"]}\"`\n\nTo avoid escaping quotes, you can use single quotes to enclose the policy and double quotes to enclose the JSON names and values:\n\n`'{\"attribute\": \"value\", \"attribute\": [\"value\"]}'`" + }, + "outputDataConfig": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierOutputDataConfig", + "description": "Provides output results configuration parameters for custom classifier jobs." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to associate with the document classifier. A tag is a key-value pair that adds as a metadata to a resource used by Amazon Comprehend. For example, a tag with \"Sales\" as the key might be added to a resource to indicate its use by the sales department." + }, + "versionName": { + "type": "string", + "description": "The version name given to the newly created classifier. Version names can have a maximum of 256 characters. Alphanumeric characters, hyphens (-) and underscores (_) are allowed. The version name must be unique among all models with the same classifier name in the AWS account / AWS Region ." + }, + "volumeKmsKeyId": { + "type": "string", + "description": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt data on the storage volume attached to the ML compute instance(s) that process the analysis job. The VolumeKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`" + }, + "vpcConfig": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierVpcConfig", + "description": "Configuration parameters for a private Virtual Private Cloud (VPC) containing the resources you are using for your custom classifier. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the document classifier." + }, + "dataAccessRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend read access to your input data.", + "replaceOnChanges": true + }, + "documentClassifierName": { + "type": "string", + "description": "The name of the document classifier.", + "replaceOnChanges": true + }, + "inputDataConfig": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierInputDataConfig", + "description": "Specifies the format and location of the input data for the job.", + "replaceOnChanges": true + }, + "languageCode": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierLanguageCode", + "description": "The language of the input documents. You can specify any of the languages supported by Amazon Comprehend. All documents must be in the same language.", + "replaceOnChanges": true + }, + "mode": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierMode", + "description": "Indicates the mode in which the classifier will be trained. The classifier can be trained in multi-class (single-label) mode or multi-label mode. Multi-class mode identifies a single class label for each document and multi-label mode identifies one or more class labels for each document. Multiple labels for an individual document are separated by a delimiter. The default delimiter between labels is a pipe (|).", + "replaceOnChanges": true + }, + "modelKmsKeyId": { + "type": "string", + "description": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "replaceOnChanges": true + }, + "modelPolicy": { + "type": "string", + "description": "The resource-based policy to attach to your custom document classifier model. You can use this policy to allow another AWS account to import your custom model.\n\nProvide your policy as a JSON body that you enter as a UTF-8 encoded string without line breaks. To provide valid JSON, enclose the attribute names and values in double quotes. If the JSON body is also enclosed in double quotes, then you must escape the double quotes that are inside the policy:\n\n`\"{\\\"attribute\\\": \\\"value\\\", \\\"attribute\\\": [\\\"value\\\"]}\"`\n\nTo avoid escaping quotes, you can use single quotes to enclose the policy and double quotes to enclose the JSON names and values:\n\n`'{\"attribute\": \"value\", \"attribute\": [\"value\"]}'`" + }, + "outputDataConfig": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierOutputDataConfig", + "description": "Provides output results configuration parameters for custom classifier jobs.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to associate with the document classifier. A tag is a key-value pair that adds as a metadata to a resource used by Amazon Comprehend. For example, a tag with \"Sales\" as the key might be added to a resource to indicate its use by the sales department." + }, + "versionName": { + "type": "string", + "description": "The version name given to the newly created classifier. Version names can have a maximum of 256 characters. Alphanumeric characters, hyphens (-) and underscores (_) are allowed. The version name must be unique among all models with the same classifier name in the AWS account / AWS Region .", + "replaceOnChanges": true + }, + "volumeKmsKeyId": { + "type": "string", + "description": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt data on the storage volume attached to the ML compute instance(s) that process the analysis job. The VolumeKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", + "replaceOnChanges": true + }, + "vpcConfig": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierVpcConfig", + "description": "Configuration parameters for a private Virtual Private Cloud (VPC) containing the resources you are using for your custom classifier. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "documentClassifierName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "dataAccessRoleArn", + "inputDataConfig", + "languageCode" + ], + "createOnly": [ + "dataAccessRoleArn", + "documentClassifierName", + "inputDataConfig", + "languageCode", + "mode", + "modelKmsKeyId", + "outputDataConfig", + "versionName", + "volumeKmsKeyId", + "vpcConfig" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:comprehend:Flywheel": { + "cf": "AWS::Comprehend::Flywheel", + "inputs": { + "activeModelArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the active model version." + }, + "dataAccessRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend permission to access the flywheel data." + }, + "dataLakeS3Uri": { + "type": "string", + "description": "Amazon S3 URI of the data lake location." + }, + "dataSecurityConfig": { + "$ref": "#/types/aws-native:comprehend:FlywheelDataSecurityConfig", + "description": "Data security configuration." + }, + "flywheelName": { + "type": "string", + "description": "Name for the flywheel." + }, + "modelType": { + "$ref": "#/types/aws-native:comprehend:FlywheelModelType", + "description": "Model type of the flywheel's model." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with the endpoint being created. A tag is a key-value pair that adds metadata to the endpoint. For example, a tag with \"Sales\" as the key might be added to an endpoint to indicate its use by the sales department." + }, + "taskConfig": { + "$ref": "#/types/aws-native:comprehend:FlywheelTaskConfig", + "description": "Configuration about the model associated with a flywheel." + } + }, + "outputs": { + "activeModelArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the active model version." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the flywheel." + }, + "dataAccessRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend permission to access the flywheel data." + }, + "dataLakeS3Uri": { + "type": "string", + "description": "Amazon S3 URI of the data lake location.", + "replaceOnChanges": true + }, + "dataSecurityConfig": { + "$ref": "#/types/aws-native:comprehend:FlywheelDataSecurityConfig", + "description": "Data security configuration." + }, + "flywheelName": { + "type": "string", + "description": "Name for the flywheel.", + "replaceOnChanges": true + }, + "modelType": { + "$ref": "#/types/aws-native:comprehend:FlywheelModelType", + "description": "Model type of the flywheel's model.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with the endpoint being created. A tag is a key-value pair that adds metadata to the endpoint. For example, a tag with \"Sales\" as the key might be added to an endpoint to indicate its use by the sales department." + }, + "taskConfig": { + "$ref": "#/types/aws-native:comprehend:FlywheelTaskConfig", + "description": "Configuration about the model associated with a flywheel.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "flywheelName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "dataAccessRoleArn", + "dataLakeS3Uri" + ], + "createOnly": [ + "dataLakeS3Uri", + "flywheelName", + "modelType", + "taskConfig" + ], + "irreversibleNames": { + "dataLakeS3Uri": "DataLakeS3Uri" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:configuration:AggregationAuthorization": { + "cf": "AWS::Config::AggregationAuthorization", + "inputs": { + "authorizedAccountId": { + "type": "string", + "description": "The 12-digit account ID of the account authorized to aggregate data." + }, + "authorizedAwsRegion": { + "type": "string", + "description": "The region authorized to collect aggregated data." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the AggregationAuthorization." + } + }, + "outputs": { + "aggregationAuthorizationArn": { + "type": "string", + "description": "The ARN of the AggregationAuthorization." + }, + "authorizedAccountId": { + "type": "string", + "description": "The 12-digit account ID of the account authorized to aggregate data.", + "replaceOnChanges": true + }, + "authorizedAwsRegion": { + "type": "string", + "description": "The region authorized to collect aggregated data.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the AggregationAuthorization." + } + }, + "required": [ + "authorizedAccountId", + "authorizedAwsRegion" + ], + "createOnly": [ + "authorizedAccountId", + "authorizedAwsRegion" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:configuration:ConfigRule": { + "cf": "AWS::Config::ConfigRule", + "inputs": { + "compliance": { + "$ref": "#/types/aws-native:configuration:ComplianceProperties", + "description": "Indicates whether an AWS resource or CC rule is compliant and provides the number of contributors that affect the compliance." + }, + "configRuleName": { + "type": "string", + "description": "A name for the CC rule. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html)." + }, + "description": { + "type": "string", + "description": "The description that you provide for the CC rule." + }, + "evaluationModes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:configuration:ConfigRuleEvaluationModeConfiguration" + }, + "description": "The modes the CC rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only." + }, + "inputParameters": { + "$ref": "pulumi.json#/Any", + "description": "A string, in JSON format, that is passed to the CC rule Lambda function.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Config::ConfigRule` for more information about the expected schema for this property." + }, + "maximumExecutionFrequency": { + "type": "string", + "description": "The maximum frequency with which CC runs evaluations for a rule. You can specify a value for ``MaximumExecutionFrequency`` when:\n + You are using an AWS managed rule that is triggered at a periodic frequency.\n + Your custom rule is triggered when CC delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html).\n \n By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the ``MaximumExecutionFrequency`` parameter." + }, + "scope": { + "$ref": "#/types/aws-native:configuration:ConfigRuleScope", + "description": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.\n The scope can be empty." + }, + "source": { + "$ref": "#/types/aws-native:configuration:ConfigRuleSource", + "description": "Provides the rule owner (```` for managed rules, ``CUSTOM_POLICY`` for Custom Policy rules, and ``CUSTOM_LAMBDA`` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Config rule, such as `arn:aws:config:us-east-1:123456789012:config-rule/config-rule-a1bzhi` ." + }, + "compliance": { + "$ref": "#/types/aws-native:configuration:ComplianceProperties", + "description": "Indicates whether an AWS resource or CC rule is compliant and provides the number of contributors that affect the compliance." + }, + "configRuleId": { + "type": "string", + "description": "The ID of the AWS Config rule, such as `config-rule-a1bzhi` ." + }, + "configRuleName": { + "type": "string", + "description": "A name for the CC rule. If you don't specify a name, CFN generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description that you provide for the CC rule." + }, + "evaluationModes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:configuration:ConfigRuleEvaluationModeConfiguration" + }, + "description": "The modes the CC rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only." + }, + "inputParameters": { + "$ref": "pulumi.json#/Any", + "description": "A string, in JSON format, that is passed to the CC rule Lambda function.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Config::ConfigRule` for more information about the expected schema for this property." + }, + "maximumExecutionFrequency": { + "type": "string", + "description": "The maximum frequency with which CC runs evaluations for a rule. You can specify a value for ``MaximumExecutionFrequency`` when:\n + You are using an AWS managed rule that is triggered at a periodic frequency.\n + Your custom rule is triggered when CC delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html).\n \n By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the ``MaximumExecutionFrequency`` parameter." + }, + "scope": { + "$ref": "#/types/aws-native:configuration:ConfigRuleScope", + "description": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.\n The scope can be empty." + }, + "source": { + "$ref": "#/types/aws-native:configuration:ConfigRuleSource", + "description": "Provides the rule owner (```` for managed rules, ``CUSTOM_POLICY`` for Custom Policy rules, and ``CUSTOM_LAMBDA`` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources." + } + }, + "autoNamingSpec": { + "sdkName": "configRuleName" + }, + "required": [ + "source" + ], + "createOnly": [ + "configRuleName" + ], + "writeOnly": [ + "source/CustomPolicyDetails/PolicyText" + ] + }, + "aws-native:configuration:ConfigurationAggregator": { + "cf": "AWS::Config::ConfigurationAggregator", + "inputs": { + "accountAggregationSources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:configuration:ConfigurationAggregatorAccountAggregationSource" + }, + "description": "Provides a list of source accounts and regions to be aggregated." + }, + "configurationAggregatorName": { + "type": "string", + "description": "The name of the aggregator." + }, + "organizationAggregationSource": { + "$ref": "#/types/aws-native:configuration:ConfigurationAggregatorOrganizationAggregationSource", + "description": "Provides an organization and list of regions to be aggregated." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the configuration aggregator." + } + }, + "outputs": { + "accountAggregationSources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:configuration:ConfigurationAggregatorAccountAggregationSource" + }, + "description": "Provides a list of source accounts and regions to be aggregated." + }, + "configurationAggregatorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the aggregator." + }, + "configurationAggregatorName": { + "type": "string", + "description": "The name of the aggregator.", + "replaceOnChanges": true + }, + "organizationAggregationSource": { + "$ref": "#/types/aws-native:configuration:ConfigurationAggregatorOrganizationAggregationSource", + "description": "Provides an organization and list of regions to be aggregated." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the configuration aggregator." + } + }, + "autoNamingSpec": { + "sdkName": "configurationAggregatorName", + "minLength": 1, + "maxLength": 256 + }, + "createOnly": [ + "configurationAggregatorName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:configuration:ConformancePack": { + "cf": "AWS::Config::ConformancePack", + "inputs": { + "conformancePackInputParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:configuration:ConformancePackInputParameter" + }, + "description": "A list of ConformancePackInputParameter objects." + }, + "conformancePackName": { + "type": "string", + "description": "Name of the conformance pack which will be assigned as the unique identifier." + }, + "deliveryS3Bucket": { + "type": "string", + "description": "AWS Config stores intermediate files while processing conformance pack template." + }, + "deliveryS3KeyPrefix": { + "type": "string", + "description": "The prefix for delivery S3 bucket." + }, + "templateBody": { + "type": "string", + "description": "A string containing full conformance pack template body. You can only specify one of the template body or template S3Uri fields." + }, + "templateS3Uri": { + "type": "string", + "description": "Location of file containing the template body which points to the conformance pack template that is located in an Amazon S3 bucket. You can only specify one of the template body or template S3Uri fields." + }, + "templateSsmDocumentDetails": { + "$ref": "#/types/aws-native:configuration:TemplateSsmDocumentDetailsProperties", + "description": "The TemplateSSMDocumentDetails object contains the name of the SSM document and the version of the SSM document." + } + }, + "outputs": { + "conformancePackInputParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:configuration:ConformancePackInputParameter" + }, + "description": "A list of ConformancePackInputParameter objects." + }, + "conformancePackName": { + "type": "string", + "description": "Name of the conformance pack which will be assigned as the unique identifier.", + "replaceOnChanges": true + }, + "deliveryS3Bucket": { + "type": "string", + "description": "AWS Config stores intermediate files while processing conformance pack template." + }, + "deliveryS3KeyPrefix": { + "type": "string", + "description": "The prefix for delivery S3 bucket." + }, + "templateBody": { + "type": "string", + "description": "A string containing full conformance pack template body. You can only specify one of the template body or template S3Uri fields." + }, + "templateS3Uri": { + "type": "string", + "description": "Location of file containing the template body which points to the conformance pack template that is located in an Amazon S3 bucket. You can only specify one of the template body or template S3Uri fields." + }, + "templateSsmDocumentDetails": { + "$ref": "#/types/aws-native:configuration:TemplateSsmDocumentDetailsProperties", + "description": "The TemplateSSMDocumentDetails object contains the name of the SSM document and the version of the SSM document." + } + }, + "autoNamingSpec": { + "sdkName": "conformancePackName", + "minLength": 1, + "maxLength": 256 + }, + "createOnly": [ + "conformancePackName" + ], + "writeOnly": [ + "templateBody", + "templateS3Uri", + "templateSsmDocumentDetails" + ], + "irreversibleNames": { + "deliveryS3Bucket": "DeliveryS3Bucket", + "deliveryS3KeyPrefix": "DeliveryS3KeyPrefix", + "templateS3Uri": "TemplateS3Uri", + "templateSsmDocumentDetails": "TemplateSSMDocumentDetails" + }, + "tagsProperty": "tags" + }, + "aws-native:configuration:OrganizationConformancePack": { + "cf": "AWS::Config::OrganizationConformancePack", + "inputs": { + "conformancePackInputParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:configuration:OrganizationConformancePackConformancePackInputParameter" + }, + "description": "A list of ConformancePackInputParameter objects." + }, + "deliveryS3Bucket": { + "type": "string", + "description": "AWS Config stores intermediate files while processing conformance pack template." + }, + "deliveryS3KeyPrefix": { + "type": "string", + "description": "The prefix for the delivery S3 bucket." + }, + "excludedAccounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of AWS accounts to be excluded from an organization conformance pack while deploying a conformance pack." + }, + "organizationConformancePackName": { + "type": "string", + "description": "The name of the organization conformance pack." + }, + "templateBody": { + "type": "string", + "description": "A string containing full conformance pack template body." + }, + "templateS3Uri": { + "type": "string", + "description": "Location of file containing the template body." + } + }, + "outputs": { + "conformancePackInputParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:configuration:OrganizationConformancePackConformancePackInputParameter" + }, + "description": "A list of ConformancePackInputParameter objects." + }, + "deliveryS3Bucket": { + "type": "string", + "description": "AWS Config stores intermediate files while processing conformance pack template." + }, + "deliveryS3KeyPrefix": { + "type": "string", + "description": "The prefix for the delivery S3 bucket." + }, + "excludedAccounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of AWS accounts to be excluded from an organization conformance pack while deploying a conformance pack." + }, + "organizationConformancePackName": { + "type": "string", + "description": "The name of the organization conformance pack.", + "replaceOnChanges": true + }, + "templateBody": { + "type": "string", + "description": "A string containing full conformance pack template body." + }, + "templateS3Uri": { + "type": "string", + "description": "Location of file containing the template body." + } + }, + "autoNamingSpec": { + "sdkName": "organizationConformancePackName", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "organizationConformancePackName" + ], + "writeOnly": [ + "templateBody", + "templateS3Uri" + ], + "irreversibleNames": { + "deliveryS3Bucket": "DeliveryS3Bucket", + "deliveryS3KeyPrefix": "DeliveryS3KeyPrefix", + "templateS3Uri": "TemplateS3Uri" + }, + "tagsProperty": "tags" + }, + "aws-native:configuration:StoredQuery": { + "cf": "AWS::Config::StoredQuery", + "inputs": { + "queryDescription": { + "type": "string", + "description": "A unique description for the query." + }, + "queryExpression": { + "type": "string", + "description": "The expression of the query. For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`" + }, + "queryName": { + "type": "string", + "description": "The name of the query." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the stored query." + } + }, + "outputs": { + "queryArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the query. For example, arn:partition:service:region:account-id:resource-type/resource-name/resource-id." + }, + "queryDescription": { + "type": "string", + "description": "A unique description for the query." + }, + "queryExpression": { + "type": "string", + "description": "The expression of the query. For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`" + }, + "queryId": { + "type": "string", + "description": "The ID of the query." + }, + "queryName": { + "type": "string", + "description": "The name of the query.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the stored query." + } + }, + "autoNamingSpec": { + "sdkName": "queryName", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "queryExpression" + ], + "createOnly": [ + "queryName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:ApprovedOrigin": { + "cf": "AWS::Connect::ApprovedOrigin", + "inputs": { + "instanceId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`" + }, + "origin": { + "type": "string", + "description": "Domain name to be added to the allow-list of the instance.\n\n*Maximum* : `267`" + } + }, + "outputs": { + "instanceId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "replaceOnChanges": true + }, + "origin": { + "type": "string", + "description": "Domain name to be added to the allow-list of the instance.\n\n*Maximum* : `267`", + "replaceOnChanges": true + } + }, + "required": [ + "instanceId", + "origin" + ], + "createOnly": [ + "instanceId", + "origin" + ] + }, + "aws-native:connect:ContactFlow": { + "cf": "AWS::Connect::ContactFlow", + "inputs": { + "content": { + "type": "string", + "description": "The content of the contact flow in JSON format." + }, + "description": { + "type": "string", + "description": "The description of the contact flow." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance (ARN)." + }, + "name": { + "type": "string", + "description": "The name of the contact flow." + }, + "state": { + "$ref": "#/types/aws-native:connect:ContactFlowState", + "description": "The state of the contact flow." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "type": { + "$ref": "#/types/aws-native:connect:ContactFlowType", + "description": "The type of the contact flow." + } + }, + "outputs": { + "contactFlowArn": { + "type": "string", + "description": "The identifier of the contact flow (ARN)." + }, + "content": { + "type": "string", + "description": "The content of the contact flow in JSON format." + }, + "description": { + "type": "string", + "description": "The description of the contact flow." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance (ARN)." + }, + "name": { + "type": "string", + "description": "The name of the contact flow." + }, + "state": { + "$ref": "#/types/aws-native:connect:ContactFlowState", + "description": "The state of the contact flow." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "type": { + "$ref": "#/types/aws-native:connect:ContactFlowType", + "description": "The type of the contact flow.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "content", + "instanceArn", + "type" + ], + "createOnly": [ + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:ContactFlowModule": { + "cf": "AWS::Connect::ContactFlowModule", + "inputs": { + "content": { + "type": "string", + "description": "The content of the contact flow module in JSON format." + }, + "description": { + "type": "string", + "description": "The description of the contact flow module." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance (ARN)." + }, + "name": { + "type": "string", + "description": "The name of the contact flow module." + }, + "state": { + "type": "string", + "description": "The state of the contact flow module." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + } + }, + "outputs": { + "contactFlowModuleArn": { + "type": "string", + "description": "The identifier of the contact flow module (ARN)." + }, + "content": { + "type": "string", + "description": "The content of the contact flow module in JSON format." + }, + "description": { + "type": "string", + "description": "The description of the contact flow module." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance (ARN)." + }, + "name": { + "type": "string", + "description": "The name of the contact flow module." + }, + "state": { + "type": "string", + "description": "The state of the contact flow module." + }, + "status": { + "type": "string", + "description": "The status of the contact flow module." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "content", + "instanceArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:EvaluationForm": { + "cf": "AWS::Connect::EvaluationForm", + "inputs": { + "description": { + "type": "string", + "description": "The description of the evaluation form.\n *Length Constraints*: Minimum length of 0. Maximum length of 1024." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "items": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:EvaluationFormBaseItem" + }, + "description": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n *Minimum size*: 1\n *Maximum size*: 100" + }, + "scoringStrategy": { + "$ref": "#/types/aws-native:connect:EvaluationFormScoringStrategy", + "description": "A scoring strategy of the evaluation form." + }, + "status": { + "$ref": "#/types/aws-native:connect:EvaluationFormStatus", + "description": "The status of the evaluation form.\n *Allowed values*: ``DRAFT`` | ``ACTIVE``" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + }, + "title": { + "type": "string", + "description": "A title of the evaluation form." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the evaluation form.\n *Length Constraints*: Minimum length of 0. Maximum length of 1024." + }, + "evaluationFormArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the evaluation form." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "items": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:EvaluationFormBaseItem" + }, + "description": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n *Minimum size*: 1\n *Maximum size*: 100" + }, + "scoringStrategy": { + "$ref": "#/types/aws-native:connect:EvaluationFormScoringStrategy", + "description": "A scoring strategy of the evaluation form." + }, + "status": { + "$ref": "#/types/aws-native:connect:EvaluationFormStatus", + "description": "The status of the evaluation form.\n *Allowed values*: ``DRAFT`` | ``ACTIVE``" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + }, + "title": { + "type": "string", + "description": "A title of the evaluation form." + } + }, + "required": [ + "instanceArn", + "items", + "status", + "title" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:HoursOfOperation": { + "cf": "AWS::Connect::HoursOfOperation", + "inputs": { + "config": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:HoursOfOperationConfig" + }, + "description": "Configuration information for the hours of operation: day, start time, and end time." + }, + "description": { + "type": "string", + "description": "The description of the hours of operation." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "name": { + "type": "string", + "description": "The name of the hours of operation." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "timeZone": { + "type": "string", + "description": "The time zone of the hours of operation." + } + }, + "outputs": { + "config": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:HoursOfOperationConfig" + }, + "description": "Configuration information for the hours of operation: day, start time, and end time." + }, + "description": { + "type": "string", + "description": "The description of the hours of operation." + }, + "hoursOfOperationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the hours of operation." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "name": { + "type": "string", + "description": "The name of the hours of operation." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "timeZone": { + "type": "string", + "description": "The time zone of the hours of operation." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "config", + "instanceArn", + "timeZone" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:Instance": { + "cf": "AWS::Connect::Instance", + "inputs": { + "attributes": { + "$ref": "#/types/aws-native:connect:InstanceAttributes", + "description": "The attributes for the instance." + }, + "directoryId": { + "type": "string", + "description": "Existing directoryId user wants to map to the new Connect instance." + }, + "identityManagementType": { + "$ref": "#/types/aws-native:connect:InstanceIdentityManagementType", + "description": "Specifies the type of directory integration for new instance." + }, + "instanceAlias": { + "type": "string", + "description": "Alias of the new directory created as part of new instance creation." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "An instanceArn is automatically generated on creation based on instanceId." + }, + "attributes": { + "$ref": "#/types/aws-native:connect:InstanceAttributes", + "description": "The attributes for the instance." + }, + "awsId": { + "type": "string", + "description": "An instanceId is automatically generated on creation and assigned as the unique identifier." + }, + "createdTime": { + "type": "string", + "description": "Timestamp of instance creation logged as part of instance creation." + }, + "directoryId": { + "type": "string", + "description": "Existing directoryId user wants to map to the new Connect instance.", + "replaceOnChanges": true + }, + "identityManagementType": { + "$ref": "#/types/aws-native:connect:InstanceIdentityManagementType", + "description": "Specifies the type of directory integration for new instance.", + "replaceOnChanges": true + }, + "instanceAlias": { + "type": "string", + "description": "Alias of the new directory created as part of new instance creation.", + "replaceOnChanges": true + }, + "instanceStatus": { + "$ref": "#/types/aws-native:connect:InstanceStatus", + "description": "Specifies the creation status of new instance." + }, + "serviceRole": { + "type": "string", + "description": "Service linked role created as part of instance creation." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "attributes", + "identityManagementType" + ], + "createOnly": [ + "directoryId", + "identityManagementType", + "instanceAlias" + ], + "writeOnly": [ + "directoryId" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:InstanceStorageConfig": { + "cf": "AWS::Connect::InstanceStorageConfig", + "inputs": { + "instanceArn": { + "type": "string", + "description": "Connect Instance ID with which the storage config will be associated" + }, + "kinesisFirehoseConfig": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigKinesisFirehoseConfig", + "description": "The configuration of the Kinesis Firehose delivery stream." + }, + "kinesisStreamConfig": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigKinesisStreamConfig", + "description": "The configuration of the Kinesis data stream." + }, + "kinesisVideoStreamConfig": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigKinesisVideoStreamConfig", + "description": "The configuration of the Kinesis video stream." + }, + "resourceType": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigInstanceStorageResourceType", + "description": "A valid resource type. Following are the valid resource types: `CHAT_TRANSCRIPTS` | `CALL_RECORDINGS` | `SCHEDULED_REPORTS` | `MEDIA_STREAMS` | `CONTACT_TRACE_RECORDS` | `AGENT_EVENTS`" + }, + "s3Config": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigS3Config", + "description": "The S3 bucket configuration." + }, + "storageType": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigStorageType", + "description": "A valid storage type." + } + }, + "outputs": { + "associationId": { + "type": "string", + "description": "The existing association identifier that uniquely identifies the resource type and storage config for the given instance ID." + }, + "instanceArn": { + "type": "string", + "description": "Connect Instance ID with which the storage config will be associated", + "replaceOnChanges": true + }, + "kinesisFirehoseConfig": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigKinesisFirehoseConfig", + "description": "The configuration of the Kinesis Firehose delivery stream." + }, + "kinesisStreamConfig": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigKinesisStreamConfig", + "description": "The configuration of the Kinesis data stream." + }, + "kinesisVideoStreamConfig": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigKinesisVideoStreamConfig", + "description": "The configuration of the Kinesis video stream." + }, + "resourceType": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigInstanceStorageResourceType", + "description": "A valid resource type. Following are the valid resource types: `CHAT_TRANSCRIPTS` | `CALL_RECORDINGS` | `SCHEDULED_REPORTS` | `MEDIA_STREAMS` | `CONTACT_TRACE_RECORDS` | `AGENT_EVENTS`", + "replaceOnChanges": true + }, + "s3Config": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigS3Config", + "description": "The S3 bucket configuration." + }, + "storageType": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigStorageType", + "description": "A valid storage type." + } + }, + "required": [ + "instanceArn", + "resourceType", + "storageType" + ], + "createOnly": [ + "instanceArn", + "resourceType" + ], + "irreversibleNames": { + "s3Config": "S3Config" + } + }, + "aws-native:connect:IntegrationAssociation": { + "cf": "AWS::Connect::IntegrationAssociation", + "inputs": { + "instanceId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`" + }, + "integrationArn": { + "type": "string", + "description": "ARN of the integration being associated with the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `140`" + }, + "integrationType": { + "$ref": "#/types/aws-native:connect:IntegrationAssociationIntegrationType", + "description": "Specifies the integration type to be associated with the instance.\n\n*Allowed Values* : `LEX_BOT` | `LAMBDA_FUNCTION`" + } + }, + "outputs": { + "instanceId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "replaceOnChanges": true + }, + "integrationArn": { + "type": "string", + "description": "ARN of the integration being associated with the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `140`", + "replaceOnChanges": true + }, + "integrationAssociationId": { + "type": "string", + "description": "Identifier of the association with an Amazon Connect instance." + }, + "integrationType": { + "$ref": "#/types/aws-native:connect:IntegrationAssociationIntegrationType", + "description": "Specifies the integration type to be associated with the instance.\n\n*Allowed Values* : `LEX_BOT` | `LAMBDA_FUNCTION`", + "replaceOnChanges": true + } + }, + "required": [ + "instanceId", + "integrationArn", + "integrationType" + ], + "createOnly": [ + "instanceId", + "integrationArn", + "integrationType" + ] + }, + "aws-native:connect:PhoneNumber": { + "cf": "AWS::Connect::PhoneNumber", + "inputs": { + "countryCode": { + "type": "string", + "description": "The phone number country code." + }, + "description": { + "type": "string", + "description": "The description of the phone number." + }, + "prefix": { + "type": "string", + "description": "The phone number prefix." + }, + "sourcePhoneNumberArn": { + "type": "string", + "description": "The source phone number arn." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "targetArn": { + "type": "string", + "description": "The ARN of the target the phone number is claimed to." + }, + "type": { + "type": "string", + "description": "The phone number type" + } + }, + "outputs": { + "address": { + "type": "string", + "description": "The phone number e164 address." + }, + "countryCode": { + "type": "string", + "description": "The phone number country code.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the phone number." + }, + "phoneNumberArn": { + "type": "string", + "description": "The phone number ARN" + }, + "prefix": { + "type": "string", + "description": "The phone number prefix.", + "replaceOnChanges": true + }, + "sourcePhoneNumberArn": { + "type": "string", + "description": "The source phone number arn.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "targetArn": { + "type": "string", + "description": "The ARN of the target the phone number is claimed to." + }, + "type": { + "type": "string", + "description": "The phone number type", + "replaceOnChanges": true + } + }, + "required": [ + "targetArn" + ], + "createOnly": [ + "countryCode", + "prefix", + "sourcePhoneNumberArn", + "type" + ], + "writeOnly": [ + "prefix" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:PredefinedAttribute": { + "cf": "AWS::Connect::PredefinedAttribute", + "inputs": { + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "name": { + "type": "string", + "description": "The name of the predefined attribute." + }, + "values": { + "$ref": "#/types/aws-native:connect:ValuesProperties", + "description": "The values of a predefined attribute." + } + }, + "outputs": { + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance.", + "replaceOnChanges": true + }, + "lastModifiedRegion": { + "type": "string", + "description": "Last modified region." + }, + "lastModifiedTime": { + "type": "number", + "description": "Last modified time." + }, + "name": { + "type": "string", + "description": "The name of the predefined attribute.", + "replaceOnChanges": true + }, + "values": { + "$ref": "#/types/aws-native:connect:ValuesProperties", + "description": "The values of a predefined attribute." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "instanceArn", + "values" + ], + "createOnly": [ + "instanceArn", + "name" + ] + }, + "aws-native:connect:Prompt": { + "cf": "AWS::Connect::Prompt", + "inputs": { + "description": { + "type": "string", + "description": "The description of the prompt." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "name": { + "type": "string", + "description": "The name of the prompt." + }, + "s3Uri": { + "type": "string", + "description": "S3 URI of the customer's audio file for creating prompts resource.." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the prompt." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "name": { + "type": "string", + "description": "The name of the prompt." + }, + "promptArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the prompt." + }, + "s3Uri": { + "type": "string", + "description": "S3 URI of the customer's audio file for creating prompts resource.." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "instanceArn" + ], + "writeOnly": [ + "s3Uri" + ], + "irreversibleNames": { + "s3Uri": "S3Uri" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:Queue": { + "cf": "AWS::Connect::Queue", + "inputs": { + "description": { + "type": "string", + "description": "The description of the queue." + }, + "hoursOfOperationArn": { + "type": "string", + "description": "The identifier for the hours of operation." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "maxContacts": { + "type": "integer", + "description": "The maximum number of contacts that can be in the queue before it is considered full." + }, + "name": { + "type": "string", + "description": "The name of the queue." + }, + "outboundCallerConfig": { + "$ref": "#/types/aws-native:connect:QueueOutboundCallerConfig", + "description": "The outbound caller ID name, number, and outbound whisper flow." + }, + "quickConnectArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The quick connects available to agents who are working the queue." + }, + "status": { + "$ref": "#/types/aws-native:connect:QueueStatus", + "description": "The status of the queue." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the queue." + }, + "hoursOfOperationArn": { + "type": "string", + "description": "The identifier for the hours of operation." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "maxContacts": { + "type": "integer", + "description": "The maximum number of contacts that can be in the queue before it is considered full." + }, + "name": { + "type": "string", + "description": "The name of the queue." + }, + "outboundCallerConfig": { + "$ref": "#/types/aws-native:connect:QueueOutboundCallerConfig", + "description": "The outbound caller ID name, number, and outbound whisper flow." + }, + "queueArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the queue." + }, + "quickConnectArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The quick connects available to agents who are working the queue." + }, + "status": { + "$ref": "#/types/aws-native:connect:QueueStatus", + "description": "The status of the queue." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "type": { + "$ref": "#/types/aws-native:connect:QueueType", + "description": "The type of queue." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "hoursOfOperationArn", + "instanceArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:QuickConnect": { + "cf": "AWS::Connect::QuickConnect", + "inputs": { + "description": { + "type": "string", + "description": "The description of the quick connect." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "name": { + "type": "string", + "description": "The name of the quick connect." + }, + "quickConnectConfig": { + "$ref": "#/types/aws-native:connect:QuickConnectConfig", + "description": "Configuration settings for the quick connect." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the quick connect." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "name": { + "type": "string", + "description": "The name of the quick connect." + }, + "quickConnectArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the quick connect." + }, + "quickConnectConfig": { + "$ref": "#/types/aws-native:connect:QuickConnectConfig", + "description": "Configuration settings for the quick connect." + }, + "quickConnectType": { + "$ref": "#/types/aws-native:connect:QuickConnectType", + "description": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "instanceArn", + "quickConnectConfig" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:RoutingProfile": { + "cf": "AWS::Connect::RoutingProfile", + "inputs": { + "agentAvailabilityTimer": { + "$ref": "#/types/aws-native:connect:RoutingProfileAgentAvailabilityTimer", + "description": "Whether agents with this routing profile will have their routing order calculated based on longest idle time or time since their last inbound contact." + }, + "defaultOutboundQueueArn": { + "type": "string", + "description": "The identifier of the default outbound queue for this routing profile." + }, + "description": { + "type": "string", + "description": "The description of the routing profile." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "mediaConcurrencies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RoutingProfileMediaConcurrency" + }, + "description": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile." + }, + "name": { + "type": "string", + "description": "The name of the routing profile." + }, + "queueConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RoutingProfileQueueConfig" + }, + "description": "The queues to associate with this routing profile." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "agentAvailabilityTimer": { + "$ref": "#/types/aws-native:connect:RoutingProfileAgentAvailabilityTimer", + "description": "Whether agents with this routing profile will have their routing order calculated based on longest idle time or time since their last inbound contact." + }, + "defaultOutboundQueueArn": { + "type": "string", + "description": "The identifier of the default outbound queue for this routing profile." + }, + "description": { + "type": "string", + "description": "The description of the routing profile." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "mediaConcurrencies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RoutingProfileMediaConcurrency" + }, + "description": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile." + }, + "name": { + "type": "string", + "description": "The name of the routing profile." + }, + "queueConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RoutingProfileQueueConfig" + }, + "description": "The queues to associate with this routing profile." + }, + "routingProfileArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the routing profile." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "defaultOutboundQueueArn", + "description", + "instanceArn", + "mediaConcurrencies" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:Rule": { + "cf": "AWS::Connect::Rule", + "inputs": { + "actions": { + "$ref": "#/types/aws-native:connect:RuleActions", + "description": "The list of actions that will be executed when a rule is triggered." + }, + "function": { + "type": "string", + "description": "The conditions of a rule." + }, + "instanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance." + }, + "name": { + "type": "string", + "description": "The name of the rule." + }, + "publishStatus": { + "$ref": "#/types/aws-native:connect:RulePublishStatus", + "description": "The publish status of a rule, either draft or published." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "triggerEventSource": { + "$ref": "#/types/aws-native:connect:RuleTriggerEventSource", + "description": "The event source that triggers the rule." + } + }, + "outputs": { + "actions": { + "$ref": "#/types/aws-native:connect:RuleActions", + "description": "The list of actions that will be executed when a rule is triggered." + }, + "function": { + "type": "string", + "description": "The conditions of a rule." + }, + "instanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the rule." + }, + "publishStatus": { + "$ref": "#/types/aws-native:connect:RulePublishStatus", + "description": "The publish status of a rule, either draft or published." + }, + "ruleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the rule." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "triggerEventSource": { + "$ref": "#/types/aws-native:connect:RuleTriggerEventSource", + "description": "The event source that triggers the rule.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "actions", + "function", + "instanceArn", + "publishStatus", + "triggerEventSource" + ], + "createOnly": [ + "instanceArn", + "triggerEventSource" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:SecurityKey": { + "cf": "AWS::Connect::SecurityKey", + "inputs": { + "instanceId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`" + }, + "key": { + "type": "string", + "description": "A valid security key in PEM format. For example:\n\n`\"-----BEGIN PUBLIC KEY-----\\ [a lot of characters] ----END PUBLIC KEY-----\"`\n\n*Minimum* : `1`\n\n*Maximum* : `1024`" + } + }, + "outputs": { + "associationId": { + "type": "string", + "description": "An `AssociationId` is automatically generated when a storage config is associated with an instance." + }, + "instanceId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", + "replaceOnChanges": true + }, + "key": { + "type": "string", + "description": "A valid security key in PEM format. For example:\n\n`\"-----BEGIN PUBLIC KEY-----\\ [a lot of characters] ----END PUBLIC KEY-----\"`\n\n*Minimum* : `1`\n\n*Maximum* : `1024`", + "replaceOnChanges": true + } + }, + "required": [ + "instanceId", + "key" + ], + "createOnly": [ + "instanceId", + "key" + ] + }, + "aws-native:connect:SecurityProfile": { + "cf": "AWS::Connect::SecurityProfile", + "inputs": { + "allowedAccessControlHierarchyGroupId": { + "type": "string", + "description": "The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect." + }, + "allowedAccessControlTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:SecurityProfileTag" + }, + "description": "The list of tags that a security profile uses to restrict access to resources in Amazon Connect." + }, + "applications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:SecurityProfileApplication" + }, + "description": "A list of third-party applications that the security profile will give access to." + }, + "description": { + "type": "string", + "description": "The description of the security profile." + }, + "hierarchyRestrictedResources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "permissions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Permissions assigned to the security profile." + }, + "securityProfileName": { + "type": "string", + "description": "The name of the security profile." + }, + "tagRestrictedResources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of resources that a security profile applies tag restrictions to in Amazon Connect." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + } + }, + "outputs": { + "allowedAccessControlHierarchyGroupId": { + "type": "string", + "description": "The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect." + }, + "allowedAccessControlTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:SecurityProfileTag" + }, + "description": "The list of tags that a security profile uses to restrict access to resources in Amazon Connect." + }, + "applications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:SecurityProfileApplication" + }, + "description": "A list of third-party applications that the security profile will give access to." + }, + "description": { + "type": "string", + "description": "The description of the security profile." + }, + "hierarchyRestrictedResources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance.", + "replaceOnChanges": true + }, + "lastModifiedRegion": { + "type": "string", + "description": "The AWS Region where this resource was last modified." + }, + "lastModifiedTime": { + "type": "number", + "description": "The timestamp when this resource was last modified." + }, + "permissions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Permissions assigned to the security profile." + }, + "securityProfileArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the security profile." + }, + "securityProfileName": { + "type": "string", + "description": "The name of the security profile.", + "replaceOnChanges": true + }, + "tagRestrictedResources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of resources that a security profile applies tag restrictions to in Amazon Connect." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + } + }, + "autoNamingSpec": { + "sdkName": "securityProfileName", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "instanceArn" + ], + "createOnly": [ + "instanceArn", + "securityProfileName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:TaskTemplate": { + "cf": "AWS::Connect::TaskTemplate", + "inputs": { + "clientToken": { + "type": "string", + "description": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request." + }, + "constraints": { + "$ref": "#/types/aws-native:connect:ConstraintsProperties", + "description": "The constraints for the task template" + }, + "contactFlowArn": { + "type": "string", + "description": "The identifier of the contact flow." + }, + "defaults": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:TaskTemplateDefaultFieldValue" + }, + "description": "The default values for fields when a task is created by referencing this template." + }, + "description": { + "type": "string", + "description": "The description of the task template." + }, + "fields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:TaskTemplateField" + }, + "description": "The list of task template's fields" + }, + "instanceArn": { + "type": "string", + "description": "The identifier (arn) of the instance." + }, + "name": { + "type": "string", + "description": "The name of the task template." + }, + "status": { + "$ref": "#/types/aws-native:connect:TaskTemplateStatus", + "description": "The status of the task template." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The identifier (arn) of the task template." + }, + "clientToken": { + "type": "string", + "description": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request." + }, + "constraints": { + "$ref": "#/types/aws-native:connect:ConstraintsProperties", + "description": "The constraints for the task template" + }, + "contactFlowArn": { + "type": "string", + "description": "The identifier of the contact flow." + }, + "defaults": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:TaskTemplateDefaultFieldValue" + }, + "description": "The default values for fields when a task is created by referencing this template." + }, + "description": { + "type": "string", + "description": "The description of the task template." + }, + "fields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:TaskTemplateField" + }, + "description": "The list of task template's fields" + }, + "instanceArn": { + "type": "string", + "description": "The identifier (arn) of the instance." + }, + "name": { + "type": "string", + "description": "The name of the task template." + }, + "status": { + "$ref": "#/types/aws-native:connect:TaskTemplateStatus", + "description": "The status of the task template." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "instanceArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:TrafficDistributionGroup": { + "cf": "AWS::Connect::TrafficDistributionGroup", + "inputs": { + "description": { + "type": "string", + "description": "A description for the traffic distribution group." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance that has been replicated." + }, + "name": { + "type": "string", + "description": "The name for the traffic distribution group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "A description for the traffic distribution group.", + "replaceOnChanges": true + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance that has been replicated." + }, + "isDefault": { + "type": "boolean", + "description": "If this is the default traffic distribution group." + }, + "name": { + "type": "string", + "description": "The name for the traffic distribution group.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:connect:TrafficDistributionGroupStatus", + "description": "The status of the traffic distribution group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "trafficDistributionGroupArn": { + "type": "string", + "description": "The identifier of the traffic distribution group." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "instanceArn" + ], + "createOnly": [ + "description", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:User": { + "cf": "AWS::Connect::User", + "inputs": { + "directoryUserId": { + "type": "string", + "description": "The identifier of the user account in the directory used for identity management." + }, + "hierarchyGroupArn": { + "type": "string", + "description": "The identifier of the hierarchy group for the user." + }, + "identityInfo": { + "$ref": "#/types/aws-native:connect:UserIdentityInfo", + "description": "The information about the identity of the user." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "password": { + "type": "string", + "description": "The password for the user account. A password is required if you are using Amazon Connect for identity management. Otherwise, it is an error to include a password." + }, + "phoneConfig": { + "$ref": "#/types/aws-native:connect:UserPhoneConfig", + "description": "The phone settings for the user." + }, + "routingProfileArn": { + "type": "string", + "description": "The identifier of the routing profile for the user." + }, + "securityProfileArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more security profile arns for the user" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "userProficiencies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:UserProficiency" + }, + "description": "One or more predefined attributes assigned to a user, with a level that indicates how skilled they are." + }, + "username": { + "type": "string", + "description": "The user name for the account." + } + }, + "outputs": { + "directoryUserId": { + "type": "string", + "description": "The identifier of the user account in the directory used for identity management." + }, + "hierarchyGroupArn": { + "type": "string", + "description": "The identifier of the hierarchy group for the user." + }, + "identityInfo": { + "$ref": "#/types/aws-native:connect:UserIdentityInfo", + "description": "The information about the identity of the user." + }, + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "password": { + "type": "string", + "description": "The password for the user account. A password is required if you are using Amazon Connect for identity management. Otherwise, it is an error to include a password." + }, + "phoneConfig": { + "$ref": "#/types/aws-native:connect:UserPhoneConfig", + "description": "The phone settings for the user." + }, + "routingProfileArn": { + "type": "string", + "description": "The identifier of the routing profile for the user." + }, + "securityProfileArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more security profile arns for the user" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "userArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the user." + }, + "userProficiencies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:UserProficiency" + }, + "description": "One or more predefined attributes assigned to a user, with a level that indicates how skilled they are." + }, + "username": { + "type": "string", + "description": "The user name for the account." + } + }, + "autoNamingSpec": { + "sdkName": "username", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "instanceArn", + "phoneConfig", + "routingProfileArn", + "securityProfileArns" + ], + "writeOnly": [ + "password" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:UserHierarchyGroup": { + "cf": "AWS::Connect::UserHierarchyGroup", + "inputs": { + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "name": { + "type": "string", + "description": "The name of the user hierarchy group." + }, + "parentGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the parent user hierarchy group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + } + }, + "outputs": { + "instanceArn": { + "type": "string", + "description": "The identifier of the Amazon Connect instance." + }, + "name": { + "type": "string", + "description": "The name of the user hierarchy group." + }, + "parentGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the parent user hierarchy group.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "userHierarchyGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the user hierarchy group." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "instanceArn" + ], + "createOnly": [ + "parentGroupArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:View": { + "cf": "AWS::Connect::View", + "inputs": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions of the view in an array." + }, + "description": { + "type": "string", + "description": "The description of the view." + }, + "instanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance." + }, + "name": { + "type": "string", + "description": "The name of the view." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "template": { + "$ref": "pulumi.json#/Any", + "description": "The template of the view as JSON.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Connect::View` for more information about the expected schema for this property." + } + }, + "outputs": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions of the view in an array." + }, + "description": { + "type": "string", + "description": "The description of the view." + }, + "instanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance." + }, + "name": { + "type": "string", + "description": "The name of the view." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + }, + "template": { + "$ref": "pulumi.json#/Any", + "description": "The template of the view as JSON.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Connect::View` for more information about the expected schema for this property." + }, + "viewArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the view." + }, + "viewContentSha256": { + "type": "string", + "description": "The view content hash." + }, + "viewId": { + "type": "string", + "description": "The view id of the view." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 512 + }, + "required": [ + "actions", + "instanceArn", + "template" + ], + "irreversibleNames": { + "viewContentSha256": "ViewContentSha256" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:connect:ViewVersion": { + "cf": "AWS::Connect::ViewVersion", + "inputs": { + "versionDescription": { + "type": "string", + "description": "The description for the view version." + }, + "viewArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the view for which a version is being created." + }, + "viewContentSha256": { + "type": "string", + "description": "The view content hash to be checked." + } + }, + "outputs": { + "version": { + "type": "integer", + "description": "The version of the view." + }, + "versionDescription": { + "type": "string", + "description": "The description for the view version.", + "replaceOnChanges": true + }, + "viewArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the view for which a version is being created.", + "replaceOnChanges": true + }, + "viewContentSha256": { + "type": "string", + "description": "The view content hash to be checked.", + "replaceOnChanges": true + }, + "viewVersionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the created view version." + } + }, + "required": [ + "viewArn" + ], + "createOnly": [ + "versionDescription", + "viewArn", + "viewContentSha256" + ], + "irreversibleNames": { + "viewContentSha256": "ViewContentSha256" + } + }, + "aws-native:connectcampaigns:Campaign": { + "cf": "AWS::ConnectCampaigns::Campaign", + "inputs": { + "connectInstanceArn": { + "type": "string", + "description": "Amazon Connect Instance Arn" + }, + "dialerConfig": { + "$ref": "#/types/aws-native:connectcampaigns:CampaignDialerConfig", + "description": "Contains information about the dialer configuration." + }, + "name": { + "type": "string", + "description": "Amazon Connect Campaign Name" + }, + "outboundCallConfig": { + "$ref": "#/types/aws-native:connectcampaigns:CampaignOutboundCallConfig", + "description": "Contains information about the outbound call configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Amazon Connect Campaign Arn" + }, + "connectInstanceArn": { + "type": "string", + "description": "Amazon Connect Instance Arn", + "replaceOnChanges": true + }, + "dialerConfig": { + "$ref": "#/types/aws-native:connectcampaigns:CampaignDialerConfig", + "description": "Contains information about the dialer configuration." + }, + "name": { + "type": "string", + "description": "Amazon Connect Campaign Name" + }, + "outboundCallConfig": { + "$ref": "#/types/aws-native:connectcampaigns:CampaignOutboundCallConfig", + "description": "Contains information about the outbound call configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "connectInstanceArn", + "dialerConfig", + "outboundCallConfig" + ], + "createOnly": [ + "connectInstanceArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:controltower:EnabledBaseline": { + "cf": "AWS::ControlTower::EnabledBaseline", + "inputs": { + "baselineIdentifier": { + "type": "string", + "description": "The specific `Baseline` enabled as part of the `EnabledBaseline` resource." + }, + "baselineVersion": { + "type": "string", + "description": "The enabled version of the `Baseline` ." + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:controltower:EnabledBaselineParameter" + }, + "description": "Parameters that are applied when enabling this `Baseline` . These parameters configure the behavior of the baseline." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with input to `EnableBaseline` ." + }, + "targetIdentifier": { + "type": "string", + "description": "The target on which to enable the `Baseline` ." + } + }, + "outputs": { + "baselineIdentifier": { + "type": "string", + "description": "The specific `Baseline` enabled as part of the `EnabledBaseline` resource.", + "replaceOnChanges": true + }, + "baselineVersion": { + "type": "string", + "description": "The enabled version of the `Baseline` ." + }, + "enabledBaselineIdentifier": { + "type": "string", + "description": "The ARN of the `EnabledBaseline` resource." + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:controltower:EnabledBaselineParameter" + }, + "description": "Parameters that are applied when enabling this `Baseline` . These parameters configure the behavior of the baseline." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with input to `EnableBaseline` ." + }, + "targetIdentifier": { + "type": "string", + "description": "The target on which to enable the `Baseline` .", + "replaceOnChanges": true + } + }, + "required": [ + "baselineIdentifier", + "baselineVersion", + "targetIdentifier" + ], + "createOnly": [ + "baselineIdentifier", + "targetIdentifier" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:controltower:EnabledControl": { + "cf": "AWS::ControlTower::EnabledControl", + "inputs": { + "controlIdentifier": { + "type": "string", + "description": "Arn of the control." + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:controltower:EnabledControlParameter" + }, + "description": "Parameters to configure the enabled control behavior." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A set of tags to assign to the enabled control." + }, + "targetIdentifier": { + "type": "string", + "description": "Arn for Organizational unit to which the control needs to be applied" + } + }, + "outputs": { + "controlIdentifier": { + "type": "string", + "description": "Arn of the control.", + "replaceOnChanges": true + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:controltower:EnabledControlParameter" + }, + "description": "Parameters to configure the enabled control behavior." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A set of tags to assign to the enabled control." + }, + "targetIdentifier": { + "type": "string", + "description": "Arn for Organizational unit to which the control needs to be applied", + "replaceOnChanges": true + } + }, + "required": [ + "controlIdentifier", + "targetIdentifier" + ], + "createOnly": [ + "controlIdentifier", + "targetIdentifier" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:controltower:LandingZone": { + "cf": "AWS::ControlTower::LandingZone", + "inputs": { + "manifest": { + "$ref": "pulumi.json#/Any", + "description": "The landing zone manifest JSON text file that specifies the landing zone configurations.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ControlTower::LandingZone` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to be applied to the landing zone." + }, + "version": { + "type": "string", + "description": "The landing zone's current deployed version." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the landing zone." + }, + "driftStatus": { + "$ref": "#/types/aws-native:controltower:LandingZoneDriftStatus", + "description": "The drift status of the landing zone." + }, + "landingZoneIdentifier": { + "type": "string", + "description": "The unique identifier of the landing zone." + }, + "latestAvailableVersion": { + "type": "string", + "description": "The latest available version of the landing zone." + }, + "manifest": { + "$ref": "pulumi.json#/Any", + "description": "The landing zone manifest JSON text file that specifies the landing zone configurations.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ControlTower::LandingZone` for more information about the expected schema for this property." + }, + "status": { + "$ref": "#/types/aws-native:controltower:LandingZoneStatus", + "description": "The landing zone deployment status. One of `ACTIVE` , `PROCESSING` , `FAILED` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to be applied to the landing zone." + }, + "version": { + "type": "string", + "description": "The landing zone's current deployed version." + } + }, + "required": [ + "manifest", + "version" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:customerprofiles:CalculatedAttributeDefinition": { + "cf": "AWS::CustomerProfiles::CalculatedAttributeDefinition", + "inputs": { + "attributeDetails": { + "$ref": "#/types/aws-native:customerprofiles:CalculatedAttributeDefinitionAttributeDetails", + "description": "Mathematical expression and a list of attribute items specified in that expression." + }, + "calculatedAttributeName": { + "type": "string", + "description": "The name of an attribute defined in a profile object type." + }, + "conditions": { + "$ref": "#/types/aws-native:customerprofiles:CalculatedAttributeDefinitionConditions", + "description": "The conditions including range, object count, and threshold for the calculated attribute." + }, + "description": { + "type": "string", + "description": "The description of the calculated attribute." + }, + "displayName": { + "type": "string", + "description": "The display name of the calculated attribute." + }, + "domainName": { + "type": "string", + "description": "The unique name of the domain." + }, + "statistic": { + "$ref": "#/types/aws-native:customerprofiles:CalculatedAttributeDefinitionStatistic", + "description": "The aggregation operation to perform for the calculated attribute." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "attributeDetails": { + "$ref": "#/types/aws-native:customerprofiles:CalculatedAttributeDefinitionAttributeDetails", + "description": "Mathematical expression and a list of attribute items specified in that expression." + }, + "calculatedAttributeName": { + "type": "string", + "description": "The name of an attribute defined in a profile object type.", + "replaceOnChanges": true + }, + "conditions": { + "$ref": "#/types/aws-native:customerprofiles:CalculatedAttributeDefinitionConditions", + "description": "The conditions including range, object count, and threshold for the calculated attribute." + }, + "createdAt": { + "type": "string", + "description": "The timestamp of when the calculated attribute definition was created." + }, + "description": { + "type": "string", + "description": "The description of the calculated attribute." + }, + "displayName": { + "type": "string", + "description": "The display name of the calculated attribute." + }, + "domainName": { + "type": "string", + "description": "The unique name of the domain.", + "replaceOnChanges": true + }, + "lastUpdatedAt": { + "type": "string", + "description": "The timestamp of when the calculated attribute definition was most recently edited." + }, + "statistic": { + "$ref": "#/types/aws-native:customerprofiles:CalculatedAttributeDefinitionStatistic", + "description": "The aggregation operation to perform for the calculated attribute." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "attributeDetails", + "calculatedAttributeName", + "domainName", + "statistic" + ], + "createOnly": [ + "calculatedAttributeName", + "domainName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:customerprofiles:Domain": { + "cf": "AWS::CustomerProfiles::Domain", + "inputs": { + "deadLetterQueueUrl": { + "type": "string", + "description": "The URL of the SQS dead letter queue" + }, + "defaultEncryptionKey": { + "type": "string", + "description": "The default encryption key" + }, + "defaultExpirationDays": { + "type": "integer", + "description": "The default number of days until the data within the domain expires." + }, + "domainName": { + "type": "string", + "description": "The unique name of the domain." + }, + "matching": { + "$ref": "#/types/aws-native:customerprofiles:DomainMatching", + "description": "The process of matching duplicate profiles." + }, + "ruleBasedMatching": { + "$ref": "#/types/aws-native:customerprofiles:DomainRuleBasedMatching", + "description": "The process of matching duplicate profiles using Rule-Based matching." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the domain" + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "The time of this integration got created" + }, + "deadLetterQueueUrl": { + "type": "string", + "description": "The URL of the SQS dead letter queue" + }, + "defaultEncryptionKey": { + "type": "string", + "description": "The default encryption key" + }, + "defaultExpirationDays": { + "type": "integer", + "description": "The default number of days until the data within the domain expires." + }, + "domainName": { + "type": "string", + "description": "The unique name of the domain.", + "replaceOnChanges": true + }, + "lastUpdatedAt": { + "type": "string", + "description": "The time of this integration got last updated at" + }, + "matching": { + "$ref": "#/types/aws-native:customerprofiles:DomainMatching", + "description": "The process of matching duplicate profiles." + }, + "ruleBasedMatching": { + "$ref": "#/types/aws-native:customerprofiles:DomainRuleBasedMatching", + "description": "The process of matching duplicate profiles using Rule-Based matching." + }, + "stats": { + "$ref": "#/types/aws-native:customerprofiles:DomainStats" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the domain" + } + }, + "autoNamingSpec": { + "sdkName": "domainName", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "defaultExpirationDays" + ], + "createOnly": [ + "domainName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:customerprofiles:EventStream": { + "cf": "AWS::CustomerProfiles::EventStream", + "inputs": { + "domainName": { + "type": "string", + "description": "The unique name of the domain." + }, + "eventStreamName": { + "type": "string", + "description": "The name of the event stream." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + }, + "uri": { + "type": "string", + "description": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name." + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "The timestamp of when the export was created." + }, + "destinationDetails": { + "$ref": "#/types/aws-native:customerprofiles:DestinationDetailsProperties", + "description": "Details regarding the Kinesis stream." + }, + "domainName": { + "type": "string", + "description": "The unique name of the domain.", + "replaceOnChanges": true + }, + "eventStreamArn": { + "type": "string", + "description": "A unique identifier for the event stream." + }, + "eventStreamName": { + "type": "string", + "description": "The name of the event stream.", + "replaceOnChanges": true + }, + "state": { + "$ref": "#/types/aws-native:customerprofiles:EventStreamState", + "description": "The operational state of destination stream for export." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + }, + "uri": { + "type": "string", + "description": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "eventStreamName", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "domainName", + "uri" + ], + "createOnly": [ + "domainName", + "eventStreamName", + "uri" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:customerprofiles:Integration": { + "cf": "AWS::CustomerProfiles::Integration", + "inputs": { + "domainName": { + "type": "string", + "description": "The unique name of the domain." + }, + "flowDefinition": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationFlowDefinition", + "description": "The configuration that controls how Customer Profiles retrieves data from the source." + }, + "objectTypeName": { + "type": "string", + "description": "The name of the ObjectType defined for the 3rd party data in Profile Service" + }, + "objectTypeNames": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationObjectTypeMapping" + }, + "description": "The mapping between 3rd party event types and ObjectType names" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the integration" + }, + "uri": { + "type": "string", + "description": "The URI of the S3 bucket or any other type of data source." + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "The time of this integration got created" + }, + "domainName": { + "type": "string", + "description": "The unique name of the domain.", + "replaceOnChanges": true + }, + "flowDefinition": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationFlowDefinition", + "description": "The configuration that controls how Customer Profiles retrieves data from the source." + }, + "lastUpdatedAt": { + "type": "string", + "description": "The time of this integration got last updated at" + }, + "objectTypeName": { + "type": "string", + "description": "The name of the ObjectType defined for the 3rd party data in Profile Service" + }, + "objectTypeNames": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationObjectTypeMapping" + }, + "description": "The mapping between 3rd party event types and ObjectType names" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the integration" + }, + "uri": { + "type": "string", + "description": "The URI of the S3 bucket or any other type of data source.", + "replaceOnChanges": true + } + }, + "required": [ + "domainName" + ], + "createOnly": [ + "domainName", + "uri" + ], + "writeOnly": [ + "flowDefinition" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:customerprofiles:ObjectType": { + "cf": "AWS::CustomerProfiles::ObjectType", + "inputs": { + "allowProfileCreation": { + "type": "boolean", + "description": "Indicates whether a profile should be created when data is received." + }, + "description": { + "type": "string", + "description": "Description of the profile object type." + }, + "domainName": { + "type": "string", + "description": "The unique name of the domain." + }, + "encryptionKey": { + "type": "string", + "description": "The default encryption key" + }, + "expirationDays": { + "type": "integer", + "description": "The default number of days until the data within the domain expires." + }, + "fields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:ObjectTypeFieldMap" + }, + "description": "A list of the name and ObjectType field." + }, + "keys": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:ObjectTypeKeyMap" + }, + "description": "A list of unique keys that can be used to map data to the profile." + }, + "objectTypeName": { + "type": "string", + "description": "The name of the profile object type." + }, + "sourceLastUpdatedTimestampFormat": { + "type": "string", + "description": "The format of your sourceLastUpdatedTimestamp that was previously set up." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the integration." + }, + "templateId": { + "type": "string", + "description": "A unique identifier for the object template." + } + }, + "outputs": { + "allowProfileCreation": { + "type": "boolean", + "description": "Indicates whether a profile should be created when data is received." + }, + "createdAt": { + "type": "string", + "description": "The time of this integration got created." + }, + "description": { + "type": "string", + "description": "Description of the profile object type." + }, + "domainName": { + "type": "string", + "description": "The unique name of the domain.", + "replaceOnChanges": true + }, + "encryptionKey": { + "type": "string", + "description": "The default encryption key" + }, + "expirationDays": { + "type": "integer", + "description": "The default number of days until the data within the domain expires." + }, + "fields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:ObjectTypeFieldMap" + }, + "description": "A list of the name and ObjectType field." + }, + "keys": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:ObjectTypeKeyMap" + }, + "description": "A list of unique keys that can be used to map data to the profile." + }, + "lastUpdatedAt": { + "type": "string", + "description": "The time of this integration got last updated at." + }, + "objectTypeName": { + "type": "string", + "description": "The name of the profile object type.", + "replaceOnChanges": true + }, + "sourceLastUpdatedTimestampFormat": { + "type": "string", + "description": "The format of your sourceLastUpdatedTimestamp that was previously set up." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the integration." + }, + "templateId": { + "type": "string", + "description": "A unique identifier for the object template." + } + }, + "autoNamingSpec": { + "sdkName": "objectTypeName", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "description", + "domainName" + ], + "createOnly": [ + "domainName", + "objectTypeName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:databrew:Dataset": { + "cf": "AWS::DataBrew::Dataset", + "inputs": { + "format": { + "$ref": "#/types/aws-native:databrew:DatasetFormat", + "description": "Dataset format" + }, + "formatOptions": { + "$ref": "#/types/aws-native:databrew:DatasetFormatOptions", + "description": "Format options for dataset" + }, + "input": { + "$ref": "#/types/aws-native:databrew:DatasetInput", + "description": "Input" + }, + "name": { + "type": "string", + "description": "Dataset name" + }, + "pathOptions": { + "$ref": "#/types/aws-native:databrew:DatasetPathOptions", + "description": "PathOptions" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata tags that have been applied to the dataset." + } + }, + "outputs": { + "format": { + "$ref": "#/types/aws-native:databrew:DatasetFormat", + "description": "Dataset format" + }, + "formatOptions": { + "$ref": "#/types/aws-native:databrew:DatasetFormatOptions", + "description": "Format options for dataset" + }, + "input": { + "$ref": "#/types/aws-native:databrew:DatasetInput", + "description": "Input" + }, + "name": { + "type": "string", + "description": "Dataset name", + "replaceOnChanges": true + }, + "pathOptions": { + "$ref": "#/types/aws-native:databrew:DatasetPathOptions", + "description": "PathOptions" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata tags that have been applied to the dataset.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "input" + ], + "createOnly": [ + "name", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:databrew:Job": { + "cf": "AWS::DataBrew::Job", + "inputs": { + "dataCatalogOutputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobDataCatalogOutput" + }, + "description": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job." + }, + "databaseOutputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobDatabaseOutput" + }, + "description": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into." + }, + "datasetName": { + "type": "string", + "description": "Dataset name" + }, + "encryptionKeyArn": { + "type": "string", + "description": "Encryption Key Arn" + }, + "encryptionMode": { + "$ref": "#/types/aws-native:databrew:JobEncryptionMode", + "description": "Encryption mode" + }, + "jobSample": { + "$ref": "#/types/aws-native:databrew:JobSample", + "description": "Job Sample" + }, + "logSubscription": { + "$ref": "#/types/aws-native:databrew:JobLogSubscription", + "description": "Log subscription" + }, + "maxCapacity": { + "type": "integer", + "description": "Max capacity" + }, + "maxRetries": { + "type": "integer", + "description": "Max retries" + }, + "name": { + "type": "string", + "description": "Job name" + }, + "outputLocation": { + "$ref": "#/types/aws-native:databrew:JobOutputLocation", + "description": "Output location" + }, + "outputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobOutput" + }, + "description": "One or more artifacts that represent output from running the job." + }, + "profileConfiguration": { + "$ref": "#/types/aws-native:databrew:JobProfileConfiguration", + "description": "Profile Job configuration" + }, + "projectName": { + "type": "string", + "description": "Project name" + }, + "recipe": { + "$ref": "#/types/aws-native:databrew:JobRecipe", + "description": "A series of data transformation steps that the job runs." + }, + "roleArn": { + "type": "string", + "description": "Role arn" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata tags that have been applied to the job." + }, + "timeout": { + "type": "integer", + "description": "Timeout" + }, + "type": { + "$ref": "#/types/aws-native:databrew:JobType", + "description": "Job type" + }, + "validationConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobValidationConfiguration" + }, + "description": "Data quality rules configuration" + } + }, + "outputs": { + "dataCatalogOutputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobDataCatalogOutput" + }, + "description": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job." + }, + "databaseOutputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobDatabaseOutput" + }, + "description": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into." + }, + "datasetName": { + "type": "string", + "description": "Dataset name" + }, + "encryptionKeyArn": { + "type": "string", + "description": "Encryption Key Arn" + }, + "encryptionMode": { + "$ref": "#/types/aws-native:databrew:JobEncryptionMode", + "description": "Encryption mode" + }, + "jobSample": { + "$ref": "#/types/aws-native:databrew:JobSample", + "description": "Job Sample" + }, + "logSubscription": { + "$ref": "#/types/aws-native:databrew:JobLogSubscription", + "description": "Log subscription" + }, + "maxCapacity": { + "type": "integer", + "description": "Max capacity" + }, + "maxRetries": { + "type": "integer", + "description": "Max retries" + }, + "name": { + "type": "string", + "description": "Job name", + "replaceOnChanges": true + }, + "outputLocation": { + "$ref": "#/types/aws-native:databrew:JobOutputLocation", + "description": "Output location" + }, + "outputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobOutput" + }, + "description": "One or more artifacts that represent output from running the job." + }, + "profileConfiguration": { + "$ref": "#/types/aws-native:databrew:JobProfileConfiguration", + "description": "Profile Job configuration" + }, + "projectName": { + "type": "string", + "description": "Project name" + }, + "recipe": { + "$ref": "#/types/aws-native:databrew:JobRecipe", + "description": "A series of data transformation steps that the job runs." + }, + "roleArn": { + "type": "string", + "description": "Role arn" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata tags that have been applied to the job.", + "replaceOnChanges": true + }, + "timeout": { + "type": "integer", + "description": "Timeout" + }, + "type": { + "$ref": "#/types/aws-native:databrew:JobType", + "description": "Job type", + "replaceOnChanges": true + }, + "validationConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobValidationConfiguration" + }, + "description": "Data quality rules configuration" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "roleArn", + "type" + ], + "createOnly": [ + "name", + "tags", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:databrew:Project": { + "cf": "AWS::DataBrew::Project", + "inputs": { + "datasetName": { + "type": "string", + "description": "Dataset name" + }, + "name": { + "type": "string", + "description": "Project name" + }, + "recipeName": { + "type": "string", + "description": "Recipe name" + }, + "roleArn": { + "type": "string", + "description": "Role arn" + }, + "sample": { + "$ref": "#/types/aws-native:databrew:ProjectSample", + "description": "Sample" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata tags that have been applied to the project." + } + }, + "outputs": { + "datasetName": { + "type": "string", + "description": "Dataset name" + }, + "name": { + "type": "string", + "description": "Project name", + "replaceOnChanges": true + }, + "recipeName": { + "type": "string", + "description": "Recipe name" + }, + "roleArn": { + "type": "string", + "description": "Role arn" + }, + "sample": { + "$ref": "#/types/aws-native:databrew:ProjectSample", + "description": "Sample" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata tags that have been applied to the project.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "datasetName", + "recipeName", + "roleArn" + ], + "createOnly": [ + "name", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:databrew:Recipe": { + "cf": "AWS::DataBrew::Recipe", + "inputs": { + "description": { + "type": "string", + "description": "Description of the recipe" + }, + "name": { + "type": "string", + "description": "Recipe name" + }, + "steps": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:RecipeStep" + }, + "description": "A list of steps that are defined by the recipe." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata tags that have been applied to the recipe." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "Description of the recipe" + }, + "name": { + "type": "string", + "description": "Recipe name", + "replaceOnChanges": true + }, + "steps": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:RecipeStep" + }, + "description": "A list of steps that are defined by the recipe." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata tags that have been applied to the recipe.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "steps" + ], + "createOnly": [ + "name", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:databrew:Ruleset": { + "cf": "AWS::DataBrew::Ruleset", + "inputs": { + "description": { + "type": "string", + "description": "Description of the Ruleset" + }, + "name": { + "type": "string", + "description": "Name of the Ruleset" + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:RulesetRule" + }, + "description": "List of the data quality rules in the ruleset" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "targetArn": { + "type": "string", + "description": "Arn of the target resource (dataset) to apply the ruleset to" + } + }, + "outputs": { + "description": { + "type": "string", + "description": "Description of the Ruleset" + }, + "name": { + "type": "string", + "description": "Name of the Ruleset", + "replaceOnChanges": true + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:RulesetRule" + }, + "description": "List of the data quality rules in the ruleset" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "targetArn": { + "type": "string", + "description": "Arn of the target resource (dataset) to apply the ruleset to", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "rules", + "targetArn" + ], + "createOnly": [ + "name", + "targetArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:databrew:Schedule": { + "cf": "AWS::DataBrew::Schedule", + "inputs": { + "cronExpression": { + "type": "string", + "description": "Schedule cron" + }, + "jobNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of jobs to be run, according to the schedule." + }, + "name": { + "type": "string", + "description": "Schedule Name" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata tags that have been applied to the schedule." + } + }, + "outputs": { + "cronExpression": { + "type": "string", + "description": "Schedule cron" + }, + "jobNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of jobs to be run, according to the schedule." + }, + "name": { + "type": "string", + "description": "Schedule Name", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata tags that have been applied to the schedule.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "cronExpression" + ], + "createOnly": [ + "name", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:datapipeline:Pipeline": { + "cf": "AWS::DataPipeline::Pipeline", + "inputs": { + "activate": { + "type": "boolean", + "description": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to true." + }, + "description": { + "type": "string", + "description": "A description of the pipeline." + }, + "name": { + "type": "string", + "description": "The name of the pipeline." + }, + "parameterObjects": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datapipeline:PipelineParameterObject" + }, + "description": "The parameter objects used with the pipeline." + }, + "parameterValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datapipeline:PipelineParameterValue" + }, + "description": "The parameter values used with the pipeline." + }, + "pipelineObjects": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datapipeline:PipelineObject" + }, + "description": "The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see Editing Your Pipeline in the AWS Data Pipeline Developer Guide." + }, + "pipelineTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see Controlling Access to Pipelines and Resources in the AWS Data Pipeline Developer Guide." + } + }, + "outputs": { + "activate": { + "type": "boolean", + "description": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to true." + }, + "description": { + "type": "string", + "description": "A description of the pipeline.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the pipeline.", + "replaceOnChanges": true + }, + "parameterObjects": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datapipeline:PipelineParameterObject" + }, + "description": "The parameter objects used with the pipeline." + }, + "parameterValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datapipeline:PipelineParameterValue" + }, + "description": "The parameter values used with the pipeline." + }, + "pipelineId": { + "type": "string", + "description": "The ID of the pipeline." + }, + "pipelineObjects": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datapipeline:PipelineObject" + }, + "description": "The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see Editing Your Pipeline in the AWS Data Pipeline Developer Guide." + }, + "pipelineTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see Controlling Access to Pipelines and Resources in the AWS Data Pipeline Developer Guide." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "description", + "name" + ], + "tagsProperty": "pipelineTags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:Agent": { + "cf": "AWS::DataSync::Agent", + "inputs": { + "activationKey": { + "type": "string", + "description": "Activation key of the Agent." + }, + "agentName": { + "type": "string", + "description": "The name configured for the agent. Text reference used to identify the agent in the console." + }, + "securityGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the security group used to protect your data transfer task subnets." + }, + "subnetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the subnets in which DataSync will create elastic network interfaces for each data transfer task." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "vpcEndpointId": { + "type": "string", + "description": "The ID of the VPC endpoint that the agent has access to." + } + }, + "outputs": { + "activationKey": { + "type": "string", + "description": "Activation key of the Agent.", + "replaceOnChanges": true + }, + "agentArn": { + "type": "string", + "description": "The DataSync Agent ARN." + }, + "agentName": { + "type": "string", + "description": "The name configured for the agent. Text reference used to identify the agent in the console." + }, + "endpointType": { + "$ref": "#/types/aws-native:datasync:AgentEndpointType", + "description": "The service endpoints that the agent will connect to." + }, + "securityGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the security group used to protect your data transfer task subnets.", + "replaceOnChanges": true + }, + "subnetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the subnets in which DataSync will create elastic network interfaces for each data transfer task.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "vpcEndpointId": { + "type": "string", + "description": "The ID of the VPC endpoint that the agent has access to.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "agentName", + "maxLength": 256 + }, + "createOnly": [ + "activationKey", + "securityGroupArns", + "subnetArns", + "vpcEndpointId" + ], + "writeOnly": [ + "activationKey" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:LocationAzureBlob": { + "cf": "AWS::DataSync::LocationAzureBlob", + "inputs": { + "agentArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of agents to use for an Azure Blob Location." + }, + "azureAccessTier": { + "$ref": "#/types/aws-native:datasync:LocationAzureBlobAzureAccessTier", + "description": "Specifies an access tier for the objects you're transferring into your Azure Blob Storage container." + }, + "azureBlobAuthenticationType": { + "$ref": "#/types/aws-native:datasync:LocationAzureBlobAzureBlobAuthenticationType", + "description": "The specific authentication type that you want DataSync to use to access your Azure Blob Container." + }, + "azureBlobContainerUrl": { + "type": "string", + "description": "The URL of the Azure Blob container that was described." + }, + "azureBlobSasConfiguration": { + "$ref": "#/types/aws-native:datasync:LocationAzureBlobAzureBlobSasConfiguration", + "description": "Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage." + }, + "azureBlobType": { + "$ref": "#/types/aws-native:datasync:LocationAzureBlobAzureBlobType", + "description": "Specifies a blob type for the objects you're transferring into your Azure Blob Storage container." + }, + "subdirectory": { + "type": "string", + "description": "The subdirectory in the Azure Blob Container that is used to read data from the Azure Blob Source Location." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "agentArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of agents to use for an Azure Blob Location." + }, + "azureAccessTier": { + "$ref": "#/types/aws-native:datasync:LocationAzureBlobAzureAccessTier", + "description": "Specifies an access tier for the objects you're transferring into your Azure Blob Storage container." + }, + "azureBlobAuthenticationType": { + "$ref": "#/types/aws-native:datasync:LocationAzureBlobAzureBlobAuthenticationType", + "description": "The specific authentication type that you want DataSync to use to access your Azure Blob Container." + }, + "azureBlobContainerUrl": { + "type": "string", + "description": "The URL of the Azure Blob container that was described.", + "replaceOnChanges": true + }, + "azureBlobSasConfiguration": { + "$ref": "#/types/aws-native:datasync:LocationAzureBlobAzureBlobSasConfiguration", + "description": "Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage." + }, + "azureBlobType": { + "$ref": "#/types/aws-native:datasync:LocationAzureBlobAzureBlobType", + "description": "Specifies a blob type for the objects you're transferring into your Azure Blob Storage container." + }, + "locationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Azure Blob Location that is created." + }, + "locationUri": { + "type": "string", + "description": "The URL of the Azure Blob Location that was described." + }, + "subdirectory": { + "type": "string", + "description": "The subdirectory in the Azure Blob Container that is used to read data from the Azure Blob Source Location." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "agentArns", + "azureBlobAuthenticationType" + ], + "createOnly": [ + "azureBlobContainerUrl" + ], + "writeOnly": [ + "azureBlobContainerUrl", + "azureBlobSasConfiguration", + "subdirectory" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:LocationEfs": { + "cf": "AWS::DataSync::LocationEFS", + "inputs": { + "accessPointArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the Amazon EFS Access point that DataSync uses when accessing the EFS file system." + }, + "ec2Config": { + "$ref": "#/types/aws-native:datasync:LocationEfsEc2Config", + "description": "Specifies the subnet and security groups DataSync uses to access your Amazon EFS file system." + }, + "efsFilesystemArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the Amazon EFS file system." + }, + "fileSystemAccessRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS IAM role that the DataSync will assume when mounting the EFS file system." + }, + "inTransitEncryption": { + "$ref": "#/types/aws-native:datasync:LocationEfsInTransitEncryption", + "description": "Protocol that is used for encrypting the traffic exchanged between the DataSync Agent and the EFS file system." + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the location's path. This subdirectory in the EFS file system is used to read data from the EFS source location or write data to the EFS destination." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "accessPointArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the Amazon EFS Access point that DataSync uses when accessing the EFS file system.", + "replaceOnChanges": true + }, + "ec2Config": { + "$ref": "#/types/aws-native:datasync:LocationEfsEc2Config", + "description": "Specifies the subnet and security groups DataSync uses to access your Amazon EFS file system.", + "replaceOnChanges": true + }, + "efsFilesystemArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the Amazon EFS file system.", + "replaceOnChanges": true + }, + "fileSystemAccessRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS IAM role that the DataSync will assume when mounting the EFS file system.", + "replaceOnChanges": true + }, + "inTransitEncryption": { + "$ref": "#/types/aws-native:datasync:LocationEfsInTransitEncryption", + "description": "Protocol that is used for encrypting the traffic exchanged between the DataSync Agent and the EFS file system.", + "replaceOnChanges": true + }, + "locationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon EFS file system location that is created." + }, + "locationUri": { + "type": "string", + "description": "The URL of the EFS location that was described." + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the location's path. This subdirectory in the EFS file system is used to read data from the EFS source location or write data to the EFS destination.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "ec2Config" + ], + "createOnly": [ + "accessPointArn", + "ec2Config", + "efsFilesystemArn", + "fileSystemAccessRoleArn", + "inTransitEncryption", + "subdirectory" + ], + "writeOnly": [ + "efsFilesystemArn", + "subdirectory" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:LocationFSxLustre": { + "cf": "AWS::DataSync::LocationFSxLustre", + "inputs": { + "fsxFilesystemArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the FSx for Lustre file system." + }, + "securityGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the security groups that are to use to configure the FSx for Lustre file system." + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the location's path." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "fsxFilesystemArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the FSx for Lustre file system.", + "replaceOnChanges": true + }, + "locationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon FSx for Lustre file system location that is created." + }, + "locationUri": { + "type": "string", + "description": "The URL of the FSx for Lustre location that was described." + }, + "securityGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the security groups that are to use to configure the FSx for Lustre file system.", + "replaceOnChanges": true + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the location's path.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "securityGroupArns" + ], + "createOnly": [ + "fsxFilesystemArn", + "securityGroupArns", + "subdirectory" + ], + "writeOnly": [ + "fsxFilesystemArn", + "subdirectory" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:LocationFSxOntap": { + "cf": "AWS::DataSync::LocationFSxONTAP", + "inputs": { + "protocol": { + "$ref": "#/types/aws-native:datasync:LocationFSxOntapProtocol", + "description": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system." + }, + "securityGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the security groups that are to use to configure the FSx ONTAP file system." + }, + "storageVirtualMachineArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the FSx ONTAP SVM." + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the location's path." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "fsxFilesystemArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the FSx ONAP file system." + }, + "locationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon FSx ONTAP file system location that is created." + }, + "locationUri": { + "type": "string", + "description": "The URL of the FSx ONTAP file system that was described." + }, + "protocol": { + "$ref": "#/types/aws-native:datasync:LocationFSxOntapProtocol", + "description": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.", + "replaceOnChanges": true + }, + "securityGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the security groups that are to use to configure the FSx ONTAP file system.", + "replaceOnChanges": true + }, + "storageVirtualMachineArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the FSx ONTAP SVM.", + "replaceOnChanges": true + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the location's path.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "securityGroupArns", + "storageVirtualMachineArn" + ], + "createOnly": [ + "protocol", + "securityGroupArns", + "storageVirtualMachineArn", + "subdirectory" + ], + "writeOnly": [ + "protocol", + "subdirectory" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:LocationFSxOpenZfs": { + "cf": "AWS::DataSync::LocationFSxOpenZFS", + "inputs": { + "fsxFilesystemArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the FSx OpenZFS file system." + }, + "protocol": { + "$ref": "#/types/aws-native:datasync:LocationFSxOpenZfsProtocol", + "description": "The type of protocol that AWS DataSync uses to access your file system." + }, + "securityGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the security groups that are to use to configure the FSx OpenZFS file system." + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the location's path." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "fsxFilesystemArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the FSx OpenZFS file system.", + "replaceOnChanges": true + }, + "locationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon FSx OpenZFS file system location that is created." + }, + "locationUri": { + "type": "string", + "description": "The URL of the FSx OpenZFS that was described." + }, + "protocol": { + "$ref": "#/types/aws-native:datasync:LocationFSxOpenZfsProtocol", + "description": "The type of protocol that AWS DataSync uses to access your file system.", + "replaceOnChanges": true + }, + "securityGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the security groups that are to use to configure the FSx OpenZFS file system.", + "replaceOnChanges": true + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the location's path.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "protocol", + "securityGroupArns" + ], + "createOnly": [ + "fsxFilesystemArn", + "protocol", + "securityGroupArns", + "subdirectory" + ], + "writeOnly": [ + "fsxFilesystemArn", + "subdirectory" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:LocationFSxWindows": { + "cf": "AWS::DataSync::LocationFSxWindows", + "inputs": { + "domain": { + "type": "string", + "description": "The name of the Windows domain that the FSx for Windows server belongs to." + }, + "fsxFilesystemArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the FSx for Windows file system." + }, + "password": { + "type": "string", + "description": "The password of the user who has the permissions to access files and folders in the FSx for Windows file system." + }, + "securityGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the security groups that are to use to configure the FSx for Windows file system." + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the location's path." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "user": { + "type": "string", + "description": "The user who has the permissions to access files and folders in the FSx for Windows file system." + } + }, + "outputs": { + "domain": { + "type": "string", + "description": "The name of the Windows domain that the FSx for Windows server belongs to.", + "replaceOnChanges": true + }, + "fsxFilesystemArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the FSx for Windows file system.", + "replaceOnChanges": true + }, + "locationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon FSx for Windows file system location that is created." + }, + "locationUri": { + "type": "string", + "description": "The URL of the FSx for Windows location that was described." + }, + "password": { + "type": "string", + "description": "The password of the user who has the permissions to access files and folders in the FSx for Windows file system.", + "replaceOnChanges": true + }, + "securityGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the security groups that are to use to configure the FSx for Windows file system.", + "replaceOnChanges": true + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the location's path.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "user": { + "type": "string", + "description": "The user who has the permissions to access files and folders in the FSx for Windows file system.", + "replaceOnChanges": true + } + }, + "required": [ + "securityGroupArns", + "user" + ], + "createOnly": [ + "domain", + "fsxFilesystemArn", + "password", + "securityGroupArns", + "subdirectory", + "user" + ], + "writeOnly": [ + "fsxFilesystemArn", + "password", + "subdirectory" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:LocationHdfs": { + "cf": "AWS::DataSync::LocationHDFS", + "inputs": { + "agentArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "ARN(s) of the agent(s) to use for an HDFS location." + }, + "authenticationType": { + "$ref": "#/types/aws-native:datasync:LocationHdfsAuthenticationType", + "description": "The authentication mode used to determine identity of user." + }, + "blockSize": { + "type": "integer", + "description": "Size of chunks (blocks) in bytes that the data is divided into when stored in the HDFS cluster." + }, + "kerberosKeytab": { + "type": "string", + "description": "The Base64 string representation of the Keytab file." + }, + "kerberosKrb5Conf": { + "type": "string", + "description": "The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket." + }, + "kerberosPrincipal": { + "type": "string", + "description": "The unique identity, or principal, to which Kerberos can assign tickets." + }, + "kmsKeyProviderUri": { + "type": "string", + "description": "The identifier for the Key Management Server where the encryption keys that encrypt data inside HDFS clusters are stored." + }, + "nameNodes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datasync:LocationHdfsNameNode" + }, + "description": "An array of Name Node(s) of the HDFS location." + }, + "qopConfiguration": { + "$ref": "#/types/aws-native:datasync:LocationHdfsQopConfiguration", + "description": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `QopConfiguration` isn't specified, `RpcProtection` and `DataTransferProtection` default to `PRIVACY` . If you set `RpcProtection` or `DataTransferProtection` , the other parameter assumes the same value." + }, + "replicationFactor": { + "type": "integer", + "description": "Number of copies of each block that exists inside the HDFS cluster." + }, + "simpleUser": { + "type": "string", + "description": "The user name that has read and write permissions on the specified HDFS cluster." + }, + "subdirectory": { + "type": "string", + "description": "The subdirectory in HDFS that is used to read data from the HDFS source location or write data to the HDFS destination." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "agentArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "ARN(s) of the agent(s) to use for an HDFS location." + }, + "authenticationType": { + "$ref": "#/types/aws-native:datasync:LocationHdfsAuthenticationType", + "description": "The authentication mode used to determine identity of user." + }, + "blockSize": { + "type": "integer", + "description": "Size of chunks (blocks) in bytes that the data is divided into when stored in the HDFS cluster." + }, + "kerberosKeytab": { + "type": "string", + "description": "The Base64 string representation of the Keytab file." + }, + "kerberosKrb5Conf": { + "type": "string", + "description": "The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket." + }, + "kerberosPrincipal": { + "type": "string", + "description": "The unique identity, or principal, to which Kerberos can assign tickets." + }, + "kmsKeyProviderUri": { + "type": "string", + "description": "The identifier for the Key Management Server where the encryption keys that encrypt data inside HDFS clusters are stored." + }, + "locationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the HDFS location." + }, + "locationUri": { + "type": "string", + "description": "The URL of the HDFS location that was described." + }, + "nameNodes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datasync:LocationHdfsNameNode" + }, + "description": "An array of Name Node(s) of the HDFS location." + }, + "qopConfiguration": { + "$ref": "#/types/aws-native:datasync:LocationHdfsQopConfiguration", + "description": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `QopConfiguration` isn't specified, `RpcProtection` and `DataTransferProtection` default to `PRIVACY` . If you set `RpcProtection` or `DataTransferProtection` , the other parameter assumes the same value." + }, + "replicationFactor": { + "type": "integer", + "description": "Number of copies of each block that exists inside the HDFS cluster." + }, + "simpleUser": { + "type": "string", + "description": "The user name that has read and write permissions on the specified HDFS cluster." + }, + "subdirectory": { + "type": "string", + "description": "The subdirectory in HDFS that is used to read data from the HDFS source location or write data to the HDFS destination." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "agentArns", + "authenticationType", + "nameNodes" + ], + "writeOnly": [ + "kerberosKeytab", + "kerberosKrb5Conf", + "subdirectory" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:LocationNfs": { + "cf": "AWS::DataSync::LocationNFS", + "inputs": { + "mountOptions": { + "$ref": "#/types/aws-native:datasync:LocationNfsMountOptions", + "description": "Specifies the options that DataSync can use to mount your NFS file server." + }, + "onPremConfig": { + "$ref": "#/types/aws-native:datasync:LocationNfsOnPremConfig", + "description": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that want to connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for transfers](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) ." + }, + "serverHostname": { + "type": "string", + "description": "The name of the NFS server. This value is the IP address or DNS name of the NFS server." + }, + "subdirectory": { + "type": "string", + "description": "The subdirectory in the NFS file system that is used to read data from the NFS source location or write data to the NFS destination." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "locationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the NFS location." + }, + "locationUri": { + "type": "string", + "description": "The URL of the NFS location that was described." + }, + "mountOptions": { + "$ref": "#/types/aws-native:datasync:LocationNfsMountOptions", + "description": "Specifies the options that DataSync can use to mount your NFS file server." + }, + "onPremConfig": { + "$ref": "#/types/aws-native:datasync:LocationNfsOnPremConfig", + "description": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that want to connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for transfers](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) ." + }, + "serverHostname": { + "type": "string", + "description": "The name of the NFS server. This value is the IP address or DNS name of the NFS server.", + "replaceOnChanges": true + }, + "subdirectory": { + "type": "string", + "description": "The subdirectory in the NFS file system that is used to read data from the NFS source location or write data to the NFS destination." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "onPremConfig" + ], + "createOnly": [ + "serverHostname" + ], + "writeOnly": [ + "serverHostname", + "subdirectory" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:LocationObjectStorage": { + "cf": "AWS::DataSync::LocationObjectStorage", + "inputs": { + "accessKey": { + "type": "string", + "description": "Optional. The access key is used if credentials are required to access the self-managed object storage server." + }, + "agentArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Name (ARN) of the agents associated with the self-managed object storage server location." + }, + "bucketName": { + "type": "string", + "description": "The name of the bucket on the self-managed object storage server." + }, + "secretKey": { + "type": "string", + "description": "Optional. The secret key is used if credentials are required to access the self-managed object storage server." + }, + "serverCertificate": { + "type": "string", + "description": "X.509 PEM content containing a certificate authority or chain to trust." + }, + "serverHostname": { + "type": "string", + "description": "The name of the self-managed object storage server. This value is the IP address or Domain Name Service (DNS) name of the object storage server." + }, + "serverPort": { + "type": "integer", + "description": "The port that your self-managed server accepts inbound network traffic on." + }, + "serverProtocol": { + "$ref": "#/types/aws-native:datasync:LocationObjectStorageServerProtocol", + "description": "The protocol that the object storage server uses to communicate." + }, + "subdirectory": { + "type": "string", + "description": "The subdirectory in the self-managed object storage server that is used to read data from." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "accessKey": { + "type": "string", + "description": "Optional. The access key is used if credentials are required to access the self-managed object storage server." + }, + "agentArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Name (ARN) of the agents associated with the self-managed object storage server location." + }, + "bucketName": { + "type": "string", + "description": "The name of the bucket on the self-managed object storage server.", + "replaceOnChanges": true + }, + "locationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the location that is created." + }, + "locationUri": { + "type": "string", + "description": "The URL of the object storage location that was described." + }, + "secretKey": { + "type": "string", + "description": "Optional. The secret key is used if credentials are required to access the self-managed object storage server." + }, + "serverCertificate": { + "type": "string", + "description": "X.509 PEM content containing a certificate authority or chain to trust." + }, + "serverHostname": { + "type": "string", + "description": "The name of the self-managed object storage server. This value is the IP address or Domain Name Service (DNS) name of the object storage server.", + "replaceOnChanges": true + }, + "serverPort": { + "type": "integer", + "description": "The port that your self-managed server accepts inbound network traffic on." + }, + "serverProtocol": { + "$ref": "#/types/aws-native:datasync:LocationObjectStorageServerProtocol", + "description": "The protocol that the object storage server uses to communicate." + }, + "subdirectory": { + "type": "string", + "description": "The subdirectory in the self-managed object storage server that is used to read data from." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "agentArns" + ], + "createOnly": [ + "bucketName", + "serverHostname" + ], + "writeOnly": [ + "bucketName", + "secretKey", + "serverHostname", + "subdirectory" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:LocationS3": { + "cf": "AWS::DataSync::LocationS3", + "inputs": { + "s3BucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon S3 bucket." + }, + "s3Config": { + "$ref": "#/types/aws-native:datasync:LocationS3s3Config", + "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to access an Amazon S3 bucket.\n\nFor detailed information about using such a role, see [Creating a Location for Amazon S3](https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3-location) in the *AWS DataSync User Guide* ." + }, + "s3StorageClass": { + "$ref": "#/types/aws-native:datasync:LocationS3S3StorageClass", + "description": "The Amazon S3 storage class you want to store your files in when this location is used as a task destination." + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the Amazon S3 bucket. This subdirectory in Amazon S3 is used to read data from the S3 source location or write data to the S3 destination." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "locationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon S3 bucket location." + }, + "locationUri": { + "type": "string", + "description": "The URL of the S3 location that was described." + }, + "s3BucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon S3 bucket.", + "replaceOnChanges": true + }, + "s3Config": { + "$ref": "#/types/aws-native:datasync:LocationS3s3Config", + "description": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to access an Amazon S3 bucket.\n\nFor detailed information about using such a role, see [Creating a Location for Amazon S3](https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3-location) in the *AWS DataSync User Guide* .", + "replaceOnChanges": true + }, + "s3StorageClass": { + "$ref": "#/types/aws-native:datasync:LocationS3S3StorageClass", + "description": "The Amazon S3 storage class you want to store your files in when this location is used as a task destination.", + "replaceOnChanges": true + }, + "subdirectory": { + "type": "string", + "description": "A subdirectory in the Amazon S3 bucket. This subdirectory in Amazon S3 is used to read data from the S3 source location or write data to the S3 destination.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "s3Config" + ], + "createOnly": [ + "s3BucketArn", + "s3Config", + "s3StorageClass", + "subdirectory" + ], + "writeOnly": [ + "s3BucketArn", + "subdirectory" + ], + "irreversibleNames": { + "s3BucketArn": "S3BucketArn", + "s3Config": "S3Config", + "s3StorageClass": "S3StorageClass" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:LocationSmb": { + "cf": "AWS::DataSync::LocationSMB", + "inputs": { + "agentArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location." + }, + "domain": { + "type": "string", + "description": "The name of the Windows domain that the SMB server belongs to." + }, + "mountOptions": { + "$ref": "#/types/aws-native:datasync:LocationSmbMountOptions", + "description": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server." + }, + "password": { + "type": "string", + "description": "The password of the user who can mount the share and has the permissions to access files and folders in the SMB share." + }, + "serverHostname": { + "type": "string", + "description": "The name of the SMB server. This value is the IP address or Domain Name Service (DNS) name of the SMB server." + }, + "subdirectory": { + "type": "string", + "description": "The subdirectory in the SMB file system that is used to read data from the SMB source location or write data to the SMB destination" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "user": { + "type": "string", + "description": "The user who can mount the share, has the permissions to access files and folders in the SMB share." + } + }, + "outputs": { + "agentArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location." + }, + "domain": { + "type": "string", + "description": "The name of the Windows domain that the SMB server belongs to." + }, + "locationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the SMB location that is created." + }, + "locationUri": { + "type": "string", + "description": "The URL of the SMB location that was described." + }, + "mountOptions": { + "$ref": "#/types/aws-native:datasync:LocationSmbMountOptions", + "description": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server." + }, + "password": { + "type": "string", + "description": "The password of the user who can mount the share and has the permissions to access files and folders in the SMB share." + }, + "serverHostname": { + "type": "string", + "description": "The name of the SMB server. This value is the IP address or Domain Name Service (DNS) name of the SMB server.", + "replaceOnChanges": true + }, + "subdirectory": { + "type": "string", + "description": "The subdirectory in the SMB file system that is used to read data from the SMB source location or write data to the SMB destination" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "user": { + "type": "string", + "description": "The user who can mount the share, has the permissions to access files and folders in the SMB share." + } + }, + "required": [ + "agentArns", + "user" + ], + "createOnly": [ + "serverHostname" + ], + "writeOnly": [ + "password", + "serverHostname", + "subdirectory" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:StorageSystem": { + "cf": "AWS::DataSync::StorageSystem", + "inputs": { + "agentArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARN of the DataSync agent that connects to and reads from the on-premises storage system's management interface." + }, + "cloudWatchLogGroupArn": { + "type": "string", + "description": "The ARN of the Amazon CloudWatch log group used to monitor and log discovery job events." + }, + "name": { + "type": "string", + "description": "A familiar name for the on-premises storage system." + }, + "serverConfiguration": { + "$ref": "#/types/aws-native:datasync:StorageSystemServerConfiguration", + "description": "Specifies the server name and network port required to connect with the management interface of your on-premises storage system." + }, + "serverCredentials": { + "$ref": "#/types/aws-native:datasync:StorageSystemServerCredentials", + "description": "Specifies the user name and password for accessing your on-premises storage system's management interface." + }, + "systemType": { + "$ref": "#/types/aws-native:datasync:StorageSystemSystemType", + "description": "The type of on-premises storage system that DataSync Discovery will analyze." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "agentArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARN of the DataSync agent that connects to and reads from the on-premises storage system's management interface." + }, + "cloudWatchLogGroupArn": { + "type": "string", + "description": "The ARN of the Amazon CloudWatch log group used to monitor and log discovery job events." + }, + "connectivityStatus": { + "$ref": "#/types/aws-native:datasync:StorageSystemConnectivityStatus", + "description": "Indicates whether the DataSync agent can access the on-premises storage system." + }, + "name": { + "type": "string", + "description": "A familiar name for the on-premises storage system." + }, + "secretsManagerArn": { + "type": "string", + "description": "The ARN of a secret stored by AWS Secrets Manager." + }, + "serverConfiguration": { + "$ref": "#/types/aws-native:datasync:StorageSystemServerConfiguration", + "description": "Specifies the server name and network port required to connect with the management interface of your on-premises storage system." + }, + "serverCredentials": { + "$ref": "#/types/aws-native:datasync:StorageSystemServerCredentials", + "description": "Specifies the user name and password for accessing your on-premises storage system's management interface." + }, + "storageSystemArn": { + "type": "string", + "description": "The ARN of the on-premises storage system added to DataSync Discovery." + }, + "systemType": { + "$ref": "#/types/aws-native:datasync:StorageSystemSystemType", + "description": "The type of on-premises storage system that DataSync Discovery will analyze." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "agentArns", + "serverConfiguration", + "systemType" + ], + "writeOnly": [ + "serverCredentials" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datasync:Task": { + "cf": "AWS::DataSync::Task", + "inputs": { + "cloudWatchLogGroupArn": { + "type": "string", + "description": "The ARN of the Amazon CloudWatch log group that is used to monitor and log events in the task." + }, + "destinationLocationArn": { + "type": "string", + "description": "The ARN of an AWS storage resource's location." + }, + "excludes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datasync:TaskFilterRule" + }, + "description": "Specifies exclude filters that define the files, objects, and folders in your source location that you don't want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) ." + }, + "includes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datasync:TaskFilterRule" + }, + "description": "Specifies include filters define the files, objects, and folders in your source location that you want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) ." + }, + "manifestConfig": { + "$ref": "#/types/aws-native:datasync:TaskManifestConfig", + "description": "The configuration of the manifest that lists the files or objects that you want DataSync to transfer. For more information, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) ." + }, + "name": { + "type": "string", + "description": "The name of a task. This value is a text reference that is used to identify the task in the console." + }, + "options": { + "$ref": "#/types/aws-native:datasync:TaskOptions", + "description": "Specifies your task's settings, such as preserving file metadata, verifying data integrity, among other options." + }, + "schedule": { + "$ref": "#/types/aws-native:datasync:TaskSchedule", + "description": "Specifies a schedule for when you want your task to run. For more information, see [Scheduling your task](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html) ." + }, + "sourceLocationArn": { + "type": "string", + "description": "The ARN of the source location for the task." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "taskReportConfig": { + "$ref": "#/types/aws-native:datasync:TaskReportConfig", + "description": "Specifies how you want to configure a task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .\n\nWhen using this parameter, your caller identity (the role that you're using DataSync with) must have the `iam:PassRole` permission. The [AWSDataSyncFullAccess](https://docs.aws.amazon.com/datasync/latest/userguide/security-iam-awsmanpol.html#security-iam-awsmanpol-awsdatasyncfullaccess) policy includes this permission." + } + }, + "outputs": { + "cloudWatchLogGroupArn": { + "type": "string", + "description": "The ARN of the Amazon CloudWatch log group that is used to monitor and log events in the task." + }, + "destinationLocationArn": { + "type": "string", + "description": "The ARN of an AWS storage resource's location.", + "replaceOnChanges": true + }, + "destinationNetworkInterfaceArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the destination elastic network interfaces (ENIs) that were created for your subnet." + }, + "excludes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datasync:TaskFilterRule" + }, + "description": "Specifies exclude filters that define the files, objects, and folders in your source location that you don't want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) ." + }, + "includes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datasync:TaskFilterRule" + }, + "description": "Specifies include filters define the files, objects, and folders in your source location that you want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) ." + }, + "manifestConfig": { + "$ref": "#/types/aws-native:datasync:TaskManifestConfig", + "description": "The configuration of the manifest that lists the files or objects that you want DataSync to transfer. For more information, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) ." + }, + "name": { + "type": "string", + "description": "The name of a task. This value is a text reference that is used to identify the task in the console." + }, + "options": { + "$ref": "#/types/aws-native:datasync:TaskOptions", + "description": "Specifies your task's settings, such as preserving file metadata, verifying data integrity, among other options." + }, + "schedule": { + "$ref": "#/types/aws-native:datasync:TaskSchedule", + "description": "Specifies a schedule for when you want your task to run. For more information, see [Scheduling your task](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html) ." + }, + "sourceLocationArn": { + "type": "string", + "description": "The ARN of the source location for the task.", + "replaceOnChanges": true + }, + "sourceNetworkInterfaceArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the source ENIs that were created for your subnet." + }, + "status": { + "$ref": "#/types/aws-native:datasync:TaskStatus", + "description": "The status of the task that was described." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "taskArn": { + "type": "string", + "description": "The ARN of the task." + }, + "taskReportConfig": { + "$ref": "#/types/aws-native:datasync:TaskReportConfig", + "description": "Specifies how you want to configure a task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .\n\nWhen using this parameter, your caller identity (the role that you're using DataSync with) must have the `iam:PassRole` permission. The [AWSDataSyncFullAccess](https://docs.aws.amazon.com/datasync/latest/userguide/security-iam-awsmanpol.html#security-iam-awsmanpol-awsdatasyncfullaccess) policy includes this permission." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "destinationLocationArn", + "sourceLocationArn" + ], + "createOnly": [ + "destinationLocationArn", + "sourceLocationArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datazone:DataSource": { + "cf": "AWS::DataZone::DataSource", + "inputs": { + "assetFormsInput": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:DataSourceFormInput" + }, + "description": "The metadata forms that are to be attached to the assets that this data source works with." + }, + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:datazone:DataSourceConfigurationInput0Properties" + }, + { + "$ref": "#/types/aws-native:datazone:DataSourceConfigurationInput1Properties" + } + ], + "description": "Configuration of the data source. It can be set to either glueRunConfiguration or redshiftRunConfiguration." + }, + "description": { + "type": "string", + "description": "The description of the data source." + }, + "domainIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone domain where the data source is created." + }, + "enableSetting": { + "$ref": "#/types/aws-native:datazone:DataSourceEnableSetting", + "description": "Specifies whether the data source is enabled." + }, + "environmentIdentifier": { + "type": "string", + "description": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets." + }, + "name": { + "type": "string", + "description": "The name of the data source." + }, + "projectIdentifier": { + "type": "string", + "description": "The identifier of the Amazon DataZone project in which you want to add the data source." + }, + "publishOnImport": { + "type": "boolean", + "description": "Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog." + }, + "recommendation": { + "$ref": "#/types/aws-native:datazone:DataSourceRecommendationConfiguration", + "description": "Specifies whether the business name generation is to be enabled for this data source." + }, + "schedule": { + "$ref": "#/types/aws-native:datazone:DataSourceScheduleConfiguration", + "description": "The schedule of the data source runs." + }, + "type": { + "type": "string", + "description": "The type of the data source." + } + }, + "outputs": { + "assetFormsInput": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:DataSourceFormInput" + }, + "description": "The metadata forms that are to be attached to the assets that this data source works with." + }, + "awsId": { + "type": "string", + "description": "The unique identifier of the data source." + }, + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:datazone:DataSourceConfigurationInput0Properties" + }, + { + "$ref": "#/types/aws-native:datazone:DataSourceConfigurationInput1Properties" + } + ], + "description": "Configuration of the data source. It can be set to either glueRunConfiguration or redshiftRunConfiguration." + }, + "createdAt": { + "type": "string", + "description": "The timestamp of when the data source was created." + }, + "description": { + "type": "string", + "description": "The description of the data source." + }, + "domainId": { + "type": "string", + "description": "The ID of the Amazon DataZone domain where the data source is created." + }, + "domainIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone domain where the data source is created.", + "replaceOnChanges": true + }, + "enableSetting": { + "$ref": "#/types/aws-native:datazone:DataSourceEnableSetting", + "description": "Specifies whether the data source is enabled." + }, + "environmentId": { + "type": "string", + "description": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets." + }, + "environmentIdentifier": { + "type": "string", + "description": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets.", + "replaceOnChanges": true + }, + "lastRunAssetCount": { + "type": "number", + "description": "The number of assets created by the data source during its last run." + }, + "lastRunAt": { + "type": "string", + "description": "The timestamp that specifies when the data source was last run." + }, + "lastRunStatus": { + "type": "string", + "description": "The status of the last run of this data source." + }, + "name": { + "type": "string", + "description": "The name of the data source." + }, + "projectId": { + "type": "string", + "description": "The ID of the Amazon DataZone project to which the data source is added." + }, + "projectIdentifier": { + "type": "string", + "description": "The identifier of the Amazon DataZone project in which you want to add the data source.", + "replaceOnChanges": true + }, + "publishOnImport": { + "type": "boolean", + "description": "Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog." + }, + "recommendation": { + "$ref": "#/types/aws-native:datazone:DataSourceRecommendationConfiguration", + "description": "Specifies whether the business name generation is to be enabled for this data source." + }, + "schedule": { + "$ref": "#/types/aws-native:datazone:DataSourceScheduleConfiguration", + "description": "The schedule of the data source runs." + }, + "status": { + "$ref": "#/types/aws-native:datazone:DataSourceStatus", + "description": "The status of the data source." + }, + "type": { + "type": "string", + "description": "The type of the data source.", + "replaceOnChanges": true + }, + "updatedAt": { + "type": "string", + "description": "The timestamp of when this data source was updated." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "domainIdentifier", + "environmentIdentifier", + "projectIdentifier", + "type" + ], + "createOnly": [ + "domainIdentifier", + "environmentIdentifier", + "projectIdentifier", + "type" + ], + "writeOnly": [ + "assetFormsInput", + "configuration", + "domainIdentifier", + "environmentIdentifier", + "projectIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:datazone:Domain": { + "cf": "AWS::DataZone::Domain", + "inputs": { + "description": { + "type": "string", + "description": "The description of the Amazon DataZone domain." + }, + "domainExecutionRole": { + "type": "string", + "description": "The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain." + }, + "kmsKeyIdentifier": { + "type": "string", + "description": "The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data." + }, + "name": { + "type": "string", + "description": "The name of the Amazon DataZone domain." + }, + "singleSignOn": { + "$ref": "#/types/aws-native:datazone:DomainSingleSignOn", + "description": "The single-sign on configuration of the Amazon DataZone domain." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags specified for the Amazon DataZone domain." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the Amazon DataZone domain." + }, + "awsId": { + "type": "string", + "description": "The id of the Amazon DataZone domain." + }, + "createdAt": { + "type": "string", + "description": "The timestamp of when the Amazon DataZone domain was last updated." + }, + "description": { + "type": "string", + "description": "The description of the Amazon DataZone domain." + }, + "domainExecutionRole": { + "type": "string", + "description": "The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain." + }, + "kmsKeyIdentifier": { + "type": "string", + "description": "The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data.", + "replaceOnChanges": true + }, + "lastUpdatedAt": { + "type": "string", + "description": "The timestamp of when the Amazon DataZone domain was last updated." + }, + "managedAccountId": { + "type": "string", + "description": "The identifier of the AWS account that manages the domain." + }, + "name": { + "type": "string", + "description": "The name of the Amazon DataZone domain." + }, + "portalUrl": { + "type": "string", + "description": "The URL of the data portal for this Amazon DataZone domain." + }, + "singleSignOn": { + "$ref": "#/types/aws-native:datazone:DomainSingleSignOn", + "description": "The single-sign on configuration of the Amazon DataZone domain." + }, + "status": { + "$ref": "#/types/aws-native:datazone:DomainStatus", + "description": "The status of the Amazon DataZone domain." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags specified for the Amazon DataZone domain." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "domainExecutionRole" + ], + "createOnly": [ + "kmsKeyIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:datazone:Environment": { + "cf": "AWS::DataZone::Environment", + "inputs": { + "description": { + "type": "string", + "description": "The description of the Amazon DataZone environment." + }, + "domainIdentifier": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which the environment would be created." + }, + "environmentProfileIdentifier": { + "type": "string", + "description": "The ID of the environment profile with which the Amazon DataZone environment would be created." + }, + "glossaryTerms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The glossary terms that can be used in the Amazon DataZone environment." + }, + "name": { + "type": "string", + "description": "The name of the environment." + }, + "projectIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone project in which the environment would be created." + }, + "userParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:EnvironmentParameter" + }, + "description": "The user parameters of the Amazon DataZone environment." + } + }, + "outputs": { + "awsAccountId": { + "type": "string", + "description": "The AWS account in which the Amazon DataZone environment is created." + }, + "awsAccountRegion": { + "type": "string", + "description": "The AWS region in which the Amazon DataZone environment is created." + }, + "awsId": { + "type": "string", + "description": "The ID of the Amazon DataZone environment." + }, + "createdAt": { + "type": "string", + "description": "The timestamp of when the environment was created." + }, + "createdBy": { + "type": "string", + "description": "The Amazon DataZone user who created the environment." + }, + "description": { + "type": "string", + "description": "The description of the Amazon DataZone environment." + }, + "domainId": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which the environment is created." + }, + "domainIdentifier": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which the environment would be created.", + "replaceOnChanges": true + }, + "environmentBlueprintId": { + "type": "string", + "description": "The ID of the blueprint with which the Amazon DataZone environment was created." + }, + "environmentProfileId": { + "type": "string", + "description": "The ID of the environment profile with which the Amazon DataZone environment was created." + }, + "environmentProfileIdentifier": { + "type": "string", + "description": "The ID of the environment profile with which the Amazon DataZone environment would be created.", + "replaceOnChanges": true + }, + "glossaryTerms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The glossary terms that can be used in the Amazon DataZone environment." + }, + "name": { + "type": "string", + "description": "The name of the environment." + }, + "projectId": { + "type": "string", + "description": "The ID of the Amazon DataZone project in which the environment is created." + }, + "projectIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone project in which the environment would be created.", + "replaceOnChanges": true + }, + "provider": { + "type": "string", + "description": "The provider of the Amazon DataZone environment." + }, + "status": { + "$ref": "#/types/aws-native:datazone:EnvironmentStatus", + "description": "The status of the Amazon DataZone environment." + }, + "updatedAt": { + "type": "string", + "description": "The timestamp of when the environment was updated." + }, + "userParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:EnvironmentParameter" + }, + "description": "The user parameters of the Amazon DataZone environment.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "domainIdentifier", + "environmentProfileIdentifier", + "projectIdentifier" + ], + "createOnly": [ + "domainIdentifier", + "environmentProfileIdentifier", + "projectIdentifier", + "userParameters" + ], + "writeOnly": [ + "domainIdentifier", + "environmentProfileIdentifier", + "projectIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:datazone:EnvironmentBlueprintConfiguration": { + "cf": "AWS::DataZone::EnvironmentBlueprintConfiguration", + "inputs": { + "domainIdentifier": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which an environment blueprint exists." + }, + "enabledRegions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The enabled AWS Regions specified in a blueprint configuration." + }, + "environmentBlueprintIdentifier": { + "type": "string", + "description": "The identifier of the environment blueprint.\n\nIn the current release, only the following values are supported: `DefaultDataLake` and `DefaultDataWarehouse` ." + }, + "manageAccessRoleArn": { + "type": "string", + "description": "The ARN of the manage access role." + }, + "provisioningRoleArn": { + "type": "string", + "description": "The ARN of the provisioning role." + }, + "regionalParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:EnvironmentBlueprintConfigurationRegionalParameter" + }, + "description": "The regional parameters of the environment blueprint." + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "The timestamp of when an environment blueprint was created." + }, + "domainId": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which an environment blueprint exists." + }, + "domainIdentifier": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which an environment blueprint exists.", + "replaceOnChanges": true + }, + "enabledRegions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The enabled AWS Regions specified in a blueprint configuration." + }, + "environmentBlueprintId": { + "type": "string", + "description": "The identifier of the environment blueprint. This identifier should be used when creating environment profiles." + }, + "environmentBlueprintIdentifier": { + "type": "string", + "description": "The identifier of the environment blueprint.\n\nIn the current release, only the following values are supported: `DefaultDataLake` and `DefaultDataWarehouse` .", + "replaceOnChanges": true + }, + "manageAccessRoleArn": { + "type": "string", + "description": "The ARN of the manage access role." + }, + "provisioningRoleArn": { + "type": "string", + "description": "The ARN of the provisioning role." + }, + "regionalParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:EnvironmentBlueprintConfigurationRegionalParameter" + }, + "description": "The regional parameters of the environment blueprint." + }, + "updatedAt": { + "type": "string", + "description": "The timestamp of when the environment blueprint was updated." + } + }, + "required": [ + "domainIdentifier", + "enabledRegions", + "environmentBlueprintIdentifier" + ], + "createOnly": [ + "domainIdentifier", + "environmentBlueprintIdentifier" + ], + "writeOnly": [ + "domainIdentifier", + "environmentBlueprintIdentifier" + ] + }, + "aws-native:datazone:EnvironmentProfile": { + "cf": "AWS::DataZone::EnvironmentProfile", + "inputs": { + "awsAccountId": { + "type": "string", + "description": "The AWS account in which the Amazon DataZone environment is created." + }, + "awsAccountRegion": { + "type": "string", + "description": "The AWS region in which this environment profile is created." + }, + "description": { + "type": "string", + "description": "The description of this Amazon DataZone environment profile." + }, + "domainIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone domain in which this environment profile is created." + }, + "environmentBlueprintIdentifier": { + "type": "string", + "description": "The ID of the blueprint with which this environment profile is created." + }, + "name": { + "type": "string", + "description": "The name of this Amazon DataZone environment profile." + }, + "projectIdentifier": { + "type": "string", + "description": "The identifier of the project in which to create the environment profile." + }, + "userParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:EnvironmentProfileEnvironmentParameter" + }, + "description": "The user parameters of this Amazon DataZone environment profile." + } + }, + "outputs": { + "awsAccountId": { + "type": "string", + "description": "The AWS account in which the Amazon DataZone environment is created." + }, + "awsAccountRegion": { + "type": "string", + "description": "The AWS region in which this environment profile is created." + }, + "awsId": { + "type": "string", + "description": "The ID of this Amazon DataZone environment profile." + }, + "createdAt": { + "type": "string", + "description": "The timestamp of when this environment profile was created." + }, + "createdBy": { + "type": "string", + "description": "The Amazon DataZone user who created this environment profile." + }, + "description": { + "type": "string", + "description": "The description of this Amazon DataZone environment profile." + }, + "domainId": { + "type": "string", + "description": "The ID of the Amazon DataZone domain in which this environment profile is created." + }, + "domainIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone domain in which this environment profile is created.", + "replaceOnChanges": true + }, + "environmentBlueprintId": { + "type": "string", + "description": "The ID of the blueprint with which this environment profile is created." + }, + "environmentBlueprintIdentifier": { + "type": "string", + "description": "The ID of the blueprint with which this environment profile is created.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of this Amazon DataZone environment profile." + }, + "projectId": { + "type": "string", + "description": "The identifier of the project in which to create the environment profile." + }, + "projectIdentifier": { + "type": "string", + "description": "The identifier of the project in which to create the environment profile.", + "replaceOnChanges": true + }, + "updatedAt": { + "type": "string", + "description": "The timestamp of when this environment profile was updated." + }, + "userParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:EnvironmentProfileEnvironmentParameter" + }, + "description": "The user parameters of this Amazon DataZone environment profile." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "awsAccountId", + "awsAccountRegion", + "domainIdentifier", + "environmentBlueprintIdentifier", + "projectIdentifier" + ], + "createOnly": [ + "domainIdentifier", + "environmentBlueprintIdentifier", + "projectIdentifier" + ], + "writeOnly": [ + "domainIdentifier", + "environmentBlueprintIdentifier", + "projectIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:datazone:GroupProfile": { + "cf": "AWS::DataZone::GroupProfile", + "inputs": { + "domainIdentifier": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which the group profile would be created." + }, + "groupIdentifier": { + "type": "string", + "description": "The ID of the group." + }, + "status": { + "$ref": "#/types/aws-native:datazone:GroupProfileStatus", + "description": "The status of a group profile." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the Amazon DataZone group profile." + }, + "domainId": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which the group profile is created." + }, + "domainIdentifier": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which the group profile would be created.", + "replaceOnChanges": true + }, + "groupIdentifier": { + "type": "string", + "description": "The ID of the group.", + "replaceOnChanges": true + }, + "groupName": { + "type": "string", + "description": "The group-name of the Group Profile." + }, + "status": { + "$ref": "#/types/aws-native:datazone:GroupProfileStatus", + "description": "The status of a group profile." + } + }, + "required": [ + "domainIdentifier", + "groupIdentifier" + ], + "createOnly": [ + "domainIdentifier", + "groupIdentifier" + ], + "writeOnly": [ + "domainIdentifier", + "groupIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:datazone:Project": { + "cf": "AWS::DataZone::Project", + "inputs": { + "description": { + "type": "string", + "description": "The description of the Amazon DataZone project." + }, + "domainIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone domain in which this project is created." + }, + "glossaryTerms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The glossary terms that can be used in this Amazon DataZone project." + }, + "name": { + "type": "string", + "description": "The name of the Amazon DataZone project." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the Amazon DataZone project." + }, + "createdAt": { + "type": "string", + "description": "The timestamp of when the project was created." + }, + "createdBy": { + "type": "string", + "description": "The Amazon DataZone user who created the project." + }, + "description": { + "type": "string", + "description": "The description of the Amazon DataZone project." + }, + "domainId": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which the project was created." + }, + "domainIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone domain in which this project is created.", + "replaceOnChanges": true + }, + "glossaryTerms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The glossary terms that can be used in this Amazon DataZone project." + }, + "lastUpdatedAt": { + "type": "string", + "description": "The timestamp of when the project was last updated." + }, + "name": { + "type": "string", + "description": "The name of the Amazon DataZone project." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "domainIdentifier" + ], + "createOnly": [ + "domainIdentifier" + ], + "writeOnly": [ + "domainIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:datazone:ProjectMembership": { + "cf": "AWS::DataZone::ProjectMembership", + "inputs": { + "designation": { + "$ref": "#/types/aws-native:datazone:ProjectMembershipUserDesignation", + "description": "The designated role of a project member." + }, + "domainIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone domain in which project membership is created." + }, + "member": { + "oneOf": [ + { + "$ref": "#/types/aws-native:datazone:ProjectMembershipMember0Properties" + }, + { + "$ref": "#/types/aws-native:datazone:ProjectMembershipMember1Properties" + } + ], + "description": "The details about a project member." + }, + "projectIdentifier": { + "type": "string", + "description": "The ID of the project for which this project membership was created." + } + }, + "outputs": { + "designation": { + "$ref": "#/types/aws-native:datazone:ProjectMembershipUserDesignation", + "description": "The designated role of a project member." + }, + "domainIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone domain in which project membership is created.", + "replaceOnChanges": true + }, + "member": { + "oneOf": [ + { + "$ref": "#/types/aws-native:datazone:ProjectMembershipMember0Properties" + }, + { + "$ref": "#/types/aws-native:datazone:ProjectMembershipMember1Properties" + } + ], + "description": "The details about a project member.", + "replaceOnChanges": true + }, + "projectIdentifier": { + "type": "string", + "description": "The ID of the project for which this project membership was created.", + "replaceOnChanges": true + } + }, + "required": [ + "designation", + "domainIdentifier", + "member", + "projectIdentifier" + ], + "createOnly": [ + "domainIdentifier", + "member", + "projectIdentifier" + ], + "writeOnly": [ + "designation", + "member" + ] + }, + "aws-native:datazone:SubscriptionTarget": { + "cf": "AWS::DataZone::SubscriptionTarget", + "inputs": { + "applicableAssetTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The asset types that can be included in the subscription target." + }, + "authorizedPrincipals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The authorized principals of the subscription target." + }, + "domainIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone domain in which subscription target would be created." + }, + "environmentIdentifier": { + "type": "string", + "description": "The ID of the environment in which subscription target would be created." + }, + "manageAccessRole": { + "type": "string", + "description": "The manage access role that is used to create the subscription target." + }, + "name": { + "type": "string", + "description": "The name of the subscription target." + }, + "provider": { + "type": "string", + "description": "The provider of the subscription target." + }, + "subscriptionTargetConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:SubscriptionTargetForm" + }, + "description": "The configuration of the subscription target." + }, + "type": { + "type": "string", + "description": "The type of the subscription target." + } + }, + "outputs": { + "applicableAssetTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The asset types that can be included in the subscription target." + }, + "authorizedPrincipals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The authorized principals of the subscription target." + }, + "awsId": { + "type": "string", + "description": "The ID of the subscription target." + }, + "createdAt": { + "type": "string", + "description": "The timestamp of when the subscription target was created." + }, + "createdBy": { + "type": "string", + "description": "The Amazon DataZone user who created the subscription target." + }, + "domainId": { + "type": "string", + "description": "The ID of the Amazon DataZone domain in which subscription target is created." + }, + "domainIdentifier": { + "type": "string", + "description": "The ID of the Amazon DataZone domain in which subscription target would be created.", + "replaceOnChanges": true + }, + "environmentId": { + "type": "string", + "description": "The ID of the environment in which subscription target is created." + }, + "environmentIdentifier": { + "type": "string", + "description": "The ID of the environment in which subscription target would be created.", + "replaceOnChanges": true + }, + "manageAccessRole": { + "type": "string", + "description": "The manage access role that is used to create the subscription target." + }, + "name": { + "type": "string", + "description": "The name of the subscription target." + }, + "projectId": { + "type": "string", + "description": "The identifier of the project specified in the subscription target." + }, + "provider": { + "type": "string", + "description": "The provider of the subscription target." + }, + "subscriptionTargetConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:SubscriptionTargetForm" + }, + "description": "The configuration of the subscription target." + }, + "type": { + "type": "string", + "description": "The type of the subscription target.", + "replaceOnChanges": true + }, + "updatedAt": { + "type": "string", + "description": "The timestamp of when the subscription target was updated." + }, + "updatedBy": { + "type": "string", + "description": "The Amazon DataZone user who updated the subscription target." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "applicableAssetTypes", + "authorizedPrincipals", + "domainIdentifier", + "environmentIdentifier", + "manageAccessRole", + "subscriptionTargetConfig", + "type" + ], + "createOnly": [ + "domainIdentifier", + "environmentIdentifier", + "type" + ], + "writeOnly": [ + "domainIdentifier", + "environmentIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:datazone:UserProfile": { + "cf": "AWS::DataZone::UserProfile", + "inputs": { + "domainIdentifier": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which the user profile would be created." + }, + "status": { + "$ref": "#/types/aws-native:datazone:UserProfileStatus", + "description": "The status of the user profile." + }, + "userIdentifier": { + "type": "string", + "description": "The ID of the user." + }, + "userType": { + "$ref": "#/types/aws-native:datazone:UserProfileUserType", + "description": "The user type of the user for which the user profile is created." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the Amazon DataZone user profile." + }, + "details": { + "oneOf": [ + { + "$ref": "#/types/aws-native:datazone:UserProfileDetails0Properties" + }, + { + "$ref": "#/types/aws-native:datazone:UserProfileDetails1Properties" + } + ] + }, + "domainId": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which the user profile is created." + }, + "domainIdentifier": { + "type": "string", + "description": "The identifier of the Amazon DataZone domain in which the user profile would be created.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:datazone:UserProfileStatus", + "description": "The status of the user profile." + }, + "type": { + "$ref": "#/types/aws-native:datazone:UserProfileType", + "description": "The type of the user profile." + }, + "userIdentifier": { + "type": "string", + "description": "The ID of the user.", + "replaceOnChanges": true + }, + "userType": { + "$ref": "#/types/aws-native:datazone:UserProfileUserType", + "description": "The user type of the user for which the user profile is created.", + "replaceOnChanges": true + } + }, + "required": [ + "domainIdentifier", + "userIdentifier" + ], + "createOnly": [ + "domainIdentifier", + "userIdentifier", + "userType" + ], + "writeOnly": [ + "domainIdentifier", + "userIdentifier", + "userType" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:deadline:Farm": { + "cf": "AWS::Deadline::Farm", + "inputs": { + "description": { + "type": "string", + "description": "A description of the farm that helps identify what the farm is used for." + }, + "displayName": { + "type": "string", + "description": "The display name of the farm.\n\n\u003e This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field." + }, + "kmsKeyArn": { + "type": "string", + "description": "The ARN for the KMS key." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) assigned to the farm." + }, + "description": { + "type": "string", + "description": "A description of the farm that helps identify what the farm is used for." + }, + "displayName": { + "type": "string", + "description": "The display name of the farm.\n\n\u003e This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field." + }, + "farmId": { + "type": "string", + "description": "The farm ID." + }, + "kmsKeyArn": { + "type": "string", + "description": "The ARN for the KMS key.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "displayName" + ], + "createOnly": [ + "kmsKeyArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:deadline:Fleet": { + "cf": "AWS::Deadline::Fleet", + "inputs": { + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:deadline:FleetConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:deadline:FleetConfiguration1Properties" + } + ], + "description": "The configuration details for the fleet." + }, + "description": { + "type": "string", + "description": "A description that helps identify what the fleet is used for." + }, + "displayName": { + "type": "string", + "description": "The display name of the fleet summary to update.\n\n\u003e This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field." + }, + "farmId": { + "type": "string", + "description": "The farm ID." + }, + "maxWorkerCount": { + "type": "integer", + "description": "The maximum number of workers specified in the fleet." + }, + "minWorkerCount": { + "type": "integer", + "description": "The minimum number of workers in the fleet." + }, + "roleArn": { + "type": "string", + "description": "The IAM role that workers in the fleet use when processing jobs." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) assigned to the fleet." + }, + "capabilities": { + "$ref": "#/types/aws-native:deadline:FleetCapabilities" + }, + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:deadline:FleetConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:deadline:FleetConfiguration1Properties" + } + ], + "description": "The configuration details for the fleet." + }, + "description": { + "type": "string", + "description": "A description that helps identify what the fleet is used for." + }, + "displayName": { + "type": "string", + "description": "The display name of the fleet summary to update.\n\n\u003e This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field." + }, + "farmId": { + "type": "string", + "description": "The farm ID.", + "replaceOnChanges": true + }, + "fleetId": { + "type": "string", + "description": "The fleet ID." + }, + "maxWorkerCount": { + "type": "integer", + "description": "The maximum number of workers specified in the fleet." + }, + "minWorkerCount": { + "type": "integer", + "description": "The minimum number of workers in the fleet." + }, + "roleArn": { + "type": "string", + "description": "The IAM role that workers in the fleet use when processing jobs." + }, + "status": { + "$ref": "#/types/aws-native:deadline:FleetStatus", + "description": "The status of the fleet." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "workerCount": { + "type": "integer", + "description": "The number of workers in the fleet summary." + } + }, + "required": [ + "configuration", + "displayName", + "farmId", + "maxWorkerCount", + "roleArn" + ], + "createOnly": [ + "farmId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:deadline:LicenseEndpoint": { + "cf": "AWS::Deadline::LicenseEndpoint", + "inputs": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The identifier of the Amazon EC2 security group that controls access to the license endpoint." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identifies the VPC subnets that can connect to a license endpoint." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "vpcId": { + "type": "string", + "description": "The VCP(virtual private cloud) ID associated with the license endpoint." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the license endpoint." + }, + "dnsName": { + "type": "string", + "description": "The DNS name of the license server endpoint." + }, + "licenseEndpointId": { + "type": "string", + "description": "The license endpoint ID." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The identifier of the Amazon EC2 security group that controls access to the license endpoint.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:deadline:LicenseEndpointStatus", + "description": "The status of the license endpoint." + }, + "statusMessage": { + "type": "string", + "description": "The status message of the license endpoint." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identifies the VPC subnets that can connect to a license endpoint.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "vpcId": { + "type": "string", + "description": "The VCP(virtual private cloud) ID associated with the license endpoint.", + "replaceOnChanges": true + } + }, + "required": [ + "securityGroupIds", + "subnetIds", + "vpcId" + ], + "createOnly": [ + "securityGroupIds", + "subnetIds", + "vpcId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:deadline:MeteredProduct": { + "cf": "AWS::Deadline::MeteredProduct", + "inputs": { + "licenseEndpointId": { + "type": "string", + "description": "The Amazon EC2 identifier of the license endpoint." + }, + "productId": { + "type": "string", + "description": "The product ID." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the metered product." + }, + "family": { + "type": "string", + "description": "The family to which the metered product belongs." + }, + "licenseEndpointId": { + "type": "string", + "description": "The Amazon EC2 identifier of the license endpoint.", + "replaceOnChanges": true + }, + "port": { + "type": "integer", + "description": "The port on which the metered product should run." + }, + "productId": { + "type": "string", + "description": "The product ID.", + "replaceOnChanges": true + }, + "vendor": { + "type": "string", + "description": "The vendor." + } + }, + "createOnly": [ + "licenseEndpointId", + "productId" + ] + }, + "aws-native:deadline:Monitor": { + "cf": "AWS::Deadline::Monitor", + "inputs": { + "displayName": { + "type": "string", + "description": "The name of the monitor that displays on the Deadline Cloud console.\n\n\u003e This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field." + }, + "identityCenterInstanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM Identity Center instance responsible for authenticating monitor users." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role for the monitor. Users of the monitor use this role to access Deadline Cloud resources." + }, + "subdomain": { + "type": "string", + "description": "The subdomain used for the monitor URL. The full URL of the monitor is subdomain.Region.deadlinecloud.amazonaws.com." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the monitor." + }, + "displayName": { + "type": "string", + "description": "The name of the monitor that displays on the Deadline Cloud console.\n\n\u003e This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field." + }, + "identityCenterApplicationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that the IAM Identity Center assigned to the monitor when it was created." + }, + "identityCenterInstanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM Identity Center instance responsible for authenticating monitor users.", + "replaceOnChanges": true + }, + "monitorId": { + "type": "string", + "description": "The unique identifier for the monitor." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role for the monitor. Users of the monitor use this role to access Deadline Cloud resources." + }, + "subdomain": { + "type": "string", + "description": "The subdomain used for the monitor URL. The full URL of the monitor is subdomain.Region.deadlinecloud.amazonaws.com." + }, + "url": { + "type": "string", + "description": "The complete URL of the monitor. The full URL of the monitor is subdomain.Region.deadlinecloud.amazonaws.com." + } + }, + "required": [ + "displayName", + "identityCenterInstanceArn", + "roleArn", + "subdomain" + ], + "createOnly": [ + "identityCenterInstanceArn" + ] + }, + "aws-native:deadline:Queue": { + "cf": "AWS::Deadline::Queue", + "inputs": { + "allowedStorageProfileIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The identifiers of the storage profiles that this queue can use to share assets between workers using different operating systems." + }, + "defaultBudgetAction": { + "$ref": "#/types/aws-native:deadline:QueueDefaultQueueBudgetAction", + "description": "The default action taken on a queue summary if a budget wasn't configured." + }, + "description": { + "type": "string", + "description": "A description of the queue that helps identify what the queue is used for." + }, + "displayName": { + "type": "string", + "description": "The display name of the queue summary to update.\n\n\u003e This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field." + }, + "farmId": { + "type": "string", + "description": "The farm ID." + }, + "jobAttachmentSettings": { + "$ref": "#/types/aws-native:deadline:QueueJobAttachmentSettings", + "description": "The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix." + }, + "jobRunAsUser": { + "$ref": "#/types/aws-native:deadline:QueueJobRunAsUser", + "description": "Identifies the user for a job." + }, + "requiredFileSystemLocationNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The file system location that the queue uses." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that workers use when running jobs in this queue." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "allowedStorageProfileIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The identifiers of the storage profiles that this queue can use to share assets between workers using different operating systems." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the queue." + }, + "defaultBudgetAction": { + "$ref": "#/types/aws-native:deadline:QueueDefaultQueueBudgetAction", + "description": "The default action taken on a queue summary if a budget wasn't configured." + }, + "description": { + "type": "string", + "description": "A description of the queue that helps identify what the queue is used for." + }, + "displayName": { + "type": "string", + "description": "The display name of the queue summary to update.\n\n\u003e This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field." + }, + "farmId": { + "type": "string", + "description": "The farm ID.", + "replaceOnChanges": true + }, + "jobAttachmentSettings": { + "$ref": "#/types/aws-native:deadline:QueueJobAttachmentSettings", + "description": "The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix." + }, + "jobRunAsUser": { + "$ref": "#/types/aws-native:deadline:QueueJobRunAsUser", + "description": "Identifies the user for a job." + }, + "queueId": { + "type": "string", + "description": "The queue ID." + }, + "requiredFileSystemLocationNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The file system location that the queue uses." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that workers use when running jobs in this queue." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "displayName", + "farmId" + ], + "createOnly": [ + "farmId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:deadline:QueueEnvironment": { + "cf": "AWS::Deadline::QueueEnvironment", + "inputs": { + "farmId": { + "type": "string", + "description": "The identifier assigned to the farm that contains the queue." + }, + "priority": { + "type": "integer", + "description": "The queue environment's priority." + }, + "queueId": { + "type": "string", + "description": "The unique identifier of the queue that contains the environment." + }, + "template": { + "type": "string", + "description": "A JSON or YAML template that describes the processing environment for the queue." + }, + "templateType": { + "$ref": "#/types/aws-native:deadline:QueueEnvironmentEnvironmentTemplateType", + "description": "Specifies whether the template for the queue environment is JSON or YAML." + } + }, + "outputs": { + "farmId": { + "type": "string", + "description": "The identifier assigned to the farm that contains the queue.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the queue environment." + }, + "priority": { + "type": "integer", + "description": "The queue environment's priority." + }, + "queueEnvironmentId": { + "type": "string", + "description": "The queue environment ID." + }, + "queueId": { + "type": "string", + "description": "The unique identifier of the queue that contains the environment.", + "replaceOnChanges": true + }, + "template": { + "type": "string", + "description": "A JSON or YAML template that describes the processing environment for the queue." + }, + "templateType": { + "$ref": "#/types/aws-native:deadline:QueueEnvironmentEnvironmentTemplateType", + "description": "Specifies whether the template for the queue environment is JSON or YAML." + } + }, + "required": [ + "farmId", + "priority", + "queueId", + "template", + "templateType" + ], + "createOnly": [ + "farmId", + "queueId" + ] + }, + "aws-native:deadline:QueueFleetAssociation": { + "cf": "AWS::Deadline::QueueFleetAssociation", + "inputs": { + "farmId": { + "type": "string", + "description": "The identifier of the farm that contains the queue and the fleet." + }, + "fleetId": { + "type": "string", + "description": "The fleet ID." + }, + "queueId": { + "type": "string", + "description": "The queue ID." + } + }, + "outputs": { + "farmId": { + "type": "string", + "description": "The identifier of the farm that contains the queue and the fleet.", + "replaceOnChanges": true + }, + "fleetId": { + "type": "string", + "description": "The fleet ID.", + "replaceOnChanges": true + }, + "queueId": { + "type": "string", + "description": "The queue ID.", + "replaceOnChanges": true + } + }, + "required": [ + "farmId", + "fleetId", + "queueId" + ], + "createOnly": [ + "farmId", + "fleetId", + "queueId" + ] + }, + "aws-native:deadline:StorageProfile": { + "cf": "AWS::Deadline::StorageProfile", + "inputs": { + "displayName": { + "type": "string", + "description": "The display name of the storage profile summary to update.\n\n\u003e This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field." + }, + "farmId": { + "type": "string", + "description": "The unique identifier of the farm that contains the storage profile." + }, + "fileSystemLocations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:deadline:StorageProfileFileSystemLocation" + }, + "description": "Operating system specific file system path to the storage location." + }, + "osFamily": { + "$ref": "#/types/aws-native:deadline:StorageProfileOperatingSystemFamily", + "description": "The operating system (OS) family." + } + }, + "outputs": { + "displayName": { + "type": "string", + "description": "The display name of the storage profile summary to update.\n\n\u003e This field can store any content. Escape or encode this content before displaying it on a webpage or any other system that might interpret the content of this field." + }, + "farmId": { + "type": "string", + "description": "The unique identifier of the farm that contains the storage profile.", + "replaceOnChanges": true + }, + "fileSystemLocations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:deadline:StorageProfileFileSystemLocation" + }, + "description": "Operating system specific file system path to the storage location." + }, + "osFamily": { + "$ref": "#/types/aws-native:deadline:StorageProfileOperatingSystemFamily", + "description": "The operating system (OS) family." + }, + "storageProfileId": { + "type": "string", + "description": "The storage profile ID." + } + }, + "required": [ + "displayName", + "farmId", + "osFamily" + ], + "createOnly": [ + "farmId" + ] + }, + "aws-native:detective:Graph": { + "cf": "AWS::Detective::Graph", + "inputs": { + "autoEnableMembers": { + "type": "boolean", + "description": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tag values to assign to the new behavior graph." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Detective graph ARN" + }, + "autoEnableMembers": { + "type": "boolean", + "description": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tag values to assign to the new behavior graph." + } + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:detective:MemberInvitation": { + "cf": "AWS::Detective::MemberInvitation", + "inputs": { + "disableEmailNotification": { + "type": "boolean", + "description": "When set to true, invitation emails are not sent to the member accounts. Member accounts must still accept the invitation before they are added to the behavior graph. Updating this field has no effect." + }, + "graphArn": { + "type": "string", + "description": "The ARN of the graph to which the member account will be invited" + }, + "memberEmailAddress": { + "type": "string", + "description": "The root email address for the account to be invited, for validation. Updating this field has no effect." + }, + "memberId": { + "type": "string", + "description": "The AWS account ID to be invited to join the graph as a member" + }, + "message": { + "type": "string", + "description": "A message to be included in the email invitation sent to the invited account. Updating this field has no effect." + } + }, + "outputs": { + "disableEmailNotification": { + "type": "boolean", + "description": "When set to true, invitation emails are not sent to the member accounts. Member accounts must still accept the invitation before they are added to the behavior graph. Updating this field has no effect." + }, + "graphArn": { + "type": "string", + "description": "The ARN of the graph to which the member account will be invited", + "replaceOnChanges": true + }, + "memberEmailAddress": { + "type": "string", + "description": "The root email address for the account to be invited, for validation. Updating this field has no effect." + }, + "memberId": { + "type": "string", + "description": "The AWS account ID to be invited to join the graph as a member", + "replaceOnChanges": true + }, + "message": { + "type": "string", + "description": "A message to be included in the email invitation sent to the invited account. Updating this field has no effect." + } + }, + "required": [ + "graphArn", + "memberEmailAddress", + "memberId" + ], + "createOnly": [ + "graphArn", + "memberId" + ], + "writeOnly": [ + "disableEmailNotification", + "message" + ] + }, + "aws-native:detective:OrganizationAdmin": { + "cf": "AWS::Detective::OrganizationAdmin", + "inputs": { + "accountId": { + "type": "string", + "description": "The account ID of the account that should be registered as your Organization's delegated administrator for Detective" + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "The account ID of the account that should be registered as your Organization's delegated administrator for Detective", + "replaceOnChanges": true + }, + "graphArn": { + "type": "string", + "description": "The Detective graph ARN" + } + }, + "required": [ + "accountId" + ], + "createOnly": [ + "accountId" + ] + }, + "aws-native:devicefarm:DevicePool": { + "cf": "AWS::DeviceFarm::DevicePool", + "inputs": { + "description": { + "type": "string", + "description": "The device pool's description." + }, + "maxDevices": { + "type": "integer", + "description": "The number of devices that Device Farm can add to your device pool. Device Farm adds devices that are available and meet the criteria that you assign for the `rules` parameter. Depending on how many devices meet these constraints, your device pool might contain fewer devices than the value for this parameter.\n\nBy specifying the maximum number of devices, you can control the costs that you incur by running tests." + }, + "name": { + "type": "string", + "description": "The device pool's name." + }, + "projectArn": { + "type": "string", + "description": "The ARN of the project for the device pool." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:devicefarm:DevicePoolRule" + }, + "description": "The device pool's rules." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *guide* ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the device pool. See [Amazon resource names](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference guide* ." + }, + "description": { + "type": "string", + "description": "The device pool's description." + }, + "maxDevices": { + "type": "integer", + "description": "The number of devices that Device Farm can add to your device pool. Device Farm adds devices that are available and meet the criteria that you assign for the `rules` parameter. Depending on how many devices meet these constraints, your device pool might contain fewer devices than the value for this parameter.\n\nBy specifying the maximum number of devices, you can control the costs that you incur by running tests." + }, + "name": { + "type": "string", + "description": "The device pool's name." + }, + "projectArn": { + "type": "string", + "description": "The ARN of the project for the device pool.", + "replaceOnChanges": true + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:devicefarm:DevicePoolRule" + }, + "description": "The device pool's rules." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *guide* ." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "projectArn", + "rules" + ], + "createOnly": [ + "projectArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:devicefarm:InstanceProfile": { + "cf": "AWS::DeviceFarm::InstanceProfile", + "inputs": { + "description": { + "type": "string", + "description": "The description of the instance profile." + }, + "excludeAppPackagesFromCleanup": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of strings containing the list of app packages that should not be cleaned up from the device after a test run completes.\n\nThe list of packages is considered only if you set `packageCleanup` to `true` ." + }, + "name": { + "type": "string", + "description": "The name of the instance profile." + }, + "packageCleanup": { + "type": "boolean", + "description": "When set to `true` , Device Farm removes app packages after a test run. The default value is `false` for private devices." + }, + "rebootAfterUse": { + "type": "boolean", + "description": "When set to `true` , Device Farm reboots the instance after a test run. The default value is `true` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *guide* ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance profile. See [Amazon resource names](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference guide* ." + }, + "description": { + "type": "string", + "description": "The description of the instance profile." + }, + "excludeAppPackagesFromCleanup": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of strings containing the list of app packages that should not be cleaned up from the device after a test run completes.\n\nThe list of packages is considered only if you set `packageCleanup` to `true` ." + }, + "name": { + "type": "string", + "description": "The name of the instance profile." + }, + "packageCleanup": { + "type": "boolean", + "description": "When set to `true` , Device Farm removes app packages after a test run. The default value is `false` for private devices." + }, + "rebootAfterUse": { + "type": "boolean", + "description": "When set to `true` , Device Farm reboots the instance after a test run. The default value is `true` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *guide* ." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:devicefarm:NetworkProfile": { + "cf": "AWS::DeviceFarm::NetworkProfile", + "inputs": { + "description": { + "type": "string", + "description": "The description of the network profile." + }, + "downlinkBandwidthBits": { + "type": "integer", + "description": "The data throughput rate in bits per second, as an integer from 0 to 104857600." + }, + "downlinkDelayMs": { + "type": "integer", + "description": "Delay time for all packets to destination in milliseconds as an integer from 0 to 2000." + }, + "downlinkJitterMs": { + "type": "integer", + "description": "Time variation in the delay of received packets in milliseconds as an integer from 0 to 2000." + }, + "downlinkLossPercent": { + "type": "integer", + "description": "Proportion of received packets that fail to arrive from 0 to 100 percent." + }, + "name": { + "type": "string", + "description": "The name of the network profile." + }, + "projectArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified project." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *guide* ." + }, + "uplinkBandwidthBits": { + "type": "integer", + "description": "The data throughput rate in bits per second, as an integer from 0 to 104857600." + }, + "uplinkDelayMs": { + "type": "integer", + "description": "Delay time for all packets to destination in milliseconds as an integer from 0 to 2000." + }, + "uplinkJitterMs": { + "type": "integer", + "description": "Time variation in the delay of received packets in milliseconds as an integer from 0 to 2000." + }, + "uplinkLossPercent": { + "type": "integer", + "description": "Proportion of transmitted packets that fail to arrive from 0 to 100 percent." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the network profile. See [Amazon resource names](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference guide* ." + }, + "description": { + "type": "string", + "description": "The description of the network profile." + }, + "downlinkBandwidthBits": { + "type": "integer", + "description": "The data throughput rate in bits per second, as an integer from 0 to 104857600." + }, + "downlinkDelayMs": { + "type": "integer", + "description": "Delay time for all packets to destination in milliseconds as an integer from 0 to 2000." + }, + "downlinkJitterMs": { + "type": "integer", + "description": "Time variation in the delay of received packets in milliseconds as an integer from 0 to 2000." + }, + "downlinkLossPercent": { + "type": "integer", + "description": "Proportion of received packets that fail to arrive from 0 to 100 percent." + }, + "name": { + "type": "string", + "description": "The name of the network profile." + }, + "projectArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified project.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *guide* ." + }, + "uplinkBandwidthBits": { + "type": "integer", + "description": "The data throughput rate in bits per second, as an integer from 0 to 104857600." + }, + "uplinkDelayMs": { + "type": "integer", + "description": "Delay time for all packets to destination in milliseconds as an integer from 0 to 2000." + }, + "uplinkJitterMs": { + "type": "integer", + "description": "Time variation in the delay of received packets in milliseconds as an integer from 0 to 2000." + }, + "uplinkLossPercent": { + "type": "integer", + "description": "Proportion of transmitted packets that fail to arrive from 0 to 100 percent." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "projectArn" + ], + "createOnly": [ + "projectArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:devicefarm:Project": { + "cf": "AWS::DeviceFarm::Project", + "inputs": { + "defaultJobTimeoutMinutes": { + "type": "integer", + "description": "Sets the execution timeout value (in minutes) for a project. All test runs in this project use the specified execution timeout value unless overridden when scheduling a run." + }, + "name": { + "type": "string", + "description": "The project's name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the resource. A tag is an array of key-value pairs. Tag keys can have a maximum character length of 128 characters. Tag values can have a maximum length of 256 characters." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:devicefarm:ProjectVpcConfig", + "description": "The VPC security groups and subnets that are attached to a project." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the project. See [Amazon resource names](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference guide* ." + }, + "defaultJobTimeoutMinutes": { + "type": "integer", + "description": "Sets the execution timeout value (in minutes) for a project. All test runs in this project use the specified execution timeout value unless overridden when scheduling a run." + }, + "name": { + "type": "string", + "description": "The project's name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the resource. A tag is an array of key-value pairs. Tag keys can have a maximum character length of 128 characters. Tag values can have a maximum length of 256 characters." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:devicefarm:ProjectVpcConfig", + "description": "The VPC security groups and subnets that are attached to a project." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:devicefarm:TestGridProject": { + "cf": "AWS::DeviceFarm::TestGridProject", + "inputs": { + "description": { + "type": "string", + "description": "A human-readable description for the project." + }, + "name": { + "type": "string", + "description": "A human-readable name for the project." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *guide* ." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:devicefarm:TestGridProjectVpcConfig", + "description": "The VPC security groups and subnets that are attached to a project." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the `TestGrid` project. See [Amazon resource names](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference guide* ." + }, + "description": { + "type": "string", + "description": "A human-readable description for the project." + }, + "name": { + "type": "string", + "description": "A human-readable name for the project." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *guide* ." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:devicefarm:TestGridProjectVpcConfig", + "description": "The VPC security groups and subnets that are attached to a project." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "writeOnly": [ + "vpcConfig" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:devicefarm:VpceConfiguration": { + "cf": "AWS::DeviceFarm::VPCEConfiguration", + "inputs": { + "serviceDnsName": { + "type": "string", + "description": "The DNS name that Device Farm will use to map to the private service you want to access." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *guide* ." + }, + "vpceConfigurationDescription": { + "type": "string", + "description": "An optional description that provides details about your VPC endpoint configuration." + }, + "vpceConfigurationName": { + "type": "string", + "description": "The friendly name you give to your VPC endpoint configuration to manage your configurations more easily." + }, + "vpceServiceName": { + "type": "string", + "description": "The name of the VPC endpoint service that you want to access from Device Farm.\n\nThe name follows the format `com.amazonaws.vpce.us-west-2.vpce-svc-id` ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the VPC endpoint. See [Amazon resource names](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference guide* ." + }, + "serviceDnsName": { + "type": "string", + "description": "The DNS name that Device Farm will use to map to the private service you want to access." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *guide* ." + }, + "vpceConfigurationDescription": { + "type": "string", + "description": "An optional description that provides details about your VPC endpoint configuration." + }, + "vpceConfigurationName": { + "type": "string", + "description": "The friendly name you give to your VPC endpoint configuration to manage your configurations more easily." + }, + "vpceServiceName": { + "type": "string", + "description": "The name of the VPC endpoint service that you want to access from Device Farm.\n\nThe name follows the format `com.amazonaws.vpce.us-west-2.vpce-svc-id` ." + } + }, + "autoNamingSpec": { + "sdkName": "vpceConfigurationName", + "minLength": 1, + "maxLength": 1024 + }, + "required": [ + "serviceDnsName", + "vpceServiceName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:devopsguru:LogAnomalyDetectionIntegration": { + "cf": "AWS::DevOpsGuru::LogAnomalyDetectionIntegration", + "inputs": {}, + "outputs": { + "accountId": { + "type": "string", + "description": "The account ID associated with the integration of DevOps Guru with CloudWatch log groups for log anomaly detection." + } + } + }, + "aws-native:devopsguru:NotificationChannel": { + "cf": "AWS::DevOpsGuru::NotificationChannel", + "inputs": { + "config": { + "$ref": "#/types/aws-native:devopsguru:NotificationChannelConfig", + "description": "A `NotificationChannelConfig` object that contains information about configured notification channels." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of a notification channel." + }, + "config": { + "$ref": "#/types/aws-native:devopsguru:NotificationChannelConfig", + "description": "A `NotificationChannelConfig` object that contains information about configured notification channels.", + "replaceOnChanges": true + } + }, + "required": [ + "config" + ], + "createOnly": [ + "config" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:devopsguru:ResourceCollection": { + "cf": "AWS::DevOpsGuru::ResourceCollection", + "inputs": { + "resourceCollectionFilter": { + "$ref": "#/types/aws-native:devopsguru:ResourceCollectionFilter", + "description": "Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru." + } + }, + "outputs": { + "resourceCollectionFilter": { + "$ref": "#/types/aws-native:devopsguru:ResourceCollectionFilter", + "description": "Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru." + }, + "resourceCollectionType": { + "$ref": "#/types/aws-native:devopsguru:ResourceCollectionType", + "description": "The type of ResourceCollection" + } + }, + "required": [ + "resourceCollectionFilter" + ] + }, + "aws-native:directoryservice:SimpleAd": { + "cf": "AWS::DirectoryService::SimpleAD", + "inputs": { + "createAlias": { + "type": "boolean", + "description": "The name of the configuration set." + }, + "description": { + "type": "string", + "description": "Description for the directory." + }, + "enableSso": { + "type": "boolean", + "description": "Whether to enable single sign-on for a Simple Active Directory in AWS." + }, + "name": { + "type": "string", + "description": "The fully qualified domain name for the AWS Managed Simple AD directory." + }, + "password": { + "type": "string", + "description": "The password for the default administrative user named Admin." + }, + "shortName": { + "type": "string", + "description": "The NetBIOS name for your domain." + }, + "size": { + "type": "string", + "description": "The size of the directory." + }, + "vpcSettings": { + "$ref": "#/types/aws-native:directoryservice:SimpleAdVpcSettings", + "description": "VPC settings of the Simple AD directory server in AWS." + } + }, + "outputs": { + "alias": { + "type": "string", + "description": "The alias for a directory." + }, + "createAlias": { + "type": "boolean", + "description": "The name of the configuration set.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "Description for the directory.", + "replaceOnChanges": true + }, + "directoryId": { + "type": "string", + "description": "The unique identifier for a directory." + }, + "dnsIpAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IP addresses of the DNS servers for the directory, such as [ \"172.31.3.154\", \"172.31.63.203\" ]." + }, + "enableSso": { + "type": "boolean", + "description": "Whether to enable single sign-on for a Simple Active Directory in AWS." + }, + "name": { + "type": "string", + "description": "The fully qualified domain name for the AWS Managed Simple AD directory.", + "replaceOnChanges": true + }, + "password": { + "type": "string", + "description": "The password for the default administrative user named Admin.", + "replaceOnChanges": true + }, + "shortName": { + "type": "string", + "description": "The NetBIOS name for your domain.", + "replaceOnChanges": true + }, + "size": { + "type": "string", + "description": "The size of the directory.", + "replaceOnChanges": true + }, + "vpcSettings": { + "$ref": "#/types/aws-native:directoryservice:SimpleAdVpcSettings", + "description": "VPC settings of the Simple AD directory server in AWS.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "size", + "vpcSettings" + ], + "createOnly": [ + "createAlias", + "description", + "name", + "password", + "shortName", + "size", + "vpcSettings" + ], + "writeOnly": [ + "password" + ] + }, + "aws-native:dms:DataProvider": { + "cf": "AWS::DMS::DataProvider", + "inputs": { + "dataProviderIdentifier": { + "type": "string", + "description": "The property describes an identifier for the data provider. It is used for describing/deleting/modifying can be name/arn" + }, + "dataProviderName": { + "type": "string", + "description": "The property describes a name to identify the data provider." + }, + "description": { + "type": "string", + "description": "The optional description of the data provider." + }, + "engine": { + "$ref": "#/types/aws-native:dms:DataProviderEngine", + "description": "The property describes a data engine for the data provider." + }, + "exactSettings": { + "type": "boolean", + "description": "The property describes the exact settings which can be modified" + }, + "settings": { + "$ref": "#/types/aws-native:dms:SettingsProperties", + "description": "The property identifies the exact type of settings for the data provider." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "dataProviderArn": { + "type": "string", + "description": "The data provider ARN." + }, + "dataProviderCreationTime": { + "type": "string", + "description": "The data provider creation time." + }, + "dataProviderIdentifier": { + "type": "string", + "description": "The property describes an identifier for the data provider. It is used for describing/deleting/modifying can be name/arn" + }, + "dataProviderName": { + "type": "string", + "description": "The property describes a name to identify the data provider." + }, + "description": { + "type": "string", + "description": "The optional description of the data provider." + }, + "engine": { + "$ref": "#/types/aws-native:dms:DataProviderEngine", + "description": "The property describes a data engine for the data provider." + }, + "exactSettings": { + "type": "boolean", + "description": "The property describes the exact settings which can be modified" + }, + "settings": { + "$ref": "#/types/aws-native:dms:SettingsProperties", + "description": "The property identifies the exact type of settings for the data provider." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "dataProviderName", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "engine" + ], + "writeOnly": [ + "dataProviderIdentifier", + "exactSettings" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:dms:InstanceProfile": { + "cf": "AWS::DMS::InstanceProfile", + "inputs": { + "availabilityZone": { + "type": "string", + "description": "The property describes an availability zone of the instance profile." + }, + "description": { + "type": "string", + "description": "The optional description of the instance profile." + }, + "instanceProfileIdentifier": { + "type": "string", + "description": "The property describes an identifier for the instance profile. It is used for describing/deleting/modifying. Can be name/arn" + }, + "instanceProfileName": { + "type": "string", + "description": "The property describes a name for the instance profile." + }, + "kmsKeyArn": { + "type": "string", + "description": "The property describes kms key arn for the instance profile." + }, + "networkType": { + "$ref": "#/types/aws-native:dms:InstanceProfileNetworkType", + "description": "The property describes a network type for the instance profile." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "The property describes the publicly accessible of the instance profile" + }, + "subnetGroupIdentifier": { + "type": "string", + "description": "The property describes a subnet group identifier for the instance profile." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "vpcSecurityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The property describes vps security groups for the instance profile." + } + }, + "outputs": { + "availabilityZone": { + "type": "string", + "description": "The property describes an availability zone of the instance profile." + }, + "description": { + "type": "string", + "description": "The optional description of the instance profile." + }, + "instanceProfileArn": { + "type": "string", + "description": "The property describes an ARN of the instance profile." + }, + "instanceProfileCreationTime": { + "type": "string", + "description": "The property describes a creating time of the instance profile." + }, + "instanceProfileIdentifier": { + "type": "string", + "description": "The property describes an identifier for the instance profile. It is used for describing/deleting/modifying. Can be name/arn" + }, + "instanceProfileName": { + "type": "string", + "description": "The property describes a name for the instance profile." + }, + "kmsKeyArn": { + "type": "string", + "description": "The property describes kms key arn for the instance profile." + }, + "networkType": { + "$ref": "#/types/aws-native:dms:InstanceProfileNetworkType", + "description": "The property describes a network type for the instance profile." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "The property describes the publicly accessible of the instance profile" + }, + "subnetGroupIdentifier": { + "type": "string", + "description": "The property describes a subnet group identifier for the instance profile." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "vpcSecurityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The property describes vps security groups for the instance profile." + } + }, + "autoNamingSpec": { + "sdkName": "instanceProfileName", + "minLength": 1, + "maxLength": 255 + }, + "writeOnly": [ + "instanceProfileIdentifier" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:dms:MigrationProject": { + "cf": "AWS::DMS::MigrationProject", + "inputs": { + "description": { + "type": "string", + "description": "The optional description of the migration project." + }, + "instanceProfileArn": { + "type": "string", + "description": "The property describes an instance profile arn for the migration project. For read" + }, + "instanceProfileIdentifier": { + "type": "string", + "description": "The property describes an instance profile identifier for the migration project. For create" + }, + "instanceProfileName": { + "type": "string", + "description": "The property describes an instance profile name for the migration project. For read" + }, + "migrationProjectCreationTime": { + "type": "string", + "description": "The property describes a creating time of the migration project." + }, + "migrationProjectIdentifier": { + "type": "string", + "description": "The property describes an identifier for the migration project. It is used for describing/deleting/modifying can be name/arn" + }, + "migrationProjectName": { + "type": "string", + "description": "The property describes a name to identify the migration project." + }, + "schemaConversionApplicationAttributes": { + "$ref": "#/types/aws-native:dms:SchemaConversionApplicationAttributesProperties", + "description": "The property describes schema conversion application attributes for the migration project." + }, + "sourceDataProviderDescriptors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dms:MigrationProjectDataProviderDescriptor" + }, + "description": "The property describes source data provider descriptors for the migration project." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "targetDataProviderDescriptors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dms:MigrationProjectDataProviderDescriptor" + }, + "description": "The property describes target data provider descriptors for the migration project." + }, + "transformationRules": { + "type": "string", + "description": "The property describes transformation rules for the migration project." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The optional description of the migration project." + }, + "instanceProfileArn": { + "type": "string", + "description": "The property describes an instance profile arn for the migration project. For read" + }, + "instanceProfileIdentifier": { + "type": "string", + "description": "The property describes an instance profile identifier for the migration project. For create" + }, + "instanceProfileName": { + "type": "string", + "description": "The property describes an instance profile name for the migration project. For read" + }, + "migrationProjectArn": { + "type": "string", + "description": "The property describes an ARN of the migration project." + }, + "migrationProjectCreationTime": { + "type": "string", + "description": "The property describes a creating time of the migration project." + }, + "migrationProjectIdentifier": { + "type": "string", + "description": "The property describes an identifier for the migration project. It is used for describing/deleting/modifying can be name/arn" + }, + "migrationProjectName": { + "type": "string", + "description": "The property describes a name to identify the migration project." + }, + "schemaConversionApplicationAttributes": { + "$ref": "#/types/aws-native:dms:SchemaConversionApplicationAttributesProperties", + "description": "The property describes schema conversion application attributes for the migration project." + }, + "sourceDataProviderDescriptors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dms:MigrationProjectDataProviderDescriptor" + }, + "description": "The property describes source data provider descriptors for the migration project." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "targetDataProviderDescriptors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dms:MigrationProjectDataProviderDescriptor" + }, + "description": "The property describes target data provider descriptors for the migration project." + }, + "transformationRules": { + "type": "string", + "description": "The property describes transformation rules for the migration project." + } + }, + "autoNamingSpec": { + "sdkName": "migrationProjectName", + "minLength": 1, + "maxLength": 255 + }, + "writeOnly": [ + "instanceProfileIdentifier", + "migrationProjectIdentifier", + "sourceDataProviderDescriptors/*/DataProviderIdentifier", + "targetDataProviderDescriptors/*/DataProviderIdentifier" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:dms:ReplicationConfig": { + "cf": "AWS::DMS::ReplicationConfig", + "inputs": { + "computeConfig": { + "$ref": "#/types/aws-native:dms:ReplicationConfigComputeConfig", + "description": "Configuration parameters for provisioning an AWS DMS Serverless replication." + }, + "replicationConfigIdentifier": { + "type": "string", + "description": "A unique identifier of replication configuration" + }, + "replicationSettings": { + "$ref": "pulumi.json#/Any", + "description": "JSON settings for Servereless replications that are provisioned using this replication configuration\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::DMS::ReplicationConfig` for more information about the expected schema for this property." + }, + "replicationType": { + "$ref": "#/types/aws-native:dms:ReplicationConfigReplicationType", + "description": "The type of AWS DMS Serverless replication to provision using this replication configuration" + }, + "resourceIdentifier": { + "type": "string", + "description": "A unique value or name that you get set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource" + }, + "sourceEndpointArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration" + }, + "supplementalSettings": { + "$ref": "pulumi.json#/Any", + "description": "JSON settings for specifying supplemental data\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::DMS::ReplicationConfig` for more information about the expected schema for this property." + }, + "tableMappings": { + "$ref": "pulumi.json#/Any", + "description": "JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::DMS::ReplicationConfig` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "\u003cp\u003eContains a map of the key-value pairs for the resource tag or tags assigned to the dataset.\u003c/p\u003e" + }, + "targetEndpointArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS Serverless replication configuration" + } + }, + "outputs": { + "computeConfig": { + "$ref": "#/types/aws-native:dms:ReplicationConfigComputeConfig", + "description": "Configuration parameters for provisioning an AWS DMS Serverless replication." + }, + "replicationConfigArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Replication Config" + }, + "replicationConfigIdentifier": { + "type": "string", + "description": "A unique identifier of replication configuration" + }, + "replicationSettings": { + "$ref": "pulumi.json#/Any", + "description": "JSON settings for Servereless replications that are provisioned using this replication configuration\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::DMS::ReplicationConfig` for more information about the expected schema for this property." + }, + "replicationType": { + "$ref": "#/types/aws-native:dms:ReplicationConfigReplicationType", + "description": "The type of AWS DMS Serverless replication to provision using this replication configuration" + }, + "resourceIdentifier": { + "type": "string", + "description": "A unique value or name that you get set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource", + "replaceOnChanges": true + }, + "sourceEndpointArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration" + }, + "supplementalSettings": { + "$ref": "pulumi.json#/Any", + "description": "JSON settings for specifying supplemental data\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::DMS::ReplicationConfig` for more information about the expected schema for this property." + }, + "tableMappings": { + "$ref": "pulumi.json#/Any", + "description": "JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::DMS::ReplicationConfig` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "\u003cp\u003eContains a map of the key-value pairs for the resource tag or tags assigned to the dataset.\u003c/p\u003e" + }, + "targetEndpointArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS Serverless replication configuration" + } + }, + "required": [ + "computeConfig", + "replicationConfigIdentifier", + "replicationType", + "sourceEndpointArn", + "tableMappings", + "targetEndpointArn" + ], + "createOnly": [ + "resourceIdentifier" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:docdbelastic:Cluster": { + "cf": "AWS::DocDBElastic::Cluster", + "inputs": { + "adminUserName": { + "type": "string", + "description": "The name of the Amazon DocumentDB elastic clusters administrator.\n\n*Constraints* :\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word." + }, + "adminUserPassword": { + "type": "string", + "description": "The password for the Elastic DocumentDB cluster administrator and can contain any printable ASCII characters.\n\n*Constraints* :\n\n- Must contain from 8 to 100 characters.\n- Cannot contain a forward slash (/), double quote (\"), or the \"at\" symbol (@).\n- A valid `AdminUserName` entry is also required." + }, + "authType": { + "type": "string", + "description": "The authentication type used to determine where to fetch the password used for accessing the elastic cluster. Valid types are `PLAIN_TEXT` or `SECRET_ARN` ." + }, + "backupRetentionPeriod": { + "type": "integer", + "description": "The number of days for which automatic snapshots are retained." + }, + "clusterName": { + "type": "string", + "description": "The name of the new elastic cluster. This parameter is stored as a lowercase string.\n\n*Constraints* :\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\n*Example* : `my-cluster`" + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key identifier to use to encrypt the new elastic cluster.\n\nThe KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a cluster using the same Amazon account that owns this KMS encryption key, you can use the KMS key alias instead of the ARN as the KMS encryption key.\n\nIf an encryption key is not specified, Amazon DocumentDB uses the default encryption key that KMS creates for your account. Your account has a different default encryption key for each Amazon Region." + }, + "preferredBackupWindow": { + "type": "string", + "description": "The daily time range during which automated backups are created if automated backups are enabled, as determined by `backupRetentionPeriod` ." + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\n*Valid days* : Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\n*Constraints* : Minimum 30-minute window." + }, + "shardCapacity": { + "type": "integer", + "description": "The number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64." + }, + "shardCount": { + "type": "integer", + "description": "The number of shards assigned to the elastic cluster. Maximum is 32." + }, + "shardInstanceCount": { + "type": "integer", + "description": "The number of replica instances applying to all shards in the cluster. A `shardInstanceCount` value of 1 means there is one writer instance, and any additional instances are replicas that can be used for reads and to improve availability." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon EC2 subnet IDs for the new elastic cluster." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be assigned to the new elastic cluster." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of EC2 VPC security groups to associate with the new elastic cluster." + } + }, + "outputs": { + "adminUserName": { + "type": "string", + "description": "The name of the Amazon DocumentDB elastic clusters administrator.\n\n*Constraints* :\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word.", + "replaceOnChanges": true + }, + "adminUserPassword": { + "type": "string", + "description": "The password for the Elastic DocumentDB cluster administrator and can contain any printable ASCII characters.\n\n*Constraints* :\n\n- Must contain from 8 to 100 characters.\n- Cannot contain a forward slash (/), double quote (\"), or the \"at\" symbol (@).\n- A valid `AdminUserName` entry is also required." + }, + "authType": { + "type": "string", + "description": "The authentication type used to determine where to fetch the password used for accessing the elastic cluster. Valid types are `PLAIN_TEXT` or `SECRET_ARN` .", + "replaceOnChanges": true + }, + "backupRetentionPeriod": { + "type": "integer", + "description": "The number of days for which automatic snapshots are retained." + }, + "clusterArn": { + "type": "string" + }, + "clusterEndpoint": { + "type": "string", + "description": "The URL used to connect to the elastic cluster." + }, + "clusterName": { + "type": "string", + "description": "The name of the new elastic cluster. This parameter is stored as a lowercase string.\n\n*Constraints* :\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\n*Example* : `my-cluster`", + "replaceOnChanges": true + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key identifier to use to encrypt the new elastic cluster.\n\nThe KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a cluster using the same Amazon account that owns this KMS encryption key, you can use the KMS key alias instead of the ARN as the KMS encryption key.\n\nIf an encryption key is not specified, Amazon DocumentDB uses the default encryption key that KMS creates for your account. Your account has a different default encryption key for each Amazon Region.", + "replaceOnChanges": true + }, + "preferredBackupWindow": { + "type": "string", + "description": "The daily time range during which automated backups are created if automated backups are enabled, as determined by `backupRetentionPeriod` ." + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\n*Valid days* : Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\n*Constraints* : Minimum 30-minute window." + }, + "shardCapacity": { + "type": "integer", + "description": "The number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64." + }, + "shardCount": { + "type": "integer", + "description": "The number of shards assigned to the elastic cluster. Maximum is 32." + }, + "shardInstanceCount": { + "type": "integer", + "description": "The number of replica instances applying to all shards in the cluster. A `shardInstanceCount` value of 1 means there is one writer instance, and any additional instances are replicas that can be used for reads and to improve availability." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon EC2 subnet IDs for the new elastic cluster." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be assigned to the new elastic cluster." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of EC2 VPC security groups to associate with the new elastic cluster." + } + }, + "autoNamingSpec": { + "sdkName": "clusterName", + "minLength": 1, + "maxLength": 50 + }, + "required": [ + "adminUserName", + "authType", + "shardCapacity", + "shardCount" + ], + "createOnly": [ + "adminUserName", + "authType", + "clusterName", + "kmsKeyId" + ], + "writeOnly": [ + "adminUserPassword" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:dynamodb:GlobalTable": { + "cf": "AWS::DynamoDB::GlobalTable", + "inputs": { + "attributeDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableAttributeDefinition" + }, + "description": "A list of attributes that describe the key schema for the global table and indexes." + }, + "billingMode": { + "type": "string", + "description": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` ." + }, + "globalSecondaryIndexes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableGlobalSecondaryIndex" + }, + "description": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually." + }, + "keySchema": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableKeySchema" + }, + "description": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property." + }, + "localSecondaryIndexes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableLocalSecondaryIndex" + }, + "description": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings." + }, + "replicas": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableReplicaSpecification" + }, + "description": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n\u003e Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n\u003e \n\u003e If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update." + }, + "sseSpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableSseSpecification", + "description": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property." + }, + "streamSpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableStreamSpecification", + "description": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica." + }, + "tableName": { + "type": "string", + "description": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n\u003e If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "timeToLiveSpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableTimeToLiveSpecification", + "description": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas." + }, + "writeOnDemandThroughputSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableWriteOnDemandThroughputSettings", + "description": "Sets the write request settings for a global table or a global secondary index. You must specify this setting if you set the `BillingMode` to `PAY_PER_REQUEST` ." + }, + "writeProvisionedThroughputSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableWriteProvisionedThroughputSettings", + "description": "Specifies an auto scaling policy for write capacity. This policy will be applied to all replicas. This setting must be specified if `BillingMode` is set to `PROVISIONED` ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the DynamoDB table, such as `arn:aws:dynamodb:us-east-2:123456789012:table/myDynamoDBTable` . The ARN returned is that of the replica in the region the stack is deployed to." + }, + "attributeDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableAttributeDefinition" + }, + "description": "A list of attributes that describe the key schema for the global table and indexes." + }, + "billingMode": { + "type": "string", + "description": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` ." + }, + "globalSecondaryIndexes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableGlobalSecondaryIndex" + }, + "description": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually." + }, + "keySchema": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableKeySchema" + }, + "description": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", + "replaceOnChanges": true + }, + "localSecondaryIndexes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableLocalSecondaryIndex" + }, + "description": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings.", + "replaceOnChanges": true + }, + "replicas": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableReplicaSpecification" + }, + "description": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n\u003e Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n\u003e \n\u003e If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update." + }, + "sseSpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableSseSpecification", + "description": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property." + }, + "streamArn": { + "type": "string", + "description": "The ARN of the DynamoDB stream, such as `arn:aws:dynamodb:us-east-1:123456789012:table/testddbstack-myDynamoDBTable-012A1SL7SMP5Q/stream/2015-11-30T20:10:00.000` . The `StreamArn` returned is that of the replica in the region the stack is deployed to.\n\n\u003e You must specify the `StreamSpecification` property to use this attribute." + }, + "streamSpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableStreamSpecification", + "description": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica." + }, + "tableId": { + "type": "string", + "description": "Unique identifier for the table, such as `a123b456-01ab-23cd-123a-111222aaabbb` . The `TableId` returned is that of the replica in the region the stack is deployed to." + }, + "tableName": { + "type": "string", + "description": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n\u003e If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "timeToLiveSpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableTimeToLiveSpecification", + "description": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas." + }, + "writeOnDemandThroughputSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableWriteOnDemandThroughputSettings", + "description": "Sets the write request settings for a global table or a global secondary index. You must specify this setting if you set the `BillingMode` to `PAY_PER_REQUEST` ." + }, + "writeProvisionedThroughputSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableWriteProvisionedThroughputSettings", + "description": "Specifies an auto scaling policy for write capacity. This policy will be applied to all replicas. This setting must be specified if `BillingMode` is set to `PROVISIONED` ." + } + }, + "autoNamingSpec": { + "sdkName": "tableName" + }, + "required": [ + "attributeDefinitions", + "keySchema", + "replicas" + ], + "createOnly": [ + "keySchema", + "localSecondaryIndexes", + "tableName" + ], + "writeOnly": [ + "globalSecondaryIndexes/*/WriteProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity", + "replicas/*/GlobalSecondaryIndexes/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "replicas/*/ReadProvisionedThroughputSettings/ReadCapacityAutoScalingSettings/SeedCapacity", + "writeProvisionedThroughputSettings/WriteCapacityAutoScalingSettings/SeedCapacity" + ], + "irreversibleNames": { + "sseSpecification": "SSESpecification" + } + }, + "aws-native:dynamodb:Table": { + "cf": "AWS::DynamoDB::Table", + "inputs": { + "attributeDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:TableAttributeDefinition" + }, + "description": "A list of attributes that describe the key schema for the table and indexes.\n This property is required to create a DDB table.\n Update requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt). Replacement if you edit an existing AttributeDefinition." + }, + "billingMode": { + "type": "string", + "description": "Specify how you are charged for read and write throughput and how you manage capacity.\n Valid values include:\n + ``PROVISIONED`` - We recommend using ``PROVISIONED`` for predictable workloads. ``PROVISIONED`` sets the billing mode to [Provisioned Mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.ProvisionedThroughput.Manual).\n + ``PAY_PER_REQUEST`` - We recommend using ``PAY_PER_REQUEST`` for unpredictable workloads. ``PAY_PER_REQUEST`` sets the billing mode to [On-Demand Mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.OnDemand).\n \n If not specified, the default is ``PROVISIONED``." + }, + "contributorInsightsSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableContributorInsightsSpecification", + "description": "The settings used to enable or disable CloudWatch Contributor Insights for the specified table." + }, + "deletionProtectionEnabled": { + "type": "boolean", + "description": "Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Developer Guide*." + }, + "globalSecondaryIndexes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:TableGlobalSecondaryIndex" + }, + "description": "Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.\n If you update a table to include a new global secondary index, CFNlong initiates the index creation and then proceeds with the stack update. CFNlong doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is ``ACTIVE``. You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command.\n If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index. \n Updates are not supported. The following are exceptions:\n + If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.\n + You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails." + }, + "importSourceSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableImportSourceSpecification", + "description": "Specifies the properties of data being imported from the S3 bucket source to the table.\n If you specify the ``ImportSourceSpecification`` property, and also specify either the ``StreamSpecification``, the ``TableClass`` property, or the ``DeletionProtectionEnabled`` property, the IAM entity creating/updating stack must have ``UpdateTable`` permission." + }, + "keySchema": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:TableKeySchema" + } + }, + { + "$ref": "pulumi.json#/Any" + } + ], + "description": "Specifies the attributes that make up the primary key for the table. The attributes in the ``KeySchema`` property must also be defined in the ``AttributeDefinitions`` property." + }, + "kinesisStreamSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableKinesisStreamSpecification", + "description": "The Kinesis Data Streams configuration for the specified table." + }, + "localSecondaryIndexes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:TableLocalSecondaryIndex" + }, + "description": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes." + }, + "onDemandThroughput": { + "$ref": "#/types/aws-native:dynamodb:TableOnDemandThroughput", + "description": "Sets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify ``MaxReadRequestUnits``, ``MaxWriteRequestUnits``, or both." + }, + "pointInTimeRecoverySpecification": { + "$ref": "#/types/aws-native:dynamodb:TablePointInTimeRecoverySpecification", + "description": "The settings used to enable point in time recovery." + }, + "provisionedThroughput": { + "$ref": "#/types/aws-native:dynamodb:TableProvisionedThroughput", + "description": "Throughput for the specified table, which consists of values for ``ReadCapacityUnits`` and ``WriteCapacityUnits``. For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html). \n If you set ``BillingMode`` as ``PROVISIONED``, you must specify this property. If you set ``BillingMode`` as ``PAY_PER_REQUEST``, you cannot specify this property." + }, + "resourcePolicy": { + "$ref": "#/types/aws-native:dynamodb:TableResourcePolicy", + "description": "A resource-based policy document that contains permissions to add to the specified table. In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html).\n When you attach a resource-based policy while creating a table, the policy creation is *strongly consistent*. For information about the considerations that you should keep in mind while attaching a resource-based policy, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html)." + }, + "sseSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableSseSpecification", + "description": "Specifies the settings to enable server-side encryption." + }, + "streamSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableStreamSpecification", + "description": "The settings for the DDB table stream, which capture changes to items stored in the table." + }, + "tableClass": { + "type": "string", + "description": "The table class of the new table. Valid values are ``STANDARD`` and ``STANDARD_INFREQUENT_ACCESS``." + }, + "tableName": { + "type": "string", + "description": "A name for the table. If you don't specify a name, CFNlong generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + }, + "timeToLiveSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableTimeToLiveSpecification", + "description": "Specifies the Time to Live (TTL) settings for the table.\n For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the DynamoDB table, such as `arn:aws:dynamodb:us-east-2:123456789012:table/myDynamoDBTable` ." + }, + "attributeDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:TableAttributeDefinition" + }, + "description": "A list of attributes that describe the key schema for the table and indexes.\n This property is required to create a DDB table.\n Update requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt). Replacement if you edit an existing AttributeDefinition." + }, + "billingMode": { + "type": "string", + "description": "Specify how you are charged for read and write throughput and how you manage capacity.\n Valid values include:\n + ``PROVISIONED`` - We recommend using ``PROVISIONED`` for predictable workloads. ``PROVISIONED`` sets the billing mode to [Provisioned Mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.ProvisionedThroughput.Manual).\n + ``PAY_PER_REQUEST`` - We recommend using ``PAY_PER_REQUEST`` for unpredictable workloads. ``PAY_PER_REQUEST`` sets the billing mode to [On-Demand Mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.OnDemand).\n \n If not specified, the default is ``PROVISIONED``." + }, + "contributorInsightsSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableContributorInsightsSpecification", + "description": "The settings used to enable or disable CloudWatch Contributor Insights for the specified table." + }, + "deletionProtectionEnabled": { + "type": "boolean", + "description": "Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Developer Guide*." + }, + "globalSecondaryIndexes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:TableGlobalSecondaryIndex" + }, + "description": "Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.\n If you update a table to include a new global secondary index, CFNlong initiates the index creation and then proceeds with the stack update. CFNlong doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is ``ACTIVE``. You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command.\n If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index. \n Updates are not supported. The following are exceptions:\n + If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.\n + You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails." + }, + "importSourceSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableImportSourceSpecification", + "description": "Specifies the properties of data being imported from the S3 bucket source to the table.\n If you specify the ``ImportSourceSpecification`` property, and also specify either the ``StreamSpecification``, the ``TableClass`` property, or the ``DeletionProtectionEnabled`` property, the IAM entity creating/updating stack must have ``UpdateTable`` permission.", + "replaceOnChanges": true + }, + "keySchema": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:TableKeySchema" + } + }, + { + "$ref": "pulumi.json#/Any" + } + ], + "description": "Specifies the attributes that make up the primary key for the table. The attributes in the ``KeySchema`` property must also be defined in the ``AttributeDefinitions`` property." + }, + "kinesisStreamSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableKinesisStreamSpecification", + "description": "The Kinesis Data Streams configuration for the specified table." + }, + "localSecondaryIndexes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:TableLocalSecondaryIndex" + }, + "description": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes." + }, + "onDemandThroughput": { + "$ref": "#/types/aws-native:dynamodb:TableOnDemandThroughput", + "description": "Sets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify ``MaxReadRequestUnits``, ``MaxWriteRequestUnits``, or both." + }, + "pointInTimeRecoverySpecification": { + "$ref": "#/types/aws-native:dynamodb:TablePointInTimeRecoverySpecification", + "description": "The settings used to enable point in time recovery." + }, + "provisionedThroughput": { + "$ref": "#/types/aws-native:dynamodb:TableProvisionedThroughput", + "description": "Throughput for the specified table, which consists of values for ``ReadCapacityUnits`` and ``WriteCapacityUnits``. For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html). \n If you set ``BillingMode`` as ``PROVISIONED``, you must specify this property. If you set ``BillingMode`` as ``PAY_PER_REQUEST``, you cannot specify this property." + }, + "resourcePolicy": { + "$ref": "#/types/aws-native:dynamodb:TableResourcePolicy", + "description": "A resource-based policy document that contains permissions to add to the specified table. In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html).\n When you attach a resource-based policy while creating a table, the policy creation is *strongly consistent*. For information about the considerations that you should keep in mind while attaching a resource-based policy, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html)." + }, + "sseSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableSseSpecification", + "description": "Specifies the settings to enable server-side encryption." + }, + "streamArn": { + "type": "string", + "description": "The ARN of the DynamoDB stream, such as `arn:aws:dynamodb:us-east-1:123456789012:table/testddbstack-myDynamoDBTable-012A1SL7SMP5Q/stream/2015-11-30T20:10:00.000` .\n\n\u003e You must specify the `StreamSpecification` property to use this attribute." + }, + "streamSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableStreamSpecification", + "description": "The settings for the DDB table stream, which capture changes to items stored in the table." + }, + "tableClass": { + "type": "string", + "description": "The table class of the new table. Valid values are ``STANDARD`` and ``STANDARD_INFREQUENT_ACCESS``." + }, + "tableName": { + "type": "string", + "description": "A name for the table. If you don't specify a name, CFNlong generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + }, + "timeToLiveSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableTimeToLiveSpecification", + "description": "Specifies the Time to Live (TTL) settings for the table.\n For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide." + } + }, + "autoNamingSpec": { + "sdkName": "tableName" + }, + "required": [ + "keySchema" + ], + "createOnly": [ + "importSourceSpecification", + "tableName" + ], + "writeOnly": [ + "importSourceSpecification" + ], + "irreversibleNames": { + "sseSpecification": "SSESpecification" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:CapacityReservation": { + "cf": "AWS::EC2::CapacityReservation", + "inputs": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to create the Capacity Reservation." + }, + "ebsOptimized": { + "type": "boolean", + "description": "Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance." + }, + "endDate": { + "type": "string", + "description": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019." + }, + "endDateType": { + "type": "string", + "description": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` ." + }, + "ephemeralStorage": { + "type": "boolean", + "description": "*Deprecated.*" + }, + "instanceCount": { + "type": "integer", + "description": "The number of instances for which to reserve capacity.\n\nValid range: 1 - 1000" + }, + "instanceMatchCriteria": { + "type": "string", + "description": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\nDefault: `open`" + }, + "instancePlatform": { + "type": "string", + "description": "The type of operating system for which to reserve capacity." + }, + "instanceType": { + "type": "string", + "description": "The instance type for which to reserve capacity. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* ." + }, + "outPostArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation." + }, + "placementGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* ." + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:CapacityReservationTagSpecification" + }, + "description": "The tags to apply to the Capacity Reservation during launch." + }, + "tenancy": { + "type": "string", + "description": "Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account ." + } + }, + "outputs": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to create the Capacity Reservation.", + "replaceOnChanges": true + }, + "availableInstanceCount": { + "type": "integer", + "description": "Returns the remaining capacity, which indicates the number of instances that can be launched in the Capacity Reservation. For example: `9` ." + }, + "awsId": { + "type": "string", + "description": "The ID of the Capacity Reservation." + }, + "ebsOptimized": { + "type": "boolean", + "description": "Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.", + "replaceOnChanges": true + }, + "endDate": { + "type": "string", + "description": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019." + }, + "endDateType": { + "type": "string", + "description": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` ." + }, + "ephemeralStorage": { + "type": "boolean", + "description": "*Deprecated.*", + "replaceOnChanges": true + }, + "instanceCount": { + "type": "integer", + "description": "The number of instances for which to reserve capacity.\n\nValid range: 1 - 1000" + }, + "instanceMatchCriteria": { + "type": "string", + "description": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\nDefault: `open`" + }, + "instancePlatform": { + "type": "string", + "description": "The type of operating system for which to reserve capacity.", + "replaceOnChanges": true + }, + "instanceType": { + "type": "string", + "description": "The instance type for which to reserve capacity. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", + "replaceOnChanges": true + }, + "outPostArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", + "replaceOnChanges": true + }, + "placementGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", + "replaceOnChanges": true + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:CapacityReservationTagSpecification" + }, + "description": "The tags to apply to the Capacity Reservation during launch.", + "replaceOnChanges": true + }, + "tenancy": { + "type": "string", + "description": "Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account .", + "replaceOnChanges": true + }, + "totalInstanceCount": { + "type": "integer", + "description": "Returns the total number of instances for which the Capacity Reservation reserves capacity. For example: `15` ." + } + }, + "required": [ + "availabilityZone", + "instanceCount", + "instancePlatform", + "instanceType" + ], + "createOnly": [ + "availabilityZone", + "ebsOptimized", + "ephemeralStorage", + "instancePlatform", + "instanceType", + "outPostArn", + "placementGroupArn", + "tagSpecifications", + "tenancy" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:ec2:CapacityReservationFleet": { + "cf": "AWS::EC2::CapacityReservationFleet", + "inputs": { + "allocationStrategy": { + "type": "string", + "description": "The strategy used by the Capacity Reservation Fleet to determine which of the specified instance types to use. Currently, only the `prioritized` allocation strategy is supported. For more information, see [Allocation strategy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#allocation-strategy) in the *Amazon EC2 User Guide* .\n\nValid values: `prioritized`" + }, + "endDate": { + "type": "string", + "description": "The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation Fleet expires, its state changes to `expired` and all of the Capacity Reservations in the Fleet expire.\n\nThe Capacity Reservation Fleet expires within an hour after the specified time. For example, if you specify `5/31/2019` , `13:30:55` , the Capacity Reservation Fleet is guaranteed to expire between `13:30:55` and `14:30:55` on `5/31/2019` ." + }, + "instanceMatchCriteria": { + "$ref": "#/types/aws-native:ec2:CapacityReservationFleetInstanceMatchCriteria", + "description": "Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All Capacity Reservations in the Fleet inherit this instance matching criteria.\n\nCurrently, Capacity Reservation Fleets support `open` instance matching criteria only. This means that instances that have matching attributes (instance type, platform, and Availability Zone) run in the Capacity Reservations automatically. Instances do not need to explicitly target a Capacity Reservation Fleet to use its reserved capacity." + }, + "instanceTypeSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:CapacityReservationFleetInstanceTypeSpecification" + }, + "description": "Information about the instance types for which to reserve the capacity." + }, + "noRemoveEndDate": { + "type": "boolean", + "description": "Used to add an end date to a Capacity Reservation Fleet that has no end date and time. To add an end date to a Capacity Reservation Fleet, specify `true` for this paramater and specify the end date and time (in UTC time format) for the *EndDate* parameter." + }, + "removeEndDate": { + "type": "boolean", + "description": "Used to remove an end date from a Capacity Reservation Fleet that is configured to end automatically at a specific date and time. To remove the end date from a Capacity Reservation Fleet, specify `true` for this paramater and omit the *EndDate* parameter." + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:CapacityReservationFleetTagSpecification" + }, + "description": "The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned to the Capacity Reservations in the Fleet." + }, + "tenancy": { + "$ref": "#/types/aws-native:ec2:CapacityReservationFleetTenancy", + "description": "Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation Fleet is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservations are created on single-tenant hardware that is dedicated to a single AWS account ." + }, + "totalTargetCapacity": { + "type": "integer", + "description": "The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, together with the instance type weights that you assign to each instance type used by the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the *Amazon EC2 User Guide* ." + } + }, + "outputs": { + "allocationStrategy": { + "type": "string", + "description": "The strategy used by the Capacity Reservation Fleet to determine which of the specified instance types to use. Currently, only the `prioritized` allocation strategy is supported. For more information, see [Allocation strategy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#allocation-strategy) in the *Amazon EC2 User Guide* .\n\nValid values: `prioritized`", + "replaceOnChanges": true + }, + "capacityReservationFleetId": { + "type": "string", + "description": "The ID of the Capacity Reservation Fleet." + }, + "endDate": { + "type": "string", + "description": "The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation Fleet expires, its state changes to `expired` and all of the Capacity Reservations in the Fleet expire.\n\nThe Capacity Reservation Fleet expires within an hour after the specified time. For example, if you specify `5/31/2019` , `13:30:55` , the Capacity Reservation Fleet is guaranteed to expire between `13:30:55` and `14:30:55` on `5/31/2019` .", + "replaceOnChanges": true + }, + "instanceMatchCriteria": { + "$ref": "#/types/aws-native:ec2:CapacityReservationFleetInstanceMatchCriteria", + "description": "Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All Capacity Reservations in the Fleet inherit this instance matching criteria.\n\nCurrently, Capacity Reservation Fleets support `open` instance matching criteria only. This means that instances that have matching attributes (instance type, platform, and Availability Zone) run in the Capacity Reservations automatically. Instances do not need to explicitly target a Capacity Reservation Fleet to use its reserved capacity.", + "replaceOnChanges": true + }, + "instanceTypeSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:CapacityReservationFleetInstanceTypeSpecification" + }, + "description": "Information about the instance types for which to reserve the capacity.", + "replaceOnChanges": true + }, + "noRemoveEndDate": { + "type": "boolean", + "description": "Used to add an end date to a Capacity Reservation Fleet that has no end date and time. To add an end date to a Capacity Reservation Fleet, specify `true` for this paramater and specify the end date and time (in UTC time format) for the *EndDate* parameter." + }, + "removeEndDate": { + "type": "boolean", + "description": "Used to remove an end date from a Capacity Reservation Fleet that is configured to end automatically at a specific date and time. To remove the end date from a Capacity Reservation Fleet, specify `true` for this paramater and omit the *EndDate* parameter." + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:CapacityReservationFleetTagSpecification" + }, + "description": "The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned to the Capacity Reservations in the Fleet.", + "replaceOnChanges": true + }, + "tenancy": { + "$ref": "#/types/aws-native:ec2:CapacityReservationFleetTenancy", + "description": "Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation Fleet is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservations are created on single-tenant hardware that is dedicated to a single AWS account .", + "replaceOnChanges": true + }, + "totalTargetCapacity": { + "type": "integer", + "description": "The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, together with the instance type weights that you assign to each instance type used by the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the *Amazon EC2 User Guide* ." + } + }, + "createOnly": [ + "allocationStrategy", + "endDate", + "instanceMatchCriteria", + "instanceTypeSpecifications", + "tagSpecifications", + "tenancy" + ] + }, + "aws-native:ec2:CarrierGateway": { + "cf": "AWS::EC2::CarrierGateway", + "inputs": { + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the carrier gateway." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + } + }, + "outputs": { + "carrierGatewayId": { + "type": "string", + "description": "The ID of the carrier gateway." + }, + "ownerId": { + "type": "string", + "description": "The ID of the owner." + }, + "state": { + "type": "string", + "description": "The state of the carrier gateway." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the carrier gateway." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC.", + "replaceOnChanges": true + } + }, + "required": [ + "vpcId" + ], + "createOnly": [ + "vpcId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:CustomerGateway": { + "cf": "AWS::EC2::CustomerGateway", + "inputs": { + "bgpAsn": { + "type": "integer", + "description": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either ``BgpAsn`` or ``BgpAsnExtended`` when creating the customer gateway. If the ASN is larger than ``2,147,483,647``, you must use ``BgpAsnExtended``.\n Default: 65000\n Valid values: ``1`` to ``2,147,483,647``" + }, + "bgpAsnExtended": { + "type": "number", + "description": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either ``BgpAsn`` or ``BgpAsnExtended`` when creating the customer gateway. If the ASN is larger than ``2,147,483,647``, you must use ``BgpAsnExtended``.\n Valid values: ``2,147,483,648`` to ``4,294,967,295``" + }, + "certificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the customer gateway certificate." + }, + "deviceName": { + "type": "string", + "description": "The name of customer gateway device." + }, + "ipAddress": { + "type": "string", + "description": "IPv4 address for the customer gateway device's outside interface. The address must be static. If ``OutsideIpAddressType`` in your VPN connection options is set to ``PrivateIpv4``, you can use an RFC6598 or RFC1918 private IPv4 address. If ``OutsideIpAddressType`` is set to ``PublicIpv4``, you can use a public IPv4 address." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags for the customer gateway." + }, + "type": { + "type": "string", + "description": "The type of VPN connection that this customer gateway supports (``ipsec.1``)." + } + }, + "outputs": { + "bgpAsn": { + "type": "integer", + "description": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either ``BgpAsn`` or ``BgpAsnExtended`` when creating the customer gateway. If the ASN is larger than ``2,147,483,647``, you must use ``BgpAsnExtended``.\n Default: 65000\n Valid values: ``1`` to ``2,147,483,647``", + "replaceOnChanges": true + }, + "bgpAsnExtended": { + "type": "number", + "description": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either ``BgpAsn`` or ``BgpAsnExtended`` when creating the customer gateway. If the ASN is larger than ``2,147,483,647``, you must use ``BgpAsnExtended``.\n Valid values: ``2,147,483,648`` to ``4,294,967,295``", + "replaceOnChanges": true + }, + "certificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the customer gateway certificate.", + "replaceOnChanges": true + }, + "customerGatewayId": { + "type": "string", + "description": "The ID of the customer gateway." + }, + "deviceName": { + "type": "string", + "description": "The name of customer gateway device.", + "replaceOnChanges": true + }, + "ipAddress": { + "type": "string", + "description": "IPv4 address for the customer gateway device's outside interface. The address must be static. If ``OutsideIpAddressType`` in your VPN connection options is set to ``PrivateIpv4``, you can use an RFC6598 or RFC1918 private IPv4 address. If ``OutsideIpAddressType`` is set to ``PublicIpv4``, you can use a public IPv4 address.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags for the customer gateway." + }, + "type": { + "type": "string", + "description": "The type of VPN connection that this customer gateway supports (``ipsec.1``).", + "replaceOnChanges": true + } + }, + "required": [ + "ipAddress", + "type" + ], + "createOnly": [ + "bgpAsn", + "bgpAsnExtended", + "certificateArn", + "deviceName", + "ipAddress", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:DhcpOptions": { + "cf": "AWS::EC2::DHCPOptions", + "inputs": { + "domainName": { + "type": "string", + "description": "This value is used to complete unqualified DNS hostnames." + }, + "domainNameServers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv4 addresses of up to four domain name servers, or AmazonProvidedDNS." + }, + "ipv6AddressPreferredLeaseTime": { + "type": "integer", + "description": "The preferred Lease Time for ipV6 address in seconds." + }, + "netbiosNameServers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv4 addresses of up to four NetBIOS name servers." + }, + "netbiosNodeType": { + "type": "integer", + "description": "The NetBIOS node type (1, 2, 4, or 8)." + }, + "ntpServers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv4 addresses of up to four Network Time Protocol (NTP) servers." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the DHCP options set." + } + }, + "outputs": { + "dhcpOptionsId": { + "type": "string", + "description": "The ID of the DHCP options set." + }, + "domainName": { + "type": "string", + "description": "This value is used to complete unqualified DNS hostnames.", + "replaceOnChanges": true + }, + "domainNameServers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv4 addresses of up to four domain name servers, or AmazonProvidedDNS.", + "replaceOnChanges": true + }, + "ipv6AddressPreferredLeaseTime": { + "type": "integer", + "description": "The preferred Lease Time for ipV6 address in seconds.", + "replaceOnChanges": true + }, + "netbiosNameServers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv4 addresses of up to four NetBIOS name servers.", + "replaceOnChanges": true + }, + "netbiosNodeType": { + "type": "integer", + "description": "The NetBIOS node type (1, 2, 4, or 8).", + "replaceOnChanges": true + }, + "ntpServers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv4 addresses of up to four Network Time Protocol (NTP) servers.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the DHCP options set." + } + }, + "createOnly": [ + "domainName", + "domainNameServers", + "ipv6AddressPreferredLeaseTime", + "netbiosNameServers", + "netbiosNodeType", + "ntpServers" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:Ec2Fleet": { + "cf": "AWS::EC2::EC2Fleet", + "inputs": { + "context": { + "type": "string", + "description": "Reserved." + }, + "excessCapacityTerminationPolicy": { + "$ref": "#/types/aws-native:ec2:Ec2FleetExcessCapacityTerminationPolicy", + "description": "Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.\n\nSupported only for fleets of type `maintain` ." + }, + "launchTemplateConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetFleetLaunchTemplateConfigRequest" + }, + "description": "The configuration for the EC2 Fleet." + }, + "onDemandOptions": { + "$ref": "#/types/aws-native:ec2:Ec2FleetOnDemandOptionsRequest", + "description": "Describes the configuration of On-Demand Instances in an EC2 Fleet." + }, + "replaceUnhealthyInstances": { + "type": "boolean", + "description": "Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported only for fleets of type `maintain` . For more information, see [EC2 Fleet health checks](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) in the *Amazon EC2 User Guide* ." + }, + "spotOptions": { + "$ref": "#/types/aws-native:ec2:Ec2FleetSpotOptionsRequest", + "description": "Describes the configuration of Spot Instances in an EC2 Fleet." + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetTagSpecification" + }, + "description": "The key-value pair for tagging the EC2 Fleet request on creation. For more information, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .\n\nIf the fleet type is `instant` , specify a resource type of `fleet` to tag the fleet or `instance` to tag the instances at launch.\n\nIf the fleet type is `maintain` or `request` , specify a resource type of `fleet` to tag the fleet. You cannot specify a resource type of `instance` . To tag instances at launch, specify the tags in a [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) ." + }, + "targetCapacitySpecification": { + "$ref": "#/types/aws-native:ec2:Ec2FleetTargetCapacitySpecificationRequest", + "description": "The number of units to request." + }, + "terminateInstancesWithExpiration": { + "type": "boolean", + "description": "Indicates whether running instances should be terminated when the EC2 Fleet expires." + }, + "type": { + "$ref": "#/types/aws-native:ec2:Ec2FleetType", + "description": "The fleet type. The default value is `maintain` .\n\n- `maintain` - The EC2 Fleet places an asynchronous request for your desired capacity, and continues to maintain your desired Spot capacity by replenishing interrupted Spot Instances.\n- `request` - The EC2 Fleet places an asynchronous one-time request for your desired capacity, but does submit Spot requests in alternative capacity pools if Spot capacity is unavailable, and does not maintain Spot capacity if Spot Instances are interrupted.\n- `instant` - The EC2 Fleet places a synchronous one-time request for your desired capacity, and returns errors for any instances that could not be launched.\n\nFor more information, see [EC2 Fleet request types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-request-type.html) in the *Amazon EC2 User Guide* ." + }, + "validFrom": { + "type": "string", + "description": "The start date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). The default is to start fulfilling the request immediately." + }, + "validUntil": { + "type": "string", + "description": "The end date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it." + } + }, + "outputs": { + "context": { + "type": "string", + "description": "Reserved." + }, + "excessCapacityTerminationPolicy": { + "$ref": "#/types/aws-native:ec2:Ec2FleetExcessCapacityTerminationPolicy", + "description": "Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.\n\nSupported only for fleets of type `maintain` ." + }, + "fleetId": { + "type": "string", + "description": "The ID of the EC2 Fleet." + }, + "launchTemplateConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetFleetLaunchTemplateConfigRequest" + }, + "description": "The configuration for the EC2 Fleet.", + "replaceOnChanges": true + }, + "onDemandOptions": { + "$ref": "#/types/aws-native:ec2:Ec2FleetOnDemandOptionsRequest", + "description": "Describes the configuration of On-Demand Instances in an EC2 Fleet.", + "replaceOnChanges": true + }, + "replaceUnhealthyInstances": { + "type": "boolean", + "description": "Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported only for fleets of type `maintain` . For more information, see [EC2 Fleet health checks](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) in the *Amazon EC2 User Guide* .", + "replaceOnChanges": true + }, + "spotOptions": { + "$ref": "#/types/aws-native:ec2:Ec2FleetSpotOptionsRequest", + "description": "Describes the configuration of Spot Instances in an EC2 Fleet.", + "replaceOnChanges": true + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetTagSpecification" + }, + "description": "The key-value pair for tagging the EC2 Fleet request on creation. For more information, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .\n\nIf the fleet type is `instant` , specify a resource type of `fleet` to tag the fleet or `instance` to tag the instances at launch.\n\nIf the fleet type is `maintain` or `request` , specify a resource type of `fleet` to tag the fleet. You cannot specify a resource type of `instance` . To tag instances at launch, specify the tags in a [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) .", + "replaceOnChanges": true + }, + "targetCapacitySpecification": { + "$ref": "#/types/aws-native:ec2:Ec2FleetTargetCapacitySpecificationRequest", + "description": "The number of units to request." + }, + "terminateInstancesWithExpiration": { + "type": "boolean", + "description": "Indicates whether running instances should be terminated when the EC2 Fleet expires.", + "replaceOnChanges": true + }, + "type": { + "$ref": "#/types/aws-native:ec2:Ec2FleetType", + "description": "The fleet type. The default value is `maintain` .\n\n- `maintain` - The EC2 Fleet places an asynchronous request for your desired capacity, and continues to maintain your desired Spot capacity by replenishing interrupted Spot Instances.\n- `request` - The EC2 Fleet places an asynchronous one-time request for your desired capacity, but does submit Spot requests in alternative capacity pools if Spot capacity is unavailable, and does not maintain Spot capacity if Spot Instances are interrupted.\n- `instant` - The EC2 Fleet places a synchronous one-time request for your desired capacity, and returns errors for any instances that could not be launched.\n\nFor more information, see [EC2 Fleet request types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-request-type.html) in the *Amazon EC2 User Guide* .", + "replaceOnChanges": true + }, + "validFrom": { + "type": "string", + "description": "The start date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). The default is to start fulfilling the request immediately.", + "replaceOnChanges": true + }, + "validUntil": { + "type": "string", + "description": "The end date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.", + "replaceOnChanges": true + } + }, + "required": [ + "launchTemplateConfigs", + "targetCapacitySpecification" + ], + "createOnly": [ + "launchTemplateConfigs", + "onDemandOptions", + "replaceUnhealthyInstances", + "spotOptions", + "tagSpecifications", + "terminateInstancesWithExpiration", + "type", + "validFrom", + "validUntil" + ] + }, + "aws-native:ec2:EgressOnlyInternetGateway": { + "cf": "AWS::EC2::EgressOnlyInternetGateway", + "inputs": { + "vpcId": { + "type": "string", + "description": "The ID of the VPC for which to create the egress-only internet gateway." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "Service Generated ID of the EgressOnlyInternetGateway" + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC for which to create the egress-only internet gateway.", + "replaceOnChanges": true + } + }, + "required": [ + "vpcId" + ], + "createOnly": [ + "vpcId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:ec2:Eip": { + "cf": "AWS::EC2::EIP", + "inputs": { + "domain": { + "type": "string", + "description": "The network (``vpc``).\n If you define an Elastic IP address and associate it with a VPC that is defined in the same template, you must declare a dependency on the VPC-gateway attachment by using the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) on this resource." + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance.\n Updates to the ``InstanceId`` property may require *some interruptions*. Updates on an EIP reassociates the address on its associated resource." + }, + "networkBorderGroup": { + "type": "string", + "description": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.\n Use [DescribeAvailabilityZones](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups." + }, + "publicIpv4Pool": { + "type": "string", + "description": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool.\n Updates to the ``PublicIpv4Pool`` property may require *some interruptions*. Updates on an EIP reassociates the address on its associated resource." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the Elastic IP address.\n Updates to the ``Tags`` property may require *some interruptions*. Updates on an EIP reassociates the address on its associated resource." + }, + "transferAddress": { + "type": "string", + "description": "The Elastic IP address you are accepting for transfer. You can only accept one transferred address. For more information on Elastic IP address transfers, see [Transfer Elastic IP addresses](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) in the *Amazon Virtual Private Cloud User Guide*." + } + }, + "outputs": { + "allocationId": { + "type": "string", + "description": "The ID that AWS assigns to represent the allocation of the address for use with Amazon VPC. This is returned only for VPC elastic IP addresses. For example, `eipalloc-5723d13e` ." + }, + "domain": { + "type": "string", + "description": "The network (``vpc``).\n If you define an Elastic IP address and associate it with a VPC that is defined in the same template, you must declare a dependency on the VPC-gateway attachment by using the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) on this resource.", + "replaceOnChanges": true + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance.\n Updates to the ``InstanceId`` property may require *some interruptions*. Updates on an EIP reassociates the address on its associated resource." + }, + "networkBorderGroup": { + "type": "string", + "description": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.\n Use [DescribeAvailabilityZones](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups.", + "replaceOnChanges": true + }, + "publicIp": { + "type": "string", + "description": "The Elastic IP address." + }, + "publicIpv4Pool": { + "type": "string", + "description": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool.\n Updates to the ``PublicIpv4Pool`` property may require *some interruptions*. Updates on an EIP reassociates the address on its associated resource." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the Elastic IP address.\n Updates to the ``Tags`` property may require *some interruptions*. Updates on an EIP reassociates the address on its associated resource." + }, + "transferAddress": { + "type": "string", + "description": "The Elastic IP address you are accepting for transfer. You can only accept one transferred address. For more information on Elastic IP address transfers, see [Transfer Elastic IP addresses](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) in the *Amazon Virtual Private Cloud User Guide*.", + "replaceOnChanges": true + } + }, + "createOnly": [ + "domain", + "networkBorderGroup", + "transferAddress" + ], + "writeOnly": [ + "transferAddress" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:EipAssociation": { + "cf": "AWS::EC2::EIPAssociation", + "inputs": { + "allocationId": { + "type": "string", + "description": "The allocation ID. This is required." + }, + "eip": { + "type": "string" + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.\n You can specify either the instance ID or the network interface ID, but not both." + }, + "privateIpAddress": { + "type": "string", + "description": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address." + } + }, + "outputs": { + "allocationId": { + "type": "string", + "description": "The allocation ID. This is required.", + "replaceOnChanges": true + }, + "awsId": { + "type": "string", + "description": "The ID of the association." + }, + "eip": { + "type": "string", + "replaceOnChanges": true + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.", + "replaceOnChanges": true + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.\n You can specify either the instance ID or the network interface ID, but not both.", + "replaceOnChanges": true + }, + "privateIpAddress": { + "type": "string", + "description": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.", + "replaceOnChanges": true + } + }, + "createOnly": [ + "allocationId", + "eip", + "instanceId", + "networkInterfaceId", + "privateIpAddress" + ], + "irreversibleNames": { + "awsId": "Id", + "eip": "EIP" + } + }, + "aws-native:ec2:EnclaveCertificateIamRoleAssociation": { + "cf": "AWS::EC2::EnclaveCertificateIamRoleAssociation", + "inputs": { + "certificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the ACM certificate with which to associate the IAM role." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate." + } + }, + "outputs": { + "certificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the ACM certificate with which to associate the IAM role.", + "replaceOnChanges": true + }, + "certificateS3BucketName": { + "type": "string", + "description": "The name of the Amazon S3 bucket to which the certificate was uploaded." + }, + "certificateS3ObjectKey": { + "type": "string", + "description": "The Amazon S3 object key where the certificate, certificate chain, and encrypted private key bundle are stored." + }, + "encryptionKmsKeyId": { + "type": "string", + "description": "The ID of the AWS KMS CMK used to encrypt the private key of the certificate." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate.", + "replaceOnChanges": true + } + }, + "required": [ + "certificateArn", + "roleArn" + ], + "createOnly": [ + "certificateArn", + "roleArn" + ], + "irreversibleNames": { + "certificateS3BucketName": "CertificateS3BucketName", + "certificateS3ObjectKey": "CertificateS3ObjectKey" + } + }, + "aws-native:ec2:FlowLog": { + "cf": "AWS::EC2::FlowLog", + "inputs": { + "deliverCrossAccountRole": { + "type": "string", + "description": "The ARN of the IAM role that allows Amazon EC2 to publish flow logs across accounts." + }, + "deliverLogsPermissionArn": { + "type": "string", + "description": "The ARN for the IAM role that permits Amazon EC2 to publish flow logs to a CloudWatch Logs log group in your account. If you specify LogDestinationType as s3 or kinesis-data-firehose, do not specify DeliverLogsPermissionArn or LogGroupName." + }, + "destinationOptions": { + "$ref": "#/types/aws-native:ec2:DestinationOptionsProperties", + "description": "The destination options." + }, + "logDestination": { + "type": "string", + "description": "Specifies the destination to which the flow log data is to be published. Flow log data can be published to a CloudWatch Logs log group, an Amazon S3 bucket, or a Kinesis Firehose stream. The value specified for this parameter depends on the value specified for LogDestinationType." + }, + "logDestinationType": { + "$ref": "#/types/aws-native:ec2:FlowLogLogDestinationType", + "description": "Specifies the type of destination to which the flow log data is to be published. Flow log data can be published to CloudWatch Logs or Amazon S3." + }, + "logFormat": { + "type": "string", + "description": "The fields to include in the flow log record, in the order in which they should appear." + }, + "logGroupName": { + "type": "string", + "description": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs. If you specify LogDestinationType as s3 or kinesis-data-firehose, do not specify DeliverLogsPermissionArn or LogGroupName." + }, + "maxAggregationInterval": { + "type": "integer", + "description": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. You can specify 60 seconds (1 minute) or 600 seconds (10 minutes)." + }, + "resourceId": { + "type": "string", + "description": "The ID of the subnet, network interface, or VPC for which you want to create a flow log." + }, + "resourceType": { + "$ref": "#/types/aws-native:ec2:FlowLogResourceType", + "description": "The type of resource for which to create the flow log. For example, if you specified a VPC ID for the ResourceId property, specify VPC for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to apply to the flow logs." + }, + "trafficType": { + "$ref": "#/types/aws-native:ec2:FlowLogTrafficType", + "description": "The type of traffic to log. You can log traffic that the resource accepts or rejects, or all traffic." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The Flow Log ID" + }, + "deliverCrossAccountRole": { + "type": "string", + "description": "The ARN of the IAM role that allows Amazon EC2 to publish flow logs across accounts.", + "replaceOnChanges": true + }, + "deliverLogsPermissionArn": { + "type": "string", + "description": "The ARN for the IAM role that permits Amazon EC2 to publish flow logs to a CloudWatch Logs log group in your account. If you specify LogDestinationType as s3 or kinesis-data-firehose, do not specify DeliverLogsPermissionArn or LogGroupName.", + "replaceOnChanges": true + }, + "destinationOptions": { + "$ref": "#/types/aws-native:ec2:DestinationOptionsProperties", + "description": "The destination options.", + "replaceOnChanges": true + }, + "logDestination": { + "type": "string", + "description": "Specifies the destination to which the flow log data is to be published. Flow log data can be published to a CloudWatch Logs log group, an Amazon S3 bucket, or a Kinesis Firehose stream. The value specified for this parameter depends on the value specified for LogDestinationType.", + "replaceOnChanges": true + }, + "logDestinationType": { + "$ref": "#/types/aws-native:ec2:FlowLogLogDestinationType", + "description": "Specifies the type of destination to which the flow log data is to be published. Flow log data can be published to CloudWatch Logs or Amazon S3.", + "replaceOnChanges": true + }, + "logFormat": { + "type": "string", + "description": "The fields to include in the flow log record, in the order in which they should appear.", + "replaceOnChanges": true + }, + "logGroupName": { + "type": "string", + "description": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs. If you specify LogDestinationType as s3 or kinesis-data-firehose, do not specify DeliverLogsPermissionArn or LogGroupName.", + "replaceOnChanges": true + }, + "maxAggregationInterval": { + "type": "integer", + "description": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. You can specify 60 seconds (1 minute) or 600 seconds (10 minutes).", + "replaceOnChanges": true + }, + "resourceId": { + "type": "string", + "description": "The ID of the subnet, network interface, or VPC for which you want to create a flow log.", + "replaceOnChanges": true + }, + "resourceType": { + "$ref": "#/types/aws-native:ec2:FlowLogResourceType", + "description": "The type of resource for which to create the flow log. For example, if you specified a VPC ID for the ResourceId property, specify VPC for this property.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to apply to the flow logs." + }, + "trafficType": { + "$ref": "#/types/aws-native:ec2:FlowLogTrafficType", + "description": "The type of traffic to log. You can log traffic that the resource accepts or rejects, or all traffic.", + "replaceOnChanges": true + } + }, + "required": [ + "resourceId", + "resourceType" + ], + "createOnly": [ + "deliverCrossAccountRole", + "deliverLogsPermissionArn", + "destinationOptions", + "logDestination", + "logDestinationType", + "logFormat", + "logGroupName", + "maxAggregationInterval", + "resourceId", + "resourceType", + "trafficType" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:GatewayRouteTableAssociation": { + "cf": "AWS::EC2::GatewayRouteTableAssociation", + "inputs": { + "gatewayId": { + "type": "string", + "description": "The ID of the gateway." + }, + "routeTableId": { + "type": "string", + "description": "The ID of the route table." + } + }, + "outputs": { + "associationId": { + "type": "string", + "description": "The route table association ID." + }, + "gatewayId": { + "type": "string", + "description": "The ID of the gateway.", + "replaceOnChanges": true + }, + "routeTableId": { + "type": "string", + "description": "The ID of the route table." + } + }, + "required": [ + "gatewayId", + "routeTableId" + ], + "createOnly": [ + "gatewayId" + ] + }, + "aws-native:ec2:Host": { + "cf": "AWS::EC2::Host", + "inputs": { + "assetId": { + "type": "string", + "description": "The ID of the Outpost hardware asset." + }, + "autoPlacement": { + "type": "string", + "description": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to allocate the Dedicated Host." + }, + "hostMaintenance": { + "type": "string", + "description": "Automatically allocates a new dedicated host and moves your instances on to it if a degradation is detected on your current host." + }, + "hostRecovery": { + "type": "string", + "description": "Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default." + }, + "instanceFamily": { + "type": "string", + "description": "Specifies the instance family to be supported by the Dedicated Hosts. If you specify an instance family, the Dedicated Hosts support multiple instance types within that instance family." + }, + "instanceType": { + "type": "string", + "description": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only." + }, + "outpostArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon Web Services Outpost on which to allocate the Dedicated Host." + } + }, + "outputs": { + "assetId": { + "type": "string", + "description": "The ID of the Outpost hardware asset.", + "replaceOnChanges": true + }, + "autoPlacement": { + "type": "string", + "description": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to allocate the Dedicated Host.", + "replaceOnChanges": true + }, + "hostId": { + "type": "string", + "description": "ID of the host created." + }, + "hostMaintenance": { + "type": "string", + "description": "Automatically allocates a new dedicated host and moves your instances on to it if a degradation is detected on your current host." + }, + "hostRecovery": { + "type": "string", + "description": "Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default." + }, + "instanceFamily": { + "type": "string", + "description": "Specifies the instance family to be supported by the Dedicated Hosts. If you specify an instance family, the Dedicated Hosts support multiple instance types within that instance family.", + "replaceOnChanges": true + }, + "instanceType": { + "type": "string", + "description": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.", + "replaceOnChanges": true + }, + "outpostArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon Web Services Outpost on which to allocate the Dedicated Host.", + "replaceOnChanges": true + } + }, + "required": [ + "availabilityZone" + ], + "createOnly": [ + "assetId", + "availabilityZone", + "instanceFamily", + "instanceType", + "outpostArn" + ] + }, + "aws-native:ec2:Instance": { + "cf": "AWS::EC2::Instance", + "inputs": { + "additionalInfo": { + "type": "string", + "description": "This property is reserved for internal use. If you use it, the stack fails with this error: Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX)." + }, + "affinity": { + "$ref": "#/types/aws-native:ec2:InstanceAffinity", + "description": "Indicates whether the instance is associated with a dedicated host. If you want the instance to always restart on the same host on which it was launched, specify host. If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify default." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone of the instance." + }, + "blockDeviceMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceBlockDeviceMapping" + }, + "description": "The block device mapping entries that defines the block devices to attach to the instance at launch." + }, + "cpuOptions": { + "$ref": "#/types/aws-native:ec2:CpuOptionsProperties", + "description": "The CPU options for the instance." + }, + "creditSpecification": { + "$ref": "#/types/aws-native:ec2:CreditSpecificationProperties", + "description": "The credit option for CPU usage of the burstable performance instance. Valid values are standard and unlimited." + }, + "disableApiTermination": { + "type": "boolean", + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can." + }, + "ebsOptimized": { + "type": "boolean", + "description": "Indicates whether the instance is optimized for Amazon EBS I/O." + }, + "elasticGpuSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceElasticGpuSpecification" + }, + "description": "An elastic GPU to associate with the instance." + }, + "elasticInferenceAccelerators": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceElasticInferenceAccelerator" + }, + "description": "An elastic inference accelerator to associate with the instance." + }, + "enclaveOptions": { + "$ref": "#/types/aws-native:ec2:EnclaveOptionsProperties", + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves." + }, + "hibernationOptions": { + "$ref": "#/types/aws-native:ec2:HibernationOptionsProperties", + "description": "Indicates whether an instance is enabled for hibernation." + }, + "hostId": { + "type": "string", + "description": "If you specify host for the Affinity property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account." + }, + "hostResourceGroupArn": { + "type": "string", + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host." + }, + "iamInstanceProfile": { + "type": "string", + "description": "The IAM instance profile." + }, + "imageId": { + "type": "string", + "description": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template." + }, + "instanceInitiatedShutdownBehavior": { + "type": "string", + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown)." + }, + "instanceType": { + "type": "string", + "description": "The instance type." + }, + "ipv6AddressCount": { + "type": "integer", + "description": "[EC2-VPC] The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet." + }, + "ipv6Addresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceIpv6Address" + }, + "description": "[EC2-VPC] The IPv6 addresses from the range of the subnet to associate with the primary network interface." + }, + "kernelId": { + "type": "string", + "description": "The ID of the kernel." + }, + "keyName": { + "type": "string", + "description": "The name of the key pair." + }, + "launchTemplate": { + "$ref": "#/types/aws-native:ec2:InstanceLaunchTemplateSpecification", + "description": "The launch template to use to launch the instances." + }, + "licenseSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceLicenseSpecification" + }, + "description": "The license configurations." + }, + "monitoring": { + "type": "boolean", + "description": "Specifies whether detailed monitoring is enabled for the instance." + }, + "networkInterfaces": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceNetworkInterface" + }, + "description": "The network interfaces to associate with the instance." + }, + "placementGroupName": { + "type": "string", + "description": "The name of an existing placement group that you want to launch the instance into (cluster | partition | spread)." + }, + "privateDnsNameOptions": { + "$ref": "#/types/aws-native:ec2:InstancePrivateDnsNameOptions", + "description": "The options for the instance hostname." + }, + "privateIpAddress": { + "type": "string", + "description": "[EC2-VPC] The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet." + }, + "propagateTagsToVolumeOnCreation": { + "type": "boolean", + "description": "Indicates whether to assign the tags from the instance to all of the volumes attached to the instance at launch. If you specify true and you assign tags to the instance, those tags are automatically assigned to all of the volumes that you attach to the instance at launch. If you specify false, those tags are not assigned to the attached volumes." + }, + "ramdiskId": { + "type": "string", + "description": "The ID of the RAM disk to select." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "the names of the security groups. For a nondefault VPC, you must use security group IDs instead." + }, + "sourceDestCheck": { + "type": "boolean", + "description": "Specifies whether to enable an instance launched in a VPC to perform NAT." + }, + "ssmAssociations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceSsmAssociation" + }, + "description": "The SSM document and parameter values in AWS Systems Manager to associate with this instance." + }, + "subnetId": { + "type": "string", + "description": "[EC2-VPC] The ID of the subnet to launch the instance into.\n\n" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the instance." + }, + "tenancy": { + "type": "string", + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware." + }, + "userData": { + "type": "string", + "description": "The user data to make available to the instance." + }, + "volumes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceVolume" + }, + "description": "The volumes to attach to the instance." + } + }, + "outputs": { + "additionalInfo": { + "type": "string", + "description": "This property is reserved for internal use. If you use it, the stack fails with this error: Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX)." + }, + "affinity": { + "$ref": "#/types/aws-native:ec2:InstanceAffinity", + "description": "Indicates whether the instance is associated with a dedicated host. If you want the instance to always restart on the same host on which it was launched, specify host. If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify default." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone of the instance.", + "replaceOnChanges": true + }, + "blockDeviceMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceBlockDeviceMapping" + }, + "description": "The block device mapping entries that defines the block devices to attach to the instance at launch." + }, + "cpuOptions": { + "$ref": "#/types/aws-native:ec2:CpuOptionsProperties", + "description": "The CPU options for the instance.", + "replaceOnChanges": true + }, + "creditSpecification": { + "$ref": "#/types/aws-native:ec2:CreditSpecificationProperties", + "description": "The credit option for CPU usage of the burstable performance instance. Valid values are standard and unlimited." + }, + "disableApiTermination": { + "type": "boolean", + "description": "If you set this parameter to true, you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can." + }, + "ebsOptimized": { + "type": "boolean", + "description": "Indicates whether the instance is optimized for Amazon EBS I/O." + }, + "elasticGpuSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceElasticGpuSpecification" + }, + "description": "An elastic GPU to associate with the instance.", + "replaceOnChanges": true + }, + "elasticInferenceAccelerators": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceElasticInferenceAccelerator" + }, + "description": "An elastic inference accelerator to associate with the instance.", + "replaceOnChanges": true + }, + "enclaveOptions": { + "$ref": "#/types/aws-native:ec2:EnclaveOptionsProperties", + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", + "replaceOnChanges": true + }, + "hibernationOptions": { + "$ref": "#/types/aws-native:ec2:HibernationOptionsProperties", + "description": "Indicates whether an instance is enabled for hibernation.", + "replaceOnChanges": true + }, + "hostId": { + "type": "string", + "description": "If you specify host for the Affinity property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account." + }, + "hostResourceGroupArn": { + "type": "string", + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host.", + "replaceOnChanges": true + }, + "iamInstanceProfile": { + "type": "string", + "description": "The IAM instance profile." + }, + "imageId": { + "type": "string", + "description": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.", + "replaceOnChanges": true + }, + "instanceId": { + "type": "string", + "description": "The EC2 Instance ID." + }, + "instanceInitiatedShutdownBehavior": { + "type": "string", + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown)." + }, + "instanceType": { + "type": "string", + "description": "The instance type." + }, + "ipv6AddressCount": { + "type": "integer", + "description": "[EC2-VPC] The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.", + "replaceOnChanges": true + }, + "ipv6Addresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceIpv6Address" + }, + "description": "[EC2-VPC] The IPv6 addresses from the range of the subnet to associate with the primary network interface.", + "replaceOnChanges": true + }, + "kernelId": { + "type": "string", + "description": "The ID of the kernel." + }, + "keyName": { + "type": "string", + "description": "The name of the key pair.", + "replaceOnChanges": true + }, + "launchTemplate": { + "$ref": "#/types/aws-native:ec2:InstanceLaunchTemplateSpecification", + "description": "The launch template to use to launch the instances.", + "replaceOnChanges": true + }, + "licenseSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceLicenseSpecification" + }, + "description": "The license configurations.", + "replaceOnChanges": true + }, + "monitoring": { + "type": "boolean", + "description": "Specifies whether detailed monitoring is enabled for the instance." + }, + "networkInterfaces": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceNetworkInterface" + }, + "description": "The network interfaces to associate with the instance.", + "replaceOnChanges": true + }, + "placementGroupName": { + "type": "string", + "description": "The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).", + "replaceOnChanges": true + }, + "privateDnsName": { + "type": "string", + "description": "The private DNS name of the specified instance. For example: ip-10-24-34-0.ec2.internal." + }, + "privateDnsNameOptions": { + "$ref": "#/types/aws-native:ec2:InstancePrivateDnsNameOptions", + "description": "The options for the instance hostname." + }, + "privateIp": { + "type": "string", + "description": "The private IP address of the specified instance. For example: 10.24.34.0." + }, + "privateIpAddress": { + "type": "string", + "description": "[EC2-VPC] The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.", + "replaceOnChanges": true + }, + "propagateTagsToVolumeOnCreation": { + "type": "boolean", + "description": "Indicates whether to assign the tags from the instance to all of the volumes attached to the instance at launch. If you specify true and you assign tags to the instance, those tags are automatically assigned to all of the volumes that you attach to the instance at launch. If you specify false, those tags are not assigned to the attached volumes." + }, + "publicDnsName": { + "type": "string", + "description": "The public DNS name of the specified instance. For example: ec2-107-20-50-45.compute-1.amazonaws.com." + }, + "publicIp": { + "type": "string", + "description": "The public IP address of the specified instance. For example: 192.0.2.0." + }, + "ramdiskId": { + "type": "string", + "description": "The ID of the RAM disk to select." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "the names of the security groups. For a nondefault VPC, you must use security group IDs instead.", + "replaceOnChanges": true + }, + "sourceDestCheck": { + "type": "boolean", + "description": "Specifies whether to enable an instance launched in a VPC to perform NAT." + }, + "ssmAssociations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceSsmAssociation" + }, + "description": "The SSM document and parameter values in AWS Systems Manager to associate with this instance." + }, + "state": { + "$ref": "#/types/aws-native:ec2:InstanceState", + "description": "The current state of the instance." + }, + "subnetId": { + "type": "string", + "description": "[EC2-VPC] The ID of the subnet to launch the instance into.\n\n", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the instance." + }, + "tenancy": { + "type": "string", + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware." + }, + "userData": { + "type": "string", + "description": "The user data to make available to the instance." + }, + "volumes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceVolume" + }, + "description": "The volumes to attach to the instance." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC that the instance is running in." + } + }, + "createOnly": [ + "availabilityZone", + "cpuOptions", + "elasticGpuSpecifications", + "elasticInferenceAccelerators", + "enclaveOptions", + "hibernationOptions", + "hostResourceGroupArn", + "imageId", + "ipv6AddressCount", + "ipv6Addresses", + "keyName", + "launchTemplate", + "licenseSpecifications", + "networkInterfaces", + "placementGroupName", + "privateIpAddress", + "securityGroups", + "subnetId" + ], + "writeOnly": [ + "additionalInfo", + "blockDeviceMappings/*/NoDevice", + "blockDeviceMappings/*/VirtualName", + "ipv6AddressCount", + "ipv6Addresses", + "launchTemplate", + "licenseSpecification", + "propagateTagsToVolumeOnCreation" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:InstanceConnectEndpoint": { + "cf": "AWS::EC2::InstanceConnectEndpoint", + "inputs": { + "clientToken": { + "type": "string", + "description": "The client token of the instance connect endpoint." + }, + "preserveClientIp": { + "type": "boolean", + "description": "If true, the address of the instance connect endpoint client is preserved when connecting to the end resource" + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security group IDs of the instance connect endpoint." + }, + "subnetId": { + "type": "string", + "description": "The subnet id of the instance connect endpoint" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of the instance connect endpoint." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The id of the instance connect endpoint" + }, + "clientToken": { + "type": "string", + "description": "The client token of the instance connect endpoint.", + "replaceOnChanges": true + }, + "preserveClientIp": { + "type": "boolean", + "description": "If true, the address of the instance connect endpoint client is preserved when connecting to the end resource", + "replaceOnChanges": true + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security group IDs of the instance connect endpoint.", + "replaceOnChanges": true + }, + "subnetId": { + "type": "string", + "description": "The subnet id of the instance connect endpoint", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of the instance connect endpoint." + } + }, + "required": [ + "subnetId" + ], + "createOnly": [ + "clientToken", + "preserveClientIp", + "securityGroupIds", + "subnetId" + ], + "writeOnly": [ + "clientToken" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:InternetGateway": { + "cf": "AWS::EC2::InternetGateway", + "inputs": { + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags to assign to the internet gateway." + } + }, + "outputs": { + "internetGatewayId": { + "type": "string", + "description": "The ID of the internet gateway." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags to assign to the internet gateway." + } + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:Ipam": { + "cf": "AWS::EC2::IPAM", + "inputs": { + "description": { + "type": "string", + "description": "The description for the IPAM." + }, + "operatingRegions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:IpamOperatingRegion" + }, + "description": "The regions IPAM is enabled for. Allows pools to be created in these regions, as well as enabling monitoring" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "tier": { + "$ref": "#/types/aws-native:ec2:IpamTier", + "description": "The tier of the IPAM." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IPAM." + }, + "defaultResourceDiscoveryAssociationId": { + "type": "string", + "description": "The Id of the default association to the default resource discovery, created with this IPAM." + }, + "defaultResourceDiscoveryId": { + "type": "string", + "description": "The Id of the default resource discovery, created with this IPAM." + }, + "description": { + "type": "string", + "description": "The description for the IPAM." + }, + "ipamId": { + "type": "string", + "description": "Id of the IPAM." + }, + "operatingRegions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:IpamOperatingRegion" + }, + "description": "The regions IPAM is enabled for. Allows pools to be created in these regions, as well as enabling monitoring" + }, + "privateDefaultScopeId": { + "type": "string", + "description": "The Id of the default scope for publicly routable IP space, created with this IPAM." + }, + "publicDefaultScopeId": { + "type": "string", + "description": "The Id of the default scope for publicly routable IP space, created with this IPAM." + }, + "resourceDiscoveryAssociationCount": { + "type": "integer", + "description": "The count of resource discoveries associated with this IPAM." + }, + "scopeCount": { + "type": "integer", + "description": "The number of scopes that currently exist in this IPAM." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "tier": { + "$ref": "#/types/aws-native:ec2:IpamTier", + "description": "The tier of the IPAM." + } + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:IpamAllocation": { + "cf": "AWS::EC2::IPAMAllocation", + "inputs": { + "cidr": { + "type": "string", + "description": "The CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible values: Any available IPv4 or IPv6 CIDR." + }, + "description": { + "type": "string", + "description": "A description for the allocation." + }, + "ipamPoolId": { + "type": "string", + "description": "Id of the IPAM Pool." + }, + "netmaskLength": { + "type": "integer", + "description": "The desired netmask length of the allocation. If set, IPAM will choose a block of free space with this size and return the CIDR representing it." + } + }, + "outputs": { + "cidr": { + "type": "string", + "description": "The CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible values: Any available IPv4 or IPv6 CIDR.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "A description for the allocation.", + "replaceOnChanges": true + }, + "ipamPoolAllocationId": { + "type": "string", + "description": "Id of the allocation." + }, + "ipamPoolId": { + "type": "string", + "description": "Id of the IPAM Pool.", + "replaceOnChanges": true + }, + "netmaskLength": { + "type": "integer", + "description": "The desired netmask length of the allocation. If set, IPAM will choose a block of free space with this size and return the CIDR representing it.", + "replaceOnChanges": true + } + }, + "required": [ + "ipamPoolId" + ], + "createOnly": [ + "cidr", + "description", + "ipamPoolId", + "netmaskLength" + ], + "writeOnly": [ + "netmaskLength" + ] + }, + "aws-native:ec2:IpamPool": { + "cf": "AWS::EC2::IPAMPool", + "inputs": { + "addressFamily": { + "type": "string", + "description": "The address family of the address space in this pool. Either IPv4 or IPv6." + }, + "allocationDefaultNetmaskLength": { + "type": "integer", + "description": "The default netmask length for allocations made from this pool. This value is used when the netmask length of an allocation isn't specified." + }, + "allocationMaxNetmaskLength": { + "type": "integer", + "description": "The maximum allowed netmask length for allocations made from this pool." + }, + "allocationMinNetmaskLength": { + "type": "integer", + "description": "The minimum allowed netmask length for allocations made from this pool." + }, + "allocationResourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:IpamPoolTag" + }, + "description": "When specified, an allocation will not be allowed unless a resource has a matching set of tags." + }, + "autoImport": { + "type": "boolean", + "description": "Determines what to do if IPAM discovers resources that haven't been assigned an allocation. If set to true, an allocation will be made automatically." + }, + "awsService": { + "$ref": "#/types/aws-native:ec2:IpamPoolAwsService", + "description": "Limits which service in Amazon Web Services that the pool can be used in." + }, + "description": { + "type": "string", + "description": "The description of the IPAM pool." + }, + "ipamScopeId": { + "type": "string", + "description": "The Id of the scope this pool is a part of." + }, + "locale": { + "type": "string", + "description": "The region of this pool. If not set, this will default to \"None\" which will disable non-custom allocations. If the locale has been specified for the source pool, this value must match." + }, + "provisionedCidrs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:IpamPoolProvisionedCidr" + }, + "description": "A list of cidrs representing the address space available for allocation in this pool." + }, + "publicIpSource": { + "$ref": "#/types/aws-native:ec2:IpamPoolPublicIpSource", + "description": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Default is `byoip`." + }, + "publiclyAdvertisable": { + "type": "boolean", + "description": "Determines whether or not address space from this pool is publicly advertised. Must be set if and only if the pool is IPv6." + }, + "sourceIpamPoolId": { + "type": "string", + "description": "The Id of this pool's source. If set, all space provisioned in this pool must be free space provisioned in the parent pool." + }, + "sourceResource": { + "$ref": "#/types/aws-native:ec2:IpamPoolSourceResource", + "description": "The resource used to provision CIDRs to a resource planning pool." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "addressFamily": { + "type": "string", + "description": "The address family of the address space in this pool. Either IPv4 or IPv6.", + "replaceOnChanges": true + }, + "allocationDefaultNetmaskLength": { + "type": "integer", + "description": "The default netmask length for allocations made from this pool. This value is used when the netmask length of an allocation isn't specified." + }, + "allocationMaxNetmaskLength": { + "type": "integer", + "description": "The maximum allowed netmask length for allocations made from this pool." + }, + "allocationMinNetmaskLength": { + "type": "integer", + "description": "The minimum allowed netmask length for allocations made from this pool." + }, + "allocationResourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:IpamPoolTag" + }, + "description": "When specified, an allocation will not be allowed unless a resource has a matching set of tags." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IPAM Pool." + }, + "autoImport": { + "type": "boolean", + "description": "Determines what to do if IPAM discovers resources that haven't been assigned an allocation. If set to true, an allocation will be made automatically." + }, + "awsService": { + "$ref": "#/types/aws-native:ec2:IpamPoolAwsService", + "description": "Limits which service in Amazon Web Services that the pool can be used in.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the IPAM pool." + }, + "ipamArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IPAM this pool is a part of." + }, + "ipamPoolId": { + "type": "string", + "description": "Id of the IPAM Pool." + }, + "ipamScopeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the scope this pool is a part of." + }, + "ipamScopeId": { + "type": "string", + "description": "The Id of the scope this pool is a part of.", + "replaceOnChanges": true + }, + "ipamScopeType": { + "$ref": "#/types/aws-native:ec2:IpamPoolIpamScopeType", + "description": "Determines whether this scope contains publicly routable space or space for a private network" + }, + "locale": { + "type": "string", + "description": "The region of this pool. If not set, this will default to \"None\" which will disable non-custom allocations. If the locale has been specified for the source pool, this value must match.", + "replaceOnChanges": true + }, + "poolDepth": { + "type": "integer", + "description": "The depth of this pool in the source pool hierarchy." + }, + "provisionedCidrs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:IpamPoolProvisionedCidr" + }, + "description": "A list of cidrs representing the address space available for allocation in this pool." + }, + "publicIpSource": { + "$ref": "#/types/aws-native:ec2:IpamPoolPublicIpSource", + "description": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Default is `byoip`.", + "replaceOnChanges": true + }, + "publiclyAdvertisable": { + "type": "boolean", + "description": "Determines whether or not address space from this pool is publicly advertised. Must be set if and only if the pool is IPv6.", + "replaceOnChanges": true + }, + "sourceIpamPoolId": { + "type": "string", + "description": "The Id of this pool's source. If set, all space provisioned in this pool must be free space provisioned in the parent pool.", + "replaceOnChanges": true + }, + "sourceResource": { + "$ref": "#/types/aws-native:ec2:IpamPoolSourceResource", + "description": "The resource used to provision CIDRs to a resource planning pool.", + "replaceOnChanges": true + }, + "state": { + "$ref": "#/types/aws-native:ec2:IpamPoolState", + "description": "The state of this pool. This can be one of the following values: \"create-in-progress\", \"create-complete\", \"modify-in-progress\", \"modify-complete\", \"delete-in-progress\", or \"delete-complete\"" + }, + "stateMessage": { + "type": "string", + "description": "An explanation of how the pool arrived at it current state." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "addressFamily", + "ipamScopeId" + ], + "createOnly": [ + "addressFamily", + "awsService", + "ipamScopeId", + "locale", + "publicIpSource", + "publiclyAdvertisable", + "sourceIpamPoolId", + "sourceResource" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:IpamPoolCidr": { + "cf": "AWS::EC2::IPAMPoolCidr", + "inputs": { + "cidr": { + "type": "string", + "description": "Represents a single IPv4 or IPv6 CIDR" + }, + "ipamPoolId": { + "type": "string", + "description": "Id of the IPAM Pool." + }, + "netmaskLength": { + "type": "integer", + "description": "The desired netmask length of the provision. If set, IPAM will choose a block of free space with this size and return the CIDR representing it." + } + }, + "outputs": { + "cidr": { + "type": "string", + "description": "Represents a single IPv4 or IPv6 CIDR", + "replaceOnChanges": true + }, + "ipamPoolCidrId": { + "type": "string", + "description": "Id of the IPAM Pool Cidr." + }, + "ipamPoolId": { + "type": "string", + "description": "Id of the IPAM Pool.", + "replaceOnChanges": true + }, + "netmaskLength": { + "type": "integer", + "description": "The desired netmask length of the provision. If set, IPAM will choose a block of free space with this size and return the CIDR representing it.", + "replaceOnChanges": true + }, + "state": { + "type": "string", + "description": "Provisioned state of the cidr." + } + }, + "required": [ + "ipamPoolId" + ], + "createOnly": [ + "cidr", + "ipamPoolId", + "netmaskLength" + ] + }, + "aws-native:ec2:IpamResourceDiscovery": { + "cf": "AWS::EC2::IPAMResourceDiscovery", + "inputs": { + "description": { + "type": "string", + "description": "The resource discovery description." + }, + "operatingRegions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:IpamResourceDiscoveryIpamOperatingRegion" + }, + "description": "The regions Resource Discovery is enabled for. Allows resource discoveries to be created in these regions, as well as enabling monitoring" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The resource discovery description." + }, + "ipamResourceDiscoveryArn": { + "type": "string", + "description": "Amazon Resource Name (Arn) for the Resource Discovery." + }, + "ipamResourceDiscoveryId": { + "type": "string", + "description": "Id of the IPAM Pool." + }, + "ipamResourceDiscoveryRegion": { + "type": "string", + "description": "The region the resource discovery is setup in. " + }, + "isDefault": { + "type": "boolean", + "description": "Determines whether or not address space from this pool is publicly advertised. Must be set if and only if the pool is IPv6." + }, + "operatingRegions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:IpamResourceDiscoveryIpamOperatingRegion" + }, + "description": "The regions Resource Discovery is enabled for. Allows resource discoveries to be created in these regions, as well as enabling monitoring" + }, + "ownerId": { + "type": "string", + "description": "Owner Account ID of the Resource Discovery" + }, + "state": { + "type": "string", + "description": "The state of this Resource Discovery." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:IpamResourceDiscoveryAssociation": { + "cf": "AWS::EC2::IPAMResourceDiscoveryAssociation", + "inputs": { + "ipamId": { + "type": "string", + "description": "The Id of the IPAM this Resource Discovery is associated to." + }, + "ipamResourceDiscoveryId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IPAM Resource Discovery Association." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "ipamArn": { + "type": "string", + "description": "Arn of the IPAM." + }, + "ipamId": { + "type": "string", + "description": "The Id of the IPAM this Resource Discovery is associated to.", + "replaceOnChanges": true + }, + "ipamRegion": { + "type": "string", + "description": "The home region of the IPAM." + }, + "ipamResourceDiscoveryAssociationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the resource discovery association is a part of." + }, + "ipamResourceDiscoveryAssociationId": { + "type": "string", + "description": "Id of the IPAM Resource Discovery Association." + }, + "ipamResourceDiscoveryId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IPAM Resource Discovery Association.", + "replaceOnChanges": true + }, + "isDefault": { + "type": "boolean", + "description": "If the Resource Discovery Association exists due as part of CreateIpam." + }, + "ownerId": { + "type": "string", + "description": "The AWS Account ID for the account where the shared IPAM exists." + }, + "resourceDiscoveryStatus": { + "type": "string", + "description": "The status of the resource discovery." + }, + "state": { + "type": "string", + "description": "The operational state of the Resource Discovery Association. Related to Create/Delete activities." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "ipamId", + "ipamResourceDiscoveryId" + ], + "createOnly": [ + "ipamId", + "ipamResourceDiscoveryId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:IpamScope": { + "cf": "AWS::EC2::IPAMScope", + "inputs": { + "description": { + "type": "string", + "description": "The description of the scope." + }, + "ipamId": { + "type": "string", + "description": "The Id of the IPAM this scope is a part of." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IPAM scope." + }, + "description": { + "type": "string", + "description": "The description of the scope." + }, + "ipamArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IPAM this scope is a part of." + }, + "ipamId": { + "type": "string", + "description": "The Id of the IPAM this scope is a part of.", + "replaceOnChanges": true + }, + "ipamScopeId": { + "type": "string", + "description": "Id of the IPAM scope." + }, + "ipamScopeType": { + "$ref": "#/types/aws-native:ec2:IpamScopeType", + "description": "Determines whether this scope contains publicly routable space or space for a private network" + }, + "isDefault": { + "type": "boolean", + "description": "Is this one of the default scopes created with the IPAM." + }, + "poolCount": { + "type": "integer", + "description": "The number of pools that currently exist in this scope." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "ipamId" + ], + "createOnly": [ + "ipamId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:KeyPair": { + "cf": "AWS::EC2::KeyPair", + "inputs": { + "keyFormat": { + "$ref": "#/types/aws-native:ec2:KeyPairKeyFormat", + "description": "The format of the key pair.\n Default: ``pem``" + }, + "keyName": { + "type": "string", + "description": "A unique name for the key pair.\n Constraints: Up to 255 ASCII characters" + }, + "keyType": { + "$ref": "#/types/aws-native:ec2:KeyPairKeyType", + "description": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n If the ``PublicKeyMaterial`` property is specified, the ``KeyType`` property is ignored, and the key type is inferred from the ``PublicKeyMaterial`` value.\n Default: ``rsa``" + }, + "publicKeyMaterial": { + "type": "string", + "description": "The public key material. The ``PublicKeyMaterial`` property is used to import a key pair. If this property is not specified, then a new key pair will be created." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags to apply to the key pair." + } + }, + "outputs": { + "keyFingerprint": { + "type": "string", + "description": "If you created the key pair using Amazon EC2:\n\n- For RSA key pairs, the key fingerprint is the SHA-1 digest of the DER encoded private key.\n- For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with [OpenSSH 6.8](https://docs.aws.amazon.com/http://www.openssh.com/txt/release-6.8) .\n\nIf you imported the key pair to Amazon EC2:\n\n- For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC 4716.\n- For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with [OpenSSH 6.8](https://docs.aws.amazon.com/http://www.openssh.com/txt/release-6.8) ." + }, + "keyFormat": { + "$ref": "#/types/aws-native:ec2:KeyPairKeyFormat", + "description": "The format of the key pair.\n Default: ``pem``", + "replaceOnChanges": true + }, + "keyName": { + "type": "string", + "description": "A unique name for the key pair.\n Constraints: Up to 255 ASCII characters", + "replaceOnChanges": true + }, + "keyPairId": { + "type": "string", + "description": "The ID of the key pair." + }, + "keyType": { + "$ref": "#/types/aws-native:ec2:KeyPairKeyType", + "description": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n If the ``PublicKeyMaterial`` property is specified, the ``KeyType`` property is ignored, and the key type is inferred from the ``PublicKeyMaterial`` value.\n Default: ``rsa``", + "replaceOnChanges": true + }, + "publicKeyMaterial": { + "type": "string", + "description": "The public key material. The ``PublicKeyMaterial`` property is used to import a key pair. If this property is not specified, then a new key pair will be created.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags to apply to the key pair.", + "replaceOnChanges": true + } + }, + "required": [ + "keyName" + ], + "createOnly": [ + "keyFormat", + "keyName", + "keyType", + "publicKeyMaterial", + "tags" + ], + "writeOnly": [ + "keyFormat" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:ec2:LaunchTemplate": { + "cf": "AWS::EC2::LaunchTemplate", + "inputs": { + "launchTemplateData": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateData", + "description": "The information for the launch template." + }, + "launchTemplateName": { + "type": "string", + "description": "A name for the launch template." + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateTagSpecification" + }, + "description": "The tags to apply to the launch template on creation. To tag the launch template, the resource type must be ``launch-template``.\n To specify the tags for the resources that are created when an instance is launched, you must use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications)." + }, + "versionDescription": { + "type": "string", + "description": "A description for the first version of the launch template." + } + }, + "outputs": { + "defaultVersionNumber": { + "type": "string", + "description": "The default version of the launch template, such as 2.\n\nThe default version of a launch template cannot be specified in AWS CloudFormation . The default version can be set in the Amazon EC2 console or by using the `modify-launch-template` AWS CLI command." + }, + "latestVersionNumber": { + "type": "string", + "description": "The latest version of the launch template, such as `5` ." + }, + "launchTemplateData": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateData", + "description": "The information for the launch template." + }, + "launchTemplateId": { + "type": "string", + "description": "The ID of the launch template." + }, + "launchTemplateName": { + "type": "string", + "description": "A name for the launch template.", + "replaceOnChanges": true + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateTagSpecification" + }, + "description": "The tags to apply to the launch template on creation. To tag the launch template, the resource type must be ``launch-template``.\n To specify the tags for the resources that are created when an instance is launched, you must use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications)." + }, + "versionDescription": { + "type": "string", + "description": "A description for the first version of the launch template." + } + }, + "autoNamingSpec": { + "sdkName": "launchTemplateName" + }, + "required": [ + "launchTemplateData" + ], + "createOnly": [ + "launchTemplateName" + ], + "writeOnly": [ + "launchTemplateData", + "tagSpecifications", + "versionDescription" + ] + }, + "aws-native:ec2:LocalGatewayRoute": { + "cf": "AWS::EC2::LocalGatewayRoute", + "inputs": { + "destinationCidrBlock": { + "type": "string", + "description": "The CIDR block used for destination matches." + }, + "localGatewayRouteTableId": { + "type": "string", + "description": "The ID of the local gateway route table." + }, + "localGatewayVirtualInterfaceGroupId": { + "type": "string", + "description": "The ID of the virtual interface group." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the network interface." + } + }, + "outputs": { + "destinationCidrBlock": { + "type": "string", + "description": "The CIDR block used for destination matches.", + "replaceOnChanges": true + }, + "localGatewayRouteTableId": { + "type": "string", + "description": "The ID of the local gateway route table.", + "replaceOnChanges": true + }, + "localGatewayVirtualInterfaceGroupId": { + "type": "string", + "description": "The ID of the virtual interface group." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the network interface." + }, + "state": { + "type": "string", + "description": "The state of the route." + }, + "type": { + "type": "string", + "description": "The route type." + } + }, + "createOnly": [ + "destinationCidrBlock", + "localGatewayRouteTableId" + ] + }, + "aws-native:ec2:LocalGatewayRouteTable": { + "cf": "AWS::EC2::LocalGatewayRouteTable", + "inputs": { + "localGatewayId": { + "type": "string", + "description": "The ID of the local gateway." + }, + "mode": { + "type": "string", + "description": "The mode of the local gateway route table." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the local gateway route table." + } + }, + "outputs": { + "localGatewayId": { + "type": "string", + "description": "The ID of the local gateway.", + "replaceOnChanges": true + }, + "localGatewayRouteTableArn": { + "type": "string", + "description": "The ARN of the local gateway route table." + }, + "localGatewayRouteTableId": { + "type": "string", + "description": "The ID of the local gateway route table." + }, + "mode": { + "type": "string", + "description": "The mode of the local gateway route table.", + "replaceOnChanges": true + }, + "outpostArn": { + "type": "string", + "description": "The ARN of the outpost." + }, + "ownerId": { + "type": "string", + "description": "The owner of the local gateway route table." + }, + "state": { + "type": "string", + "description": "The state of the local gateway route table." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the local gateway route table." + } + }, + "required": [ + "localGatewayId" + ], + "createOnly": [ + "localGatewayId", + "mode" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { + "cf": "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation", + "inputs": { + "localGatewayRouteTableId": { + "type": "string", + "description": "The ID of the local gateway route table." + }, + "localGatewayVirtualInterfaceGroupId": { + "type": "string", + "description": "The ID of the local gateway route table virtual interface group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the local gateway route table virtual interface group association." + } + }, + "outputs": { + "localGatewayId": { + "type": "string", + "description": "The ID of the local gateway." + }, + "localGatewayRouteTableArn": { + "type": "string", + "description": "The ARN of the local gateway route table." + }, + "localGatewayRouteTableId": { + "type": "string", + "description": "The ID of the local gateway route table.", + "replaceOnChanges": true + }, + "localGatewayRouteTableVirtualInterfaceGroupAssociationId": { + "type": "string", + "description": "The ID of the local gateway route table virtual interface group association." + }, + "localGatewayVirtualInterfaceGroupId": { + "type": "string", + "description": "The ID of the local gateway route table virtual interface group.", + "replaceOnChanges": true + }, + "ownerId": { + "type": "string", + "description": "The owner of the local gateway route table virtual interface group association." + }, + "state": { + "type": "string", + "description": "The state of the local gateway route table virtual interface group association." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the local gateway route table virtual interface group association." + } + }, + "required": [ + "localGatewayRouteTableId", + "localGatewayVirtualInterfaceGroupId" + ], + "createOnly": [ + "localGatewayRouteTableId", + "localGatewayVirtualInterfaceGroupId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:LocalGatewayRouteTableVpcAssociation": { + "cf": "AWS::EC2::LocalGatewayRouteTableVPCAssociation", + "inputs": { + "localGatewayRouteTableId": { + "type": "string", + "description": "The ID of the local gateway route table." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the association." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + } + }, + "outputs": { + "localGatewayId": { + "type": "string", + "description": "The ID of the local gateway." + }, + "localGatewayRouteTableId": { + "type": "string", + "description": "The ID of the local gateway route table.", + "replaceOnChanges": true + }, + "localGatewayRouteTableVpcAssociationId": { + "type": "string", + "description": "The ID of the association." + }, + "state": { + "type": "string", + "description": "The state of the association." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the association." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC.", + "replaceOnChanges": true + } + }, + "required": [ + "localGatewayRouteTableId", + "vpcId" + ], + "createOnly": [ + "localGatewayRouteTableId", + "vpcId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:NatGateway": { + "cf": "AWS::EC2::NatGateway", + "inputs": { + "allocationId": { + "type": "string", + "description": "[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway." + }, + "connectivityType": { + "type": "string", + "description": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity." + }, + "maxDrainDurationSeconds": { + "type": "integer", + "description": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds." + }, + "privateIpAddress": { + "type": "string", + "description": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned." + }, + "secondaryAllocationIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Secondary EIP allocation IDs. For more information, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon VPC User Guide*." + }, + "secondaryPrivateIpAddressCount": { + "type": "integer", + "description": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide*.\n ``SecondaryPrivateIpAddressCount`` and ``SecondaryPrivateIpAddresses`` cannot be set at the same time." + }, + "secondaryPrivateIpAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide*.\n ``SecondaryPrivateIpAddressCount`` and ``SecondaryPrivateIpAddresses`` cannot be set at the same time." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet in which the NAT gateway is located." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the NAT gateway." + } + }, + "outputs": { + "allocationId": { + "type": "string", + "description": "[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway.", + "replaceOnChanges": true + }, + "connectivityType": { + "type": "string", + "description": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.", + "replaceOnChanges": true + }, + "maxDrainDurationSeconds": { + "type": "integer", + "description": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds." + }, + "natGatewayId": { + "type": "string", + "description": "The ID of the NAT gateway." + }, + "privateIpAddress": { + "type": "string", + "description": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.", + "replaceOnChanges": true + }, + "secondaryAllocationIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Secondary EIP allocation IDs. For more information, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon VPC User Guide*." + }, + "secondaryPrivateIpAddressCount": { + "type": "integer", + "description": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide*.\n ``SecondaryPrivateIpAddressCount`` and ``SecondaryPrivateIpAddresses`` cannot be set at the same time." + }, + "secondaryPrivateIpAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide*.\n ``SecondaryPrivateIpAddressCount`` and ``SecondaryPrivateIpAddresses`` cannot be set at the same time." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet in which the NAT gateway is located.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the NAT gateway." + } + }, + "required": [ + "subnetId" + ], + "createOnly": [ + "allocationId", + "connectivityType", + "privateIpAddress", + "subnetId" + ], + "writeOnly": [ + "maxDrainDurationSeconds" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:NetworkAcl": { + "cf": "AWS::EC2::NetworkAcl", + "inputs": { + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the network ACL." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC for the network ACL." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the network ACL." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the network ACL." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC for the network ACL.", + "replaceOnChanges": true + } + }, + "required": [ + "vpcId" + ], + "createOnly": [ + "vpcId" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:NetworkInsightsAccessScope": { + "cf": "AWS::EC2::NetworkInsightsAccessScope", + "inputs": { + "excludePaths": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopeAccessScopePathRequest" + }, + "description": "The paths to exclude." + }, + "matchPaths": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopeAccessScopePathRequest" + }, + "description": "The paths to match." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags." + } + }, + "outputs": { + "createdDate": { + "type": "string", + "description": "The creation date." + }, + "excludePaths": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopeAccessScopePathRequest" + }, + "description": "The paths to exclude.", + "replaceOnChanges": true + }, + "matchPaths": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopeAccessScopePathRequest" + }, + "description": "The paths to match.", + "replaceOnChanges": true + }, + "networkInsightsAccessScopeArn": { + "type": "string", + "description": "The ARN of the Network Access Scope." + }, + "networkInsightsAccessScopeId": { + "type": "string", + "description": "The ID of the Network Access Scope." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags." + }, + "updatedDate": { + "type": "string", + "description": "The last updated date." + } + }, + "createOnly": [ + "excludePaths", + "matchPaths" + ], + "writeOnly": [ + "excludePaths", + "matchPaths" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:NetworkInsightsAccessScopeAnalysis": { + "cf": "AWS::EC2::NetworkInsightsAccessScopeAnalysis", + "inputs": { + "networkInsightsAccessScopeId": { + "type": "string", + "description": "The ID of the Network Access Scope." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags." + } + }, + "outputs": { + "analyzedEniCount": { + "type": "integer", + "description": "The number of network interfaces analyzed." + }, + "endDate": { + "type": "string", + "description": "The end date of the analysis." + }, + "findingsFound": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopeAnalysisFindingsFound", + "description": "Indicates whether there are findings (true | false | unknown)." + }, + "networkInsightsAccessScopeAnalysisArn": { + "type": "string", + "description": "The ARN of the Network Access Scope analysis." + }, + "networkInsightsAccessScopeAnalysisId": { + "type": "string", + "description": "The ID of the Network Access Scope analysis." + }, + "networkInsightsAccessScopeId": { + "type": "string", + "description": "The ID of the Network Access Scope.", + "replaceOnChanges": true + }, + "startDate": { + "type": "string", + "description": "The start date of the analysis." + }, + "status": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopeAnalysisStatus", + "description": "The status of the analysis (running | succeeded | failed)." + }, + "statusMessage": { + "type": "string", + "description": "The status message." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags." + } + }, + "required": [ + "networkInsightsAccessScopeId" + ], + "createOnly": [ + "networkInsightsAccessScopeId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:NetworkInsightsAnalysis": { + "cf": "AWS::EC2::NetworkInsightsAnalysis", + "inputs": { + "additionalAccounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The member accounts that contain resources that the path can traverse." + }, + "filterInArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARN) of the resources that the path must traverse." + }, + "networkInsightsPathId": { + "type": "string", + "description": "The ID of the path." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to apply." + } + }, + "outputs": { + "additionalAccounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The member accounts that contain resources that the path can traverse." + }, + "alternatePathHints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAlternatePathHint" + }, + "description": "Potential intermediate components." + }, + "explanations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisExplanation" + }, + "description": "The explanations. For more information, see [Reachability Analyzer explanation codes](https://docs.aws.amazon.com/vpc/latest/reachability/explanation-codes.html) ." + }, + "filterInArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARN) of the resources that the path must traverse.", + "replaceOnChanges": true + }, + "forwardPathComponents": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisPathComponent" + }, + "description": "The components in the path from source to destination." + }, + "networkInsightsAnalysisArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the network insights analysis." + }, + "networkInsightsAnalysisId": { + "type": "string", + "description": "The ID of the network insights analysis." + }, + "networkInsightsPathId": { + "type": "string", + "description": "The ID of the path.", + "replaceOnChanges": true + }, + "networkPathFound": { + "type": "boolean", + "description": "Indicates whether the destination is reachable from the source." + }, + "returnPathComponents": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisPathComponent" + }, + "description": "The components in the path from destination to source." + }, + "startDate": { + "type": "string", + "description": "The time the analysis started." + }, + "status": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisStatus", + "description": "The status of the network insights analysis." + }, + "statusMessage": { + "type": "string", + "description": "The status message, if the status is `failed` ." + }, + "suggestedAccounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of potential intermediate accounts." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to apply." + } + }, + "required": [ + "networkInsightsPathId" + ], + "createOnly": [ + "filterInArns", + "networkInsightsPathId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:NetworkInsightsPath": { + "cf": "AWS::EC2::NetworkInsightsPath", + "inputs": { + "destination": { + "type": "string", + "description": "The ID or ARN of the destination. If the resource is in another account, you must specify an ARN." + }, + "destinationIp": { + "type": "string", + "description": "The IP address of the destination." + }, + "destinationPort": { + "type": "integer", + "description": "The destination port." + }, + "filterAtDestination": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsPathPathFilter", + "description": "Scopes the analysis to network paths that match specific filters at the destination. If you specify this parameter, you can't specify the parameter for the destination IP address." + }, + "filterAtSource": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsPathPathFilter", + "description": "Scopes the analysis to network paths that match specific filters at the source. If you specify this parameter, you can't specify the parameters for the source IP address or the destination port." + }, + "protocol": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsPathProtocol", + "description": "The protocol." + }, + "source": { + "type": "string", + "description": "The ID or ARN of the source. If the resource is in another account, you must specify an ARN." + }, + "sourceIp": { + "type": "string", + "description": "The IP address of the source." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the path." + } + }, + "outputs": { + "createdDate": { + "type": "string", + "description": "The time stamp when the path was created." + }, + "destination": { + "type": "string", + "description": "The ID or ARN of the destination. If the resource is in another account, you must specify an ARN.", + "replaceOnChanges": true + }, + "destinationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the destination." + }, + "destinationIp": { + "type": "string", + "description": "The IP address of the destination.", + "replaceOnChanges": true + }, + "destinationPort": { + "type": "integer", + "description": "The destination port.", + "replaceOnChanges": true + }, + "filterAtDestination": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsPathPathFilter", + "description": "Scopes the analysis to network paths that match specific filters at the destination. If you specify this parameter, you can't specify the parameter for the destination IP address.", + "replaceOnChanges": true + }, + "filterAtSource": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsPathPathFilter", + "description": "Scopes the analysis to network paths that match specific filters at the source. If you specify this parameter, you can't specify the parameters for the source IP address or the destination port.", + "replaceOnChanges": true + }, + "networkInsightsPathArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the path." + }, + "networkInsightsPathId": { + "type": "string", + "description": "The ID of the path." + }, + "protocol": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsPathProtocol", + "description": "The protocol.", + "replaceOnChanges": true + }, + "source": { + "type": "string", + "description": "The ID or ARN of the source. If the resource is in another account, you must specify an ARN.", + "replaceOnChanges": true + }, + "sourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the source." + }, + "sourceIp": { + "type": "string", + "description": "The IP address of the source.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the path." + } + }, + "required": [ + "protocol", + "source" + ], + "createOnly": [ + "destination", + "destinationIp", + "destinationPort", + "filterAtDestination", + "filterAtSource", + "protocol", + "source", + "sourceIp" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:NetworkInterface": { + "cf": "AWS::EC2::NetworkInterface", + "inputs": { + "connectionTrackingSpecification": { + "$ref": "#/types/aws-native:ec2:NetworkInterfaceConnectionTrackingSpecification", + "description": "A connection tracking specification for the network interface." + }, + "description": { + "type": "string", + "description": "A description for the network interface." + }, + "enablePrimaryIpv6": { + "type": "boolean", + "description": "If you have instances or ENIs that rely on the IPv6 address not changing, to avoid disrupting traffic to instances or ENIs, you can enable a primary IPv6 address. Enable this option to automatically assign an IPv6 associated with the ENI attached to your instance to be the primary IPv6 address. When you enable an IPv6 address to be a primary IPv6, you cannot disable it. Traffic will be routed to the primary IPv6 address until the instance is terminated or the ENI is detached. If you have multiple IPv6 addresses associated with an ENI and you enable a primary IPv6 address, the first IPv6 address associated with the ENI becomes the primary IPv6 address." + }, + "groupSet": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security group IDs associated with this network interface." + }, + "interfaceType": { + "type": "string", + "description": "Indicates the type of network interface." + }, + "ipv4PrefixCount": { + "type": "integer", + "description": "The number of IPv4 prefixes to assign to a network interface. When you specify a number of IPv4 prefixes, Amazon EC2 selects these prefixes from your existing subnet CIDR reservations, if available, or from free spaces in the subnet. By default, these will be /28 prefixes. You can't specify a count of IPv4 prefixes if you've specified one of the following: specific IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses." + }, + "ipv4Prefixes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInterfaceIpv4PrefixSpecification" + }, + "description": "Assigns a list of IPv4 prefixes to the network interface. If you want EC2 to automatically assign IPv4 prefixes, use the Ipv4PrefixCount property and do not specify this property. Presently, only /28 prefixes are supported. You can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses." + }, + "ipv6AddressCount": { + "type": "integer", + "description": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the Ipv6Addresses property and don't specify this property." + }, + "ipv6Addresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInterfaceInstanceIpv6Address" + }, + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet to associate with the network interface. If you're specifying a number of IPv6 addresses, use the Ipv6AddressCount property and don't specify this property." + }, + "ipv6PrefixCount": { + "type": "integer", + "description": "The number of IPv6 prefixes to assign to a network interface. When you specify a number of IPv6 prefixes, Amazon EC2 selects these prefixes from your existing subnet CIDR reservations, if available, or from free spaces in the subnet. By default, these will be /80 prefixes. You can't specify a count of IPv6 prefixes if you've specified one of the following: specific IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses." + }, + "ipv6Prefixes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInterfaceIpv6PrefixSpecification" + }, + "description": "Assigns a list of IPv6 prefixes to the network interface. If you want EC2 to automatically assign IPv6 prefixes, use the Ipv6PrefixCount property and do not specify this property. Presently, only /80 prefixes are supported. You can't specify IPv6 prefixes if you've specified one of the following: a count of IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses." + }, + "privateIpAddress": { + "type": "string", + "description": "Assigns a single private IP address to the network interface, which is used as the primary private IP address. If you want to specify multiple private IP address, use the PrivateIpAddresses property. " + }, + "privateIpAddresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInterfacePrivateIpAddressSpecification" + }, + "description": "Assigns a list of private IP addresses to the network interface. You can specify a primary private IP address by setting the value of the Primary property to true in the PrivateIpAddressSpecification property. If you want EC2 to automatically assign private IP addresses, use the SecondaryPrivateIpAddressCount property and do not specify this property." + }, + "secondaryPrivateIpAddressCount": { + "type": "integer", + "description": "The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using privateIpAddresses" + }, + "sourceDestCheck": { + "type": "boolean", + "description": "Indicates whether traffic to or from the instance is validated." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet to associate with the network interface." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this network interface." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "Network interface id." + }, + "connectionTrackingSpecification": { + "$ref": "#/types/aws-native:ec2:NetworkInterfaceConnectionTrackingSpecification", + "description": "A connection tracking specification for the network interface." + }, + "description": { + "type": "string", + "description": "A description for the network interface." + }, + "enablePrimaryIpv6": { + "type": "boolean", + "description": "If you have instances or ENIs that rely on the IPv6 address not changing, to avoid disrupting traffic to instances or ENIs, you can enable a primary IPv6 address. Enable this option to automatically assign an IPv6 associated with the ENI attached to your instance to be the primary IPv6 address. When you enable an IPv6 address to be a primary IPv6, you cannot disable it. Traffic will be routed to the primary IPv6 address until the instance is terminated or the ENI is detached. If you have multiple IPv6 addresses associated with an ENI and you enable a primary IPv6 address, the first IPv6 address associated with the ENI becomes the primary IPv6 address." + }, + "groupSet": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security group IDs associated with this network interface." + }, + "interfaceType": { + "type": "string", + "description": "Indicates the type of network interface.", + "replaceOnChanges": true + }, + "ipv4PrefixCount": { + "type": "integer", + "description": "The number of IPv4 prefixes to assign to a network interface. When you specify a number of IPv4 prefixes, Amazon EC2 selects these prefixes from your existing subnet CIDR reservations, if available, or from free spaces in the subnet. By default, these will be /28 prefixes. You can't specify a count of IPv4 prefixes if you've specified one of the following: specific IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses." + }, + "ipv4Prefixes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInterfaceIpv4PrefixSpecification" + }, + "description": "Assigns a list of IPv4 prefixes to the network interface. If you want EC2 to automatically assign IPv4 prefixes, use the Ipv4PrefixCount property and do not specify this property. Presently, only /28 prefixes are supported. You can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses." + }, + "ipv6AddressCount": { + "type": "integer", + "description": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the Ipv6Addresses property and don't specify this property." + }, + "ipv6Addresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInterfaceInstanceIpv6Address" + }, + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet to associate with the network interface. If you're specifying a number of IPv6 addresses, use the Ipv6AddressCount property and don't specify this property." + }, + "ipv6PrefixCount": { + "type": "integer", + "description": "The number of IPv6 prefixes to assign to a network interface. When you specify a number of IPv6 prefixes, Amazon EC2 selects these prefixes from your existing subnet CIDR reservations, if available, or from free spaces in the subnet. By default, these will be /80 prefixes. You can't specify a count of IPv6 prefixes if you've specified one of the following: specific IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses." + }, + "ipv6Prefixes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInterfaceIpv6PrefixSpecification" + }, + "description": "Assigns a list of IPv6 prefixes to the network interface. If you want EC2 to automatically assign IPv6 prefixes, use the Ipv6PrefixCount property and do not specify this property. Presently, only /80 prefixes are supported. You can't specify IPv6 prefixes if you've specified one of the following: a count of IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses." + }, + "primaryIpv6Address": { + "type": "string", + "description": "The primary IPv6 address" + }, + "primaryPrivateIpAddress": { + "type": "string", + "description": "Returns the primary private IP address of the network interface." + }, + "privateIpAddress": { + "type": "string", + "description": "Assigns a single private IP address to the network interface, which is used as the primary private IP address. If you want to specify multiple private IP address, use the PrivateIpAddresses property. ", + "replaceOnChanges": true + }, + "privateIpAddresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInterfacePrivateIpAddressSpecification" + }, + "description": "Assigns a list of private IP addresses to the network interface. You can specify a primary private IP address by setting the value of the Primary property to true in the PrivateIpAddressSpecification property. If you want EC2 to automatically assign private IP addresses, use the SecondaryPrivateIpAddressCount property and do not specify this property." + }, + "secondaryPrivateIpAddressCount": { + "type": "integer", + "description": "The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using privateIpAddresses" + }, + "secondaryPrivateIpAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Returns the secondary private IP addresses of the network interface." + }, + "sourceDestCheck": { + "type": "boolean", + "description": "Indicates whether traffic to or from the instance is validated." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet to associate with the network interface.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this network interface." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC" + } + }, + "required": [ + "subnetId" + ], + "createOnly": [ + "interfaceType", + "privateIpAddress", + "subnetId" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:NetworkInterfaceAttachment": { + "cf": "AWS::EC2::NetworkInterfaceAttachment", + "inputs": { + "deleteOnTermination": { + "type": "boolean", + "description": "Whether to delete the network interface when the instance terminates. By default, this value is set to ``true``." + }, + "deviceIndex": { + "type": "string", + "description": "The network interface's position in the attachment order. For example, the first attached network interface has a ``DeviceIndex`` of 0." + }, + "enaSrdSpecification": { + "$ref": "#/types/aws-native:ec2:NetworkInterfaceAttachmentEnaSrdSpecification", + "description": "Configures ENA Express for the network interface that this action attaches to the instance." + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance to which you will attach the ENI." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the ENI that you want to attach." + } + }, + "outputs": { + "attachmentId": { + "type": "string", + "description": "The ID of the network interface attachment." + }, + "deleteOnTermination": { + "type": "boolean", + "description": "Whether to delete the network interface when the instance terminates. By default, this value is set to ``true``." + }, + "deviceIndex": { + "type": "string", + "description": "The network interface's position in the attachment order. For example, the first attached network interface has a ``DeviceIndex`` of 0.", + "replaceOnChanges": true + }, + "enaSrdSpecification": { + "$ref": "#/types/aws-native:ec2:NetworkInterfaceAttachmentEnaSrdSpecification", + "description": "Configures ENA Express for the network interface that this action attaches to the instance." + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance to which you will attach the ENI.", + "replaceOnChanges": true + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the ENI that you want to attach.", + "replaceOnChanges": true + } + }, + "required": [ + "deviceIndex", + "instanceId", + "networkInterfaceId" + ], + "createOnly": [ + "deviceIndex", + "instanceId", + "networkInterfaceId" + ] + }, + "aws-native:ec2:NetworkPerformanceMetricSubscription": { + "cf": "AWS::EC2::NetworkPerformanceMetricSubscription", + "inputs": { + "destination": { + "type": "string", + "description": "The target Region or Availability Zone for the metric to subscribe to." + }, + "metric": { + "type": "string", + "description": "The metric type to subscribe to." + }, + "source": { + "type": "string", + "description": "The starting Region or Availability Zone for metric to subscribe to." + }, + "statistic": { + "type": "string", + "description": "The statistic to subscribe to." + } + }, + "outputs": { + "destination": { + "type": "string", + "description": "The target Region or Availability Zone for the metric to subscribe to.", + "replaceOnChanges": true + }, + "metric": { + "type": "string", + "description": "The metric type to subscribe to.", + "replaceOnChanges": true + }, + "source": { + "type": "string", + "description": "The starting Region or Availability Zone for metric to subscribe to.", + "replaceOnChanges": true + }, + "statistic": { + "type": "string", + "description": "The statistic to subscribe to.", + "replaceOnChanges": true + } + }, + "required": [ + "destination", + "metric", + "source", + "statistic" + ], + "createOnly": [ + "destination", + "metric", + "source", + "statistic" + ] + }, + "aws-native:ec2:PlacementGroup": { + "cf": "AWS::EC2::PlacementGroup", + "inputs": { + "partitionCount": { + "type": "integer", + "description": "The number of partitions. Valid only when **Strategy** is set to `partition`" + }, + "spreadLevel": { + "type": "string", + "description": "The Spread Level of Placement Group is an enum where it accepts either host or rack when strategy is spread" + }, + "strategy": { + "type": "string", + "description": "The placement strategy." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "groupName": { + "type": "string", + "description": "The Group Name of Placement Group." + }, + "partitionCount": { + "type": "integer", + "description": "The number of partitions. Valid only when **Strategy** is set to `partition`", + "replaceOnChanges": true + }, + "spreadLevel": { + "type": "string", + "description": "The Spread Level of Placement Group is an enum where it accepts either host or rack when strategy is spread", + "replaceOnChanges": true + }, + "strategy": { + "type": "string", + "description": "The placement strategy.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource.", + "replaceOnChanges": true + } + }, + "createOnly": [ + "partitionCount", + "spreadLevel", + "strategy", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:ec2:PrefixList": { + "cf": "AWS::EC2::PrefixList", + "inputs": { + "addressFamily": { + "$ref": "#/types/aws-native:ec2:PrefixListAddressFamily", + "description": "Ip Version of Prefix List." + }, + "entries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:PrefixListEntry" + }, + "description": "Entries of Prefix List." + }, + "maxEntries": { + "type": "integer", + "description": "Max Entries of Prefix List." + }, + "prefixListName": { + "type": "string", + "description": "Name of Prefix List." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for Prefix List" + } + }, + "outputs": { + "addressFamily": { + "$ref": "#/types/aws-native:ec2:PrefixListAddressFamily", + "description": "Ip Version of Prefix List." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Prefix List." + }, + "entries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:PrefixListEntry" + }, + "description": "Entries of Prefix List." + }, + "maxEntries": { + "type": "integer", + "description": "Max Entries of Prefix List." + }, + "ownerId": { + "type": "string", + "description": "Owner Id of Prefix List." + }, + "prefixListId": { + "type": "string", + "description": "Id of Prefix List." + }, + "prefixListName": { + "type": "string", + "description": "Name of Prefix List." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for Prefix List" + }, + "version": { + "type": "integer", + "description": "Version of Prefix List." + } + }, + "autoNamingSpec": { + "sdkName": "prefixListName", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "addressFamily" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:Route": { + "cf": "AWS::EC2::Route", + "inputs": { + "carrierGatewayId": { + "type": "string", + "description": "The ID of the carrier gateway.\n You can only use this option when the VPC contains a subnet which is associated with a Wavelength Zone." + }, + "coreNetworkArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the core network." + }, + "destinationCidrBlock": { + "type": "string", + "description": "The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match. We modify the specified CIDR block to its canonical form; for example, if you specify ``100.68.0.18/18``, we modify it to ``100.68.0.0/18``." + }, + "destinationIpv6CidrBlock": { + "type": "string", + "description": "The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match." + }, + "destinationPrefixListId": { + "type": "string", + "description": "The ID of a prefix list used for the destination match." + }, + "egressOnlyInternetGatewayId": { + "type": "string", + "description": "[IPv6 traffic only] The ID of an egress-only internet gateway." + }, + "gatewayId": { + "type": "string", + "description": "The ID of an internet gateway or virtual private gateway attached to your VPC." + }, + "instanceId": { + "type": "string", + "description": "The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached." + }, + "localGatewayId": { + "type": "string", + "description": "The ID of the local gateway." + }, + "natGatewayId": { + "type": "string", + "description": "[IPv4 traffic only] The ID of a NAT gateway." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of a network interface." + }, + "routeTableId": { + "type": "string", + "description": "The ID of the route table for the route." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of a transit gateway." + }, + "vpcEndpointId": { + "type": "string", + "description": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only." + }, + "vpcPeeringConnectionId": { + "type": "string", + "description": "The ID of a VPC peering connection." + } + }, + "outputs": { + "carrierGatewayId": { + "type": "string", + "description": "The ID of the carrier gateway.\n You can only use this option when the VPC contains a subnet which is associated with a Wavelength Zone." + }, + "cidrBlock": { + "type": "string", + "description": "The IPv4 CIDR block." + }, + "coreNetworkArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the core network." + }, + "destinationCidrBlock": { + "type": "string", + "description": "The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match. We modify the specified CIDR block to its canonical form; for example, if you specify ``100.68.0.18/18``, we modify it to ``100.68.0.0/18``.", + "replaceOnChanges": true + }, + "destinationIpv6CidrBlock": { + "type": "string", + "description": "The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.", + "replaceOnChanges": true + }, + "destinationPrefixListId": { + "type": "string", + "description": "The ID of a prefix list used for the destination match.", + "replaceOnChanges": true + }, + "egressOnlyInternetGatewayId": { + "type": "string", + "description": "[IPv6 traffic only] The ID of an egress-only internet gateway." + }, + "gatewayId": { + "type": "string", + "description": "The ID of an internet gateway or virtual private gateway attached to your VPC." + }, + "instanceId": { + "type": "string", + "description": "The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached." + }, + "localGatewayId": { + "type": "string", + "description": "The ID of the local gateway." + }, + "natGatewayId": { + "type": "string", + "description": "[IPv4 traffic only] The ID of a NAT gateway." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of a network interface." + }, + "routeTableId": { + "type": "string", + "description": "The ID of the route table for the route.", + "replaceOnChanges": true + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of a transit gateway." + }, + "vpcEndpointId": { + "type": "string", + "description": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only." + }, + "vpcPeeringConnectionId": { + "type": "string", + "description": "The ID of a VPC peering connection." + } + }, + "required": [ + "routeTableId" + ], + "createOnly": [ + "destinationCidrBlock", + "destinationIpv6CidrBlock", + "destinationPrefixListId", + "routeTableId" + ] + }, + "aws-native:ec2:RouteTable": { + "cf": "AWS::EC2::RouteTable", + "inputs": { + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the route table." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + } + }, + "outputs": { + "routeTableId": { + "type": "string", + "description": "The ID of the route table." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the route table." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC.", + "replaceOnChanges": true + } + }, + "required": [ + "vpcId" + ], + "createOnly": [ + "vpcId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:SecurityGroup": { + "cf": "AWS::EC2::SecurityGroup", + "inputs": { + "groupDescription": { + "type": "string", + "description": "A description for the security group." + }, + "groupName": { + "type": "string", + "description": "The name of the security group." + }, + "securityGroupEgress": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SecurityGroupEgress" + }, + "description": "[VPC only] The outbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group." + }, + "securityGroupIngress": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SecurityGroupIngress" + }, + "description": "The inbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the security group." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC for the security group." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The group name or group ID depending on whether the SG is created in default or specific VPC" + }, + "groupDescription": { + "type": "string", + "description": "A description for the security group.", + "replaceOnChanges": true + }, + "groupId": { + "type": "string", + "description": "The group ID of the specified security group." + }, + "groupName": { + "type": "string", + "description": "The name of the security group.", + "replaceOnChanges": true + }, + "securityGroupEgress": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SecurityGroupEgress" + }, + "description": "[VPC only] The outbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group." + }, + "securityGroupIngress": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SecurityGroupIngress" + }, + "description": "The inbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the security group." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC for the security group.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "groupName" + }, + "required": [ + "groupDescription" + ], + "createOnly": [ + "groupDescription", + "groupName", + "vpcId" + ], + "writeOnly": [ + "securityGroupIngress/*/SourceSecurityGroupName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:SecurityGroupEgress": { + "cf": "AWS::EC2::SecurityGroupEgress", + "inputs": { + "cidrIp": { + "type": "string", + "description": "The IPv4 address range, in CIDR format.\n You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``.\n For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *User Guide*." + }, + "cidrIpv6": { + "type": "string", + "description": "The IPv6 address range, in CIDR format.\n You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``.\n For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *User Guide*." + }, + "description": { + "type": "string", + "description": "The description of an egress (outbound) security group rule.\n Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*" + }, + "destinationPrefixListId": { + "type": "string", + "description": "The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.\n You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``." + }, + "destinationSecurityGroupId": { + "type": "string", + "description": "The ID of the security group.\n You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``." + }, + "fromPort": { + "type": "integer", + "description": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types)." + }, + "groupId": { + "type": "string", + "description": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID." + }, + "ipProtocol": { + "type": "string", + "description": "The IP protocol name (``tcp``, ``udp``, ``icmp``, ``icmpv6``) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)).\n Use ``-1`` to specify all protocols. When authorizing security group rules, specifying ``-1`` or a protocol number other than ``tcp``, ``udp``, ``icmp``, or ``icmpv6`` allows traffic on all ports, regardless of any port range you specify. For ``tcp``, ``udp``, and ``icmp``, you must specify a port range. For ``icmpv6``, the port range is optional; if you omit the port range, traffic for all types and codes is allowed." + }, + "toPort": { + "type": "integer", + "description": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes)." + } + }, + "outputs": { + "awsId": { + "type": "string" + }, + "cidrIp": { + "type": "string", + "description": "The IPv4 address range, in CIDR format.\n You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``.\n For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *User Guide*.", + "replaceOnChanges": true + }, + "cidrIpv6": { + "type": "string", + "description": "The IPv6 address range, in CIDR format.\n You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``.\n For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *User Guide*.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of an egress (outbound) security group rule.\n Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*" + }, + "destinationPrefixListId": { + "type": "string", + "description": "The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.\n You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``.", + "replaceOnChanges": true + }, + "destinationSecurityGroupId": { + "type": "string", + "description": "The ID of the security group.\n You must specify exactly one of the following: ``CidrIp``, ``CidrIpv6``, ``DestinationPrefixListId``, or ``DestinationSecurityGroupId``.", + "replaceOnChanges": true + }, + "fromPort": { + "type": "integer", + "description": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", + "replaceOnChanges": true + }, + "groupId": { + "type": "string", + "description": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.", + "replaceOnChanges": true + }, + "ipProtocol": { + "type": "string", + "description": "The IP protocol name (``tcp``, ``udp``, ``icmp``, ``icmpv6``) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)).\n Use ``-1`` to specify all protocols. When authorizing security group rules, specifying ``-1`` or a protocol number other than ``tcp``, ``udp``, ``icmp``, or ``icmpv6`` allows traffic on all ports, regardless of any port range you specify. For ``tcp``, ``udp``, and ``icmp``, you must specify a port range. For ``icmpv6``, the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "replaceOnChanges": true + }, + "toPort": { + "type": "integer", + "description": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", + "replaceOnChanges": true + } + }, + "required": [ + "groupId", + "ipProtocol" + ], + "createOnly": [ + "cidrIp", + "cidrIpv6", + "destinationPrefixListId", + "destinationSecurityGroupId", + "fromPort", + "groupId", + "ipProtocol", + "toPort" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:ec2:SecurityGroupIngress": { + "cf": "AWS::EC2::SecurityGroupIngress", + "inputs": { + "cidrIp": { + "type": "string", + "description": "The IPv4 ranges" + }, + "cidrIpv6": { + "type": "string", + "description": "[VPC only] The IPv6 ranges" + }, + "description": { + "type": "string", + "description": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously" + }, + "fromPort": { + "type": "integer", + "description": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports." + }, + "groupId": { + "type": "string", + "description": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.\n\nYou must specify the GroupName property or the GroupId property. For security groups that are in a VPC, you must use the GroupId property." + }, + "groupName": { + "type": "string", + "description": "The name of the security group." + }, + "ipProtocol": { + "type": "string", + "description": "The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers).\n\n[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp, udp, icmp, or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp, udp, and icmp, you must specify a port range. For icmpv6, the port range is optional; if you omit the port range, traffic for all types and codes is allowed." + }, + "sourcePrefixListId": { + "type": "string", + "description": "[EC2-VPC only] The ID of a prefix list.\n\n" + }, + "sourceSecurityGroupId": { + "type": "string", + "description": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID." + }, + "sourceSecurityGroupName": { + "type": "string", + "description": "[EC2-Classic, default VPC] The name of the source security group.\n\nYou must specify the GroupName property or the GroupId property. For security groups that are in a VPC, you must use the GroupId property." + }, + "sourceSecurityGroupOwnerId": { + "type": "string", + "description": "[nondefault VPC] The AWS account ID that owns the source security group. You can't specify this property with an IP address range.\n\nIf you specify SourceSecurityGroupName or SourceSecurityGroupId and that security group is owned by a different account than the account creating the stack, you must specify the SourceSecurityGroupOwnerId; otherwise, this property is optional." + }, + "toPort": { + "type": "integer", + "description": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The Security Group Rule Id" + }, + "cidrIp": { + "type": "string", + "description": "The IPv4 ranges", + "replaceOnChanges": true + }, + "cidrIpv6": { + "type": "string", + "description": "[VPC only] The IPv6 ranges", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously" + }, + "fromPort": { + "type": "integer", + "description": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "replaceOnChanges": true + }, + "groupId": { + "type": "string", + "description": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.\n\nYou must specify the GroupName property or the GroupId property. For security groups that are in a VPC, you must use the GroupId property.", + "replaceOnChanges": true + }, + "groupName": { + "type": "string", + "description": "The name of the security group.", + "replaceOnChanges": true + }, + "ipProtocol": { + "type": "string", + "description": "The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers).\n\n[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp, udp, icmp, or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp, udp, and icmp, you must specify a port range. For icmpv6, the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", + "replaceOnChanges": true + }, + "sourcePrefixListId": { + "type": "string", + "description": "[EC2-VPC only] The ID of a prefix list.\n\n", + "replaceOnChanges": true + }, + "sourceSecurityGroupId": { + "type": "string", + "description": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID.", + "replaceOnChanges": true + }, + "sourceSecurityGroupName": { + "type": "string", + "description": "[EC2-Classic, default VPC] The name of the source security group.\n\nYou must specify the GroupName property or the GroupId property. For security groups that are in a VPC, you must use the GroupId property.", + "replaceOnChanges": true + }, + "sourceSecurityGroupOwnerId": { + "type": "string", + "description": "[nondefault VPC] The AWS account ID that owns the source security group. You can't specify this property with an IP address range.\n\nIf you specify SourceSecurityGroupName or SourceSecurityGroupId and that security group is owned by a different account than the account creating the stack, you must specify the SourceSecurityGroupOwnerId; otherwise, this property is optional.", + "replaceOnChanges": true + }, + "toPort": { + "type": "integer", + "description": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", + "replaceOnChanges": true + } + }, + "required": [ + "ipProtocol" + ], + "createOnly": [ + "cidrIp", + "cidrIpv6", + "fromPort", + "groupId", + "groupName", + "ipProtocol", + "sourcePrefixListId", + "sourceSecurityGroupId", + "sourceSecurityGroupName", + "sourceSecurityGroupOwnerId", + "toPort" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:ec2:SnapshotBlockPublicAccess": { + "cf": "AWS::EC2::SnapshotBlockPublicAccess", + "inputs": { + "state": { + "$ref": "#/types/aws-native:ec2:SnapshotBlockPublicAccessState", + "description": "The state of EBS Snapshot Block Public Access." + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "The identifier for the specified AWS account." + }, + "state": { + "$ref": "#/types/aws-native:ec2:SnapshotBlockPublicAccessState", + "description": "The state of EBS Snapshot Block Public Access." + } + }, + "required": [ + "state" + ] + }, + "aws-native:ec2:SpotFleet": { + "cf": "AWS::EC2::SpotFleet", + "inputs": { + "spotFleetRequestConfigData": { + "$ref": "#/types/aws-native:ec2:SpotFleetRequestConfigData", + "description": "Describes the configuration of a Spot Fleet request." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the Spot Fleet." + }, + "spotFleetRequestConfigData": { + "$ref": "#/types/aws-native:ec2:SpotFleetRequestConfigData", + "description": "Describes the configuration of a Spot Fleet request." + } + }, + "required": [ + "spotFleetRequestConfigData" + ], + "createOnly": [ + "spotFleetRequestConfigData/AllocationStrategy", + "spotFleetRequestConfigData/IamFleetRole", + "spotFleetRequestConfigData/InstanceInterruptionBehavior", + "spotFleetRequestConfigData/InstancePoolsToUseCount", + "spotFleetRequestConfigData/LaunchSpecifications", + "spotFleetRequestConfigData/LaunchTemplateConfigs", + "spotFleetRequestConfigData/LoadBalancersConfig", + "spotFleetRequestConfigData/OnDemandAllocationStrategy", + "spotFleetRequestConfigData/OnDemandMaxTotalPrice", + "spotFleetRequestConfigData/OnDemandTargetCapacity", + "spotFleetRequestConfigData/ReplaceUnhealthyInstances", + "spotFleetRequestConfigData/SpotMaintenanceStrategies", + "spotFleetRequestConfigData/SpotMaxTotalPrice", + "spotFleetRequestConfigData/SpotPrice", + "spotFleetRequestConfigData/TagSpecifications", + "spotFleetRequestConfigData/TerminateInstancesWithExpiration", + "spotFleetRequestConfigData/Type", + "spotFleetRequestConfigData/ValidFrom", + "spotFleetRequestConfigData/ValidUntil" + ], + "writeOnly": [ + "spotFleetRequestConfigData/LaunchSpecifications/*/NetworkInterfaces/*/Groups", + "spotFleetRequestConfigData/TagSpecifications" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:ec2:Subnet": { + "cf": "AWS::EC2::Subnet", + "inputs": { + "assignIpv6AddressOnCreation": { + "type": "boolean", + "description": "Indicates whether a network interface created in this subnet receives an IPv6 address. The default value is ``false``.\n If you specify ``AssignIpv6AddressOnCreation``, you must also specify an IPv6 CIDR block." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone of the subnet.\n If you update this property, you must also update the ``CidrBlock`` property." + }, + "availabilityZoneId": { + "type": "string", + "description": "The AZ ID of the subnet." + }, + "cidrBlock": { + "type": "string", + "description": "The IPv4 CIDR block assigned to the subnet.\n If you update this property, we create a new subnet, and then delete the existing one." + }, + "enableDns64": { + "type": "boolean", + "description": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.\n You must first configure a NAT gateway in a public subnet (separate from the subnet containing the IPv6-only workloads). For example, the subnet containing the NAT gateway should have a ``0.0.0.0/0`` route pointing to the internet gateway. For more information, see [Configure DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough) in the *User Guide*." + }, + "enableLniAtDeviceIndex": { + "type": "integer", + "description": "Indicates the device position for local network interfaces in this subnet. For example, ``1`` indicates local network interfaces in this subnet are the secondary network interface (eth1)." + }, + "ipv4IpamPoolId": { + "type": "string", + "description": "An IPv4 IPAM pool ID for the subnet." + }, + "ipv4NetmaskLength": { + "type": "integer", + "description": "An IPv4 netmask length for the subnet." + }, + "ipv6CidrBlock": { + "type": "string", + "description": "The IPv6 CIDR block.\n If you specify ``AssignIpv6AddressOnCreation``, you must also specify an IPv6 CIDR block." + }, + "ipv6CidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv6 network ranges for the subnet, in CIDR notation." + }, + "ipv6IpamPoolId": { + "type": "string", + "description": "An IPv6 IPAM pool ID for the subnet." + }, + "ipv6Native": { + "type": "boolean", + "description": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *User Guide*." + }, + "ipv6NetmaskLength": { + "type": "integer", + "description": "An IPv6 netmask length for the subnet." + }, + "mapPublicIpOnLaunch": { + "type": "boolean", + "description": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is ``false``.\n AWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/)." + }, + "outpostArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Outpost." + }, + "privateDnsNameOptionsOnLaunch": { + "$ref": "#/types/aws-native:ec2:PrivateDnsNameOptionsOnLaunchProperties", + "description": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *User Guide*.\n Available options:\n + EnableResourceNameDnsAAAARecord (true | false)\n + EnableResourceNameDnsARecord (true | false)\n + HostnameType (ip-name | resource-name)" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the subnet." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC the subnet is in.\n If you update this property, you must also update the ``CidrBlock`` property." + } + }, + "outputs": { + "assignIpv6AddressOnCreation": { + "type": "boolean", + "description": "Indicates whether a network interface created in this subnet receives an IPv6 address. The default value is ``false``.\n If you specify ``AssignIpv6AddressOnCreation``, you must also specify an IPv6 CIDR block." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone of the subnet.\n If you update this property, you must also update the ``CidrBlock`` property.", + "replaceOnChanges": true + }, + "availabilityZoneId": { + "type": "string", + "description": "The AZ ID of the subnet.", + "replaceOnChanges": true + }, + "cidrBlock": { + "type": "string", + "description": "The IPv4 CIDR block assigned to the subnet.\n If you update this property, we create a new subnet, and then delete the existing one.", + "replaceOnChanges": true + }, + "enableDns64": { + "type": "boolean", + "description": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.\n You must first configure a NAT gateway in a public subnet (separate from the subnet containing the IPv6-only workloads). For example, the subnet containing the NAT gateway should have a ``0.0.0.0/0`` route pointing to the internet gateway. For more information, see [Configure DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough) in the *User Guide*." + }, + "enableLniAtDeviceIndex": { + "type": "integer", + "description": "Indicates the device position for local network interfaces in this subnet. For example, ``1`` indicates local network interfaces in this subnet are the secondary network interface (eth1)." + }, + "ipv4IpamPoolId": { + "type": "string", + "description": "An IPv4 IPAM pool ID for the subnet.", + "replaceOnChanges": true + }, + "ipv4NetmaskLength": { + "type": "integer", + "description": "An IPv4 netmask length for the subnet.", + "replaceOnChanges": true + }, + "ipv6CidrBlock": { + "type": "string", + "description": "The IPv6 CIDR block.\n If you specify ``AssignIpv6AddressOnCreation``, you must also specify an IPv6 CIDR block." + }, + "ipv6CidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv6 network ranges for the subnet, in CIDR notation." + }, + "ipv6IpamPoolId": { + "type": "string", + "description": "An IPv6 IPAM pool ID for the subnet.", + "replaceOnChanges": true + }, + "ipv6Native": { + "type": "boolean", + "description": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *User Guide*.", + "replaceOnChanges": true + }, + "ipv6NetmaskLength": { + "type": "integer", + "description": "An IPv6 netmask length for the subnet.", + "replaceOnChanges": true + }, + "mapPublicIpOnLaunch": { + "type": "boolean", + "description": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is ``false``.\n AWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/)." + }, + "networkAclAssociationId": { + "type": "string", + "description": "The ID of the network ACL that is associated with the subnet's VPC, such as `acl-5fb85d36` ." + }, + "outpostArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Outpost.", + "replaceOnChanges": true + }, + "privateDnsNameOptionsOnLaunch": { + "$ref": "#/types/aws-native:ec2:PrivateDnsNameOptionsOnLaunchProperties", + "description": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *User Guide*.\n Available options:\n + EnableResourceNameDnsAAAARecord (true | false)\n + EnableResourceNameDnsARecord (true | false)\n + HostnameType (ip-name | resource-name)" + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the subnet." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC the subnet is in.\n If you update this property, you must also update the ``CidrBlock`` property.", + "replaceOnChanges": true + } + }, + "required": [ + "vpcId" + ], + "createOnly": [ + "availabilityZone", + "availabilityZoneId", + "cidrBlock", + "ipv4IpamPoolId", + "ipv4NetmaskLength", + "ipv6IpamPoolId", + "ipv6Native", + "ipv6NetmaskLength", + "outpostArn", + "vpcId" + ], + "writeOnly": [ + "enableLniAtDeviceIndex", + "ipv4IpamPoolId", + "ipv4NetmaskLength", + "ipv6IpamPoolId", + "ipv6NetmaskLength" + ], + "irreversibleNames": { + "enableDns64": "EnableDns64" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:SubnetCidrBlock": { + "cf": "AWS::EC2::SubnetCidrBlock", + "inputs": { + "ipv6CidrBlock": { + "type": "string", + "description": "The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length" + }, + "ipv6IpamPoolId": { + "type": "string", + "description": "The ID of an IPv6 Amazon VPC IP Address Manager (IPAM) pool from which to allocate, to get the subnet's CIDR" + }, + "ipv6NetmaskLength": { + "type": "integer", + "description": "The netmask length of the IPv6 CIDR to allocate to the subnet from an IPAM pool" + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet" + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "Information about the IPv6 association." + }, + "ipv6CidrBlock": { + "type": "string", + "description": "The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length", + "replaceOnChanges": true + }, + "ipv6IpamPoolId": { + "type": "string", + "description": "The ID of an IPv6 Amazon VPC IP Address Manager (IPAM) pool from which to allocate, to get the subnet's CIDR", + "replaceOnChanges": true + }, + "ipv6NetmaskLength": { + "type": "integer", + "description": "The netmask length of the IPv6 CIDR to allocate to the subnet from an IPAM pool", + "replaceOnChanges": true + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet", + "replaceOnChanges": true + } + }, + "required": [ + "subnetId" + ], + "createOnly": [ + "ipv6CidrBlock", + "ipv6IpamPoolId", + "ipv6NetmaskLength", + "subnetId" + ], + "writeOnly": [ + "ipv6IpamPoolId", + "ipv6NetmaskLength" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:ec2:SubnetNetworkAclAssociation": { + "cf": "AWS::EC2::SubnetNetworkAclAssociation", + "inputs": { + "networkAclId": { + "type": "string", + "description": "The ID of the network ACL" + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet" + } + }, + "outputs": { + "associationId": { + "type": "string", + "description": "Returns the value of this object's AssociationId property." + }, + "networkAclId": { + "type": "string", + "description": "The ID of the network ACL", + "replaceOnChanges": true + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet", + "replaceOnChanges": true + } + }, + "required": [ + "networkAclId", + "subnetId" + ], + "createOnly": [ + "networkAclId", + "subnetId" + ] + }, + "aws-native:ec2:SubnetRouteTableAssociation": { + "cf": "AWS::EC2::SubnetRouteTableAssociation", + "inputs": { + "routeTableId": { + "type": "string", + "description": "The ID of the route table.\n The physical ID changes when the route table ID is changed." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the subnet route table association." + }, + "routeTableId": { + "type": "string", + "description": "The ID of the route table.\n The physical ID changes when the route table ID is changed.", + "replaceOnChanges": true + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet.", + "replaceOnChanges": true + } + }, + "required": [ + "routeTableId", + "subnetId" + ], + "createOnly": [ + "routeTableId", + "subnetId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:ec2:TransitGateway": { + "cf": "AWS::EC2::TransitGateway", + "inputs": { + "amazonSideAsn": { + "type": "integer", + "description": "A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs. The default is 64512." + }, + "associationDefaultRouteTableId": { + "type": "string", + "description": "The ID of the default association route table." + }, + "autoAcceptSharedAttachments": { + "type": "string", + "description": "Enable or disable automatic acceptance of attachment requests. Disabled by default." + }, + "defaultRouteTableAssociation": { + "type": "string", + "description": "Enable or disable automatic association with the default association route table. Enabled by default." + }, + "defaultRouteTablePropagation": { + "type": "string", + "description": "Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default." + }, + "description": { + "type": "string", + "description": "The description of the transit gateway." + }, + "dnsSupport": { + "type": "string", + "description": "Enable or disable DNS support. Enabled by default." + }, + "multicastSupport": { + "type": "string", + "description": "Indicates whether multicast is enabled on the transit gateway" + }, + "propagationDefaultRouteTableId": { + "type": "string", + "description": "The ID of the default propagation route table." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the transit gateway." + }, + "transitGatewayCidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The transit gateway CIDR blocks." + }, + "vpnEcmpSupport": { + "type": "string", + "description": "Enable or disable Equal Cost Multipath Protocol support. Enabled by default." + } + }, + "outputs": { + "amazonSideAsn": { + "type": "integer", + "description": "A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs. The default is 64512.", + "replaceOnChanges": true + }, + "associationDefaultRouteTableId": { + "type": "string", + "description": "The ID of the default association route table." + }, + "autoAcceptSharedAttachments": { + "type": "string", + "description": "Enable or disable automatic acceptance of attachment requests. Disabled by default." + }, + "awsId": { + "type": "string", + "description": "The ID of the transit gateway." + }, + "defaultRouteTableAssociation": { + "type": "string", + "description": "Enable or disable automatic association with the default association route table. Enabled by default." + }, + "defaultRouteTablePropagation": { + "type": "string", + "description": "Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default." + }, + "description": { + "type": "string", + "description": "The description of the transit gateway." + }, + "dnsSupport": { + "type": "string", + "description": "Enable or disable DNS support. Enabled by default." + }, + "multicastSupport": { + "type": "string", + "description": "Indicates whether multicast is enabled on the transit gateway", + "replaceOnChanges": true + }, + "propagationDefaultRouteTableId": { + "type": "string", + "description": "The ID of the default propagation route table." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the transit gateway." + }, + "transitGatewayArn": { + "type": "string" + }, + "transitGatewayCidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The transit gateway CIDR blocks." + }, + "vpnEcmpSupport": { + "type": "string", + "description": "Enable or disable Equal Cost Multipath Protocol support. Enabled by default." + } + }, + "createOnly": [ + "amazonSideAsn", + "multicastSupport" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:TransitGatewayAttachment": { + "cf": "AWS::EC2::TransitGatewayAttachment", + "inputs": { + "options": { + "$ref": "#/types/aws-native:ec2:OptionsProperties", + "description": "The options for the transit gateway vpc attachment." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the attachment." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the attachment." + }, + "options": { + "$ref": "#/types/aws-native:ec2:OptionsProperties", + "description": "The options for the transit gateway vpc attachment." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the attachment." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway.", + "replaceOnChanges": true + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC.", + "replaceOnChanges": true + } + }, + "required": [ + "subnetIds", + "transitGatewayId", + "vpcId" + ], + "createOnly": [ + "transitGatewayId", + "vpcId" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:TransitGatewayConnect": { + "cf": "AWS::EC2::TransitGatewayConnect", + "inputs": { + "options": { + "$ref": "#/types/aws-native:ec2:TransitGatewayConnectOptions", + "description": "The Connect attachment options." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the attachment." + }, + "transportTransitGatewayAttachmentId": { + "type": "string", + "description": "The ID of the attachment from which the Connect attachment was created." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The creation time." + }, + "options": { + "$ref": "#/types/aws-native:ec2:TransitGatewayConnectOptions", + "description": "The Connect attachment options.", + "replaceOnChanges": true + }, + "state": { + "type": "string", + "description": "The state of the attachment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the attachment." + }, + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of the Connect attachment." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway." + }, + "transportTransitGatewayAttachmentId": { + "type": "string", + "description": "The ID of the attachment from which the Connect attachment was created.", + "replaceOnChanges": true + } + }, + "required": [ + "options", + "transportTransitGatewayAttachmentId" + ], + "createOnly": [ + "options", + "transportTransitGatewayAttachmentId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:TransitGatewayMulticastDomain": { + "cf": "AWS::EC2::TransitGatewayMulticastDomain", + "inputs": { + "options": { + "$ref": "#/types/aws-native:ec2:OptionsProperties", + "description": "The options for the transit gateway multicast domain." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the transit gateway multicast domain." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The time the transit gateway multicast domain was created." + }, + "options": { + "$ref": "#/types/aws-native:ec2:OptionsProperties", + "description": "The options for the transit gateway multicast domain." + }, + "state": { + "type": "string", + "description": "The state of the transit gateway multicast domain." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the transit gateway multicast domain." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway.", + "replaceOnChanges": true + }, + "transitGatewayMulticastDomainArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the transit gateway multicast domain." + }, + "transitGatewayMulticastDomainId": { + "type": "string", + "description": "The ID of the transit gateway multicast domain." + } + }, + "required": [ + "transitGatewayId" + ], + "createOnly": [ + "transitGatewayId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:TransitGatewayMulticastDomainAssociation": { + "cf": "AWS::EC2::TransitGatewayMulticastDomainAssociation", + "inputs": { + "subnetId": { + "type": "string", + "description": "The IDs of the subnets to associate with the transit gateway multicast domain." + }, + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of the transit gateway attachment." + }, + "transitGatewayMulticastDomainId": { + "type": "string", + "description": "The ID of the transit gateway multicast domain." + } + }, + "outputs": { + "resourceId": { + "type": "string", + "description": "The ID of the resource." + }, + "resourceType": { + "type": "string", + "description": "The type of resource, for example a VPC attachment." + }, + "state": { + "type": "string", + "description": "The state of the subnet association." + }, + "subnetId": { + "type": "string", + "description": "The IDs of the subnets to associate with the transit gateway multicast domain.", + "replaceOnChanges": true + }, + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of the transit gateway attachment.", + "replaceOnChanges": true + }, + "transitGatewayMulticastDomainId": { + "type": "string", + "description": "The ID of the transit gateway multicast domain.", + "replaceOnChanges": true + } + }, + "required": [ + "subnetId", + "transitGatewayAttachmentId", + "transitGatewayMulticastDomainId" + ], + "createOnly": [ + "subnetId", + "transitGatewayAttachmentId", + "transitGatewayMulticastDomainId" + ] + }, + "aws-native:ec2:TransitGatewayMulticastGroupMember": { + "cf": "AWS::EC2::TransitGatewayMulticastGroupMember", + "inputs": { + "groupIpAddress": { + "type": "string", + "description": "The IP address assigned to the transit gateway multicast group." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the transit gateway attachment." + }, + "transitGatewayMulticastDomainId": { + "type": "string", + "description": "The ID of the transit gateway multicast domain." + } + }, + "outputs": { + "groupIpAddress": { + "type": "string", + "description": "The IP address assigned to the transit gateway multicast group.", + "replaceOnChanges": true + }, + "groupMember": { + "type": "boolean", + "description": "Indicates that the resource is a transit gateway multicast group member." + }, + "groupSource": { + "type": "boolean", + "description": "Indicates that the resource is a transit gateway multicast group member." + }, + "memberType": { + "type": "string", + "description": "The member type (for example, static)." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the transit gateway attachment.", + "replaceOnChanges": true + }, + "resourceId": { + "type": "string", + "description": "The ID of the resource." + }, + "resourceType": { + "type": "string", + "description": "The type of resource, for example a VPC attachment." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet." + }, + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of the transit gateway attachment." + }, + "transitGatewayMulticastDomainId": { + "type": "string", + "description": "The ID of the transit gateway multicast domain.", + "replaceOnChanges": true + } + }, + "required": [ + "groupIpAddress", + "networkInterfaceId", + "transitGatewayMulticastDomainId" + ], + "createOnly": [ + "groupIpAddress", + "networkInterfaceId", + "transitGatewayMulticastDomainId" + ] + }, + "aws-native:ec2:TransitGatewayMulticastGroupSource": { + "cf": "AWS::EC2::TransitGatewayMulticastGroupSource", + "inputs": { + "groupIpAddress": { + "type": "string", + "description": "The IP address assigned to the transit gateway multicast group." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the transit gateway attachment." + }, + "transitGatewayMulticastDomainId": { + "type": "string", + "description": "The ID of the transit gateway multicast domain." + } + }, + "outputs": { + "groupIpAddress": { + "type": "string", + "description": "The IP address assigned to the transit gateway multicast group.", + "replaceOnChanges": true + }, + "groupMember": { + "type": "boolean", + "description": "Indicates that the resource is a transit gateway multicast group member." + }, + "groupSource": { + "type": "boolean", + "description": "Indicates that the resource is a transit gateway multicast group member." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the transit gateway attachment.", + "replaceOnChanges": true + }, + "resourceId": { + "type": "string", + "description": "The ID of the resource." + }, + "resourceType": { + "type": "string", + "description": "The type of resource, for example a VPC attachment." + }, + "sourceType": { + "type": "string", + "description": "The source type." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet." + }, + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of the transit gateway attachment." + }, + "transitGatewayMulticastDomainId": { + "type": "string", + "description": "The ID of the transit gateway multicast domain.", + "replaceOnChanges": true + } + }, + "required": [ + "groupIpAddress", + "networkInterfaceId", + "transitGatewayMulticastDomainId" + ], + "createOnly": [ + "groupIpAddress", + "networkInterfaceId", + "transitGatewayMulticastDomainId" + ] + }, + "aws-native:ec2:TransitGatewayPeeringAttachment": { + "cf": "AWS::EC2::TransitGatewayPeeringAttachment", + "inputs": { + "peerAccountId": { + "type": "string", + "description": "The ID of the peer account" + }, + "peerRegion": { + "type": "string", + "description": "Peer Region" + }, + "peerTransitGatewayId": { + "type": "string", + "description": "The ID of the peer transit gateway." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the transit gateway peering attachment." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The time the transit gateway peering attachment was created." + }, + "peerAccountId": { + "type": "string", + "description": "The ID of the peer account", + "replaceOnChanges": true + }, + "peerRegion": { + "type": "string", + "description": "Peer Region", + "replaceOnChanges": true + }, + "peerTransitGatewayId": { + "type": "string", + "description": "The ID of the peer transit gateway.", + "replaceOnChanges": true + }, + "state": { + "type": "string", + "description": "The state of the transit gateway peering attachment. Note that the initiating state has been deprecated." + }, + "status": { + "$ref": "#/types/aws-native:ec2:TransitGatewayPeeringAttachmentPeeringAttachmentStatus", + "description": "The status of the transit gateway peering attachment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the transit gateway peering attachment." + }, + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of the transit gateway peering attachment." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway.", + "replaceOnChanges": true + } + }, + "required": [ + "peerAccountId", + "peerRegion", + "peerTransitGatewayId", + "transitGatewayId" + ], + "createOnly": [ + "peerAccountId", + "peerRegion", + "peerTransitGatewayId", + "transitGatewayId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:TransitGatewayRoute": { + "cf": "AWS::EC2::TransitGatewayRoute", + "inputs": { + "blackhole": { + "type": "boolean", + "description": "Indicates whether to drop traffic that matches this route." + }, + "destinationCidrBlock": { + "type": "string", + "description": "The CIDR range used for destination matches. Routing decisions are based on the most specific match." + }, + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of transit gateway attachment." + }, + "transitGatewayRouteTableId": { + "type": "string", + "description": "The ID of transit gateway route table." + } + }, + "outputs": { + "blackhole": { + "type": "boolean", + "description": "Indicates whether to drop traffic that matches this route.", + "replaceOnChanges": true + }, + "destinationCidrBlock": { + "type": "string", + "description": "The CIDR range used for destination matches. Routing decisions are based on the most specific match.", + "replaceOnChanges": true + }, + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of transit gateway attachment.", + "replaceOnChanges": true + }, + "transitGatewayRouteTableId": { + "type": "string", + "description": "The ID of transit gateway route table.", + "replaceOnChanges": true + } + }, + "required": [ + "destinationCidrBlock", + "transitGatewayRouteTableId" + ], + "createOnly": [ + "blackhole", + "destinationCidrBlock", + "transitGatewayAttachmentId", + "transitGatewayRouteTableId" + ] + }, + "aws-native:ec2:TransitGatewayRouteTable": { + "cf": "AWS::EC2::TransitGatewayRouteTable", + "inputs": { + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Tags are composed of a Key/Value pair. You can use tags to categorize and track each parameter group. The tag value null is permitted." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway." + } + }, + "outputs": { + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Tags are composed of a Key/Value pair. You can use tags to categorize and track each parameter group. The tag value null is permitted.", + "replaceOnChanges": true + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway.", + "replaceOnChanges": true + }, + "transitGatewayRouteTableId": { + "type": "string", + "description": "Transit Gateway Route Table primary identifier" + } + }, + "required": [ + "transitGatewayId" + ], + "createOnly": [ + "tags", + "transitGatewayId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:ec2:TransitGatewayRouteTableAssociation": { + "cf": "AWS::EC2::TransitGatewayRouteTableAssociation", + "inputs": { + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of transit gateway attachment." + }, + "transitGatewayRouteTableId": { + "type": "string", + "description": "The ID of transit gateway route table." + } + }, + "outputs": { + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of transit gateway attachment.", + "replaceOnChanges": true + }, + "transitGatewayRouteTableId": { + "type": "string", + "description": "The ID of transit gateway route table.", + "replaceOnChanges": true + } + }, + "required": [ + "transitGatewayAttachmentId", + "transitGatewayRouteTableId" + ], + "createOnly": [ + "transitGatewayAttachmentId", + "transitGatewayRouteTableId" + ] + }, + "aws-native:ec2:TransitGatewayRouteTablePropagation": { + "cf": "AWS::EC2::TransitGatewayRouteTablePropagation", + "inputs": { + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of transit gateway attachment." + }, + "transitGatewayRouteTableId": { + "type": "string", + "description": "The ID of transit gateway route table." + } + }, + "outputs": { + "transitGatewayAttachmentId": { + "type": "string", + "description": "The ID of transit gateway attachment.", + "replaceOnChanges": true + }, + "transitGatewayRouteTableId": { + "type": "string", + "description": "The ID of transit gateway route table.", + "replaceOnChanges": true + } + }, + "required": [ + "transitGatewayAttachmentId", + "transitGatewayRouteTableId" + ], + "createOnly": [ + "transitGatewayAttachmentId", + "transitGatewayRouteTableId" + ] + }, + "aws-native:ec2:TransitGatewayVpcAttachment": { + "cf": "AWS::EC2::TransitGatewayVpcAttachment", + "inputs": { + "addSubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone." + }, + "options": { + "$ref": "#/types/aws-native:ec2:OptionsProperties", + "description": "The options for the transit gateway vpc attachment." + }, + "removeSubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of one or more subnets to remove." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the subnets." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the VPC attachment." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + } + }, + "outputs": { + "addSubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone." + }, + "awsId": { + "type": "string", + "description": "The ID of the attachment." + }, + "options": { + "$ref": "#/types/aws-native:ec2:OptionsProperties", + "description": "The options for the transit gateway vpc attachment." + }, + "removeSubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of one or more subnets to remove." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the subnets.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the VPC attachment." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway.", + "replaceOnChanges": true + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC.", + "replaceOnChanges": true + } + }, + "required": [ + "subnetIds", + "transitGatewayId", + "vpcId" + ], + "createOnly": [ + "subnetIds", + "transitGatewayId", + "vpcId" + ], + "writeOnly": [ + "addSubnetIds", + "removeSubnetIds" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:VerifiedAccessEndpoint": { + "cf": "AWS::EC2::VerifiedAccessEndpoint", + "inputs": { + "applicationDomain": { + "type": "string", + "description": "The DNS name for users to reach your application." + }, + "attachmentType": { + "type": "string", + "description": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application." + }, + "description": { + "type": "string", + "description": "A description for the AWS Verified Access endpoint." + }, + "domainCertificateArn": { + "type": "string", + "description": "The ARN of a public TLS/SSL certificate imported into or created with ACM." + }, + "endpointDomainPrefix": { + "type": "string", + "description": "A custom identifier that gets prepended to a DNS name that is generated for the endpoint." + }, + "endpointType": { + "type": "string", + "description": "The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified." + }, + "loadBalancerOptions": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessEndpointLoadBalancerOptions", + "description": "The load balancer details if creating the AWS Verified Access endpoint as load-balancer type." + }, + "networkInterfaceOptions": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessEndpointNetworkInterfaceOptions", + "description": "The options for network-interface type endpoint." + }, + "policyDocument": { + "type": "string", + "description": "The AWS Verified Access policy document." + }, + "policyEnabled": { + "type": "boolean", + "description": "The status of the Verified Access policy." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups for the endpoint." + }, + "sseSpecification": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessEndpointSseSpecification", + "description": "The configuration options for customer provided KMS encryption." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "verifiedAccessGroupId": { + "type": "string", + "description": "The ID of the AWS Verified Access group." + } + }, + "outputs": { + "applicationDomain": { + "type": "string", + "description": "The DNS name for users to reach your application.", + "replaceOnChanges": true + }, + "attachmentType": { + "type": "string", + "description": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application.", + "replaceOnChanges": true + }, + "creationTime": { + "type": "string", + "description": "The creation time." + }, + "description": { + "type": "string", + "description": "A description for the AWS Verified Access endpoint." + }, + "deviceValidationDomain": { + "type": "string", + "description": "Returned if endpoint has a device trust provider attached." + }, + "domainCertificateArn": { + "type": "string", + "description": "The ARN of a public TLS/SSL certificate imported into or created with ACM.", + "replaceOnChanges": true + }, + "endpointDomain": { + "type": "string", + "description": "A DNS name that is generated for the endpoint." + }, + "endpointDomainPrefix": { + "type": "string", + "description": "A custom identifier that gets prepended to a DNS name that is generated for the endpoint.", + "replaceOnChanges": true + }, + "endpointType": { + "type": "string", + "description": "The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.", + "replaceOnChanges": true + }, + "lastUpdatedTime": { + "type": "string", + "description": "The last updated time." + }, + "loadBalancerOptions": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessEndpointLoadBalancerOptions", + "description": "The load balancer details if creating the AWS Verified Access endpoint as load-balancer type." + }, + "networkInterfaceOptions": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessEndpointNetworkInterfaceOptions", + "description": "The options for network-interface type endpoint." + }, + "policyDocument": { + "type": "string", + "description": "The AWS Verified Access policy document." + }, + "policyEnabled": { + "type": "boolean", + "description": "The status of the Verified Access policy." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups for the endpoint.", + "replaceOnChanges": true + }, + "sseSpecification": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessEndpointSseSpecification", + "description": "The configuration options for customer provided KMS encryption." + }, + "status": { + "type": "string", + "description": "The endpoint status." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "verifiedAccessEndpointId": { + "type": "string", + "description": "The ID of the AWS Verified Access endpoint." + }, + "verifiedAccessGroupId": { + "type": "string", + "description": "The ID of the AWS Verified Access group." + }, + "verifiedAccessInstanceId": { + "type": "string", + "description": "The ID of the AWS Verified Access instance." + } + }, + "required": [ + "applicationDomain", + "attachmentType", + "domainCertificateArn", + "endpointDomainPrefix", + "endpointType", + "verifiedAccessGroupId" + ], + "createOnly": [ + "applicationDomain", + "attachmentType", + "domainCertificateArn", + "endpointDomainPrefix", + "endpointType", + "loadBalancerOptions/LoadBalancerArn", + "networkInterfaceOptions/NetworkInterfaceId", + "securityGroupIds" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:VerifiedAccessGroup": { + "cf": "AWS::EC2::VerifiedAccessGroup", + "inputs": { + "description": { + "type": "string", + "description": "A description for the AWS Verified Access group." + }, + "policyDocument": { + "type": "string", + "description": "The AWS Verified Access policy document." + }, + "policyEnabled": { + "type": "boolean", + "description": "The status of the Verified Access policy." + }, + "sseSpecification": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessGroupSseSpecification", + "description": "The configuration options for customer provided KMS encryption." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "verifiedAccessInstanceId": { + "type": "string", + "description": "The ID of the AWS Verified Access instance." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "Time this Verified Access Group was created." + }, + "description": { + "type": "string", + "description": "A description for the AWS Verified Access group." + }, + "lastUpdatedTime": { + "type": "string", + "description": "Time this Verified Access Group was last updated." + }, + "owner": { + "type": "string", + "description": "The AWS account number that owns the group." + }, + "policyDocument": { + "type": "string", + "description": "The AWS Verified Access policy document." + }, + "policyEnabled": { + "type": "boolean", + "description": "The status of the Verified Access policy." + }, + "sseSpecification": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessGroupSseSpecification", + "description": "The configuration options for customer provided KMS encryption." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "verifiedAccessGroupArn": { + "type": "string", + "description": "The ARN of the Verified Access group." + }, + "verifiedAccessGroupId": { + "type": "string", + "description": "The ID of the AWS Verified Access group." + }, + "verifiedAccessInstanceId": { + "type": "string", + "description": "The ID of the AWS Verified Access instance." + } + }, + "required": [ + "verifiedAccessInstanceId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:VerifiedAccessInstance": { + "cf": "AWS::EC2::VerifiedAccessInstance", + "inputs": { + "description": { + "type": "string", + "description": "A description for the AWS Verified Access instance." + }, + "fipsEnabled": { + "type": "boolean", + "description": "Indicates whether FIPS is enabled" + }, + "loggingConfigurations": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessInstanceVerifiedAccessLogs", + "description": "The configuration options for AWS Verified Access instances." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "verifiedAccessTrustProviderIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the AWS Verified Access trust providers." + }, + "verifiedAccessTrustProviders": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessInstanceVerifiedAccessTrustProvider" + }, + "description": "AWS Verified Access trust providers." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "Time this Verified Access Instance was created." + }, + "description": { + "type": "string", + "description": "A description for the AWS Verified Access instance." + }, + "fipsEnabled": { + "type": "boolean", + "description": "Indicates whether FIPS is enabled" + }, + "lastUpdatedTime": { + "type": "string", + "description": "Time this Verified Access Instance was last updated." + }, + "loggingConfigurations": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessInstanceVerifiedAccessLogs", + "description": "The configuration options for AWS Verified Access instances." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "verifiedAccessInstanceId": { + "type": "string", + "description": "The ID of the AWS Verified Access instance." + }, + "verifiedAccessTrustProviderIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the AWS Verified Access trust providers." + }, + "verifiedAccessTrustProviders": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessInstanceVerifiedAccessTrustProvider" + }, + "description": "AWS Verified Access trust providers." + } + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:VerifiedAccessTrustProvider": { + "cf": "AWS::EC2::VerifiedAccessTrustProvider", + "inputs": { + "description": { + "type": "string", + "description": "A description for the Amazon Web Services Verified Access trust provider." + }, + "deviceOptions": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessTrustProviderDeviceOptions", + "description": "The options for device-identity trust provider." + }, + "deviceTrustProviderType": { + "type": "string", + "description": "The type of device-based trust provider. Possible values: jamf|crowdstrike" + }, + "oidcOptions": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessTrustProviderOidcOptions", + "description": "The options for an OpenID Connect-compatible user-identity trust provider." + }, + "policyReferenceName": { + "type": "string", + "description": "The identifier to be used when working with policy rules." + }, + "sseSpecification": { + "$ref": "#/types/aws-native:ec2:SseSpecificationProperties", + "description": "The configuration options for customer provided KMS encryption." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "trustProviderType": { + "type": "string", + "description": "Type of trust provider. Possible values: user|device" + }, + "userTrustProviderType": { + "type": "string", + "description": "The type of device-based trust provider. Possible values: oidc|iam-identity-center" + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The creation time." + }, + "description": { + "type": "string", + "description": "A description for the Amazon Web Services Verified Access trust provider." + }, + "deviceOptions": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessTrustProviderDeviceOptions", + "description": "The options for device-identity trust provider.", + "replaceOnChanges": true + }, + "deviceTrustProviderType": { + "type": "string", + "description": "The type of device-based trust provider. Possible values: jamf|crowdstrike", + "replaceOnChanges": true + }, + "lastUpdatedTime": { + "type": "string", + "description": "The last updated time." + }, + "oidcOptions": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessTrustProviderOidcOptions", + "description": "The options for an OpenID Connect-compatible user-identity trust provider." + }, + "policyReferenceName": { + "type": "string", + "description": "The identifier to be used when working with policy rules.", + "replaceOnChanges": true + }, + "sseSpecification": { + "$ref": "#/types/aws-native:ec2:SseSpecificationProperties", + "description": "The configuration options for customer provided KMS encryption." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "trustProviderType": { + "type": "string", + "description": "Type of trust provider. Possible values: user|device", + "replaceOnChanges": true + }, + "userTrustProviderType": { + "type": "string", + "description": "The type of device-based trust provider. Possible values: oidc|iam-identity-center", + "replaceOnChanges": true + }, + "verifiedAccessTrustProviderId": { + "type": "string", + "description": "The ID of the Amazon Web Services Verified Access trust provider." + } + }, + "required": [ + "policyReferenceName", + "trustProviderType" + ], + "createOnly": [ + "deviceOptions", + "deviceTrustProviderType", + "policyReferenceName", + "trustProviderType", + "userTrustProviderType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:Volume": { + "cf": "AWS::EC2::Volume", + "inputs": { + "autoEnableIo": { + "type": "boolean", + "description": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O." + }, + "availabilityZone": { + "type": "string", + "description": "The ID of the Availability Zone in which to create the volume. For example, ``us-east-1a``." + }, + "encrypted": { + "type": "boolean", + "description": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to ``true`` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) in the *Amazon Elastic Compute Cloud User Guide*.\n Encrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances)." + }, + "iops": { + "type": "integer", + "description": "The number of I/O operations per second (IOPS). For ``gp3``, ``io1``, and ``io2`` volumes, this represents the number of IOPS that are provisioned for the volume. For ``gp2`` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n The following are the supported values for each volume type:\n + ``gp3``: 3,000 - 16,000 IOPS\n + ``io1``: 100 - 64,000 IOPS\n + ``io2``: 100 - 256,000 IOPS\n \n For ``io2`` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). On other instances, you can achieve performance up to 32,000 IOPS.\n This parameter is required for ``io1`` and ``io2`` volumes. The default for ``gp3`` volumes is 3,000 IOPS. This parameter is not supported for ``gp2``, ``st1``, ``sc1``, or ``standard`` volumes." + }, + "kmsKeyId": { + "type": "string", + "description": "The identifier of the kms-key-long to use for Amazon EBS encryption. If ``KmsKeyId`` is specified, the encrypted state must be ``true``.\n If you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to ``true``, then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the aws-managed-key.\n Alternatively, if you want to specify a different key, you can specify one of the following:\n + Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n + Key alias. Specify the alias for the key, prefixed with ``alias/``. For example, for a key with the alias ``my_cmk``, use ``alias/my_cmk``. Or to specify the aws-managed-key, use ``alias/aws/ebs``.\n + Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n + Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias." + }, + "multiAttachEnabled": { + "type": "boolean", + "description": "Indicates whether Amazon EBS Multi-Attach is enabled.\n CFNlong does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume." + }, + "outpostArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Outpost." + }, + "size": { + "type": "integer", + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n The following are the supported volumes sizes for each volume type:\n + ``gp2`` and ``gp3``: 1 - 16,384 GiB\n + ``io1``: 4 - 16,384 GiB\n + ``io2``: 4 - 65,536 GiB\n + ``st1`` and ``sc1``: 125 - 16,384 GiB\n + ``standard``: 1 - 1024 GiB" + }, + "snapshotId": { + "type": "string", + "description": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to apply to the volume during creation." + }, + "throughput": { + "type": "integer", + "description": "The throughput to provision for a volume, with a maximum of 1,000 MiB/s.\n This parameter is valid only for ``gp3`` volumes. The default value is 125.\n Valid Range: Minimum value of 125. Maximum value of 1000." + }, + "volumeType": { + "type": "string", + "description": "The volume type. This parameter can be one of the following values:\n + General Purpose SSD: ``gp2`` | ``gp3`` \n + Provisioned IOPS SSD: ``io1`` | ``io2`` \n + Throughput Optimized HDD: ``st1`` \n + Cold HDD: ``sc1`` \n + Magnetic: ``standard`` \n \n For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon Elastic Compute Cloud User Guide*.\n Default: ``gp2``" + } + }, + "outputs": { + "autoEnableIo": { + "type": "boolean", + "description": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O." + }, + "availabilityZone": { + "type": "string", + "description": "The ID of the Availability Zone in which to create the volume. For example, ``us-east-1a``." + }, + "encrypted": { + "type": "boolean", + "description": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to ``true`` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) in the *Amazon Elastic Compute Cloud User Guide*.\n Encrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances)." + }, + "iops": { + "type": "integer", + "description": "The number of I/O operations per second (IOPS). For ``gp3``, ``io1``, and ``io2`` volumes, this represents the number of IOPS that are provisioned for the volume. For ``gp2`` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n The following are the supported values for each volume type:\n + ``gp3``: 3,000 - 16,000 IOPS\n + ``io1``: 100 - 64,000 IOPS\n + ``io2``: 100 - 256,000 IOPS\n \n For ``io2`` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). On other instances, you can achieve performance up to 32,000 IOPS.\n This parameter is required for ``io1`` and ``io2`` volumes. The default for ``gp3`` volumes is 3,000 IOPS. This parameter is not supported for ``gp2``, ``st1``, ``sc1``, or ``standard`` volumes." + }, + "kmsKeyId": { + "type": "string", + "description": "The identifier of the kms-key-long to use for Amazon EBS encryption. If ``KmsKeyId`` is specified, the encrypted state must be ``true``.\n If you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to ``true``, then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the aws-managed-key.\n Alternatively, if you want to specify a different key, you can specify one of the following:\n + Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n + Key alias. Specify the alias for the key, prefixed with ``alias/``. For example, for a key with the alias ``my_cmk``, use ``alias/my_cmk``. Or to specify the aws-managed-key, use ``alias/aws/ebs``.\n + Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n + Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias." + }, + "multiAttachEnabled": { + "type": "boolean", + "description": "Indicates whether Amazon EBS Multi-Attach is enabled.\n CFNlong does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume." + }, + "outpostArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Outpost." + }, + "size": { + "type": "integer", + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n The following are the supported volumes sizes for each volume type:\n + ``gp2`` and ``gp3``: 1 - 16,384 GiB\n + ``io1``: 4 - 16,384 GiB\n + ``io2``: 4 - 65,536 GiB\n + ``st1`` and ``sc1``: 125 - 16,384 GiB\n + ``standard``: 1 - 1024 GiB" + }, + "snapshotId": { + "type": "string", + "description": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to apply to the volume during creation." + }, + "throughput": { + "type": "integer", + "description": "The throughput to provision for a volume, with a maximum of 1,000 MiB/s.\n This parameter is valid only for ``gp3`` volumes. The default value is 125.\n Valid Range: Minimum value of 125. Maximum value of 1000." + }, + "volumeId": { + "type": "string", + "description": "The ID of the volume." + }, + "volumeType": { + "type": "string", + "description": "The volume type. This parameter can be one of the following values:\n + General Purpose SSD: ``gp2`` | ``gp3`` \n + Provisioned IOPS SSD: ``io1`` | ``io2`` \n + Throughput Optimized HDD: ``st1`` \n + Cold HDD: ``sc1`` \n + Magnetic: ``standard`` \n \n For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon Elastic Compute Cloud User Guide*.\n Default: ``gp2``" + } + }, + "required": [ + "availabilityZone" + ], + "irreversibleNames": { + "autoEnableIo": "AutoEnableIO" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:VolumeAttachment": { + "cf": "AWS::EC2::VolumeAttachment", + "inputs": { + "device": { + "type": "string", + "description": "The device name (for example, ``/dev/sdh`` or ``xvdh``)." + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance to which the volume attaches. This value can be a reference to an [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource, or it can be the physical ID of an existing EC2 instance." + }, + "volumeId": { + "type": "string", + "description": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an [AWS::EC2::Volume](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html) resource, or it can be the volume ID of an existing Amazon EBS volume." + } + }, + "outputs": { + "device": { + "type": "string", + "description": "The device name (for example, ``/dev/sdh`` or ``xvdh``).", + "replaceOnChanges": true + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance to which the volume attaches. This value can be a reference to an [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource, or it can be the physical ID of an existing EC2 instance.", + "replaceOnChanges": true + }, + "volumeId": { + "type": "string", + "description": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an [AWS::EC2::Volume](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html) resource, or it can be the volume ID of an existing Amazon EBS volume.", + "replaceOnChanges": true + } + }, + "required": [ + "instanceId", + "volumeId" + ], + "createOnly": [ + "device", + "instanceId", + "volumeId" + ] + }, + "aws-native:ec2:Vpc": { + "cf": "AWS::EC2::VPC", + "inputs": { + "cidrBlock": { + "type": "string", + "description": "The IPv4 network range for the VPC, in CIDR notation. For example, ``10.0.0.0/16``. We modify the specified CIDR block to its canonical form; for example, if you specify ``100.68.0.18/18``, we modify it to ``100.68.0.0/18``.\n You must specify either``CidrBlock`` or ``Ipv4IpamPoolId``." + }, + "enableDnsHostnames": { + "type": "boolean", + "description": "Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support).\n You can only enable DNS hostnames if you've enabled DNS support." + }, + "enableDnsSupport": { + "type": "boolean", + "description": "Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support)." + }, + "instanceTenancy": { + "type": "string", + "description": "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement." + }, + "ipv4IpamPoolId": { + "type": "string", + "description": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide*.\n You must specify either``CidrBlock`` or ``Ipv4IpamPoolId``." + }, + "ipv4NetmaskLength": { + "type": "integer", + "description": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide*." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the VPC." + } + }, + "outputs": { + "cidrBlock": { + "type": "string", + "description": "The IPv4 network range for the VPC, in CIDR notation. For example, ``10.0.0.0/16``. We modify the specified CIDR block to its canonical form; for example, if you specify ``100.68.0.18/18``, we modify it to ``100.68.0.0/18``.\n You must specify either``CidrBlock`` or ``Ipv4IpamPoolId``.", + "replaceOnChanges": true + }, + "cidrBlockAssociations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The association IDs of the IPv4 CIDR blocks for the VPC. For example, [ vpc-cidr-assoc-0280ab6b ]." + }, + "defaultNetworkAcl": { + "type": "string", + "description": "The ID of the default network ACL for the VPC. For example, acl-814dafe3." + }, + "defaultSecurityGroup": { + "type": "string", + "description": "The ID of the default security group for the VPC. For example, sg-b178e0d3." + }, + "enableDnsHostnames": { + "type": "boolean", + "description": "Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support).\n You can only enable DNS hostnames if you've enabled DNS support." + }, + "enableDnsSupport": { + "type": "boolean", + "description": "Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support)." + }, + "instanceTenancy": { + "type": "string", + "description": "The allowed tenancy of instances launched into the VPC.\n + ``default``: An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n + ``dedicated``: An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of ``host`` during instance launch. You cannot specify a tenancy of ``default`` during instance launch.\n \n Updating ``InstanceTenancy`` requires no replacement only if you are updating its value from ``dedicated`` to ``default``. Updating ``InstanceTenancy`` from ``default`` to ``dedicated`` requires replacement." + }, + "ipv4IpamPoolId": { + "type": "string", + "description": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide*.\n You must specify either``CidrBlock`` or ``Ipv4IpamPoolId``.", + "replaceOnChanges": true + }, + "ipv4NetmaskLength": { + "type": "integer", + "description": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide*.", + "replaceOnChanges": true + }, + "ipv6CidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv6 CIDR blocks for the VPC. For example, [ 2001:db8:1234:1a00::/56 ]." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the VPC." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + } + }, + "createOnly": [ + "cidrBlock", + "ipv4IpamPoolId", + "ipv4NetmaskLength" + ], + "writeOnly": [ + "ipv4IpamPoolId", + "ipv4NetmaskLength" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:VpcCidrBlock": { + "cf": "AWS::EC2::VPCCidrBlock", + "inputs": { + "amazonProvidedIpv6CidrBlock": { + "type": "boolean", + "description": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses, or the size of the CIDR block." + }, + "cidrBlock": { + "type": "string", + "description": "An IPv4 CIDR block to associate with the VPC." + }, + "ipv4IpamPoolId": { + "type": "string", + "description": "The ID of the IPv4 IPAM pool to Associate a CIDR from to a VPC." + }, + "ipv4NetmaskLength": { + "type": "integer", + "description": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool." + }, + "ipv6CidrBlock": { + "type": "string", + "description": "An IPv6 CIDR block from the IPv6 address pool." + }, + "ipv6IpamPoolId": { + "type": "string", + "description": "The ID of the IPv6 IPAM pool to Associate a CIDR from to a VPC." + }, + "ipv6NetmaskLength": { + "type": "integer", + "description": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool." + }, + "ipv6Pool": { + "type": "string", + "description": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + } + }, + "outputs": { + "amazonProvidedIpv6CidrBlock": { + "type": "boolean", + "description": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses, or the size of the CIDR block.", + "replaceOnChanges": true + }, + "awsId": { + "type": "string", + "description": "The Id of the VPC associated CIDR Block." + }, + "cidrBlock": { + "type": "string", + "description": "An IPv4 CIDR block to associate with the VPC.", + "replaceOnChanges": true + }, + "ipv4IpamPoolId": { + "type": "string", + "description": "The ID of the IPv4 IPAM pool to Associate a CIDR from to a VPC.", + "replaceOnChanges": true + }, + "ipv4NetmaskLength": { + "type": "integer", + "description": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool.", + "replaceOnChanges": true + }, + "ipv6CidrBlock": { + "type": "string", + "description": "An IPv6 CIDR block from the IPv6 address pool.", + "replaceOnChanges": true + }, + "ipv6IpamPoolId": { + "type": "string", + "description": "The ID of the IPv6 IPAM pool to Associate a CIDR from to a VPC.", + "replaceOnChanges": true + }, + "ipv6NetmaskLength": { + "type": "integer", + "description": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool.", + "replaceOnChanges": true + }, + "ipv6Pool": { + "type": "string", + "description": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.", + "replaceOnChanges": true + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC.", + "replaceOnChanges": true + } + }, + "required": [ + "vpcId" + ], + "createOnly": [ + "amazonProvidedIpv6CidrBlock", + "cidrBlock", + "ipv4IpamPoolId", + "ipv4NetmaskLength", + "ipv6CidrBlock", + "ipv6IpamPoolId", + "ipv6NetmaskLength", + "ipv6Pool", + "vpcId" + ], + "writeOnly": [ + "ipv4IpamPoolId", + "ipv4NetmaskLength", + "ipv6IpamPoolId", + "ipv6NetmaskLength" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:ec2:VpcEndpoint": { + "cf": "AWS::EC2::VPCEndpoint", + "inputs": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "An endpoint policy, which controls access to the service from the VPC. The default endpoint policy allows full access to the service. Endpoint policies are supported only for gateway and interface endpoints.\n For CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. CFNlong converts YAML policies to JSON format before calling the API to create or modify the VPC endpoint.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::EC2::VPCEndpoint` for more information about the expected schema for this property." + }, + "privateDnsEnabled": { + "type": "boolean", + "description": "Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, ``kinesis.us-east-1.amazonaws.com``), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.\n To use a private hosted zone, you must set the following VPC attributes to ``true``: ``enableDnsHostnames`` and ``enableDnsSupport``.\n This property is supported only for interface endpoints.\n Default: ``false``" + }, + "routeTableIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the route tables. Routing is supported only for gateway endpoints." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups to associate with the endpoint network interfaces. If this parameter is not specified, we use the default security group for the VPC. Security groups are supported only for interface endpoints." + }, + "serviceName": { + "type": "string", + "description": "The name of the endpoint service." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the subnets in which to create endpoint network interfaces. You must specify this property for an interface endpoint or a Gateway Load Balancer endpoint. You can't specify this property for a gateway endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet." + }, + "vpcEndpointType": { + "$ref": "#/types/aws-native:ec2:VpcEndpointType", + "description": "The type of endpoint.\n Default: Gateway" + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the VPC endpoint." + }, + "creationTimestamp": { + "type": "string", + "description": "The date and time the VPC endpoint was created. For example: `Fri Sep 28 23:34:36 UTC 2018.`" + }, + "dnsEntries": { + "type": "array", + "items": { + "type": "string" + }, + "description": "(Interface endpoints) The DNS entries for the endpoint. Each entry is a combination of the hosted zone ID and the DNS name. The entries are ordered as follows: regional public DNS, zonal public DNS, private DNS, and wildcard DNS. This order is not enforced for AWS Marketplace services.\n\nThe following is an example. In the first entry, the hosted zone ID is Z1HUB23UULQXV and the DNS name is vpce-01abc23456de78f9g-12abccd3.ec2.us-east-1.vpce.amazonaws.com.\n\n[\"Z1HUB23UULQXV:vpce-01abc23456de78f9g-12abccd3.ec2.us-east-1.vpce.amazonaws.com\", \"Z1HUB23UULQXV:vpce-01abc23456de78f9g-12abccd3-us-east-1a.ec2.us-east-1.vpce.amazonaws.com\", \"Z1C12344VYDITB0:ec2.us-east-1.amazonaws.com\"]\n\nIf you update the `PrivateDnsEnabled` or `SubnetIds` properties, the DNS entries in the list will change." + }, + "networkInterfaceIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "(Interface endpoints) The network interface IDs. If you update the `PrivateDnsEnabled` or `SubnetIds` properties, the items in this list might change." + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "An endpoint policy, which controls access to the service from the VPC. The default endpoint policy allows full access to the service. Endpoint policies are supported only for gateway and interface endpoints.\n For CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. CFNlong converts YAML policies to JSON format before calling the API to create or modify the VPC endpoint.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::EC2::VPCEndpoint` for more information about the expected schema for this property." + }, + "privateDnsEnabled": { + "type": "boolean", + "description": "Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, ``kinesis.us-east-1.amazonaws.com``), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.\n To use a private hosted zone, you must set the following VPC attributes to ``true``: ``enableDnsHostnames`` and ``enableDnsSupport``.\n This property is supported only for interface endpoints.\n Default: ``false``" + }, + "routeTableIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the route tables. Routing is supported only for gateway endpoints." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups to associate with the endpoint network interfaces. If this parameter is not specified, we use the default security group for the VPC. Security groups are supported only for interface endpoints." + }, + "serviceName": { + "type": "string", + "description": "The name of the endpoint service.", + "replaceOnChanges": true + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the subnets in which to create endpoint network interfaces. You must specify this property for an interface endpoint or a Gateway Load Balancer endpoint. You can't specify this property for a gateway endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet." + }, + "vpcEndpointType": { + "$ref": "#/types/aws-native:ec2:VpcEndpointType", + "description": "The type of endpoint.\n Default: Gateway", + "replaceOnChanges": true + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC.", + "replaceOnChanges": true + } + }, + "required": [ + "serviceName", + "vpcId" + ], + "createOnly": [ + "serviceName", + "vpcEndpointType", + "vpcId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:ec2:VpcEndpointConnectionNotification": { + "cf": "AWS::EC2::VPCEndpointConnectionNotification", + "inputs": { + "connectionEvents": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The endpoint events for which to receive notifications." + }, + "connectionNotificationArn": { + "type": "string", + "description": "The ARN of the SNS topic for the notifications." + }, + "serviceId": { + "type": "string", + "description": "The ID of the endpoint service." + }, + "vpcEndpointId": { + "type": "string", + "description": "The ID of the endpoint." + } + }, + "outputs": { + "connectionEvents": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The endpoint events for which to receive notifications." + }, + "connectionNotificationArn": { + "type": "string", + "description": "The ARN of the SNS topic for the notifications." + }, + "serviceId": { + "type": "string", + "description": "The ID of the endpoint service.", + "replaceOnChanges": true + }, + "vpcEndpointConnectionNotificationId": { + "type": "string", + "description": "VPC Endpoint Connection ID generated by service" + }, + "vpcEndpointId": { + "type": "string", + "description": "The ID of the endpoint.", + "replaceOnChanges": true + } + }, + "required": [ + "connectionEvents", + "connectionNotificationArn" + ], + "createOnly": [ + "serviceId", + "vpcEndpointId" + ], + "irreversibleNames": { + "vpcEndpointConnectionNotificationId": "VPCEndpointConnectionNotificationId", + "vpcEndpointId": "VPCEndpointId" + } + }, + "aws-native:ec2:VpcEndpointService": { + "cf": "AWS::EC2::VPCEndpointService", + "inputs": { + "acceptanceRequired": { + "type": "boolean", + "description": "Indicates whether requests from service consumers to create an endpoint to your service must be accepted." + }, + "contributorInsightsEnabled": { + "type": "boolean", + "description": "Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink ." + }, + "gatewayLoadBalancerArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the Gateway Load Balancers." + }, + "networkLoadBalancerArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the Network Load Balancers." + }, + "payerResponsibility": { + "type": "string", + "description": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner." + } + }, + "outputs": { + "acceptanceRequired": { + "type": "boolean", + "description": "Indicates whether requests from service consumers to create an endpoint to your service must be accepted." + }, + "contributorInsightsEnabled": { + "type": "boolean", + "description": "Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink ." + }, + "gatewayLoadBalancerArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the Gateway Load Balancers." + }, + "networkLoadBalancerArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the Network Load Balancers." + }, + "payerResponsibility": { + "type": "string", + "description": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner." + }, + "serviceId": { + "type": "string", + "description": "The ID of the endpoint service." + } + }, + "writeOnly": [ + "contributorInsightsEnabled" + ] + }, + "aws-native:ec2:VpcEndpointServicePermissions": { + "cf": "AWS::EC2::VPCEndpointServicePermissions", + "inputs": { + "allowedPrincipals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARN) of one or more principals (for example, users, IAM roles, and AWS accounts ). Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Permissions are revoked for principals not in this list. If the list is empty, then all permissions are revoked." + }, + "serviceId": { + "type": "string", + "description": "The ID of the service." + } + }, + "outputs": { + "allowedPrincipals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARN) of one or more principals (for example, users, IAM roles, and AWS accounts ). Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Permissions are revoked for principals not in this list. If the list is empty, then all permissions are revoked." + }, + "serviceId": { + "type": "string", + "description": "The ID of the service.", + "replaceOnChanges": true + } + }, + "required": [ + "serviceId" + ], + "createOnly": [ + "serviceId" + ] + }, + "aws-native:ec2:VpcGatewayAttachment": { + "cf": "AWS::EC2::VPCGatewayAttachment", + "inputs": { + "internetGatewayId": { + "type": "string", + "description": "The ID of the internet gateway. You must specify either InternetGatewayId or VpnGatewayId, but not both." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + }, + "vpnGatewayId": { + "type": "string", + "description": "The ID of the virtual private gateway. You must specify either InternetGatewayId or VpnGatewayId, but not both." + } + }, + "outputs": { + "attachmentType": { + "type": "string", + "description": "Used to identify if this resource is an Internet Gateway or Vpn Gateway Attachment " + }, + "internetGatewayId": { + "type": "string", + "description": "The ID of the internet gateway. You must specify either InternetGatewayId or VpnGatewayId, but not both." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC.", + "replaceOnChanges": true + }, + "vpnGatewayId": { + "type": "string", + "description": "The ID of the virtual private gateway. You must specify either InternetGatewayId or VpnGatewayId, but not both." + } + }, + "required": [ + "vpcId" + ], + "createOnly": [ + "vpcId" + ] + }, + "aws-native:ec2:VpcPeeringConnection": { + "cf": "AWS::EC2::VPCPeeringConnection", + "inputs": { + "peerOwnerId": { + "type": "string", + "description": "The AWS account ID of the owner of the accepter VPC." + }, + "peerRegion": { + "type": "string", + "description": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request." + }, + "peerRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account." + }, + "peerVpcId": { + "type": "string", + "description": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the resource." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the peering connection." + }, + "peerOwnerId": { + "type": "string", + "description": "The AWS account ID of the owner of the accepter VPC.", + "replaceOnChanges": true + }, + "peerRegion": { + "type": "string", + "description": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.", + "replaceOnChanges": true + }, + "peerRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.", + "replaceOnChanges": true + }, + "peerVpcId": { + "type": "string", + "description": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the resource." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC.", + "replaceOnChanges": true + } + }, + "required": [ + "peerVpcId", + "vpcId" + ], + "createOnly": [ + "peerOwnerId", + "peerRegion", + "peerRoleArn", + "peerVpcId", + "vpcId" + ], + "writeOnly": [ + "peerRoleArn" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:VpcdhcpOptionsAssociation": { + "cf": "AWS::EC2::VPCDHCPOptionsAssociation", + "inputs": { + "dhcpOptionsId": { + "type": "string", + "description": "The ID of the DHCP options set, or default to associate no DHCP options with the VPC." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + } + }, + "outputs": { + "dhcpOptionsId": { + "type": "string", + "description": "The ID of the DHCP options set, or default to associate no DHCP options with the VPC.", + "replaceOnChanges": true + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC.", + "replaceOnChanges": true + } + }, + "required": [ + "dhcpOptionsId", + "vpcId" + ], + "createOnly": [ + "dhcpOptionsId", + "vpcId" + ] + }, + "aws-native:ec2:VpnConnection": { + "cf": "AWS::EC2::VPNConnection", + "inputs": { + "customerGatewayId": { + "type": "string", + "description": "The ID of the customer gateway at your end of the VPN connection." + }, + "enableAcceleration": { + "type": "boolean" + }, + "staticRoutesOnly": { + "type": "boolean", + "description": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify ``true``." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the VPN connection." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway associated with the VPN connection.\n You must specify either ``TransitGatewayId`` or ``VpnGatewayId``, but not both." + }, + "type": { + "type": "string", + "description": "The type of VPN connection." + }, + "vpnGatewayId": { + "type": "string", + "description": "The ID of the virtual private gateway at the AWS side of the VPN connection.\n You must specify either ``TransitGatewayId`` or ``VpnGatewayId``, but not both." + }, + "vpnTunnelOptionsSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:VpnConnectionVpnTunnelOptionsSpecification" + }, + "description": "The tunnel options for the VPN connection." + } + }, + "outputs": { + "customerGatewayId": { + "type": "string", + "description": "The ID of the customer gateway at your end of the VPN connection.", + "replaceOnChanges": true + }, + "enableAcceleration": { + "type": "boolean", + "replaceOnChanges": true + }, + "staticRoutesOnly": { + "type": "boolean", + "description": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n If you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify ``true``.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the VPN connection." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the transit gateway associated with the VPN connection.\n You must specify either ``TransitGatewayId`` or ``VpnGatewayId``, but not both.", + "replaceOnChanges": true + }, + "type": { + "type": "string", + "description": "The type of VPN connection.", + "replaceOnChanges": true + }, + "vpnConnectionId": { + "type": "string", + "description": "The ID of the VPN connection." + }, + "vpnGatewayId": { + "type": "string", + "description": "The ID of the virtual private gateway at the AWS side of the VPN connection.\n You must specify either ``TransitGatewayId`` or ``VpnGatewayId``, but not both.", + "replaceOnChanges": true + }, + "vpnTunnelOptionsSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:VpnConnectionVpnTunnelOptionsSpecification" + }, + "description": "The tunnel options for the VPN connection.", + "replaceOnChanges": true + } + }, + "required": [ + "customerGatewayId", + "type" + ], + "createOnly": [ + "customerGatewayId", + "enableAcceleration", + "staticRoutesOnly", + "transitGatewayId", + "type", + "vpnGatewayId", + "vpnTunnelOptionsSpecifications" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ec2:VpnConnectionRoute": { + "cf": "AWS::EC2::VPNConnectionRoute", + "inputs": { + "destinationCidrBlock": { + "type": "string", + "description": "The CIDR block associated with the local subnet of the customer network." + }, + "vpnConnectionId": { + "type": "string", + "description": "The ID of the VPN connection." + } + }, + "outputs": { + "destinationCidrBlock": { + "type": "string", + "description": "The CIDR block associated with the local subnet of the customer network.", + "replaceOnChanges": true + }, + "vpnConnectionId": { + "type": "string", + "description": "The ID of the VPN connection.", + "replaceOnChanges": true + } + }, + "required": [ + "destinationCidrBlock", + "vpnConnectionId" + ], + "createOnly": [ + "destinationCidrBlock", + "vpnConnectionId" + ] + }, + "aws-native:ec2:VpnGateway": { + "cf": "AWS::EC2::VPNGateway", + "inputs": { + "amazonSideAsn": { + "type": "integer", + "description": "The private Autonomous System Number (ASN) for the Amazon side of a BGP session." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the virtual private gateway." + }, + "type": { + "type": "string", + "description": "The type of VPN connection the virtual private gateway supports." + } + }, + "outputs": { + "amazonSideAsn": { + "type": "integer", + "description": "The private Autonomous System Number (ASN) for the Amazon side of a BGP session.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the virtual private gateway." + }, + "type": { + "type": "string", + "description": "The type of VPN connection the virtual private gateway supports.", + "replaceOnChanges": true + }, + "vpnGatewayId": { + "type": "string", + "description": "The ID of the VPN gateway." + } + }, + "required": [ + "type" + ], + "createOnly": [ + "amazonSideAsn", + "type" + ], + "irreversibleNames": { + "vpnGatewayId": "VPNGatewayId" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ecr:PullThroughCacheRule": { + "cf": "AWS::ECR::PullThroughCacheRule", + "inputs": { + "credentialArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that identifies the credentials to authenticate to the upstream registry." + }, + "ecrRepositoryPrefix": { + "type": "string", + "description": "The ECRRepositoryPrefix is a custom alias for upstream registry url." + }, + "upstreamRegistry": { + "type": "string", + "description": "The name of the upstream registry." + }, + "upstreamRegistryUrl": { + "type": "string", + "description": "The upstreamRegistryUrl is the endpoint of upstream registry url of the public repository to be cached" + } + }, + "outputs": { + "credentialArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that identifies the credentials to authenticate to the upstream registry.", + "replaceOnChanges": true + }, + "ecrRepositoryPrefix": { + "type": "string", + "description": "The ECRRepositoryPrefix is a custom alias for upstream registry url.", + "replaceOnChanges": true + }, + "upstreamRegistry": { + "type": "string", + "description": "The name of the upstream registry.", + "replaceOnChanges": true + }, + "upstreamRegistryUrl": { + "type": "string", + "description": "The upstreamRegistryUrl is the endpoint of upstream registry url of the public repository to be cached", + "replaceOnChanges": true + } + }, + "createOnly": [ + "credentialArn", + "ecrRepositoryPrefix", + "upstreamRegistry", + "upstreamRegistryUrl" + ], + "writeOnly": [ + "credentialArn", + "upstreamRegistry" + ] + }, + "aws-native:ecr:RegistryPolicy": { + "cf": "AWS::ECR::RegistryPolicy", + "inputs": { + "policyText": { + "$ref": "pulumi.json#/Any", + "description": "The JSON policy text for your registry.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ECR::RegistryPolicy` for more information about the expected schema for this property." + } + }, + "outputs": { + "policyText": { + "$ref": "pulumi.json#/Any", + "description": "The JSON policy text for your registry.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ECR::RegistryPolicy` for more information about the expected schema for this property." + }, + "registryId": { + "type": "string", + "description": "The account ID of the private registry the policy is associated with." + } + }, + "required": [ + "policyText" + ] + }, + "aws-native:ecr:ReplicationConfiguration": { + "cf": "AWS::ECR::ReplicationConfiguration", + "inputs": { + "replicationConfiguration": { + "$ref": "#/types/aws-native:ecr:ReplicationConfiguration", + "description": "The replication configuration for a registry.", + "language": { + "csharp": { + "name": "ReplicationConfigurationValue" + } + } + } + }, + "outputs": { + "registryId": { + "type": "string", + "description": "The RegistryId associated with the aws account." + }, + "replicationConfiguration": { + "$ref": "#/types/aws-native:ecr:ReplicationConfiguration", + "description": "The replication configuration for a registry.", + "language": { + "csharp": { + "name": "ReplicationConfigurationValue" + } + } + } + }, + "required": [ + "replicationConfiguration" + ] + }, + "aws-native:ecr:Repository": { + "cf": "AWS::ECR::Repository", + "inputs": { + "emptyOnDelete": { + "type": "boolean", + "description": "If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:ecr:RepositoryEncryptionConfiguration", + "description": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest." + }, + "imageScanningConfiguration": { + "$ref": "#/types/aws-native:ecr:RepositoryImageScanningConfiguration", + "description": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository." + }, + "imageTagMutability": { + "$ref": "#/types/aws-native:ecr:RepositoryImageTagMutability", + "description": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of ``MUTABLE`` will be used which will allow image tags to be overwritten. If ``IMMUTABLE`` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten." + }, + "lifecyclePolicy": { + "$ref": "#/types/aws-native:ecr:RepositoryLifecyclePolicy", + "description": "Creates or updates a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html)." + }, + "repositoryName": { + "type": "string", + "description": "The name to use for the repository. The repository name may be specified on its own (such as ``nginx-web-app``) or it can be prepended with a namespace to group the repository into a category (such as ``project-a/nginx-web-app``). If you don't specify a name, CFNlong generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n The repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "repositoryPolicyText": { + "$ref": "pulumi.json#/Any", + "description": "The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide*.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ECR::Repository` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) for the specified `AWS::ECR::Repository` resource. For example, `arn:aws:ecr: *eu-west-1* : *123456789012* :repository/ *test-repository*` ." + }, + "emptyOnDelete": { + "type": "boolean", + "description": "If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:ecr:RepositoryEncryptionConfiguration", + "description": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.", + "replaceOnChanges": true + }, + "imageScanningConfiguration": { + "$ref": "#/types/aws-native:ecr:RepositoryImageScanningConfiguration", + "description": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository." + }, + "imageTagMutability": { + "$ref": "#/types/aws-native:ecr:RepositoryImageTagMutability", + "description": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of ``MUTABLE`` will be used which will allow image tags to be overwritten. If ``IMMUTABLE`` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten." + }, + "lifecyclePolicy": { + "$ref": "#/types/aws-native:ecr:RepositoryLifecyclePolicy", + "description": "Creates or updates a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html)." + }, + "repositoryName": { + "type": "string", + "description": "The name to use for the repository. The repository name may be specified on its own (such as ``nginx-web-app``) or it can be prepended with a namespace to group the repository into a category (such as ``project-a/nginx-web-app``). If you don't specify a name, CFNlong generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n The repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "repositoryPolicyText": { + "$ref": "pulumi.json#/Any", + "description": "The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide*.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ECR::Repository` for more information about the expected schema for this property." + }, + "repositoryUri": { + "type": "string", + "description": "Returns the URI for the specified `AWS::ECR::Repository` resource. For example, `*123456789012* .dkr.ecr. *us-west-2* .amazonaws.com/repository` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "repositoryName", + "minLength": 2, + "maxLength": 256 + }, + "createOnly": [ + "encryptionConfiguration", + "encryptionConfiguration/EncryptionType", + "encryptionConfiguration/KmsKey", + "repositoryName" + ], + "writeOnly": [ + "emptyOnDelete" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ecr:RepositoryCreationTemplate": { + "cf": "AWS::ECR::RepositoryCreationTemplate", + "inputs": { + "appliedFor": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecr:RepositoryCreationTemplateAppliedForItem" + }, + "description": "A list of enumerable Strings representing the repository creation scenarios that the template will apply towards." + }, + "customRoleArn": { + "type": "string", + "description": "The ARN of the role to be assumed by ECR. This role must be in the same account as the registry that you are configuring." + }, + "description": { + "type": "string", + "description": "The description of the template." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:ecr:RepositoryCreationTemplateEncryptionConfiguration", + "description": "The encryption configuration associated with the repository creation template." + }, + "imageTagMutability": { + "$ref": "#/types/aws-native:ecr:RepositoryCreationTemplateImageTagMutability", + "description": "The image tag mutability setting for the repository." + }, + "lifecyclePolicy": { + "type": "string", + "description": "The JSON lifecycle policy text to apply to the repository. For information about lifecycle policy syntax, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html" + }, + "prefix": { + "type": "string", + "description": "The prefix use to match the repository name and apply the template." + }, + "repositoryPolicy": { + "type": "string", + "description": "The JSON repository policy text to apply to the repository. For more information, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html" + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecr:RepositoryCreationTemplateTag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "appliedFor": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecr:RepositoryCreationTemplateAppliedForItem" + }, + "description": "A list of enumerable Strings representing the repository creation scenarios that the template will apply towards." + }, + "createdAt": { + "type": "string", + "description": "Create timestamp of the template." + }, + "customRoleArn": { + "type": "string", + "description": "The ARN of the role to be assumed by ECR. This role must be in the same account as the registry that you are configuring." + }, + "description": { + "type": "string", + "description": "The description of the template." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:ecr:RepositoryCreationTemplateEncryptionConfiguration", + "description": "The encryption configuration associated with the repository creation template." + }, + "imageTagMutability": { + "$ref": "#/types/aws-native:ecr:RepositoryCreationTemplateImageTagMutability", + "description": "The image tag mutability setting for the repository." + }, + "lifecyclePolicy": { + "type": "string", + "description": "The JSON lifecycle policy text to apply to the repository. For information about lifecycle policy syntax, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html" + }, + "prefix": { + "type": "string", + "description": "The prefix use to match the repository name and apply the template.", + "replaceOnChanges": true + }, + "repositoryPolicy": { + "type": "string", + "description": "The JSON repository policy text to apply to the repository. For more information, see https://docs.aws.amazon.com/AmazonECR/latest/userguide/RepositoryPolicyExamples.html" + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecr:RepositoryCreationTemplateTag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "updatedAt": { + "type": "string", + "description": "Update timestamp of the template." + } + }, + "required": [ + "appliedFor", + "prefix" + ], + "createOnly": [ + "prefix" + ] + }, + "aws-native:ecs:CapacityProvider": { + "cf": "AWS::ECS::CapacityProvider", + "inputs": { + "autoScalingGroupProvider": { + "$ref": "#/types/aws-native:ecs:CapacityProviderAutoScalingGroupProvider", + "description": "The Auto Scaling group settings for the capacity provider." + }, + "name": { + "type": "string", + "description": "The name of the capacity provider. If a name is specified, it cannot start with `aws` , `ecs` , or `fargate` . If no name is specified, a default name in the `CFNStackName-CFNResourceName-RandomString` format is used." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to the capacity provider to help you categorize and organize it. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit." + } + }, + "outputs": { + "autoScalingGroupProvider": { + "$ref": "#/types/aws-native:ecs:CapacityProviderAutoScalingGroupProvider", + "description": "The Auto Scaling group settings for the capacity provider." + }, + "name": { + "type": "string", + "description": "The name of the capacity provider. If a name is specified, it cannot start with `aws` , `ecs` , or `fargate` . If no name is specified, a default name in the `CFNStackName-CFNResourceName-RandomString` format is used.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to the capacity provider to help you categorize and organize it. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "autoScalingGroupProvider" + ], + "createOnly": [ + "autoScalingGroupProvider/AutoScalingGroupArn", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ecs:Cluster": { + "cf": "AWS::ECS::Cluster", + "inputs": { + "capacityProviders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The short name of one or more capacity providers to associate with the cluster. A capacity provider must be associated with a cluster before it can be included as part of the default capacity provider strategy of the cluster or used in a capacity provider strategy when calling the [CreateService](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html) or [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) actions.\n If specifying a capacity provider that uses an Auto Scaling group, the capacity provider must be created but not associated with another cluster. New Auto Scaling group capacity providers can be created with the [CreateCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) API operation.\n To use a FARGATElong capacity provider, specify either the ``FARGATE`` or ``FARGATE_SPOT`` capacity providers. The FARGATElong capacity providers are available to all accounts and only need to be associated with a cluster to be used.\n The [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created." + }, + "clusterName": { + "type": "string", + "description": "A user-generated string that you use to identify your cluster. If you don't specify a name, CFNlong generates a unique physical ID for the name." + }, + "clusterSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ClusterSettings" + }, + "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster." + }, + "configuration": { + "$ref": "#/types/aws-native:ecs:ClusterConfiguration", + "description": "The execute command and managed storage configuration for the cluster." + }, + "defaultCapacityProviderStrategy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ClusterCapacityProviderStrategyItem" + }, + "description": "The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used." + }, + "serviceConnectDefaults": { + "$ref": "#/types/aws-native:ecs:ClusterServiceConnectDefaults", + "description": "Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the ``enabled`` parameter to ``true`` in the ``ServiceConnectConfiguration``. You can set the namespace of each service individually in the ``ServiceConnectConfiguration`` to override this default parameter.\n Tasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n The following basic restrictions apply to tags:\n + Maximum number of tags per resource - 50\n + For each resource, each tag key must be unique, and each tag key can have only one value.\n + Maximum key length - 128 Unicode characters in UTF-8\n + Maximum value length - 256 Unicode characters in UTF-8\n + If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n + Tag keys and values are case-sensitive.\n + Do not use ``aws:``, ``AWS:``, or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon ECS cluster, such as `arn:aws:ecs:us-east-2:123456789012:cluster/MyECSCluster` ." + }, + "capacityProviders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The short name of one or more capacity providers to associate with the cluster. A capacity provider must be associated with a cluster before it can be included as part of the default capacity provider strategy of the cluster or used in a capacity provider strategy when calling the [CreateService](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html) or [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) actions.\n If specifying a capacity provider that uses an Auto Scaling group, the capacity provider must be created but not associated with another cluster. New Auto Scaling group capacity providers can be created with the [CreateCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) API operation.\n To use a FARGATElong capacity provider, specify either the ``FARGATE`` or ``FARGATE_SPOT`` capacity providers. The FARGATElong capacity providers are available to all accounts and only need to be associated with a cluster to be used.\n The [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created." + }, + "clusterName": { + "type": "string", + "description": "A user-generated string that you use to identify your cluster. If you don't specify a name, CFNlong generates a unique physical ID for the name.", + "replaceOnChanges": true + }, + "clusterSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ClusterSettings" + }, + "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster." + }, + "configuration": { + "$ref": "#/types/aws-native:ecs:ClusterConfiguration", + "description": "The execute command and managed storage configuration for the cluster." + }, + "defaultCapacityProviderStrategy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ClusterCapacityProviderStrategyItem" + }, + "description": "The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used." + }, + "serviceConnectDefaults": { + "$ref": "#/types/aws-native:ecs:ClusterServiceConnectDefaults", + "description": "Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the ``enabled`` parameter to ``true`` in the ``ServiceConnectConfiguration``. You can set the namespace of each service individually in the ``ServiceConnectConfiguration`` to override this default parameter.\n Tasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n The following basic restrictions apply to tags:\n + Maximum number of tags per resource - 50\n + For each resource, each tag key must be unique, and each tag key can have only one value.\n + Maximum key length - 128 Unicode characters in UTF-8\n + Maximum value length - 256 Unicode characters in UTF-8\n + If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n + Tag keys and values are case-sensitive.\n + Do not use ``aws:``, ``AWS:``, or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit." + } + }, + "autoNamingSpec": { + "sdkName": "clusterName" + }, + "createOnly": [ + "clusterName" + ], + "writeOnly": [ + "serviceConnectDefaults" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ecs:ClusterCapacityProviderAssociations": { + "cf": "AWS::ECS::ClusterCapacityProviderAssociations", + "inputs": { + "capacityProviders": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ecs:ClusterCapacityProviderAssociationsCapacityProvider" + }, + { + "type": "string" + } + ] + }, + "description": "The capacity providers to associate with the cluster." + }, + "cluster": { + "type": "string", + "description": "The cluster the capacity provider association is the target of." + }, + "defaultCapacityProviderStrategy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ClusterCapacityProviderAssociationsCapacityProviderStrategy" + }, + "description": "The default capacity provider strategy to associate with the cluster." + } + }, + "outputs": { + "capacityProviders": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ecs:ClusterCapacityProviderAssociationsCapacityProvider" + }, + { + "type": "string" + } + ] + }, + "description": "The capacity providers to associate with the cluster." + }, + "cluster": { + "type": "string", + "description": "The cluster the capacity provider association is the target of.", + "replaceOnChanges": true + }, + "defaultCapacityProviderStrategy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ClusterCapacityProviderAssociationsCapacityProviderStrategy" + }, + "description": "The default capacity provider strategy to associate with the cluster." + } + }, + "required": [ + "capacityProviders", + "cluster", + "defaultCapacityProviderStrategy" + ], + "createOnly": [ + "cluster" + ] + }, + "aws-native:ecs:PrimaryTaskSet": { + "cf": "AWS::ECS::PrimaryTaskSet", + "inputs": { + "cluster": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in." + }, + "service": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in." + }, + "taskSetId": { + "type": "string", + "description": "The ID or full Amazon Resource Name (ARN) of the task set." + } + }, + "outputs": { + "cluster": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", + "replaceOnChanges": true + }, + "service": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", + "replaceOnChanges": true + }, + "taskSetId": { + "type": "string", + "description": "The ID or full Amazon Resource Name (ARN) of the task set." + } + }, + "required": [ + "cluster", + "service", + "taskSetId" + ], + "createOnly": [ + "cluster", + "service" + ] + }, + "aws-native:ecs:Service": { + "cf": "AWS::ECS::Service", + "inputs": { + "capacityProviderStrategy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceCapacityProviderStrategyItem" + }, + "description": "The capacity provider strategy to use for the service.\n If a ``capacityProviderStrategy`` is specified, the ``launchType`` parameter must be omitted. If no ``capacityProviderStrategy`` or ``launchType`` is specified, the ``defaultCapacityProviderStrategy`` for the cluster is used.\n A capacity provider strategy may contain a maximum of 6 capacity providers." + }, + "cluster": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed." + }, + "deploymentConfiguration": { + "$ref": "#/types/aws-native:ecs:ServiceDeploymentConfiguration", + "description": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks." + }, + "deploymentController": { + "$ref": "#/types/aws-native:ecs:ServiceDeploymentController", + "description": "The deployment controller to use for the service. If no deployment controller is specified, the default value of ``ECS`` is used." + }, + "desiredCount": { + "type": "integer", + "description": "The number of instantiations of the specified task definition to place and keep running in your service.\n For new services, if a desired count is not specified, a default value of ``1`` is used. When using the ``DAEMON`` scheduling strategy, the desired count is not required.\n For existing services, if a desired count is not specified, it is omitted from the operation." + }, + "enableEcsManagedTags": { + "type": "boolean", + "description": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide*.\n When you use Amazon ECS managed tags, you need to set the ``propagateTags`` request parameter." + }, + "enableExecuteCommand": { + "type": "boolean", + "description": "Determines whether the execute command functionality is turned on for the service. If ``true``, the execute command functionality is turned on for all containers in tasks as part of the service." + }, + "healthCheckGracePeriodSeconds": { + "type": "integer", + "description": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing target health checks after a task has first started. This is only used when your service is configured to use a load balancer. If your service has a load balancer defined and you don't specify a health check grace period value, the default value of ``0`` is used.\n If you do not use an Elastic Load Balancing, we recommend that you use the ``startPeriod`` in the task definition health check parameters. For more information, see [Health check](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_HealthCheck.html).\n If your service's tasks take a while to start and respond to Elastic Load Balancing health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up." + }, + "launchType": { + "$ref": "#/types/aws-native:ecs:ServiceLaunchType", + "description": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "loadBalancers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceLoadBalancer" + }, + "description": "A list of load balancer objects to associate with the service. If you specify the ``Role`` property, ``LoadBalancers`` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:ecs:ServiceNetworkConfiguration", + "description": "The network configuration for the service. This parameter is required for task definitions that use the ``awsvpc`` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "placementConstraints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServicePlacementConstraint" + }, + "description": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime." + }, + "placementStrategies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServicePlacementStrategy" + }, + "description": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service." + }, + "platformVersion": { + "type": "string", + "description": "The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the ``LATEST`` platform version is used. For more information, see [platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "propagateTags": { + "$ref": "#/types/aws-native:ecs:ServicePropagateTags", + "description": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.\n The default is ``NONE``." + }, + "role": { + "type": "string", + "description": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the ``awsvpc`` network mode. If you specify the ``role`` parameter, you must also specify a load balancer object with the ``loadBalancers`` parameter.\n If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the ``awsvpc`` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide*.\n If your specified role has a path other than ``/``, then you must either specify the full role ARN (this is recommended) or prefix the role name with the path. For example, if a role with the name ``bar`` has a path of ``/foo/`` then you would specify ``/foo/bar`` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide*." + }, + "schedulingStrategy": { + "$ref": "#/types/aws-native:ecs:ServiceSchedulingStrategy", + "description": "The scheduling strategy to use for the service. For more information, see [Services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html).\n There are two service scheduler strategies available:\n + ``REPLICA``-The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions. This scheduler strategy is required if the service uses the ``CODE_DEPLOY`` or ``EXTERNAL`` deployment controller types.\n + ``DAEMON``-The daemon scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks and will stop tasks that don't meet the placement constraints. When you're using this strategy, you don't need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies.\n Tasks using the Fargate launch type or the ``CODE_DEPLOY`` or ``EXTERNAL`` deployment controller types don't support the ``DAEMON`` scheduling strategy." + }, + "serviceConnectConfiguration": { + "$ref": "#/types/aws-native:ecs:ServiceConnectConfiguration", + "description": "The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace.\n Tasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "serviceName": { + "type": "string", + "description": "The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster, but you can have similarly named services in multiple clusters within a Region or across multiple Regions.\n The stack update fails if you change any properties that require replacement and the ``ServiceName`` is configured. This is because AWS CloudFormation creates the replacement service first, but each ``ServiceName`` must be unique in the cluster." + }, + "serviceRegistries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceRegistry" + }, + "description": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html).\n Each service may be associated with one service registry. Multiple service registries for each service isn't supported." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to the service to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. When a service is deleted, the tags are deleted as well.\n The following basic restrictions apply to tags:\n + Maximum number of tags per resource - 50\n + For each resource, each tag key must be unique, and each tag key can have only one value.\n + Maximum key length - 128 Unicode characters in UTF-8\n + Maximum value length - 256 Unicode characters in UTF-8\n + If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n + Tag keys and values are case-sensitive.\n + Do not use ``aws:``, ``AWS:``, or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit." + }, + "taskDefinition": { + "type": "string", + "description": "The ``family`` and ``revision`` (``family:revision``) or full ARN of the task definition to run in your service. If a ``revision`` isn't specified, the latest ``ACTIVE`` revision is used.\n A task definition must be specified if the service uses either the ``ECS`` or ``CODE_DEPLOY`` deployment controllers.\n For more information about deployment types, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html)." + }, + "volumeConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceVolumeConfiguration" + }, + "description": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume." + } + }, + "outputs": { + "capacityProviderStrategy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceCapacityProviderStrategyItem" + }, + "description": "The capacity provider strategy to use for the service.\n If a ``capacityProviderStrategy`` is specified, the ``launchType`` parameter must be omitted. If no ``capacityProviderStrategy`` or ``launchType`` is specified, the ``defaultCapacityProviderStrategy`` for the cluster is used.\n A capacity provider strategy may contain a maximum of 6 capacity providers." + }, + "cluster": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", + "replaceOnChanges": true + }, + "deploymentConfiguration": { + "$ref": "#/types/aws-native:ecs:ServiceDeploymentConfiguration", + "description": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks." + }, + "deploymentController": { + "$ref": "#/types/aws-native:ecs:ServiceDeploymentController", + "description": "The deployment controller to use for the service. If no deployment controller is specified, the default value of ``ECS`` is used.", + "replaceOnChanges": true + }, + "desiredCount": { + "type": "integer", + "description": "The number of instantiations of the specified task definition to place and keep running in your service.\n For new services, if a desired count is not specified, a default value of ``1`` is used. When using the ``DAEMON`` scheduling strategy, the desired count is not required.\n For existing services, if a desired count is not specified, it is omitted from the operation." + }, + "enableEcsManagedTags": { + "type": "boolean", + "description": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide*.\n When you use Amazon ECS managed tags, you need to set the ``propagateTags`` request parameter." + }, + "enableExecuteCommand": { + "type": "boolean", + "description": "Determines whether the execute command functionality is turned on for the service. If ``true``, the execute command functionality is turned on for all containers in tasks as part of the service." + }, + "healthCheckGracePeriodSeconds": { + "type": "integer", + "description": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing target health checks after a task has first started. This is only used when your service is configured to use a load balancer. If your service has a load balancer defined and you don't specify a health check grace period value, the default value of ``0`` is used.\n If you do not use an Elastic Load Balancing, we recommend that you use the ``startPeriod`` in the task definition health check parameters. For more information, see [Health check](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_HealthCheck.html).\n If your service's tasks take a while to start and respond to Elastic Load Balancing health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up." + }, + "launchType": { + "$ref": "#/types/aws-native:ecs:ServiceLaunchType", + "description": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide*.", + "replaceOnChanges": true + }, + "loadBalancers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceLoadBalancer" + }, + "description": "A list of load balancer objects to associate with the service. If you specify the ``Role`` property, ``LoadBalancers`` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "name": { + "type": "string", + "description": "The name of the Amazon ECS service, such as `sample-webapp` ." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:ecs:ServiceNetworkConfiguration", + "description": "The network configuration for the service. This parameter is required for task definitions that use the ``awsvpc`` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "placementConstraints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServicePlacementConstraint" + }, + "description": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime." + }, + "placementStrategies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServicePlacementStrategy" + }, + "description": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service." + }, + "platformVersion": { + "type": "string", + "description": "The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the ``LATEST`` platform version is used. For more information, see [platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "propagateTags": { + "$ref": "#/types/aws-native:ecs:ServicePropagateTags", + "description": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.\n The default is ``NONE``." + }, + "role": { + "type": "string", + "description": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the ``awsvpc`` network mode. If you specify the ``role`` parameter, you must also specify a load balancer object with the ``loadBalancers`` parameter.\n If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the ``awsvpc`` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide*.\n If your specified role has a path other than ``/``, then you must either specify the full role ARN (this is recommended) or prefix the role name with the path. For example, if a role with the name ``bar`` has a path of ``/foo/`` then you would specify ``/foo/bar`` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide*.", + "replaceOnChanges": true + }, + "schedulingStrategy": { + "$ref": "#/types/aws-native:ecs:ServiceSchedulingStrategy", + "description": "The scheduling strategy to use for the service. For more information, see [Services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html).\n There are two service scheduler strategies available:\n + ``REPLICA``-The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions. This scheduler strategy is required if the service uses the ``CODE_DEPLOY`` or ``EXTERNAL`` deployment controller types.\n + ``DAEMON``-The daemon scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks and will stop tasks that don't meet the placement constraints. When you're using this strategy, you don't need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies.\n Tasks using the Fargate launch type or the ``CODE_DEPLOY`` or ``EXTERNAL`` deployment controller types don't support the ``DAEMON`` scheduling strategy.", + "replaceOnChanges": true + }, + "serviceArn": { + "type": "string", + "description": "Not currently supported in AWS CloudFormation ." + }, + "serviceConnectConfiguration": { + "$ref": "#/types/aws-native:ecs:ServiceConnectConfiguration", + "description": "The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace.\n Tasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "serviceName": { + "type": "string", + "description": "The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster, but you can have similarly named services in multiple clusters within a Region or across multiple Regions.\n The stack update fails if you change any properties that require replacement and the ``ServiceName`` is configured. This is because AWS CloudFormation creates the replacement service first, but each ``ServiceName`` must be unique in the cluster.", + "replaceOnChanges": true + }, + "serviceRegistries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceRegistry" + }, + "description": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html).\n Each service may be associated with one service registry. Multiple service registries for each service isn't supported." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to the service to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. When a service is deleted, the tags are deleted as well.\n The following basic restrictions apply to tags:\n + Maximum number of tags per resource - 50\n + For each resource, each tag key must be unique, and each tag key can have only one value.\n + Maximum key length - 128 Unicode characters in UTF-8\n + Maximum value length - 256 Unicode characters in UTF-8\n + If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n + Tag keys and values are case-sensitive.\n + Do not use ``aws:``, ``AWS:``, or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit." + }, + "taskDefinition": { + "type": "string", + "description": "The ``family`` and ``revision`` (``family:revision``) or full ARN of the task definition to run in your service. If a ``revision`` isn't specified, the latest ``ACTIVE`` revision is used.\n A task definition must be specified if the service uses either the ``ECS`` or ``CODE_DEPLOY`` deployment controllers.\n For more information about deployment types, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html)." + }, + "volumeConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceVolumeConfiguration" + }, + "description": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume." + } + }, + "autoNamingSpec": { + "sdkName": "serviceName" + }, + "createOnly": [ + "cluster", + "deploymentController", + "launchType", + "role", + "schedulingStrategy", + "serviceName" + ], + "writeOnly": [ + "serviceConnectConfiguration", + "volumeConfigurations" + ], + "irreversibleNames": { + "enableEcsManagedTags": "EnableECSManagedTags" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ecs:TaskDefinition": { + "cf": "AWS::ECS::TaskDefinition", + "inputs": { + "containerDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionContainerDefinition" + }, + "description": "A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "cpu": { + "type": "string", + "description": "The number of ``cpu`` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the ``memory`` parameter.\n The CPU units cannot be less than 1 vCPU when you use Windows containers on Fargate.\n + 256 (.25 vCPU) - Available ``memory`` values: 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB)\n + 512 (.5 vCPU) - Available ``memory`` values: 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB)\n + 1024 (1 vCPU) - Available ``memory`` values: 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB)\n + 2048 (2 vCPU) - Available ``memory`` values: 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB)\n + 4096 (4 vCPU) - Available ``memory`` values: 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB)\n + 8192 (8 vCPU) - Available ``memory`` values: 16 GB and 60 GB in 4 GB increments\n This option requires Linux platform ``1.4.0`` or later.\n + 16384 (16vCPU) - Available ``memory`` values: 32GB and 120 GB in 8 GB increments\n This option requires Linux platform ``1.4.0`` or later." + }, + "ephemeralStorage": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionEphemeralStorage", + "description": "The ephemeral storage settings to use for tasks run with the task definition." + }, + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "family": { + "type": "string", + "description": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n A family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n To use revision numbers when you update a task definition, specify this property. If you don't specify a value, CFNlong generates a new task definition each time that you update it." + }, + "inferenceAccelerators": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionInferenceAccelerator" + }, + "description": "The Elastic Inference accelerators to use for the containers in the task." + }, + "ipcMode": { + "type": "string", + "description": "The IPC resource namespace to use for the containers in the task. The valid values are ``host``, ``task``, or ``none``. If ``host`` is specified, then all containers within the tasks that specified the ``host`` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If ``task`` is specified, all containers within the specified task share the same IPC resources. If ``none`` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the *Docker run reference*.\n If the ``host`` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose. For more information, see [Docker security](https://docs.aws.amazon.com/https://docs.docker.com/engine/security/security/).\n If you are setting namespaced kernel parameters using ``systemControls`` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide*.\n + For tasks that use the ``host`` IPC mode, IPC namespace related ``systemControls`` are not supported.\n + For tasks that use the ``task`` IPC mode, IPC namespace related ``systemControls`` will apply to all containers within a task.\n \n This parameter is not supported for Windows containers or tasks run on FARGATElong." + }, + "memory": { + "type": "string", + "description": "The amount (in MiB) of memory used by the task.\n If your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html).\n If your tasks runs on FARGATElong, this field is required. You must use one of the following values. The value you choose determines your range of valid values for the ``cpu`` parameter.\n + 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available ``cpu`` values: 256 (.25 vCPU)\n + 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available ``cpu`` values: 512 (.5 vCPU)\n + 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available ``cpu`` values: 1024 (1 vCPU)\n + Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available ``cpu`` values: 2048 (2 vCPU)\n + Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available ``cpu`` values: 4096 (4 vCPU)\n + Between 16 GB and 60 GB in 4 GB increments - Available ``cpu`` values: 8192 (8 vCPU)\n This option requires Linux platform ``1.4.0`` or later.\n + Between 32GB and 120 GB in 8 GB increments - Available ``cpu`` values: 16384 (16 vCPU)\n This option requires Linux platform ``1.4.0`` or later." + }, + "networkMode": { + "type": "string", + "description": "The Docker networking mode to use for the containers in the task. The valid values are ``none``, ``bridge``, ``awsvpc``, and ``host``. If no network mode is specified, the default is ``bridge``.\n For Amazon ECS tasks on Fargate, the ``awsvpc`` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, ``\u003cdefault\u003e`` or ``awsvpc`` can be used. If the network mode is set to ``none``, you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The ``host`` and ``awsvpc`` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the ``bridge`` mode.\n With the ``host`` and ``awsvpc`` network modes, exposed container ports are mapped directly to the corresponding host port (for the ``host`` network mode) or the attached elastic network interface port (for the ``awsvpc`` network mode), so you cannot take advantage of dynamic host port mappings. \n When using the ``host`` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user.\n If the network mode is ``awsvpc``, the task is allocated an elastic network interface, and you must specify a NetworkConfiguration value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide*.\n If the network mode is ``host``, you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.\n For more information, see [Network settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#network-settings) in the *Docker run reference*." + }, + "pidMode": { + "type": "string", + "description": "The process namespace to use for the containers in the task. The valid values are ``host`` or ``task``. On Fargate for Linux containers, the only valid value is ``task``. For example, monitoring sidecars might need ``pidMode`` to access information about other containers running in the same task.\n If ``host`` is specified, all containers within the tasks that specified the ``host`` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance.\n If ``task`` is specified, all containers within the specified task share the same process namespace.\n If no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the *Docker run reference*.\n If the ``host`` PID mode is used, there's a heightened risk of undesired process namespace exposure. For more information, see [Docker security](https://docs.aws.amazon.com/https://docs.docker.com/engine/security/security/).\n This parameter is not supported for Windows containers.\n This parameter is only supported for tasks that are hosted on FARGATElong if the tasks are using platform version ``1.4.0`` or later (Linux). This isn't supported for Windows containers on Fargate." + }, + "placementConstraints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionPlacementConstraint" + }, + "description": "An array of placement constraint objects to use for tasks.\n This parameter isn't supported for tasks run on FARGATElong." + }, + "proxyConfiguration": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionProxyConfiguration", + "description": "The configuration details for the App Mesh proxy.\n Your Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the ``ecs-init`` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version ``20190301`` or later, they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "requiresCompatibilities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The task launch types the task definition was validated against. The valid values are ``EC2``, ``FARGATE``, and ``EXTERNAL``. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "runtimePlatform": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionRuntimePlatform", + "description": "The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.\n The following basic restrictions apply to tags:\n + Maximum number of tags per resource - 50\n + For each resource, each tag key must be unique, and each tag key can have only one value.\n + Maximum key length - 128 Unicode characters in UTF-8\n + Maximum value length - 256 Unicode characters in UTF-8\n + If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n + Tag keys and values are case-sensitive.\n + Do not use ``aws:``, ``AWS:``, or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit." + }, + "taskRoleArn": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the IAMlong role that grants containers in the task permission to call AWS APIs on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "volumes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionVolume" + }, + "description": "The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide*.\n The ``host`` and ``sourcePath`` parameters aren't supported for tasks run on FARGATElong." + } + }, + "outputs": { + "containerDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionContainerDefinition" + }, + "description": "A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide*.", + "replaceOnChanges": true + }, + "cpu": { + "type": "string", + "description": "The number of ``cpu`` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the ``memory`` parameter.\n The CPU units cannot be less than 1 vCPU when you use Windows containers on Fargate.\n + 256 (.25 vCPU) - Available ``memory`` values: 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB)\n + 512 (.5 vCPU) - Available ``memory`` values: 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB)\n + 1024 (1 vCPU) - Available ``memory`` values: 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB)\n + 2048 (2 vCPU) - Available ``memory`` values: 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB)\n + 4096 (4 vCPU) - Available ``memory`` values: 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB)\n + 8192 (8 vCPU) - Available ``memory`` values: 16 GB and 60 GB in 4 GB increments\n This option requires Linux platform ``1.4.0`` or later.\n + 16384 (16vCPU) - Available ``memory`` values: 32GB and 120 GB in 8 GB increments\n This option requires Linux platform ``1.4.0`` or later.", + "replaceOnChanges": true + }, + "ephemeralStorage": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionEphemeralStorage", + "description": "The ephemeral storage settings to use for tasks run with the task definition.", + "replaceOnChanges": true + }, + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide*.", + "replaceOnChanges": true + }, + "family": { + "type": "string", + "description": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n A family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n To use revision numbers when you update a task definition, specify this property. If you don't specify a value, CFNlong generates a new task definition each time that you update it.", + "replaceOnChanges": true + }, + "inferenceAccelerators": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionInferenceAccelerator" + }, + "description": "The Elastic Inference accelerators to use for the containers in the task.", + "replaceOnChanges": true + }, + "ipcMode": { + "type": "string", + "description": "The IPC resource namespace to use for the containers in the task. The valid values are ``host``, ``task``, or ``none``. If ``host`` is specified, then all containers within the tasks that specified the ``host`` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If ``task`` is specified, all containers within the specified task share the same IPC resources. If ``none`` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the *Docker run reference*.\n If the ``host`` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose. For more information, see [Docker security](https://docs.aws.amazon.com/https://docs.docker.com/engine/security/security/).\n If you are setting namespaced kernel parameters using ``systemControls`` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide*.\n + For tasks that use the ``host`` IPC mode, IPC namespace related ``systemControls`` are not supported.\n + For tasks that use the ``task`` IPC mode, IPC namespace related ``systemControls`` will apply to all containers within a task.\n \n This parameter is not supported for Windows containers or tasks run on FARGATElong.", + "replaceOnChanges": true + }, + "memory": { + "type": "string", + "description": "The amount (in MiB) of memory used by the task.\n If your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html).\n If your tasks runs on FARGATElong, this field is required. You must use one of the following values. The value you choose determines your range of valid values for the ``cpu`` parameter.\n + 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available ``cpu`` values: 256 (.25 vCPU)\n + 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available ``cpu`` values: 512 (.5 vCPU)\n + 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available ``cpu`` values: 1024 (1 vCPU)\n + Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available ``cpu`` values: 2048 (2 vCPU)\n + Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available ``cpu`` values: 4096 (4 vCPU)\n + Between 16 GB and 60 GB in 4 GB increments - Available ``cpu`` values: 8192 (8 vCPU)\n This option requires Linux platform ``1.4.0`` or later.\n + Between 32GB and 120 GB in 8 GB increments - Available ``cpu`` values: 16384 (16 vCPU)\n This option requires Linux platform ``1.4.0`` or later.", + "replaceOnChanges": true + }, + "networkMode": { + "type": "string", + "description": "The Docker networking mode to use for the containers in the task. The valid values are ``none``, ``bridge``, ``awsvpc``, and ``host``. If no network mode is specified, the default is ``bridge``.\n For Amazon ECS tasks on Fargate, the ``awsvpc`` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, ``\u003cdefault\u003e`` or ``awsvpc`` can be used. If the network mode is set to ``none``, you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The ``host`` and ``awsvpc`` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the ``bridge`` mode.\n With the ``host`` and ``awsvpc`` network modes, exposed container ports are mapped directly to the corresponding host port (for the ``host`` network mode) or the attached elastic network interface port (for the ``awsvpc`` network mode), so you cannot take advantage of dynamic host port mappings. \n When using the ``host`` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user.\n If the network mode is ``awsvpc``, the task is allocated an elastic network interface, and you must specify a NetworkConfiguration value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide*.\n If the network mode is ``host``, you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.\n For more information, see [Network settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#network-settings) in the *Docker run reference*.", + "replaceOnChanges": true + }, + "pidMode": { + "type": "string", + "description": "The process namespace to use for the containers in the task. The valid values are ``host`` or ``task``. On Fargate for Linux containers, the only valid value is ``task``. For example, monitoring sidecars might need ``pidMode`` to access information about other containers running in the same task.\n If ``host`` is specified, all containers within the tasks that specified the ``host`` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance.\n If ``task`` is specified, all containers within the specified task share the same process namespace.\n If no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the *Docker run reference*.\n If the ``host`` PID mode is used, there's a heightened risk of undesired process namespace exposure. For more information, see [Docker security](https://docs.aws.amazon.com/https://docs.docker.com/engine/security/security/).\n This parameter is not supported for Windows containers.\n This parameter is only supported for tasks that are hosted on FARGATElong if the tasks are using platform version ``1.4.0`` or later (Linux). This isn't supported for Windows containers on Fargate.", + "replaceOnChanges": true + }, + "placementConstraints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionPlacementConstraint" + }, + "description": "An array of placement constraint objects to use for tasks.\n This parameter isn't supported for tasks run on FARGATElong.", + "replaceOnChanges": true + }, + "proxyConfiguration": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionProxyConfiguration", + "description": "The configuration details for the App Mesh proxy.\n Your Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the ``ecs-init`` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version ``20190301`` or later, they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*.", + "replaceOnChanges": true + }, + "requiresCompatibilities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The task launch types the task definition was validated against. The valid values are ``EC2``, ``FARGATE``, and ``EXTERNAL``. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide*.", + "replaceOnChanges": true + }, + "runtimePlatform": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionRuntimePlatform", + "description": "The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.\n The following basic restrictions apply to tags:\n + Maximum number of tags per resource - 50\n + For each resource, each tag key must be unique, and each tag key can have only one value.\n + Maximum key length - 128 Unicode characters in UTF-8\n + Maximum value length - 256 Unicode characters in UTF-8\n + If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n + Tag keys and values are case-sensitive.\n + Do not use ``aws:``, ``AWS:``, or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit." + }, + "taskDefinitionArn": { + "type": "string", + "description": "The ARN of the task definition." + }, + "taskRoleArn": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the IAMlong role that grants containers in the task permission to call AWS APIs on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide*.", + "replaceOnChanges": true + }, + "volumes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionVolume" + }, + "description": "The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide*.\n The ``host`` and ``sourcePath`` parameters aren't supported for tasks run on FARGATElong.", + "replaceOnChanges": true + } + }, + "createOnly": [ + "containerDefinitions", + "cpu", + "ephemeralStorage", + "executionRoleArn", + "family", + "inferenceAccelerators", + "ipcMode", + "memory", + "networkMode", + "pidMode", + "placementConstraints", + "proxyConfiguration", + "requiresCompatibilities", + "runtimePlatform", + "taskRoleArn", + "volumes" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ecs:TaskSet": { + "cf": "AWS::ECS::TaskSet", + "inputs": { + "cluster": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in." + }, + "externalId": { + "type": "string", + "description": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the ECS_TASK_SET_EXTERNAL_ID AWS Cloud Map attribute set to the provided value. " + }, + "launchType": { + "$ref": "#/types/aws-native:ecs:TaskSetLaunchType", + "description": "The launch type that new tasks in the task set will use. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html in the Amazon Elastic Container Service Developer Guide. " + }, + "loadBalancers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskSetLoadBalancer" + }, + "description": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:ecs:TaskSetNetworkConfiguration", + "description": "The network configuration for the task set." + }, + "platformVersion": { + "type": "string", + "description": "The platform version that the tasks in the task set should use. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the LATEST platform version is used by default." + }, + "scale": { + "$ref": "#/types/aws-native:ecs:TaskSetScale", + "description": "A floating-point percentage of the desired number of tasks to place and keep running in the task set." + }, + "service": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in." + }, + "serviceRegistries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskSetServiceRegistry" + }, + "description": "The details of the service discovery registries to assign to this task set. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to the task set to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit." + }, + "taskDefinition": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the task definition for the tasks in the task set to use." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the task set." + }, + "cluster": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", + "replaceOnChanges": true + }, + "externalId": { + "type": "string", + "description": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the ECS_TASK_SET_EXTERNAL_ID AWS Cloud Map attribute set to the provided value. ", + "replaceOnChanges": true + }, + "launchType": { + "$ref": "#/types/aws-native:ecs:TaskSetLaunchType", + "description": "The launch type that new tasks in the task set will use. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html in the Amazon Elastic Container Service Developer Guide. ", + "replaceOnChanges": true + }, + "loadBalancers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskSetLoadBalancer" + }, + "description": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer.", + "replaceOnChanges": true + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:ecs:TaskSetNetworkConfiguration", + "description": "The network configuration for the task set.", + "replaceOnChanges": true + }, + "platformVersion": { + "type": "string", + "description": "The platform version that the tasks in the task set should use. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the LATEST platform version is used by default.", + "replaceOnChanges": true + }, + "scale": { + "$ref": "#/types/aws-native:ecs:TaskSetScale", + "description": "A floating-point percentage of the desired number of tasks to place and keep running in the task set." + }, + "service": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", + "replaceOnChanges": true + }, + "serviceRegistries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskSetServiceRegistry" + }, + "description": "The details of the service discovery registries to assign to this task set. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The metadata that you apply to the task set to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit." + }, + "taskDefinition": { + "type": "string", + "description": "The short name or full Amazon Resource Name (ARN) of the task definition for the tasks in the task set to use.", + "replaceOnChanges": true + } + }, + "required": [ + "cluster", + "service", + "taskDefinition" + ], + "createOnly": [ + "cluster", + "externalId", + "launchType", + "loadBalancers", + "networkConfiguration", + "platformVersion", + "service", + "serviceRegistries", + "taskDefinition" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:efs:AccessPoint": { + "cf": "AWS::EFS::AccessPoint", + "inputs": { + "accessPointTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + }, + "clientToken": { + "type": "string", + "description": "The opaque string specified in the request to ensure idempotent creation." + }, + "fileSystemId": { + "type": "string", + "description": "The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example ``fs-0123456789abcedf2``." + }, + "posixUser": { + "$ref": "#/types/aws-native:efs:AccessPointPosixUser", + "description": "The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point." + }, + "rootDirectory": { + "$ref": "#/types/aws-native:efs:AccessPointRootDirectory", + "description": "The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point." + } + }, + "outputs": { + "accessPointId": { + "type": "string", + "description": "The ID of the EFS access point." + }, + "accessPointTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the access point." + }, + "clientToken": { + "type": "string", + "description": "The opaque string specified in the request to ensure idempotent creation.", + "replaceOnChanges": true + }, + "fileSystemId": { + "type": "string", + "description": "The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example ``fs-0123456789abcedf2``.", + "replaceOnChanges": true + }, + "posixUser": { + "$ref": "#/types/aws-native:efs:AccessPointPosixUser", + "description": "The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.", + "replaceOnChanges": true + }, + "rootDirectory": { + "$ref": "#/types/aws-native:efs:AccessPointRootDirectory", + "description": "The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.", + "replaceOnChanges": true + } + }, + "required": [ + "fileSystemId" + ], + "createOnly": [ + "clientToken", + "creationInfo", + "creationInfo/OwnerGid", + "creationInfo/OwnerUid", + "creationInfo/Permissions", + "fileSystemId", + "posixUser", + "posixUser/Gid", + "posixUser/SecondaryGids", + "posixUser/Uid", + "rootDirectory", + "rootDirectory/CreationInfo", + "rootDirectory/Path" + ], + "tagsProperty": "accessPointTags", + "tagsStyle": "keyValueArray" + }, + "aws-native:efs:FileSystem": { + "cf": "AWS::EFS::FileSystem", + "inputs": { + "availabilityZoneName": { + "type": "string", + "description": "For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format ``us-east-1a`` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide*.\n One Zone file systems are not available in all Availability Zones in AWS-Regions where Amazon EFS is available." + }, + "backupPolicy": { + "$ref": "#/types/aws-native:efs:FileSystemBackupPolicy", + "description": "Use the ``BackupPolicy`` to turn automatic backups on or off for the file system." + }, + "bypassPolicyLockoutSafetyCheck": { + "type": "boolean", + "description": "(Optional) A boolean that specifies whether or not to bypass the ``FileSystemPolicy`` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future ``PutFileSystemPolicy`` requests on this file system. Set ``BypassPolicyLockoutSafetyCheck`` to ``True`` only when you intend to prevent the IAM principal that is making the request from making subsequent ``PutFileSystemPolicy`` requests on this file system. The default value is ``False``." + }, + "encrypted": { + "type": "boolean", + "description": "A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing kms-key-long. If you don't specify a kms-key, then the default kms-key for EFS, ``/aws/elasticfilesystem``, is used to protect the encrypted file system." + }, + "fileSystemPolicy": { + "$ref": "pulumi.json#/Any", + "description": "The ``FileSystemPolicy`` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide*.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::EFS::FileSystem` for more information about the expected schema for this property." + }, + "fileSystemProtection": { + "$ref": "#/types/aws-native:efs:FileSystemProtection", + "description": "Describes the protection on the file system." + }, + "fileSystemTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a ``\"Key\":\"Name\",\"Value\":\"{value}\"`` key-value pair. Each key must be unique. For more information, see [Tagging resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *General Reference Guide*." + }, + "kmsKeyId": { + "type": "string", + "description": "The ID of the kms-key-long to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault kms-key. If this parameter is not specified, the default kms-key for EFS is used. This ID can be in one of the following formats:\n + Key ID - A unique identifier of the key, for example ``1234abcd-12ab-34cd-56ef-1234567890ab``.\n + ARN - An Amazon Resource Name (ARN) for the key, for example ``arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab``.\n + Key alias - A previously created display name for a key, for example ``alias/projectKey1``.\n + Key alias ARN - An ARN for a key alias, for example ``arn:aws:kms:us-west-2:444455556666:alias/projectKey1``.\n \n If ``KmsKeyId`` is specified, the ``Encrypted`` parameter must be set to true." + }, + "lifecyclePolicies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:efs:FileSystemLifecyclePolicy" + }, + "description": "An array of ``LifecyclePolicy`` objects that define the file system's ``LifecycleConfiguration`` object. A ``LifecycleConfiguration`` object informs Lifecycle management of the following:\n + When to move files in the file system from primary storage to IA storage.\n + When to move files in the file system from primary storage or IA storage to Archive storage.\n + When to move files that are in IA or Archive storage to primary storage.\n \n EFS requires that each ``LifecyclePolicy`` object have only a single transition. This means that in a request body, ``LifecyclePolicies`` needs to be structured as an array of ``LifecyclePolicy`` objects, one object for each transition, ``TransitionToIA``, ``TransitionToArchive`` ``TransitionToPrimaryStorageClass``. See the example requests in the following section for more information." + }, + "performanceMode": { + "type": "string", + "description": "The performance mode of the file system. We recommend ``generalPurpose`` performance mode for all file systems. File systems using the ``maxIO`` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The ``maxIO`` mode is not supported on One Zone file systems.\n Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems.\n Default is ``generalPurpose``." + }, + "provisionedThroughputInMibps": { + "type": "number", + "description": "The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if ``ThroughputMode`` is set to ``provisioned``. Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact SUP. For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide*." + }, + "replicationConfiguration": { + "$ref": "#/types/aws-native:efs:FileSystemReplicationConfiguration", + "description": "Describes the replication configuration for a specific file system." + }, + "throughputMode": { + "type": "string", + "description": "Specifies the throughput mode for the file system. The mode can be ``bursting``, ``provisioned``, or ``elastic``. If you set ``ThroughputMode`` to ``provisioned``, you must also set a value for ``ProvisionedThroughputInMibps``. After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide*. \n Default is ``bursting``." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the EFS file system.\n\nExample: `arn:aws:elasticfilesystem:us-west-2:1111333322228888:file-system/fs-0123456789abcdef8`" + }, + "availabilityZoneName": { + "type": "string", + "description": "For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format ``us-east-1a`` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide*.\n One Zone file systems are not available in all Availability Zones in AWS-Regions where Amazon EFS is available.", + "replaceOnChanges": true + }, + "backupPolicy": { + "$ref": "#/types/aws-native:efs:FileSystemBackupPolicy", + "description": "Use the ``BackupPolicy`` to turn automatic backups on or off for the file system." + }, + "bypassPolicyLockoutSafetyCheck": { + "type": "boolean", + "description": "(Optional) A boolean that specifies whether or not to bypass the ``FileSystemPolicy`` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future ``PutFileSystemPolicy`` requests on this file system. Set ``BypassPolicyLockoutSafetyCheck`` to ``True`` only when you intend to prevent the IAM principal that is making the request from making subsequent ``PutFileSystemPolicy`` requests on this file system. The default value is ``False``." + }, + "encrypted": { + "type": "boolean", + "description": "A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing kms-key-long. If you don't specify a kms-key, then the default kms-key for EFS, ``/aws/elasticfilesystem``, is used to protect the encrypted file system.", + "replaceOnChanges": true + }, + "fileSystemId": { + "type": "string", + "description": "The ID of the EFS file system. For example: `fs-abcdef0123456789a`" + }, + "fileSystemPolicy": { + "$ref": "pulumi.json#/Any", + "description": "The ``FileSystemPolicy`` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide*.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::EFS::FileSystem` for more information about the expected schema for this property." + }, + "fileSystemProtection": { + "$ref": "#/types/aws-native:efs:FileSystemProtection", + "description": "Describes the protection on the file system." + }, + "fileSystemTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a ``\"Key\":\"Name\",\"Value\":\"{value}\"`` key-value pair. Each key must be unique. For more information, see [Tagging resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *General Reference Guide*." + }, + "kmsKeyId": { + "type": "string", + "description": "The ID of the kms-key-long to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault kms-key. If this parameter is not specified, the default kms-key for EFS is used. This ID can be in one of the following formats:\n + Key ID - A unique identifier of the key, for example ``1234abcd-12ab-34cd-56ef-1234567890ab``.\n + ARN - An Amazon Resource Name (ARN) for the key, for example ``arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab``.\n + Key alias - A previously created display name for a key, for example ``alias/projectKey1``.\n + Key alias ARN - An ARN for a key alias, for example ``arn:aws:kms:us-west-2:444455556666:alias/projectKey1``.\n \n If ``KmsKeyId`` is specified, the ``Encrypted`` parameter must be set to true.", + "replaceOnChanges": true + }, + "lifecyclePolicies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:efs:FileSystemLifecyclePolicy" + }, + "description": "An array of ``LifecyclePolicy`` objects that define the file system's ``LifecycleConfiguration`` object. A ``LifecycleConfiguration`` object informs Lifecycle management of the following:\n + When to move files in the file system from primary storage to IA storage.\n + When to move files in the file system from primary storage or IA storage to Archive storage.\n + When to move files that are in IA or Archive storage to primary storage.\n \n EFS requires that each ``LifecyclePolicy`` object have only a single transition. This means that in a request body, ``LifecyclePolicies`` needs to be structured as an array of ``LifecyclePolicy`` objects, one object for each transition, ``TransitionToIA``, ``TransitionToArchive`` ``TransitionToPrimaryStorageClass``. See the example requests in the following section for more information." + }, + "performanceMode": { + "type": "string", + "description": "The performance mode of the file system. We recommend ``generalPurpose`` performance mode for all file systems. File systems using the ``maxIO`` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The ``maxIO`` mode is not supported on One Zone file systems.\n Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems.\n Default is ``generalPurpose``.", + "replaceOnChanges": true + }, + "provisionedThroughputInMibps": { + "type": "number", + "description": "The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if ``ThroughputMode`` is set to ``provisioned``. Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact SUP. For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide*." + }, + "replicationConfiguration": { + "$ref": "#/types/aws-native:efs:FileSystemReplicationConfiguration", + "description": "Describes the replication configuration for a specific file system." + }, + "throughputMode": { + "type": "string", + "description": "Specifies the throughput mode for the file system. The mode can be ``bursting``, ``provisioned``, or ``elastic``. If you set ``ThroughputMode`` to ``provisioned``, you must also set a value for ``ProvisionedThroughputInMibps``. After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide*. \n Default is ``bursting``." + } + }, + "createOnly": [ + "availabilityZoneName", + "encrypted", + "kmsKeyId", + "performanceMode" + ], + "writeOnly": [ + "bypassPolicyLockoutSafetyCheck", + "replicationConfiguration/Destinations/0/AvailabilityZoneName", + "replicationConfiguration/Destinations/0/KmsKeyId" + ], + "tagsProperty": "fileSystemTags", + "tagsStyle": "keyValueArray" + }, + "aws-native:efs:MountTarget": { + "cf": "AWS::EFS::MountTarget", + "inputs": { + "fileSystemId": { + "type": "string", + "description": "The ID of the file system for which to create the mount target." + }, + "ipAddress": { + "type": "string", + "description": "Valid IPv4 address within the address range of the specified subnet." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the Amazon EFS file system that the mount target provides access to.\n\nExample: `fs-0123456789111222a`" + }, + "fileSystemId": { + "type": "string", + "description": "The ID of the file system for which to create the mount target.", + "replaceOnChanges": true + }, + "ipAddress": { + "type": "string", + "description": "Valid IPv4 address within the address range of the specified subnet.", + "replaceOnChanges": true + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone.", + "replaceOnChanges": true + } + }, + "required": [ + "fileSystemId", + "securityGroups", + "subnetId" + ], + "createOnly": [ + "fileSystemId", + "ipAddress", + "subnetId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:eks:AccessEntry": { + "cf": "AWS::EKS::AccessEntry", + "inputs": { + "accessPolicies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:AccessEntryAccessPolicy" + }, + "description": "An array of access policies that are associated with the access entry." + }, + "clusterName": { + "type": "string", + "description": "The cluster that the access entry is created for." + }, + "kubernetesGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Kubernetes groups that the access entry is associated with." + }, + "principalArn": { + "type": "string", + "description": "The principal ARN that the access entry is created for." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "type": { + "type": "string", + "description": "The node type to associate with the access entry." + }, + "username": { + "type": "string", + "description": "The Kubernetes user that the access entry is associated with." + } + }, + "outputs": { + "accessEntryArn": { + "type": "string", + "description": "The ARN of the access entry." + }, + "accessPolicies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:AccessEntryAccessPolicy" + }, + "description": "An array of access policies that are associated with the access entry." + }, + "clusterName": { + "type": "string", + "description": "The cluster that the access entry is created for.", + "replaceOnChanges": true + }, + "kubernetesGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Kubernetes groups that the access entry is associated with." + }, + "principalArn": { + "type": "string", + "description": "The principal ARN that the access entry is created for.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "type": { + "type": "string", + "description": "The node type to associate with the access entry.", + "replaceOnChanges": true + }, + "username": { + "type": "string", + "description": "The Kubernetes user that the access entry is associated with." + } + }, + "required": [ + "clusterName", + "principalArn" + ], + "createOnly": [ + "clusterName", + "principalArn", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:eks:Addon": { + "cf": "AWS::EKS::Addon", + "inputs": { + "addonName": { + "type": "string", + "description": "Name of Addon" + }, + "addonVersion": { + "type": "string", + "description": "Version of Addon" + }, + "clusterName": { + "type": "string", + "description": "Name of Cluster" + }, + "configurationValues": { + "type": "string", + "description": "The configuration values to use with the add-on" + }, + "podIdentityAssociations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:AddonPodIdentityAssociation" + }, + "description": "An array of pod identities to apply to this add-on." + }, + "preserveOnDelete": { + "type": "boolean", + "description": "PreserveOnDelete parameter value" + }, + "resolveConflicts": { + "$ref": "#/types/aws-native:eks:AddonResolveConflicts", + "description": "Resolve parameter value conflicts" + }, + "serviceAccountRoleArn": { + "type": "string", + "description": "IAM role to bind to the add-on's service account" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "addonName": { + "type": "string", + "description": "Name of Addon", + "replaceOnChanges": true + }, + "addonVersion": { + "type": "string", + "description": "Version of Addon" + }, + "arn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the add-on" + }, + "clusterName": { + "type": "string", + "description": "Name of Cluster", + "replaceOnChanges": true + }, + "configurationValues": { + "type": "string", + "description": "The configuration values to use with the add-on" + }, + "podIdentityAssociations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:AddonPodIdentityAssociation" + }, + "description": "An array of pod identities to apply to this add-on." + }, + "preserveOnDelete": { + "type": "boolean", + "description": "PreserveOnDelete parameter value" + }, + "resolveConflicts": { + "$ref": "#/types/aws-native:eks:AddonResolveConflicts", + "description": "Resolve parameter value conflicts" + }, + "serviceAccountRoleArn": { + "type": "string", + "description": "IAM role to bind to the add-on's service account" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "addonName", + "minLength": 1 + }, + "required": [ + "clusterName" + ], + "createOnly": [ + "addonName", + "clusterName" + ], + "writeOnly": [ + "podIdentityAssociations", + "preserveOnDelete", + "resolveConflicts" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:eks:Cluster": { + "cf": "AWS::EKS::Cluster", + "inputs": { + "accessConfig": { + "$ref": "#/types/aws-native:eks:ClusterAccessConfig", + "description": "The access configuration for the cluster." + }, + "bootstrapSelfManagedAddons": { + "type": "boolean", + "description": "Set this value to false to avoid creating the default networking addons when the cluster is created." + }, + "encryptionConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:ClusterEncryptionConfig" + }, + "description": "The encryption configuration for the cluster." + }, + "kubernetesNetworkConfig": { + "$ref": "#/types/aws-native:eks:ClusterKubernetesNetworkConfig", + "description": "The Kubernetes network configuration for the cluster." + }, + "logging": { + "$ref": "#/types/aws-native:eks:Logging", + "description": "The logging configuration for your cluster." + }, + "name": { + "type": "string", + "description": "The unique name to give to your cluster." + }, + "outpostConfig": { + "$ref": "#/types/aws-native:eks:ClusterOutpostConfig", + "description": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud." + }, + "resourcesVpcConfig": { + "$ref": "#/types/aws-native:eks:ClusterResourcesVpcConfig", + "description": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "upgradePolicy": { + "$ref": "#/types/aws-native:eks:ClusterUpgradePolicy", + "description": "This value indicates if extended support is enabled or disabled for the cluster.\n\n[Learn more about EKS Extended Support in the EKS User Guide.](https://docs.aws.amazon.com/eks/latest/userguide/extended-support-control.html)" + }, + "version": { + "type": "string", + "description": "The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used." + } + }, + "outputs": { + "accessConfig": { + "$ref": "#/types/aws-native:eks:ClusterAccessConfig", + "description": "The access configuration for the cluster." + }, + "arn": { + "type": "string", + "description": "The ARN of the cluster, such as arn:aws:eks:us-west-2:666666666666:cluster/prod." + }, + "awsId": { + "type": "string", + "description": "The unique ID given to your cluster." + }, + "bootstrapSelfManagedAddons": { + "type": "boolean", + "description": "Set this value to false to avoid creating the default networking addons when the cluster is created.", + "replaceOnChanges": true + }, + "certificateAuthorityData": { + "type": "string", + "description": "The certificate-authority-data for your cluster." + }, + "clusterSecurityGroupId": { + "type": "string", + "description": "The cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control plane to data plane communication." + }, + "encryptionConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:ClusterEncryptionConfig" + }, + "description": "The encryption configuration for the cluster.", + "replaceOnChanges": true + }, + "encryptionConfigKeyArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) or alias of the customer master key (CMK)." + }, + "endpoint": { + "type": "string", + "description": "The endpoint for your Kubernetes API server, such as https://5E1D0CEXAMPLEA591B746AFC5AB30262.yl4.us-west-2.eks.amazonaws.com." + }, + "kubernetesNetworkConfig": { + "$ref": "#/types/aws-native:eks:ClusterKubernetesNetworkConfig", + "description": "The Kubernetes network configuration for the cluster.", + "replaceOnChanges": true + }, + "logging": { + "$ref": "#/types/aws-native:eks:Logging", + "description": "The logging configuration for your cluster." + }, + "name": { + "type": "string", + "description": "The unique name to give to your cluster.", + "replaceOnChanges": true + }, + "openIdConnectIssuerUrl": { + "type": "string", + "description": "The issuer URL for the cluster's OIDC identity provider, such as https://oidc.eks.us-west-2.amazonaws.com/id/EXAMPLED539D4633E53DE1B716D3041E. If you need to remove https:// from this output value, you can include the following code in your template." + }, + "outpostConfig": { + "$ref": "#/types/aws-native:eks:ClusterOutpostConfig", + "description": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.", + "replaceOnChanges": true + }, + "resourcesVpcConfig": { + "$ref": "#/types/aws-native:eks:ClusterResourcesVpcConfig", + "description": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "upgradePolicy": { + "$ref": "#/types/aws-native:eks:ClusterUpgradePolicy", + "description": "This value indicates if extended support is enabled or disabled for the cluster.\n\n[Learn more about EKS Extended Support in the EKS User Guide.](https://docs.aws.amazon.com/eks/latest/userguide/extended-support-control.html)" + }, + "version": { + "type": "string", + "description": "The desired Kubernetes version for your cluster. If you don't specify a value here, the latest version available in Amazon EKS is used." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "resourcesVpcConfig", + "roleArn" + ], + "createOnly": [ + "accessConfig/BootstrapClusterCreatorAdminPermissions", + "bootstrapSelfManagedAddons", + "encryptionConfig", + "kubernetesNetworkConfig", + "name", + "outpostConfig", + "roleArn" + ], + "writeOnly": [ + "accessConfig/BootstrapClusterCreatorAdminPermissions", + "bootstrapSelfManagedAddons" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:eks:FargateProfile": { + "cf": "AWS::EKS::FargateProfile", + "inputs": { + "clusterName": { + "type": "string", + "description": "Name of the Cluster" + }, + "fargateProfileName": { + "type": "string", + "description": "Name of FargateProfile" + }, + "podExecutionRoleArn": { + "type": "string", + "description": "The IAM policy arn for pods" + }, + "selectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:FargateProfileSelector" + }, + "description": "The selectors to match for a `Pod` to use this Fargate profile. Each selector must have an associated Kubernetes `namespace` . Optionally, you can also specify `labels` for a `namespace` . You may specify up to five selectors in a Fargate profile." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of subnets to launch a `Pod` into. A `Pod` running on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the cluster, such as `arn:aws:eks:us-west-2:666666666666:fargateprofile/myCluster/myFargateProfile/1cb1a11a-1dc1-1d11-cf11-1111f11fa111` ." + }, + "clusterName": { + "type": "string", + "description": "Name of the Cluster", + "replaceOnChanges": true + }, + "fargateProfileName": { + "type": "string", + "description": "Name of FargateProfile", + "replaceOnChanges": true + }, + "podExecutionRoleArn": { + "type": "string", + "description": "The IAM policy arn for pods", + "replaceOnChanges": true + }, + "selectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:FargateProfileSelector" + }, + "description": "The selectors to match for a `Pod` to use this Fargate profile. Each selector must have an associated Kubernetes `namespace` . Optionally, you can also specify `labels` for a `namespace` . You may specify up to five selectors in a Fargate profile.", + "replaceOnChanges": true + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of subnets to launch a `Pod` into. A `Pod` running on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "fargateProfileName", + "minLength": 1 + }, + "required": [ + "clusterName", + "podExecutionRoleArn", + "selectors" + ], + "createOnly": [ + "clusterName", + "fargateProfileName", + "podExecutionRoleArn", + "selectors", + "subnets" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:eks:IdentityProviderConfig": { + "cf": "AWS::EKS::IdentityProviderConfig", + "inputs": { + "clusterName": { + "type": "string", + "description": "The name of the identity provider configuration." + }, + "identityProviderConfigName": { + "type": "string", + "description": "The name of the OIDC provider configuration." + }, + "oidc": { + "$ref": "#/types/aws-native:eks:IdentityProviderConfigOidcIdentityProviderConfig", + "description": "An object representing an OpenID Connect (OIDC) identity provider configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "type": { + "$ref": "#/types/aws-native:eks:IdentityProviderConfigType", + "description": "The type of the identity provider configuration." + } + }, + "outputs": { + "clusterName": { + "type": "string", + "description": "The name of the identity provider configuration.", + "replaceOnChanges": true + }, + "identityProviderConfigArn": { + "type": "string", + "description": "The ARN of the configuration." + }, + "identityProviderConfigName": { + "type": "string", + "description": "The name of the OIDC provider configuration.", + "replaceOnChanges": true + }, + "oidc": { + "$ref": "#/types/aws-native:eks:IdentityProviderConfigOidcIdentityProviderConfig", + "description": "An object representing an OpenID Connect (OIDC) identity provider configuration.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "type": { + "$ref": "#/types/aws-native:eks:IdentityProviderConfigType", + "description": "The type of the identity provider configuration.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "identityProviderConfigName" + }, + "required": [ + "clusterName", + "type" + ], + "createOnly": [ + "clusterName", + "identityProviderConfigName", + "oidc", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:eks:Nodegroup": { + "cf": "AWS::EKS::Nodegroup", + "inputs": { + "amiType": { + "type": "string", + "description": "The AMI type for your node group." + }, + "capacityType": { + "type": "string", + "description": "The capacity type of your managed node group." + }, + "clusterName": { + "type": "string", + "description": "Name of the cluster to create the node group in." + }, + "diskSize": { + "type": "integer", + "description": "The root device disk size (in GiB) for your node group instances." + }, + "forceUpdateEnabled": { + "type": "boolean", + "description": "Force the update if the existing node group's pods are unable to be drained due to a pod disruption budget issue." + }, + "instanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specify the instance types for a node group." + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The Kubernetes labels to be applied to the nodes in the node group when they are created." + }, + "launchTemplate": { + "$ref": "#/types/aws-native:eks:NodegroupLaunchTemplateSpecification", + "description": "An object representing a node group's launch template specification." + }, + "nodeRole": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group." + }, + "nodegroupName": { + "type": "string", + "description": "The unique name to give your node group." + }, + "releaseVersion": { + "type": "string", + "description": "The AMI version of the Amazon EKS-optimized AMI to use with your node group." + }, + "remoteAccess": { + "$ref": "#/types/aws-native:eks:NodegroupRemoteAccess", + "description": "The remote access (SSH) configuration to use with your node group." + }, + "scalingConfig": { + "$ref": "#/types/aws-native:eks:NodegroupScalingConfig", + "description": "The scaling configuration details for the Auto Scaling group that is created for your node group." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The subnets to use for the Auto Scaling group that is created for your node group." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The metadata, as key-value pairs, to apply to the node group to assist with categorization and organization. Follows same schema as Labels for consistency." + }, + "taints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:NodegroupTaint" + }, + "description": "The Kubernetes taints to be applied to the nodes in the node group when they are created." + }, + "updateConfig": { + "$ref": "#/types/aws-native:eks:NodegroupUpdateConfig", + "description": "The node group update configuration." + }, + "version": { + "type": "string", + "description": "The Kubernetes version to use for your managed nodes." + } + }, + "outputs": { + "amiType": { + "type": "string", + "description": "The AMI type for your node group.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) associated with the managed node group." + }, + "awsId": { + "type": "string" + }, + "capacityType": { + "type": "string", + "description": "The capacity type of your managed node group.", + "replaceOnChanges": true + }, + "clusterName": { + "type": "string", + "description": "Name of the cluster to create the node group in.", + "replaceOnChanges": true + }, + "diskSize": { + "type": "integer", + "description": "The root device disk size (in GiB) for your node group instances.", + "replaceOnChanges": true + }, + "forceUpdateEnabled": { + "type": "boolean", + "description": "Force the update if the existing node group's pods are unable to be drained due to a pod disruption budget issue." + }, + "instanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specify the instance types for a node group.", + "replaceOnChanges": true + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The Kubernetes labels to be applied to the nodes in the node group when they are created." + }, + "launchTemplate": { + "$ref": "#/types/aws-native:eks:NodegroupLaunchTemplateSpecification", + "description": "An object representing a node group's launch template specification." + }, + "nodeRole": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group.", + "replaceOnChanges": true + }, + "nodegroupName": { + "type": "string", + "description": "The unique name to give your node group.", + "replaceOnChanges": true + }, + "releaseVersion": { + "type": "string", + "description": "The AMI version of the Amazon EKS-optimized AMI to use with your node group." + }, + "remoteAccess": { + "$ref": "#/types/aws-native:eks:NodegroupRemoteAccess", + "description": "The remote access (SSH) configuration to use with your node group.", + "replaceOnChanges": true + }, + "scalingConfig": { + "$ref": "#/types/aws-native:eks:NodegroupScalingConfig", + "description": "The scaling configuration details for the Auto Scaling group that is created for your node group." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The subnets to use for the Auto Scaling group that is created for your node group.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The metadata, as key-value pairs, to apply to the node group to assist with categorization and organization. Follows same schema as Labels for consistency." + }, + "taints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:NodegroupTaint" + }, + "description": "The Kubernetes taints to be applied to the nodes in the node group when they are created." + }, + "updateConfig": { + "$ref": "#/types/aws-native:eks:NodegroupUpdateConfig", + "description": "The node group update configuration." + }, + "version": { + "type": "string", + "description": "The Kubernetes version to use for your managed nodes." + } + }, + "autoNamingSpec": { + "sdkName": "nodegroupName", + "minLength": 1 + }, + "required": [ + "clusterName", + "nodeRole", + "subnets" + ], + "createOnly": [ + "amiType", + "capacityType", + "clusterName", + "diskSize", + "instanceTypes", + "nodeRole", + "nodegroupName", + "remoteAccess", + "subnets" + ], + "writeOnly": [ + "forceUpdateEnabled" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:eks:PodIdentityAssociation": { + "cf": "AWS::EKS::PodIdentityAssociation", + "inputs": { + "clusterName": { + "type": "string", + "description": "The cluster that the pod identity association is created for." + }, + "namespace": { + "type": "string", + "description": "The Kubernetes namespace that the pod identity association is created for." + }, + "roleArn": { + "type": "string", + "description": "The IAM role ARN that the pod identity association is created for." + }, + "serviceAccount": { + "type": "string", + "description": "The Kubernetes service account that the pod identity association is created for." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "associationArn": { + "type": "string", + "description": "The ARN of the pod identity association." + }, + "associationId": { + "type": "string", + "description": "The ID of the pod identity association." + }, + "clusterName": { + "type": "string", + "description": "The cluster that the pod identity association is created for.", + "replaceOnChanges": true + }, + "namespace": { + "type": "string", + "description": "The Kubernetes namespace that the pod identity association is created for.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The IAM role ARN that the pod identity association is created for." + }, + "serviceAccount": { + "type": "string", + "description": "The Kubernetes service account that the pod identity association is created for.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "clusterName", + "namespace", + "roleArn", + "serviceAccount" + ], + "createOnly": [ + "clusterName", + "namespace", + "serviceAccount" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:elasticache:GlobalReplicationGroup": { + "cf": "AWS::ElastiCache::GlobalReplicationGroup", + "inputs": { + "automaticFailoverEnabled": { + "type": "boolean", + "description": "AutomaticFailoverEnabled" + }, + "cacheNodeType": { + "type": "string", + "description": "The cache node type of the Global Datastore" + }, + "cacheParameterGroupName": { + "type": "string", + "description": "Cache parameter group name to use for the new engine version. This parameter cannot be modified independently." + }, + "engineVersion": { + "type": "string", + "description": "The engine version of the Global Datastore." + }, + "globalNodeGroupCount": { + "type": "integer", + "description": "Indicates the number of node groups in the Global Datastore." + }, + "globalReplicationGroupDescription": { + "type": "string", + "description": "The optional description of the Global Datastore" + }, + "globalReplicationGroupIdSuffix": { + "type": "string", + "description": "The suffix name of a Global Datastore. Amazon ElastiCache automatically applies a prefix to the Global Datastore ID when it is created. Each AWS Region has its own prefix. " + }, + "members": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticache:GlobalReplicationGroupMember" + }, + "description": "The replication groups that comprise the Global Datastore." + }, + "regionalConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticache:GlobalReplicationGroupRegionalConfiguration" + }, + "description": "Describes the replication group IDs, the AWS regions where they are stored and the shard configuration for each that comprise the Global Datastore " + } + }, + "outputs": { + "automaticFailoverEnabled": { + "type": "boolean", + "description": "AutomaticFailoverEnabled" + }, + "cacheNodeType": { + "type": "string", + "description": "The cache node type of the Global Datastore" + }, + "cacheParameterGroupName": { + "type": "string", + "description": "Cache parameter group name to use for the new engine version. This parameter cannot be modified independently." + }, + "engineVersion": { + "type": "string", + "description": "The engine version of the Global Datastore." + }, + "globalNodeGroupCount": { + "type": "integer", + "description": "Indicates the number of node groups in the Global Datastore." + }, + "globalReplicationGroupDescription": { + "type": "string", + "description": "The optional description of the Global Datastore" + }, + "globalReplicationGroupId": { + "type": "string", + "description": "The name of the Global Datastore, it is generated by ElastiCache adding a prefix to GlobalReplicationGroupIdSuffix." + }, + "globalReplicationGroupIdSuffix": { + "type": "string", + "description": "The suffix name of a Global Datastore. Amazon ElastiCache automatically applies a prefix to the Global Datastore ID when it is created. Each AWS Region has its own prefix. " + }, + "members": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticache:GlobalReplicationGroupMember" + }, + "description": "The replication groups that comprise the Global Datastore." + }, + "regionalConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticache:GlobalReplicationGroupRegionalConfiguration" + }, + "description": "Describes the replication group IDs, the AWS regions where they are stored and the shard configuration for each that comprise the Global Datastore " + }, + "status": { + "type": "string", + "description": "The status of the Global Datastore" + } + }, + "required": [ + "members" + ], + "writeOnly": [ + "automaticFailoverEnabled", + "cacheNodeType", + "engineVersion", + "globalNodeGroupCount", + "globalReplicationGroupIdSuffix", + "regionalConfigurations" + ] + }, + "aws-native:elasticache:ParameterGroup": { + "cf": "AWS::ElastiCache::ParameterGroup", + "inputs": { + "cacheParameterGroupFamily": { + "type": "string", + "description": "The name of the cache parameter group family that this cache parameter group is compatible with." + }, + "description": { + "type": "string", + "description": "The description for this cache parameter group." + }, + "properties": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A comma-delimited list of parameter name/value pairs. For more information see ModifyCacheParameterGroup in the Amazon ElastiCache API Reference Guide." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags are composed of a Key/Value pair. You can use tags to categorize and track each parameter group. The tag value null is permitted." + } + }, + "outputs": { + "cacheParameterGroupFamily": { + "type": "string", + "description": "The name of the cache parameter group family that this cache parameter group is compatible with.", + "replaceOnChanges": true + }, + "cacheParameterGroupName": { + "type": "string", + "description": "The name of the Cache Parameter Group." + }, + "description": { + "type": "string", + "description": "The description for this cache parameter group." + }, + "properties": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A comma-delimited list of parameter name/value pairs. For more information see ModifyCacheParameterGroup in the Amazon ElastiCache API Reference Guide." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags are composed of a Key/Value pair. You can use tags to categorize and track each parameter group. The tag value null is permitted." + } + }, + "required": [ + "cacheParameterGroupFamily", + "description" + ], + "createOnly": [ + "cacheParameterGroupFamily" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:elasticache:ServerlessCache": { + "cf": "AWS::ElastiCache::ServerlessCache", + "inputs": { + "cacheUsageLimits": { + "$ref": "#/types/aws-native:elasticache:ServerlessCacheCacheUsageLimits", + "description": "The cache usage limit for the serverless cache." + }, + "dailySnapshotTime": { + "type": "string", + "description": "The daily time range (in UTC) during which the service takes automatic snapshot of the Serverless Cache." + }, + "description": { + "type": "string", + "description": "The description of the Serverless Cache." + }, + "endpoint": { + "$ref": "#/types/aws-native:elasticache:ServerlessCacheEndpoint", + "description": "Represents the information required for client programs to connect to a cache node. This value is read-only." + }, + "engine": { + "type": "string", + "description": "The engine name of the Serverless Cache." + }, + "finalSnapshotName": { + "type": "string", + "description": "The final snapshot name which is taken before Serverless Cache is deleted." + }, + "kmsKeyId": { + "type": "string", + "description": "The ID of the KMS key used to encrypt the cluster." + }, + "majorEngineVersion": { + "type": "string", + "description": "The major engine version of the Serverless Cache." + }, + "readerEndpoint": { + "$ref": "#/types/aws-native:elasticache:ServerlessCacheEndpoint", + "description": "Represents the information required for client programs to connect to a cache node. This value is read-only." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more Amazon VPC security groups associated with this Serverless Cache." + }, + "serverlessCacheName": { + "type": "string", + "description": "The name of the Serverless Cache. This value must be unique." + }, + "snapshotArnsToRestore": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARN's of snapshot to restore Serverless Cache." + }, + "snapshotRetentionLimit": { + "type": "integer", + "description": "The snapshot retention limit of the Serverless Cache." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The subnet id's of the Serverless Cache." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this Serverless Cache." + }, + "userGroupId": { + "type": "string", + "description": "The ID of the user group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the Serverless Cache." + }, + "cacheUsageLimits": { + "$ref": "#/types/aws-native:elasticache:ServerlessCacheCacheUsageLimits", + "description": "The cache usage limit for the serverless cache." + }, + "createTime": { + "type": "string", + "description": "The creation time of the Serverless Cache." + }, + "dailySnapshotTime": { + "type": "string", + "description": "The daily time range (in UTC) during which the service takes automatic snapshot of the Serverless Cache." + }, + "description": { + "type": "string", + "description": "The description of the Serverless Cache." + }, + "endpoint": { + "$ref": "#/types/aws-native:elasticache:ServerlessCacheEndpoint", + "description": "Represents the information required for client programs to connect to a cache node. This value is read-only." + }, + "engine": { + "type": "string", + "description": "The engine name of the Serverless Cache.", + "replaceOnChanges": true + }, + "finalSnapshotName": { + "type": "string", + "description": "The final snapshot name which is taken before Serverless Cache is deleted." + }, + "fullEngineVersion": { + "type": "string", + "description": "The full engine version of the Serverless Cache." + }, + "kmsKeyId": { + "type": "string", + "description": "The ID of the KMS key used to encrypt the cluster.", + "replaceOnChanges": true + }, + "majorEngineVersion": { + "type": "string", + "description": "The major engine version of the Serverless Cache.", + "replaceOnChanges": true + }, + "readerEndpoint": { + "$ref": "#/types/aws-native:elasticache:ServerlessCacheEndpoint", + "description": "Represents the information required for client programs to connect to a cache node. This value is read-only." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more Amazon VPC security groups associated with this Serverless Cache." + }, + "serverlessCacheName": { + "type": "string", + "description": "The name of the Serverless Cache. This value must be unique.", + "replaceOnChanges": true + }, + "snapshotArnsToRestore": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARN's of snapshot to restore Serverless Cache.", + "replaceOnChanges": true + }, + "snapshotRetentionLimit": { + "type": "integer", + "description": "The snapshot retention limit of the Serverless Cache." + }, + "status": { + "type": "string", + "description": "The status of the Serverless Cache." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The subnet id's of the Serverless Cache.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this Serverless Cache." + }, + "userGroupId": { + "type": "string", + "description": "The ID of the user group." + } + }, + "autoNamingSpec": { + "sdkName": "serverlessCacheName" + }, + "required": [ + "engine" + ], + "createOnly": [ + "engine", + "kmsKeyId", + "majorEngineVersion", + "serverlessCacheName", + "snapshotArnsToRestore", + "subnetIds" + ], + "writeOnly": [ + "finalSnapshotName", + "snapshotArnsToRestore" + ], + "irreversibleNames": { + "arn": "ARN" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:elasticache:SubnetGroup": { + "cf": "AWS::ElastiCache::SubnetGroup", + "inputs": { + "cacheSubnetGroupName": { + "type": "string", + "description": "The name for the cache subnet group. This value is stored as a lowercase string." + }, + "description": { + "type": "string", + "description": "The description for the cache subnet group." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The EC2 subnet IDs for the cache subnet group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A tag that can be added to an ElastiCache subnet group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your subnet groups. A tag with a null Value is permitted." + } + }, + "outputs": { + "cacheSubnetGroupName": { + "type": "string", + "description": "The name for the cache subnet group. This value is stored as a lowercase string.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description for the cache subnet group." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The EC2 subnet IDs for the cache subnet group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A tag that can be added to an ElastiCache subnet group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your subnet groups. A tag with a null Value is permitted." + } + }, + "required": [ + "description", + "subnetIds" + ], + "createOnly": [ + "cacheSubnetGroupName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:elasticache:User": { + "cf": "AWS::ElastiCache::User", + "inputs": { + "accessString": { + "type": "string", + "description": "Access permissions string used for this user account." + }, + "authenticationMode": { + "$ref": "#/types/aws-native:elasticache:AuthenticationModeProperties", + "description": "Specifies the authentication mode to use. Below is an example of the possible JSON values:\n\n```\n{ Passwords: [\"*****\", \"******\"] // If Type is password.\n}\n```" + }, + "engine": { + "$ref": "#/types/aws-native:elasticache:UserEngine", + "description": "Must be redis." + }, + "noPasswordRequired": { + "type": "boolean", + "description": "Indicates a password is not required for this user account." + }, + "passwords": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Passwords used for this user account. You can create up to two passwords for each user." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this user." + }, + "userId": { + "type": "string", + "description": "The ID of the user." + }, + "userName": { + "type": "string", + "description": "The username of the user." + } + }, + "outputs": { + "accessString": { + "type": "string", + "description": "Access permissions string used for this user account." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the user account." + }, + "authenticationMode": { + "$ref": "#/types/aws-native:elasticache:AuthenticationModeProperties", + "description": "Specifies the authentication mode to use. Below is an example of the possible JSON values:\n\n```\n{ Passwords: [\"*****\", \"******\"] // If Type is password.\n}\n```" + }, + "engine": { + "$ref": "#/types/aws-native:elasticache:UserEngine", + "description": "Must be redis.", + "replaceOnChanges": true + }, + "noPasswordRequired": { + "type": "boolean", + "description": "Indicates a password is not required for this user account." + }, + "passwords": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Passwords used for this user account. You can create up to two passwords for each user." + }, + "status": { + "type": "string", + "description": "Indicates the user status. Can be \"active\", \"modifying\" or \"deleting\"." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this user." + }, + "userId": { + "type": "string", + "description": "The ID of the user.", + "replaceOnChanges": true + }, + "userName": { + "type": "string", + "description": "The username of the user.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "userName" + }, + "required": [ + "engine", + "userId" + ], + "createOnly": [ + "engine", + "userId", + "userName" + ], + "writeOnly": [ + "accessString", + "authenticationMode", + "noPasswordRequired", + "passwords" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:elasticache:UserGroup": { + "cf": "AWS::ElastiCache::UserGroup", + "inputs": { + "engine": { + "$ref": "#/types/aws-native:elasticache:UserGroupEngine", + "description": "Must be redis." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this user." + }, + "userGroupId": { + "type": "string", + "description": "The ID of the user group." + }, + "userIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of users associated to this user group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the user account." + }, + "engine": { + "$ref": "#/types/aws-native:elasticache:UserGroupEngine", + "description": "Must be redis.", + "replaceOnChanges": true + }, + "status": { + "type": "string", + "description": "Indicates user group status. Can be \"creating\", \"active\", \"modifying\", \"deleting\"." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this user." + }, + "userGroupId": { + "type": "string", + "description": "The ID of the user group.", + "replaceOnChanges": true + }, + "userIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of users associated to this user group." + } + }, + "required": [ + "engine", + "userGroupId", + "userIds" + ], + "createOnly": [ + "engine", + "userGroupId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:elasticbeanstalk:Application": { + "cf": "AWS::ElasticBeanstalk::Application", + "inputs": { + "applicationName": { + "type": "string", + "description": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name." + }, + "description": { + "type": "string", + "description": "Your description of the application." + }, + "resourceLifecycleConfig": { + "$ref": "#/types/aws-native:elasticbeanstalk:ApplicationResourceLifecycleConfig", + "description": "Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions." + } + }, + "outputs": { + "applicationName": { + "type": "string", + "description": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "Your description of the application." + }, + "resourceLifecycleConfig": { + "$ref": "#/types/aws-native:elasticbeanstalk:ApplicationResourceLifecycleConfig", + "description": "Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions." + } + }, + "autoNamingSpec": { + "sdkName": "applicationName" + }, + "createOnly": [ + "applicationName" + ] + }, + "aws-native:elasticbeanstalk:ApplicationVersion": { + "cf": "AWS::ElasticBeanstalk::ApplicationVersion", + "inputs": { + "applicationName": { + "type": "string", + "description": "The name of the Elastic Beanstalk application that is associated with this application version. " + }, + "description": { + "type": "string", + "description": "A description of this application version." + }, + "sourceBundle": { + "$ref": "#/types/aws-native:elasticbeanstalk:ApplicationVersionSourceBundle", + "description": "The Amazon S3 bucket and key that identify the location of the source bundle for this version. " + } + }, + "outputs": { + "applicationName": { + "type": "string", + "description": "The name of the Elastic Beanstalk application that is associated with this application version. ", + "replaceOnChanges": true + }, + "awsId": { + "type": "string" + }, + "description": { + "type": "string", + "description": "A description of this application version." + }, + "sourceBundle": { + "$ref": "#/types/aws-native:elasticbeanstalk:ApplicationVersionSourceBundle", + "description": "The Amazon S3 bucket and key that identify the location of the source bundle for this version. ", + "replaceOnChanges": true + } + }, + "required": [ + "applicationName", + "sourceBundle" + ], + "createOnly": [ + "applicationName", + "sourceBundle" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:elasticbeanstalk:ConfigurationTemplate": { + "cf": "AWS::ElasticBeanstalk::ConfigurationTemplate", + "inputs": { + "applicationName": { + "type": "string", + "description": "The name of the Elastic Beanstalk application to associate with this configuration template. " + }, + "description": { + "type": "string", + "description": "An optional description for this configuration." + }, + "environmentId": { + "type": "string", + "description": "The ID of an environment whose settings you want to use to create the configuration template. You must specify EnvironmentId if you don't specify PlatformArn, SolutionStackName, or SourceConfiguration. " + }, + "optionSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticbeanstalk:ConfigurationTemplateConfigurationOptionSetting" + }, + "description": "Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the AWS Elastic Beanstalk Developer Guide. " + }, + "platformArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the AWS Elastic Beanstalk Developer Guide. " + }, + "solutionStackName": { + "type": "string", + "description": "The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, 64bit Amazon Linux 2013.09 running Tomcat 7 Java 7. A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the AWS Elastic Beanstalk Developer Guide.\n\n You must specify SolutionStackName if you don't specify PlatformArn, EnvironmentId, or SourceConfiguration.\n\n Use the ListAvailableSolutionStacks API to obtain a list of available solution stacks. " + }, + "sourceConfiguration": { + "$ref": "#/types/aws-native:elasticbeanstalk:ConfigurationTemplateSourceConfiguration", + "description": "An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration.\n\nValues specified in OptionSettings override any values obtained from the SourceConfiguration.\n\nYou must specify SourceConfiguration if you don't specify PlatformArn, EnvironmentId, or SolutionStackName.\n\nConstraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name. " + } + }, + "outputs": { + "applicationName": { + "type": "string", + "description": "The name of the Elastic Beanstalk application to associate with this configuration template. ", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "An optional description for this configuration." + }, + "environmentId": { + "type": "string", + "description": "The ID of an environment whose settings you want to use to create the configuration template. You must specify EnvironmentId if you don't specify PlatformArn, SolutionStackName, or SourceConfiguration. ", + "replaceOnChanges": true + }, + "optionSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticbeanstalk:ConfigurationTemplateConfigurationOptionSetting" + }, + "description": "Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the AWS Elastic Beanstalk Developer Guide. " + }, + "platformArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the AWS Elastic Beanstalk Developer Guide. ", + "replaceOnChanges": true + }, + "solutionStackName": { + "type": "string", + "description": "The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, 64bit Amazon Linux 2013.09 running Tomcat 7 Java 7. A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the AWS Elastic Beanstalk Developer Guide.\n\n You must specify SolutionStackName if you don't specify PlatformArn, EnvironmentId, or SourceConfiguration.\n\n Use the ListAvailableSolutionStacks API to obtain a list of available solution stacks. ", + "replaceOnChanges": true + }, + "sourceConfiguration": { + "$ref": "#/types/aws-native:elasticbeanstalk:ConfigurationTemplateSourceConfiguration", + "description": "An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration.\n\nValues specified in OptionSettings override any values obtained from the SourceConfiguration.\n\nYou must specify SourceConfiguration if you don't specify PlatformArn, EnvironmentId, or SolutionStackName.\n\nConstraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name. ", + "replaceOnChanges": true + }, + "templateName": { + "type": "string", + "description": "The name of the configuration template" + } + }, + "required": [ + "applicationName" + ], + "createOnly": [ + "applicationName", + "environmentId", + "platformArn", + "solutionStackName", + "sourceConfiguration" + ], + "writeOnly": [ + "environmentId", + "sourceConfiguration/ApplicationName", + "sourceConfiguration/TemplateName" + ] + }, + "aws-native:elasticbeanstalk:Environment": { + "cf": "AWS::ElasticBeanstalk::Environment", + "inputs": { + "applicationName": { + "type": "string", + "description": "The name of the application that is associated with this environment." + }, + "cnamePrefix": { + "type": "string", + "description": "If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name." + }, + "description": { + "type": "string", + "description": "Your description for this environment." + }, + "environmentName": { + "type": "string", + "description": "A unique name for the environment." + }, + "operationsRole": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role." + }, + "optionSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticbeanstalk:EnvironmentOptionSetting" + }, + "description": "Key-value pairs defining configuration options for this environment, such as the instance type." + }, + "platformArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the custom platform to use with the environment." + }, + "solutionStackName": { + "type": "string", + "description": "The name of an Elastic Beanstalk solution stack (platform version) to use with the environment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the tags applied to resources in the environment." + }, + "templateName": { + "type": "string", + "description": "The name of the Elastic Beanstalk configuration template to use with the environment." + }, + "tier": { + "$ref": "#/types/aws-native:elasticbeanstalk:EnvironmentTier", + "description": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks." + }, + "versionLabel": { + "type": "string", + "description": "The name of the application version to deploy." + } + }, + "outputs": { + "applicationName": { + "type": "string", + "description": "The name of the application that is associated with this environment.", + "replaceOnChanges": true + }, + "cnamePrefix": { + "type": "string", + "description": "If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "Your description for this environment." + }, + "endpointUrl": { + "type": "string", + "description": "For load-balanced, autoscaling environments, the URL to the load balancer. For single-instance environments, the IP address of the instance.\n\nExample load balancer URL:\n\nExample instance IP address:\n\n`192.0.2.0`" + }, + "environmentName": { + "type": "string", + "description": "A unique name for the environment.", + "replaceOnChanges": true + }, + "operationsRole": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role." + }, + "optionSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticbeanstalk:EnvironmentOptionSetting" + }, + "description": "Key-value pairs defining configuration options for this environment, such as the instance type." + }, + "platformArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the custom platform to use with the environment." + }, + "solutionStackName": { + "type": "string", + "description": "The name of an Elastic Beanstalk solution stack (platform version) to use with the environment.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies the tags applied to resources in the environment." + }, + "templateName": { + "type": "string", + "description": "The name of the Elastic Beanstalk configuration template to use with the environment." + }, + "tier": { + "$ref": "#/types/aws-native:elasticbeanstalk:EnvironmentTier", + "description": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks." + }, + "versionLabel": { + "type": "string", + "description": "The name of the application version to deploy." + } + }, + "autoNamingSpec": { + "sdkName": "environmentName" + }, + "required": [ + "applicationName" + ], + "createOnly": [ + "applicationName", + "cnamePrefix", + "environmentName", + "solutionStackName", + "tier/Name", + "tier/Type" + ], + "writeOnly": [ + "optionSettings", + "optionSettings/*/Namespace", + "optionSettings/*/OptionName", + "optionSettings/*/ResourceName", + "optionSettings/*/Value", + "templateName" + ], + "irreversibleNames": { + "cnamePrefix": "CNAMEPrefix", + "endpointUrl": "EndpointURL" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:elasticloadbalancingv2:Listener": { + "cf": "AWS::ElasticLoadBalancingV2::Listener", + "inputs": { + "alpnPolicy": { + "type": "array", + "items": { + "type": "string" + }, + "description": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy." + }, + "certificates": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerCertificate" + }, + "description": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n To create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html)." + }, + "defaultActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerAction" + }, + "description": "The actions for the default rule. You cannot define a condition for a default rule.\n To create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html)." + }, + "loadBalancerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the load balancer." + }, + "mutualAuthentication": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerMutualAuthentication", + "description": "The mutual authentication configuration information." + }, + "port": { + "type": "integer", + "description": "The port on which the load balancer is listening. You cannot specify a port for a Gateway Load Balancer." + }, + "protocol": { + "type": "string", + "description": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot specify a protocol for a Gateway Load Balancer." + }, + "sslPolicy": { + "type": "string", + "description": "[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported.\n Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic.\n For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies) in the *Network Load Balancers Guide*." + } + }, + "outputs": { + "alpnPolicy": { + "type": "array", + "items": { + "type": "string" + }, + "description": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy." + }, + "certificates": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerCertificate" + }, + "description": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n To create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html)." + }, + "defaultActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerAction" + }, + "description": "The actions for the default rule. You cannot define a condition for a default rule.\n To create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html)." + }, + "listenerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the listener." + }, + "loadBalancerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the load balancer.", + "replaceOnChanges": true + }, + "mutualAuthentication": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerMutualAuthentication", + "description": "The mutual authentication configuration information." + }, + "port": { + "type": "integer", + "description": "The port on which the load balancer is listening. You cannot specify a port for a Gateway Load Balancer." + }, + "protocol": { + "type": "string", + "description": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot specify a protocol for a Gateway Load Balancer." + }, + "sslPolicy": { + "type": "string", + "description": "[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported.\n Updating the security policy can result in interruptions if the load balancer is handling a high volume of traffic.\n For more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies) in the *Network Load Balancers Guide*." + } + }, + "required": [ + "defaultActions", + "loadBalancerArn" + ], + "createOnly": [ + "loadBalancerArn" + ], + "writeOnly": [ + "defaultActions/*/AuthenticateOidcConfig/ClientSecret" + ] + }, + "aws-native:elasticloadbalancingv2:ListenerRule": { + "cf": "AWS::ElasticLoadBalancingV2::ListenerRule", + "inputs": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleAction" + }, + "description": "The actions.\n The rule must include exactly one of the following types of actions: ``forward``, ``fixed-response``, or ``redirect``, and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action." + }, + "conditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleRuleCondition" + }, + "description": "The conditions.\n The rule can optionally include up to one of each of the following conditions: ``http-request-method``, ``host-header``, ``path-pattern``, and ``source-ip``. A rule can also optionally include one or more of each of the following conditions: ``http-header`` and ``query-string``." + }, + "listenerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the listener." + }, + "priority": { + "type": "integer", + "description": "The rule priority. A listener can't have multiple rules with the same priority.\n If you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update." + } + }, + "outputs": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleAction" + }, + "description": "The actions.\n The rule must include exactly one of the following types of actions: ``forward``, ``fixed-response``, or ``redirect``, and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action." + }, + "conditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleRuleCondition" + }, + "description": "The conditions.\n The rule can optionally include up to one of each of the following conditions: ``http-request-method``, ``host-header``, ``path-pattern``, and ``source-ip``. A rule can also optionally include one or more of each of the following conditions: ``http-header`` and ``query-string``." + }, + "isDefault": { + "type": "boolean", + "description": "Indicates whether this is the default rule." + }, + "listenerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the listener.", + "replaceOnChanges": true + }, + "priority": { + "type": "integer", + "description": "The rule priority. A listener can't have multiple rules with the same priority.\n If you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update." + }, + "ruleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the rule." + } + }, + "required": [ + "actions", + "conditions", + "priority" + ], + "createOnly": [ + "listenerArn" + ], + "writeOnly": [ + "actions/*/AuthenticateOidcConfig/ClientSecret", + "listenerArn" + ] + }, + "aws-native:elasticloadbalancingv2:LoadBalancer": { + "cf": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "inputs": { + "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { + "type": "string", + "description": "Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through privatelink." + }, + "ipAddressType": { + "type": "string", + "description": "Note: Internal load balancers must use the ``ipv4`` IP address type.\n [Application Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses), ``dualstack`` (for IPv4 and IPv6 addresses), and ``dualstack-without-public-ipv4`` (for IPv6 only public addresses, with private IPv4 and IPv6 addresses).\n [Network Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses). You can’t specify ``dualstack`` for a load balancer with a UDP or TCP_UDP listener.\n [Gateway Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses)." + }, + "loadBalancerAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:LoadBalancerAttribute" + }, + "description": "The load balancer attributes." + }, + "name": { + "type": "string", + "description": "The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with \"internal-\".\n If you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name." + }, + "scheme": { + "type": "string", + "description": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet.\n The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer.\n The default is an Internet-facing load balancer.\n You cannot specify a scheme for a Gateway Load Balancer." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer." + }, + "subnetMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:LoadBalancerSubnetMapping" + }, + "description": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.\n [Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.\n [Application Load Balancers on Outposts] You must specify one Outpost subnet.\n [Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n [Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.\n [Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You cannot specify Elastic IP addresses for your subnets." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.\n [Application Load Balancers] You must specify subnets from at least two Availability Zones.\n [Application Load Balancers on Outposts] You must specify one Outpost subnet.\n [Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n [Network Load Balancers] You can specify subnets from one or more Availability Zones.\n [Gateway Load Balancers] You can specify subnets from one or more Availability Zones." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the load balancer." + }, + "type": { + "type": "string", + "description": "The type of load balancer. The default is ``application``." + } + }, + "outputs": { + "canonicalHostedZoneId": { + "type": "string", + "description": "The ID of the Amazon Route 53 hosted zone associated with the load balancer. For example, `Z2P70J7EXAMPLE` ." + }, + "dnsName": { + "type": "string", + "description": "The DNS name for the load balancer. For example, `my-load-balancer-424835706.us-west-2.elb.amazonaws.com` ." + }, + "enforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { + "type": "string", + "description": "Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through privatelink." + }, + "ipAddressType": { + "type": "string", + "description": "Note: Internal load balancers must use the ``ipv4`` IP address type.\n [Application Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses), ``dualstack`` (for IPv4 and IPv6 addresses), and ``dualstack-without-public-ipv4`` (for IPv6 only public addresses, with private IPv4 and IPv6 addresses).\n [Network Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses). You can’t specify ``dualstack`` for a load balancer with a UDP or TCP_UDP listener.\n [Gateway Load Balancers] The IP address type. The possible values are ``ipv4`` (for only IPv4 addresses) and ``dualstack`` (for IPv4 and IPv6 addresses)." + }, + "loadBalancerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the load balancer." + }, + "loadBalancerAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:LoadBalancerAttribute" + }, + "description": "The load balancer attributes." + }, + "loadBalancerFullName": { + "type": "string", + "description": "The full name of the load balancer. For example, `app/my-load-balancer/50dc6c495c0c9188` ." + }, + "loadBalancerName": { + "type": "string", + "description": "The name of the load balancer. For example, `my-load-balancer` ." + }, + "name": { + "type": "string", + "description": "The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with \"internal-\".\n If you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "scheme": { + "type": "string", + "description": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet.\n The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer.\n The default is an Internet-facing load balancer.\n You cannot specify a scheme for a Gateway Load Balancer.", + "replaceOnChanges": true + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer." + }, + "subnetMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:LoadBalancerSubnetMapping" + }, + "description": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.\n [Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.\n [Application Load Balancers on Outposts] You must specify one Outpost subnet.\n [Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n [Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.\n [Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You cannot specify Elastic IP addresses for your subnets." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.\n [Application Load Balancers] You must specify subnets from at least two Availability Zones.\n [Application Load Balancers on Outposts] You must specify one Outpost subnet.\n [Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n [Network Load Balancers] You can specify subnets from one or more Availability Zones.\n [Gateway Load Balancers] You can specify subnets from one or more Availability Zones." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the load balancer." + }, + "type": { + "type": "string", + "description": "The type of load balancer. The default is ``application``.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "name", + "scheme", + "type" + ], + "irreversibleNames": { + "canonicalHostedZoneId": "CanonicalHostedZoneID", + "dnsName": "DNSName" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:elasticloadbalancingv2:TargetGroup": { + "cf": "AWS::ElasticLoadBalancingV2::TargetGroup", + "inputs": { + "healthCheckEnabled": { + "type": "boolean", + "description": "Indicates whether health checks are enabled. If the target type is lambda, health checks are disabled by default but can be enabled. If the target type is instance, ip, or alb, health checks are always enabled and cannot be disabled." + }, + "healthCheckIntervalSeconds": { + "type": "integer", + "description": "The approximate amount of time, in seconds, between health checks of an individual target." + }, + "healthCheckPath": { + "type": "string", + "description": "[HTTP/HTTPS health checks] The destination for health checks on the targets. [HTTP1 or HTTP2 protocol version] The ping path. The default is /. [GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is /AWS.ALB/healthcheck." + }, + "healthCheckPort": { + "type": "string", + "description": "The port the load balancer uses when performing health checks on targets. " + }, + "healthCheckProtocol": { + "type": "string", + "description": "The protocol the load balancer uses when performing health checks on targets. " + }, + "healthCheckTimeoutSeconds": { + "type": "integer", + "description": "The amount of time, in seconds, during which no response from a target means a failed health check." + }, + "healthyThresholdCount": { + "type": "integer", + "description": "The number of consecutive health checks successes required before considering an unhealthy target healthy. " + }, + "ipAddressType": { + "type": "string", + "description": "The type of IP address used for this target group. The possible values are ipv4 and ipv6. " + }, + "matcher": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:TargetGroupMatcher", + "description": "[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target." + }, + "name": { + "type": "string", + "description": "The name of the target group." + }, + "port": { + "type": "integer", + "description": "The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081." + }, + "protocol": { + "type": "string", + "description": "The protocol to use for routing traffic to the targets." + }, + "protocolVersion": { + "type": "string", + "description": "[HTTP/HTTPS protocol] The protocol version. The possible values are GRPC, HTTP1, and HTTP2." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags." + }, + "targetGroupAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:TargetGroupAttribute" + }, + "description": "The attributes." + }, + "targetType": { + "type": "string", + "description": "The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type." + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:TargetGroupTargetDescription" + }, + "description": "The targets." + }, + "unhealthyThresholdCount": { + "type": "integer", + "description": "The number of consecutive health check failures required before considering a target unhealthy." + }, + "vpcId": { + "type": "string", + "description": "The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply." + } + }, + "outputs": { + "healthCheckEnabled": { + "type": "boolean", + "description": "Indicates whether health checks are enabled. If the target type is lambda, health checks are disabled by default but can be enabled. If the target type is instance, ip, or alb, health checks are always enabled and cannot be disabled." + }, + "healthCheckIntervalSeconds": { + "type": "integer", + "description": "The approximate amount of time, in seconds, between health checks of an individual target." + }, + "healthCheckPath": { + "type": "string", + "description": "[HTTP/HTTPS health checks] The destination for health checks on the targets. [HTTP1 or HTTP2 protocol version] The ping path. The default is /. [GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is /AWS.ALB/healthcheck." + }, + "healthCheckPort": { + "type": "string", + "description": "The port the load balancer uses when performing health checks on targets. " + }, + "healthCheckProtocol": { + "type": "string", + "description": "The protocol the load balancer uses when performing health checks on targets. " + }, + "healthCheckTimeoutSeconds": { + "type": "integer", + "description": "The amount of time, in seconds, during which no response from a target means a failed health check." + }, + "healthyThresholdCount": { + "type": "integer", + "description": "The number of consecutive health checks successes required before considering an unhealthy target healthy. " + }, + "ipAddressType": { + "type": "string", + "description": "The type of IP address used for this target group. The possible values are ipv4 and ipv6. ", + "replaceOnChanges": true + }, + "loadBalancerArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the load balancers that route traffic to this target group." + }, + "matcher": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:TargetGroupMatcher", + "description": "[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target." + }, + "name": { + "type": "string", + "description": "The name of the target group.", + "replaceOnChanges": true + }, + "port": { + "type": "integer", + "description": "The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081.", + "replaceOnChanges": true + }, + "protocol": { + "type": "string", + "description": "The protocol to use for routing traffic to the targets.", + "replaceOnChanges": true + }, + "protocolVersion": { + "type": "string", + "description": "[HTTP/HTTPS protocol] The protocol version. The possible values are GRPC, HTTP1, and HTTP2.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags." + }, + "targetGroupArn": { + "type": "string", + "description": "The ARN of the Target Group" + }, + "targetGroupAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:TargetGroupAttribute" + }, + "description": "The attributes." + }, + "targetGroupFullName": { + "type": "string", + "description": "The full name of the target group." + }, + "targetGroupName": { + "type": "string", + "description": "The name of the target group." + }, + "targetType": { + "type": "string", + "description": "The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.", + "replaceOnChanges": true + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:TargetGroupTargetDescription" + }, + "description": "The targets." + }, + "unhealthyThresholdCount": { + "type": "integer", + "description": "The number of consecutive health check failures required before considering a target unhealthy." + }, + "vpcId": { + "type": "string", + "description": "The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "ipAddressType", + "name", + "port", + "protocol", + "protocolVersion", + "targetType", + "vpcId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:elasticloadbalancingv2:TrustStore": { + "cf": "AWS::ElasticLoadBalancingV2::TrustStore", + "inputs": { + "caCertificatesBundleS3Bucket": { + "type": "string", + "description": "The name of the S3 bucket to fetch the CA certificate bundle from." + }, + "caCertificatesBundleS3Key": { + "type": "string", + "description": "The name of the S3 object to fetch the CA certificate bundle from." + }, + "caCertificatesBundleS3ObjectVersion": { + "type": "string", + "description": "The version of the S3 bucket that contains the CA certificate bundle." + }, + "name": { + "type": "string", + "description": "The name of the trust store." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the trust store." + } + }, + "outputs": { + "caCertificatesBundleS3Bucket": { + "type": "string", + "description": "The name of the S3 bucket to fetch the CA certificate bundle from." + }, + "caCertificatesBundleS3Key": { + "type": "string", + "description": "The name of the S3 object to fetch the CA certificate bundle from." + }, + "caCertificatesBundleS3ObjectVersion": { + "type": "string", + "description": "The version of the S3 bucket that contains the CA certificate bundle." + }, + "name": { + "type": "string", + "description": "The name of the trust store.", + "replaceOnChanges": true + }, + "numberOfCaCertificates": { + "type": "integer", + "description": "The number of certificates associated with the trust store." + }, + "status": { + "type": "string", + "description": "The status of the trust store, could be either of ACTIVE or CREATING." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the trust store." + }, + "trustStoreArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the trust store." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "name" + ], + "writeOnly": [ + "caCertificatesBundleS3Bucket", + "caCertificatesBundleS3Key", + "caCertificatesBundleS3ObjectVersion" + ], + "irreversibleNames": { + "caCertificatesBundleS3Bucket": "CaCertificatesBundleS3Bucket", + "caCertificatesBundleS3Key": "CaCertificatesBundleS3Key", + "caCertificatesBundleS3ObjectVersion": "CaCertificatesBundleS3ObjectVersion" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:elasticloadbalancingv2:TrustStoreRevocation": { + "cf": "AWS::ElasticLoadBalancingV2::TrustStoreRevocation", + "inputs": { + "revocationContents": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:TrustStoreRevocationRevocationContent" + }, + "description": "The attributes required to create a trust store revocation." + }, + "trustStoreArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the trust store." + } + }, + "outputs": { + "revocationContents": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:TrustStoreRevocationRevocationContent" + }, + "description": "The attributes required to create a trust store revocation.", + "replaceOnChanges": true + }, + "revocationId": { + "type": "integer", + "description": "The ID associated with the revocation." + }, + "trustStoreArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the trust store.", + "replaceOnChanges": true + }, + "trustStoreRevocations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:TrustStoreRevocation" + }, + "description": "The data associated with a trust store revocation" + } + }, + "createOnly": [ + "revocationContents", + "trustStoreArn" + ], + "writeOnly": [ + "revocationContents" + ] + }, + "aws-native:emr:SecurityConfiguration": { + "cf": "AWS::EMR::SecurityConfiguration", + "inputs": { + "name": { + "type": "string", + "description": "The name of the security configuration." + }, + "securityConfiguration": { + "$ref": "pulumi.json#/Any", + "description": "The security configuration details in JSON format.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::EMR::SecurityConfiguration` for more information about the expected schema for this property.", + "language": { + "csharp": { + "name": "SecurityConfigurationValue" + } + } + } + }, + "outputs": { + "name": { + "type": "string", + "description": "The name of the security configuration.", + "replaceOnChanges": true + }, + "securityConfiguration": { + "$ref": "pulumi.json#/Any", + "description": "The security configuration details in JSON format.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::EMR::SecurityConfiguration` for more information about the expected schema for this property.", + "language": { + "csharp": { + "name": "SecurityConfigurationValue" + } + }, + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "securityConfiguration" + ], + "createOnly": [ + "name", + "securityConfiguration" + ] + }, + "aws-native:emr:Studio": { + "cf": "AWS::EMR::Studio", + "inputs": { + "authMode": { + "$ref": "#/types/aws-native:emr:StudioAuthMode", + "description": "Specifies whether the Studio authenticates users using single sign-on (SSO) or IAM. Amazon EMR Studio currently only supports SSO authentication." + }, + "defaultS3Location": { + "type": "string", + "description": "The default Amazon S3 location to back up EMR Studio Workspaces and notebook files. A Studio user can select an alternative Amazon S3 location when creating a Workspace." + }, + "description": { + "type": "string", + "description": "A detailed description of the Studio." + }, + "encryptionKeyArn": { + "type": "string", + "description": "The AWS KMS key identifier (ARN) used to encrypt AWS EMR Studio workspace and notebook files when backed up to AWS S3." + }, + "engineSecurityGroupId": { + "type": "string", + "description": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by VpcId." + }, + "idcInstanceArn": { + "type": "string", + "description": "The ARN of the IAM Identity Center instance to create the Studio application." + }, + "idcUserAssignment": { + "$ref": "#/types/aws-native:emr:StudioIdcUserAssignment", + "description": "Specifies whether IAM Identity Center user assignment is REQUIRED or OPTIONAL. If the value is set to REQUIRED, users must be explicitly assigned to the Studio application to access the Studio." + }, + "idpAuthUrl": { + "type": "string", + "description": "Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL." + }, + "idpRelayStateParameterName": { + "type": "string", + "description": "The name of relay state parameter for external Identity Provider." + }, + "name": { + "type": "string", + "description": "A descriptive name for the Amazon EMR Studio." + }, + "serviceRole": { + "type": "string", + "description": "The IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of up to 5 subnet IDs to associate with the Studio. The subnets must belong to the VPC specified by VpcId. Studio users can create a Workspace in any of the specified subnets." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags to associate with the Studio. Tags are user-defined key-value pairs that consist of a required key string with a maximum of 128 characters, and an optional value string with a maximum of 256 characters." + }, + "trustedIdentityPropagationEnabled": { + "type": "boolean", + "description": "A Boolean indicating whether to enable Trusted identity propagation for the Studio. The default value is false." + }, + "userRole": { + "type": "string", + "description": "The IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies." + }, + "vpcId": { + "type": "string", + "description": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio." + }, + "workspaceSecurityGroupId": { + "type": "string", + "description": "The ID of the Amazon EMR Studio Workspace security group. The Workspace security group allows outbound network traffic to resources in the Engine security group, and it must be in the same VPC specified by VpcId." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the EMR Studio." + }, + "authMode": { + "$ref": "#/types/aws-native:emr:StudioAuthMode", + "description": "Specifies whether the Studio authenticates users using single sign-on (SSO) or IAM. Amazon EMR Studio currently only supports SSO authentication.", + "replaceOnChanges": true + }, + "defaultS3Location": { + "type": "string", + "description": "The default Amazon S3 location to back up EMR Studio Workspaces and notebook files. A Studio user can select an alternative Amazon S3 location when creating a Workspace." + }, + "description": { + "type": "string", + "description": "A detailed description of the Studio." + }, + "encryptionKeyArn": { + "type": "string", + "description": "The AWS KMS key identifier (ARN) used to encrypt AWS EMR Studio workspace and notebook files when backed up to AWS S3.", + "replaceOnChanges": true + }, + "engineSecurityGroupId": { + "type": "string", + "description": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by VpcId.", + "replaceOnChanges": true + }, + "idcInstanceArn": { + "type": "string", + "description": "The ARN of the IAM Identity Center instance to create the Studio application.", + "replaceOnChanges": true + }, + "idcUserAssignment": { + "$ref": "#/types/aws-native:emr:StudioIdcUserAssignment", + "description": "Specifies whether IAM Identity Center user assignment is REQUIRED or OPTIONAL. If the value is set to REQUIRED, users must be explicitly assigned to the Studio application to access the Studio.", + "replaceOnChanges": true + }, + "idpAuthUrl": { + "type": "string", + "description": "Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL." + }, + "idpRelayStateParameterName": { + "type": "string", + "description": "The name of relay state parameter for external Identity Provider." + }, + "name": { + "type": "string", + "description": "A descriptive name for the Amazon EMR Studio." + }, + "serviceRole": { + "type": "string", + "description": "The IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services.", + "replaceOnChanges": true + }, + "studioId": { + "type": "string", + "description": "The ID of the EMR Studio." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of up to 5 subnet IDs to associate with the Studio. The subnets must belong to the VPC specified by VpcId. Studio users can create a Workspace in any of the specified subnets." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags to associate with the Studio. Tags are user-defined key-value pairs that consist of a required key string with a maximum of 128 characters, and an optional value string with a maximum of 256 characters." + }, + "trustedIdentityPropagationEnabled": { + "type": "boolean", + "description": "A Boolean indicating whether to enable Trusted identity propagation for the Studio. The default value is false.", + "replaceOnChanges": true + }, + "url": { + "type": "string", + "description": "The unique Studio access URL." + }, + "userRole": { + "type": "string", + "description": "The IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies.", + "replaceOnChanges": true + }, + "vpcId": { + "type": "string", + "description": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.", + "replaceOnChanges": true + }, + "workspaceSecurityGroupId": { + "type": "string", + "description": "The ID of the Amazon EMR Studio Workspace security group. The Workspace security group allows outbound network traffic to resources in the Engine security group, and it must be in the same VPC specified by VpcId.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "authMode", + "defaultS3Location", + "engineSecurityGroupId", + "serviceRole", + "subnetIds", + "vpcId", + "workspaceSecurityGroupId" + ], + "createOnly": [ + "authMode", + "encryptionKeyArn", + "engineSecurityGroupId", + "idcInstanceArn", + "idcUserAssignment", + "serviceRole", + "trustedIdentityPropagationEnabled", + "userRole", + "vpcId", + "workspaceSecurityGroupId" + ], + "irreversibleNames": { + "defaultS3Location": "DefaultS3Location" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:emr:StudioSessionMapping": { + "cf": "AWS::EMR::StudioSessionMapping", + "inputs": { + "identityName": { + "type": "string", + "description": "The name of the user or group. For more information, see UserName and DisplayName in the AWS SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified." + }, + "identityType": { + "$ref": "#/types/aws-native:emr:StudioSessionMappingIdentityType", + "description": "Specifies whether the identity to map to the Studio is a user or a group." + }, + "sessionPolicyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles." + }, + "studioId": { + "type": "string", + "description": "The ID of the Amazon EMR Studio to which the user or group will be mapped." + } + }, + "outputs": { + "identityName": { + "type": "string", + "description": "The name of the user or group. For more information, see UserName and DisplayName in the AWS SSO Identity Store API Reference. Either IdentityName or IdentityId must be specified.", + "replaceOnChanges": true + }, + "identityType": { + "$ref": "#/types/aws-native:emr:StudioSessionMappingIdentityType", + "description": "Specifies whether the identity to map to the Studio is a user or a group.", + "replaceOnChanges": true + }, + "sessionPolicyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles." + }, + "studioId": { + "type": "string", + "description": "The ID of the Amazon EMR Studio to which the user or group will be mapped.", + "replaceOnChanges": true + } + }, + "required": [ + "identityName", + "identityType", + "sessionPolicyArn", + "studioId" + ], + "createOnly": [ + "identityName", + "identityType", + "studioId" + ] + }, + "aws-native:emr:WalWorkspace": { + "cf": "AWS::EMR::WALWorkspace", + "inputs": { + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "walWorkspaceName": { + "type": "string", + "description": "The name of the emrwal container" + } + }, + "outputs": { + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "walWorkspaceName": { + "type": "string", + "description": "The name of the emrwal container", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "walWorkspaceName", + "minLength": 1, + "maxLength": 32 + }, + "createOnly": [ + "walWorkspaceName" + ], + "irreversibleNames": { + "walWorkspaceName": "WALWorkspaceName" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:emrcontainers:VirtualCluster": { + "cf": "AWS::EMRContainers::VirtualCluster", + "inputs": { + "containerProvider": { + "$ref": "#/types/aws-native:emrcontainers:VirtualClusterContainerProvider", + "description": "Container provider of the virtual cluster." + }, + "name": { + "type": "string", + "description": "Name of the virtual cluster." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this virtual cluster." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the project, such as `arn:aws:emr-containers:us-east-1:123456789012:/virtualclusters/ab4rp1abcs8xz47n3x0example` ." + }, + "awsId": { + "type": "string", + "description": "Id of the virtual cluster." + }, + "containerProvider": { + "$ref": "#/types/aws-native:emrcontainers:VirtualClusterContainerProvider", + "description": "Container provider of the virtual cluster.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Name of the virtual cluster.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this virtual cluster." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "containerProvider" + ], + "createOnly": [ + "containerProvider", + "name" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:emrserverless:Application": { + "cf": "AWS::EMRServerless::Application", + "inputs": { + "architecture": { + "$ref": "#/types/aws-native:emrserverless:ApplicationArchitecture", + "description": "The CPU architecture of an application." + }, + "autoStartConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationAutoStartConfiguration", + "description": "Configuration for Auto Start of Application." + }, + "autoStopConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationAutoStopConfiguration", + "description": "Configuration for Auto Stop of Application." + }, + "imageConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationImageConfigurationInput", + "description": "The image configuration applied to all worker types." + }, + "initialCapacity": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:emrserverless:ApplicationInitialCapacityConfigKeyValuePair" + }, + "description": "Initial capacity initialized when an Application is started." + }, + "interactiveConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationInteractiveConfiguration", + "description": "The interactive configuration object that enables the interactive use cases for an application." + }, + "maximumCapacity": { + "$ref": "#/types/aws-native:emrserverless:ApplicationMaximumAllowedResources", + "description": "Maximum allowed cumulative resources for an Application. No new resources will be created once the limit is hit." + }, + "monitoringConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationMonitoringConfiguration", + "description": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file." + }, + "name": { + "type": "string", + "description": "User friendly Application name." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationNetworkConfiguration", + "description": "Network Configuration for customer VPC connectivity." + }, + "releaseLabel": { + "type": "string", + "description": "EMR release label." + }, + "runtimeConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:emrserverless:ApplicationConfigurationObject" + }, + "description": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tag map with key and value" + }, + "type": { + "type": "string", + "description": "The type of the application" + }, + "workerTypeSpecifications": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:emrserverless:ApplicationWorkerTypeSpecificationInput" + }, + "description": "The key-value pairs that specify worker type to WorkerTypeSpecificationInput. This parameter must contain all valid worker types for a Spark or Hive application. Valid worker types include Driver and Executor for Spark applications and HiveDriver and TezTask for Hive applications. You can either set image details in this parameter for each worker type, or in imageConfiguration for all worker types." + } + }, + "outputs": { + "applicationId": { + "type": "string", + "description": "The ID of the EMR Serverless Application." + }, + "architecture": { + "$ref": "#/types/aws-native:emrserverless:ApplicationArchitecture", + "description": "The CPU architecture of an application." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the EMR Serverless Application." + }, + "autoStartConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationAutoStartConfiguration", + "description": "Configuration for Auto Start of Application." + }, + "autoStopConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationAutoStopConfiguration", + "description": "Configuration for Auto Stop of Application." + }, + "imageConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationImageConfigurationInput", + "description": "The image configuration applied to all worker types." + }, + "initialCapacity": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:emrserverless:ApplicationInitialCapacityConfigKeyValuePair" + }, + "description": "Initial capacity initialized when an Application is started." + }, + "interactiveConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationInteractiveConfiguration", + "description": "The interactive configuration object that enables the interactive use cases for an application." + }, + "maximumCapacity": { + "$ref": "#/types/aws-native:emrserverless:ApplicationMaximumAllowedResources", + "description": "Maximum allowed cumulative resources for an Application. No new resources will be created once the limit is hit." + }, + "monitoringConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationMonitoringConfiguration", + "description": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file." + }, + "name": { + "type": "string", + "description": "User friendly Application name.", + "replaceOnChanges": true + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationNetworkConfiguration", + "description": "Network Configuration for customer VPC connectivity." + }, + "releaseLabel": { + "type": "string", + "description": "EMR release label." + }, + "runtimeConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:emrserverless:ApplicationConfigurationObject" + }, + "description": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tag map with key and value" + }, + "type": { + "type": "string", + "description": "The type of the application", + "replaceOnChanges": true + }, + "workerTypeSpecifications": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:emrserverless:ApplicationWorkerTypeSpecificationInput" + }, + "description": "The key-value pairs that specify worker type to WorkerTypeSpecificationInput. This parameter must contain all valid worker types for a Spark or Hive application. Valid worker types include Driver and Executor for Spark applications and HiveDriver and TezTask for Hive applications. You can either set image details in this parameter for each worker type, or in imageConfiguration for all worker types." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "releaseLabel", + "type" + ], + "createOnly": [ + "name", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:entityresolution:IdMappingWorkflow": { + "cf": "AWS::EntityResolution::IdMappingWorkflow", + "inputs": { + "description": { + "type": "string", + "description": "The description of the IdMappingWorkflow" + }, + "idMappingTechniques": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowIdMappingTechniques", + "description": "An object which defines the ID mapping technique and any additional configurations." + }, + "inputSourceConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowInputSource" + }, + "description": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` ." + }, + "outputSourceConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowOutputSource" + }, + "description": "A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` ." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + }, + "workflowName": { + "type": "string", + "description": "The name of the IdMappingWorkflow" + } + }, + "outputs": { + "createdAt": { + "type": "string" + }, + "description": { + "type": "string", + "description": "The description of the IdMappingWorkflow" + }, + "idMappingTechniques": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowIdMappingTechniques", + "description": "An object which defines the ID mapping technique and any additional configurations." + }, + "inputSourceConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowInputSource" + }, + "description": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` ." + }, + "outputSourceConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowOutputSource" + }, + "description": "A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` ." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + }, + "updatedAt": { + "type": "string" + }, + "workflowArn": { + "type": "string" + }, + "workflowName": { + "type": "string", + "description": "The name of the IdMappingWorkflow", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "workflowName" + }, + "required": [ + "idMappingTechniques", + "inputSourceConfig", + "roleArn" + ], + "createOnly": [ + "workflowName" + ], + "writeOnly": [ + "idMappingTechniques/NormalizationVersion" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:entityresolution:IdNamespace": { + "cf": "AWS::EntityResolution::IdNamespace", + "inputs": { + "description": { + "type": "string", + "description": "The description of the ID namespace." + }, + "idMappingWorkflowProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceIdMappingWorkflowProperties" + }, + "description": "Determines the properties of `IdMappingWorflow` where this `IdNamespace` can be used as a `Source` or a `Target` ." + }, + "idNamespaceName": { + "type": "string", + "description": "The name of the ID namespace." + }, + "inputSourceConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceInputSource" + }, + "description": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` ." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to access the resources defined in this `IdNamespace` on your behalf as part of the workflow run." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + }, + "type": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceType", + "description": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to." + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "The date and time when the IdNamespace was created" + }, + "description": { + "type": "string", + "description": "The description of the ID namespace." + }, + "idMappingWorkflowProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceIdMappingWorkflowProperties" + }, + "description": "Determines the properties of `IdMappingWorflow` where this `IdNamespace` can be used as a `Source` or a `Target` ." + }, + "idNamespaceArn": { + "type": "string", + "description": "The arn associated with the IdNamespace" + }, + "idNamespaceName": { + "type": "string", + "description": "The name of the ID namespace.", + "replaceOnChanges": true + }, + "inputSourceConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceInputSource" + }, + "description": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` ." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to access the resources defined in this `IdNamespace` on your behalf as part of the workflow run." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + }, + "type": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceType", + "description": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to." + }, + "updatedAt": { + "type": "string", + "description": "The date and time when the IdNamespace was updated" + } + }, + "autoNamingSpec": { + "sdkName": "idNamespaceName" + }, + "required": [ + "type" + ], + "createOnly": [ + "idNamespaceName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:entityresolution:MatchingWorkflow": { + "cf": "AWS::EntityResolution::MatchingWorkflow", + "inputs": { + "description": { + "type": "string", + "description": "The description of the MatchingWorkflow" + }, + "inputSourceConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowInputSource" + }, + "description": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` ." + }, + "outputSourceConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowOutputSource" + }, + "description": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` ." + }, + "resolutionTechniques": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowResolutionTechniques", + "description": "An object which defines the `resolutionType` and the `ruleBasedProperties` ." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + }, + "workflowName": { + "type": "string", + "description": "The name of the MatchingWorkflow" + } + }, + "outputs": { + "createdAt": { + "type": "string" + }, + "description": { + "type": "string", + "description": "The description of the MatchingWorkflow" + }, + "inputSourceConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowInputSource" + }, + "description": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` ." + }, + "outputSourceConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowOutputSource" + }, + "description": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` ." + }, + "resolutionTechniques": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowResolutionTechniques", + "description": "An object which defines the `resolutionType` and the `ruleBasedProperties` ." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + }, + "updatedAt": { + "type": "string" + }, + "workflowArn": { + "type": "string" + }, + "workflowName": { + "type": "string", + "description": "The name of the MatchingWorkflow", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "workflowName" + }, + "required": [ + "inputSourceConfig", + "outputSourceConfig", + "resolutionTechniques", + "roleArn" + ], + "createOnly": [ + "workflowName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:entityresolution:PolicyStatement": { + "cf": "AWS::EntityResolution::PolicyStatement", + "inputs": { + "action": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The action that the principal can use on the resource.\n\nFor example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` ." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the resource that will be accessed by the principal." + }, + "condition": { + "type": "string", + "description": "A set of condition keys that you can use in key policies." + }, + "effect": { + "$ref": "#/types/aws-native:entityresolution:PolicyStatementStatementEffect", + "description": "Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).\n\n\u003e If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation." + }, + "principal": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The AWS service or AWS account that can access the resource defined as ARN." + }, + "statementId": { + "type": "string", + "description": "A statement identifier that differentiates the statement from others in the same policy." + } + }, + "outputs": { + "action": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The action that the principal can use on the resource.\n\nFor example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` ." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.", + "replaceOnChanges": true + }, + "condition": { + "type": "string", + "description": "A set of condition keys that you can use in key policies." + }, + "effect": { + "$ref": "#/types/aws-native:entityresolution:PolicyStatementStatementEffect", + "description": "Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).\n\n\u003e If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation." + }, + "principal": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The AWS service or AWS account that can access the resource defined as ARN." + }, + "statementId": { + "type": "string", + "description": "A statement identifier that differentiates the statement from others in the same policy.", + "replaceOnChanges": true + } + }, + "required": [ + "arn", + "statementId" + ], + "createOnly": [ + "arn", + "statementId" + ] + }, + "aws-native:entityresolution:SchemaMapping": { + "cf": "AWS::EntityResolution::SchemaMapping", + "inputs": { + "description": { + "type": "string", + "description": "The description of the SchemaMapping" + }, + "mappedInputFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:SchemaMappingSchemaInputAttribute" + }, + "description": "The SchemaMapping attributes input" + }, + "schemaName": { + "type": "string", + "description": "The name of the SchemaMapping" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + } + }, + "outputs": { + "createdAt": { + "type": "string" + }, + "description": { + "type": "string", + "description": "The description of the SchemaMapping" + }, + "hasWorkflows": { + "type": "boolean" + }, + "mappedInputFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:SchemaMappingSchemaInputAttribute" + }, + "description": "The SchemaMapping attributes input" + }, + "schemaArn": { + "type": "string" + }, + "schemaName": { + "type": "string", + "description": "The name of the SchemaMapping", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + }, + "updatedAt": { + "type": "string" + } + }, + "required": [ + "mappedInputFields", + "schemaName" + ], + "createOnly": [ + "schemaName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:events:ApiDestination": { + "cf": "AWS::Events::ApiDestination", + "inputs": { + "connectionArn": { + "type": "string", + "description": "The arn of the connection." + }, + "description": { + "type": "string", + "description": "A description for the API destination to create." + }, + "httpMethod": { + "$ref": "#/types/aws-native:events:ApiDestinationHttpMethod", + "description": "The method to use for the request to the HTTP invocation endpoint." + }, + "invocationEndpoint": { + "type": "string", + "description": "Url endpoint to invoke." + }, + "invocationRateLimitPerSecond": { + "type": "integer", + "description": "The maximum number of requests per second to send to the HTTP invocation endpoint." + }, + "name": { + "type": "string", + "description": "Name of the apiDestination." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The arn of the api destination." + }, + "connectionArn": { + "type": "string", + "description": "The arn of the connection." + }, + "description": { + "type": "string", + "description": "A description for the API destination to create." + }, + "httpMethod": { + "$ref": "#/types/aws-native:events:ApiDestinationHttpMethod", + "description": "The method to use for the request to the HTTP invocation endpoint." + }, + "invocationEndpoint": { + "type": "string", + "description": "Url endpoint to invoke." + }, + "invocationRateLimitPerSecond": { + "type": "integer", + "description": "The maximum number of requests per second to send to the HTTP invocation endpoint." + }, + "name": { + "type": "string", + "description": "Name of the apiDestination.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "connectionArn", + "httpMethod", + "invocationEndpoint" + ], + "createOnly": [ + "name" + ] + }, + "aws-native:events:Archive": { + "cf": "AWS::Events::Archive", + "inputs": { + "archiveName": { + "type": "string", + "description": "The name for the archive to create." + }, + "description": { + "type": "string", + "description": "A description for the archive." + }, + "eventPattern": { + "$ref": "pulumi.json#/Any", + "description": "An event pattern to use to filter events sent to the archive.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Events::Archive` for more information about the expected schema for this property." + }, + "retentionDays": { + "type": "integer", + "description": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely" + }, + "sourceArn": { + "type": "string", + "description": "The ARN of the event bus that sends events to the archive." + } + }, + "outputs": { + "archiveName": { + "type": "string", + "description": "The name for the archive to create.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The ARN of the archive created." + }, + "description": { + "type": "string", + "description": "A description for the archive." + }, + "eventPattern": { + "$ref": "pulumi.json#/Any", + "description": "An event pattern to use to filter events sent to the archive.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Events::Archive` for more information about the expected schema for this property." + }, + "retentionDays": { + "type": "integer", + "description": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely" + }, + "sourceArn": { + "type": "string", + "description": "The ARN of the event bus that sends events to the archive.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "archiveName", + "minLength": 1, + "maxLength": 48 + }, + "required": [ + "sourceArn" + ], + "createOnly": [ + "archiveName", + "sourceArn" + ] + }, + "aws-native:events:Connection": { + "cf": "AWS::Events::Connection", + "inputs": { + "authParameters": { + "$ref": "#/types/aws-native:events:ConnectionAuthParameters", + "description": "A `CreateConnectionAuthRequestParameters` object that contains the authorization parameters to use to authorize with the endpoint." + }, + "authorizationType": { + "$ref": "#/types/aws-native:events:ConnectionAuthorizationType", + "description": "The type of authorization to use for the connection.\n\n\u003e OAUTH tokens are refreshed when a 401 or 407 response is returned." + }, + "description": { + "type": "string", + "description": "Description of the connection." + }, + "name": { + "type": "string", + "description": "Name of the connection." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The arn of the connection resource." + }, + "authParameters": { + "$ref": "#/types/aws-native:events:ConnectionAuthParameters", + "description": "A `CreateConnectionAuthRequestParameters` object that contains the authorization parameters to use to authorize with the endpoint." + }, + "authorizationType": { + "$ref": "#/types/aws-native:events:ConnectionAuthorizationType", + "description": "The type of authorization to use for the connection.\n\n\u003e OAUTH tokens are refreshed when a 401 or 407 response is returned." + }, + "description": { + "type": "string", + "description": "Description of the connection." + }, + "name": { + "type": "string", + "description": "Name of the connection.", + "replaceOnChanges": true + }, + "secretArn": { + "type": "string", + "description": "The arn of the secrets manager secret created in the customer account." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "authParameters", + "authorizationType" + ], + "createOnly": [ + "name" + ], + "writeOnly": [ + "authParameters" + ] + }, + "aws-native:events:Endpoint": { + "cf": "AWS::Events::Endpoint", + "inputs": { + "description": { + "type": "string", + "description": "A description for the endpoint." + }, + "eventBuses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:EndpointEventBus" + }, + "description": "The event buses being used by the endpoint.\n\n*Exactly* : `2`" + }, + "name": { + "type": "string", + "description": "The name of the endpoint." + }, + "replicationConfig": { + "$ref": "#/types/aws-native:events:EndpointReplicationConfig", + "description": "Whether event replication was enabled or disabled for this endpoint. The default state is `ENABLED` which means you must supply a `RoleArn` . If you don't have a `RoleArn` or you don't want event replication enabled, set the state to `DISABLED` ." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role used by event replication for the endpoint." + }, + "routingConfig": { + "$ref": "#/types/aws-native:events:EndpointRoutingConfig", + "description": "The routing configuration of the endpoint." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the endpoint." + }, + "description": { + "type": "string", + "description": "A description for the endpoint." + }, + "endpointId": { + "type": "string", + "description": "The ID of the endpoint." + }, + "endpointUrl": { + "type": "string", + "description": "The URL of the endpoint." + }, + "eventBuses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:EndpointEventBus" + }, + "description": "The event buses being used by the endpoint.\n\n*Exactly* : `2`" + }, + "name": { + "type": "string", + "description": "The name of the endpoint.", + "replaceOnChanges": true + }, + "replicationConfig": { + "$ref": "#/types/aws-native:events:EndpointReplicationConfig", + "description": "Whether event replication was enabled or disabled for this endpoint. The default state is `ENABLED` which means you must supply a `RoleArn` . If you don't have a `RoleArn` or you don't want event replication enabled, set the state to `DISABLED` ." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role used by event replication for the endpoint." + }, + "routingConfig": { + "$ref": "#/types/aws-native:events:EndpointRoutingConfig", + "description": "The routing configuration of the endpoint." + }, + "state": { + "$ref": "#/types/aws-native:events:EndpointState", + "description": "The main Region of the endpoint." + }, + "stateReason": { + "type": "string", + "description": "The reason the endpoint is in its current state." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "eventBuses", + "routingConfig" + ], + "createOnly": [ + "name" + ] + }, + "aws-native:events:EventBus": { + "cf": "AWS::Events::EventBus", + "inputs": { + "deadLetterConfig": { + "$ref": "#/types/aws-native:events:DeadLetterConfigProperties", + "description": "Dead Letter Queue for the event bus." + }, + "description": { + "type": "string", + "description": "The description of the event bus." + }, + "eventSourceName": { + "type": "string", + "description": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with." + }, + "kmsKeyIdentifier": { + "type": "string", + "description": "Kms Key Identifier used to encrypt events at rest in the event bus." + }, + "name": { + "type": "string", + "description": "The name of the event bus." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "A JSON string that describes the permission policy statement for the event bus.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Events::EventBus` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the event bus." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the event bus." + }, + "deadLetterConfig": { + "$ref": "#/types/aws-native:events:DeadLetterConfigProperties", + "description": "Dead Letter Queue for the event bus." + }, + "description": { + "type": "string", + "description": "The description of the event bus." + }, + "eventSourceName": { + "type": "string", + "description": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with." + }, + "kmsKeyIdentifier": { + "type": "string", + "description": "Kms Key Identifier used to encrypt events at rest in the event bus." + }, + "name": { + "type": "string", + "description": "The name of the event bus.", + "replaceOnChanges": true + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "A JSON string that describes the permission policy statement for the event bus.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Events::EventBus` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Any tags assigned to the event bus." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "name" + ], + "writeOnly": [ + "eventSourceName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:events:Rule": { + "cf": "AWS::Events::Rule", + "inputs": { + "description": { + "type": "string", + "description": "The description of the rule." + }, + "eventBusName": { + "type": "string", + "description": "The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used." + }, + "eventPattern": { + "$ref": "pulumi.json#/Any", + "description": "The event pattern of the rule. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Events::Rule` for more information about the expected schema for this property." + }, + "name": { + "type": "string", + "description": "The name of the rule." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the role that is used for target invocation." + }, + "scheduleExpression": { + "type": "string", + "description": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see Creating an Amazon EventBridge rule that runs on a schedule." + }, + "state": { + "$ref": "#/types/aws-native:events:RuleState", + "description": "The state of the rule." + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:RuleTarget" + }, + "description": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\nTargets are the resources that are invoked when a rule is triggered." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the rule, such as arn:aws:events:us-east-2:123456789012:rule/example." + }, + "description": { + "type": "string", + "description": "The description of the rule." + }, + "eventBusName": { + "type": "string", + "description": "The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used." + }, + "eventPattern": { + "$ref": "pulumi.json#/Any", + "description": "The event pattern of the rule. For more information, see Events and Event Patterns in the Amazon EventBridge User Guide.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Events::Rule` for more information about the expected schema for this property." + }, + "name": { + "type": "string", + "description": "The name of the rule.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the role that is used for target invocation." + }, + "scheduleExpression": { + "type": "string", + "description": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see Creating an Amazon EventBridge rule that runs on a schedule." + }, + "state": { + "$ref": "#/types/aws-native:events:RuleState", + "description": "The state of the rule." + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:RuleTarget" + }, + "description": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\nTargets are the resources that are invoked when a rule is triggered." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "name" + ] + }, + "aws-native:eventschemas:Discoverer": { + "cf": "AWS::EventSchemas::Discoverer", + "inputs": { + "crossAccount": { + "type": "boolean", + "description": "Defines whether event schemas from other accounts are discovered. Default is True." + }, + "description": { + "type": "string", + "description": "A description for the discoverer." + }, + "sourceArn": { + "type": "string", + "description": "The ARN of the event bus." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with the resource." + } + }, + "outputs": { + "crossAccount": { + "type": "boolean", + "description": "Defines whether event schemas from other accounts are discovered. Default is True." + }, + "description": { + "type": "string", + "description": "A description for the discoverer." + }, + "discovererArn": { + "type": "string", + "description": "The ARN of the discoverer." + }, + "discovererId": { + "type": "string", + "description": "The Id of the discoverer." + }, + "sourceArn": { + "type": "string", + "description": "The ARN of the event bus.", + "replaceOnChanges": true + }, + "state": { + "type": "string", + "description": "Defines the current state of the discoverer." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with the resource." + } + }, + "required": [ + "sourceArn" + ], + "createOnly": [ + "sourceArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:eventschemas:Registry": { + "cf": "AWS::EventSchemas::Registry", + "inputs": { + "description": { + "type": "string", + "description": "A description of the registry to be created." + }, + "registryName": { + "type": "string", + "description": "The name of the schema registry." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with the resource." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "A description of the registry to be created." + }, + "registryArn": { + "type": "string", + "description": "The ARN of the registry." + }, + "registryName": { + "type": "string", + "description": "The name of the schema registry.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with the resource." + } + }, + "autoNamingSpec": { + "sdkName": "registryName" + }, + "createOnly": [ + "registryName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:eventschemas:RegistryPolicy": { + "cf": "AWS::EventSchemas::RegistryPolicy", + "inputs": { + "policy": { + "$ref": "pulumi.json#/Any", + "description": "A resource-based policy.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::EventSchemas::RegistryPolicy` for more information about the expected schema for this property." + }, + "registryName": { + "type": "string", + "description": "The name of the registry." + }, + "revisionId": { + "type": "string", + "description": "The revision ID of the policy." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID of the policy." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "A resource-based policy.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::EventSchemas::RegistryPolicy` for more information about the expected schema for this property." + }, + "registryName": { + "type": "string", + "description": "The name of the registry." + }, + "revisionId": { + "type": "string", + "description": "The revision ID of the policy." + } + }, + "required": [ + "policy", + "registryName" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:eventschemas:Schema": { + "cf": "AWS::EventSchemas::Schema", + "inputs": { + "content": { + "type": "string", + "description": "The source of the schema definition." + }, + "description": { + "type": "string", + "description": "A description of the schema." + }, + "registryName": { + "type": "string", + "description": "The name of the schema registry." + }, + "schemaName": { + "type": "string", + "description": "The name of the schema." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with the resource." + }, + "type": { + "type": "string", + "description": "The type of schema. Valid types include OpenApi3 and JSONSchemaDraft4." + } + }, + "outputs": { + "content": { + "type": "string", + "description": "The source of the schema definition." + }, + "description": { + "type": "string", + "description": "A description of the schema." + }, + "lastModified": { + "type": "string", + "description": "The last modified time of the schema." + }, + "registryName": { + "type": "string", + "description": "The name of the schema registry.", + "replaceOnChanges": true + }, + "schemaArn": { + "type": "string", + "description": "The ARN of the schema." + }, + "schemaName": { + "type": "string", + "description": "The name of the schema.", + "replaceOnChanges": true + }, + "schemaVersion": { + "type": "string", + "description": "The version number of the schema." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with the resource." + }, + "type": { + "type": "string", + "description": "The type of schema. Valid types include OpenApi3 and JSONSchemaDraft4." + }, + "versionCreatedDate": { + "type": "string", + "description": "The date the schema version was created." + } + }, + "autoNamingSpec": { + "sdkName": "schemaName" + }, + "required": [ + "content", + "registryName", + "type" + ], + "createOnly": [ + "registryName", + "schemaName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:evidently:Experiment": { + "cf": "AWS::Evidently::Experiment", + "inputs": { + "description": { + "type": "string", + "description": "An optional description of the experiment." + }, + "metricGoals": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:ExperimentMetricGoalObject" + }, + "description": "An array of structures that defines the metrics used for the experiment, and whether a higher or lower value for each metric is the goal. You can use up to three metrics in an experiment." + }, + "name": { + "type": "string", + "description": "A name for the new experiment." + }, + "onlineAbConfig": { + "$ref": "#/types/aws-native:evidently:ExperimentOnlineAbConfigObject", + "description": "A structure that contains the configuration of which variation to use as the \"control\" version. The \"control\" version is used for comparison with other variations. This structure also specifies how much experiment traffic is allocated to each variation." + }, + "project": { + "type": "string", + "description": "The name or the ARN of the project where this experiment is to be created." + }, + "randomizationSalt": { + "type": "string", + "description": "When Evidently assigns a particular user session to an experiment, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the experiment name as the `randomizationSalt` ." + }, + "removeSegment": { + "type": "boolean", + "description": "Set this to `true` to remove the segment that is associated with this experiment. You can't use this parameter if the experiment is currently running." + }, + "runningStatus": { + "$ref": "#/types/aws-native:evidently:ExperimentRunningStatusObject", + "description": "Start Experiment. Default is False" + }, + "samplingRate": { + "type": "integer", + "description": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience is the total audience minus the audience that you have allocated to overrides or current launches of this feature.\n\nThis is represented in thousandths of a percent. For example, specify 10,000 to allocate 10% of the available audience." + }, + "segment": { + "type": "string", + "description": "Specifies an audience *segment* to use in the experiment. When a segment is used in an experiment, only user sessions that match the segment pattern are used in the experiment.\n\nFor more information, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "treatments": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:ExperimentTreatmentObject" + }, + "description": "An array of structures that describe the configuration of each feature variation used in the experiment." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the experiment. For example, `arn:aws:evidently:us-west-2:0123455678912:project/myProject/experiment/myExperiment`" + }, + "description": { + "type": "string", + "description": "An optional description of the experiment." + }, + "metricGoals": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:ExperimentMetricGoalObject" + }, + "description": "An array of structures that defines the metrics used for the experiment, and whether a higher or lower value for each metric is the goal. You can use up to three metrics in an experiment." + }, + "name": { + "type": "string", + "description": "A name for the new experiment.", + "replaceOnChanges": true + }, + "onlineAbConfig": { + "$ref": "#/types/aws-native:evidently:ExperimentOnlineAbConfigObject", + "description": "A structure that contains the configuration of which variation to use as the \"control\" version. The \"control\" version is used for comparison with other variations. This structure also specifies how much experiment traffic is allocated to each variation." + }, + "project": { + "type": "string", + "description": "The name or the ARN of the project where this experiment is to be created.", + "replaceOnChanges": true + }, + "randomizationSalt": { + "type": "string", + "description": "When Evidently assigns a particular user session to an experiment, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the experiment name as the `randomizationSalt` ." + }, + "removeSegment": { + "type": "boolean", + "description": "Set this to `true` to remove the segment that is associated with this experiment. You can't use this parameter if the experiment is currently running." + }, + "runningStatus": { + "$ref": "#/types/aws-native:evidently:ExperimentRunningStatusObject", + "description": "Start Experiment. Default is False" + }, + "samplingRate": { + "type": "integer", + "description": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience is the total audience minus the audience that you have allocated to overrides or current launches of this feature.\n\nThis is represented in thousandths of a percent. For example, specify 10,000 to allocate 10% of the available audience." + }, + "segment": { + "type": "string", + "description": "Specifies an audience *segment* to use in the experiment. When a segment is used in an experiment, only user sessions that match the segment pattern are used in the experiment.\n\nFor more information, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "treatments": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:ExperimentTreatmentObject" + }, + "description": "An array of structures that describe the configuration of each feature variation used in the experiment." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "metricGoals", + "onlineAbConfig", + "project", + "treatments" + ], + "createOnly": [ + "name", + "project" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:evidently:Feature": { + "cf": "AWS::Evidently::Feature", + "inputs": { + "defaultVariation": { + "type": "string", + "description": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature.\n\nThis variation must also be listed in the `Variations` structure.\n\nIf you omit `DefaultVariation` , the first variation listed in the `Variations` structure is used as the default variation." + }, + "description": { + "type": "string", + "description": "An optional description of the feature." + }, + "entityOverrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:FeatureEntityOverride" + }, + "description": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served." + }, + "evaluationStrategy": { + "$ref": "#/types/aws-native:evidently:FeatureEvaluationStrategy", + "description": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead." + }, + "name": { + "type": "string", + "description": "The name for the feature. It can include up to 127 characters." + }, + "project": { + "type": "string", + "description": "The name or ARN of the project that is to contain the new feature." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "variations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:FeatureVariationObject" + }, + "description": "An array of structures that contain the configuration of the feature's different variations.\n\nEach `VariationObject` in the `Variations` array for a feature must have the same type of value ( `BooleanValue` , `DoubleValue` , `LongValue` or `StringValue` )." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the feature. For example, `arn:aws:evidently:us-west-2:0123455678912:project/myProject/feature/myFeature` ." + }, + "defaultVariation": { + "type": "string", + "description": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature.\n\nThis variation must also be listed in the `Variations` structure.\n\nIf you omit `DefaultVariation` , the first variation listed in the `Variations` structure is used as the default variation." + }, + "description": { + "type": "string", + "description": "An optional description of the feature." + }, + "entityOverrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:FeatureEntityOverride" + }, + "description": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served." + }, + "evaluationStrategy": { + "$ref": "#/types/aws-native:evidently:FeatureEvaluationStrategy", + "description": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead." + }, + "name": { + "type": "string", + "description": "The name for the feature. It can include up to 127 characters.", + "replaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The name or ARN of the project that is to contain the new feature.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "variations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:FeatureVariationObject" + }, + "description": "An array of structures that contain the configuration of the feature's different variations.\n\nEach `VariationObject` in the `Variations` array for a feature must have the same type of value ( `BooleanValue` , `DoubleValue` , `LongValue` or `StringValue` )." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "project", + "variations" + ], + "createOnly": [ + "name", + "project" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:evidently:Launch": { + "cf": "AWS::Evidently::Launch", + "inputs": { + "description": { + "type": "string", + "description": "An optional description for the launch." + }, + "executionStatus": { + "$ref": "#/types/aws-native:evidently:LaunchExecutionStatusObject", + "description": "Start or Stop Launch Launch. Default is not started." + }, + "groups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:LaunchGroupObject" + }, + "description": "An array of structures that contains the feature and variations that are to be used for the launch. You can up to five launch groups in a launch." + }, + "metricMonitors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:LaunchMetricDefinitionObject" + }, + "description": "An array of structures that define the metrics that will be used to monitor the launch performance. You can have up to three metric monitors in the array." + }, + "name": { + "type": "string", + "description": "The name for the launch. It can include up to 127 characters." + }, + "project": { + "type": "string", + "description": "The name or ARN of the project that you want to create the launch in." + }, + "randomizationSalt": { + "type": "string", + "description": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the launch name as the `randomizationsSalt` ." + }, + "scheduledSplitsConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:LaunchStepConfig" + }, + "description": "An array of structures that define the traffic allocation percentages among the feature variations during each step of the launch." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the launch. For example, `arn:aws:evidently:us-west-2:0123455678912:project/myProject/launch/myLaunch`" + }, + "description": { + "type": "string", + "description": "An optional description for the launch." + }, + "executionStatus": { + "$ref": "#/types/aws-native:evidently:LaunchExecutionStatusObject", + "description": "Start or Stop Launch Launch. Default is not started." + }, + "groups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:LaunchGroupObject" + }, + "description": "An array of structures that contains the feature and variations that are to be used for the launch. You can up to five launch groups in a launch." + }, + "metricMonitors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:LaunchMetricDefinitionObject" + }, + "description": "An array of structures that define the metrics that will be used to monitor the launch performance. You can have up to three metric monitors in the array." + }, + "name": { + "type": "string", + "description": "The name for the launch. It can include up to 127 characters.", + "replaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The name or ARN of the project that you want to create the launch in.", + "replaceOnChanges": true + }, + "randomizationSalt": { + "type": "string", + "description": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the launch name as the `randomizationsSalt` ." + }, + "scheduledSplitsConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:LaunchStepConfig" + }, + "description": "An array of structures that define the traffic allocation percentages among the feature variations during each step of the launch." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "required": [ + "groups", + "project", + "scheduledSplitsConfig" + ], + "createOnly": [ + "name", + "project" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:evidently:Project": { + "cf": "AWS::Evidently::Project", + "inputs": { + "appConfigResource": { + "$ref": "#/types/aws-native:evidently:ProjectAppConfigResourceObject", + "description": "Use this parameter if the project will use *client-side evaluation powered by AWS AppConfig* . Client-side evaluation allows your application to assign variations to user sessions locally instead of by calling the [EvaluateFeature](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html) operation. This mitigates the latency and availability risks that come with an API call. For more information, see [Use client-side evaluation - powered by AWS AppConfig .](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-client-side-evaluation.html)\n\nThis parameter is a structure that contains information about the AWS AppConfig application that will be used as for client-side evaluation.\n\nTo create a project that uses client-side evaluation, you must have the `evidently:ExportProjectAsConfiguration` permission." + }, + "dataDelivery": { + "$ref": "#/types/aws-native:evidently:ProjectDataDeliveryObject", + "description": "A structure that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view.\n\nYou can't specify both `CloudWatchLogs` and `S3Destination` in the same operation." + }, + "description": { + "type": "string", + "description": "An optional description of the project." + }, + "name": { + "type": "string", + "description": "The name for the project. It can include up to 127 characters." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "appConfigResource": { + "$ref": "#/types/aws-native:evidently:ProjectAppConfigResourceObject", + "description": "Use this parameter if the project will use *client-side evaluation powered by AWS AppConfig* . Client-side evaluation allows your application to assign variations to user sessions locally instead of by calling the [EvaluateFeature](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html) operation. This mitigates the latency and availability risks that come with an API call. For more information, see [Use client-side evaluation - powered by AWS AppConfig .](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-client-side-evaluation.html)\n\nThis parameter is a structure that contains information about the AWS AppConfig application that will be used as for client-side evaluation.\n\nTo create a project that uses client-side evaluation, you must have the `evidently:ExportProjectAsConfiguration` permission." + }, + "arn": { + "type": "string", + "description": "The ARN of the project. For example, `arn:aws:evidently:us-west-2:0123455678912:project/myProject`" + }, + "dataDelivery": { + "$ref": "#/types/aws-native:evidently:ProjectDataDeliveryObject", + "description": "A structure that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view.\n\nYou can't specify both `CloudWatchLogs` and `S3Destination` in the same operation." + }, + "description": { + "type": "string", + "description": "An optional description of the project." + }, + "name": { + "type": "string", + "description": "The name for the project. It can include up to 127 characters.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:evidently:Segment": { + "cf": "AWS::Evidently::Segment", + "inputs": { + "description": { + "type": "string", + "description": "An optional description for this segment." + }, + "name": { + "type": "string", + "description": "A name for the segment." + }, + "pattern": { + "type": "string", + "description": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the segment. For example, `arn:aws:evidently:us-west-2:123456789012:segment/australiaSegment`" + }, + "description": { + "type": "string", + "description": "An optional description for this segment." + }, + "name": { + "type": "string", + "description": "A name for the segment." + }, + "pattern": { + "type": "string", + "description": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:finspace:Environment": { + "cf": "AWS::FinSpace::Environment", + "inputs": { + "dataBundles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "ARNs of FinSpace Data Bundles to install" + }, + "description": { + "type": "string", + "description": "Description of the Environment" + }, + "federationMode": { + "$ref": "#/types/aws-native:finspace:EnvironmentFederationMode", + "description": "Federation mode used with the Environment" + }, + "federationParameters": { + "$ref": "#/types/aws-native:finspace:EnvironmentFederationParameters", + "description": "Configuration information when authentication mode is FEDERATED." + }, + "kmsKeyId": { + "type": "string", + "description": "KMS key used to encrypt customer data within FinSpace Environment infrastructure" + }, + "name": { + "type": "string", + "description": "Name of the Environment" + }, + "superuserParameters": { + "$ref": "#/types/aws-native:finspace:EnvironmentSuperuserParameters", + "description": "Configuration information for the superuser." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "awsAccountId": { + "type": "string", + "description": "AWS account ID associated with the Environment" + }, + "dataBundles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "ARNs of FinSpace Data Bundles to install", + "replaceOnChanges": true + }, + "dedicatedServiceAccountId": { + "type": "string", + "description": "ID for FinSpace created account used to store Environment artifacts" + }, + "description": { + "type": "string", + "description": "Description of the Environment" + }, + "environmentArn": { + "type": "string", + "description": "ARN of the Environment" + }, + "environmentId": { + "type": "string", + "description": "Unique identifier for representing FinSpace Environment" + }, + "environmentUrl": { + "type": "string", + "description": "URL used to login to the Environment" + }, + "federationMode": { + "$ref": "#/types/aws-native:finspace:EnvironmentFederationMode", + "description": "Federation mode used with the Environment" + }, + "federationParameters": { + "$ref": "#/types/aws-native:finspace:EnvironmentFederationParameters", + "description": "Configuration information when authentication mode is FEDERATED.", + "replaceOnChanges": true + }, + "kmsKeyId": { + "type": "string", + "description": "KMS key used to encrypt customer data within FinSpace Environment infrastructure", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Name of the Environment" + }, + "sageMakerStudioDomainUrl": { + "type": "string", + "description": "SageMaker Studio Domain URL associated with the Environment" + }, + "status": { + "$ref": "#/types/aws-native:finspace:EnvironmentStatus", + "description": "State of the Environment" + }, + "superuserParameters": { + "$ref": "#/types/aws-native:finspace:EnvironmentSuperuserParameters", + "description": "Configuration information for the superuser.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "dataBundles", + "federationParameters", + "kmsKeyId", + "superuserParameters", + "tags" + ], + "writeOnly": [ + "federationParameters/AttributeMap", + "superuserParameters", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:fis:ExperimentTemplate": { + "cf": "AWS::FIS::ExperimentTemplate", + "inputs": { + "actions": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateAction" + }, + "description": "The actions for the experiment." + }, + "description": { + "type": "string", + "description": "The description for the experiment template." + }, + "experimentOptions": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateExperimentOptions", + "description": "The experiment options for an experiment template." + }, + "logConfiguration": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateLogConfiguration", + "description": "The configuration for experiment logging." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role." + }, + "stopConditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateStopCondition" + }, + "description": "The stop conditions for the experiment." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags for the experiment template." + }, + "targets": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateTarget" + }, + "description": "The targets for the experiment." + } + }, + "outputs": { + "actions": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateAction" + }, + "description": "The actions for the experiment." + }, + "awsId": { + "type": "string", + "description": "The ID of the experiment template." + }, + "description": { + "type": "string", + "description": "The description for the experiment template." + }, + "experimentOptions": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateExperimentOptions", + "description": "The experiment options for an experiment template." + }, + "logConfiguration": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateLogConfiguration", + "description": "The configuration for experiment logging." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role." + }, + "stopConditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateStopCondition" + }, + "description": "The stop conditions for the experiment." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags for the experiment template.", + "replaceOnChanges": true + }, + "targets": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateTarget" + }, + "description": "The targets for the experiment." + } + }, + "required": [ + "description", + "roleArn", + "stopConditions", + "tags", + "targets" + ], + "createOnly": [ + "experimentOptions/AccountTargeting", + "tags" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:fis:TargetAccountConfiguration": { + "cf": "AWS::FIS::TargetAccountConfiguration", + "inputs": { + "accountId": { + "type": "string", + "description": "The AWS account ID of the target account." + }, + "description": { + "type": "string", + "description": "The description of the target account." + }, + "experimentTemplateId": { + "type": "string", + "description": "The ID of the experiment template." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role for the target account." + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "The AWS account ID of the target account.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the target account." + }, + "experimentTemplateId": { + "type": "string", + "description": "The ID of the experiment template.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role for the target account." + } + }, + "required": [ + "accountId", + "experimentTemplateId", + "roleArn" + ], + "createOnly": [ + "accountId", + "experimentTemplateId" + ] + }, + "aws-native:fms:NotificationChannel": { + "cf": "AWS::FMS::NotificationChannel", + "inputs": { + "snsRoleName": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity." + }, + "snsTopicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager ." + } + }, + "outputs": { + "snsRoleName": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity." + }, + "snsTopicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager ." + } + }, + "required": [ + "snsRoleName", + "snsTopicArn" + ] + }, + "aws-native:fms:Policy": { + "cf": "AWS::FMS::Policy", + "inputs": { + "deleteAllPolicyResources": { + "type": "boolean", + "description": "Used when deleting a policy. If `true` , Firewall Manager performs cleanup according to the policy type.\n\nFor AWS WAF and Shield Advanced policies, Firewall Manager does the following:\n\n- Deletes rule groups created by Firewall Manager\n- Removes web ACLs from in-scope resources\n- Deletes web ACLs that contain no rules or rule groups\n\nFor security group policies, Firewall Manager does the following for each security group in the policy:\n\n- Disassociates the security group from in-scope resources\n- Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy\n\nAfter the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope." + }, + "excludeMap": { + "$ref": "#/types/aws-native:fms:PolicyIeMap", + "description": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\"ACCOUNT\" : [\"accountID1\", \"accountID2\"]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\"ORGUNIT\" : [\"ouid111\", \"ouid112\"]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\"ACCOUNT\" : [\"accountID1\", \"accountID2\"], \"ORGUNIT\" : [\"ouid111\", \"ouid112\"]}` ." + }, + "excludeResourceTags": { + "type": "boolean", + "description": "Used only when tags are specified in the `ResourceTags` property. If this property is `True` , resources with the specified tags are not in scope of the policy. If it's `False` , only resources with the specified tags are in scope of the policy." + }, + "includeMap": { + "$ref": "#/types/aws-native:fms:PolicyIeMap", + "description": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to include in the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\"ACCOUNT\" : [\"accountID1\", \"accountID2\"]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\"ORGUNIT\" : [\"ouid111\", \"ouid112\"]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\"ACCOUNT\" : [\"accountID1\", \"accountID2\"], \"ORGUNIT\" : [\"ouid111\", \"ouid112\"]}` ." + }, + "policyDescription": { + "type": "string", + "description": "Your description of the AWS Firewall Manager policy." + }, + "policyName": { + "type": "string", + "description": "The name of the AWS Firewall Manager policy." + }, + "remediationEnabled": { + "type": "boolean", + "description": "Indicates if the policy should be automatically applied to new resources." + }, + "resourceSetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The unique identifiers of the resource sets used by the policy." + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:fms:PolicyResourceTag" + }, + "description": "An array of `ResourceTag` objects, used to explicitly include resources in the policy scope or explicitly exclude them. If this isn't set, then tags aren't used to modify policy scope. See also `ExcludeResourceTags` ." + }, + "resourceType": { + "type": "string", + "description": "The type of resource protected by or in scope of the policy. This is in the format shown in the [AWS Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) . To apply this policy to multiple resource types, specify a resource type of `ResourceTypeList` and then specify the resource types in a `ResourceTypeList` .\n\nThe following are valid resource types for each Firewall Manager policy type:\n\n- AWS WAF Classic - `AWS::ApiGateway::Stage` , `AWS::CloudFront::Distribution` , and `AWS::ElasticLoadBalancingV2::LoadBalancer` .\n- AWS WAF - `AWS::ApiGateway::Stage` , `AWS::ElasticLoadBalancingV2::LoadBalancer` , and `AWS::CloudFront::Distribution` .\n- Shield Advanced - `AWS::ElasticLoadBalancingV2::LoadBalancer` , `AWS::ElasticLoadBalancing::LoadBalancer` , `AWS::EC2::EIP` , and `AWS::CloudFront::Distribution` .\n- Network ACL - `AWS::EC2::Subnet` .\n- Security group usage audit - `AWS::EC2::SecurityGroup` .\n- Security group content audit - `AWS::EC2::SecurityGroup` , `AWS::EC2::NetworkInterface` , and `AWS::EC2::Instance` .\n- DNS Firewall, AWS Network Firewall , and third-party firewall - `AWS::EC2::VPC` ." + }, + "resourceTypeList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of `ResourceType` objects. Use this only to specify multiple resource types. To specify a single resource type, use `ResourceType` ." + }, + "resourcesCleanUp": { + "type": "boolean", + "description": "Indicates whether AWS Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.\n\nBy default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.\n\nThis option is not available for Shield Advanced or AWS WAF Classic policies." + }, + "securityServicePolicyData": { + "$ref": "#/types/aws-native:fms:PolicySecurityServicePolicyData", + "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the policy." + }, + "awsId": { + "type": "string", + "description": "The ID of the policy." + }, + "deleteAllPolicyResources": { + "type": "boolean", + "description": "Used when deleting a policy. If `true` , Firewall Manager performs cleanup according to the policy type.\n\nFor AWS WAF and Shield Advanced policies, Firewall Manager does the following:\n\n- Deletes rule groups created by Firewall Manager\n- Removes web ACLs from in-scope resources\n- Deletes web ACLs that contain no rules or rule groups\n\nFor security group policies, Firewall Manager does the following for each security group in the policy:\n\n- Disassociates the security group from in-scope resources\n- Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy\n\nAfter the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope." + }, + "excludeMap": { + "$ref": "#/types/aws-native:fms:PolicyIeMap", + "description": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\"ACCOUNT\" : [\"accountID1\", \"accountID2\"]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\"ORGUNIT\" : [\"ouid111\", \"ouid112\"]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\"ACCOUNT\" : [\"accountID1\", \"accountID2\"], \"ORGUNIT\" : [\"ouid111\", \"ouid112\"]}` ." + }, + "excludeResourceTags": { + "type": "boolean", + "description": "Used only when tags are specified in the `ResourceTags` property. If this property is `True` , resources with the specified tags are not in scope of the policy. If it's `False` , only resources with the specified tags are in scope of the policy." + }, + "includeMap": { + "$ref": "#/types/aws-native:fms:PolicyIeMap", + "description": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to include in the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\"ACCOUNT\" : [\"accountID1\", \"accountID2\"]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\"ORGUNIT\" : [\"ouid111\", \"ouid112\"]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\"ACCOUNT\" : [\"accountID1\", \"accountID2\"], \"ORGUNIT\" : [\"ouid111\", \"ouid112\"]}` ." + }, + "policyDescription": { + "type": "string", + "description": "Your description of the AWS Firewall Manager policy." + }, + "policyName": { + "type": "string", + "description": "The name of the AWS Firewall Manager policy." + }, + "remediationEnabled": { + "type": "boolean", + "description": "Indicates if the policy should be automatically applied to new resources." + }, + "resourceSetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The unique identifiers of the resource sets used by the policy." + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:fms:PolicyResourceTag" + }, + "description": "An array of `ResourceTag` objects, used to explicitly include resources in the policy scope or explicitly exclude them. If this isn't set, then tags aren't used to modify policy scope. See also `ExcludeResourceTags` ." + }, + "resourceType": { + "type": "string", + "description": "The type of resource protected by or in scope of the policy. This is in the format shown in the [AWS Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) . To apply this policy to multiple resource types, specify a resource type of `ResourceTypeList` and then specify the resource types in a `ResourceTypeList` .\n\nThe following are valid resource types for each Firewall Manager policy type:\n\n- AWS WAF Classic - `AWS::ApiGateway::Stage` , `AWS::CloudFront::Distribution` , and `AWS::ElasticLoadBalancingV2::LoadBalancer` .\n- AWS WAF - `AWS::ApiGateway::Stage` , `AWS::ElasticLoadBalancingV2::LoadBalancer` , and `AWS::CloudFront::Distribution` .\n- Shield Advanced - `AWS::ElasticLoadBalancingV2::LoadBalancer` , `AWS::ElasticLoadBalancing::LoadBalancer` , `AWS::EC2::EIP` , and `AWS::CloudFront::Distribution` .\n- Network ACL - `AWS::EC2::Subnet` .\n- Security group usage audit - `AWS::EC2::SecurityGroup` .\n- Security group content audit - `AWS::EC2::SecurityGroup` , `AWS::EC2::NetworkInterface` , and `AWS::EC2::Instance` .\n- DNS Firewall, AWS Network Firewall , and third-party firewall - `AWS::EC2::VPC` ." + }, + "resourceTypeList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of `ResourceType` objects. Use this only to specify multiple resource types. To specify a single resource type, use `ResourceType` ." + }, + "resourcesCleanUp": { + "type": "boolean", + "description": "Indicates whether AWS Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.\n\nBy default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.\n\nThis option is not available for Shield Advanced or AWS WAF Classic policies." + }, + "securityServicePolicyData": { + "$ref": "#/types/aws-native:fms:PolicySecurityServicePolicyData", + "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource." + } + }, + "autoNamingSpec": { + "sdkName": "policyName", + "minLength": 1, + "maxLength": 1024 + }, + "required": [ + "excludeResourceTags", + "remediationEnabled", + "securityServicePolicyData" + ], + "writeOnly": [ + "deleteAllPolicyResources" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:fms:ResourceSet": { + "cf": "AWS::FMS::ResourceSet", + "inputs": { + "description": { + "type": "string", + "description": "A description of the resource set." + }, + "name": { + "type": "string", + "description": "The descriptive name of the resource set. You can't change the name of a resource set after you create it." + }, + "resourceTypeList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list." + }, + "resources": { + "type": "array", + "items": { + "type": "string" + } + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "A unique identifier for the resource set. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete." + }, + "description": { + "type": "string", + "description": "A description of the resource set." + }, + "name": { + "type": "string", + "description": "The descriptive name of the resource set. You can't change the name of a resource set after you create it." + }, + "resourceTypeList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list." + }, + "resources": { + "type": "array", + "items": { + "type": "string" + } + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "resourceTypeList" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:forecast:Dataset": { + "cf": "AWS::Forecast::Dataset", + "inputs": { + "dataFrequency": { + "type": "string", + "description": "Frequency of data collection. This parameter is required for RELATED_TIME_SERIES" + }, + "datasetName": { + "type": "string", + "description": "A name for the dataset" + }, + "datasetType": { + "$ref": "#/types/aws-native:forecast:DatasetType", + "description": "The dataset type" + }, + "domain": { + "$ref": "#/types/aws-native:forecast:DatasetDomain", + "description": "The domain associated with the dataset" + }, + "encryptionConfig": { + "$ref": "#/types/aws-native:forecast:EncryptionConfigProperties", + "description": "A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key." + }, + "schema": { + "$ref": "#/types/aws-native:forecast:SchemaProperties", + "description": "The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the dataset." + }, + "dataFrequency": { + "type": "string", + "description": "Frequency of data collection. This parameter is required for RELATED_TIME_SERIES" + }, + "datasetName": { + "type": "string", + "description": "A name for the dataset", + "replaceOnChanges": true + }, + "datasetType": { + "$ref": "#/types/aws-native:forecast:DatasetType", + "description": "The dataset type" + }, + "domain": { + "$ref": "#/types/aws-native:forecast:DatasetDomain", + "description": "The domain associated with the dataset" + }, + "encryptionConfig": { + "$ref": "#/types/aws-native:forecast:EncryptionConfigProperties", + "description": "A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key." + }, + "schema": { + "$ref": "#/types/aws-native:forecast:SchemaProperties", + "description": "The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "datasetName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "datasetType", + "domain", + "schema" + ], + "createOnly": [ + "datasetName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:forecast:DatasetGroup": { + "cf": "AWS::Forecast::DatasetGroup", + "inputs": { + "datasetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group." + }, + "datasetGroupName": { + "type": "string", + "description": "A name for the dataset group." + }, + "domain": { + "$ref": "#/types/aws-native:forecast:DatasetGroupDomain", + "description": "The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the Domain parameter of the CreateDataset operation must match." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of Application Insights application." + } + }, + "outputs": { + "datasetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group." + }, + "datasetGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the dataset group to delete." + }, + "datasetGroupName": { + "type": "string", + "description": "A name for the dataset group.", + "replaceOnChanges": true + }, + "domain": { + "$ref": "#/types/aws-native:forecast:DatasetGroupDomain", + "description": "The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the Domain parameter of the CreateDataset operation must match." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of Application Insights application." + } + }, + "autoNamingSpec": { + "sdkName": "datasetGroupName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "domain" + ], + "createOnly": [ + "datasetGroupName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:frauddetector:Detector": { + "cf": "AWS::FraudDetector::Detector", + "inputs": { + "associatedModels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorModel" + }, + "description": "The models to associate with this detector." + }, + "description": { + "type": "string", + "description": "The description of the detector." + }, + "detectorId": { + "type": "string", + "description": "The ID of the detector" + }, + "detectorVersionStatus": { + "$ref": "#/types/aws-native:frauddetector:DetectorVersionStatus", + "description": "The desired detector version status for the detector" + }, + "eventType": { + "$ref": "#/types/aws-native:frauddetector:DetectorEventType", + "description": "The event type to associate this detector with." + }, + "ruleExecutionMode": { + "$ref": "#/types/aws-native:frauddetector:DetectorRuleExecutionMode", + "description": "The rule execution mode for the rules included in the detector version.\n\nValid values: `FIRST_MATCHED | ALL_MATCHED` Default value: `FIRST_MATCHED`\n\nYou can define and edit the rule mode at the detector version level, when it is in draft status.\n\nIf you specify `FIRST_MATCHED` , Amazon Fraud Detector evaluates rules sequentially, first to last, stopping at the first matched rule. Amazon Fraud dectector then provides the outcomes for that single rule.\n\nIf you specifiy `ALL_MATCHED` , Amazon Fraud Detector evaluates all rules and returns the outcomes for all matched rules." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorRule" + }, + "description": "The rules to include in the detector version." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this detector." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the detector." + }, + "associatedModels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorModel" + }, + "description": "The models to associate with this detector." + }, + "createdTime": { + "type": "string", + "description": "The time when the detector was created." + }, + "description": { + "type": "string", + "description": "The description of the detector." + }, + "detectorId": { + "type": "string", + "description": "The ID of the detector", + "replaceOnChanges": true + }, + "detectorVersionId": { + "type": "string", + "description": "The active version ID of the detector" + }, + "detectorVersionStatus": { + "$ref": "#/types/aws-native:frauddetector:DetectorVersionStatus", + "description": "The desired detector version status for the detector" + }, + "eventType": { + "$ref": "#/types/aws-native:frauddetector:DetectorEventType", + "description": "The event type to associate this detector with." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the detector was last updated." + }, + "ruleExecutionMode": { + "$ref": "#/types/aws-native:frauddetector:DetectorRuleExecutionMode", + "description": "The rule execution mode for the rules included in the detector version.\n\nValid values: `FIRST_MATCHED | ALL_MATCHED` Default value: `FIRST_MATCHED`\n\nYou can define and edit the rule mode at the detector version level, when it is in draft status.\n\nIf you specify `FIRST_MATCHED` , Amazon Fraud Detector evaluates rules sequentially, first to last, stopping at the first matched rule. Amazon Fraud dectector then provides the outcomes for that single rule.\n\nIf you specifiy `ALL_MATCHED` , Amazon Fraud Detector evaluates all rules and returns the outcomes for all matched rules." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorRule" + }, + "description": "The rules to include in the detector version." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this detector." + } + }, + "required": [ + "detectorId", + "eventType", + "rules" + ], + "createOnly": [ + "detectorId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:frauddetector:EntityType": { + "cf": "AWS::FraudDetector::EntityType", + "inputs": { + "description": { + "type": "string", + "description": "The entity type description." + }, + "name": { + "type": "string", + "description": "The name of the entity type." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this entity type." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The entity type ARN." + }, + "createdTime": { + "type": "string", + "description": "The timestamp when the entity type was created." + }, + "description": { + "type": "string", + "description": "The entity type description." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The timestamp when the entity type was last updated." + }, + "name": { + "type": "string", + "description": "The name of the entity type.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this entity type." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:frauddetector:EventType": { + "cf": "AWS::FraudDetector::EventType", + "inputs": { + "description": { + "type": "string", + "description": "The description of the event type." + }, + "entityTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:EventTypeEntityType" + }, + "description": "The event type entity types." + }, + "eventVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:EventTypeEventVariable" + }, + "description": "The event type event variables." + }, + "labels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:EventTypeLabel" + }, + "description": "The event type labels." + }, + "name": { + "type": "string", + "description": "The name for the event type" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this event type." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the event type." + }, + "createdTime": { + "type": "string", + "description": "The time when the event type was created." + }, + "description": { + "type": "string", + "description": "The description of the event type." + }, + "entityTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:EventTypeEntityType" + }, + "description": "The event type entity types." + }, + "eventVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:EventTypeEventVariable" + }, + "description": "The event type event variables." + }, + "labels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:EventTypeLabel" + }, + "description": "The event type labels." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the event type was last updated." + }, + "name": { + "type": "string", + "description": "The name for the event type", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this event type." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "entityTypes", + "eventVariables", + "labels" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:frauddetector:Label": { + "cf": "AWS::FraudDetector::Label", + "inputs": { + "description": { + "type": "string", + "description": "The label description." + }, + "name": { + "type": "string", + "description": "The name of the label." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this label." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The label ARN." + }, + "createdTime": { + "type": "string", + "description": "The timestamp when the label was created." + }, + "description": { + "type": "string", + "description": "The label description." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The timestamp when the label was last updated." + }, + "name": { + "type": "string", + "description": "The name of the label.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this label." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:frauddetector:List": { + "cf": "AWS::FraudDetector::List", + "inputs": { + "description": { + "type": "string", + "description": "The description of the list." + }, + "elements": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The elements in this list." + }, + "name": { + "type": "string", + "description": "The name of the list." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this list." + }, + "variableType": { + "type": "string", + "description": "The variable type of the list." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The list ARN." + }, + "createdTime": { + "type": "string", + "description": "The time when the list was created." + }, + "description": { + "type": "string", + "description": "The description of the list." + }, + "elements": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The elements in this list." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the list was last updated." + }, + "name": { + "type": "string", + "description": "The name of the list.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this list." + }, + "variableType": { + "type": "string", + "description": "The variable type of the list." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:frauddetector:Outcome": { + "cf": "AWS::FraudDetector::Outcome", + "inputs": { + "description": { + "type": "string", + "description": "The outcome description." + }, + "name": { + "type": "string", + "description": "The name of the outcome." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this outcome." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The outcome ARN." + }, + "createdTime": { + "type": "string", + "description": "The timestamp when the outcome was created." + }, + "description": { + "type": "string", + "description": "The outcome description." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The timestamp when the outcome was last updated." + }, + "name": { + "type": "string", + "description": "The name of the outcome.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this outcome." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:frauddetector:Variable": { + "cf": "AWS::FraudDetector::Variable", + "inputs": { + "dataSource": { + "$ref": "#/types/aws-native:frauddetector:VariableDataSource", + "description": "The source of the data." + }, + "dataType": { + "$ref": "#/types/aws-native:frauddetector:VariableDataType", + "description": "The data type." + }, + "defaultValue": { + "type": "string", + "description": "The default value for the variable when no value is received." + }, + "description": { + "type": "string", + "description": "The description." + }, + "name": { + "type": "string", + "description": "The name of the variable." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this variable." + }, + "variableType": { + "$ref": "#/types/aws-native:frauddetector:VariableType", + "description": "The variable type. For more information see https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the variable." + }, + "createdTime": { + "type": "string", + "description": "The time when the variable was created." + }, + "dataSource": { + "$ref": "#/types/aws-native:frauddetector:VariableDataSource", + "description": "The source of the data." + }, + "dataType": { + "$ref": "#/types/aws-native:frauddetector:VariableDataType", + "description": "The data type." + }, + "defaultValue": { + "type": "string", + "description": "The default value for the variable when no value is received." + }, + "description": { + "type": "string", + "description": "The description." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the variable was last updated." + }, + "name": { + "type": "string", + "description": "The name of the variable.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags associated with this variable." + }, + "variableType": { + "$ref": "#/types/aws-native:frauddetector:VariableType", + "description": "The variable type. For more information see https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "dataSource", + "dataType", + "defaultValue" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:fsx:DataRepositoryAssociation": { + "cf": "AWS::FSx::DataRepositoryAssociation", + "inputs": { + "batchImportMetaDataOnCreate": { + "type": "boolean", + "description": "A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to ``true``." + }, + "dataRepositoryPath": { + "type": "string", + "description": "The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format ``s3://myBucket/myPrefix/``. This path specifies where in the S3 data repository files will be imported from or exported to." + }, + "fileSystemId": { + "type": "string", + "description": "The ID of the file system on which the data repository association is configured." + }, + "fileSystemPath": { + "type": "string", + "description": "A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as ``/ns1/``) or subdirectory (such as ``/ns1/subdir/``) that will be mapped 1-1 with ``DataRepositoryPath``. The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path ``/ns1/``, then you cannot link another data repository with file system path ``/ns1/ns2``.\n This path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n If you specify only a forward slash (``/``) as the file system path, you can link only one data repository to the file system. You can only specify \"/\" as the file system path for the first data repository associated with a file system." + }, + "importedFileChunkSize": { + "type": "integer", + "description": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache.\n The default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB." + }, + "s3": { + "$ref": "#/types/aws-native:fsx:DataRepositoryAssociationS3", + "description": "The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "outputs": { + "associationId": { + "type": "string", + "description": "Returns the data repository association's system generated Association ID.\n\nExample: `dra-abcdef0123456789d`" + }, + "batchImportMetaDataOnCreate": { + "type": "boolean", + "description": "A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to ``true``.", + "replaceOnChanges": true + }, + "dataRepositoryPath": { + "type": "string", + "description": "The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format ``s3://myBucket/myPrefix/``. This path specifies where in the S3 data repository files will be imported from or exported to.", + "replaceOnChanges": true + }, + "fileSystemId": { + "type": "string", + "description": "The ID of the file system on which the data repository association is configured.", + "replaceOnChanges": true + }, + "fileSystemPath": { + "type": "string", + "description": "A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as ``/ns1/``) or subdirectory (such as ``/ns1/subdir/``) that will be mapped 1-1 with ``DataRepositoryPath``. The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path ``/ns1/``, then you cannot link another data repository with file system path ``/ns1/ns2``.\n This path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n If you specify only a forward slash (``/``) as the file system path, you can link only one data repository to the file system. You can only specify \"/\" as the file system path for the first data repository associated with a file system.", + "replaceOnChanges": true + }, + "importedFileChunkSize": { + "type": "integer", + "description": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache.\n The default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB." + }, + "resourceArn": { + "type": "string", + "description": "Returns the data repository association's Amazon Resource Name (ARN).\n\nExample: `arn:aws:fsx:us-east-1:111122223333:association/fs-abc012345def6789a/dra-abcdef0123456789b`" + }, + "s3": { + "$ref": "#/types/aws-native:fsx:DataRepositoryAssociationS3", + "description": "The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "required": [ + "dataRepositoryPath", + "fileSystemId", + "fileSystemPath" + ], + "createOnly": [ + "batchImportMetaDataOnCreate", + "dataRepositoryPath", + "fileSystemId", + "fileSystemPath" + ], + "irreversibleNames": { + "resourceArn": "ResourceARN", + "s3": "S3" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:gamelift:Alias": { + "cf": "AWS::GameLift::Alias", + "inputs": { + "description": { + "type": "string", + "description": "A human-readable description of the alias." + }, + "name": { + "type": "string", + "description": "A descriptive label that is associated with an alias. Alias names do not need to be unique." + }, + "routingStrategy": { + "$ref": "#/types/aws-native:gamelift:AliasRoutingStrategy", + "description": "A routing configuration that specifies where traffic is directed for this alias, such as to a fleet or to a message." + } + }, + "outputs": { + "aliasId": { + "type": "string", + "description": "Unique alias ID" + }, + "description": { + "type": "string", + "description": "A human-readable description of the alias." + }, + "name": { + "type": "string", + "description": "A descriptive label that is associated with an alias. Alias names do not need to be unique." + }, + "routingStrategy": { + "$ref": "#/types/aws-native:gamelift:AliasRoutingStrategy", + "description": "A routing configuration that specifies where traffic is directed for this alias, such as to a fleet or to a message." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 1024 + }, + "required": [ + "routingStrategy" + ] + }, + "aws-native:gamelift:Build": { + "cf": "AWS::GameLift::Build", + "inputs": { + "name": { + "type": "string", + "description": "A descriptive label that is associated with a build. Build names do not need to be unique." + }, + "operatingSystem": { + "$ref": "#/types/aws-native:gamelift:BuildOperatingSystem", + "description": "The operating system that the game server binaries are built to run on. This value determines the type of fleet resources that you can use for this build. If your game build contains multiple executables, they all must run on the same operating system. If an operating system is not specified when creating a build, Amazon GameLift uses the default value (WINDOWS_2012). This value cannot be changed later." + }, + "serverSdkVersion": { + "type": "string", + "description": "A server SDK version you used when integrating your game server build with Amazon GameLift. By default Amazon GameLift sets this value to 4.0.2." + }, + "storageLocation": { + "$ref": "#/types/aws-native:gamelift:BuildStorageLocation", + "description": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region." + }, + "version": { + "type": "string", + "description": "Version information that is associated with this build. Version strings do not need to be unique." + } + }, + "outputs": { + "buildId": { + "type": "string", + "description": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a READY status. This fleet setting cannot be changed once the fleet is created." + }, + "name": { + "type": "string", + "description": "A descriptive label that is associated with a build. Build names do not need to be unique." + }, + "operatingSystem": { + "$ref": "#/types/aws-native:gamelift:BuildOperatingSystem", + "description": "The operating system that the game server binaries are built to run on. This value determines the type of fleet resources that you can use for this build. If your game build contains multiple executables, they all must run on the same operating system. If an operating system is not specified when creating a build, Amazon GameLift uses the default value (WINDOWS_2012). This value cannot be changed later.", + "replaceOnChanges": true + }, + "serverSdkVersion": { + "type": "string", + "description": "A server SDK version you used when integrating your game server build with Amazon GameLift. By default Amazon GameLift sets this value to 4.0.2.", + "replaceOnChanges": true + }, + "storageLocation": { + "$ref": "#/types/aws-native:gamelift:BuildStorageLocation", + "description": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.", + "replaceOnChanges": true + }, + "version": { + "type": "string", + "description": "Version information that is associated with this build. Version strings do not need to be unique." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "operatingSystem", + "serverSdkVersion", + "storageLocation" + ], + "writeOnly": [ + "serverSdkVersion", + "storageLocation" + ] + }, + "aws-native:gamelift:ContainerGroupDefinition": { + "cf": "AWS::GameLift::ContainerGroupDefinition", + "inputs": { + "containerDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionContainerDefinition" + }, + "description": "A collection of container definitions that define the containers in this group." + }, + "name": { + "type": "string", + "description": "A descriptive label for the container group definition." + }, + "operatingSystem": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionOperatingSystem", + "description": "The operating system of the container group" + }, + "schedulingStrategy": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionSchedulingStrategy", + "description": "Specifies whether the container group includes replica or daemon containers." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "totalCpuLimit": { + "type": "integer", + "description": "The maximum number of CPU units reserved for this container group. The value is expressed as an integer amount of CPU units. (1 vCPU is equal to 1024 CPU units.)" + }, + "totalMemoryLimit": { + "type": "integer", + "description": "The maximum amount of memory (in MiB) to allocate for this container group." + } + }, + "outputs": { + "containerDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionContainerDefinition" + }, + "description": "A collection of container definitions that define the containers in this group.", + "replaceOnChanges": true + }, + "containerGroupDefinitionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift container group resource and uniquely identifies it across all AWS Regions." + }, + "creationTime": { + "type": "string", + "description": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example \"1469498468.057\")." + }, + "name": { + "type": "string", + "description": "A descriptive label for the container group definition.", + "replaceOnChanges": true + }, + "operatingSystem": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionOperatingSystem", + "description": "The operating system of the container group", + "replaceOnChanges": true + }, + "schedulingStrategy": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionSchedulingStrategy", + "description": "Specifies whether the container group includes replica or daemon containers.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "totalCpuLimit": { + "type": "integer", + "description": "The maximum number of CPU units reserved for this container group. The value is expressed as an integer amount of CPU units. (1 vCPU is equal to 1024 CPU units.)", + "replaceOnChanges": true + }, + "totalMemoryLimit": { + "type": "integer", + "description": "The maximum amount of memory (in MiB) to allocate for this container group.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "containerDefinitions", + "operatingSystem", + "totalCpuLimit", + "totalMemoryLimit" + ], + "createOnly": [ + "containerDefinitions", + "name", + "operatingSystem", + "schedulingStrategy", + "totalCpuLimit", + "totalMemoryLimit" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:gamelift:Fleet": { + "cf": "AWS::GameLift::Fleet", + "inputs": { + "anywhereConfiguration": { + "$ref": "#/types/aws-native:gamelift:FleetAnywhereConfiguration", + "description": "Configuration for Anywhere fleet." + }, + "applyCapacity": { + "$ref": "#/types/aws-native:gamelift:FleetApplyCapacity", + "description": "Determines whether to apply fleet or location capacities on fleet creation." + }, + "buildId": { + "type": "string", + "description": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a READY status. This fleet setting cannot be changed once the fleet is created." + }, + "certificateConfiguration": { + "$ref": "#/types/aws-native:gamelift:FleetCertificateConfiguration", + "description": "Indicates whether to generate a TLS/SSL certificate for the new fleet. TLS certificates are used for encrypting traffic between game clients and game servers running on GameLift. If this parameter is not set, certificate generation is disabled. This fleet setting cannot be changed once the fleet is created." + }, + "computeType": { + "$ref": "#/types/aws-native:gamelift:FleetComputeType", + "description": "ComputeType to differentiate EC2 hardware managed by GameLift and Anywhere hardware managed by the customer." + }, + "containerGroupsConfiguration": { + "$ref": "#/types/aws-native:gamelift:FleetContainerGroupsConfiguration", + "description": "*This data type is used with the Amazon GameLift containers feature, which is currently in public preview.*\n\nConfiguration details for a set of container groups, for use when creating a fleet with compute type `CONTAINER` .\n\n*Used with:* `CreateFleet`" + }, + "description": { + "type": "string", + "description": "A human-readable description of a fleet." + }, + "desiredEc2Instances": { + "type": "integer", + "description": "[DEPRECATED] The number of EC2 instances that you want this fleet to host. When creating a new fleet, GameLift automatically sets this value to \"1\" and initiates a single instance. Once the fleet is active, update this value to trigger GameLift to add or remove instances from the fleet." + }, + "ec2InboundPermissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:FleetIpPermission" + }, + "description": "A range of IP addresses and port settings that allow inbound traffic to connect to server processes on an Amazon GameLift server." + }, + "ec2InstanceType": { + "type": "string", + "description": "The name of an EC2 instance type that is supported in Amazon GameLift. A fleet instance type determines the computing resources of each instance in the fleet, including CPU, memory, storage, and networking capacity. Amazon GameLift supports the following EC2 instance types. See Amazon EC2 Instance Types for detailed descriptions." + }, + "fleetType": { + "$ref": "#/types/aws-native:gamelift:FleetType", + "description": "Indicates whether to use On-Demand instances or Spot instances for this fleet. If empty, the default is ON_DEMAND. Both categories of instances use identical hardware and configurations based on the instance type selected for this fleet." + }, + "instanceRoleArn": { + "type": "string", + "description": "A unique identifier for an AWS IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN from the IAM dashboard in the AWS Management Console." + }, + "instanceRoleCredentialsProvider": { + "$ref": "#/types/aws-native:gamelift:FleetInstanceRoleCredentialsProvider", + "description": "Credentials provider implementation that loads credentials from the Amazon EC2 Instance Metadata Service." + }, + "locations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:FleetLocationConfiguration" + }, + "description": "A set of remote locations to deploy additional instances to and manage as a multi-location fleet. Use this parameter when creating a fleet in AWS Regions that support multiple locations. You can add any AWS Region or Local Zone that's supported by Amazon GameLift. Provide a list of one or more AWS Region codes, such as `us-west-2` , or Local Zone names. When using this parameter, Amazon GameLift requires you to include your home location in the request. For a list of supported Regions and Local Zones, see [Amazon GameLift service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting." + }, + "logPaths": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This parameter is no longer used. When hosting a custom game build, specify where Amazon GameLift should store log files using the Amazon GameLift server API call ProcessReady()" + }, + "maxSize": { + "type": "integer", + "description": "[DEPRECATED] The maximum value that is allowed for the fleet's instance count. When creating a new fleet, GameLift automatically sets this value to \"1\". Once the fleet is active, you can change this value." + }, + "metricGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name of an Amazon CloudWatch metric group. A metric group aggregates the metrics for all fleets in the group. Specify a string containing the metric group name. You can use an existing name or use a new name to create a new metric group. Currently, this parameter can have only one string." + }, + "minSize": { + "type": "integer", + "description": "[DEPRECATED] The minimum value allowed for the fleet's instance count. When creating a new fleet, GameLift automatically sets this value to \"0\". After the fleet is active, you can change this value." + }, + "name": { + "type": "string", + "description": "A descriptive label that is associated with a fleet. Fleet names do not need to be unique." + }, + "newGameSessionProtectionPolicy": { + "$ref": "#/types/aws-native:gamelift:FleetNewGameSessionProtectionPolicy", + "description": "A game session protection policy to apply to all game sessions hosted on instances in this fleet. When protected, active game sessions cannot be terminated during a scale-down event. If this parameter is not set, instances in this fleet default to no protection. You can change a fleet's protection policy to affect future game sessions on the fleet. You can also set protection for individual game sessions." + }, + "peerVpcAwsAccountId": { + "type": "string", + "description": "A unique identifier for the AWS account with the VPC that you want to peer your Amazon GameLift fleet with. You can find your account ID in the AWS Management Console under account settings." + }, + "peerVpcId": { + "type": "string", + "description": "A unique identifier for a VPC with resources to be accessed by your Amazon GameLift fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the VPC Dashboard in the AWS Management Console." + }, + "resourceCreationLimitPolicy": { + "$ref": "#/types/aws-native:gamelift:FleetResourceCreationLimitPolicy", + "description": "A policy that limits the number of game sessions an individual player can create over a span of time for this fleet." + }, + "runtimeConfiguration": { + "$ref": "#/types/aws-native:gamelift:FleetRuntimeConfiguration", + "description": "Instructions for launching server processes on each instance in the fleet. Server processes run either a custom game build executable or a Realtime script. The runtime configuration defines the server executables or launch script file, launch parameters, and the number of processes to run concurrently on each instance. When creating a fleet, the runtime configuration must have at least one server process configuration; otherwise the request fails with an invalid request exception.\n\nThis parameter is required unless the parameters ServerLaunchPath and ServerLaunchParameters are defined. Runtime configuration has replaced these parameters, but fleets that use them will continue to work." + }, + "scalingPolicies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:FleetScalingPolicy" + }, + "description": "A list of rules that control how a fleet is scaled." + }, + "scriptId": { + "type": "string", + "description": "A unique identifier for a Realtime script to be deployed on a new Realtime Servers fleet. The script must have been successfully uploaded to Amazon GameLift. This fleet setting cannot be changed once the fleet is created.\n\nNote: It is not currently possible to use the !Ref command to reference a script created with a CloudFormation template for the fleet property ScriptId. Instead, use Fn::GetAtt Script.Arn or Fn::GetAtt Script.Id to retrieve either of these properties as input for ScriptId. Alternatively, enter a ScriptId string manually." + }, + "serverLaunchParameters": { + "type": "string", + "description": "This parameter is no longer used but is retained for backward compatibility. Instead, specify server launch parameters in the RuntimeConfiguration parameter. A request must specify either a runtime configuration or values for both ServerLaunchParameters and ServerLaunchPath." + }, + "serverLaunchPath": { + "type": "string", + "description": "This parameter is no longer used. Instead, specify a server launch path using the RuntimeConfiguration parameter. Requests that specify a server launch path and launch parameters instead of a runtime configuration will continue to work." + } + }, + "outputs": { + "anywhereConfiguration": { + "$ref": "#/types/aws-native:gamelift:FleetAnywhereConfiguration", + "description": "Configuration for Anywhere fleet." + }, + "applyCapacity": { + "$ref": "#/types/aws-native:gamelift:FleetApplyCapacity", + "description": "Determines whether to apply fleet or location capacities on fleet creation.", + "replaceOnChanges": true + }, + "buildId": { + "type": "string", + "description": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a READY status. This fleet setting cannot be changed once the fleet is created.", + "replaceOnChanges": true + }, + "certificateConfiguration": { + "$ref": "#/types/aws-native:gamelift:FleetCertificateConfiguration", + "description": "Indicates whether to generate a TLS/SSL certificate for the new fleet. TLS certificates are used for encrypting traffic between game clients and game servers running on GameLift. If this parameter is not set, certificate generation is disabled. This fleet setting cannot be changed once the fleet is created.", + "replaceOnChanges": true + }, + "computeType": { + "$ref": "#/types/aws-native:gamelift:FleetComputeType", + "description": "ComputeType to differentiate EC2 hardware managed by GameLift and Anywhere hardware managed by the customer.", + "replaceOnChanges": true + }, + "containerGroupsConfiguration": { + "$ref": "#/types/aws-native:gamelift:FleetContainerGroupsConfiguration", + "description": "*This data type is used with the Amazon GameLift containers feature, which is currently in public preview.*\n\nConfiguration details for a set of container groups, for use when creating a fleet with compute type `CONTAINER` .\n\n*Used with:* `CreateFleet`", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "A human-readable description of a fleet." + }, + "desiredEc2Instances": { + "type": "integer", + "description": "[DEPRECATED] The number of EC2 instances that you want this fleet to host. When creating a new fleet, GameLift automatically sets this value to \"1\" and initiates a single instance. Once the fleet is active, update this value to trigger GameLift to add or remove instances from the fleet." + }, + "ec2InboundPermissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:FleetIpPermission" + }, + "description": "A range of IP addresses and port settings that allow inbound traffic to connect to server processes on an Amazon GameLift server." + }, + "ec2InstanceType": { + "type": "string", + "description": "The name of an EC2 instance type that is supported in Amazon GameLift. A fleet instance type determines the computing resources of each instance in the fleet, including CPU, memory, storage, and networking capacity. Amazon GameLift supports the following EC2 instance types. See Amazon EC2 Instance Types for detailed descriptions.", + "replaceOnChanges": true + }, + "fleetId": { + "type": "string", + "description": "Unique fleet ID" + }, + "fleetType": { + "$ref": "#/types/aws-native:gamelift:FleetType", + "description": "Indicates whether to use On-Demand instances or Spot instances for this fleet. If empty, the default is ON_DEMAND. Both categories of instances use identical hardware and configurations based on the instance type selected for this fleet.", + "replaceOnChanges": true + }, + "instanceRoleArn": { + "type": "string", + "description": "A unique identifier for an AWS IAM role that manages access to your AWS services. With an instance role ARN set, any application that runs on an instance in this fleet can assume the role, including install scripts, server processes, and daemons (background processes). Create a role or look up a role's ARN from the IAM dashboard in the AWS Management Console.", + "replaceOnChanges": true + }, + "instanceRoleCredentialsProvider": { + "$ref": "#/types/aws-native:gamelift:FleetInstanceRoleCredentialsProvider", + "description": "Credentials provider implementation that loads credentials from the Amazon EC2 Instance Metadata Service.", + "replaceOnChanges": true + }, + "locations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:FleetLocationConfiguration" + }, + "description": "A set of remote locations to deploy additional instances to and manage as a multi-location fleet. Use this parameter when creating a fleet in AWS Regions that support multiple locations. You can add any AWS Region or Local Zone that's supported by Amazon GameLift. Provide a list of one or more AWS Region codes, such as `us-west-2` , or Local Zone names. When using this parameter, Amazon GameLift requires you to include your home location in the request. For a list of supported Regions and Local Zones, see [Amazon GameLift service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting." + }, + "logPaths": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This parameter is no longer used. When hosting a custom game build, specify where Amazon GameLift should store log files using the Amazon GameLift server API call ProcessReady()", + "replaceOnChanges": true + }, + "maxSize": { + "type": "integer", + "description": "[DEPRECATED] The maximum value that is allowed for the fleet's instance count. When creating a new fleet, GameLift automatically sets this value to \"1\". Once the fleet is active, you can change this value." + }, + "metricGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name of an Amazon CloudWatch metric group. A metric group aggregates the metrics for all fleets in the group. Specify a string containing the metric group name. You can use an existing name or use a new name to create a new metric group. Currently, this parameter can have only one string." + }, + "minSize": { + "type": "integer", + "description": "[DEPRECATED] The minimum value allowed for the fleet's instance count. When creating a new fleet, GameLift automatically sets this value to \"0\". After the fleet is active, you can change this value." + }, + "name": { + "type": "string", + "description": "A descriptive label that is associated with a fleet. Fleet names do not need to be unique." + }, + "newGameSessionProtectionPolicy": { + "$ref": "#/types/aws-native:gamelift:FleetNewGameSessionProtectionPolicy", + "description": "A game session protection policy to apply to all game sessions hosted on instances in this fleet. When protected, active game sessions cannot be terminated during a scale-down event. If this parameter is not set, instances in this fleet default to no protection. You can change a fleet's protection policy to affect future game sessions on the fleet. You can also set protection for individual game sessions." + }, + "peerVpcAwsAccountId": { + "type": "string", + "description": "A unique identifier for the AWS account with the VPC that you want to peer your Amazon GameLift fleet with. You can find your account ID in the AWS Management Console under account settings.", + "replaceOnChanges": true + }, + "peerVpcId": { + "type": "string", + "description": "A unique identifier for a VPC with resources to be accessed by your Amazon GameLift fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the VPC Dashboard in the AWS Management Console.", + "replaceOnChanges": true + }, + "resourceCreationLimitPolicy": { + "$ref": "#/types/aws-native:gamelift:FleetResourceCreationLimitPolicy", + "description": "A policy that limits the number of game sessions an individual player can create over a span of time for this fleet." + }, + "runtimeConfiguration": { + "$ref": "#/types/aws-native:gamelift:FleetRuntimeConfiguration", + "description": "Instructions for launching server processes on each instance in the fleet. Server processes run either a custom game build executable or a Realtime script. The runtime configuration defines the server executables or launch script file, launch parameters, and the number of processes to run concurrently on each instance. When creating a fleet, the runtime configuration must have at least one server process configuration; otherwise the request fails with an invalid request exception.\n\nThis parameter is required unless the parameters ServerLaunchPath and ServerLaunchParameters are defined. Runtime configuration has replaced these parameters, but fleets that use them will continue to work." + }, + "scalingPolicies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:FleetScalingPolicy" + }, + "description": "A list of rules that control how a fleet is scaled." + }, + "scriptId": { + "type": "string", + "description": "A unique identifier for a Realtime script to be deployed on a new Realtime Servers fleet. The script must have been successfully uploaded to Amazon GameLift. This fleet setting cannot be changed once the fleet is created.\n\nNote: It is not currently possible to use the !Ref command to reference a script created with a CloudFormation template for the fleet property ScriptId. Instead, use Fn::GetAtt Script.Arn or Fn::GetAtt Script.Id to retrieve either of these properties as input for ScriptId. Alternatively, enter a ScriptId string manually.", + "replaceOnChanges": true + }, + "serverLaunchParameters": { + "type": "string", + "description": "This parameter is no longer used but is retained for backward compatibility. Instead, specify server launch parameters in the RuntimeConfiguration parameter. A request must specify either a runtime configuration or values for both ServerLaunchParameters and ServerLaunchPath.", + "replaceOnChanges": true + }, + "serverLaunchPath": { + "type": "string", + "description": "This parameter is no longer used. Instead, specify a server launch path using the RuntimeConfiguration parameter. Requests that specify a server launch path and launch parameters instead of a runtime configuration will continue to work.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 1024 + }, + "createOnly": [ + "applyCapacity", + "buildId", + "certificateConfiguration", + "computeType", + "containerGroupsConfiguration", + "ec2InstanceType", + "fleetType", + "instanceRoleArn", + "instanceRoleCredentialsProvider", + "logPaths", + "peerVpcAwsAccountId", + "peerVpcId", + "scriptId", + "serverLaunchParameters", + "serverLaunchPath" + ], + "writeOnly": [ + "applyCapacity" + ], + "irreversibleNames": { + "desiredEc2Instances": "DesiredEC2Instances", + "ec2InboundPermissions": "EC2InboundPermissions", + "ec2InstanceType": "EC2InstanceType", + "instanceRoleArn": "InstanceRoleARN" + } + }, + "aws-native:gamelift:GameServerGroup": { + "cf": "AWS::GameLift::GameServerGroup", + "inputs": { + "autoScalingPolicy": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupAutoScalingPolicy", + "description": "Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource." + }, + "balancingStrategy": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupBalancingStrategy", + "description": "The fallback balancing method to use for the game server group when Spot Instances in a Region become unavailable or are not viable for game hosting." + }, + "deleteOption": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupDeleteOption", + "description": "The type of delete to perform." + }, + "gameServerGroupName": { + "type": "string", + "description": "An identifier for the new game server group." + }, + "gameServerProtectionPolicy": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupGameServerProtectionPolicy", + "description": "A flag that indicates whether instances in the game server group are protected from early termination." + }, + "instanceDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupInstanceDefinition" + }, + "description": "A set of EC2 instance types to use when creating instances in the group." + }, + "launchTemplate": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupLaunchTemplate", + "description": "The EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource." + }, + "maxSize": { + "type": "number", + "description": "The maximum number of instances allowed in the EC2 Auto Scaling group. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource." + }, + "minSize": { + "type": "number", + "description": "The minimum number of instances allowed in the EC2 Auto Scaling group. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for an IAM role that allows Amazon GameLift to access your EC2 Auto Scaling groups." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of labels to assign to the new game server group resource. Updating game server group tags with CloudFormation will not take effect. Please update this property using AWS GameLift APIs instead." + }, + "vpcSubnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of virtual private cloud (VPC) subnets to use with instances in the game server group. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource." + } + }, + "outputs": { + "autoScalingGroupArn": { + "type": "string", + "description": "A generated unique ID for the EC2 Auto Scaling group that is associated with this game server group." + }, + "autoScalingPolicy": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupAutoScalingPolicy", + "description": "Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource." + }, + "balancingStrategy": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupBalancingStrategy", + "description": "The fallback balancing method to use for the game server group when Spot Instances in a Region become unavailable or are not viable for game hosting." + }, + "deleteOption": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupDeleteOption", + "description": "The type of delete to perform." + }, + "gameServerGroupArn": { + "type": "string", + "description": "A generated unique ID for the game server group." + }, + "gameServerGroupName": { + "type": "string", + "description": "An identifier for the new game server group." + }, + "gameServerProtectionPolicy": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupGameServerProtectionPolicy", + "description": "A flag that indicates whether instances in the game server group are protected from early termination." + }, + "instanceDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupInstanceDefinition" + }, + "description": "A set of EC2 instance types to use when creating instances in the group." + }, + "launchTemplate": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupLaunchTemplate", + "description": "The EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource." + }, + "maxSize": { + "type": "number", + "description": "The maximum number of instances allowed in the EC2 Auto Scaling group. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource." + }, + "minSize": { + "type": "number", + "description": "The minimum number of instances allowed in the EC2 Auto Scaling group. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for an IAM role that allows Amazon GameLift to access your EC2 Auto Scaling groups." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of labels to assign to the new game server group resource. Updating game server group tags with CloudFormation will not take effect. Please update this property using AWS GameLift APIs instead." + }, + "vpcSubnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of virtual private cloud (VPC) subnets to use with instances in the game server group. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource." + } + }, + "autoNamingSpec": { + "sdkName": "gameServerGroupName" + }, + "required": [ + "instanceDefinitions", + "roleArn" + ], + "writeOnly": [ + "autoScalingPolicy", + "deleteOption", + "launchTemplate", + "maxSize", + "minSize", + "tags", + "vpcSubnets" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:gamelift:GameSessionQueue": { + "cf": "AWS::GameLift::GameSessionQueue", + "inputs": { + "customEventData": { + "type": "string", + "description": "Information that is added to all events that are related to this game session queue." + }, + "destinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:GameSessionQueueDestination" + }, + "description": "A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue." + }, + "filterConfiguration": { + "$ref": "#/types/aws-native:gamelift:GameSessionQueueFilterConfiguration", + "description": "A list of locations where a queue is allowed to place new game sessions." + }, + "name": { + "type": "string", + "description": "A descriptive label that is associated with game session queue. Queue names must be unique within each Region." + }, + "notificationTarget": { + "type": "string", + "description": "An SNS topic ARN that is set up to receive game session placement notifications." + }, + "playerLatencyPolicies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:GameSessionQueuePlayerLatencyPolicy" + }, + "description": "A set of policies that act as a sliding cap on player latency." + }, + "priorityConfiguration": { + "$ref": "#/types/aws-native:gamelift:GameSessionQueuePriorityConfiguration", + "description": "Custom settings to use when prioritizing destinations and locations for game session placements." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "timeoutInSeconds": { + "type": "integer", + "description": "The maximum time, in seconds, that a new game session placement request remains in the queue." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift game session queue resource and uniquely identifies it." + }, + "customEventData": { + "type": "string", + "description": "Information that is added to all events that are related to this game session queue." + }, + "destinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:GameSessionQueueDestination" + }, + "description": "A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue." + }, + "filterConfiguration": { + "$ref": "#/types/aws-native:gamelift:GameSessionQueueFilterConfiguration", + "description": "A list of locations where a queue is allowed to place new game sessions." + }, + "name": { + "type": "string", + "description": "A descriptive label that is associated with game session queue. Queue names must be unique within each Region.", + "replaceOnChanges": true + }, + "notificationTarget": { + "type": "string", + "description": "An SNS topic ARN that is set up to receive game session placement notifications." + }, + "playerLatencyPolicies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:GameSessionQueuePlayerLatencyPolicy" + }, + "description": "A set of policies that act as a sliding cap on player latency." + }, + "priorityConfiguration": { + "$ref": "#/types/aws-native:gamelift:GameSessionQueuePriorityConfiguration", + "description": "Custom settings to use when prioritizing destinations and locations for game session placements." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "timeoutInSeconds": { + "type": "integer", + "description": "The maximum time, in seconds, that a new game session placement request remains in the queue." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:gamelift:Location": { + "cf": "AWS::GameLift::Location", + "inputs": { + "locationName": { + "type": "string", + "description": "A descriptive name for the custom location." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "locationArn": { + "type": "string", + "description": "A unique identifier for the custom location. For example, `arn:aws:gamelift:[region]::location/location-a1234567-b8c9-0d1e-2fa3-b45c6d7e8912` ." + }, + "locationName": { + "type": "string", + "description": "A descriptive name for the custom location.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "locationName", + "minLength": 8, + "maxLength": 64 + }, + "createOnly": [ + "locationName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:gamelift:MatchmakingConfiguration": { + "cf": "AWS::GameLift::MatchmakingConfiguration", + "inputs": { + "acceptanceRequired": { + "type": "boolean", + "description": "A flag that indicates whether a match that was created with this configuration must be accepted by the matched players" + }, + "acceptanceTimeoutSeconds": { + "type": "integer", + "description": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required." + }, + "additionalPlayerCount": { + "type": "integer", + "description": "The number of player slots in a match to keep open for future players." + }, + "backfillMode": { + "$ref": "#/types/aws-native:gamelift:MatchmakingConfigurationBackfillMode", + "description": "The method used to backfill game sessions created with this matchmaking configuration." + }, + "creationTime": { + "type": "string", + "description": "A time stamp indicating when this data object was created." + }, + "customEventData": { + "type": "string", + "description": "Information to attach to all events related to the matchmaking configuration." + }, + "description": { + "type": "string", + "description": "A descriptive label that is associated with matchmaking configuration." + }, + "flexMatchMode": { + "$ref": "#/types/aws-native:gamelift:MatchmakingConfigurationFlexMatchMode", + "description": "Indicates whether this matchmaking configuration is being used with Amazon GameLift hosting or as a standalone matchmaking solution." + }, + "gameProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:MatchmakingConfigurationGameProperty" + }, + "description": "A set of custom properties for a game session, formatted as key:value pairs." + }, + "gameSessionData": { + "type": "string", + "description": "A set of custom game session properties, formatted as a single string value." + }, + "gameSessionQueueArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift game session queue resource and uniquely identifies it." + }, + "name": { + "type": "string", + "description": "A unique identifier for the matchmaking configuration." + }, + "notificationTarget": { + "type": "string", + "description": "An SNS topic ARN that is set up to receive matchmaking notifications." + }, + "requestTimeoutSeconds": { + "type": "integer", + "description": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out." + }, + "ruleSetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) associated with the GameLift matchmaking rule set resource that this configuration uses." + }, + "ruleSetName": { + "type": "string", + "description": "A unique identifier for the matchmaking rule set to use with this configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "acceptanceRequired": { + "type": "boolean", + "description": "A flag that indicates whether a match that was created with this configuration must be accepted by the matched players" + }, + "acceptanceTimeoutSeconds": { + "type": "integer", + "description": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required." + }, + "additionalPlayerCount": { + "type": "integer", + "description": "The number of player slots in a match to keep open for future players." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift matchmaking configuration resource and uniquely identifies it." + }, + "backfillMode": { + "$ref": "#/types/aws-native:gamelift:MatchmakingConfigurationBackfillMode", + "description": "The method used to backfill game sessions created with this matchmaking configuration." + }, + "creationTime": { + "type": "string", + "description": "A time stamp indicating when this data object was created." + }, + "customEventData": { + "type": "string", + "description": "Information to attach to all events related to the matchmaking configuration." + }, + "description": { + "type": "string", + "description": "A descriptive label that is associated with matchmaking configuration." + }, + "flexMatchMode": { + "$ref": "#/types/aws-native:gamelift:MatchmakingConfigurationFlexMatchMode", + "description": "Indicates whether this matchmaking configuration is being used with Amazon GameLift hosting or as a standalone matchmaking solution." + }, + "gameProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:MatchmakingConfigurationGameProperty" + }, + "description": "A set of custom properties for a game session, formatted as key:value pairs." + }, + "gameSessionData": { + "type": "string", + "description": "A set of custom game session properties, formatted as a single string value." + }, + "gameSessionQueueArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift game session queue resource and uniquely identifies it." + }, + "name": { + "type": "string", + "description": "A unique identifier for the matchmaking configuration.", + "replaceOnChanges": true + }, + "notificationTarget": { + "type": "string", + "description": "An SNS topic ARN that is set up to receive matchmaking notifications." + }, + "requestTimeoutSeconds": { + "type": "integer", + "description": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out." + }, + "ruleSetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) associated with the GameLift matchmaking rule set resource that this configuration uses." + }, + "ruleSetName": { + "type": "string", + "description": "A unique identifier for the matchmaking rule set to use with this configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "required": [ + "acceptanceRequired", + "requestTimeoutSeconds", + "ruleSetName" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:gamelift:MatchmakingRuleSet": { + "cf": "AWS::GameLift::MatchmakingRuleSet", + "inputs": { + "name": { + "type": "string", + "description": "A unique identifier for the matchmaking rule set." + }, + "ruleSetBody": { + "type": "string", + "description": "A collection of matchmaking rules, formatted as a JSON string." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift matchmaking rule set resource and uniquely identifies it." + }, + "creationTime": { + "type": "string", + "description": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds." + }, + "name": { + "type": "string", + "description": "A unique identifier for the matchmaking rule set.", + "replaceOnChanges": true + }, + "ruleSetBody": { + "type": "string", + "description": "A collection of matchmaking rules, formatted as a JSON string.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "required": [ + "ruleSetBody" + ], + "createOnly": [ + "name", + "ruleSetBody" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:gamelift:Script": { + "cf": "AWS::GameLift::Script", + "inputs": { + "name": { + "type": "string", + "description": "A descriptive label that is associated with a script. Script names do not need to be unique." + }, + "storageLocation": { + "$ref": "#/types/aws-native:gamelift:ScriptS3Location", + "description": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the ObjectVersion parameter to specify an earlier version." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "version": { + "type": "string", + "description": "The version that is associated with a script. Version strings do not need to be unique." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that is assigned to a Amazon GameLift script resource and uniquely identifies it. ARNs are unique across all Regions. In a GameLift script ARN, the resource ID matches the Id value." + }, + "awsId": { + "type": "string", + "description": "A unique identifier for the Realtime script" + }, + "creationTime": { + "type": "string", + "description": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example \"1469498468.057\")." + }, + "name": { + "type": "string", + "description": "A descriptive label that is associated with a script. Script names do not need to be unique." + }, + "sizeOnDisk": { + "type": "integer", + "description": "The file size of the uploaded Realtime script, expressed in bytes. When files are uploaded from an S3 location, this value remains at \"0\"." + }, + "storageLocation": { + "$ref": "#/types/aws-native:gamelift:ScriptS3Location", + "description": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the ObjectVersion parameter to specify an earlier version." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "version": { + "type": "string", + "description": "The version that is associated with a script. Version strings do not need to be unique." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 1024 + }, + "required": [ + "storageLocation" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:globalaccelerator:Accelerator": { + "cf": "AWS::GlobalAccelerator::Accelerator", + "inputs": { + "enabled": { + "type": "boolean", + "description": "Indicates whether an accelerator is enabled. The value is true or false." + }, + "ipAddressType": { + "$ref": "#/types/aws-native:globalaccelerator:AcceleratorIpAddressType", + "description": "IP Address type." + }, + "ipAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IP addresses from BYOIP Prefix pool." + }, + "name": { + "type": "string", + "description": "Name of accelerator." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Create tags for an accelerator.\n\nFor more information, see [Tagging](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* ." + } + }, + "outputs": { + "acceleratorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the accelerator." + }, + "dnsName": { + "type": "string", + "description": "The Domain Name System (DNS) name that Global Accelerator creates that points to your accelerator's static IPv4 addresses." + }, + "dualStackDnsName": { + "type": "string", + "description": "The Domain Name System (DNS) name that Global Accelerator creates that points to your accelerator's static IPv4 and IPv6 addresses." + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether an accelerator is enabled. The value is true or false." + }, + "ipAddressType": { + "$ref": "#/types/aws-native:globalaccelerator:AcceleratorIpAddressType", + "description": "IP Address type." + }, + "ipAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IP addresses from BYOIP Prefix pool." + }, + "ipv4Addresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv4 addresses assigned to the accelerator." + }, + "ipv6Addresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv6 addresses assigned if the accelerator is dualstack" + }, + "name": { + "type": "string", + "description": "Name of accelerator." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Create tags for an accelerator.\n\nFor more information, see [Tagging](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* ." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:globalaccelerator:CrossAccountAttachment": { + "cf": "AWS::GlobalAccelerator::CrossAccountAttachment", + "inputs": { + "name": { + "type": "string", + "description": "The Friendly identifier of the attachment." + }, + "principals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Principals to share the resources with." + }, + "resources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:globalaccelerator:CrossAccountAttachmentResource" + }, + "description": "Resources shared using the attachment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Add tags for a cross-account attachment.\n\nFor more information, see [Tagging in AWS Global Accelerator](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* ." + } + }, + "outputs": { + "attachmentArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the attachment." + }, + "name": { + "type": "string", + "description": "The Friendly identifier of the attachment." + }, + "principals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Principals to share the resources with." + }, + "resources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:globalaccelerator:CrossAccountAttachmentResource" + }, + "description": "Resources shared using the attachment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Add tags for a cross-account attachment.\n\nFor more information, see [Tagging in AWS Global Accelerator](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* ." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "writeOnly": [ + "resources/*/Region" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:globalaccelerator:EndpointGroup": { + "cf": "AWS::GlobalAccelerator::EndpointGroup", + "inputs": { + "endpointConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:globalaccelerator:EndpointGroupEndpointConfiguration" + }, + "description": "The list of endpoint objects." + }, + "endpointGroupRegion": { + "type": "string", + "description": "The name of the AWS Region where the endpoint group is located" + }, + "healthCheckIntervalSeconds": { + "type": "integer", + "description": "The time in seconds between each health check for an endpoint. Must be a value of 10 or 30" + }, + "healthCheckPath": { + "type": "string", + "description": "If the protocol is HTTP/S, then this value provides the ping path that Global Accelerator uses for the destination on the endpoints for health checks. The default is slash (/)." + }, + "healthCheckPort": { + "type": "integer", + "description": "The port that AWS Global Accelerator uses to check the health of endpoints in this endpoint group." + }, + "healthCheckProtocol": { + "$ref": "#/types/aws-native:globalaccelerator:EndpointGroupHealthCheckProtocol", + "description": "The protocol that AWS Global Accelerator uses to check the health of endpoints in this endpoint group." + }, + "listenerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the listener" + }, + "portOverrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:globalaccelerator:EndpointGroupPortOverride" + }, + "description": "Allows you to override the destination ports used to route traffic to an endpoint. Using a port override lets you map a list of external destination ports (that your users send traffic to) to a list of internal destination ports that you want an application endpoint to receive traffic on." + }, + "thresholdCount": { + "type": "integer", + "description": "The number of consecutive health checks required to set the state of the endpoint to unhealthy." + }, + "trafficDialPercentage": { + "type": "number", + "description": "The percentage of traffic to sent to an AWS Region" + } + }, + "outputs": { + "endpointConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:globalaccelerator:EndpointGroupEndpointConfiguration" + }, + "description": "The list of endpoint objects." + }, + "endpointGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the endpoint group" + }, + "endpointGroupRegion": { + "type": "string", + "description": "The name of the AWS Region where the endpoint group is located", + "replaceOnChanges": true + }, + "healthCheckIntervalSeconds": { + "type": "integer", + "description": "The time in seconds between each health check for an endpoint. Must be a value of 10 or 30" + }, + "healthCheckPath": { + "type": "string", + "description": "If the protocol is HTTP/S, then this value provides the ping path that Global Accelerator uses for the destination on the endpoints for health checks. The default is slash (/)." + }, + "healthCheckPort": { + "type": "integer", + "description": "The port that AWS Global Accelerator uses to check the health of endpoints in this endpoint group." + }, + "healthCheckProtocol": { + "$ref": "#/types/aws-native:globalaccelerator:EndpointGroupHealthCheckProtocol", + "description": "The protocol that AWS Global Accelerator uses to check the health of endpoints in this endpoint group." + }, + "listenerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the listener", + "replaceOnChanges": true + }, + "portOverrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:globalaccelerator:EndpointGroupPortOverride" + }, + "description": "Allows you to override the destination ports used to route traffic to an endpoint. Using a port override lets you map a list of external destination ports (that your users send traffic to) to a list of internal destination ports that you want an application endpoint to receive traffic on." + }, + "thresholdCount": { + "type": "integer", + "description": "The number of consecutive health checks required to set the state of the endpoint to unhealthy." + }, + "trafficDialPercentage": { + "type": "number", + "description": "The percentage of traffic to sent to an AWS Region" + } + }, + "required": [ + "endpointGroupRegion", + "listenerArn" + ], + "createOnly": [ + "endpointGroupRegion", + "listenerArn" + ], + "writeOnly": [ + "endpointConfigurations/*/AttachmentArn" + ] + }, + "aws-native:globalaccelerator:Listener": { + "cf": "AWS::GlobalAccelerator::Listener", + "inputs": { + "acceleratorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the accelerator." + }, + "clientAffinity": { + "$ref": "#/types/aws-native:globalaccelerator:ListenerClientAffinity", + "description": "Client affinity lets you direct all requests from a user to the same endpoint." + }, + "portRanges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:globalaccelerator:ListenerPortRange" + }, + "description": "The list of port ranges for the connections from clients to the accelerator." + }, + "protocol": { + "$ref": "#/types/aws-native:globalaccelerator:ListenerProtocol", + "description": "The protocol for the listener." + } + }, + "outputs": { + "acceleratorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the accelerator.", + "replaceOnChanges": true + }, + "clientAffinity": { + "$ref": "#/types/aws-native:globalaccelerator:ListenerClientAffinity", + "description": "Client affinity lets you direct all requests from a user to the same endpoint." + }, + "listenerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the listener." + }, + "portRanges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:globalaccelerator:ListenerPortRange" + }, + "description": "The list of port ranges for the connections from clients to the accelerator." + }, + "protocol": { + "$ref": "#/types/aws-native:globalaccelerator:ListenerProtocol", + "description": "The protocol for the listener." + } + }, + "required": [ + "acceleratorArn", + "portRanges", + "protocol" + ], + "createOnly": [ + "acceleratorArn" + ] + }, + "aws-native:glue:Registry": { + "cf": "AWS::Glue::Registry", + "inputs": { + "description": { + "type": "string", + "description": "A description of the registry. If description is not provided, there will not be any default value for this." + }, + "name": { + "type": "string", + "description": "Name of the registry to be created of max length of 255, and may only contain letters, numbers, hyphen, underscore, dollar sign, or hash mark. No whitespace." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "List of tags to tag the Registry" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Amazon Resource Name for the created Registry." + }, + "description": { + "type": "string", + "description": "A description of the registry. If description is not provided, there will not be any default value for this." + }, + "name": { + "type": "string", + "description": "Name of the registry to be created of max length of 255, and may only contain letters, numbers, hyphen, underscore, dollar sign, or hash mark. No whitespace.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "List of tags to tag the Registry" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:glue:Schema": { + "cf": "AWS::Glue::Schema", + "inputs": { + "checkpointVersion": { + "$ref": "#/types/aws-native:glue:SchemaVersion", + "description": "Specify the `VersionNumber` or the `IsLatest` for setting the checkpoint for the schema. This is only required for updating a checkpoint." + }, + "compatibility": { + "$ref": "#/types/aws-native:glue:SchemaCompatibility", + "description": "Compatibility setting for the schema." + }, + "dataFormat": { + "$ref": "#/types/aws-native:glue:SchemaDataFormat", + "description": "Data format name to use for the schema. Accepted values: 'AVRO', 'JSON', 'PROTOBUF'" + }, + "description": { + "type": "string", + "description": "A description of the schema. If description is not provided, there will not be any default value for this." + }, + "name": { + "type": "string", + "description": "Name of the schema." + }, + "registry": { + "$ref": "#/types/aws-native:glue:SchemaRegistry", + "description": "The registry where a schema is stored." + }, + "schemaDefinition": { + "type": "string", + "description": "Definition for the initial schema version in plain-text." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "List of tags to tag the schema" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Amazon Resource Name for the Schema." + }, + "checkpointVersion": { + "$ref": "#/types/aws-native:glue:SchemaVersion", + "description": "Specify the `VersionNumber` or the `IsLatest` for setting the checkpoint for the schema. This is only required for updating a checkpoint." + }, + "compatibility": { + "$ref": "#/types/aws-native:glue:SchemaCompatibility", + "description": "Compatibility setting for the schema." + }, + "dataFormat": { + "$ref": "#/types/aws-native:glue:SchemaDataFormat", + "description": "Data format name to use for the schema. Accepted values: 'AVRO', 'JSON', 'PROTOBUF'", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "A description of the schema. If description is not provided, there will not be any default value for this." + }, + "initialSchemaVersionId": { + "type": "string", + "description": "Represents the version ID associated with the initial schema version." + }, + "name": { + "type": "string", + "description": "Name of the schema.", + "replaceOnChanges": true + }, + "registry": { + "$ref": "#/types/aws-native:glue:SchemaRegistry", + "description": "The registry where a schema is stored.", + "replaceOnChanges": true + }, + "schemaDefinition": { + "type": "string", + "description": "Definition for the initial schema version in plain-text.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "List of tags to tag the schema" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "compatibility", + "dataFormat", + "schemaDefinition" + ], + "createOnly": [ + "dataFormat", + "name", + "registry", + "schemaDefinition" + ], + "writeOnly": [ + "schemaDefinition" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:glue:SchemaVersion": { + "cf": "AWS::Glue::SchemaVersion", + "inputs": { + "schema": { + "$ref": "#/types/aws-native:glue:SchemaVersionSchema", + "description": "The schema that includes the schema version." + }, + "schemaDefinition": { + "type": "string", + "description": "Complete definition of the schema in plain-text." + } + }, + "outputs": { + "schema": { + "$ref": "#/types/aws-native:glue:SchemaVersionSchema", + "description": "The schema that includes the schema version.", + "replaceOnChanges": true + }, + "schemaDefinition": { + "type": "string", + "description": "Complete definition of the schema in plain-text.", + "replaceOnChanges": true + }, + "versionId": { + "type": "string", + "description": "Represents the version ID associated with the schema version." + } + }, + "required": [ + "schema", + "schemaDefinition" + ], + "createOnly": [ + "schema", + "schemaDefinition" + ] + }, + "aws-native:glue:SchemaVersionMetadata": { + "cf": "AWS::Glue::SchemaVersionMetadata", + "inputs": { + "key": { + "type": "string", + "description": "Metadata key" + }, + "schemaVersionId": { + "type": "string", + "description": "Represents the version ID associated with the schema version." + }, + "value": { + "type": "string", + "description": "Metadata value" + } + }, + "outputs": { + "key": { + "type": "string", + "description": "Metadata key", + "replaceOnChanges": true + }, + "schemaVersionId": { + "type": "string", + "description": "Represents the version ID associated with the schema version.", + "replaceOnChanges": true + }, + "value": { + "type": "string", + "description": "Metadata value", + "replaceOnChanges": true + } + }, + "required": [ + "key", + "schemaVersionId", + "value" + ], + "createOnly": [ + "key", + "schemaVersionId", + "value" + ] + }, + "aws-native:glue:Trigger": { + "cf": "AWS::Glue::Trigger", + "inputs": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:glue:TriggerAction" + }, + "description": "The actions initiated by this trigger." + }, + "description": { + "type": "string", + "description": "A description of this trigger." + }, + "eventBatchingCondition": { + "$ref": "#/types/aws-native:glue:TriggerEventBatchingCondition", + "description": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires." + }, + "name": { + "type": "string", + "description": "The name of the trigger." + }, + "predicate": { + "$ref": "#/types/aws-native:glue:TriggerPredicate", + "description": "The predicate of this trigger, which defines when it will fire." + }, + "schedule": { + "type": "string", + "description": "A cron expression used to specify the schedule." + }, + "startOnCreation": { + "type": "boolean", + "description": "Set to true to start SCHEDULED and CONDITIONAL triggers when created. True is not supported for ON_DEMAND triggers." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "The tags to use with this trigger.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Trigger` for more information about the expected schema for this property." + }, + "type": { + "type": "string", + "description": "The type of trigger that this is." + }, + "workflowName": { + "type": "string", + "description": "The name of the workflow associated with the trigger." + } + }, + "outputs": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:glue:TriggerAction" + }, + "description": "The actions initiated by this trigger." + }, + "description": { + "type": "string", + "description": "A description of this trigger." + }, + "eventBatchingCondition": { + "$ref": "#/types/aws-native:glue:TriggerEventBatchingCondition", + "description": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires." + }, + "name": { + "type": "string", + "description": "The name of the trigger.", + "replaceOnChanges": true + }, + "predicate": { + "$ref": "#/types/aws-native:glue:TriggerPredicate", + "description": "The predicate of this trigger, which defines when it will fire." + }, + "schedule": { + "type": "string", + "description": "A cron expression used to specify the schedule." + }, + "startOnCreation": { + "type": "boolean", + "description": "Set to true to start SCHEDULED and CONDITIONAL triggers when created. True is not supported for ON_DEMAND triggers." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "The tags to use with this trigger.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Glue::Trigger` for more information about the expected schema for this property." + }, + "type": { + "type": "string", + "description": "The type of trigger that this is.", + "replaceOnChanges": true + }, + "workflowName": { + "type": "string", + "description": "The name of the workflow associated with the trigger.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "actions", + "type" + ], + "createOnly": [ + "name", + "type", + "workflowName" + ], + "writeOnly": [ + "startOnCreation" + ], + "tagsProperty": "tags", + "tagsStyle": "untyped" + }, + "aws-native:grafana:Workspace": { + "cf": "AWS::Grafana::Workspace", + "inputs": { + "accountAccessType": { + "$ref": "#/types/aws-native:grafana:WorkspaceAccountAccessType", + "description": "Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization. If this is `ORGANIZATION` , the `OrganizationalUnits` parameter specifies which organizational units the workspace can access." + }, + "authenticationProviders": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:grafana:WorkspaceAuthenticationProviderTypes" + }, + "description": "List of authentication providers to enable." + }, + "clientToken": { + "type": "string", + "description": "A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request." + }, + "dataSources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:grafana:WorkspaceDataSourceType" + }, + "description": "List of data sources on the service managed IAM role." + }, + "description": { + "type": "string", + "description": "Description of a workspace." + }, + "grafanaVersion": { + "type": "string", + "description": "The version of Grafana to support in your workspace." + }, + "name": { + "type": "string", + "description": "The user friendly name of a workspace." + }, + "networkAccessControl": { + "$ref": "#/types/aws-native:grafana:WorkspaceNetworkAccessControl", + "description": "The configuration settings for network access to your workspace." + }, + "notificationDestinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:grafana:WorkspaceNotificationDestinationType" + }, + "description": "List of notification destinations on the customers service managed IAM role that the Grafana workspace can query." + }, + "organizationRoleName": { + "type": "string", + "description": "The name of an IAM role that already exists to use with AWS Organizations to access AWS data sources and notification channels in other accounts in an organization." + }, + "organizationalUnits": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Organizational Units containing AWS accounts the Grafana workspace can pull data from." + }, + "permissionType": { + "$ref": "#/types/aws-native:grafana:WorkspacePermissionType", + "description": "If this is `SERVICE_MANAGED` , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.\n\nIf this is `CUSTOMER_MANAGED` , you must manage those roles and permissions yourself.\n\nIf you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to `CUSTOMER_MANAGED` .\n\nFor more information about converting between customer and service managed, see [Managing permissions for data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-datasource-and-notification.html) . For more information about the roles and permissions that must be managed for customer managed workspaces, see [Amazon Managed Grafana permissions and policies for AWS data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html)" + }, + "pluginAdminEnabled": { + "type": "boolean", + "description": "Allow workspace admins to install plugins" + }, + "roleArn": { + "type": "string", + "description": "IAM Role that will be used to grant the Grafana workspace access to a customers AWS resources." + }, + "samlConfiguration": { + "$ref": "#/types/aws-native:grafana:WorkspaceSamlConfiguration", + "description": "If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the `Admin` and `Editor` roles in the workspace." + }, + "stackSetName": { + "type": "string", + "description": "The name of the AWS CloudFormation stack set to use to generate IAM roles to be used for this workspace." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:grafana:WorkspaceVpcConfiguration", + "description": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.\n\n\u003e Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2)." + } + }, + "outputs": { + "accountAccessType": { + "$ref": "#/types/aws-native:grafana:WorkspaceAccountAccessType", + "description": "Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization. If this is `ORGANIZATION` , the `OrganizationalUnits` parameter specifies which organizational units the workspace can access." + }, + "authenticationProviders": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:grafana:WorkspaceAuthenticationProviderTypes" + }, + "description": "List of authentication providers to enable." + }, + "awsId": { + "type": "string", + "description": "The id that uniquely identifies a Grafana workspace." + }, + "clientToken": { + "type": "string", + "description": "A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.", + "replaceOnChanges": true + }, + "creationTimestamp": { + "type": "string", + "description": "Timestamp when the workspace was created." + }, + "dataSources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:grafana:WorkspaceDataSourceType" + }, + "description": "List of data sources on the service managed IAM role." + }, + "description": { + "type": "string", + "description": "Description of a workspace." + }, + "endpoint": { + "type": "string", + "description": "Endpoint for the Grafana workspace." + }, + "grafanaVersion": { + "type": "string", + "description": "The version of Grafana to support in your workspace." + }, + "modificationTimestamp": { + "type": "string", + "description": "Timestamp when the workspace was last modified" + }, + "name": { + "type": "string", + "description": "The user friendly name of a workspace." + }, + "networkAccessControl": { + "$ref": "#/types/aws-native:grafana:WorkspaceNetworkAccessControl", + "description": "The configuration settings for network access to your workspace." + }, + "notificationDestinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:grafana:WorkspaceNotificationDestinationType" + }, + "description": "List of notification destinations on the customers service managed IAM role that the Grafana workspace can query." + }, + "organizationRoleName": { + "type": "string", + "description": "The name of an IAM role that already exists to use with AWS Organizations to access AWS data sources and notification channels in other accounts in an organization." + }, + "organizationalUnits": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Organizational Units containing AWS accounts the Grafana workspace can pull data from." + }, + "permissionType": { + "$ref": "#/types/aws-native:grafana:WorkspacePermissionType", + "description": "If this is `SERVICE_MANAGED` , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.\n\nIf this is `CUSTOMER_MANAGED` , you must manage those roles and permissions yourself.\n\nIf you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to `CUSTOMER_MANAGED` .\n\nFor more information about converting between customer and service managed, see [Managing permissions for data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-datasource-and-notification.html) . For more information about the roles and permissions that must be managed for customer managed workspaces, see [Amazon Managed Grafana permissions and policies for AWS data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html)" + }, + "pluginAdminEnabled": { + "type": "boolean", + "description": "Allow workspace admins to install plugins" + }, + "roleArn": { + "type": "string", + "description": "IAM Role that will be used to grant the Grafana workspace access to a customers AWS resources." + }, + "samlConfiguration": { + "$ref": "#/types/aws-native:grafana:WorkspaceSamlConfiguration", + "description": "If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the `Admin` and `Editor` roles in the workspace." + }, + "samlConfigurationStatus": { + "$ref": "#/types/aws-native:grafana:WorkspaceSamlConfigurationStatus", + "description": "Specifies whether the workspace's SAML configuration is complete.\n\nValid values: `CONFIGURED | NOT_CONFIGURED`\n\nType: String" + }, + "ssoClientId": { + "type": "string", + "description": "The client ID of the AWS SSO Managed Application." + }, + "stackSetName": { + "type": "string", + "description": "The name of the AWS CloudFormation stack set to use to generate IAM roles to be used for this workspace." + }, + "status": { + "$ref": "#/types/aws-native:grafana:WorkspaceStatus", + "description": "The current status of the workspace.\n\nValid values: `ACTIVE | CREATING | DELETING | FAILED | UPDATING | UPGRADING | DELETION_FAILED | CREATION_FAILED | UPDATE_FAILED | UPGRADE_FAILED | LICENSE_REMOVAL_FAILED`\n\nType: String" + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:grafana:WorkspaceVpcConfiguration", + "description": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.\n\n\u003e Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2)." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "accountAccessType", + "authenticationProviders", + "permissionType" + ], + "createOnly": [ + "clientToken" + ], + "writeOnly": [ + "clientToken" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:greengrassv2:ComponentVersion": { + "cf": "AWS::GreengrassV2::ComponentVersion", + "inputs": { + "inlineRecipe": { + "type": "string", + "description": "The recipe to use to create the component. The recipe defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform compatibility.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` ." + }, + "lambdaFunction": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaFunctionRecipeSource", + "description": "The parameters to create a component from a Lambda function.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` ." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Application-specific metadata to attach to the component version. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the component version." + }, + "componentName": { + "type": "string", + "description": "The name of the component." + }, + "componentVersion": { + "type": "string", + "description": "The version of the component.", + "language": { + "csharp": { + "name": "ComponentVersionValue" + } + } + }, + "inlineRecipe": { + "type": "string", + "description": "The recipe to use to create the component. The recipe defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform compatibility.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", + "replaceOnChanges": true + }, + "lambdaFunction": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaFunctionRecipeSource", + "description": "The parameters to create a component from a Lambda function.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Application-specific metadata to attach to the component version. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```" + } + }, + "createOnly": [ + "inlineRecipe", + "lambdaFunction" + ], + "writeOnly": [ + "inlineRecipe", + "lambdaFunction" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:greengrassv2:Deployment": { + "cf": "AWS::GreengrassV2::Deployment", + "inputs": { + "components": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentComponentDeploymentSpecification" + }, + "description": "The components to deploy. This is a dictionary, where each key is the name of a component, and each key's value is the version and configuration to deploy for that component." + }, + "deploymentName": { + "type": "string", + "description": "The name of the deployment." + }, + "deploymentPolicies": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentPolicies", + "description": "The deployment policies for the deployment. These policies define how the deployment updates components and handles failure." + }, + "iotJobConfiguration": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentIoTJobConfiguration", + "description": "The job configuration for the deployment configuration. The job configuration specifies the rollout, timeout, and stop configurations for the deployment configuration." + }, + "parentTargetArn": { + "type": "string", + "description": "The parent deployment's [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) for a subdeployment." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Application-specific metadata to attach to the deployment. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```" + }, + "targetArn": { + "type": "string", + "description": "The ARN of the target AWS IoT thing or thing group." + } + }, + "outputs": { + "components": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentComponentDeploymentSpecification" + }, + "description": "The components to deploy. This is a dictionary, where each key is the name of a component, and each key's value is the version and configuration to deploy for that component.", + "replaceOnChanges": true + }, + "deploymentId": { + "type": "string", + "description": "The ID of the deployment." + }, + "deploymentName": { + "type": "string", + "description": "The name of the deployment.", + "replaceOnChanges": true + }, + "deploymentPolicies": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentPolicies", + "description": "The deployment policies for the deployment. These policies define how the deployment updates components and handles failure.", + "replaceOnChanges": true + }, + "iotJobConfiguration": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentIoTJobConfiguration", + "description": "The job configuration for the deployment configuration. The job configuration specifies the rollout, timeout, and stop configurations for the deployment configuration.", + "replaceOnChanges": true + }, + "parentTargetArn": { + "type": "string", + "description": "The parent deployment's [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) for a subdeployment.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Application-specific metadata to attach to the deployment. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```" + }, + "targetArn": { + "type": "string", + "description": "The ARN of the target AWS IoT thing or thing group.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "deploymentName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "targetArn" + ], + "createOnly": [ + "components", + "deploymentName", + "deploymentPolicies", + "iotJobConfiguration", + "parentTargetArn", + "targetArn" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:groundstation:Config": { + "cf": "AWS::GroundStation::Config", + "inputs": { + "configData": { + "$ref": "#/types/aws-native:groundstation:ConfigData", + "description": "Object containing the parameters of a config. Only one subtype may be specified per config. See the subtype definitions for a description of each config subtype." + }, + "name": { + "type": "string", + "description": "The name of the config object." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags assigned to a resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the config, such as `arn:aws:groundstation:us-east-2:1234567890:config/tracking/9940bf3b-d2ba-427e-9906-842b5e5d2296` ." + }, + "awsId": { + "type": "string", + "description": "The ID of the config, such as `9940bf3b-d2ba-427e-9906-842b5e5d2296` ." + }, + "configData": { + "$ref": "#/types/aws-native:groundstation:ConfigData", + "description": "Object containing the parameters of a config. Only one subtype may be specified per config. See the subtype definitions for a description of each config subtype." + }, + "name": { + "type": "string", + "description": "The name of the config object." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags assigned to a resource." + }, + "type": { + "type": "string", + "description": "The type of the config, such as `tracking` ." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "configData" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:groundstation:DataflowEndpointGroup": { + "cf": "AWS::GroundStation::DataflowEndpointGroup", + "inputs": { + "contactPostPassDurationSeconds": { + "type": "integer", + "description": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state." + }, + "contactPrePassDurationSeconds": { + "type": "integer", + "description": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state." + }, + "endpointDetails": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupEndpointDetails" + }, + "description": "List of Endpoint Details, containing address and port for each endpoint." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags assigned to a resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the dataflow endpoint group, such as `arn:aws:groundstation:us-east-2:1234567890:dataflow-endpoint-group/9940bf3b-d2ba-427e-9906-842b5e5d2296` ." + }, + "awsId": { + "type": "string", + "description": "UUID of a dataflow endpoint group." + }, + "contactPostPassDurationSeconds": { + "type": "integer", + "description": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state." + }, + "contactPrePassDurationSeconds": { + "type": "integer", + "description": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state." + }, + "endpointDetails": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupEndpointDetails" + }, + "description": "List of Endpoint Details, containing address and port for each endpoint." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags assigned to a resource." + } + }, + "required": [ + "endpointDetails" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:groundstation:MissionProfile": { + "cf": "AWS::GroundStation::MissionProfile", + "inputs": { + "contactPostPassDurationSeconds": { + "type": "integer", + "description": "Post-pass time needed after the contact." + }, + "contactPrePassDurationSeconds": { + "type": "integer", + "description": "Pre-pass time needed before the contact." + }, + "dataflowEdges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:groundstation:MissionProfileDataflowEdge" + }, + "description": "A list containing lists of config ARNs. Each list of config ARNs is an edge, with a \"from\" config and a \"to\" config." + }, + "minimumViableContactDurationSeconds": { + "type": "integer", + "description": "Visibilities with shorter duration than the specified minimum viable contact duration will be ignored when searching for available contacts." + }, + "name": { + "type": "string", + "description": "A name used to identify a mission profile." + }, + "streamsKmsKey": { + "$ref": "#/types/aws-native:groundstation:MissionProfileStreamsKmsKey", + "description": "The ARN of a KMS Key used for encrypting data during transmission from the source to destination locations." + }, + "streamsKmsRole": { + "type": "string", + "description": "The ARN of the KMS Key or Alias Key role used to define permissions on KMS Key usage." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags assigned to the mission profile." + }, + "trackingConfigArn": { + "type": "string", + "description": "The ARN of a tracking config objects that defines how to track the satellite through the sky during a contact." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the mission profile, such as `arn:aws:groundstation:us-east-2:1234567890:mission-profile/9940bf3b-d2ba-427e-9906-842b5e5d2296` ." + }, + "awsId": { + "type": "string", + "description": "The ID of the mission profile, such as `9940bf3b-d2ba-427e-9906-842b5e5d2296` ." + }, + "contactPostPassDurationSeconds": { + "type": "integer", + "description": "Post-pass time needed after the contact." + }, + "contactPrePassDurationSeconds": { + "type": "integer", + "description": "Pre-pass time needed before the contact." + }, + "dataflowEdges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:groundstation:MissionProfileDataflowEdge" + }, + "description": "A list containing lists of config ARNs. Each list of config ARNs is an edge, with a \"from\" config and a \"to\" config." + }, + "minimumViableContactDurationSeconds": { + "type": "integer", + "description": "Visibilities with shorter duration than the specified minimum viable contact duration will be ignored when searching for available contacts." + }, + "name": { + "type": "string", + "description": "A name used to identify a mission profile." + }, + "region": { + "type": "string", + "description": "The region of the mission profile." + }, + "streamsKmsKey": { + "$ref": "#/types/aws-native:groundstation:MissionProfileStreamsKmsKey", + "description": "The ARN of a KMS Key used for encrypting data during transmission from the source to destination locations." + }, + "streamsKmsRole": { + "type": "string", + "description": "The ARN of the KMS Key or Alias Key role used to define permissions on KMS Key usage." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags assigned to the mission profile." + }, + "trackingConfigArn": { + "type": "string", + "description": "The ARN of a tracking config objects that defines how to track the satellite through the sky during a contact." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "dataflowEdges", + "minimumViableContactDurationSeconds", + "trackingConfigArn" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:guardduty:Detector": { + "cf": "AWS::GuardDuty::Detector", + "inputs": { + "dataSources": { + "$ref": "#/types/aws-native:guardduty:DetectorCfnDataSourceConfigurations", + "description": "Describes which data sources will be enabled for the detector." + }, + "enable": { + "type": "boolean", + "description": "Specifies whether the detector is to be enabled on creation." + }, + "features": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:guardduty:DetectorCfnFeatureConfiguration" + }, + "description": "A list of features that will be configured for the detector." + }, + "findingPublishingFrequency": { + "type": "string", + "description": "Specifies how frequently updated findings are exported." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies tags added to a new detector resource. Each tag consists of a key and an optional value, both of which you define.\n\nCurrently, support is available only for creating and deleting a tag. No support exists for updating the tags.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The unique ID of the detector." + }, + "dataSources": { + "$ref": "#/types/aws-native:guardduty:DetectorCfnDataSourceConfigurations", + "description": "Describes which data sources will be enabled for the detector." + }, + "enable": { + "type": "boolean", + "description": "Specifies whether the detector is to be enabled on creation." + }, + "features": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:guardduty:DetectorCfnFeatureConfiguration" + }, + "description": "A list of features that will be configured for the detector." + }, + "findingPublishingFrequency": { + "type": "string", + "description": "Specifies how frequently updated findings are exported." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies tags added to a new detector resource. Each tag consists of a key and an optional value, both of which you define.\n\nCurrently, support is available only for creating and deleting a tag. No support exists for updating the tags.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "required": [ + "enable" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:guardduty:Filter": { + "cf": "AWS::GuardDuty::Filter", + "inputs": { + "action": { + "type": "string", + "description": "Specifies the action that is to be applied to the findings that match the filter." + }, + "description": { + "type": "string", + "description": "The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace." + }, + "detectorId": { + "type": "string", + "description": "The ID of the detector belonging to the GuardDuty account that you want to create a filter for." + }, + "findingCriteria": { + "$ref": "#/types/aws-native:guardduty:FilterFindingCriteria", + "description": "Represents the criteria to be used in the filter for querying findings." + }, + "name": { + "type": "string", + "description": "The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character." + }, + "rank": { + "type": "integer", + "description": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100.\n\nBy default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `\"DependsOn\":[ \"ObjectName\" ]` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be added to a new filter resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "action": { + "type": "string", + "description": "Specifies the action that is to be applied to the findings that match the filter." + }, + "description": { + "type": "string", + "description": "The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace." + }, + "detectorId": { + "type": "string", + "description": "The ID of the detector belonging to the GuardDuty account that you want to create a filter for.", + "replaceOnChanges": true + }, + "findingCriteria": { + "$ref": "#/types/aws-native:guardduty:FilterFindingCriteria", + "description": "Represents the criteria to be used in the filter for querying findings." + }, + "name": { + "type": "string", + "description": "The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.", + "replaceOnChanges": true + }, + "rank": { + "type": "integer", + "description": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100.\n\nBy default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `\"DependsOn\":[ \"ObjectName\" ]` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be added to a new filter resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "detectorId", + "findingCriteria" + ], + "createOnly": [ + "detectorId", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:guardduty:IpSet": { + "cf": "AWS::GuardDuty::IPSet", + "inputs": { + "activate": { + "type": "boolean", + "description": "Indicates whether or not GuardDuty uses the `IPSet` ." + }, + "detectorId": { + "type": "string", + "description": "The unique ID of the detector of the GuardDuty account that you want to create an IPSet for." + }, + "format": { + "type": "string", + "description": "The format of the file that contains the IPSet." + }, + "location": { + "type": "string", + "description": "The URI of the file that contains the IPSet." + }, + "name": { + "type": "string", + "description": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "activate": { + "type": "boolean", + "description": "Indicates whether or not GuardDuty uses the `IPSet` ." + }, + "awsId": { + "type": "string" + }, + "detectorId": { + "type": "string", + "description": "The unique ID of the detector of the GuardDuty account that you want to create an IPSet for.", + "replaceOnChanges": true + }, + "format": { + "type": "string", + "description": "The format of the file that contains the IPSet.", + "replaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The URI of the file that contains the IPSet." + }, + "name": { + "type": "string", + "description": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 300 + }, + "required": [ + "format", + "location" + ], + "createOnly": [ + "detectorId", + "format" + ], + "writeOnly": [ + "activate" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:guardduty:MalwareProtectionPlan": { + "cf": "AWS::GuardDuty::MalwareProtectionPlan", + "inputs": { + "actions": { + "$ref": "#/types/aws-native:guardduty:MalwareProtectionPlanCfnActions", + "description": "Specifies the action that is to be applied to the Malware Protection plan resource." + }, + "protectedResource": { + "$ref": "#/types/aws-native:guardduty:MalwareProtectionPlanCfnProtectedResource", + "description": "Information about the protected resource. Presently, S3Bucket is the only supported protected resource." + }, + "role": { + "type": "string", + "description": "IAM role that includes the permissions required to scan and (optionally) add tags to the associated protected resource." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be added to the created Malware Protection plan resource. Each tag consists of a key and an optional value, both of which you need to specify." + } + }, + "outputs": { + "actions": { + "$ref": "#/types/aws-native:guardduty:MalwareProtectionPlanCfnActions", + "description": "Specifies the action that is to be applied to the Malware Protection plan resource." + }, + "arn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the protected resource." + }, + "createdAt": { + "type": "string", + "description": "The timestamp when the Malware Protection plan resource was created." + }, + "malwareProtectionPlanId": { + "type": "string", + "description": "A unique identifier associated with Malware Protection plan resource." + }, + "protectedResource": { + "$ref": "#/types/aws-native:guardduty:MalwareProtectionPlanCfnProtectedResource", + "description": "Information about the protected resource. Presently, S3Bucket is the only supported protected resource." + }, + "role": { + "type": "string", + "description": "IAM role that includes the permissions required to scan and (optionally) add tags to the associated protected resource." + }, + "status": { + "type": "string", + "description": "Status of the Malware Protection plan resource." + }, + "statusReasons": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:guardduty:MalwareProtectionPlanCfnStatusReasons" + }, + "description": "Status details associated with the Malware Protection plan resource status." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be added to the created Malware Protection plan resource. Each tag consists of a key and an optional value, both of which you need to specify." + } + }, + "required": [ + "protectedResource", + "role" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:guardduty:Master": { + "cf": "AWS::GuardDuty::Master", + "inputs": { + "detectorId": { + "type": "string", + "description": "Unique ID of the detector of the GuardDuty member account." + }, + "invitationId": { + "type": "string", + "description": "Value used to validate the master account to the member account." + }, + "masterId": { + "type": "string", + "description": "ID of the account used as the master account." + } + }, + "outputs": { + "detectorId": { + "type": "string", + "description": "Unique ID of the detector of the GuardDuty member account.", + "replaceOnChanges": true + }, + "invitationId": { + "type": "string", + "description": "Value used to validate the master account to the member account.", + "replaceOnChanges": true + }, + "masterId": { + "type": "string", + "description": "ID of the account used as the master account.", + "replaceOnChanges": true + } + }, + "required": [ + "detectorId", + "masterId" + ], + "createOnly": [ + "detectorId", + "invitationId", + "masterId" + ] + }, + "aws-native:guardduty:Member": { + "cf": "AWS::GuardDuty::Member", + "inputs": { + "detectorId": { + "type": "string", + "description": "The ID of the detector associated with the GuardDuty service to add the member to." + }, + "disableEmailNotification": { + "type": "boolean", + "description": "Specifies whether or not to disable email notification for the member account that you invite." + }, + "email": { + "type": "string", + "description": "The email address associated with the member account." + }, + "memberId": { + "type": "string", + "description": "The AWS account ID of the account to designate as a member." + }, + "message": { + "type": "string", + "description": "The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members." + }, + "status": { + "type": "string", + "description": "You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited." + } + }, + "outputs": { + "detectorId": { + "type": "string", + "description": "The ID of the detector associated with the GuardDuty service to add the member to.", + "replaceOnChanges": true + }, + "disableEmailNotification": { + "type": "boolean", + "description": "Specifies whether or not to disable email notification for the member account that you invite." + }, + "email": { + "type": "string", + "description": "The email address associated with the member account." + }, + "memberId": { + "type": "string", + "description": "The AWS account ID of the account to designate as a member.", + "replaceOnChanges": true + }, + "message": { + "type": "string", + "description": "The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members." + }, + "status": { + "type": "string", + "description": "You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited." + } + }, + "required": [ + "email" + ], + "createOnly": [ + "detectorId", + "memberId" + ], + "writeOnly": [ + "disableEmailNotification", + "message" + ] + }, + "aws-native:guardduty:ThreatIntelSet": { + "cf": "AWS::GuardDuty::ThreatIntelSet", + "inputs": { + "activate": { + "type": "boolean", + "description": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet." + }, + "detectorId": { + "type": "string", + "description": "The unique ID of the detector of the GuardDuty account that you want to create a threatIntelSet for." + }, + "format": { + "type": "string", + "description": "The format of the file that contains the ThreatIntelSet." + }, + "location": { + "type": "string", + "description": "The URI of the file that contains the ThreatIntelSet." + }, + "name": { + "type": "string", + "description": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "activate": { + "type": "boolean", + "description": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet." + }, + "awsId": { + "type": "string", + "description": "The unique ID of the `threatIntelSet` ." + }, + "detectorId": { + "type": "string", + "description": "The unique ID of the detector of the GuardDuty account that you want to create a threatIntelSet for.", + "replaceOnChanges": true + }, + "format": { + "type": "string", + "description": "The format of the file that contains the ThreatIntelSet.", + "replaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The URI of the file that contains the ThreatIntelSet." + }, + "name": { + "type": "string", + "description": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "format", + "location" + ], + "createOnly": [ + "detectorId", + "format" + ], + "writeOnly": [ + "activate" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:healthimaging:Datastore": { + "cf": "AWS::HealthImaging::Datastore", + "inputs": { + "datastoreName": { + "type": "string", + "description": "The data store name." + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) assigned to the Key Management Service (KMS) key for accessing encrypted data." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags provided when creating a data store." + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "The timestamp when the data store was created." + }, + "datastoreArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the data store." + }, + "datastoreId": { + "type": "string", + "description": "The data store identifier." + }, + "datastoreName": { + "type": "string", + "description": "The data store name.", + "replaceOnChanges": true + }, + "datastoreStatus": { + "$ref": "#/types/aws-native:healthimaging:DatastoreStatus", + "description": "The data store status." + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) assigned to the Key Management Service (KMS) key for accessing encrypted data.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags provided when creating a data store.", + "replaceOnChanges": true + }, + "updatedAt": { + "type": "string", + "description": "The timestamp when the data store was last updated." + } + }, + "autoNamingSpec": { + "sdkName": "datastoreName" + }, + "createOnly": [ + "datastoreName", + "kmsKeyArn", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:healthlake:FhirDatastore": { + "cf": "AWS::HealthLake::FHIRDatastore", + "inputs": { + "datastoreName": { + "type": "string", + "description": "The user generated name for the data store." + }, + "datastoreTypeVersion": { + "$ref": "#/types/aws-native:healthlake:FhirDatastoreDatastoreTypeVersion", + "description": "The FHIR version of the data store. The only supported version is R4." + }, + "identityProviderConfiguration": { + "$ref": "#/types/aws-native:healthlake:FhirDatastoreIdentityProviderConfiguration", + "description": "The identity provider configuration that you gave when the data store was created." + }, + "preloadDataConfig": { + "$ref": "#/types/aws-native:healthlake:FhirDatastorePreloadDataConfig", + "description": "The preloaded data configuration for the data store. Only data preloaded from Synthea is supported." + }, + "sseConfiguration": { + "$ref": "#/types/aws-native:healthlake:FhirDatastoreSseConfiguration", + "description": "The server-side encryption key configuration for a customer provided encryption key specified for creating a data store." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "createdAt": { + "$ref": "#/types/aws-native:healthlake:FhirDatastoreCreatedAt" + }, + "datastoreArn": { + "type": "string", + "description": "The Data Store ARN is generated during the creation of the Data Store and can be found in the output from the initial Data Store creation request." + }, + "datastoreEndpoint": { + "type": "string", + "description": "The endpoint for the created Data Store." + }, + "datastoreId": { + "type": "string", + "description": "The Amazon generated Data Store id. This id is in the output from the initial Data Store creation call." + }, + "datastoreName": { + "type": "string", + "description": "The user generated name for the data store.", + "replaceOnChanges": true + }, + "datastoreStatus": { + "$ref": "#/types/aws-native:healthlake:FhirDatastoreDatastoreStatus", + "description": "The status of the FHIR Data Store. Possible statuses are ‘CREATING’, ‘ACTIVE’, ‘DELETING’, ‘DELETED’." + }, + "datastoreTypeVersion": { + "$ref": "#/types/aws-native:healthlake:FhirDatastoreDatastoreTypeVersion", + "description": "The FHIR version of the data store. The only supported version is R4.", + "replaceOnChanges": true + }, + "identityProviderConfiguration": { + "$ref": "#/types/aws-native:healthlake:FhirDatastoreIdentityProviderConfiguration", + "description": "The identity provider configuration that you gave when the data store was created.", + "replaceOnChanges": true + }, + "preloadDataConfig": { + "$ref": "#/types/aws-native:healthlake:FhirDatastorePreloadDataConfig", + "description": "The preloaded data configuration for the data store. Only data preloaded from Synthea is supported.", + "replaceOnChanges": true + }, + "sseConfiguration": { + "$ref": "#/types/aws-native:healthlake:FhirDatastoreSseConfiguration", + "description": "The server-side encryption key configuration for a customer provided encryption key specified for creating a data store.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "datastoreName" + }, + "required": [ + "datastoreTypeVersion" + ], + "createOnly": [ + "datastoreName", + "datastoreTypeVersion", + "identityProviderConfiguration", + "preloadDataConfig", + "sseConfiguration" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iam:Group": { + "cf": "AWS::IAM::Group", + "inputs": { + "groupName": { + "type": "string", + "description": "The name of the group to create. Do not include the path in this value.\n The group name must be unique within the account. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\". If you don't specify a name, CFN generates a unique physical ID and uses that ID for the group name.\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.\n If you specify a name, you must specify the ``CAPABILITY_NAMED_IAM`` value to acknowledge your template's capabilities. For more information, see [Acknowledging Resources in Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities).\n Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using ``Fn::Join`` and ``AWS::Region`` to create a Region-specific name, as in the following example: ``{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}``." + }, + "managedPolicyArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.\n For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference*." + }, + "path": { + "type": "string", + "description": "The path to the group. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*.\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\\u0021``) through the DEL character (``\\u007F``), including most punctuation characters, digits, and upper and lowercased letters." + }, + "policies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iam:GroupPolicy" + }, + "description": "Adds or updates an inline policy document that is embedded in the specified IAM group. To view AWS::IAM::Group snippets, see [Declaring an Group Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-group).\n The name of each inline policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n For information about limits on the number of inline policies that you can embed in a group, see [Limitations on Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *User Guide*." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) for the specified `AWS::IAM::Group` resource. For example: `arn:aws:iam::123456789012:group/mystack-mygroup-1DZETITOWEKVO` ." + }, + "groupName": { + "type": "string", + "description": "The name of the group to create. Do not include the path in this value.\n The group name must be unique within the account. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\". If you don't specify a name, CFN generates a unique physical ID and uses that ID for the group name.\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.\n If you specify a name, you must specify the ``CAPABILITY_NAMED_IAM`` value to acknowledge your template's capabilities. For more information, see [Acknowledging Resources in Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities).\n Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using ``Fn::Join`` and ``AWS::Region`` to create a Region-specific name, as in the following example: ``{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}``.", + "replaceOnChanges": true + }, + "managedPolicyArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.\n For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference*." + }, + "path": { + "type": "string", + "description": "The path to the group. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*.\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\\u0021``) through the DEL character (``\\u007F``), including most punctuation characters, digits, and upper and lowercased letters." + }, + "policies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iam:GroupPolicy" + }, + "description": "Adds or updates an inline policy document that is embedded in the specified IAM group. To view AWS::IAM::Group snippets, see [Declaring an Group Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-group).\n The name of each inline policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n For information about limits on the number of inline policies that you can embed in a group, see [Limitations on Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *User Guide*." + } + }, + "autoNamingSpec": { + "sdkName": "groupName" + }, + "createOnly": [ + "groupName" + ] + }, + "aws-native:iam:GroupPolicy": { + "cf": "AWS::IAM::GroupPolicy", + "inputs": { + "groupName": { + "type": "string", + "description": "The name of the group to associate the policy with.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-." + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The policy document.\n You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM.\n The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n + Any printable ASCII character ranging from the space character (``\\u0020``) through the end of the ASCII character range\n + The printable characters in the Basic Latin and Latin-1 Supplement character set (through ``\\u00FF``)\n + The special characters tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``)\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IAM::GroupPolicy` for more information about the expected schema for this property." + }, + "policyName": { + "type": "string", + "description": "The name of the policy document.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + } + }, + "outputs": { + "groupName": { + "type": "string", + "description": "The name of the group to associate the policy with.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", + "replaceOnChanges": true + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The policy document.\n You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM.\n The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n + Any printable ASCII character ranging from the space character (``\\u0020``) through the end of the ASCII character range\n + The printable characters in the Basic Latin and Latin-1 Supplement character set (through ``\\u00FF``)\n + The special characters tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``)\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IAM::GroupPolicy` for more information about the expected schema for this property." + }, + "policyName": { + "type": "string", + "description": "The name of the policy document.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "policyName" + }, + "required": [ + "groupName" + ], + "createOnly": [ + "groupName", + "policyName" + ] + }, + "aws-native:iam:InstanceProfile": { + "cf": "AWS::IAM::InstanceProfile", + "inputs": { + "instanceProfileName": { + "type": "string", + "description": "The name of the instance profile to create.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + }, + "path": { + "type": "string", + "description": "The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*.\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\\u0021``) through the DEL character (``\\u007F``), including most punctuation characters, digits, and upper and lowercased letters." + }, + "roles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) for the instance profile. For example:\n\n`{\"Fn::GetAtt\" : [\"MyProfile\", \"Arn\"] }`\n\nThis returns a value such as `arn:aws:iam::1234567890:instance-profile/MyProfile-ASDNSDLKJ` ." + }, + "instanceProfileName": { + "type": "string", + "description": "The name of the instance profile to create.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "replaceOnChanges": true + }, + "path": { + "type": "string", + "description": "The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*.\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\\u0021``) through the DEL character (``\\u007F``), including most punctuation characters, digits, and upper and lowercased letters.", + "replaceOnChanges": true + }, + "roles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions." + } + }, + "autoNamingSpec": { + "sdkName": "instanceProfileName" + }, + "required": [ + "roles" + ], + "createOnly": [ + "instanceProfileName", + "path" + ] + }, + "aws-native:iam:ManagedPolicy": { + "cf": "AWS::IAM::ManagedPolicy", + "inputs": { + "description": { + "type": "string", + "description": "A friendly description of the policy.\n Typically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\"\n The policy description is immutable. After a value is assigned, it cannot be changed." + }, + "groups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name (friendly name, not ARN) of the group to attach the policy to.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + }, + "managedPolicyName": { + "type": "string", + "description": "The friendly name of the policy.\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.\n If you specify a name, you must specify the ``CAPABILITY_NAMED_IAM`` value to acknowledge your template's capabilities. For more information, see [Acknowledging Resources in Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities).\n Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using ``Fn::Join`` and ``AWS::Region`` to create a Region-specific name, as in the following example: ``{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}``." + }, + "path": { + "type": "string", + "description": "The path for the policy.\n For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*.\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\\u0021``) through the DEL character (``\\u007F``), including most punctuation characters, digits, and upper and lowercased letters.\n You cannot use an asterisk (*) in the path name." + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The JSON policy document that you want to use as the content for the new policy.\n You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM.\n The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).\n To learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide*. \n The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n + Any printable ASCII character ranging from the space character (``\\u0020``) through the end of the ASCII character range\n + The printable characters in the Basic Latin and Latin-1 Supplement character set (through ``\\u00FF``)\n + The special characters tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``)\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IAM::ManagedPolicy` for more information about the expected schema for this property." + }, + "roles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name (friendly name, not ARN) of the role to attach the policy to.\n This parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n If an external policy (such as ``AWS::IAM::Policy`` or ``AWS::IAM::ManagedPolicy``) has a ``Ref`` to a role and if a resource (such as ``AWS::ECS::Service``) also has a ``Ref`` to the same role, add a ``DependsOn`` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an ``AWS::ECS::Service`` resource, the ``DependsOn`` attribute ensures that CFN deletes the ``AWS::ECS::Service`` resource before deleting its role's policy." + }, + "users": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name (friendly name, not ARN) of the IAM user to attach the policy to.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + } + }, + "outputs": { + "attachmentCount": { + "type": "integer" + }, + "createDate": { + "type": "string" + }, + "defaultVersionId": { + "type": "string" + }, + "description": { + "type": "string", + "description": "A friendly description of the policy.\n Typically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\"\n The policy description is immutable. After a value is assigned, it cannot be changed.", + "replaceOnChanges": true + }, + "groups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name (friendly name, not ARN) of the group to attach the policy to.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + }, + "isAttachable": { + "type": "boolean" + }, + "managedPolicyName": { + "type": "string", + "description": "The friendly name of the policy.\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.\n If you specify a name, you must specify the ``CAPABILITY_NAMED_IAM`` value to acknowledge your template's capabilities. For more information, see [Acknowledging Resources in Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities).\n Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using ``Fn::Join`` and ``AWS::Region`` to create a Region-specific name, as in the following example: ``{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}``.", + "replaceOnChanges": true + }, + "path": { + "type": "string", + "description": "The path for the policy.\n For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*.\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\\u0021``) through the DEL character (``\\u007F``), including most punctuation characters, digits, and upper and lowercased letters.\n You cannot use an asterisk (*) in the path name.", + "replaceOnChanges": true + }, + "permissionsBoundaryUsageCount": { + "type": "integer" + }, + "policyArn": { + "type": "string" + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The JSON policy document that you want to use as the content for the new policy.\n You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM.\n The maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).\n To learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide*. \n The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n + Any printable ASCII character ranging from the space character (``\\u0020``) through the end of the ASCII character range\n + The printable characters in the Basic Latin and Latin-1 Supplement character set (through ``\\u00FF``)\n + The special characters tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``)\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IAM::ManagedPolicy` for more information about the expected schema for this property." + }, + "policyId": { + "type": "string" + }, + "roles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name (friendly name, not ARN) of the role to attach the policy to.\n This parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n If an external policy (such as ``AWS::IAM::Policy`` or ``AWS::IAM::ManagedPolicy``) has a ``Ref`` to a role and if a resource (such as ``AWS::ECS::Service``) also has a ``Ref`` to the same role, add a ``DependsOn`` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an ``AWS::ECS::Service`` resource, the ``DependsOn`` attribute ensures that CFN deletes the ``AWS::ECS::Service`` resource before deleting its role's policy." + }, + "updateDate": { + "type": "string" + }, + "users": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name (friendly name, not ARN) of the IAM user to attach the policy to.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + } + }, + "autoNamingSpec": { + "sdkName": "managedPolicyName" + }, + "required": [ + "policyDocument" + ], + "createOnly": [ + "description", + "managedPolicyName", + "path" + ] + }, + "aws-native:iam:OidcProvider": { + "cf": "AWS::IAM::OIDCProvider", + "inputs": { + "clientIdList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of client IDs (also known as audiences) that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that are attached to the specified IAM OIDC provider. The returned list of tags is sorted by tag key. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* ." + }, + "thumbprintList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of certificate thumbprints that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .\n\nThis property is optional. If it is not included, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OpenID Connect identity provider server certificate." + }, + "url": { + "type": "string", + "description": "The URL that the IAM OIDC provider resource object is associated with. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the OIDC provider" + }, + "clientIdList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of client IDs (also known as audiences) that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that are attached to the specified IAM OIDC provider. The returned list of tags is sorted by tag key. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* ." + }, + "thumbprintList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of certificate thumbprints that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .\n\nThis property is optional. If it is not included, IAM will retrieve and use the top intermediate certificate authority (CA) thumbprint of the OpenID Connect identity provider server certificate." + }, + "url": { + "type": "string", + "description": "The URL that the IAM OIDC provider resource object is associated with. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", + "replaceOnChanges": true + } + }, + "createOnly": [ + "url" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iam:Role": { + "cf": "AWS::IAM::Role", + "inputs": { + "assumeRolePolicyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples). For more information about the elements that you can use in an IAM policy, see [Policy Elements Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *User Guide*.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IAM::Role` for more information about the expected schema for this property." + }, + "description": { + "type": "string", + "description": "A description of the role that you provide." + }, + "managedPolicyArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.\n For more information about ARNs, see [Amazon Resource Names (ARNs) and Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference*." + }, + "maxSessionDuration": { + "type": "integer", + "description": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n Anyone who assumes the role from the CLI or API can use the ``DurationSeconds`` API parameter or the ``duration-seconds`` CLI parameter to request a longer session. The ``MaxSessionDuration`` setting determines the maximum duration that can be requested using the ``DurationSeconds`` parameter. If users don't specify a value for the ``DurationSeconds`` parameter, their security credentials are valid for one hour by default. This applies when you use the ``AssumeRole*`` API operations or the ``assume-role*`` CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide*." + }, + "path": { + "type": "string", + "description": "The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*.\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\\u0021``) through the DEL character (``\\u007F``), including most punctuation characters, digits, and upper and lowercased letters." + }, + "permissionsBoundary": { + "type": "string", + "description": "The ARN of the policy used to set the permissions boundary for the role.\n For more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide*." + }, + "policies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iam:RolePolicy" + }, + "description": "Adds or updates an inline policy document that is embedded in the specified IAM role.\n\nWhen you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) .\n\nA role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *IAM User Guide* .\n\nFor information about limits on the number of inline policies that you can embed with a role, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .\n\n\u003e If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy." + }, + "roleName": { + "type": "string", + "description": "A name for the IAM role, up to 64 characters in length. For valid values, see the `RoleName` parameter for the [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *IAM User Guide* .\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both \"Role1\" and \"role1\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the role name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n\u003e Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide*." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) for the role. For example:\n\n`{\"Fn::GetAtt\" : [\"MyRole\", \"Arn\"] }`\n\nThis will return a value such as `arn:aws:iam::1234567890:role/MyRole-AJJHDSKSDF` ." + }, + "assumeRolePolicyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples). For more information about the elements that you can use in an IAM policy, see [Policy Elements Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *User Guide*.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IAM::Role` for more information about the expected schema for this property." + }, + "description": { + "type": "string", + "description": "A description of the role that you provide." + }, + "managedPolicyArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.\n For more information about ARNs, see [Amazon Resource Names (ARNs) and Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference*." + }, + "maxSessionDuration": { + "type": "integer", + "description": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n Anyone who assumes the role from the CLI or API can use the ``DurationSeconds`` API parameter or the ``duration-seconds`` CLI parameter to request a longer session. The ``MaxSessionDuration`` setting determines the maximum duration that can be requested using the ``DurationSeconds`` parameter. If users don't specify a value for the ``DurationSeconds`` parameter, their security credentials are valid for one hour by default. This applies when you use the ``AssumeRole*`` API operations or the ``assume-role*`` CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide*." + }, + "path": { + "type": "string", + "description": "The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*.\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\\u0021``) through the DEL character (``\\u007F``), including most punctuation characters, digits, and upper and lowercased letters.", + "replaceOnChanges": true + }, + "permissionsBoundary": { + "type": "string", + "description": "The ARN of the policy used to set the permissions boundary for the role.\n For more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide*." + }, + "policies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iam:RolePolicy" + }, + "description": "Adds or updates an inline policy document that is embedded in the specified IAM role.\n\nWhen you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) .\n\nA role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *IAM User Guide* .\n\nFor information about limits on the number of inline policies that you can embed with a role, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .\n\n\u003e If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy." + }, + "roleId": { + "type": "string", + "description": "Returns the stable and unique string identifying the role. For example, `AIDAJQABLZS4A3QDU576Q` .\n\nFor more information about IDs, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* ." + }, + "roleName": { + "type": "string", + "description": "A name for the IAM role, up to 64 characters in length. For valid values, see the `RoleName` parameter for the [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *IAM User Guide* .\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both \"Role1\" and \"role1\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the role name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n\u003e Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide*." + } + }, + "autoNamingSpec": { + "sdkName": "roleName" + }, + "required": [ + "assumeRolePolicyDocument" + ], + "createOnly": [ + "path", + "roleName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iam:RolePolicy": { + "cf": "AWS::IAM::RolePolicy", + "inputs": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The policy document.\n You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM.\n The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n + Any printable ASCII character ranging from the space character (``\\u0020``) through the end of the ASCII character range\n + The printable characters in the Basic Latin and Latin-1 Supplement character set (through ``\\u00FF``)\n + The special characters tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``)\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IAM::RolePolicy` for more information about the expected schema for this property." + }, + "policyName": { + "type": "string", + "description": "The name of the policy document.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + }, + "roleName": { + "type": "string", + "description": "The name of the role to associate the policy with.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + } + }, + "outputs": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The policy document.\n You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM.\n The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n + Any printable ASCII character ranging from the space character (``\\u0020``) through the end of the ASCII character range\n + The printable characters in the Basic Latin and Latin-1 Supplement character set (through ``\\u00FF``)\n + The special characters tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``)\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IAM::RolePolicy` for more information about the expected schema for this property." + }, + "policyName": { + "type": "string", + "description": "The name of the policy document.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "replaceOnChanges": true + }, + "roleName": { + "type": "string", + "description": "The name of the role to associate the policy with.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "policyName" + }, + "required": [ + "roleName" + ], + "createOnly": [ + "policyName", + "roleName" + ] + }, + "aws-native:iam:SamlProvider": { + "cf": "AWS::IAM::SAMLProvider", + "inputs": { + "name": { + "type": "string", + "description": "The name of the provider to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + }, + "samlMetadataDocument": { + "type": "string", + "description": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.\n\nFor more information, see [About SAML 2.0-based federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the *IAM User Guide*" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n\u003e If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the SAML provider" + }, + "name": { + "type": "string", + "description": "The name of the provider to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "replaceOnChanges": true + }, + "samlMetadataDocument": { + "type": "string", + "description": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.\n\nFor more information, see [About SAML 2.0-based federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the *IAM User Guide*" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n\u003e If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "samlMetadataDocument" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iam:ServerCertificate": { + "cf": "AWS::IAM::ServerCertificate", + "inputs": { + "certificateBody": { + "type": "string", + "description": "The contents of the public key certificate." + }, + "certificateChain": { + "type": "string", + "description": "The contents of the public key certificate chain." + }, + "path": { + "type": "string", + "description": "The path for the server certificate. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n\u003e If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the `path` parameter. The path must begin with `/cloudfront` and must include a trailing slash (for example, `/cloudfront/test/` )." + }, + "privateKey": { + "type": "string", + "description": "The contents of the private key in PEM-encoded format.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )" + }, + "serverCertificateName": { + "type": "string", + "description": "The name for the server certificate. Do not include the path in this value. The name of the certificate cannot contain any spaces.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that are attached to the server certificate. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the server certificate" + }, + "certificateBody": { + "type": "string", + "description": "The contents of the public key certificate.", + "replaceOnChanges": true + }, + "certificateChain": { + "type": "string", + "description": "The contents of the public key certificate chain.", + "replaceOnChanges": true + }, + "path": { + "type": "string", + "description": "The path for the server certificate. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n\u003e If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the `path` parameter. The path must begin with `/cloudfront` and must include a trailing slash (for example, `/cloudfront/test/` )." + }, + "privateKey": { + "type": "string", + "description": "The contents of the private key in PEM-encoded format.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", + "replaceOnChanges": true + }, + "serverCertificateName": { + "type": "string", + "description": "The name for the server certificate. Do not include the path in this value. The name of the certificate cannot contain any spaces.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that are attached to the server certificate. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* ." + } + }, + "autoNamingSpec": { + "sdkName": "serverCertificateName", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "certificateBody", + "certificateChain", + "privateKey", + "serverCertificateName" + ], + "writeOnly": [ + "certificateBody", + "certificateChain", + "privateKey" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iam:ServiceLinkedRole": { + "cf": "AWS::IAM::ServiceLinkedRole", + "inputs": { + "awsServiceName": { + "type": "string", + "description": "The service principal for the AWS service to which this role is attached." + }, + "customSuffix": { + "type": "string", + "description": "A string that you provide, which is combined with the service-provided prefix to form the complete role name." + }, + "description": { + "type": "string", + "description": "The description of the role." + } + }, + "outputs": { + "awsServiceName": { + "type": "string", + "description": "The service principal for the AWS service to which this role is attached.", + "replaceOnChanges": true + }, + "customSuffix": { + "type": "string", + "description": "A string that you provide, which is combined with the service-provided prefix to form the complete role name.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the role." + }, + "roleName": { + "type": "string", + "description": "The name of the role." + } + }, + "createOnly": [ + "awsServiceName", + "customSuffix" + ], + "writeOnly": [ + "awsServiceName", + "customSuffix" + ], + "irreversibleNames": { + "awsServiceName": "AWSServiceName" + } + }, + "aws-native:iam:User": { + "cf": "AWS::IAM::User", + "inputs": { + "groups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of group names to which you want to add the user." + }, + "loginProfile": { + "$ref": "#/types/aws-native:iam:UserLoginProfile", + "description": "Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the console.\n You can use the CLI, the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the console.\n For more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *User Guide*." + }, + "managedPolicyArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user.\n For more information about ARNs, see [Amazon Resource Names (ARNs) and Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference*." + }, + "path": { + "type": "string", + "description": "The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*.\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\\u0021``) through the DEL character (``\\u007F``), including most punctuation characters, digits, and upper and lowercased letters." + }, + "permissionsBoundary": { + "type": "string", + "description": "The ARN of the managed policy that is used to set the permissions boundary for the user.\n A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide*.\n For more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide*." + }, + "policies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iam:UserPolicy" + }, + "description": "Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user).\n The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n For information about limits on the number of inline policies that you can embed in a user, see [Limitations on Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *User Guide*." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide*.\n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created." + }, + "userName": { + "type": "string", + "description": "The name of the user to create. Do not include the path in this value.\n This parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both \"John\" and \"john\".\n If you don't specify a name, CFN generates a unique physical ID and uses that ID for the user name.\n If you specify a name, you must specify the ``CAPABILITY_NAMED_IAM`` value to acknowledge your template's capabilities. For more information, see [Acknowledging Resources in Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities).\n Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using ``Fn::Join`` and ``AWS::Region`` to create a Region-specific name, as in the following example: ``{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}``." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) for the specified `AWS::IAM::User` resource. For example: `arn:aws:iam::123456789012:user/mystack-myuser-1CCXAFG2H2U4D` ." + }, + "groups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of group names to which you want to add the user." + }, + "loginProfile": { + "$ref": "#/types/aws-native:iam:UserLoginProfile", + "description": "Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the console.\n You can use the CLI, the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the console.\n For more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *User Guide*." + }, + "managedPolicyArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user.\n For more information about ARNs, see [Amazon Resource Names (ARNs) and Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *General Reference*." + }, + "path": { + "type": "string", + "description": "The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide*.\n This parameter is optional. If it is not included, it defaults to a slash (/).\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! (``\\u0021``) through the DEL character (``\\u007F``), including most punctuation characters, digits, and upper and lowercased letters." + }, + "permissionsBoundary": { + "type": "string", + "description": "The ARN of the managed policy that is used to set the permissions boundary for the user.\n A permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide*.\n For more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide*." + }, + "policies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iam:UserPolicy" + }, + "description": "Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user).\n The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n For information about limits on the number of inline policies that you can embed in a user, see [Limitations on Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *User Guide*." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide*.\n If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created." + }, + "userName": { + "type": "string", + "description": "The name of the user to create. Do not include the path in this value.\n This parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both \"John\" and \"john\".\n If you don't specify a name, CFN generates a unique physical ID and uses that ID for the user name.\n If you specify a name, you must specify the ``CAPABILITY_NAMED_IAM`` value to acknowledge your template's capabilities. For more information, see [Acknowledging Resources in Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities).\n Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using ``Fn::Join`` and ``AWS::Region`` to create a Region-specific name, as in the following example: ``{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}``.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "userName" + }, + "createOnly": [ + "userName" + ], + "writeOnly": [ + "loginProfile/Password" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iam:UserPolicy": { + "cf": "AWS::IAM::UserPolicy", + "inputs": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The policy document.\n You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM.\n The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n + Any printable ASCII character ranging from the space character (``\\u0020``) through the end of the ASCII character range\n + The printable characters in the Basic Latin and Latin-1 Supplement character set (through ``\\u00FF``)\n + The special characters tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``)\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IAM::UserPolicy` for more information about the expected schema for this property." + }, + "policyName": { + "type": "string", + "description": "The name of the policy document.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + }, + "userName": { + "type": "string", + "description": "The name of the user to associate the policy with.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + } + }, + "outputs": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The policy document.\n You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM.\n The [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n + Any printable ASCII character ranging from the space character (``\\u0020``) through the end of the ASCII character range\n + The printable characters in the Basic Latin and Latin-1 Supplement character set (through ``\\u00FF``)\n + The special characters tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``)\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IAM::UserPolicy` for more information about the expected schema for this property." + }, + "policyName": { + "type": "string", + "description": "The name of the policy document.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "replaceOnChanges": true + }, + "userName": { + "type": "string", + "description": "The name of the user to associate the policy with.\n This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex)) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "policyName" + }, + "required": [ + "userName" + ], + "createOnly": [ + "policyName", + "userName" + ] + }, + "aws-native:iam:VirtualMfaDevice": { + "cf": "AWS::IAM::VirtualMFADevice", + "inputs": { + "path": { + "type": "string", + "description": "The path for the virtual MFA device. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the new IAM virtual MFA device. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n\u003e If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created." + }, + "users": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IAM user associated with this virtual MFA device." + }, + "virtualMfaDeviceName": { + "type": "string", + "description": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-" + } + }, + "outputs": { + "path": { + "type": "string", + "description": "The path for the virtual MFA device. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", + "replaceOnChanges": true + }, + "serialNumber": { + "type": "string", + "description": "Returns the serial number for the specified `AWS::IAM::VirtualMFADevice` resource." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the new IAM virtual MFA device. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n\u003e If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created." + }, + "users": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IAM user associated with this virtual MFA device." + }, + "virtualMfaDeviceName": { + "type": "string", + "description": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "virtualMfaDeviceName", + "minLength": 1, + "maxLength": 226 + }, + "required": [ + "users" + ], + "createOnly": [ + "base32StringSeed", + "path", + "virtualMfaDeviceName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:identitystore:Group": { + "cf": "AWS::IdentityStore::Group", + "inputs": { + "description": { + "type": "string", + "description": "A string containing the description of the group." + }, + "displayName": { + "type": "string", + "description": "A string containing the name of the group. This value is commonly displayed when the group is referenced." + }, + "identityStoreId": { + "type": "string", + "description": "The globally unique identifier for the identity store." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "A string containing the description of the group." + }, + "displayName": { + "type": "string", + "description": "A string containing the name of the group. This value is commonly displayed when the group is referenced." + }, + "groupId": { + "type": "string", + "description": "The unique identifier for a group in the identity store." + }, + "identityStoreId": { + "type": "string", + "description": "The globally unique identifier for the identity store.", + "replaceOnChanges": true + } + }, + "required": [ + "displayName", + "identityStoreId" + ], + "createOnly": [ + "identityStoreId" + ] + }, + "aws-native:identitystore:GroupMembership": { + "cf": "AWS::IdentityStore::GroupMembership", + "inputs": { + "groupId": { + "type": "string", + "description": "The unique identifier for a group in the identity store." + }, + "identityStoreId": { + "type": "string", + "description": "The globally unique identifier for the identity store." + }, + "memberId": { + "$ref": "#/types/aws-native:identitystore:GroupMembershipMemberId", + "description": "An object containing the identifier of a group member." + } + }, + "outputs": { + "groupId": { + "type": "string", + "description": "The unique identifier for a group in the identity store.", + "replaceOnChanges": true + }, + "identityStoreId": { + "type": "string", + "description": "The globally unique identifier for the identity store.", + "replaceOnChanges": true + }, + "memberId": { + "$ref": "#/types/aws-native:identitystore:GroupMembershipMemberId", + "description": "An object containing the identifier of a group member.", + "replaceOnChanges": true + }, + "membershipId": { + "type": "string", + "description": "The identifier for a GroupMembership in the identity store." + } + }, + "required": [ + "groupId", + "identityStoreId", + "memberId" + ], + "createOnly": [ + "groupId", + "identityStoreId", + "memberId" + ] + }, + "aws-native:imagebuilder:Component": { + "cf": "AWS::ImageBuilder::Component", + "inputs": { + "changeDescription": { + "type": "string", + "description": "The change description of the component." + }, + "data": { + "type": "string", + "description": "The data of the component." + }, + "description": { + "type": "string", + "description": "The description of the component." + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key identifier used to encrypt the component." + }, + "name": { + "type": "string", + "description": "The name of the component." + }, + "platform": { + "$ref": "#/types/aws-native:imagebuilder:ComponentPlatform", + "description": "The platform of the component." + }, + "supportedOsVersions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The operating system (OS) version supported by the component." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the component." + }, + "uri": { + "type": "string", + "description": "The uri of the component." + }, + "version": { + "type": "string", + "description": "The version of the component." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the component." + }, + "changeDescription": { + "type": "string", + "description": "The change description of the component.", + "replaceOnChanges": true + }, + "data": { + "type": "string", + "description": "The data of the component.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the component.", + "replaceOnChanges": true + }, + "encrypted": { + "type": "boolean", + "description": "The encryption status of the component." + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key identifier used to encrypt the component.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the component.", + "replaceOnChanges": true + }, + "platform": { + "$ref": "#/types/aws-native:imagebuilder:ComponentPlatform", + "description": "The platform of the component.", + "replaceOnChanges": true + }, + "supportedOsVersions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The operating system (OS) version supported by the component.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the component.", + "replaceOnChanges": true + }, + "type": { + "$ref": "#/types/aws-native:imagebuilder:ComponentType", + "description": "The type of the component denotes whether the component is used to build the image or only to test it. " + }, + "uri": { + "type": "string", + "description": "The uri of the component.", + "replaceOnChanges": true + }, + "version": { + "type": "string", + "description": "The version of the component.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "platform", + "version" + ], + "createOnly": [ + "changeDescription", + "data", + "description", + "kmsKeyId", + "name", + "platform", + "supportedOsVersions", + "tags", + "uri", + "version" + ], + "writeOnly": [ + "data", + "platform", + "uri" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:imagebuilder:ContainerRecipe": { + "cf": "AWS::ImageBuilder::ContainerRecipe", + "inputs": { + "components": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeComponentConfiguration" + }, + "description": "Components for build and test that are included in the container recipe." + }, + "containerType": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeContainerType", + "description": "Specifies the type of container, such as Docker." + }, + "description": { + "type": "string", + "description": "The description of the container recipe." + }, + "dockerfileTemplateData": { + "type": "string", + "description": "Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe." + }, + "dockerfileTemplateUri": { + "type": "string", + "description": "The S3 URI for the Dockerfile that will be used to build your container image." + }, + "imageOsVersionOverride": { + "type": "string", + "description": "Specifies the operating system version for the source image." + }, + "instanceConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeInstanceConfiguration", + "description": "A group of options that can be used to configure an instance for building and testing container images." + }, + "kmsKeyId": { + "type": "string", + "description": "Identifies which KMS key is used to encrypt the container image." + }, + "name": { + "type": "string", + "description": "The name of the container recipe." + }, + "parentImage": { + "type": "string", + "description": "The source image for the container recipe." + }, + "platformOverride": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipePlatformOverride", + "description": "Specifies the operating system platform when you use a custom source image." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags that are attached to the container recipe." + }, + "targetRepository": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeTargetContainerRepository", + "description": "The destination repository for the container image." + }, + "version": { + "type": "string", + "description": "The semantic version of the container recipe (\u003cmajor\u003e.\u003cminor\u003e.\u003cpatch\u003e)." + }, + "workingDirectory": { + "type": "string", + "description": "The working directory to be used during build and test workflows." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the container recipe." + }, + "components": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeComponentConfiguration" + }, + "description": "Components for build and test that are included in the container recipe.", + "replaceOnChanges": true + }, + "containerType": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeContainerType", + "description": "Specifies the type of container, such as Docker.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the container recipe.", + "replaceOnChanges": true + }, + "dockerfileTemplateData": { + "type": "string", + "description": "Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe.", + "replaceOnChanges": true + }, + "dockerfileTemplateUri": { + "type": "string", + "description": "The S3 URI for the Dockerfile that will be used to build your container image.", + "replaceOnChanges": true + }, + "imageOsVersionOverride": { + "type": "string", + "description": "Specifies the operating system version for the source image.", + "replaceOnChanges": true + }, + "instanceConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeInstanceConfiguration", + "description": "A group of options that can be used to configure an instance for building and testing container images.", + "replaceOnChanges": true + }, + "kmsKeyId": { + "type": "string", + "description": "Identifies which KMS key is used to encrypt the container image.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the container recipe.", + "replaceOnChanges": true + }, + "parentImage": { + "type": "string", + "description": "The source image for the container recipe.", + "replaceOnChanges": true + }, + "platformOverride": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipePlatformOverride", + "description": "Specifies the operating system platform when you use a custom source image.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags that are attached to the container recipe.", + "replaceOnChanges": true + }, + "targetRepository": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeTargetContainerRepository", + "description": "The destination repository for the container image.", + "replaceOnChanges": true + }, + "version": { + "type": "string", + "description": "The semantic version of the container recipe (\u003cmajor\u003e.\u003cminor\u003e.\u003cpatch\u003e).", + "replaceOnChanges": true + }, + "workingDirectory": { + "type": "string", + "description": "The working directory to be used during build and test workflows.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "components", + "containerType", + "description", + "dockerfileTemplateData", + "dockerfileTemplateUri", + "imageOsVersionOverride", + "instanceConfiguration", + "kmsKeyId", + "name", + "parentImage", + "platformOverride", + "tags", + "targetRepository", + "version", + "workingDirectory" + ], + "writeOnly": [ + "dockerfileTemplateData", + "dockerfileTemplateUri", + "imageOsVersionOverride", + "platformOverride" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:imagebuilder:DistributionConfiguration": { + "cf": "AWS::ImageBuilder::DistributionConfiguration", + "inputs": { + "description": { + "type": "string", + "description": "The description of the distribution configuration." + }, + "distributions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:DistributionConfigurationDistribution" + }, + "description": "The distributions of the distribution configuration." + }, + "name": { + "type": "string", + "description": "The name of the distribution configuration." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the component." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the distribution configuration." + }, + "description": { + "type": "string", + "description": "The description of the distribution configuration." + }, + "distributions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:DistributionConfigurationDistribution" + }, + "description": "The distributions of the distribution configuration." + }, + "name": { + "type": "string", + "description": "The name of the distribution configuration.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the component." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "distributions" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:imagebuilder:Image": { + "cf": "AWS::ImageBuilder::Image", + "inputs": { + "containerRecipeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested." + }, + "distributionConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the distribution configuration." + }, + "enhancedImageMetadataEnabled": { + "type": "boolean", + "description": "Collects additional information about the image being created, including the operating system (OS) version and package list." + }, + "executionRole": { + "type": "string", + "description": "The execution role name/ARN for the image build, if provided" + }, + "imageRecipeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed." + }, + "imageScanningConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImageScanningConfiguration", + "description": "Contains settings for vulnerability scans." + }, + "imageTestsConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImageTestsConfiguration", + "description": "The image tests configuration used when creating this image." + }, + "infrastructureConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the infrastructure configuration." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the image." + }, + "workflows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ImageWorkflowConfiguration" + }, + "description": "Workflows to define the image build process" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the image." + }, + "containerRecipeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested.", + "replaceOnChanges": true + }, + "distributionConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the distribution configuration.", + "replaceOnChanges": true + }, + "enhancedImageMetadataEnabled": { + "type": "boolean", + "description": "Collects additional information about the image being created, including the operating system (OS) version and package list.", + "replaceOnChanges": true + }, + "executionRole": { + "type": "string", + "description": "The execution role name/ARN for the image build, if provided" + }, + "imageId": { + "type": "string", + "description": "The AMI ID of the EC2 AMI in current region." + }, + "imageRecipeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed.", + "replaceOnChanges": true + }, + "imageScanningConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImageScanningConfiguration", + "description": "Contains settings for vulnerability scans.", + "replaceOnChanges": true + }, + "imageTestsConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImageTestsConfiguration", + "description": "The image tests configuration used when creating this image.", + "replaceOnChanges": true + }, + "imageUri": { + "type": "string", + "description": "URI for containers created in current Region with default ECR image tag" + }, + "infrastructureConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the infrastructure configuration.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the image." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the image.", + "replaceOnChanges": true + }, + "workflows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ImageWorkflowConfiguration" + }, + "description": "Workflows to define the image build process", + "replaceOnChanges": true + } + }, + "createOnly": [ + "containerRecipeArn", + "distributionConfigurationArn", + "enhancedImageMetadataEnabled", + "imageRecipeArn", + "imageScanningConfiguration", + "imageTestsConfiguration", + "infrastructureConfigurationArn", + "tags", + "workflows" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:imagebuilder:ImagePipeline": { + "cf": "AWS::ImageBuilder::ImagePipeline", + "inputs": { + "containerRecipeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested." + }, + "description": { + "type": "string", + "description": "The description of the image pipeline." + }, + "distributionConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline." + }, + "enhancedImageMetadataEnabled": { + "type": "boolean", + "description": "Collects additional information about the image being created, including the operating system (OS) version and package list." + }, + "executionRole": { + "type": "string", + "description": "The execution role name/ARN for the image build, if provided" + }, + "imageRecipeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed." + }, + "imageScanningConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineImageScanningConfiguration", + "description": "Contains settings for vulnerability scans." + }, + "imageTestsConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineImageTestsConfiguration", + "description": "The image tests configuration of the image pipeline." + }, + "infrastructureConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline." + }, + "name": { + "type": "string", + "description": "The name of the image pipeline." + }, + "schedule": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineSchedule", + "description": "The schedule of the image pipeline." + }, + "status": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineStatus", + "description": "The status of the image pipeline." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags of this image pipeline." + }, + "workflows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineWorkflowConfiguration" + }, + "description": "Workflows to define the image build process" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the image pipeline." + }, + "containerRecipeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested." + }, + "description": { + "type": "string", + "description": "The description of the image pipeline." + }, + "distributionConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline." + }, + "enhancedImageMetadataEnabled": { + "type": "boolean", + "description": "Collects additional information about the image being created, including the operating system (OS) version and package list." + }, + "executionRole": { + "type": "string", + "description": "The execution role name/ARN for the image build, if provided" + }, + "imageRecipeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed." + }, + "imageScanningConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineImageScanningConfiguration", + "description": "Contains settings for vulnerability scans." + }, + "imageTestsConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineImageTestsConfiguration", + "description": "The image tests configuration of the image pipeline." + }, + "infrastructureConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline." + }, + "name": { + "type": "string", + "description": "The name of the image pipeline.", + "replaceOnChanges": true + }, + "schedule": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineSchedule", + "description": "The schedule of the image pipeline." + }, + "status": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineStatus", + "description": "The status of the image pipeline." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags of this image pipeline." + }, + "workflows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineWorkflowConfiguration" + }, + "description": "Workflows to define the image build process" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:imagebuilder:ImageRecipe": { + "cf": "AWS::ImageBuilder::ImageRecipe", + "inputs": { + "additionalInstanceConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImageRecipeAdditionalInstanceConfiguration", + "description": "Specify additional settings and launch scripts for your build instances." + }, + "blockDeviceMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ImageRecipeInstanceBlockDeviceMapping" + }, + "description": "The block device mappings to apply when creating images from this recipe." + }, + "components": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ImageRecipeComponentConfiguration" + }, + "description": "The components of the image recipe." + }, + "description": { + "type": "string", + "description": "The description of the image recipe." + }, + "name": { + "type": "string", + "description": "The name of the image recipe." + }, + "parentImage": { + "type": "string", + "description": "The parent image of the image recipe." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags of the image recipe." + }, + "version": { + "type": "string", + "description": "The version of the image recipe." + }, + "workingDirectory": { + "type": "string", + "description": "The working directory to be used during build and test workflows." + } + }, + "outputs": { + "additionalInstanceConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImageRecipeAdditionalInstanceConfiguration", + "description": "Specify additional settings and launch scripts for your build instances." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the image recipe." + }, + "blockDeviceMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ImageRecipeInstanceBlockDeviceMapping" + }, + "description": "The block device mappings to apply when creating images from this recipe.", + "replaceOnChanges": true + }, + "components": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ImageRecipeComponentConfiguration" + }, + "description": "The components of the image recipe.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the image recipe.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the image recipe.", + "replaceOnChanges": true + }, + "parentImage": { + "type": "string", + "description": "The parent image of the image recipe.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags of the image recipe.", + "replaceOnChanges": true + }, + "version": { + "type": "string", + "description": "The version of the image recipe.", + "replaceOnChanges": true + }, + "workingDirectory": { + "type": "string", + "description": "The working directory to be used during build and test workflows.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "components", + "parentImage", + "version" + ], + "createOnly": [ + "blockDeviceMappings", + "components", + "description", + "name", + "parentImage", + "tags", + "version", + "workingDirectory" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:imagebuilder:InfrastructureConfiguration": { + "cf": "AWS::ImageBuilder::InfrastructureConfiguration", + "inputs": { + "description": { + "type": "string", + "description": "The description of the infrastructure configuration." + }, + "instanceMetadataOptions": { + "$ref": "#/types/aws-native:imagebuilder:InfrastructureConfigurationInstanceMetadataOptions", + "description": "The instance metadata option settings for the infrastructure configuration." + }, + "instanceProfileName": { + "type": "string", + "description": "The instance profile of the infrastructure configuration." + }, + "instanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance types of the infrastructure configuration." + }, + "keyPair": { + "type": "string", + "description": "The EC2 key pair of the infrastructure configuration.." + }, + "logging": { + "$ref": "#/types/aws-native:imagebuilder:InfrastructureConfigurationLogging", + "description": "The logging configuration of the infrastructure configuration." + }, + "name": { + "type": "string", + "description": "The name of the infrastructure configuration." + }, + "resourceTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags attached to the resource created by Image Builder." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security group IDs of the infrastructure configuration." + }, + "snsTopicArn": { + "type": "string", + "description": "The SNS Topic Amazon Resource Name (ARN) of the infrastructure configuration." + }, + "subnetId": { + "type": "string", + "description": "The subnet ID of the infrastructure configuration." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the component." + }, + "terminateInstanceOnFailure": { + "type": "boolean", + "description": "The terminate instance on failure configuration of the infrastructure configuration." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the infrastructure configuration." + }, + "description": { + "type": "string", + "description": "The description of the infrastructure configuration." + }, + "instanceMetadataOptions": { + "$ref": "#/types/aws-native:imagebuilder:InfrastructureConfigurationInstanceMetadataOptions", + "description": "The instance metadata option settings for the infrastructure configuration." + }, + "instanceProfileName": { + "type": "string", + "description": "The instance profile of the infrastructure configuration." + }, + "instanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance types of the infrastructure configuration." + }, + "keyPair": { + "type": "string", + "description": "The EC2 key pair of the infrastructure configuration.." + }, + "logging": { + "$ref": "#/types/aws-native:imagebuilder:InfrastructureConfigurationLogging", + "description": "The logging configuration of the infrastructure configuration." + }, + "name": { + "type": "string", + "description": "The name of the infrastructure configuration.", + "replaceOnChanges": true + }, + "resourceTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags attached to the resource created by Image Builder." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security group IDs of the infrastructure configuration." + }, + "snsTopicArn": { + "type": "string", + "description": "The SNS Topic Amazon Resource Name (ARN) of the infrastructure configuration." + }, + "subnetId": { + "type": "string", + "description": "The subnet ID of the infrastructure configuration." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the component." + }, + "terminateInstanceOnFailure": { + "type": "boolean", + "description": "The terminate instance on failure configuration of the infrastructure configuration." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "instanceProfileName" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:imagebuilder:LifecyclePolicy": { + "cf": "AWS::ImageBuilder::LifecyclePolicy", + "inputs": { + "description": { + "type": "string", + "description": "The description of the lifecycle policy." + }, + "executionRole": { + "type": "string", + "description": "The execution role of the lifecycle policy." + }, + "name": { + "type": "string", + "description": "The name of the lifecycle policy." + }, + "policyDetails": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyPolicyDetail" + }, + "description": "The policy details of the lifecycle policy." + }, + "resourceSelection": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyResourceSelection", + "description": "The resource selection of the lifecycle policy." + }, + "resourceType": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyResourceType", + "description": "The resource type of the lifecycle policy." + }, + "status": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyStatus", + "description": "The status of the lifecycle policy." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the lifecycle policy." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the lifecycle policy." + }, + "description": { + "type": "string", + "description": "The description of the lifecycle policy." + }, + "executionRole": { + "type": "string", + "description": "The execution role of the lifecycle policy." + }, + "name": { + "type": "string", + "description": "The name of the lifecycle policy.", + "replaceOnChanges": true + }, + "policyDetails": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyPolicyDetail" + }, + "description": "The policy details of the lifecycle policy." + }, + "resourceSelection": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyResourceSelection", + "description": "The resource selection of the lifecycle policy." + }, + "resourceType": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyResourceType", + "description": "The resource type of the lifecycle policy." + }, + "status": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyStatus", + "description": "The status of the lifecycle policy." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the lifecycle policy." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "executionRole", + "policyDetails", + "resourceSelection", + "resourceType" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:imagebuilder:Workflow": { + "cf": "AWS::ImageBuilder::Workflow", + "inputs": { + "changeDescription": { + "type": "string", + "description": "The change description of the workflow." + }, + "data": { + "type": "string", + "description": "The data of the workflow." + }, + "description": { + "type": "string", + "description": "The description of the workflow." + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key identifier used to encrypt the workflow." + }, + "name": { + "type": "string", + "description": "The name of the workflow." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the workflow." + }, + "type": { + "$ref": "#/types/aws-native:imagebuilder:WorkflowType", + "description": "The type of the workflow denotes whether the workflow is used to build, test, or distribute." + }, + "uri": { + "type": "string", + "description": "The uri of the workflow." + }, + "version": { + "type": "string", + "description": "The version of the workflow." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the workflow." + }, + "changeDescription": { + "type": "string", + "description": "The change description of the workflow.", + "replaceOnChanges": true + }, + "data": { + "type": "string", + "description": "The data of the workflow.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the workflow.", + "replaceOnChanges": true + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key identifier used to encrypt the workflow.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the workflow.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags associated with the workflow.", + "replaceOnChanges": true + }, + "type": { + "$ref": "#/types/aws-native:imagebuilder:WorkflowType", + "description": "The type of the workflow denotes whether the workflow is used to build, test, or distribute.", + "replaceOnChanges": true + }, + "uri": { + "type": "string", + "description": "The uri of the workflow.", + "replaceOnChanges": true + }, + "version": { + "type": "string", + "description": "The version of the workflow.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "type", + "version" + ], + "createOnly": [ + "changeDescription", + "data", + "description", + "kmsKeyId", + "name", + "tags", + "type", + "uri", + "version" + ], + "writeOnly": [ + "data", + "uri" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:inspector:AssessmentTarget": { + "cf": "AWS::Inspector::AssessmentTarget", + "inputs": { + "assessmentTargetName": { + "type": "string", + "description": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account ." + }, + "resourceGroupArn": { + "type": "string", + "description": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that specifies the assessment target that is created." + }, + "assessmentTargetName": { + "type": "string", + "description": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account .", + "replaceOnChanges": true + }, + "resourceGroupArn": { + "type": "string", + "description": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target." + } + }, + "autoNamingSpec": { + "sdkName": "assessmentTargetName" + }, + "createOnly": [ + "assessmentTargetName" + ] + }, + "aws-native:inspector:AssessmentTemplate": { + "cf": "AWS::Inspector::AssessmentTemplate", + "inputs": { + "assessmentTargetArn": { + "type": "string", + "description": "The ARN of the assessment target to be included in the assessment template." + }, + "assessmentTemplateName": { + "type": "string", + "description": "The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique." + }, + "durationInSeconds": { + "type": "integer", + "description": "The duration of the assessment run in seconds." + }, + "rulesPackageArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the rules packages that you want to use in the assessment template." + }, + "userAttributesForFindings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspector:AssessmentTemplateTag" + }, + "description": "The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that specifies the assessment template that is created." + }, + "assessmentTargetArn": { + "type": "string", + "description": "The ARN of the assessment target to be included in the assessment template.", + "replaceOnChanges": true + }, + "assessmentTemplateName": { + "type": "string", + "description": "The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.", + "replaceOnChanges": true + }, + "durationInSeconds": { + "type": "integer", + "description": "The duration of the assessment run in seconds.", + "replaceOnChanges": true + }, + "rulesPackageArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the rules packages that you want to use in the assessment template.", + "replaceOnChanges": true + }, + "userAttributesForFindings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspector:AssessmentTemplateTag" + }, + "description": "The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "assessmentTemplateName" + }, + "required": [ + "assessmentTargetArn", + "durationInSeconds", + "rulesPackageArns" + ], + "createOnly": [ + "assessmentTargetArn", + "assessmentTemplateName", + "durationInSeconds", + "rulesPackageArns", + "userAttributesForFindings" + ] + }, + "aws-native:inspector:ResourceGroup": { + "cf": "AWS::Inspector::ResourceGroup", + "inputs": { + "resourceGroupTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspector:ResourceGroupTag" + }, + "description": "The tags (key and value pairs) that will be associated with the resource group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that specifies the resource group that is created." + }, + "resourceGroupTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspector:ResourceGroupTag" + }, + "description": "The tags (key and value pairs) that will be associated with the resource group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "replaceOnChanges": true + } + }, + "required": [ + "resourceGroupTags" + ], + "createOnly": [ + "resourceGroupTags" + ] + }, + "aws-native:inspectorv2:CisScanConfiguration": { + "cf": "AWS::InspectorV2::CisScanConfiguration", + "inputs": { + "scanName": { + "type": "string", + "description": "Name of the scan" + }, + "schedule": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationSchedule", + "description": "The CIS scan configuration's schedule." + }, + "securityLevel": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationCisSecurityLevel", + "description": "The CIS scan configuration's CIS Benchmark level." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The CIS scan configuration's tags." + }, + "targets": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationCisTargets", + "description": "The CIS scan configuration's targets." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "CIS Scan configuration unique identifier" + }, + "scanName": { + "type": "string", + "description": "Name of the scan" + }, + "schedule": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationSchedule", + "description": "The CIS scan configuration's schedule." + }, + "securityLevel": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationCisSecurityLevel", + "description": "The CIS scan configuration's CIS Benchmark level." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The CIS scan configuration's tags." + }, + "targets": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationCisTargets", + "description": "The CIS scan configuration's targets." + } + }, + "required": [ + "scanName", + "schedule", + "securityLevel", + "targets" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:inspectorv2:Filter": { + "cf": "AWS::InspectorV2::Filter", + "inputs": { + "description": { + "type": "string", + "description": "Findings filter description." + }, + "filterAction": { + "$ref": "#/types/aws-native:inspectorv2:FilterAction", + "description": "Findings filter action." + }, + "filterCriteria": { + "$ref": "#/types/aws-native:inspectorv2:FilterCriteria", + "description": "Findings filter criteria." + }, + "name": { + "type": "string", + "description": "Findings filter name." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Findings filter ARN." + }, + "description": { + "type": "string", + "description": "Findings filter description." + }, + "filterAction": { + "$ref": "#/types/aws-native:inspectorv2:FilterAction", + "description": "Findings filter action." + }, + "filterCriteria": { + "$ref": "#/types/aws-native:inspectorv2:FilterCriteria", + "description": "Findings filter criteria." + }, + "name": { + "type": "string", + "description": "Findings filter name." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "filterAction", + "filterCriteria" + ] + }, + "aws-native:internetmonitor:Monitor": { + "cf": "AWS::InternetMonitor::Monitor", + "inputs": { + "healthEventsConfig": { + "$ref": "#/types/aws-native:internetmonitor:MonitorHealthEventsConfig", + "description": "A complex type with the configuration information that determines the threshold and other conditions for when Internet Monitor creates a health event for an overall performance or availability issue, across an application's geographies.\n\nDefines the percentages, for overall performance scores and availability scores for an application, that are the thresholds for when Amazon CloudWatch Internet Monitor creates a health event. You can override the defaults to set a custom threshold for overall performance or availability scores, or both.\n\nYou can also set thresholds for local health scores,, where Internet Monitor creates a health event when scores cross a threshold for one or more city-networks, in addition to creating an event when an overall score crosses a threshold.\n\nIf you don't set a health event threshold, the default value is 95%.\n\nFor local thresholds, you also set a minimum percentage of overall traffic that is impacted by an issue before Internet Monitor creates an event. In addition, you can disable local thresholds, for performance scores, availability scores, or both.\n\nFor more information, see [Change health event thresholds](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-IM-overview.html#IMUpdateThresholdFromOverview) in the Internet Monitor section of the *CloudWatch User Guide* ." + }, + "includeLinkedAccounts": { + "type": "boolean", + "description": "A boolean option that you can set to `TRUE` to include monitors for linked accounts in a list of monitors, when you've set up cross-account sharing in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide." + }, + "internetMeasurementsLogDelivery": { + "$ref": "#/types/aws-native:internetmonitor:MonitorInternetMeasurementsLogDelivery", + "description": "Publish internet measurements for a monitor for all city-networks (up to the 500,000 service limit) to another location, such as an Amazon S3 bucket. Measurements are also published to Amazon CloudWatch Logs for the first 500 (by traffic volume) city-networks (client locations and ASNs, typically internet service providers or ISPs)." + }, + "linkedAccountId": { + "type": "string", + "description": "The account ID for an account that you've set up cross-account sharing for in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide." + }, + "maxCityNetworksToMonitor": { + "type": "integer", + "description": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* ." + }, + "monitorName": { + "type": "string", + "description": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_)." + }, + "resources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs). Use this option to add or remove resources when making an update.\n\n\u003e Be aware that if you include content in the `Resources` field when you update a monitor, the `ResourcesToAdd` and `ResourcesToRemove` fields must be empty." + }, + "resourcesToAdd": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs). Resources can be Amazon Virtual Private Cloud VPCs, Network Load Balancers (NLBs), Amazon CloudFront distributions, or Amazon WorkSpaces directories.\n\nYou can add a combination of VPCs and CloudFront distributions, or you can add WorkSpaces directories, or you can add NLBs. You can't add NLBs or WorkSpaces directories together with any other resources.\n\nIf you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.\n\n\u003e You can specify this field for a monitor update only if the `Resources` field is empty." + }, + "resourcesToRemove": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs)\n\n\u003e You can specify this field for a monitor update only if the `Resources` field is empty." + }, + "status": { + "$ref": "#/types/aws-native:internetmonitor:MonitorConfigState", + "description": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for a monitor, listed as a set of *key:value* pairs." + }, + "trafficPercentageToMonitor": { + "type": "integer", + "description": "The percentage of the internet-facing traffic for your application that you want to monitor. You can also, optionally, set a limit for the number of city-networks (client locations and ASNs, typically internet service providers) that Internet Monitor will monitor traffic for. The city-networks maximum limit caps the number of city-networks that Internet Monitor monitors for your application, regardless of the percentage of traffic that you choose to monitor." + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "The time when the monitor was created." + }, + "healthEventsConfig": { + "$ref": "#/types/aws-native:internetmonitor:MonitorHealthEventsConfig", + "description": "A complex type with the configuration information that determines the threshold and other conditions for when Internet Monitor creates a health event for an overall performance or availability issue, across an application's geographies.\n\nDefines the percentages, for overall performance scores and availability scores for an application, that are the thresholds for when Amazon CloudWatch Internet Monitor creates a health event. You can override the defaults to set a custom threshold for overall performance or availability scores, or both.\n\nYou can also set thresholds for local health scores,, where Internet Monitor creates a health event when scores cross a threshold for one or more city-networks, in addition to creating an event when an overall score crosses a threshold.\n\nIf you don't set a health event threshold, the default value is 95%.\n\nFor local thresholds, you also set a minimum percentage of overall traffic that is impacted by an issue before Internet Monitor creates an event. In addition, you can disable local thresholds, for performance scores, availability scores, or both.\n\nFor more information, see [Change health event thresholds](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-IM-overview.html#IMUpdateThresholdFromOverview) in the Internet Monitor section of the *CloudWatch User Guide* ." + }, + "includeLinkedAccounts": { + "type": "boolean", + "description": "A boolean option that you can set to `TRUE` to include monitors for linked accounts in a list of monitors, when you've set up cross-account sharing in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide." + }, + "internetMeasurementsLogDelivery": { + "$ref": "#/types/aws-native:internetmonitor:MonitorInternetMeasurementsLogDelivery", + "description": "Publish internet measurements for a monitor for all city-networks (up to the 500,000 service limit) to another location, such as an Amazon S3 bucket. Measurements are also published to Amazon CloudWatch Logs for the first 500 (by traffic volume) city-networks (client locations and ASNs, typically internet service providers or ISPs)." + }, + "linkedAccountId": { + "type": "string", + "description": "The account ID for an account that you've set up cross-account sharing for in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide." + }, + "maxCityNetworksToMonitor": { + "type": "integer", + "description": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* ." + }, + "modifiedAt": { + "type": "string", + "description": "The last time that the monitor was modified." + }, + "monitorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the monitor." + }, + "monitorName": { + "type": "string", + "description": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_).", + "replaceOnChanges": true + }, + "processingStatus": { + "$ref": "#/types/aws-native:internetmonitor:MonitorProcessingStatusCode", + "description": "The health of data processing for the monitor. For more information, see `ProcessingStatus` under [MonitorListMember](https://docs.aws.amazon.com/internet-monitor/latest/api/API_MonitorListMember.html) in the *Amazon CloudWatch Internet Monitor API Reference* ." + }, + "processingStatusInfo": { + "type": "string", + "description": "Additional information about the health of the data processing for the monitor." + }, + "resources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs). Use this option to add or remove resources when making an update.\n\n\u003e Be aware that if you include content in the `Resources` field when you update a monitor, the `ResourcesToAdd` and `ResourcesToRemove` fields must be empty." + }, + "resourcesToAdd": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs). Resources can be Amazon Virtual Private Cloud VPCs, Network Load Balancers (NLBs), Amazon CloudFront distributions, or Amazon WorkSpaces directories.\n\nYou can add a combination of VPCs and CloudFront distributions, or you can add WorkSpaces directories, or you can add NLBs. You can't add NLBs or WorkSpaces directories together with any other resources.\n\nIf you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.\n\n\u003e You can specify this field for a monitor update only if the `Resources` field is empty." + }, + "resourcesToRemove": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs)\n\n\u003e You can specify this field for a monitor update only if the `Resources` field is empty." + }, + "status": { + "$ref": "#/types/aws-native:internetmonitor:MonitorConfigState", + "description": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for a monitor, listed as a set of *key:value* pairs." + }, + "trafficPercentageToMonitor": { + "type": "integer", + "description": "The percentage of the internet-facing traffic for your application that you want to monitor. You can also, optionally, set a limit for the number of city-networks (client locations and ASNs, typically internet service providers) that Internet Monitor will monitor traffic for. The city-networks maximum limit caps the number of city-networks that Internet Monitor monitors for your application, regardless of the percentage of traffic that you choose to monitor." + } + }, + "autoNamingSpec": { + "sdkName": "monitorName", + "minLength": 1, + "maxLength": 255 + }, + "createOnly": [ + "monitorName" + ], + "writeOnly": [ + "includeLinkedAccounts", + "linkedAccountId", + "resourcesToAdd", + "resourcesToRemove" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:AccountAuditConfiguration": { + "cf": "AWS::IoT::AccountAuditConfiguration", + "inputs": { + "accountId": { + "type": "string", + "description": "Your 12-digit account ID (used as the primary identifier for the CloudFormation resource)." + }, + "auditCheckConfigurations": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfigurations", + "description": "Specifies which audit checks are enabled and disabled for this account.\n\nSome data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` .\n\nIf an enabled check is removed from the template, it will also be disabled.\n\nYou can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.\n\nFor more information on avialbe auidt checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)" + }, + "auditNotificationTargetConfigurations": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditNotificationTargetConfigurations", + "description": "Information about the targets to which audit notifications are sent." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants permission to AWS IoT to access information about your devices, policies, certificates and other items as required when performing an audit." + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "Your 12-digit account ID (used as the primary identifier for the CloudFormation resource).", + "replaceOnChanges": true + }, + "auditCheckConfigurations": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfigurations", + "description": "Specifies which audit checks are enabled and disabled for this account.\n\nSome data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` .\n\nIf an enabled check is removed from the template, it will also be disabled.\n\nYou can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.\n\nFor more information on avialbe auidt checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)" + }, + "auditNotificationTargetConfigurations": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditNotificationTargetConfigurations", + "description": "Information about the targets to which audit notifications are sent." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants permission to AWS IoT to access information about your devices, policies, certificates and other items as required when performing an audit." + } + }, + "required": [ + "accountId", + "auditCheckConfigurations", + "roleArn" + ], + "createOnly": [ + "accountId" + ] + }, + "aws-native:iot:Authorizer": { + "cf": "AWS::IoT::Authorizer", + "inputs": { + "authorizerFunctionArn": { + "type": "string", + "description": "The authorizer's Lambda function ARN." + }, + "authorizerName": { + "type": "string", + "description": "The authorizer name." + }, + "enableCachingForHttp": { + "type": "boolean", + "description": "When `true` , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in `refreshAfterInSeconds` . This value doesn't affect authorization of clients that use MQTT connections." + }, + "signingDisabled": { + "type": "boolean", + "description": "Specifies whether AWS IoT validates the token signature in an authorization request." + }, + "status": { + "$ref": "#/types/aws-native:iot:AuthorizerStatus", + "description": "The status of the authorizer.\n\nValid values: `ACTIVE` | `INACTIVE`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the custom authorizer.\n\n\u003e For URI Request parameters use format: ...key1=value1\u0026key2=value2...\n\u003e \n\u003e For the CLI command-line parameter use format: \u0026\u0026tags \"key1=value1\u0026key2=value2...\"\n\u003e \n\u003e For the cli-input-json file use format: \"tags\": \"key1=value1\u0026key2=value2...\"" + }, + "tokenKeyName": { + "type": "string", + "description": "The key used to extract the token from the HTTP headers." + }, + "tokenSigningPublicKeys": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The public keys used to validate the token signature returned by your custom authentication service." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the authorizer." + }, + "authorizerFunctionArn": { + "type": "string", + "description": "The authorizer's Lambda function ARN." + }, + "authorizerName": { + "type": "string", + "description": "The authorizer name.", + "replaceOnChanges": true + }, + "enableCachingForHttp": { + "type": "boolean", + "description": "When `true` , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in `refreshAfterInSeconds` . This value doesn't affect authorization of clients that use MQTT connections." + }, + "signingDisabled": { + "type": "boolean", + "description": "Specifies whether AWS IoT validates the token signature in an authorization request.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:iot:AuthorizerStatus", + "description": "The status of the authorizer.\n\nValid values: `ACTIVE` | `INACTIVE`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the custom authorizer.\n\n\u003e For URI Request parameters use format: ...key1=value1\u0026key2=value2...\n\u003e \n\u003e For the CLI command-line parameter use format: \u0026\u0026tags \"key1=value1\u0026key2=value2...\"\n\u003e \n\u003e For the cli-input-json file use format: \"tags\": \"key1=value1\u0026key2=value2...\"" + }, + "tokenKeyName": { + "type": "string", + "description": "The key used to extract the token from the HTTP headers." + }, + "tokenSigningPublicKeys": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The public keys used to validate the token signature returned by your custom authentication service." + } + }, + "autoNamingSpec": { + "sdkName": "authorizerName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "authorizerFunctionArn" + ], + "createOnly": [ + "authorizerName", + "signingDisabled" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:BillingGroup": { + "cf": "AWS::IoT::BillingGroup", + "inputs": { + "billingGroupName": { + "type": "string", + "description": "The name of the billing group." + }, + "billingGroupProperties": { + "$ref": "#/types/aws-native:iot:BillingGroupPropertiesProperties", + "description": "The properties of the billing group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the billing group." + }, + "awsId": { + "type": "string", + "description": "The ID of the billing group." + }, + "billingGroupName": { + "type": "string", + "description": "The name of the billing group.", + "replaceOnChanges": true + }, + "billingGroupProperties": { + "$ref": "#/types/aws-native:iot:BillingGroupPropertiesProperties", + "description": "The properties of the billing group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "billingGroupName", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "billingGroupName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:CaCertificate": { + "cf": "AWS::IoT::CACertificate", + "inputs": { + "autoRegistrationStatus": { + "$ref": "#/types/aws-native:iot:CaCertificateAutoRegistrationStatus", + "description": "Whether the CA certificate is configured for auto registration of device certificates. Valid values are \"ENABLE\" and \"DISABLE\"." + }, + "caCertificatePem": { + "type": "string", + "description": "The certificate data in PEM format." + }, + "certificateMode": { + "$ref": "#/types/aws-native:iot:CaCertificateCertificateMode", + "description": "The mode of the CA.\n\nAll the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see [certificate mode](https://docs.aws.amazon.com//iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode) .\n\nValid values are \"DEFAULT\" and \"SNI_ONLY\"." + }, + "registrationConfig": { + "$ref": "#/types/aws-native:iot:CaCertificateRegistrationConfig", + "description": "Information about the registration configuration." + }, + "removeAutoRegistration": { + "type": "boolean", + "description": "If true, removes auto registration." + }, + "status": { + "$ref": "#/types/aws-native:iot:CaCertificateStatus", + "description": "The status of the CA certificate.\n\nValid values are \"ACTIVE\" and \"INACTIVE\"." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "verificationCertificatePem": { + "type": "string", + "description": "The private key verification certificate." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) for the CA certificate. For example:\n\n`{ \"Fn::GetAtt\": [\"MyCACertificate\", \"Arn\"] }`\n\nA value similar to the following is returned:\n\n`arn:aws:iot:us-east-1:123456789012:cacert/a6be6b84559801927e35a8f901fae08b5971d78d1562e29504ff9663b276a5f5`" + }, + "autoRegistrationStatus": { + "$ref": "#/types/aws-native:iot:CaCertificateAutoRegistrationStatus", + "description": "Whether the CA certificate is configured for auto registration of device certificates. Valid values are \"ENABLE\" and \"DISABLE\"." + }, + "awsId": { + "type": "string", + "description": "The CA certificate ID." + }, + "caCertificatePem": { + "type": "string", + "description": "The certificate data in PEM format.", + "replaceOnChanges": true + }, + "certificateMode": { + "$ref": "#/types/aws-native:iot:CaCertificateCertificateMode", + "description": "The mode of the CA.\n\nAll the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see [certificate mode](https://docs.aws.amazon.com//iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode) .\n\nValid values are \"DEFAULT\" and \"SNI_ONLY\".", + "replaceOnChanges": true + }, + "registrationConfig": { + "$ref": "#/types/aws-native:iot:CaCertificateRegistrationConfig", + "description": "Information about the registration configuration." + }, + "removeAutoRegistration": { + "type": "boolean", + "description": "If true, removes auto registration." + }, + "status": { + "$ref": "#/types/aws-native:iot:CaCertificateStatus", + "description": "The status of the CA certificate.\n\nValid values are \"ACTIVE\" and \"INACTIVE\"." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "verificationCertificatePem": { + "type": "string", + "description": "The private key verification certificate.", + "replaceOnChanges": true + } + }, + "required": [ + "caCertificatePem", + "status" + ], + "createOnly": [ + "caCertificatePem", + "certificateMode", + "verificationCertificatePem" + ], + "writeOnly": [ + "removeAutoRegistration", + "verificationCertificatePem" + ], + "irreversibleNames": { + "awsId": "Id", + "caCertificatePem": "CACertificatePem" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:Certificate": { + "cf": "AWS::IoT::Certificate", + "inputs": { + "caCertificatePem": { + "type": "string", + "description": "The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY." + }, + "certificateMode": { + "$ref": "#/types/aws-native:iot:CertificateMode", + "description": "Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.\n\n`DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .\n\n`SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core ." + }, + "certificatePem": { + "type": "string", + "description": "The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration." + }, + "certificateSigningRequest": { + "type": "string", + "description": "The certificate signing request (CSR)." + }, + "status": { + "$ref": "#/types/aws-native:iot:CertificateStatus", + "description": "The status of the certificate.\n\nValid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.\n\nThe status value REGISTER_INACTIVE is deprecated and should not be used." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) for the certificate. For example:\n\n`{ \"Fn::GetAtt\": [\"MyCertificate\", \"Arn\"] }`\n\nA value similar to the following is returned:\n\n`arn:aws:iot:ap-southeast-2:123456789012:cert/a1234567b89c012d3e4fg567hij8k9l01mno1p23q45678901rs234567890t1u2`" + }, + "awsId": { + "type": "string", + "description": "The certificate ID." + }, + "caCertificatePem": { + "type": "string", + "description": "The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.", + "replaceOnChanges": true + }, + "certificateMode": { + "$ref": "#/types/aws-native:iot:CertificateMode", + "description": "Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.\n\n`DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .\n\n`SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core .", + "replaceOnChanges": true + }, + "certificatePem": { + "type": "string", + "description": "The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.", + "replaceOnChanges": true + }, + "certificateSigningRequest": { + "type": "string", + "description": "The certificate signing request (CSR).", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:iot:CertificateStatus", + "description": "The status of the certificate.\n\nValid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.\n\nThe status value REGISTER_INACTIVE is deprecated and should not be used." + } + }, + "required": [ + "status" + ], + "createOnly": [ + "caCertificatePem", + "certificateMode", + "certificatePem", + "certificateSigningRequest" + ], + "writeOnly": [ + "caCertificatePem", + "certificateSigningRequest" + ], + "irreversibleNames": { + "awsId": "Id", + "caCertificatePem": "CACertificatePem" + } + }, + "aws-native:iot:CertificateProvider": { + "cf": "AWS::IoT::CertificateProvider", + "inputs": { + "accountDefaultForOperations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:CertificateProviderOperation" + }, + "description": "A list of the operations that the certificate provider will use to generate certificates. Valid value: `CreateCertificateFromCsr` ." + }, + "certificateProviderName": { + "type": "string", + "description": "The name of the certificate provider." + }, + "lambdaFunctionArn": { + "type": "string", + "description": "The ARN of the Lambda function." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "accountDefaultForOperations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:CertificateProviderOperation" + }, + "description": "A list of the operations that the certificate provider will use to generate certificates. Valid value: `CreateCertificateFromCsr` ." + }, + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) for the certificate. For example:\n\n`{ \"Fn::GetAtt\": [\"MyCertificateProvider\", \"Arn\"] }`\n\nA value similar to the following is returned:\n\n`arn:aws:iot:ap-southeast-2:123456789012:certprovider/my-certificate-provider`" + }, + "certificateProviderName": { + "type": "string", + "description": "The name of the certificate provider.", + "replaceOnChanges": true + }, + "lambdaFunctionArn": { + "type": "string", + "description": "The ARN of the Lambda function." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "certificateProviderName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "accountDefaultForOperations", + "lambdaFunctionArn" + ], + "createOnly": [ + "certificateProviderName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:CustomMetric": { + "cf": "AWS::IoT::CustomMetric", + "inputs": { + "displayName": { + "type": "string", + "description": "Field represents a friendly name in the console for the custom metric; it doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. Can be updated once defined." + }, + "metricName": { + "type": "string", + "description": "The name of the custom metric. This will be used in the metric report submitted from the device/thing. Shouldn't begin with aws: . Cannot be updated once defined." + }, + "metricType": { + "$ref": "#/types/aws-native:iot:CustomMetricMetricType", + "description": "The type of the custom metric. Types include string-list, ip-address-list, number-list, and number." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "displayName": { + "type": "string", + "description": "Field represents a friendly name in the console for the custom metric; it doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. Can be updated once defined." + }, + "metricArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the custom metric." + }, + "metricName": { + "type": "string", + "description": "The name of the custom metric. This will be used in the metric report submitted from the device/thing. Shouldn't begin with aws: . Cannot be updated once defined.", + "replaceOnChanges": true + }, + "metricType": { + "$ref": "#/types/aws-native:iot:CustomMetricMetricType", + "description": "The type of the custom metric. Types include string-list, ip-address-list, number-list, and number.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "metricName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "metricType" + ], + "createOnly": [ + "metricName", + "metricType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:Dimension": { + "cf": "AWS::IoT::Dimension", + "inputs": { + "name": { + "type": "string", + "description": "A unique identifier for the dimension." + }, + "stringValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the value or list of values for the dimension." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that can be used to manage the dimension." + }, + "type": { + "$ref": "#/types/aws-native:iot:DimensionType", + "description": "Specifies the type of the dimension." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN (Amazon resource name) of the created dimension." + }, + "name": { + "type": "string", + "description": "A unique identifier for the dimension.", + "replaceOnChanges": true + }, + "stringValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the value or list of values for the dimension." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that can be used to manage the dimension." + }, + "type": { + "$ref": "#/types/aws-native:iot:DimensionType", + "description": "Specifies the type of the dimension.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "stringValues", + "type" + ], + "createOnly": [ + "name", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:DomainConfiguration": { + "cf": "AWS::IoT::DomainConfiguration", + "inputs": { + "authorizerConfig": { + "$ref": "#/types/aws-native:iot:DomainConfigurationAuthorizerConfig", + "description": "An object that specifies the authorization service for a domain." + }, + "domainConfigurationName": { + "type": "string", + "description": "The name of the domain configuration. This value must be unique to a region." + }, + "domainConfigurationStatus": { + "$ref": "#/types/aws-native:iot:DomainConfigurationStatus", + "description": "The status to which the domain configuration should be updated.\n\nValid values: `ENABLED` | `DISABLED`" + }, + "domainName": { + "type": "string", + "description": "The name of the domain." + }, + "serverCertificateArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains." + }, + "serverCertificateConfig": { + "$ref": "#/types/aws-native:iot:DomainConfigurationServerCertificateConfig", + "description": "The server certificate configuration.\n\nFor more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide." + }, + "serviceType": { + "$ref": "#/types/aws-native:iot:DomainConfigurationServiceType", + "description": "The type of service delivered by the endpoint.\n\n\u003e AWS IoT Core currently supports only the `DATA` service type." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the domain configuration.\n\n\u003e For URI Request parameters use format: ...key1=value1\u0026key2=value2...\n\u003e \n\u003e For the CLI command-line parameter use format: \u0026\u0026tags \"key1=value1\u0026key2=value2...\"\n\u003e \n\u003e For the cli-input-json file use format: \"tags\": \"key1=value1\u0026key2=value2...\"" + }, + "tlsConfig": { + "$ref": "#/types/aws-native:iot:DomainConfigurationTlsConfig", + "description": "An object that specifies the TLS configuration for a domain." + }, + "validationCertificateArn": { + "type": "string", + "description": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the domain configuration." + }, + "authorizerConfig": { + "$ref": "#/types/aws-native:iot:DomainConfigurationAuthorizerConfig", + "description": "An object that specifies the authorization service for a domain." + }, + "domainConfigurationName": { + "type": "string", + "description": "The name of the domain configuration. This value must be unique to a region.", + "replaceOnChanges": true + }, + "domainConfigurationStatus": { + "$ref": "#/types/aws-native:iot:DomainConfigurationStatus", + "description": "The status to which the domain configuration should be updated.\n\nValid values: `ENABLED` | `DISABLED`" + }, + "domainName": { + "type": "string", + "description": "The name of the domain.", + "replaceOnChanges": true + }, + "domainType": { + "$ref": "#/types/aws-native:iot:DomainConfigurationDomainType", + "description": "The type of service delivered by the domain." + }, + "serverCertificateArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.", + "replaceOnChanges": true + }, + "serverCertificateConfig": { + "$ref": "#/types/aws-native:iot:DomainConfigurationServerCertificateConfig", + "description": "The server certificate configuration.\n\nFor more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide." + }, + "serverCertificates": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:DomainConfigurationServerCertificateSummary" + }, + "description": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains." + }, + "serviceType": { + "$ref": "#/types/aws-native:iot:DomainConfigurationServiceType", + "description": "The type of service delivered by the endpoint.\n\n\u003e AWS IoT Core currently supports only the `DATA` service type.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the domain configuration.\n\n\u003e For URI Request parameters use format: ...key1=value1\u0026key2=value2...\n\u003e \n\u003e For the CLI command-line parameter use format: \u0026\u0026tags \"key1=value1\u0026key2=value2...\"\n\u003e \n\u003e For the cli-input-json file use format: \"tags\": \"key1=value1\u0026key2=value2...\"" + }, + "tlsConfig": { + "$ref": "#/types/aws-native:iot:DomainConfigurationTlsConfig", + "description": "An object that specifies the TLS configuration for a domain." + }, + "validationCertificateArn": { + "type": "string", + "description": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "domainConfigurationName", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "domainConfigurationName", + "domainName", + "serverCertificateArns", + "serviceType", + "validationCertificateArn" + ], + "writeOnly": [ + "serverCertificateArns", + "validationCertificateArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:FleetMetric": { + "cf": "AWS::IoT::FleetMetric", + "inputs": { + "aggregationField": { + "type": "string", + "description": "The aggregation field to perform aggregation and metric emission" + }, + "aggregationType": { + "$ref": "#/types/aws-native:iot:FleetMetricAggregationType", + "description": "The type of the aggregation query." + }, + "description": { + "type": "string", + "description": "The description of a fleet metric" + }, + "indexName": { + "type": "string", + "description": "The index name of a fleet metric" + }, + "metricName": { + "type": "string", + "description": "The name of the fleet metric" + }, + "period": { + "type": "integer", + "description": "The period of metric emission in seconds" + }, + "queryString": { + "type": "string", + "description": "The Fleet Indexing query used by a fleet metric" + }, + "queryVersion": { + "type": "string", + "description": "The version of a Fleet Indexing query used by a fleet metric" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource" + }, + "unit": { + "type": "string", + "description": "The unit of data points emitted by a fleet metric" + } + }, + "outputs": { + "aggregationField": { + "type": "string", + "description": "The aggregation field to perform aggregation and metric emission" + }, + "aggregationType": { + "$ref": "#/types/aws-native:iot:FleetMetricAggregationType", + "description": "The type of the aggregation query." + }, + "creationDate": { + "type": "string", + "description": "The creation date of a fleet metric" + }, + "description": { + "type": "string", + "description": "The description of a fleet metric" + }, + "indexName": { + "type": "string", + "description": "The index name of a fleet metric" + }, + "lastModifiedDate": { + "type": "string", + "description": "The last modified date of a fleet metric" + }, + "metricArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of a fleet metric metric" + }, + "metricName": { + "type": "string", + "description": "The name of the fleet metric", + "replaceOnChanges": true + }, + "period": { + "type": "integer", + "description": "The period of metric emission in seconds" + }, + "queryString": { + "type": "string", + "description": "The Fleet Indexing query used by a fleet metric" + }, + "queryVersion": { + "type": "string", + "description": "The version of a Fleet Indexing query used by a fleet metric" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource" + }, + "unit": { + "type": "string", + "description": "The unit of data points emitted by a fleet metric" + }, + "version": { + "type": "number", + "description": "The version of a fleet metric" + } + }, + "autoNamingSpec": { + "sdkName": "metricName" + }, + "createOnly": [ + "metricName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:JobTemplate": { + "cf": "AWS::IoT::JobTemplate", + "inputs": { + "abortConfig": { + "$ref": "#/types/aws-native:iot:AbortConfigProperties", + "description": "The criteria that determine when and how a job abort takes place." + }, + "description": { + "type": "string", + "description": "A description of the Job Template." + }, + "destinationPackageVersions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The package version Amazon Resource Names (ARNs) that are installed on the device’s reserved named shadow ( `$package` ) when the job successfully completes.\n\n*Note:* Up to 25 package version ARNS are allowed." + }, + "document": { + "type": "string", + "description": "The job document. Required if you don't specify a value for documentSource." + }, + "documentSource": { + "type": "string", + "description": "An S3 link to the job document to use in the template. Required if you don't specify a value for document." + }, + "jobArn": { + "type": "string", + "description": "Optional for copying a JobTemplate from a pre-existing Job configuration." + }, + "jobExecutionsRetryConfig": { + "$ref": "#/types/aws-native:iot:JobExecutionsRetryConfigProperties", + "description": "Allows you to create the criteria to retry a job." + }, + "jobExecutionsRolloutConfig": { + "$ref": "#/types/aws-native:iot:JobExecutionsRolloutConfigProperties", + "description": "Allows you to create a staged rollout of a job." + }, + "jobTemplateId": { + "type": "string", + "description": "A unique identifier for the job template. We recommend using a UUID. Alpha-numeric characters, \"-\", and \"_\" are valid for use here." + }, + "maintenanceWindows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:JobTemplateMaintenanceWindow" + }, + "description": "An optional configuration within the SchedulingConfig to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job." + }, + "presignedUrlConfig": { + "$ref": "#/types/aws-native:iot:PresignedUrlConfigProperties", + "description": "Configuration for pre-signed S3 URLs." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata that can be used to manage the JobTemplate." + }, + "timeoutConfig": { + "$ref": "#/types/aws-native:iot:TimeoutConfigProperties", + "description": "Specifies the amount of time each device has to finish its execution of the job." + } + }, + "outputs": { + "abortConfig": { + "$ref": "#/types/aws-native:iot:AbortConfigProperties", + "description": "The criteria that determine when and how a job abort takes place.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The ARN of the job to use as the basis for the job template." + }, + "description": { + "type": "string", + "description": "A description of the Job Template.", + "replaceOnChanges": true + }, + "destinationPackageVersions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The package version Amazon Resource Names (ARNs) that are installed on the device’s reserved named shadow ( `$package` ) when the job successfully completes.\n\n*Note:* Up to 25 package version ARNS are allowed.", + "replaceOnChanges": true + }, + "document": { + "type": "string", + "description": "The job document. Required if you don't specify a value for documentSource.", + "replaceOnChanges": true + }, + "documentSource": { + "type": "string", + "description": "An S3 link to the job document to use in the template. Required if you don't specify a value for document.", + "replaceOnChanges": true + }, + "jobArn": { + "type": "string", + "description": "Optional for copying a JobTemplate from a pre-existing Job configuration.", + "replaceOnChanges": true + }, + "jobExecutionsRetryConfig": { + "$ref": "#/types/aws-native:iot:JobExecutionsRetryConfigProperties", + "description": "Allows you to create the criteria to retry a job.", + "replaceOnChanges": true + }, + "jobExecutionsRolloutConfig": { + "$ref": "#/types/aws-native:iot:JobExecutionsRolloutConfigProperties", + "description": "Allows you to create a staged rollout of a job.", + "replaceOnChanges": true + }, + "jobTemplateId": { + "type": "string", + "description": "A unique identifier for the job template. We recommend using a UUID. Alpha-numeric characters, \"-\", and \"_\" are valid for use here.", + "replaceOnChanges": true + }, + "maintenanceWindows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:JobTemplateMaintenanceWindow" + }, + "description": "An optional configuration within the SchedulingConfig to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job.", + "replaceOnChanges": true + }, + "presignedUrlConfig": { + "$ref": "#/types/aws-native:iot:PresignedUrlConfigProperties", + "description": "Configuration for pre-signed S3 URLs.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Metadata that can be used to manage the JobTemplate.", + "replaceOnChanges": true + }, + "timeoutConfig": { + "$ref": "#/types/aws-native:iot:TimeoutConfigProperties", + "description": "Specifies the amount of time each device has to finish its execution of the job.", + "replaceOnChanges": true + } + }, + "required": [ + "description", + "jobTemplateId" + ], + "createOnly": [ + "abortConfig", + "description", + "destinationPackageVersions", + "document", + "documentSource", + "jobArn", + "jobExecutionsRetryConfig", + "jobExecutionsRolloutConfig", + "jobTemplateId", + "maintenanceWindows", + "presignedUrlConfig", + "tags", + "timeoutConfig" + ], + "writeOnly": [ + "abortConfig", + "destinationPackageVersions", + "document", + "documentSource", + "jobArn", + "jobExecutionsRetryConfig", + "jobExecutionsRolloutConfig", + "maintenanceWindows", + "presignedUrlConfig", + "tags", + "timeoutConfig" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:iot:Logging": { + "cf": "AWS::IoT::Logging", + "inputs": { + "accountId": { + "type": "string", + "description": "Your 12-digit account ID (used as the primary identifier for the CloudFormation resource)." + }, + "defaultLogLevel": { + "$ref": "#/types/aws-native:iot:LoggingDefaultLogLevel", + "description": "The log level to use. Valid values are: ERROR, WARN, INFO, DEBUG, or DISABLED." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that allows IoT to write to Cloudwatch logs." + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "Your 12-digit account ID (used as the primary identifier for the CloudFormation resource).", + "replaceOnChanges": true + }, + "defaultLogLevel": { + "$ref": "#/types/aws-native:iot:LoggingDefaultLogLevel", + "description": "The log level to use. Valid values are: ERROR, WARN, INFO, DEBUG, or DISABLED." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that allows IoT to write to Cloudwatch logs." + } + }, + "required": [ + "accountId", + "defaultLogLevel", + "roleArn" + ], + "createOnly": [ + "accountId" + ] + }, + "aws-native:iot:MitigationAction": { + "cf": "AWS::IoT::MitigationAction", + "inputs": { + "actionName": { + "type": "string", + "description": "A unique identifier for the mitigation action." + }, + "actionParams": { + "$ref": "#/types/aws-native:iot:MitigationActionActionParams", + "description": "The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply." + }, + "roleArn": { + "type": "string", + "description": "The IAM role ARN used to apply this mitigation action." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "actionName": { + "type": "string", + "description": "A unique identifier for the mitigation action.", + "replaceOnChanges": true + }, + "actionParams": { + "$ref": "#/types/aws-native:iot:MitigationActionActionParams", + "description": "The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply." + }, + "mitigationActionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the mitigation action." + }, + "mitigationActionId": { + "type": "string", + "description": "The ID of the mitigation action." + }, + "roleArn": { + "type": "string", + "description": "The IAM role ARN used to apply this mitigation action." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "actionName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "actionParams", + "roleArn" + ], + "createOnly": [ + "actionName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:Policy": { + "cf": "AWS::IoT::Policy", + "inputs": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The JSON document that describes the policy.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IoT::Policy` for more information about the expected schema for this property." + }, + "policyName": { + "type": "string", + "description": "The policy name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS IoT policy, such as `arn:aws:iot:us-east-2:123456789012:policy/MyPolicy` ." + }, + "awsId": { + "type": "string", + "description": "The name of this policy." + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The JSON document that describes the policy.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::IoT::Policy` for more information about the expected schema for this property." + }, + "policyName": { + "type": "string", + "description": "The policy name.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + }, + "autoNamingSpec": { + "sdkName": "policyName" + }, + "required": [ + "policyDocument" + ], + "createOnly": [ + "policyName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:ProvisioningTemplate": { + "cf": "AWS::IoT::ProvisioningTemplate", + "inputs": { + "description": { + "type": "string", + "description": "The description of the fleet provisioning template." + }, + "enabled": { + "type": "boolean", + "description": "True to enable the fleet provisioning template, otherwise false." + }, + "preProvisioningHook": { + "$ref": "#/types/aws-native:iot:ProvisioningTemplateProvisioningHook", + "description": "Creates a pre-provisioning hook template." + }, + "provisioningRoleArn": { + "type": "string", + "description": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that can be used to manage the fleet provisioning template." + }, + "templateBody": { + "type": "string", + "description": "The JSON formatted contents of the fleet provisioning template version." + }, + "templateName": { + "type": "string", + "description": "The name of the fleet provisioning template." + }, + "templateType": { + "$ref": "#/types/aws-native:iot:ProvisioningTemplateTemplateType", + "description": "The type of the provisioning template." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the fleet provisioning template." + }, + "enabled": { + "type": "boolean", + "description": "True to enable the fleet provisioning template, otherwise false." + }, + "preProvisioningHook": { + "$ref": "#/types/aws-native:iot:ProvisioningTemplateProvisioningHook", + "description": "Creates a pre-provisioning hook template." + }, + "provisioningRoleArn": { + "type": "string", + "description": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that can be used to manage the fleet provisioning template." + }, + "templateArn": { + "type": "string", + "description": "The ARN that identifies the provisioning template." + }, + "templateBody": { + "type": "string", + "description": "The JSON formatted contents of the fleet provisioning template version." + }, + "templateName": { + "type": "string", + "description": "The name of the fleet provisioning template.", + "replaceOnChanges": true + }, + "templateType": { + "$ref": "#/types/aws-native:iot:ProvisioningTemplateTemplateType", + "description": "The type of the provisioning template.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "templateName", + "minLength": 1, + "maxLength": 36 + }, + "required": [ + "provisioningRoleArn", + "templateBody" + ], + "createOnly": [ + "templateName", + "templateType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:ResourceSpecificLogging": { + "cf": "AWS::IoT::ResourceSpecificLogging", + "inputs": { + "logLevel": { + "$ref": "#/types/aws-native:iot:ResourceSpecificLoggingLogLevel", + "description": "The log level for a specific target. Valid values are: ERROR, WARN, INFO, DEBUG, or DISABLED." + }, + "targetName": { + "type": "string", + "description": "The target name." + }, + "targetType": { + "$ref": "#/types/aws-native:iot:ResourceSpecificLoggingTargetType", + "description": "The target type. Value must be THING_GROUP, CLIENT_ID, SOURCE_IP, PRINCIPAL_ID, or EVENT_TYPE." + } + }, + "outputs": { + "logLevel": { + "$ref": "#/types/aws-native:iot:ResourceSpecificLoggingLogLevel", + "description": "The log level for a specific target. Valid values are: ERROR, WARN, INFO, DEBUG, or DISABLED." + }, + "targetId": { + "type": "string", + "description": "Unique Id for a Target (TargetType:TargetName), this will be internally built to serve as primary identifier for a log target." + }, + "targetName": { + "type": "string", + "description": "The target name.", + "replaceOnChanges": true + }, + "targetType": { + "$ref": "#/types/aws-native:iot:ResourceSpecificLoggingTargetType", + "description": "The target type. Value must be THING_GROUP, CLIENT_ID, SOURCE_IP, PRINCIPAL_ID, or EVENT_TYPE.", + "replaceOnChanges": true + } + }, + "required": [ + "logLevel", + "targetName", + "targetType" + ], + "createOnly": [ + "targetName", + "targetType" + ] + }, + "aws-native:iot:RoleAlias": { + "cf": "AWS::IoT::RoleAlias", + "inputs": { + "credentialDurationSeconds": { + "type": "integer", + "description": "The number of seconds for which the credential is valid." + }, + "roleAlias": { + "type": "string", + "description": "The role alias.", + "language": { + "csharp": { + "name": "RoleAliasValue" + } + } + }, + "roleArn": { + "type": "string", + "description": "The role ARN." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "credentialDurationSeconds": { + "type": "integer", + "description": "The number of seconds for which the credential is valid." + }, + "roleAlias": { + "type": "string", + "description": "The role alias.", + "language": { + "csharp": { + "name": "RoleAliasValue" + } + }, + "replaceOnChanges": true + }, + "roleAliasArn": { + "type": "string", + "description": "The role alias ARN." + }, + "roleArn": { + "type": "string", + "description": "The role ARN." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "required": [ + "roleArn" + ], + "createOnly": [ + "roleAlias" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:ScheduledAudit": { + "cf": "AWS::IoT::ScheduledAudit", + "inputs": { + "dayOfMonth": { + "type": "string", + "description": "The day of the month on which the scheduled audit takes place. Can be 1 through 31 or LAST. This field is required if the frequency parameter is set to MONTHLY." + }, + "dayOfWeek": { + "$ref": "#/types/aws-native:iot:ScheduledAuditDayOfWeek", + "description": "The day of the week on which the scheduled audit takes place. Can be one of SUN, MON, TUE,WED, THU, FRI, or SAT. This field is required if the frequency parameter is set to WEEKLY or BIWEEKLY." + }, + "frequency": { + "$ref": "#/types/aws-native:iot:ScheduledAuditFrequency", + "description": "How often the scheduled audit takes place. Can be one of DAILY, WEEKLY, BIWEEKLY, or MONTHLY." + }, + "scheduledAuditName": { + "type": "string", + "description": "The name you want to give to the scheduled audit." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "targetCheckNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Which checks are performed during the scheduled audit. Checks must be enabled for your account." + } + }, + "outputs": { + "dayOfMonth": { + "type": "string", + "description": "The day of the month on which the scheduled audit takes place. Can be 1 through 31 or LAST. This field is required if the frequency parameter is set to MONTHLY." + }, + "dayOfWeek": { + "$ref": "#/types/aws-native:iot:ScheduledAuditDayOfWeek", + "description": "The day of the week on which the scheduled audit takes place. Can be one of SUN, MON, TUE,WED, THU, FRI, or SAT. This field is required if the frequency parameter is set to WEEKLY or BIWEEKLY." + }, + "frequency": { + "$ref": "#/types/aws-native:iot:ScheduledAuditFrequency", + "description": "How often the scheduled audit takes place. Can be one of DAILY, WEEKLY, BIWEEKLY, or MONTHLY." + }, + "scheduledAuditArn": { + "type": "string", + "description": "The ARN (Amazon resource name) of the scheduled audit." + }, + "scheduledAuditName": { + "type": "string", + "description": "The name you want to give to the scheduled audit.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "targetCheckNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Which checks are performed during the scheduled audit. Checks must be enabled for your account." + } + }, + "autoNamingSpec": { + "sdkName": "scheduledAuditName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "frequency", + "targetCheckNames" + ], + "createOnly": [ + "scheduledAuditName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:SecurityProfile": { + "cf": "AWS::IoT::SecurityProfile", + "inputs": { + "additionalMetricsToRetainV2": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:SecurityProfileMetricToRetain" + }, + "description": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here." + }, + "alertTargets": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iot:SecurityProfileAlertTarget" + }, + "description": "Specifies the destinations to which alerts are sent." + }, + "behaviors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:SecurityProfileBehavior" + }, + "description": "Specifies the behaviors that, when violated by a device (thing), cause an alert." + }, + "metricsExportConfig": { + "$ref": "#/types/aws-native:iot:MetricsExportConfigProperties", + "description": "A structure containing the mqtt topic for metrics export." + }, + "securityProfileDescription": { + "type": "string", + "description": "A description of the security profile." + }, + "securityProfileName": { + "type": "string", + "description": "A unique identifier for the security profile." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that can be used to manage the security profile." + }, + "targetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A set of target ARNs that the security profile is attached to." + } + }, + "outputs": { + "additionalMetricsToRetainV2": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:SecurityProfileMetricToRetain" + }, + "description": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here." + }, + "alertTargets": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iot:SecurityProfileAlertTarget" + }, + "description": "Specifies the destinations to which alerts are sent." + }, + "behaviors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:SecurityProfileBehavior" + }, + "description": "Specifies the behaviors that, when violated by a device (thing), cause an alert." + }, + "metricsExportConfig": { + "$ref": "#/types/aws-native:iot:MetricsExportConfigProperties", + "description": "A structure containing the mqtt topic for metrics export." + }, + "securityProfileArn": { + "type": "string", + "description": "The ARN (Amazon resource name) of the created security profile." + }, + "securityProfileDescription": { + "type": "string", + "description": "A description of the security profile." + }, + "securityProfileName": { + "type": "string", + "description": "A unique identifier for the security profile.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that can be used to manage the security profile." + }, + "targetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A set of target ARNs that the security profile is attached to." + } + }, + "autoNamingSpec": { + "sdkName": "securityProfileName", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "securityProfileName" + ], + "irreversibleNames": { + "additionalMetricsToRetainV2": "AdditionalMetricsToRetainV2" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:SoftwarePackage": { + "cf": "AWS::IoT::SoftwarePackage", + "inputs": { + "description": { + "type": "string" + }, + "packageName": { + "type": "string" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "description": { + "type": "string" + }, + "packageArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the package." + }, + "packageName": { + "type": "string", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "packageName", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "packageName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:SoftwarePackageVersion": { + "cf": "AWS::IoT::SoftwarePackageVersion", + "inputs": { + "attributes": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "description": { + "type": "string" + }, + "packageName": { + "type": "string" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "versionName": { + "type": "string" + } + }, + "outputs": { + "attributes": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "description": { + "type": "string" + }, + "errorReason": { + "type": "string", + "description": "Error reason for a package version failure during creation or update." + }, + "packageName": { + "type": "string", + "replaceOnChanges": true + }, + "packageVersionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the package." + }, + "status": { + "$ref": "#/types/aws-native:iot:SoftwarePackageVersionPackageVersionStatus", + "description": "The status of the package version. For more information, see [Package version lifecycle](https://docs.aws.amazon.com/iot/latest/developerguide/preparing-to-use-software-package-catalog.html#package-version-lifecycle) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "versionName": { + "type": "string", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "versionName", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "packageName" + ], + "createOnly": [ + "packageName", + "versionName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:Thing": { + "cf": "AWS::IoT::Thing", + "inputs": { + "attributePayload": { + "$ref": "#/types/aws-native:iot:ThingAttributePayload", + "description": "A string that contains up to three key value pairs. Maximum length of 800. Duplicates not allowed." + }, + "thingName": { + "type": "string", + "description": "The name of the thing to update.\n\nYou can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS IoT thing, such as `arn:aws:iot:us-east-2:123456789012:thing/MyThing` ." + }, + "attributePayload": { + "$ref": "#/types/aws-native:iot:ThingAttributePayload", + "description": "A string that contains up to three key value pairs. Maximum length of 800. Duplicates not allowed." + }, + "awsId": { + "type": "string", + "description": "The Id of this thing." + }, + "thingName": { + "type": "string", + "description": "The name of the thing to update.\n\nYou can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "thingName", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "thingName" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:iot:ThingGroup": { + "cf": "AWS::IoT::ThingGroup", + "inputs": { + "parentGroupName": { + "type": "string", + "description": "The parent thing group name.\n\nA Dynamic Thing Group does not have `parentGroupName` defined." + }, + "queryString": { + "type": "string", + "description": "The dynamic thing group search query string.\n\nThe `queryString` attribute *is* required for `CreateDynamicThingGroup` . The `queryString` attribute *is not* required for `CreateThingGroup` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "thingGroupName": { + "type": "string", + "description": "The thing group name." + }, + "thingGroupProperties": { + "$ref": "#/types/aws-native:iot:ThingGroupPropertiesProperties", + "description": "Thing group properties." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The thing group ARN." + }, + "awsId": { + "type": "string", + "description": "The thing group ID." + }, + "parentGroupName": { + "type": "string", + "description": "The parent thing group name.\n\nA Dynamic Thing Group does not have `parentGroupName` defined.", + "replaceOnChanges": true + }, + "queryString": { + "type": "string", + "description": "The dynamic thing group search query string.\n\nThe `queryString` attribute *is* required for `CreateDynamicThingGroup` . The `queryString` attribute *is not* required for `CreateThingGroup` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "thingGroupName": { + "type": "string", + "description": "The thing group name.", + "replaceOnChanges": true + }, + "thingGroupProperties": { + "$ref": "#/types/aws-native:iot:ThingGroupPropertiesProperties", + "description": "Thing group properties." + } + }, + "autoNamingSpec": { + "sdkName": "thingGroupName", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "parentGroupName", + "thingGroupName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:ThingType": { + "cf": "AWS::IoT::ThingType", + "inputs": { + "deprecateThingType": { + "type": "boolean", + "description": "Deprecates a thing type. You can not associate new things with deprecated thing type.\n\nRequires permission to access the [DeprecateThingType](https://docs.aws.amazon.com//service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions) action." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "thingTypeName": { + "type": "string", + "description": "The name of the thing type." + }, + "thingTypeProperties": { + "$ref": "#/types/aws-native:iot:ThingTypePropertiesProperties", + "description": "The thing type properties for the thing type to create. It contains information about the new thing type including a description, and a list of searchable thing attribute names. `ThingTypeProperties` can't be updated after the initial creation of the `ThingType` ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The thing type arn." + }, + "awsId": { + "type": "string", + "description": "The thing type id." + }, + "deprecateThingType": { + "type": "boolean", + "description": "Deprecates a thing type. You can not associate new things with deprecated thing type.\n\nRequires permission to access the [DeprecateThingType](https://docs.aws.amazon.com//service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions) action." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "thingTypeName": { + "type": "string", + "description": "The name of the thing type.", + "replaceOnChanges": true + }, + "thingTypeProperties": { + "$ref": "#/types/aws-native:iot:ThingTypePropertiesProperties", + "description": "The thing type properties for the thing type to create. It contains information about the new thing type including a description, and a list of searchable thing attribute names. `ThingTypeProperties` can't be updated after the initial creation of the `ThingType` .", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "thingTypeName", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "thingTypeName", + "thingTypeProperties" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:TopicRule": { + "cf": "AWS::IoT::TopicRule", + "inputs": { + "ruleName": { + "type": "string", + "description": "The name of the rule.\n\n*Pattern* : `^[a-zA-Z0-9_]+$`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the topic rule.\n\n\u003e For URI Request parameters use format: ...key1=value1\u0026key2=value2...\n\u003e \n\u003e For the CLI command-line parameter use format: --tags \"key1=value1\u0026key2=value2...\"\n\u003e \n\u003e For the cli-input-json file use format: \"tags\": \"key1=value1\u0026key2=value2...\"" + }, + "topicRulePayload": { + "$ref": "#/types/aws-native:iot:TopicRulePayload", + "description": "The rule payload." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS IoT rule, such as `arn:aws:iot:us-east-2:123456789012:rule/MyIoTRule` ." + }, + "ruleName": { + "type": "string", + "description": "The name of the rule.\n\n*Pattern* : `^[a-zA-Z0-9_]+$`", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the topic rule.\n\n\u003e For URI Request parameters use format: ...key1=value1\u0026key2=value2...\n\u003e \n\u003e For the CLI command-line parameter use format: --tags \"key1=value1\u0026key2=value2...\"\n\u003e \n\u003e For the cli-input-json file use format: \"tags\": \"key1=value1\u0026key2=value2...\"" + }, + "topicRulePayload": { + "$ref": "#/types/aws-native:iot:TopicRulePayload", + "description": "The rule payload." + } + }, + "autoNamingSpec": { + "sdkName": "ruleName" + }, + "required": [ + "topicRulePayload" + ], + "createOnly": [ + "ruleName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iot:TopicRuleDestination": { + "cf": "AWS::IoT::TopicRuleDestination", + "inputs": { + "httpUrlProperties": { + "$ref": "#/types/aws-native:iot:TopicRuleDestinationHttpUrlDestinationSummary", + "description": "HTTP URL destination properties." + }, + "status": { + "$ref": "#/types/aws-native:iot:TopicRuleDestinationStatus", + "description": "The status of the TopicRuleDestination." + }, + "vpcProperties": { + "$ref": "#/types/aws-native:iot:TopicRuleDestinationVpcDestinationProperties", + "description": "VPC destination properties." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Amazon Resource Name (ARN)." + }, + "httpUrlProperties": { + "$ref": "#/types/aws-native:iot:TopicRuleDestinationHttpUrlDestinationSummary", + "description": "HTTP URL destination properties.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:iot:TopicRuleDestinationStatus", + "description": "The status of the TopicRuleDestination." + }, + "statusReason": { + "type": "string", + "description": "The reasoning for the current status of the TopicRuleDestination." + }, + "vpcProperties": { + "$ref": "#/types/aws-native:iot:TopicRuleDestinationVpcDestinationProperties", + "description": "VPC destination properties.", + "replaceOnChanges": true + } + }, + "createOnly": [ + "httpUrlProperties", + "vpcProperties" + ] + }, + "aws-native:iotanalytics:Channel": { + "cf": "AWS::IoTAnalytics::Channel", + "inputs": { + "channelName": { + "type": "string", + "description": "The name of the channel." + }, + "channelStorage": { + "$ref": "#/types/aws-native:iotanalytics:ChannelStorage", + "description": "Where channel data is stored." + }, + "retentionPeriod": { + "$ref": "#/types/aws-native:iotanalytics:ChannelRetentionPeriod", + "description": "How long, in days, message data is kept for the channel." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the channel.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "awsId": { + "type": "string" + }, + "channelName": { + "type": "string", + "description": "The name of the channel.", + "replaceOnChanges": true + }, + "channelStorage": { + "$ref": "#/types/aws-native:iotanalytics:ChannelStorage", + "description": "Where channel data is stored." + }, + "retentionPeriod": { + "$ref": "#/types/aws-native:iotanalytics:ChannelRetentionPeriod", + "description": "How long, in days, message data is kept for the channel." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the channel.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "channelName", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "channelName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotanalytics:Dataset": { + "cf": "AWS::IoTAnalytics::Dataset", + "inputs": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatasetAction" + }, + "description": "The `DatasetAction` objects that automatically create the dataset contents." + }, + "contentDeliveryRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatasetContentDeliveryRule" + }, + "description": "When dataset contents are created they are delivered to destinations specified here." + }, + "datasetName": { + "type": "string", + "description": "The name of the dataset." + }, + "lateDataRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatasetLateDataRule" + }, + "description": "A list of data rules that send notifications to CloudWatch, when data arrives late. To specify `lateDataRules` , the dataset must use a [DeltaTimer](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeltaTime.html) filter." + }, + "retentionPeriod": { + "$ref": "#/types/aws-native:iotanalytics:DatasetRetentionPeriod", + "description": "Optional. How long, in days, message data is kept for the dataset." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the data set.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "triggers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatasetTrigger" + }, + "description": "The `DatasetTrigger` objects that specify when the dataset is automatically updated." + }, + "versioningConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatasetVersioningConfiguration", + "description": "Optional. How many versions of dataset contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the `retentionPeriod` parameter. For more information, see [Keeping Multiple Versions of AWS IoT Analytics datasets](https://docs.aws.amazon.com/iotanalytics/latest/userguide/getting-started.html#aws-iot-analytics-dataset-versions) in the *AWS IoT Analytics User Guide* ." + } + }, + "outputs": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatasetAction" + }, + "description": "The `DatasetAction` objects that automatically create the dataset contents." + }, + "awsId": { + "type": "string" + }, + "contentDeliveryRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatasetContentDeliveryRule" + }, + "description": "When dataset contents are created they are delivered to destinations specified here." + }, + "datasetName": { + "type": "string", + "description": "The name of the dataset.", + "replaceOnChanges": true + }, + "lateDataRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatasetLateDataRule" + }, + "description": "A list of data rules that send notifications to CloudWatch, when data arrives late. To specify `lateDataRules` , the dataset must use a [DeltaTimer](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeltaTime.html) filter." + }, + "retentionPeriod": { + "$ref": "#/types/aws-native:iotanalytics:DatasetRetentionPeriod", + "description": "Optional. How long, in days, message data is kept for the dataset." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the data set.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "triggers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatasetTrigger" + }, + "description": "The `DatasetTrigger` objects that specify when the dataset is automatically updated." + }, + "versioningConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatasetVersioningConfiguration", + "description": "Optional. How many versions of dataset contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the `retentionPeriod` parameter. For more information, see [Keeping Multiple Versions of AWS IoT Analytics datasets](https://docs.aws.amazon.com/iotanalytics/latest/userguide/getting-started.html#aws-iot-analytics-dataset-versions) in the *AWS IoT Analytics User Guide* ." + } + }, + "autoNamingSpec": { + "sdkName": "datasetName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "actions" + ], + "createOnly": [ + "datasetName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotanalytics:Datastore": { + "cf": "AWS::IoTAnalytics::Datastore", + "inputs": { + "datastoreName": { + "type": "string", + "description": "The name of the data store." + }, + "datastorePartitions": { + "$ref": "#/types/aws-native:iotanalytics:DatastorePartitions", + "description": "Information about the partition dimensions in a data store." + }, + "datastoreStorage": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreStorage", + "description": "Where data store data is stored." + }, + "fileFormatConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreFileFormatConfiguration", + "description": "Contains the configuration information of file formats. AWS IoT Analytics data stores support JSON and [Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/) .\n\nThe default file format is JSON. You can specify only one format.\n\nYou can't change the file format after you create the data store." + }, + "retentionPeriod": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreRetentionPeriod", + "description": "How long, in days, message data is kept for the data store. When `customerManagedS3` storage is selected, this parameter is ignored." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the data store.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "awsId": { + "type": "string" + }, + "datastoreName": { + "type": "string", + "description": "The name of the data store.", + "replaceOnChanges": true + }, + "datastorePartitions": { + "$ref": "#/types/aws-native:iotanalytics:DatastorePartitions", + "description": "Information about the partition dimensions in a data store." + }, + "datastoreStorage": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreStorage", + "description": "Where data store data is stored." + }, + "fileFormatConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreFileFormatConfiguration", + "description": "Contains the configuration information of file formats. AWS IoT Analytics data stores support JSON and [Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/) .\n\nThe default file format is JSON. You can specify only one format.\n\nYou can't change the file format after you create the data store." + }, + "retentionPeriod": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreRetentionPeriod", + "description": "How long, in days, message data is kept for the data store. When `customerManagedS3` storage is selected, this parameter is ignored." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the data store.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "datastoreName", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "datastoreName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotanalytics:Pipeline": { + "cf": "AWS::IoTAnalytics::Pipeline", + "inputs": { + "pipelineActivities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:PipelineActivity" + }, + "description": "A list of \"PipelineActivity\" objects. Activities perform transformations on your messages, such as removing, renaming or adding message attributes; filtering messages based on attribute values; invoking your Lambda functions on messages for advanced processing; or performing mathematical transformations to normalize device data.\n\nThe list can be 2-25 *PipelineActivity* objects and must contain both a `channel` and a `datastore` activity. Each entry in the list must contain only one activity, for example:\n\n`pipelineActivities = [ { \"channel\": { ... } }, { \"lambda\": { ... } }, ... ]`" + }, + "pipelineName": { + "type": "string", + "description": "The name of the pipeline." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the pipeline.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "awsId": { + "type": "string" + }, + "pipelineActivities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:PipelineActivity" + }, + "description": "A list of \"PipelineActivity\" objects. Activities perform transformations on your messages, such as removing, renaming or adding message attributes; filtering messages based on attribute values; invoking your Lambda functions on messages for advanced processing; or performing mathematical transformations to normalize device data.\n\nThe list can be 2-25 *PipelineActivity* objects and must contain both a `channel` and a `datastore` activity. Each entry in the list must contain only one activity, for example:\n\n`pipelineActivities = [ { \"channel\": { ... } }, { \"lambda\": { ... } }, ... ]`" + }, + "pipelineName": { + "type": "string", + "description": "The name of the pipeline.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata which can be used to manage the pipeline.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "pipelineName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "pipelineActivities" + ], + "createOnly": [ + "pipelineName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotcoredeviceadvisor:SuiteDefinition": { + "cf": "AWS::IoTCoreDeviceAdvisor::SuiteDefinition", + "inputs": { + "suiteDefinitionConfiguration": { + "$ref": "#/types/aws-native:iotcoredeviceadvisor:SuiteDefinitionConfigurationProperties", + "description": "The configuration of the Suite Definition. Listed below are the required elements of the `SuiteDefinitionConfiguration` .\n\n- ***devicePermissionRoleArn*** - The device permission arn.\n\nThis is a required element.\n\n*Type:* String\n- ***devices*** - The list of configured devices under test. For more information on devices under test, see [DeviceUnderTest](https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeviceUnderTest.html)\n\nNot a required element.\n\n*Type:* List of devices under test\n- ***intendedForQualification*** - The tests intended for qualification in a suite.\n\nNot a required element.\n\n*Type:* Boolean\n- ***rootGroup*** - The test suite root group. For more information on creating and using root groups see the [Device Advisor workflow](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-workflow.html) .\n\nThis is a required element.\n\n*Type:* String\n- ***suiteDefinitionName*** - The Suite Definition Configuration name.\n\nThis is a required element.\n\n*Type:* String" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "suiteDefinitionArn": { + "type": "string", + "description": "The Amazon Resource name for the suite definition." + }, + "suiteDefinitionConfiguration": { + "$ref": "#/types/aws-native:iotcoredeviceadvisor:SuiteDefinitionConfigurationProperties", + "description": "The configuration of the Suite Definition. Listed below are the required elements of the `SuiteDefinitionConfiguration` .\n\n- ***devicePermissionRoleArn*** - The device permission arn.\n\nThis is a required element.\n\n*Type:* String\n- ***devices*** - The list of configured devices under test. For more information on devices under test, see [DeviceUnderTest](https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeviceUnderTest.html)\n\nNot a required element.\n\n*Type:* List of devices under test\n- ***intendedForQualification*** - The tests intended for qualification in a suite.\n\nNot a required element.\n\n*Type:* Boolean\n- ***rootGroup*** - The test suite root group. For more information on creating and using root groups see the [Device Advisor workflow](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-workflow.html) .\n\nThis is a required element.\n\n*Type:* String\n- ***suiteDefinitionName*** - The Suite Definition Configuration name.\n\nThis is a required element.\n\n*Type:* String" + }, + "suiteDefinitionId": { + "type": "string", + "description": "The unique identifier for the suite definition." + }, + "suiteDefinitionVersion": { + "type": "string", + "description": "The suite definition version of a test suite." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "suiteDefinitionConfiguration" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotevents:AlarmModel": { + "cf": "AWS::IoTEvents::AlarmModel", + "inputs": { + "alarmCapabilities": { + "$ref": "#/types/aws-native:iotevents:AlarmModelAlarmCapabilities", + "description": "Contains the configuration information of alarm state changes." + }, + "alarmEventActions": { + "$ref": "#/types/aws-native:iotevents:AlarmModelAlarmEventActions", + "description": "Contains information about one or more alarm actions." + }, + "alarmModelDescription": { + "type": "string", + "description": "A brief description of the alarm model." + }, + "alarmModelName": { + "type": "string", + "description": "The name of the alarm model." + }, + "alarmRule": { + "$ref": "#/types/aws-native:iotevents:AlarmModelAlarmRule", + "description": "Defines when your alarm is invoked." + }, + "key": { + "type": "string", + "description": "The value used to identify a alarm instance. When a device or system sends input, a new alarm instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding alarm instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct alarm instance, the device must send a message payload that contains the same attribute-value." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants permission to AWS IoT Events to perform its operations." + }, + "severity": { + "type": "integer", + "description": "A non-negative integer that reflects the severity level of the alarm.\n\n" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "outputs": { + "alarmCapabilities": { + "$ref": "#/types/aws-native:iotevents:AlarmModelAlarmCapabilities", + "description": "Contains the configuration information of alarm state changes." + }, + "alarmEventActions": { + "$ref": "#/types/aws-native:iotevents:AlarmModelAlarmEventActions", + "description": "Contains information about one or more alarm actions." + }, + "alarmModelDescription": { + "type": "string", + "description": "A brief description of the alarm model." + }, + "alarmModelName": { + "type": "string", + "description": "The name of the alarm model.", + "replaceOnChanges": true + }, + "alarmRule": { + "$ref": "#/types/aws-native:iotevents:AlarmModelAlarmRule", + "description": "Defines when your alarm is invoked." + }, + "key": { + "type": "string", + "description": "The value used to identify a alarm instance. When a device or system sends input, a new alarm instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding alarm instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct alarm instance, the device must send a message payload that contains the same attribute-value.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants permission to AWS IoT Events to perform its operations." + }, + "severity": { + "type": "integer", + "description": "A non-negative integer that reflects the severity level of the alarm.\n\n" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "autoNamingSpec": { + "sdkName": "alarmModelName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "alarmRule", + "roleArn" + ], + "createOnly": [ + "alarmModelName", + "key" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotevents:DetectorModel": { + "cf": "AWS::IoTEvents::DetectorModel", + "inputs": { + "detectorModelDefinition": { + "$ref": "#/types/aws-native:iotevents:DetectorModelDefinition", + "description": "Information that defines how a detector operates." + }, + "detectorModelDescription": { + "type": "string", + "description": "A brief description of the detector model." + }, + "detectorModelName": { + "type": "string", + "description": "The name of the detector model." + }, + "evaluationMethod": { + "$ref": "#/types/aws-native:iotevents:DetectorModelEvaluationMethod", + "description": "Information about the order in which events are evaluated and how actions are executed." + }, + "key": { + "type": "string", + "description": "The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants permission to AWS IoT Events to perform its operations." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "outputs": { + "detectorModelDefinition": { + "$ref": "#/types/aws-native:iotevents:DetectorModelDefinition", + "description": "Information that defines how a detector operates." + }, + "detectorModelDescription": { + "type": "string", + "description": "A brief description of the detector model." + }, + "detectorModelName": { + "type": "string", + "description": "The name of the detector model.", + "replaceOnChanges": true + }, + "evaluationMethod": { + "$ref": "#/types/aws-native:iotevents:DetectorModelEvaluationMethod", + "description": "Information about the order in which events are evaluated and how actions are executed." + }, + "key": { + "type": "string", + "description": "The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants permission to AWS IoT Events to perform its operations." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "autoNamingSpec": { + "sdkName": "detectorModelName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "detectorModelDefinition", + "roleArn" + ], + "createOnly": [ + "detectorModelName", + "key" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotevents:Input": { + "cf": "AWS::IoTEvents::Input", + "inputs": { + "inputDefinition": { + "$ref": "#/types/aws-native:iotevents:InputDefinition", + "description": "The definition of the input." + }, + "inputDescription": { + "type": "string", + "description": "A brief description of the input." + }, + "inputName": { + "type": "string", + "description": "The name of the input." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "outputs": { + "inputDefinition": { + "$ref": "#/types/aws-native:iotevents:InputDefinition", + "description": "The definition of the input." + }, + "inputDescription": { + "type": "string", + "description": "A brief description of the input." + }, + "inputName": { + "type": "string", + "description": "The name of the input.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "autoNamingSpec": { + "sdkName": "inputName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "inputDefinition" + ], + "createOnly": [ + "inputName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotfleethub:Application": { + "cf": "AWS::IoTFleetHub::Application", + "inputs": { + "applicationDescription": { + "type": "string", + "description": "Application Description, should be between 1 and 2048 characters." + }, + "applicationName": { + "type": "string", + "description": "Application Name, should be between 1 and 256 characters." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that the web application assumes when it interacts with AWS IoT Core. For more info on configuring this attribute, see https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_CreateApplication.html#API_iotfleethub_CreateApplication_RequestSyntax" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the application." + } + }, + "outputs": { + "applicationArn": { + "type": "string", + "description": "The ARN of the application." + }, + "applicationCreationDate": { + "type": "integer", + "description": "When the Application was created" + }, + "applicationDescription": { + "type": "string", + "description": "Application Description, should be between 1 and 2048 characters." + }, + "applicationId": { + "type": "string", + "description": "The ID of the application." + }, + "applicationLastUpdateDate": { + "type": "integer", + "description": "When the Application was last updated" + }, + "applicationName": { + "type": "string", + "description": "Application Name, should be between 1 and 256 characters." + }, + "applicationState": { + "type": "string", + "description": "The current state of the application." + }, + "applicationUrl": { + "type": "string", + "description": "The URL of the application." + }, + "errorMessage": { + "type": "string", + "description": "A message indicating why Create or Delete Application failed." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that the web application assumes when it interacts with AWS IoT Core. For more info on configuring this attribute, see https://docs.aws.amazon.com/iot/latest/apireference/API_iotfleethub_CreateApplication.html#API_iotfleethub_CreateApplication_RequestSyntax" + }, + "ssoClientId": { + "type": "string", + "description": "The AWS SSO application generated client ID (used with AWS SSO APIs)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the application." + } + }, + "autoNamingSpec": { + "sdkName": "applicationName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "roleArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotsitewise:AccessPolicy": { + "cf": "AWS::IoTSiteWise::AccessPolicy", + "inputs": { + "accessPolicyIdentity": { + "$ref": "#/types/aws-native:iotsitewise:AccessPolicyIdentity", + "description": "The identity for this access policy. Choose either a user or a group but not both." + }, + "accessPolicyPermission": { + "type": "string", + "description": "The permission level for this access policy. Valid values are ADMINISTRATOR or VIEWER." + }, + "accessPolicyResource": { + "$ref": "#/types/aws-native:iotsitewise:AccessPolicyResource", + "description": "The AWS IoT SiteWise Monitor resource for this access policy. Choose either portal or project but not both." + } + }, + "outputs": { + "accessPolicyArn": { + "type": "string", + "description": "The ARN of the access policy." + }, + "accessPolicyId": { + "type": "string", + "description": "The ID of the access policy." + }, + "accessPolicyIdentity": { + "$ref": "#/types/aws-native:iotsitewise:AccessPolicyIdentity", + "description": "The identity for this access policy. Choose either a user or a group but not both." + }, + "accessPolicyPermission": { + "type": "string", + "description": "The permission level for this access policy. Valid values are ADMINISTRATOR or VIEWER." + }, + "accessPolicyResource": { + "$ref": "#/types/aws-native:iotsitewise:AccessPolicyResource", + "description": "The AWS IoT SiteWise Monitor resource for this access policy. Choose either portal or project but not both." + } + }, + "required": [ + "accessPolicyIdentity", + "accessPolicyPermission", + "accessPolicyResource" + ] + }, + "aws-native:iotsitewise:Asset": { + "cf": "AWS::IoTSiteWise::Asset", + "inputs": { + "assetDescription": { + "type": "string", + "description": "A description for the asset" + }, + "assetExternalId": { + "type": "string", + "description": "The External ID of the asset" + }, + "assetHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetHierarchy" + }, + "description": "A list of asset hierarchies that each contain a `hierarchyId` . A hierarchy specifies allowed parent/child asset relationships." + }, + "assetModelId": { + "type": "string", + "description": "The ID of the asset model from which to create the asset." + }, + "assetName": { + "type": "string", + "description": "A unique, friendly name for the asset." + }, + "assetProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetProperty" + }, + "description": "The list of asset properties for the asset.\n\nThis object doesn't include properties that you define in composite models. You can find composite model properties in the `assetCompositeModels` object." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset." + } + }, + "outputs": { + "assetArn": { + "type": "string", + "description": "The ARN of the asset" + }, + "assetDescription": { + "type": "string", + "description": "A description for the asset" + }, + "assetExternalId": { + "type": "string", + "description": "The External ID of the asset" + }, + "assetHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetHierarchy" + }, + "description": "A list of asset hierarchies that each contain a `hierarchyId` . A hierarchy specifies allowed parent/child asset relationships." + }, + "assetId": { + "type": "string", + "description": "The ID of the asset" + }, + "assetModelId": { + "type": "string", + "description": "The ID of the asset model from which to create the asset." + }, + "assetName": { + "type": "string", + "description": "A unique, friendly name for the asset." + }, + "assetProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetProperty" + }, + "description": "The list of asset properties for the asset.\n\nThis object doesn't include properties that you define in composite models. You can find composite model properties in the `assetCompositeModels` object." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset." + } + }, + "autoNamingSpec": { + "sdkName": "assetName" + }, + "required": [ + "assetModelId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotsitewise:AssetModel": { + "cf": "AWS::IoTSiteWise::AssetModel", + "inputs": { + "assetModelCompositeModels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelCompositeModel" + }, + "description": "The composite asset models that are part of this asset model. Composite asset models are asset models that contain specific properties." + }, + "assetModelDescription": { + "type": "string", + "description": "A description for the asset model." + }, + "assetModelExternalId": { + "type": "string", + "description": "The external ID of the asset model." + }, + "assetModelHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelHierarchy" + }, + "description": "The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. You can specify up to 10 hierarchies per asset model." + }, + "assetModelName": { + "type": "string", + "description": "A unique, friendly name for the asset model." + }, + "assetModelProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelProperty" + }, + "description": "The property definitions of the asset model. You can specify up to 200 properties per asset model." + }, + "assetModelType": { + "type": "string", + "description": "The type of the asset model (ASSET_MODEL OR COMPONENT_MODEL)" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + } + }, + "outputs": { + "assetModelArn": { + "type": "string", + "description": "The ARN of the asset model, which has the following format." + }, + "assetModelCompositeModels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelCompositeModel" + }, + "description": "The composite asset models that are part of this asset model. Composite asset models are asset models that contain specific properties." + }, + "assetModelDescription": { + "type": "string", + "description": "A description for the asset model." + }, + "assetModelExternalId": { + "type": "string", + "description": "The external ID of the asset model." + }, + "assetModelHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelHierarchy" + }, + "description": "The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. You can specify up to 10 hierarchies per asset model." + }, + "assetModelId": { + "type": "string", + "description": "The ID of the asset model." + }, + "assetModelName": { + "type": "string", + "description": "A unique, friendly name for the asset model." + }, + "assetModelProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelProperty" + }, + "description": "The property definitions of the asset model. You can specify up to 200 properties per asset model." + }, + "assetModelType": { + "type": "string", + "description": "The type of the asset model (ASSET_MODEL OR COMPONENT_MODEL)", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + } + }, + "autoNamingSpec": { + "sdkName": "assetModelName" + }, + "createOnly": [ + "assetModelType" + ], + "writeOnly": [ + "assetModelCompositeModels/*/CompositeModelProperties/*/DataTypeSpec", + "assetModelCompositeModels/*/CompositeModelProperties/*/Type/Metric/Variables/*/Value/HierarchyId", + "assetModelCompositeModels/*/CompositeModelProperties/*/Type/Metric/Variables/*/Value/PropertyPath/*/Name", + "assetModelCompositeModels/*/CompositeModelProperties/*/Type/Transform/Variables/*/Value/HierarchyExternalId", + "assetModelCompositeModels/*/CompositeModelProperties/*/Type/Transform/Variables/*/Value/HierarchyId", + "assetModelCompositeModels/*/CompositeModelProperties/*/Type/Transform/Variables/*/Value/HierarchyLogicalId", + "assetModelCompositeModels/*/CompositeModelProperties/*/Type/Transform/Variables/*/Value/PropertyPath/*/Name", + "assetModelProperties/*/DataTypeSpec", + "assetModelProperties/*/Type/Metric/Variables/*/Value/HierarchyId", + "assetModelProperties/*/Type/Metric/Variables/*/Value/PropertyPath/*/Name", + "assetModelProperties/*/Type/Transform/Variables/*/Value/HierarchyExternalId", + "assetModelProperties/*/Type/Transform/Variables/*/Value/HierarchyId", + "assetModelProperties/*/Type/Transform/Variables/*/Value/HierarchyLogicalId", + "assetModelProperties/*/Type/Transform/Variables/*/Value/PropertyPath/*/Name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotsitewise:Dashboard": { + "cf": "AWS::IoTSiteWise::Dashboard", + "inputs": { + "dashboardDefinition": { + "type": "string", + "description": "The dashboard definition specified in a JSON literal." + }, + "dashboardDescription": { + "type": "string", + "description": "A description for the dashboard." + }, + "dashboardName": { + "type": "string", + "description": "A friendly name for the dashboard." + }, + "projectId": { + "type": "string", + "description": "The ID of the project in which to create the dashboard." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the dashboard." + } + }, + "outputs": { + "dashboardArn": { + "type": "string", + "description": "The ARN of the dashboard." + }, + "dashboardDefinition": { + "type": "string", + "description": "The dashboard definition specified in a JSON literal." + }, + "dashboardDescription": { + "type": "string", + "description": "A description for the dashboard." + }, + "dashboardId": { + "type": "string", + "description": "The ID of the dashboard." + }, + "dashboardName": { + "type": "string", + "description": "A friendly name for the dashboard." + }, + "projectId": { + "type": "string", + "description": "The ID of the project in which to create the dashboard.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the dashboard." + } + }, + "autoNamingSpec": { + "sdkName": "dashboardName" + }, + "required": [ + "dashboardDefinition", + "dashboardDescription" + ], + "createOnly": [ + "projectId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotsitewise:Gateway": { + "cf": "AWS::IoTSiteWise::Gateway", + "inputs": { + "gatewayCapabilitySummaries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:GatewayCapabilitySummary" + }, + "description": "A list of gateway capability summaries that each contain a namespace and status." + }, + "gatewayName": { + "type": "string", + "description": "A unique, friendly name for the gateway." + }, + "gatewayPlatform": { + "$ref": "#/types/aws-native:iotsitewise:GatewayPlatform", + "description": "The gateway's platform. You can only specify one platform in a gateway." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the gateway." + } + }, + "outputs": { + "gatewayCapabilitySummaries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:GatewayCapabilitySummary" + }, + "description": "A list of gateway capability summaries that each contain a namespace and status." + }, + "gatewayId": { + "type": "string", + "description": "The ID of the gateway device." + }, + "gatewayName": { + "type": "string", + "description": "A unique, friendly name for the gateway." + }, + "gatewayPlatform": { + "$ref": "#/types/aws-native:iotsitewise:GatewayPlatform", + "description": "The gateway's platform. You can only specify one platform in a gateway.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the gateway." + } + }, + "autoNamingSpec": { + "sdkName": "gatewayName" + }, + "required": [ + "gatewayPlatform" + ], + "createOnly": [ + "gatewayPlatform" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotsitewise:Portal": { + "cf": "AWS::IoTSiteWise::Portal", + "inputs": { + "alarms": { + "$ref": "#/types/aws-native:iotsitewise:AlarmsProperties", + "description": "Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range." + }, + "notificationSenderEmail": { + "type": "string", + "description": "The email address that sends alarm notifications." + }, + "portalAuthMode": { + "type": "string", + "description": "The service to use to authenticate users to the portal. Choose from SSO or IAM. You can't change this value after you create a portal." + }, + "portalContactEmail": { + "type": "string", + "description": "The AWS administrator's contact email address." + }, + "portalDescription": { + "type": "string", + "description": "A description for the portal." + }, + "portalName": { + "type": "string", + "description": "A friendly name for the portal." + }, + "roleArn": { + "type": "string", + "description": "The ARN of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the portal." + } + }, + "outputs": { + "alarms": { + "$ref": "#/types/aws-native:iotsitewise:AlarmsProperties", + "description": "Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range." + }, + "notificationSenderEmail": { + "type": "string", + "description": "The email address that sends alarm notifications." + }, + "portalArn": { + "type": "string", + "description": "The ARN of the portal, which has the following format." + }, + "portalAuthMode": { + "type": "string", + "description": "The service to use to authenticate users to the portal. Choose from SSO or IAM. You can't change this value after you create a portal.", + "replaceOnChanges": true + }, + "portalClientId": { + "type": "string", + "description": "The AWS SSO application generated client ID (used with AWS SSO APIs)." + }, + "portalContactEmail": { + "type": "string", + "description": "The AWS administrator's contact email address." + }, + "portalDescription": { + "type": "string", + "description": "A description for the portal." + }, + "portalId": { + "type": "string", + "description": "The ID of the portal." + }, + "portalName": { + "type": "string", + "description": "A friendly name for the portal." + }, + "portalStartUrl": { + "type": "string", + "description": "The public root URL for the AWS IoT AWS IoT SiteWise Monitor application portal." + }, + "roleArn": { + "type": "string", + "description": "The ARN of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the portal." + } + }, + "autoNamingSpec": { + "sdkName": "portalName" + }, + "required": [ + "portalContactEmail", + "roleArn" + ], + "createOnly": [ + "portalAuthMode" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotsitewise:Project": { + "cf": "AWS::IoTSiteWise::Project", + "inputs": { + "assetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the assets to be associated to the project." + }, + "portalId": { + "type": "string", + "description": "The ID of the portal in which to create the project." + }, + "projectDescription": { + "type": "string", + "description": "A description for the project." + }, + "projectName": { + "type": "string", + "description": "A friendly name for the project." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the project." + } + }, + "outputs": { + "assetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the assets to be associated to the project." + }, + "portalId": { + "type": "string", + "description": "The ID of the portal in which to create the project.", + "replaceOnChanges": true + }, + "projectArn": { + "type": "string", + "description": "The ARN of the project." + }, + "projectDescription": { + "type": "string", + "description": "A description for the project." + }, + "projectId": { + "type": "string", + "description": "The ID of the project." + }, + "projectName": { + "type": "string", + "description": "A friendly name for the project." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the project." + } + }, + "autoNamingSpec": { + "sdkName": "projectName" + }, + "required": [ + "portalId" + ], + "createOnly": [ + "portalId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iottwinmaker:ComponentType": { + "cf": "AWS::IoTTwinMaker::ComponentType", + "inputs": { + "componentTypeId": { + "type": "string", + "description": "The ID of the component type." + }, + "compositeComponentTypes": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeCompositeComponentType" + }, + "description": "An map of the composite component types in the component type. Each composite component type's key must be unique to this map." + }, + "description": { + "type": "string", + "description": "The description of the component type." + }, + "extendsFrom": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the parent component type to extend." + }, + "functions": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeFunction" + }, + "description": "a Map of functions in the component type. Each function's key must be unique to this map." + }, + "isSingleton": { + "type": "boolean", + "description": "A Boolean value that specifies whether an entity can have more than one component of this type." + }, + "propertyDefinitions": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypePropertyDefinition" + }, + "description": "An map of the property definitions in the component type. Each property definition's key must be unique to this map." + }, + "propertyGroups": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypePropertyGroup" + }, + "description": "An map of the property groups in the component type. Each property group's key must be unique to this map." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of key-value pairs to associate with a resource." + }, + "workspaceId": { + "type": "string", + "description": "The ID of the workspace that contains the component type." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the component type." + }, + "componentTypeId": { + "type": "string", + "description": "The ID of the component type.", + "replaceOnChanges": true + }, + "compositeComponentTypes": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeCompositeComponentType" + }, + "description": "An map of the composite component types in the component type. Each composite component type's key must be unique to this map." + }, + "creationDateTime": { + "type": "string", + "description": "The date and time when the component type was created." + }, + "description": { + "type": "string", + "description": "The description of the component type." + }, + "extendsFrom": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the parent component type to extend." + }, + "functions": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeFunction" + }, + "description": "a Map of functions in the component type. Each function's key must be unique to this map." + }, + "isAbstract": { + "type": "boolean", + "description": "A Boolean value that specifies whether the component type is abstract." + }, + "isSchemaInitialized": { + "type": "boolean", + "description": "A Boolean value that specifies whether the component type has a schema initializer and that the schema initializer has run." + }, + "isSingleton": { + "type": "boolean", + "description": "A Boolean value that specifies whether an entity can have more than one component of this type." + }, + "propertyDefinitions": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypePropertyDefinition" + }, + "description": "An map of the property definitions in the component type. Each property definition's key must be unique to this map." + }, + "propertyGroups": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypePropertyGroup" + }, + "description": "An map of the property groups in the component type. Each property group's key must be unique to this map." + }, + "status": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeStatus", + "description": "The current status of the component type." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of key-value pairs to associate with a resource." + }, + "updateDateTime": { + "type": "string", + "description": "The last date and time when the component type was updated." + }, + "workspaceId": { + "type": "string", + "description": "The ID of the workspace that contains the component type.", + "replaceOnChanges": true + } + }, + "required": [ + "componentTypeId", + "workspaceId" + ], + "createOnly": [ + "componentTypeId", + "workspaceId" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:iottwinmaker:Entity": { + "cf": "AWS::IoTTwinMaker::Entity", + "inputs": { + "components": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:EntityComponent" + }, + "description": "A map that sets information about a component type." + }, + "compositeComponents": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:EntityCompositeComponent" + }, + "description": "A map that sets information about a composite component." + }, + "description": { + "type": "string", + "description": "The description of the entity." + }, + "entityId": { + "type": "string", + "description": "The ID of the entity." + }, + "entityName": { + "type": "string", + "description": "The name of the entity." + }, + "parentEntityId": { + "type": "string", + "description": "The ID of the parent entity." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + }, + "workspaceId": { + "type": "string", + "description": "The ID of the workspace." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the entity." + }, + "components": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:EntityComponent" + }, + "description": "A map that sets information about a component type." + }, + "compositeComponents": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:EntityCompositeComponent" + }, + "description": "A map that sets information about a composite component." + }, + "creationDateTime": { + "type": "string", + "description": "The date and time when the entity was created." + }, + "description": { + "type": "string", + "description": "The description of the entity." + }, + "entityId": { + "type": "string", + "description": "The ID of the entity.", + "replaceOnChanges": true + }, + "entityName": { + "type": "string", + "description": "The name of the entity." + }, + "hasChildEntities": { + "type": "boolean", + "description": "A Boolean value that specifies whether the entity has child entities or not." + }, + "parentEntityId": { + "type": "string", + "description": "The ID of the parent entity." + }, + "status": { + "$ref": "#/types/aws-native:iottwinmaker:EntityStatus", + "description": "The current status of the entity." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + }, + "updateDateTime": { + "type": "string", + "description": "The last date and time when the entity was updated." + }, + "workspaceId": { + "type": "string", + "description": "The ID of the workspace.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "entityName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "workspaceId" + ], + "createOnly": [ + "entityId", + "workspaceId" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:iottwinmaker:Scene": { + "cf": "AWS::IoTTwinMaker::Scene", + "inputs": { + "capabilities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of capabilities that the scene uses to render." + }, + "contentLocation": { + "type": "string", + "description": "The relative path that specifies the location of the content definition file." + }, + "description": { + "type": "string", + "description": "The description of the scene." + }, + "sceneId": { + "type": "string", + "description": "The ID of the scene." + }, + "sceneMetadata": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair of scene metadata for the scene." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + }, + "workspaceId": { + "type": "string", + "description": "The ID of the scene." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the scene." + }, + "capabilities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of capabilities that the scene uses to render." + }, + "contentLocation": { + "type": "string", + "description": "The relative path that specifies the location of the content definition file." + }, + "creationDateTime": { + "type": "string", + "description": "The date and time when the scene was created." + }, + "description": { + "type": "string", + "description": "The description of the scene." + }, + "generatedSceneMetadata": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair of generated scene metadata for the scene." + }, + "sceneId": { + "type": "string", + "description": "The ID of the scene.", + "replaceOnChanges": true + }, + "sceneMetadata": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair of scene metadata for the scene." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + }, + "updateDateTime": { + "type": "string", + "description": "The date and time of the current update." + }, + "workspaceId": { + "type": "string", + "description": "The ID of the scene.", + "replaceOnChanges": true + } + }, + "required": [ + "contentLocation", + "sceneId", + "workspaceId" + ], + "createOnly": [ + "sceneId", + "workspaceId" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:iottwinmaker:SyncJob": { + "cf": "AWS::IoTTwinMaker::SyncJob", + "inputs": { + "syncRole": { + "type": "string", + "description": "The IAM Role that execute SyncJob." + }, + "syncSource": { + "type": "string", + "description": "The source of the SyncJob." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + }, + "workspaceId": { + "type": "string", + "description": "The ID of the workspace." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the SyncJob." + }, + "creationDateTime": { + "type": "string", + "description": "The date and time when the sync job was created." + }, + "state": { + "type": "string", + "description": "The state of SyncJob." + }, + "syncRole": { + "type": "string", + "description": "The IAM Role that execute SyncJob.", + "replaceOnChanges": true + }, + "syncSource": { + "type": "string", + "description": "The source of the SyncJob.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource.", + "replaceOnChanges": true + }, + "updateDateTime": { + "type": "string", + "description": "The date and time when the sync job was updated." + }, + "workspaceId": { + "type": "string", + "description": "The ID of the workspace.", + "replaceOnChanges": true + } + }, + "required": [ + "syncRole", + "syncSource", + "workspaceId" + ], + "createOnly": [ + "syncRole", + "syncSource", + "tags", + "workspaceId" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:iottwinmaker:Workspace": { + "cf": "AWS::IoTTwinMaker::Workspace", + "inputs": { + "description": { + "type": "string", + "description": "The description of the workspace." + }, + "role": { + "type": "string", + "description": "The ARN of the execution role associated with the workspace." + }, + "s3Location": { + "type": "string", + "description": "The ARN of the S3 bucket where resources associated with the workspace are stored." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of key-value pairs to associate with a resource." + }, + "workspaceId": { + "type": "string", + "description": "The ID of the workspace." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the workspace." + }, + "creationDateTime": { + "type": "string", + "description": "The date and time when the workspace was created." + }, + "description": { + "type": "string", + "description": "The description of the workspace." + }, + "role": { + "type": "string", + "description": "The ARN of the execution role associated with the workspace." + }, + "s3Location": { + "type": "string", + "description": "The ARN of the S3 bucket where resources associated with the workspace are stored." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of key-value pairs to associate with a resource." + }, + "updateDateTime": { + "type": "string", + "description": "The date and time of the current update." + }, + "workspaceId": { + "type": "string", + "description": "The ID of the workspace.", + "replaceOnChanges": true + } + }, + "required": [ + "role", + "s3Location", + "workspaceId" + ], + "createOnly": [ + "workspaceId" + ], + "irreversibleNames": { + "s3Location": "S3Location" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:iotwireless:Destination": { + "cf": "AWS::IoTWireless::Destination", + "inputs": { + "description": { + "type": "string", + "description": "Destination description" + }, + "expression": { + "type": "string", + "description": "Destination expression" + }, + "expressionType": { + "$ref": "#/types/aws-native:iotwireless:DestinationExpressionType", + "description": "Must be RuleName" + }, + "name": { + "type": "string", + "description": "Unique name of destination" + }, + "roleArn": { + "type": "string", + "description": "AWS role ARN that grants access" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the destination." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Destination arn. Returned after successful create." + }, + "description": { + "type": "string", + "description": "Destination description" + }, + "expression": { + "type": "string", + "description": "Destination expression" + }, + "expressionType": { + "$ref": "#/types/aws-native:iotwireless:DestinationExpressionType", + "description": "Must be RuleName" + }, + "name": { + "type": "string", + "description": "Unique name of destination", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "AWS role ARN that grants access" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the destination." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "required": [ + "expression", + "expressionType" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotwireless:DeviceProfile": { + "cf": "AWS::IoTWireless::DeviceProfile", + "inputs": { + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:DeviceProfileLoRaWanDeviceProfile", + "description": "LoRaWANDeviceProfile supports all LoRa specific attributes for service profile for CreateDeviceProfile operation" + }, + "name": { + "type": "string", + "description": "Name of service profile" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the device profile." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Service profile Arn. Returned after successful create." + }, + "awsId": { + "type": "string", + "description": "Service profile Id. Returned after successful create." + }, + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:DeviceProfileLoRaWanDeviceProfile", + "description": "LoRaWANDeviceProfile supports all LoRa specific attributes for service profile for CreateDeviceProfile operation" + }, + "name": { + "type": "string", + "description": "Name of service profile" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the device profile." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 256 + }, + "irreversibleNames": { + "awsId": "Id", + "loRaWan": "LoRaWAN" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotwireless:FuotaTask": { + "cf": "AWS::IoTWireless::FuotaTask", + "inputs": { + "associateMulticastGroup": { + "type": "string", + "description": "Multicast group to associate. Only for update request." + }, + "associateWirelessDevice": { + "type": "string", + "description": "Wireless device to associate. Only for update request." + }, + "description": { + "type": "string", + "description": "FUOTA task description" + }, + "disassociateMulticastGroup": { + "type": "string", + "description": "Multicast group to disassociate. Only for update request." + }, + "disassociateWirelessDevice": { + "type": "string", + "description": "Wireless device to disassociate. Only for update request." + }, + "firmwareUpdateImage": { + "type": "string", + "description": "FUOTA task firmware update image binary S3 link" + }, + "firmwareUpdateRole": { + "type": "string", + "description": "FUOTA task firmware IAM role for reading S3" + }, + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:FuotaTaskLoRaWan", + "description": "FUOTA task LoRaWAN" + }, + "name": { + "type": "string", + "description": "Name of FUOTA task" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the FUOTA task." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "FUOTA task arn. Returned after successful create." + }, + "associateMulticastGroup": { + "type": "string", + "description": "Multicast group to associate. Only for update request." + }, + "associateWirelessDevice": { + "type": "string", + "description": "Wireless device to associate. Only for update request." + }, + "awsId": { + "type": "string", + "description": "FUOTA task id. Returned after successful create." + }, + "description": { + "type": "string", + "description": "FUOTA task description" + }, + "disassociateMulticastGroup": { + "type": "string", + "description": "Multicast group to disassociate. Only for update request." + }, + "disassociateWirelessDevice": { + "type": "string", + "description": "Wireless device to disassociate. Only for update request." + }, + "firmwareUpdateImage": { + "type": "string", + "description": "FUOTA task firmware update image binary S3 link" + }, + "firmwareUpdateRole": { + "type": "string", + "description": "FUOTA task firmware IAM role for reading S3" + }, + "fuotaTaskStatus": { + "type": "string", + "description": "FUOTA task status. Returned after successful read." + }, + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:FuotaTaskLoRaWan", + "description": "FUOTA task LoRaWAN" + }, + "name": { + "type": "string", + "description": "Name of FUOTA task" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the FUOTA task." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 256 + }, + "required": [ + "firmwareUpdateImage", + "firmwareUpdateRole", + "loRaWan" + ], + "irreversibleNames": { + "awsId": "Id", + "loRaWan": "LoRaWAN" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotwireless:MulticastGroup": { + "cf": "AWS::IoTWireless::MulticastGroup", + "inputs": { + "associateWirelessDevice": { + "type": "string", + "description": "Wireless device to associate. Only for update request." + }, + "description": { + "type": "string", + "description": "Multicast group description" + }, + "disassociateWirelessDevice": { + "type": "string", + "description": "Wireless device to disassociate. Only for update request." + }, + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:MulticastGroupLoRaWan", + "description": "Multicast group LoRaWAN" + }, + "name": { + "type": "string", + "description": "Name of Multicast group" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the Multicast group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Multicast group arn. Returned after successful create." + }, + "associateWirelessDevice": { + "type": "string", + "description": "Wireless device to associate. Only for update request." + }, + "awsId": { + "type": "string", + "description": "Multicast group id. Returned after successful create." + }, + "description": { + "type": "string", + "description": "Multicast group description" + }, + "disassociateWirelessDevice": { + "type": "string", + "description": "Wireless device to disassociate. Only for update request." + }, + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:MulticastGroupLoRaWan", + "description": "Multicast group LoRaWAN" + }, + "name": { + "type": "string", + "description": "Name of Multicast group" + }, + "status": { + "type": "string", + "description": "Multicast group status. Returned after successful read." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the Multicast group." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 256 + }, + "required": [ + "loRaWan" + ], + "irreversibleNames": { + "awsId": "Id", + "loRaWan": "LoRaWAN" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotwireless:NetworkAnalyzerConfiguration": { + "cf": "AWS::IoTWireless::NetworkAnalyzerConfiguration", + "inputs": { + "description": { + "type": "string", + "description": "The description of the new resource" + }, + "name": { + "type": "string", + "description": "Name of the network analyzer configuration" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "traceContent": { + "$ref": "#/types/aws-native:iotwireless:TraceContentProperties", + "description": "Trace content for your wireless gateway and wireless device resources" + }, + "wirelessDevices": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of wireless gateway resources that have been added to the network analyzer configuration" + }, + "wirelessGateways": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of wireless gateway resources that have been added to the network analyzer configuration" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Arn for network analyzer configuration, Returned upon successful create." + }, + "description": { + "type": "string", + "description": "The description of the new resource" + }, + "name": { + "type": "string", + "description": "Name of the network analyzer configuration", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource.", + "replaceOnChanges": true + }, + "traceContent": { + "$ref": "#/types/aws-native:iotwireless:TraceContentProperties", + "description": "Trace content for your wireless gateway and wireless device resources" + }, + "wirelessDevices": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of wireless gateway resources that have been added to the network analyzer configuration" + }, + "wirelessGateways": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of wireless gateway resources that have been added to the network analyzer configuration" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 1024 + }, + "createOnly": [ + "name", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:iotwireless:ServiceProfile": { + "cf": "AWS::IoTWireless::ServiceProfile", + "inputs": { + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:ServiceProfileLoRaWanServiceProfile", + "description": "LoRaWAN supports all LoRa specific attributes for service profile for CreateServiceProfile operation" + }, + "name": { + "type": "string", + "description": "Name of service profile" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the service profile." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Service profile Arn. Returned after successful create." + }, + "awsId": { + "type": "string", + "description": "Service profile Id. Returned after successful create." + }, + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:ServiceProfileLoRaWanServiceProfile", + "description": "LoRaWAN supports all LoRa specific attributes for service profile for CreateServiceProfile operation" + }, + "name": { + "type": "string", + "description": "Name of service profile" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the service profile." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 256 + }, + "irreversibleNames": { + "awsId": "Id", + "loRaWan": "LoRaWAN" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotwireless:TaskDefinition": { + "cf": "AWS::IoTWireless::TaskDefinition", + "inputs": { + "autoCreateTasks": { + "type": "boolean", + "description": "Whether to automatically create tasks using this task definition for all gateways with the specified current version. If false, the task must me created by calling CreateWirelessGatewayTask." + }, + "loRaWanUpdateGatewayTaskEntry": { + "$ref": "#/types/aws-native:iotwireless:TaskDefinitionLoRaWanUpdateGatewayTaskEntry", + "description": "The list of task definitions." + }, + "name": { + "type": "string", + "description": "The name of the new resource." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the destination." + }, + "taskDefinitionType": { + "$ref": "#/types/aws-native:iotwireless:TaskDefinitionType", + "description": "A filter to list only the wireless gateway task definitions that use this task definition type" + }, + "update": { + "$ref": "#/types/aws-native:iotwireless:TaskDefinitionUpdateWirelessGatewayTaskCreate", + "description": "Information about the gateways to update." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "TaskDefinition arn. Returned after successful create." + }, + "autoCreateTasks": { + "type": "boolean", + "description": "Whether to automatically create tasks using this task definition for all gateways with the specified current version. If false, the task must me created by calling CreateWirelessGatewayTask." + }, + "awsId": { + "type": "string", + "description": "The ID of the new wireless gateway task definition" + }, + "loRaWanUpdateGatewayTaskEntry": { + "$ref": "#/types/aws-native:iotwireless:TaskDefinitionLoRaWanUpdateGatewayTaskEntry", + "description": "The list of task definitions." + }, + "name": { + "type": "string", + "description": "The name of the new resource." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the destination." + }, + "taskDefinitionType": { + "$ref": "#/types/aws-native:iotwireless:TaskDefinitionType", + "description": "A filter to list only the wireless gateway task definitions that use this task definition type" + }, + "update": { + "$ref": "#/types/aws-native:iotwireless:TaskDefinitionUpdateWirelessGatewayTaskCreate", + "description": "Information about the gateways to update." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "autoCreateTasks" + ], + "irreversibleNames": { + "awsId": "Id", + "loRaWanUpdateGatewayTaskEntry": "LoRaWANUpdateGatewayTaskEntry" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotwireless:WirelessDevice": { + "cf": "AWS::IoTWireless::WirelessDevice", + "inputs": { + "description": { + "type": "string", + "description": "Wireless device description" + }, + "destinationName": { + "type": "string", + "description": "Wireless device destination name" + }, + "lastUplinkReceivedAt": { + "type": "string", + "description": "The date and time when the most recent uplink was received." + }, + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:WirelessDeviceLoRaWanDevice", + "description": "The combination of Package, Station and Model which represents the version of the LoRaWAN Wireless Device." + }, + "name": { + "type": "string", + "description": "Wireless device name" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the device. Currently not supported, will not create if tags are passed." + }, + "thingArn": { + "type": "string", + "description": "Thing arn. Passed into update to associate Thing with Wireless device." + }, + "type": { + "$ref": "#/types/aws-native:iotwireless:WirelessDeviceType", + "description": "Wireless device type, currently only Sidewalk and LoRa" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Wireless device arn. Returned after successful create." + }, + "awsId": { + "type": "string", + "description": "Wireless device Id. Returned after successful create." + }, + "description": { + "type": "string", + "description": "Wireless device description" + }, + "destinationName": { + "type": "string", + "description": "Wireless device destination name" + }, + "lastUplinkReceivedAt": { + "type": "string", + "description": "The date and time when the most recent uplink was received." + }, + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:WirelessDeviceLoRaWanDevice", + "description": "The combination of Package, Station and Model which represents the version of the LoRaWAN Wireless Device." + }, + "name": { + "type": "string", + "description": "Wireless device name" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the device. Currently not supported, will not create if tags are passed." + }, + "thingArn": { + "type": "string", + "description": "Thing arn. Passed into update to associate Thing with Wireless device." + }, + "thingName": { + "type": "string", + "description": "Thing Arn. If there is a Thing created, this can be returned with a Get call." + }, + "type": { + "$ref": "#/types/aws-native:iotwireless:WirelessDeviceType", + "description": "Wireless device type, currently only Sidewalk and LoRa" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 256 + }, + "required": [ + "destinationName", + "type" + ], + "irreversibleNames": { + "awsId": "Id", + "loRaWan": "LoRaWAN" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:iotwireless:WirelessGateway": { + "cf": "AWS::IoTWireless::WirelessGateway", + "inputs": { + "description": { + "type": "string", + "description": "Description of Wireless Gateway." + }, + "lastUplinkReceivedAt": { + "type": "string", + "description": "The date and time when the most recent uplink was received." + }, + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:WirelessGatewayLoRaWanGateway", + "description": "The combination of Package, Station and Model which represents the version of the LoRaWAN Wireless Gateway." + }, + "name": { + "type": "string", + "description": "Name of Wireless Gateway." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the gateway." + }, + "thingArn": { + "type": "string", + "description": "Thing Arn. Passed into Update to associate a Thing with the Wireless Gateway." + }, + "thingName": { + "type": "string", + "description": "Thing Name. If there is a Thing created, this can be returned with a Get call." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Arn for Wireless Gateway. Returned upon successful create." + }, + "awsId": { + "type": "string", + "description": "Id for Wireless Gateway. Returned upon successful create." + }, + "description": { + "type": "string", + "description": "Description of Wireless Gateway." + }, + "lastUplinkReceivedAt": { + "type": "string", + "description": "The date and time when the most recent uplink was received." + }, + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:WirelessGatewayLoRaWanGateway", + "description": "The combination of Package, Station and Model which represents the version of the LoRaWAN Wireless Gateway." + }, + "name": { + "type": "string", + "description": "Name of Wireless Gateway." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the gateway." + }, + "thingArn": { + "type": "string", + "description": "Thing Arn. Passed into Update to associate a Thing with the Wireless Gateway." + }, + "thingName": { + "type": "string", + "description": "Thing Name. If there is a Thing created, this can be returned with a Get call." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 256 + }, + "required": [ + "loRaWan" + ], + "irreversibleNames": { + "awsId": "Id", + "loRaWan": "LoRaWAN" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ivs:Channel": { + "cf": "AWS::IVS::Channel", + "inputs": { + "authorized": { + "type": "boolean", + "description": "Whether the channel is authorized." + }, + "insecureIngest": { + "type": "boolean", + "description": "Whether the channel allows insecure ingest." + }, + "latencyMode": { + "$ref": "#/types/aws-native:ivs:ChannelLatencyMode", + "description": "Channel latency mode." + }, + "name": { + "type": "string", + "description": "Channel" + }, + "preset": { + "$ref": "#/types/aws-native:ivs:ChannelPreset", + "description": "Optional transcode preset for the channel. This is selectable only for ADVANCED_HD and ADVANCED_SD channel types. For those channel types, the default preset is HIGHER_BANDWIDTH_DELIVERY. For other channel types (BASIC and STANDARD), preset is the empty string (\"\")." + }, + "recordingConfigurationArn": { + "type": "string", + "description": "Recording Configuration ARN. A value other than an empty string indicates that recording is enabled. Default: \"\" (recording is disabled)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + }, + "type": { + "$ref": "#/types/aws-native:ivs:ChannelType", + "description": "Channel type, which determines the allowable resolution and bitrate. If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Channel ARN is automatically generated on creation and assigned as the unique identifier." + }, + "authorized": { + "type": "boolean", + "description": "Whether the channel is authorized." + }, + "ingestEndpoint": { + "type": "string", + "description": "Channel ingest endpoint, part of the definition of an ingest server, used when you set up streaming software." + }, + "insecureIngest": { + "type": "boolean", + "description": "Whether the channel allows insecure ingest." + }, + "latencyMode": { + "$ref": "#/types/aws-native:ivs:ChannelLatencyMode", + "description": "Channel latency mode." + }, + "name": { + "type": "string", + "description": "Channel" + }, + "playbackUrl": { + "type": "string", + "description": "Channel Playback URL." + }, + "preset": { + "$ref": "#/types/aws-native:ivs:ChannelPreset", + "description": "Optional transcode preset for the channel. This is selectable only for ADVANCED_HD and ADVANCED_SD channel types. For those channel types, the default preset is HIGHER_BANDWIDTH_DELIVERY. For other channel types (BASIC and STANDARD), preset is the empty string (\"\")." + }, + "recordingConfigurationArn": { + "type": "string", + "description": "Recording Configuration ARN. A value other than an empty string indicates that recording is enabled. Default: \"\" (recording is disabled)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + }, + "type": { + "$ref": "#/types/aws-native:ivs:ChannelType", + "description": "Channel type, which determines the allowable resolution and bitrate. If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ivs:EncoderConfiguration": { + "cf": "AWS::IVS::EncoderConfiguration", + "inputs": { + "name": { + "type": "string", + "description": "Encoder configuration name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "video": { + "$ref": "#/types/aws-native:ivs:VideoProperties", + "description": "Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Encoder configuration identifier." + }, + "name": { + "type": "string", + "description": "Encoder configuration name.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "video": { + "$ref": "#/types/aws-native:ivs:VideoProperties", + "description": "Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "createOnly": [ + "name", + "video", + "video/Bitrate", + "video/Framerate", + "video/Height", + "video/Width" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ivs:PlaybackKeyPair": { + "cf": "AWS::IVS::PlaybackKeyPair", + "inputs": { + "name": { + "type": "string", + "description": "An arbitrary string (a nickname) assigned to a playback key pair that helps the customer identify that resource. The value does not need to be unique." + }, + "publicKeyMaterial": { + "type": "string", + "description": "The public portion of a customer-generated key pair." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Key-pair identifier." + }, + "fingerprint": { + "type": "string", + "description": "Key-pair identifier." + }, + "name": { + "type": "string", + "description": "An arbitrary string (a nickname) assigned to a playback key pair that helps the customer identify that resource. The value does not need to be unique.", + "replaceOnChanges": true + }, + "publicKeyMaterial": { + "type": "string", + "description": "The public portion of a customer-generated key pair.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "createOnly": [ + "name", + "publicKeyMaterial" + ], + "writeOnly": [ + "publicKeyMaterial" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ivs:PlaybackRestrictionPolicy": { + "cf": "AWS::IVS::PlaybackRestrictionPolicy", + "inputs": { + "allowedCountries": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of country codes that control geoblocking restriction. Allowed values are the officially assigned ISO 3166-1 alpha-2 codes. Default: All countries (an empty array)." + }, + "allowedOrigins": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin" + }, + "enableStrictOriginEnforcement": { + "type": "boolean", + "description": "Whether channel playback is constrained by origin site." + }, + "name": { + "type": "string", + "description": "Playback-restriction-policy name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "allowedCountries": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of country codes that control geoblocking restriction. Allowed values are the officially assigned ISO 3166-1 alpha-2 codes. Default: All countries (an empty array)." + }, + "allowedOrigins": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin" + }, + "arn": { + "type": "string", + "description": "Playback-restriction-policy identifier." + }, + "enableStrictOriginEnforcement": { + "type": "boolean", + "description": "Whether channel playback is constrained by origin site." + }, + "name": { + "type": "string", + "description": "Playback-restriction-policy name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "required": [ + "allowedCountries", + "allowedOrigins" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ivs:RecordingConfiguration": { + "cf": "AWS::IVS::RecordingConfiguration", + "inputs": { + "destinationConfiguration": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationDestinationConfiguration", + "description": "A destination configuration describes an S3 bucket where recorded video will be stored. See the DestinationConfiguration property type for more information." + }, + "name": { + "type": "string", + "description": "Recording Configuration Name." + }, + "recordingReconnectWindowSeconds": { + "type": "integer", + "description": "Recording Reconnect Window Seconds. (0 means disabled)" + }, + "renditionConfiguration": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationRenditionConfiguration", + "description": "A rendition configuration describes which renditions should be recorded for a stream. See the RenditionConfiguration property type for more information." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + }, + "thumbnailConfiguration": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationThumbnailConfiguration", + "description": "A thumbnail configuration enables/disables the recording of thumbnails for a live session and controls the interval at which thumbnails are generated for the live session. See the ThumbnailConfiguration property type for more information." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Recording Configuration ARN is automatically generated on creation and assigned as the unique identifier." + }, + "destinationConfiguration": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationDestinationConfiguration", + "description": "A destination configuration describes an S3 bucket where recorded video will be stored. See the DestinationConfiguration property type for more information.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Recording Configuration Name.", + "replaceOnChanges": true + }, + "recordingReconnectWindowSeconds": { + "type": "integer", + "description": "Recording Reconnect Window Seconds. (0 means disabled)", + "replaceOnChanges": true + }, + "renditionConfiguration": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationRenditionConfiguration", + "description": "A rendition configuration describes which renditions should be recorded for a stream. See the RenditionConfiguration property type for more information.", + "replaceOnChanges": true + }, + "state": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationState", + "description": "Recording Configuration State." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + }, + "thumbnailConfiguration": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationThumbnailConfiguration", + "description": "A thumbnail configuration enables/disables the recording of thumbnails for a live session and controls the interval at which thumbnails are generated for the live session. See the ThumbnailConfiguration property type for more information.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "required": [ + "destinationConfiguration" + ], + "createOnly": [ + "destinationConfiguration", + "destinationConfiguration/S3", + "destinationConfiguration/S3/BucketName", + "name", + "recordingReconnectWindowSeconds", + "renditionConfiguration", + "renditionConfiguration/RenditionSelection", + "renditionConfiguration/Renditions", + "thumbnailConfiguration", + "thumbnailConfiguration/RecordingMode", + "thumbnailConfiguration/Resolution", + "thumbnailConfiguration/Storage", + "thumbnailConfiguration/TargetIntervalSeconds" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ivs:Stage": { + "cf": "AWS::IVS::Stage", + "inputs": { + "name": { + "type": "string", + "description": "Stage name" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "activeSessionId": { + "type": "string", + "description": "ID of the active session within the stage." + }, + "arn": { + "type": "string", + "description": "Stage ARN is automatically generated on creation and assigned as the unique identifier." + }, + "name": { + "type": "string", + "description": "Stage name" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ivs:StorageConfiguration": { + "cf": "AWS::IVS::StorageConfiguration", + "inputs": { + "name": { + "type": "string", + "description": "Storage Configuration Name." + }, + "s3": { + "$ref": "#/types/aws-native:ivs:StorageConfigurationS3StorageConfiguration", + "description": "An S3 storage configuration contains information about where recorded video will be stored. See the [S3StorageConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-s3storageconfiguration.html) property type for more information." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Storage Configuration ARN is automatically generated on creation and assigned as the unique identifier." + }, + "name": { + "type": "string", + "description": "Storage Configuration Name.", + "replaceOnChanges": true + }, + "s3": { + "$ref": "#/types/aws-native:ivs:StorageConfigurationS3StorageConfiguration", + "description": "An S3 storage configuration contains information about where recorded video will be stored. See the [S3StorageConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-s3storageconfiguration.html) property type for more information.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "required": [ + "s3" + ], + "createOnly": [ + "name", + "s3", + "s3/BucketName" + ], + "irreversibleNames": { + "s3": "S3" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ivs:StreamKey": { + "cf": "AWS::IVS::StreamKey", + "inputs": { + "channelArn": { + "type": "string", + "description": "Channel ARN for the stream." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Stream Key ARN is automatically generated on creation and assigned as the unique identifier." + }, + "channelArn": { + "type": "string", + "description": "Channel ARN for the stream.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that contain metadata for the asset model." + }, + "value": { + "type": "string", + "description": "Stream-key value." + } + }, + "required": [ + "channelArn" + ], + "createOnly": [ + "channelArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ivschat:LoggingConfiguration": { + "cf": "AWS::IVSChat::LoggingConfiguration", + "inputs": { + "destinationConfiguration": { + "$ref": "#/types/aws-native:ivschat:LoggingConfigurationDestinationConfiguration", + "description": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged." + }, + "name": { + "type": "string", + "description": "The name of the logging configuration. The value does not need to be unique." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "LoggingConfiguration ARN is automatically generated on creation and assigned as the unique identifier." + }, + "awsId": { + "type": "string", + "description": "The system-generated ID of the logging configuration." + }, + "destinationConfiguration": { + "$ref": "#/types/aws-native:ivschat:LoggingConfigurationDestinationConfiguration", + "description": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged." + }, + "name": { + "type": "string", + "description": "The name of the logging configuration. The value does not need to be unique." + }, + "state": { + "$ref": "#/types/aws-native:ivschat:LoggingConfigurationState", + "description": "The state of the logging configuration. When the state is ACTIVE, the configuration is ready to log chat content." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "required": [ + "destinationConfiguration" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ivschat:Room": { + "cf": "AWS::IVSChat::Room", + "inputs": { + "loggingConfigurationIdentifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of logging configuration identifiers attached to the room." + }, + "maximumMessageLength": { + "type": "integer", + "description": "The maximum number of characters in a single message." + }, + "maximumMessageRatePerSecond": { + "type": "integer", + "description": "The maximum number of messages per second that can be sent to the room." + }, + "messageReviewHandler": { + "$ref": "#/types/aws-native:ivschat:RoomMessageReviewHandler", + "description": "Configuration information for optional review of messages." + }, + "name": { + "type": "string", + "description": "The name of the room. The value does not need to be unique." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Room ARN is automatically generated on creation and assigned as the unique identifier." + }, + "awsId": { + "type": "string", + "description": "The system-generated ID of the room." + }, + "loggingConfigurationIdentifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Array of logging configuration identifiers attached to the room." + }, + "maximumMessageLength": { + "type": "integer", + "description": "The maximum number of characters in a single message." + }, + "maximumMessageRatePerSecond": { + "type": "integer", + "description": "The maximum number of messages per second that can be sent to the room." + }, + "messageReviewHandler": { + "$ref": "#/types/aws-native:ivschat:RoomMessageReviewHandler", + "description": "Configuration information for optional review of messages." + }, + "name": { + "type": "string", + "description": "The name of the room. The value does not need to be unique." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kafkaconnect:Connector": { + "cf": "AWS::KafkaConnect::Connector", + "inputs": { + "capacity": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorCapacity", + "description": "The connector's compute capacity settings." + }, + "connectorConfiguration": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The configuration for the connector." + }, + "connectorDescription": { + "type": "string", + "description": "A summary description of the connector." + }, + "connectorName": { + "type": "string", + "description": "The name of the connector." + }, + "kafkaCluster": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorKafkaCluster", + "description": "The details of the Apache Kafka cluster to which the connector is connected." + }, + "kafkaClusterClientAuthentication": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorKafkaClusterClientAuthentication", + "description": "The type of client authentication used to connect to the Apache Kafka cluster. The value is NONE when no client authentication is used." + }, + "kafkaClusterEncryptionInTransit": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorKafkaClusterEncryptionInTransit", + "description": "Details of encryption in transit to the Apache Kafka cluster." + }, + "kafkaConnectVersion": { + "type": "string", + "description": "The version of Kafka Connect. It has to be compatible with both the Kafka cluster's version and the plugins." + }, + "logDelivery": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorLogDelivery", + "description": "The settings for delivering connector logs to Amazon CloudWatch Logs." + }, + "plugins": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorPlugin" + }, + "description": "List of plugins to use with the connector." + }, + "serviceExecutionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon S3 objects and other external resources." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + }, + "workerConfiguration": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorWorkerConfiguration", + "description": "The worker configurations that are in use with the connector." + } + }, + "outputs": { + "capacity": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorCapacity", + "description": "The connector's compute capacity settings." + }, + "connectorArn": { + "type": "string", + "description": "Amazon Resource Name for the created Connector." + }, + "connectorConfiguration": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The configuration for the connector.", + "replaceOnChanges": true + }, + "connectorDescription": { + "type": "string", + "description": "A summary description of the connector.", + "replaceOnChanges": true + }, + "connectorName": { + "type": "string", + "description": "The name of the connector.", + "replaceOnChanges": true + }, + "kafkaCluster": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorKafkaCluster", + "description": "The details of the Apache Kafka cluster to which the connector is connected.", + "replaceOnChanges": true + }, + "kafkaClusterClientAuthentication": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorKafkaClusterClientAuthentication", + "description": "The type of client authentication used to connect to the Apache Kafka cluster. The value is NONE when no client authentication is used.", + "replaceOnChanges": true + }, + "kafkaClusterEncryptionInTransit": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorKafkaClusterEncryptionInTransit", + "description": "Details of encryption in transit to the Apache Kafka cluster.", + "replaceOnChanges": true + }, + "kafkaConnectVersion": { + "type": "string", + "description": "The version of Kafka Connect. It has to be compatible with both the Kafka cluster's version and the plugins.", + "replaceOnChanges": true + }, + "logDelivery": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorLogDelivery", + "description": "The settings for delivering connector logs to Amazon CloudWatch Logs.", + "replaceOnChanges": true + }, + "plugins": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorPlugin" + }, + "description": "List of plugins to use with the connector.", + "replaceOnChanges": true + }, + "serviceExecutionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon S3 objects and other external resources.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + }, + "workerConfiguration": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorWorkerConfiguration", + "description": "The worker configurations that are in use with the connector.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "connectorName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "capacity", + "connectorConfiguration", + "kafkaCluster", + "kafkaClusterClientAuthentication", + "kafkaClusterEncryptionInTransit", + "kafkaConnectVersion", + "plugins", + "serviceExecutionRoleArn" + ], + "createOnly": [ + "connectorConfiguration", + "connectorDescription", + "connectorName", + "kafkaCluster", + "kafkaClusterClientAuthentication", + "kafkaClusterEncryptionInTransit", + "kafkaConnectVersion", + "logDelivery", + "plugins", + "serviceExecutionRoleArn", + "workerConfiguration" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kafkaconnect:CustomPlugin": { + "cf": "AWS::KafkaConnect::CustomPlugin", + "inputs": { + "contentType": { + "$ref": "#/types/aws-native:kafkaconnect:CustomPluginContentType", + "description": "The type of the plugin file." + }, + "description": { + "type": "string", + "description": "A summary description of the custom plugin." + }, + "location": { + "$ref": "#/types/aws-native:kafkaconnect:CustomPluginLocation", + "description": "Information about the location of the custom plugin." + }, + "name": { + "type": "string", + "description": "The name of the custom plugin." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "contentType": { + "$ref": "#/types/aws-native:kafkaconnect:CustomPluginContentType", + "description": "The type of the plugin file.", + "replaceOnChanges": true + }, + "customPluginArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the custom plugin to use." + }, + "description": { + "type": "string", + "description": "A summary description of the custom plugin.", + "replaceOnChanges": true + }, + "fileDescription": { + "$ref": "#/types/aws-native:kafkaconnect:CustomPluginFileDescription" + }, + "location": { + "$ref": "#/types/aws-native:kafkaconnect:CustomPluginLocation", + "description": "Information about the location of the custom plugin.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the custom plugin.", + "replaceOnChanges": true + }, + "revision": { + "type": "integer", + "description": "The revision of the custom plugin." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "contentType", + "location" + ], + "createOnly": [ + "contentType", + "description", + "location", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kafkaconnect:WorkerConfiguration": { + "cf": "AWS::KafkaConnect::WorkerConfiguration", + "inputs": { + "description": { + "type": "string", + "description": "A summary description of the worker configuration." + }, + "name": { + "type": "string", + "description": "The name of the worker configuration." + }, + "propertiesFileContent": { + "type": "string", + "description": "Base64 encoded contents of connect-distributed.properties file." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "description": { + "type": "string", + "description": "A summary description of the worker configuration.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the worker configuration.", + "replaceOnChanges": true + }, + "propertiesFileContent": { + "type": "string", + "description": "Base64 encoded contents of connect-distributed.properties file.", + "replaceOnChanges": true + }, + "revision": { + "type": "integer", + "description": "The description of a revision of the worker configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + }, + "workerConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the custom configuration." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "propertiesFileContent" + ], + "createOnly": [ + "description", + "name", + "propertiesFileContent" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kendra:DataSource": { + "cf": "AWS::Kendra::DataSource", + "inputs": { + "customDocumentEnrichmentConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceCustomDocumentEnrichmentConfiguration", + "description": "Configuration information for altering document metadata and content during the document ingestion process." + }, + "dataSourceConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceConfiguration", + "description": "Configuration information for an Amazon Kendra data source. The contents of the configuration depend on the type of data source. You can only specify one type of data source in the configuration.\n\nYou can't specify the `Configuration` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `Configuration` parameter is required for all other data sources." + }, + "description": { + "type": "string", + "description": "A description for the data source connector." + }, + "indexId": { + "type": "string", + "description": "The identifier of the index you want to use with the data source connector." + }, + "languageCode": { + "type": "string", + "description": "The code for a language. This shows a supported language for all documents in the data source. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) ." + }, + "name": { + "type": "string", + "description": "The name of the data source." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of a role with permission to access the data source.\n\nYou can't specify the `RoleArn` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `RoleArn` parameter is required for all other data sources." + }, + "schedule": { + "type": "string", + "description": "Sets the frequency that Amazon Kendra checks the documents in your data source and updates the index. If you don't set a schedule, Amazon Kendra doesn't periodically update the index." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for labeling the data source" + }, + "type": { + "$ref": "#/types/aws-native:kendra:DataSourceType", + "description": "The type of the data source." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the data source. For example:\n\n`arn:aws:kendra:us-west-2:111122223333:index/335c3741-41df-46a6-b5d3-61f85b787884/data-source/b8cae438-6787-4091-8897-684a652bbb0a`" + }, + "awsId": { + "type": "string", + "description": "The identifier for the data source. For example:\n\n`b8cae438-6787-4091-8897-684a652bbb0a` ." + }, + "customDocumentEnrichmentConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceCustomDocumentEnrichmentConfiguration", + "description": "Configuration information for altering document metadata and content during the document ingestion process." + }, + "dataSourceConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceConfiguration", + "description": "Configuration information for an Amazon Kendra data source. The contents of the configuration depend on the type of data source. You can only specify one type of data source in the configuration.\n\nYou can't specify the `Configuration` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `Configuration` parameter is required for all other data sources." + }, + "description": { + "type": "string", + "description": "A description for the data source connector." + }, + "indexId": { + "type": "string", + "description": "The identifier of the index you want to use with the data source connector." + }, + "languageCode": { + "type": "string", + "description": "The code for a language. This shows a supported language for all documents in the data source. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) ." + }, + "name": { + "type": "string", + "description": "The name of the data source." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of a role with permission to access the data source.\n\nYou can't specify the `RoleArn` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `RoleArn` parameter is required for all other data sources." + }, + "schedule": { + "type": "string", + "description": "Sets the frequency that Amazon Kendra checks the documents in your data source and updates the index. If you don't set a schedule, Amazon Kendra doesn't periodically update the index." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for labeling the data source" + }, + "type": { + "$ref": "#/types/aws-native:kendra:DataSourceType", + "description": "The type of the data source.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "indexId", + "type" + ], + "createOnly": [ + "type" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kendra:Faq": { + "cf": "AWS::Kendra::Faq", + "inputs": { + "description": { + "type": "string", + "description": "FAQ description" + }, + "fileFormat": { + "$ref": "#/types/aws-native:kendra:FaqFileFormat", + "description": "FAQ file format" + }, + "indexId": { + "type": "string", + "description": "Index ID" + }, + "languageCode": { + "type": "string", + "description": "The code for a language. This shows a supported language for the FAQ document as part of the summary information for FAQs. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) ." + }, + "name": { + "type": "string", + "description": "FAQ name" + }, + "roleArn": { + "type": "string", + "description": "FAQ role ARN" + }, + "s3Path": { + "$ref": "#/types/aws-native:kendra:FaqS3Path", + "description": "FAQ S3 path" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for labeling the FAQ" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "`arn:aws:kendra:us-west-2:111122223333:index/335c3741-41df-46a6-b5d3-61f85b787884/faq/f61995a6-cd5c-4e99-9cfc-58816d8bfaa7`" + }, + "awsId": { + "type": "string", + "description": "The identifier for the FAQ. For example:\n\n`f61995a6-cd5c-4e99-9cfc-58816d8bfaa7`" + }, + "description": { + "type": "string", + "description": "FAQ description", + "replaceOnChanges": true + }, + "fileFormat": { + "$ref": "#/types/aws-native:kendra:FaqFileFormat", + "description": "FAQ file format", + "replaceOnChanges": true + }, + "indexId": { + "type": "string", + "description": "Index ID", + "replaceOnChanges": true + }, + "languageCode": { + "type": "string", + "description": "The code for a language. This shows a supported language for the FAQ document as part of the summary information for FAQs. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) ." + }, + "name": { + "type": "string", + "description": "FAQ name", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "FAQ role ARN", + "replaceOnChanges": true + }, + "s3Path": { + "$ref": "#/types/aws-native:kendra:FaqS3Path", + "description": "FAQ S3 path", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for labeling the FAQ" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "indexId", + "roleArn", + "s3Path" + ], + "createOnly": [ + "description", + "fileFormat", + "indexId", + "name", + "roleArn", + "s3Path" + ], + "irreversibleNames": { + "awsId": "Id", + "s3Path": "S3Path" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kendra:Index": { + "cf": "AWS::Kendra::Index", + "inputs": { + "capacityUnits": { + "$ref": "#/types/aws-native:kendra:IndexCapacityUnitsConfiguration", + "description": "Capacity units" + }, + "description": { + "type": "string", + "description": "A description for the index" + }, + "documentMetadataConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:IndexDocumentMetadataConfiguration" + }, + "description": "Document metadata configurations" + }, + "edition": { + "$ref": "#/types/aws-native:kendra:IndexEdition", + "description": "Indicates whether the index is a Enterprise Edition index or a Developer Edition index. Valid values are `DEVELOPER_EDITION` and `ENTERPRISE_EDITION` ." + }, + "name": { + "type": "string", + "description": "The name of the index." + }, + "roleArn": { + "type": "string", + "description": "An IAM role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role used when you use the [BatchPutDocument](https://docs.aws.amazon.com/kendra/latest/dg/BatchPutDocument.html) operation to index documents from an Amazon S3 bucket." + }, + "serverSideEncryptionConfiguration": { + "$ref": "#/types/aws-native:kendra:IndexServerSideEncryptionConfiguration", + "description": "Server side encryption configuration" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for labeling the index" + }, + "userContextPolicy": { + "$ref": "#/types/aws-native:kendra:IndexUserContextPolicy", + "description": "The user context policy.\n\nATTRIBUTE_FILTER\n\n- All indexed content is searchable and displayable for all users. If you want to filter search results on user context, you can use the attribute filters of `_user_id` and `_group_ids` or you can provide user and group information in `UserContext` .\n\nUSER_TOKEN\n\n- Enables token-based user access control to filter search results on user context. All documents with no access control and all documents accessible to the user will be searchable and displayable." + }, + "userTokenConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:IndexUserTokenConfiguration" + }, + "description": "Defines the type of user token used for the index." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the index. For example: `arn:aws:kendra:us-west-2:111122223333:index/0123456789abcdef` ." + }, + "awsId": { + "type": "string", + "description": "The identifier for the index. For example: `f4aeaa10-8056-4b2c-a343-522ca0f41234` ." + }, + "capacityUnits": { + "$ref": "#/types/aws-native:kendra:IndexCapacityUnitsConfiguration", + "description": "Capacity units" + }, + "description": { + "type": "string", + "description": "A description for the index" + }, + "documentMetadataConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:IndexDocumentMetadataConfiguration" + }, + "description": "Document metadata configurations" + }, + "edition": { + "$ref": "#/types/aws-native:kendra:IndexEdition", + "description": "Indicates whether the index is a Enterprise Edition index or a Developer Edition index. Valid values are `DEVELOPER_EDITION` and `ENTERPRISE_EDITION` .", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the index." + }, + "roleArn": { + "type": "string", + "description": "An IAM role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role used when you use the [BatchPutDocument](https://docs.aws.amazon.com/kendra/latest/dg/BatchPutDocument.html) operation to index documents from an Amazon S3 bucket." + }, + "serverSideEncryptionConfiguration": { + "$ref": "#/types/aws-native:kendra:IndexServerSideEncryptionConfiguration", + "description": "Server side encryption configuration", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for labeling the index" + }, + "userContextPolicy": { + "$ref": "#/types/aws-native:kendra:IndexUserContextPolicy", + "description": "The user context policy.\n\nATTRIBUTE_FILTER\n\n- All indexed content is searchable and displayable for all users. If you want to filter search results on user context, you can use the attribute filters of `_user_id` and `_group_ids` or you can provide user and group information in `UserContext` .\n\nUSER_TOKEN\n\n- Enables token-based user access control to filter search results on user context. All documents with no access control and all documents accessible to the user will be searchable and displayable." + }, + "userTokenConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:IndexUserTokenConfiguration" + }, + "description": "Defines the type of user token used for the index." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "edition", + "roleArn" + ], + "createOnly": [ + "edition", + "serverSideEncryptionConfiguration" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kendraranking:ExecutionPlan": { + "cf": "AWS::KendraRanking::ExecutionPlan", + "inputs": { + "capacityUnits": { + "$ref": "#/types/aws-native:kendraranking:ExecutionPlanCapacityUnitsConfiguration", + "description": "Capacity units" + }, + "description": { + "type": "string", + "description": "A description for the execution plan" + }, + "name": { + "type": "string", + "description": "A name for the rescore execution plan." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for labeling the execution plan" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the rescore execution plan." + }, + "awsId": { + "type": "string", + "description": "The identifier of the rescore execution plan." + }, + "capacityUnits": { + "$ref": "#/types/aws-native:kendraranking:ExecutionPlanCapacityUnitsConfiguration", + "description": "Capacity units" + }, + "description": { + "type": "string", + "description": "A description for the execution plan" + }, + "name": { + "type": "string", + "description": "A name for the rescore execution plan." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for labeling the execution plan" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kinesis:Stream": { + "cf": "AWS::Kinesis::Stream", + "inputs": { + "name": { + "type": "string", + "description": "The name of the Kinesis stream." + }, + "retentionPeriodHours": { + "type": "integer", + "description": "The number of hours for the data records that are stored in shards to remain accessible." + }, + "shardCount": { + "type": "integer", + "description": "The number of shards that the stream uses. Required when StreamMode = PROVISIONED is passed." + }, + "streamEncryption": { + "$ref": "#/types/aws-native:kinesis:StreamEncryption", + "description": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream." + }, + "streamModeDetails": { + "$ref": "#/types/aws-native:kinesis:StreamModeDetails", + "description": "The mode in which the stream is running." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key–value pairs) to associate with the Kinesis stream." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon resource name (ARN) of the Kinesis stream" + }, + "name": { + "type": "string", + "description": "The name of the Kinesis stream.", + "replaceOnChanges": true + }, + "retentionPeriodHours": { + "type": "integer", + "description": "The number of hours for the data records that are stored in shards to remain accessible." + }, + "shardCount": { + "type": "integer", + "description": "The number of shards that the stream uses. Required when StreamMode = PROVISIONED is passed." + }, + "streamEncryption": { + "$ref": "#/types/aws-native:kinesis:StreamEncryption", + "description": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream." + }, + "streamModeDetails": { + "$ref": "#/types/aws-native:kinesis:StreamModeDetails", + "description": "The mode in which the stream is running." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key–value pairs) to associate with the Kinesis stream." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kinesisanalyticsv2:Application": { + "cf": "AWS::KinesisAnalyticsV2::Application", + "inputs": { + "applicationConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationConfiguration", + "description": "Use this parameter to configure the application." + }, + "applicationDescription": { + "type": "string", + "description": "The description of the application." + }, + "applicationMaintenanceConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationMaintenanceConfiguration", + "description": "Used to configure start of maintenance window." + }, + "applicationMode": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationMode", + "description": "To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE`. However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional." + }, + "applicationName": { + "type": "string", + "description": "The name of the application." + }, + "runConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationRunConfiguration", + "description": "Specifies run configuration (start parameters) of a Kinesis Data Analytics application. Evaluated on update for RUNNING applications an only." + }, + "runtimeEnvironment": { + "type": "string", + "description": "The runtime environment for the application." + }, + "serviceExecutionRole": { + "type": "string", + "description": "Specifies the IAM role that the application uses to access external resources." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50." + } + }, + "outputs": { + "applicationConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationConfiguration", + "description": "Use this parameter to configure the application." + }, + "applicationDescription": { + "type": "string", + "description": "The description of the application." + }, + "applicationMaintenanceConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationMaintenanceConfiguration", + "description": "Used to configure start of maintenance window." + }, + "applicationMode": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationMode", + "description": "To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE`. However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional.", + "replaceOnChanges": true + }, + "applicationName": { + "type": "string", + "description": "The name of the application.", + "replaceOnChanges": true + }, + "runConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationRunConfiguration", + "description": "Specifies run configuration (start parameters) of a Kinesis Data Analytics application. Evaluated on update for RUNNING applications an only." + }, + "runtimeEnvironment": { + "type": "string", + "description": "The runtime environment for the application." + }, + "serviceExecutionRole": { + "type": "string", + "description": "Specifies the IAM role that the application uses to access external resources." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50." + } + }, + "autoNamingSpec": { + "sdkName": "applicationName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "runtimeEnvironment", + "serviceExecutionRole" + ], + "createOnly": [ + "applicationMode", + "applicationName" + ], + "writeOnly": [ + "applicationConfiguration/ApplicationCodeConfiguration/CodeContent/ZipFileContent", + "applicationConfiguration/EnvironmentProperties", + "runConfiguration" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kinesisfirehose:DeliveryStream": { + "cf": "AWS::KinesisFirehose::DeliveryStream", + "inputs": { + "amazonOpenSearchServerlessDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAmazonOpenSearchServerlessDestinationConfiguration", + "description": "Describes the configuration of a destination in the Serverless offering for Amazon OpenSearch Service." + }, + "amazonopensearchserviceDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAmazonopensearchserviceDestinationConfiguration", + "description": "The destination in Amazon OpenSearch Service. You can specify only one destination." + }, + "deliveryStreamEncryptionConfigurationInput": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamEncryptionConfigurationInput", + "description": "Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side Encryption (SSE)." + }, + "deliveryStreamName": { + "type": "string", + "description": "The name of the delivery stream." + }, + "deliveryStreamType": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamType", + "description": "The delivery stream type. This can be one of the following values:\n\n- `DirectPut` : Provider applications access the delivery stream directly.\n- `KinesisStreamAsSource` : The delivery stream uses a Kinesis data stream as a source." + }, + "elasticsearchDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamElasticsearchDestinationConfiguration", + "description": "An Amazon ES destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon ES destination to an Amazon S3 or Amazon Redshift destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) ." + }, + "extendedS3DestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamExtendedS3DestinationConfiguration", + "description": "An Amazon S3 destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Extended S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) ." + }, + "httpEndpointDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamHttpEndpointDestinationConfiguration", + "description": "Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination." + }, + "icebergDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamIcebergDestinationConfiguration", + "description": "Specifies the destination configure settings for Apache Iceberg Table.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, + "kinesisStreamSourceConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamKinesisStreamSourceConfiguration", + "description": "When a Kinesis stream is used as the source for the delivery stream, a [KinesisStreamSourceConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-kinesisstreamsourceconfiguration.html) containing the Kinesis stream ARN and the role ARN for the source stream." + }, + "mskSourceConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamMskSourceConfiguration", + "description": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream." + }, + "redshiftDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamRedshiftDestinationConfiguration", + "description": "An Amazon Redshift destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Redshift destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) ." + }, + "s3DestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration", + "description": "The `S3DestinationConfiguration` property type specifies an Amazon Simple Storage Service (Amazon S3) destination to which Amazon Kinesis Data Firehose (Kinesis Data Firehose) delivers data.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) ." + }, + "snowflakeDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSnowflakeDestinationConfiguration", + "description": "Configure Snowflake destination" + }, + "splunkDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSplunkDestinationConfiguration", + "description": "The configuration of a destination in Splunk for the delivery stream." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A set of tags to assign to the delivery stream. A tag is a key-value pair that you can define and assign to AWS resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the delivery stream. For more information about tags, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide.\n\nYou can specify up to 50 tags when creating a delivery stream.\n\nIf you specify tags in the `CreateDeliveryStream` action, Amazon Data Firehose performs an additional authorization on the `firehose:TagDeliveryStream` action to verify if users have permissions to create tags. If you do not provide this permission, requests to create new Firehose delivery streams with IAM resource tags will fail with an `AccessDeniedException` such as following.\n\n*AccessDeniedException*\n\nUser: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.\n\nFor an example IAM policy, see [Tag example.](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples)" + } + }, + "outputs": { + "amazonOpenSearchServerlessDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAmazonOpenSearchServerlessDestinationConfiguration", + "description": "Describes the configuration of a destination in the Serverless offering for Amazon OpenSearch Service." + }, + "amazonopensearchserviceDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAmazonopensearchserviceDestinationConfiguration", + "description": "The destination in Amazon OpenSearch Service. You can specify only one destination." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the delivery stream, such as `arn:aws:firehose:us-east-2:123456789012:deliverystream/delivery-stream-name` ." + }, + "deliveryStreamEncryptionConfigurationInput": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamEncryptionConfigurationInput", + "description": "Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side Encryption (SSE)." + }, + "deliveryStreamName": { + "type": "string", + "description": "The name of the delivery stream.", + "replaceOnChanges": true + }, + "deliveryStreamType": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamType", + "description": "The delivery stream type. This can be one of the following values:\n\n- `DirectPut` : Provider applications access the delivery stream directly.\n- `KinesisStreamAsSource` : The delivery stream uses a Kinesis data stream as a source.", + "replaceOnChanges": true + }, + "elasticsearchDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamElasticsearchDestinationConfiguration", + "description": "An Amazon ES destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon ES destination to an Amazon S3 or Amazon Redshift destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) ." + }, + "extendedS3DestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamExtendedS3DestinationConfiguration", + "description": "An Amazon S3 destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Extended S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) ." + }, + "httpEndpointDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamHttpEndpointDestinationConfiguration", + "description": "Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination." + }, + "icebergDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamIcebergDestinationConfiguration", + "description": "Specifies the destination configure settings for Apache Iceberg Table.\n\nAmazon Data Firehose is in preview release and is subject to change.", + "replaceOnChanges": true + }, + "kinesisStreamSourceConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamKinesisStreamSourceConfiguration", + "description": "When a Kinesis stream is used as the source for the delivery stream, a [KinesisStreamSourceConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-kinesisstreamsourceconfiguration.html) containing the Kinesis stream ARN and the role ARN for the source stream.", + "replaceOnChanges": true + }, + "mskSourceConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamMskSourceConfiguration", + "description": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream.", + "replaceOnChanges": true + }, + "redshiftDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamRedshiftDestinationConfiguration", + "description": "An Amazon Redshift destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Redshift destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) ." + }, + "s3DestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration", + "description": "The `S3DestinationConfiguration` property type specifies an Amazon Simple Storage Service (Amazon S3) destination to which Amazon Kinesis Data Firehose (Kinesis Data Firehose) delivers data.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) ." + }, + "snowflakeDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSnowflakeDestinationConfiguration", + "description": "Configure Snowflake destination" + }, + "splunkDestinationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSplunkDestinationConfiguration", + "description": "The configuration of a destination in Splunk for the delivery stream." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A set of tags to assign to the delivery stream. A tag is a key-value pair that you can define and assign to AWS resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the delivery stream. For more information about tags, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide.\n\nYou can specify up to 50 tags when creating a delivery stream.\n\nIf you specify tags in the `CreateDeliveryStream` action, Amazon Data Firehose performs an additional authorization on the `firehose:TagDeliveryStream` action to verify if users have permissions to create tags. If you do not provide this permission, requests to create new Firehose delivery streams with IAM resource tags will fail with an `AccessDeniedException` such as following.\n\n*AccessDeniedException*\n\nUser: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.\n\nFor an example IAM policy, see [Tag example.](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples)" + } + }, + "autoNamingSpec": { + "sdkName": "deliveryStreamName", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "amazonOpenSearchServerlessDestinationConfiguration/VpcConfiguration", + "amazonopensearchserviceDestinationConfiguration/VpcConfiguration", + "deliveryStreamName", + "deliveryStreamType", + "elasticsearchDestinationConfiguration/VpcConfiguration", + "icebergDestinationConfiguration", + "kinesisStreamSourceConfiguration", + "mskSourceConfiguration", + "snowflakeDestinationConfiguration/SnowflakeVpcConfiguration" + ], + "irreversibleNames": { + "extendedS3DestinationConfiguration": "ExtendedS3DestinationConfiguration", + "mskSourceConfiguration": "MSKSourceConfiguration", + "s3DestinationConfiguration": "S3DestinationConfiguration" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kinesisvideo:SignalingChannel": { + "cf": "AWS::KinesisVideo::SignalingChannel", + "inputs": { + "messageTtlSeconds": { + "type": "integer", + "description": "The period of time a signaling channel retains undelivered messages before they are discarded." + }, + "name": { + "type": "string", + "description": "The name of the Kinesis Video Signaling Channel." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "type": { + "$ref": "#/types/aws-native:kinesisvideo:SignalingChannelType", + "description": "The type of the Kinesis Video Signaling Channel to create. Currently, SINGLE_MASTER is the only supported channel type." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Kinesis Video Signaling Channel." + }, + "messageTtlSeconds": { + "type": "integer", + "description": "The period of time a signaling channel retains undelivered messages before they are discarded." + }, + "name": { + "type": "string", + "description": "The name of the Kinesis Video Signaling Channel.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "type": { + "$ref": "#/types/aws-native:kinesisvideo:SignalingChannelType", + "description": "The type of the Kinesis Video Signaling Channel to create. Currently, SINGLE_MASTER is the only supported channel type." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kinesisvideo:Stream": { + "cf": "AWS::KinesisVideo::Stream", + "inputs": { + "dataRetentionInHours": { + "type": "integer", + "description": "The number of hours till which Kinesis Video will retain the data in the stream" + }, + "deviceName": { + "type": "string", + "description": "The name of the device that is writing to the stream." + }, + "kmsKeyId": { + "type": "string", + "description": "AWS KMS key ID that Kinesis Video Streams uses to encrypt stream data." + }, + "mediaType": { + "type": "string", + "description": "The media type of the stream. Consumers of the stream can use this information when processing the stream." + }, + "name": { + "type": "string", + "description": "The name of the Kinesis Video stream." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs associated with the Kinesis Video Stream." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Kinesis Video stream." + }, + "dataRetentionInHours": { + "type": "integer", + "description": "The number of hours till which Kinesis Video will retain the data in the stream" + }, + "deviceName": { + "type": "string", + "description": "The name of the device that is writing to the stream." + }, + "kmsKeyId": { + "type": "string", + "description": "AWS KMS key ID that Kinesis Video Streams uses to encrypt stream data." + }, + "mediaType": { + "type": "string", + "description": "The media type of the stream. Consumers of the stream can use this information when processing the stream." + }, + "name": { + "type": "string", + "description": "The name of the Kinesis Video stream.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs associated with the Kinesis Video Stream." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kms:Alias": { + "cf": "AWS::KMS::Alias", + "inputs": { + "aliasName": { + "type": "string", + "description": "Specifies the alias name. This value must begin with ``alias/`` followed by a name, such as ``alias/ExampleAlias``. \n If you change the value of the ``AliasName`` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC).\n The alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with ``alias/aws/``. The ``alias/aws/`` prefix is reserved for [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk)." + }, + "targetKeyId": { + "type": "string", + "description": "Associates the alias with the specified [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk). The KMS key must be in the same AWS-account and Region.\n A valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n For help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *Developer Guide*.\n Specify the key ID or the key ARN of the KMS key.\n For example:\n + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` \n \n To get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html)." + } + }, + "outputs": { + "aliasName": { + "type": "string", + "description": "Specifies the alias name. This value must begin with ``alias/`` followed by a name, such as ``alias/ExampleAlias``. \n If you change the value of the ``AliasName`` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC).\n The alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with ``alias/aws/``. The ``alias/aws/`` prefix is reserved for [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk).", + "replaceOnChanges": true + }, + "targetKeyId": { + "type": "string", + "description": "Associates the alias with the specified [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk). The KMS key must be in the same AWS-account and Region.\n A valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n For help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *Developer Guide*.\n Specify the key ID or the key ARN of the KMS key.\n For example:\n + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` \n \n To get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html)." + } + }, + "autoNamingSpec": { + "sdkName": "aliasName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "targetKeyId" + ], + "createOnly": [ + "aliasName" + ] + }, + "aws-native:kms:Key": { + "cf": "AWS::KMS::Key", + "inputs": { + "bypassPolicyLockoutSafetyCheck": { + "type": "boolean", + "description": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.\n Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\n For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *Developer Guide*.\n Use this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key." + }, + "description": { + "type": "string", + "description": "A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use." + }, + "enableKeyRotation": { + "type": "boolean", + "description": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n KMS supports automatic rotation only for symmetric encryption KMS keys (``KeySpec`` = ``SYMMETRIC_DEFAULT``). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin ``EXTERNAL``, omit the ``EnableKeyRotation`` property or set it to ``false``.\n To enable automatic key rotation of the key material for a multi-Region KMS key, set ``EnableKeyRotation`` to ``true`` on the primary key (created by using ``AWS::KMS::Key``). KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *Developer Guide*.\n When you enable automatic rotation, KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *Developer Guide*." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n When ``Enabled`` is ``true``, the *key state* of the KMS key is ``Enabled``. When ``Enabled`` is ``false``, the key state of the KMS key is ``Disabled``. The default value is ``true``.\n The actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html), [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html), or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n For information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *Developer Guide*." + }, + "keyPolicy": { + "$ref": "pulumi.json#/Any", + "description": "The key policy to attach to the KMS key.\n If you provide a key policy, it must meet the following criteria:\n + The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *Developer Guide*. (To omit this condition, set ``BypassPolicyLockoutSafetyCheck`` to true.)\n + Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to KMS. For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *User Guide*.\n \n If you do not provide a key policy, KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *Developer Guide*.\n A key policy document can include only the following characters:\n + Printable ASCII characters\n + Printable characters in the Basic Latin and Latin-1 Supplement character set\n + The tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``) special characters\n \n *Minimum*: ``1`` \n *Maximum*: ``32768``\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::KMS::Key` for more information about the expected schema for this property." + }, + "keySpec": { + "$ref": "#/types/aws-native:kms:KeySpec", + "description": "Specifies the type of KMS key to create. The default value, ``SYMMETRIC_DEFAULT``, creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, ``SYMMETRIC_DEFAULT`` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the ``KeySpec`` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *Developer Guide*.\n The ``KeySpec`` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *Developer Guide*.\n If you change the value of the ``KeySpec`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n [services that are integrated with](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *Developer Guide*.\n KMS supports the following key specs for KMS keys:\n + Symmetric encryption key (default)\n + ``SYMMETRIC_DEFAULT`` (AES-256-GCM)\n \n + HMAC keys (symmetric)\n + ``HMAC_224`` \n + ``HMAC_256`` \n + ``HMAC_384`` \n + ``HMAC_512`` \n \n + Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n + ``RSA_2048`` \n + ``RSA_3072`` \n + ``RSA_4096`` \n \n + Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n + ``ECC_NIST_P256`` (secp256r1)\n + ``ECC_NIST_P384`` (secp384r1)\n + ``ECC_NIST_P521`` (secp521r1)\n \n + Other asymmetric elliptic curve key pairs (signing and verification)\n + ``ECC_SECG_P256K1`` (secp256k1), commonly used for cryptocurrencies.\n \n + SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n + ``SM2`` (China Regions only)" + }, + "keyUsage": { + "$ref": "#/types/aws-native:kms:KeyUsage", + "description": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is ``ENCRYPT_DECRYPT``. This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the ``KeyUsage`` value after the KMS key is created.\n If you change the value of the ``KeyUsage`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n Select only one valid value.\n + For symmetric encryption KMS keys, omit the parameter or specify ``ENCRYPT_DECRYPT``.\n + For HMAC KMS keys (symmetric), specify ``GENERATE_VERIFY_MAC``.\n + For asymmetric KMS keys with RSA key pairs, specify ``ENCRYPT_DECRYPT`` or ``SIGN_VERIFY``.\n + For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify ``SIGN_VERIFY`` or ``KEY_AGREEMENT``.\n + For asymmetric KMS keys with ``ECC_SECG_P256K1`` key pairs specify ``SIGN_VERIFY``.\n + For asymmetric KMS keys with SM2 key pairs (China Regions only), specify ``ENCRYPT_DECRYPT``, ``SIGN_VERIFY``, or ``KEY_AGREEMENT``." + }, + "multiRegion": { + "type": "boolean", + "description": "Creates a multi-Region primary key that you can replicate in other AWS-Regions. You can't change the ``MultiRegion`` value after the KMS key is created.\n For a list of AWS-Regions in which multi-Region keys are supported, see [Multi-Region keys in](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the **.\n If you change the value of the ``MultiRegion`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n For a multi-Region key, set to this property to ``true``. For a single-Region key, omit this property or set it to ``false``. The default value is ``false``.\n *Multi-Region keys* are an KMS feature that lets you create multiple interoperable KMS keys in different AWS-Regions. Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS-Region and decrypt it in a different AWS-Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *Developer Guide*.\n You can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n To create a replica of this primary key in a different AWS-Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key." + }, + "origin": { + "$ref": "#/types/aws-native:kms:KeyOrigin", + "description": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is ``AWS_KMS``, which means that KMS creates the key material.\n To [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to ``EXTERNAL``. For more information about importing key material into KMS, see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *Developer Guide*.\n You can ignore ``ENABLED`` when Origin is ``EXTERNAL``. When a KMS key with Origin ``EXTERNAL`` is created, the key state is ``PENDING_IMPORT`` and ``ENABLED`` is ``false``. After you import the key material, ``ENABLED`` updated to ``true``. The KMS key can then be used for Cryptographic Operations. \n CFN doesn't support creating an ``Origin`` parameter of the ``AWS_CLOUDHSM`` or ``EXTERNAL_KEY_STORE`` values." + }, + "pendingWindowInDays": { + "type": "integer", + "description": "Specifies the number of days in the waiting period before KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n When you remove a KMS key from a CloudFormation stack, KMS schedules the KMS key for deletion and starts the mandatory waiting period. The ``PendingWindowInDays`` property determines the length of waiting period. During the waiting period, the key state of KMS key is ``Pending Deletion`` or ``Pending Replica Deletion``, which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, KMS permanently deletes the KMS key.\n KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to ``PendingReplicaDeletion`` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to ``PendingDeletion`` and the waiting period specified by ``PendingWindowInDays`` begins. When this waiting period expires, KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *Developer Guide*.\n You cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n For information about the ``Pending Deletion`` and ``Pending Replica Deletion`` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *Developer Guide*. For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *Developer Guide*." + }, + "rotationPeriodInDays": { + "type": "integer", + "description": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n The rotation period defines the number of days after you enable automatic key rotation that KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n You can use the [kms:RotationPeriodInDays](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the ``RotationPeriodInDays`` parameter.\n For more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *Developer Guide*." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Assigns one or more tags to the replica key.\n Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *Developer Guide*.\n For information about tags in KMS, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *Developer Guide*. For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the KMS key, such as `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` .\n\nFor information about the key ARN of a KMS key, see [Key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN) in the *AWS Key Management Service Developer Guide* ." + }, + "bypassPolicyLockoutSafetyCheck": { + "type": "boolean", + "description": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.\n Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\n For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *Developer Guide*.\n Use this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key." + }, + "description": { + "type": "string", + "description": "A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use." + }, + "enableKeyRotation": { + "type": "boolean", + "description": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n KMS supports automatic rotation only for symmetric encryption KMS keys (``KeySpec`` = ``SYMMETRIC_DEFAULT``). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin ``EXTERNAL``, omit the ``EnableKeyRotation`` property or set it to ``false``.\n To enable automatic key rotation of the key material for a multi-Region KMS key, set ``EnableKeyRotation`` to ``true`` on the primary key (created by using ``AWS::KMS::Key``). KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *Developer Guide*.\n When you enable automatic rotation, KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *Developer Guide*." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n When ``Enabled`` is ``true``, the *key state* of the KMS key is ``Enabled``. When ``Enabled`` is ``false``, the key state of the KMS key is ``Disabled``. The default value is ``true``.\n The actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html), [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html), or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n For information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *Developer Guide*." + }, + "keyId": { + "type": "string", + "description": "The key ID of the KMS key, such as `1234abcd-12ab-34cd-56ef-1234567890ab` .\n\nFor information about the key ID of a KMS key, see [Key ID](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id) in the *AWS Key Management Service Developer Guide* ." + }, + "keyPolicy": { + "$ref": "pulumi.json#/Any", + "description": "The key policy to attach to the KMS key.\n If you provide a key policy, it must meet the following criteria:\n + The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *Developer Guide*. (To omit this condition, set ``BypassPolicyLockoutSafetyCheck`` to true.)\n + Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to KMS. For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *User Guide*.\n \n If you do not provide a key policy, KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *Developer Guide*.\n A key policy document can include only the following characters:\n + Printable ASCII characters\n + Printable characters in the Basic Latin and Latin-1 Supplement character set\n + The tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``) special characters\n \n *Minimum*: ``1`` \n *Maximum*: ``32768``\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::KMS::Key` for more information about the expected schema for this property." + }, + "keySpec": { + "$ref": "#/types/aws-native:kms:KeySpec", + "description": "Specifies the type of KMS key to create. The default value, ``SYMMETRIC_DEFAULT``, creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, ``SYMMETRIC_DEFAULT`` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the ``KeySpec`` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *Developer Guide*.\n The ``KeySpec`` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *Developer Guide*.\n If you change the value of the ``KeySpec`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n [services that are integrated with](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *Developer Guide*.\n KMS supports the following key specs for KMS keys:\n + Symmetric encryption key (default)\n + ``SYMMETRIC_DEFAULT`` (AES-256-GCM)\n \n + HMAC keys (symmetric)\n + ``HMAC_224`` \n + ``HMAC_256`` \n + ``HMAC_384`` \n + ``HMAC_512`` \n \n + Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n + ``RSA_2048`` \n + ``RSA_3072`` \n + ``RSA_4096`` \n \n + Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n + ``ECC_NIST_P256`` (secp256r1)\n + ``ECC_NIST_P384`` (secp384r1)\n + ``ECC_NIST_P521`` (secp521r1)\n \n + Other asymmetric elliptic curve key pairs (signing and verification)\n + ``ECC_SECG_P256K1`` (secp256k1), commonly used for cryptocurrencies.\n \n + SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n + ``SM2`` (China Regions only)" + }, + "keyUsage": { + "$ref": "#/types/aws-native:kms:KeyUsage", + "description": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is ``ENCRYPT_DECRYPT``. This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the ``KeyUsage`` value after the KMS key is created.\n If you change the value of the ``KeyUsage`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n Select only one valid value.\n + For symmetric encryption KMS keys, omit the parameter or specify ``ENCRYPT_DECRYPT``.\n + For HMAC KMS keys (symmetric), specify ``GENERATE_VERIFY_MAC``.\n + For asymmetric KMS keys with RSA key pairs, specify ``ENCRYPT_DECRYPT`` or ``SIGN_VERIFY``.\n + For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify ``SIGN_VERIFY`` or ``KEY_AGREEMENT``.\n + For asymmetric KMS keys with ``ECC_SECG_P256K1`` key pairs specify ``SIGN_VERIFY``.\n + For asymmetric KMS keys with SM2 key pairs (China Regions only), specify ``ENCRYPT_DECRYPT``, ``SIGN_VERIFY``, or ``KEY_AGREEMENT``." + }, + "multiRegion": { + "type": "boolean", + "description": "Creates a multi-Region primary key that you can replicate in other AWS-Regions. You can't change the ``MultiRegion`` value after the KMS key is created.\n For a list of AWS-Regions in which multi-Region keys are supported, see [Multi-Region keys in](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the **.\n If you change the value of the ``MultiRegion`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n For a multi-Region key, set to this property to ``true``. For a single-Region key, omit this property or set it to ``false``. The default value is ``false``.\n *Multi-Region keys* are an KMS feature that lets you create multiple interoperable KMS keys in different AWS-Regions. Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS-Region and decrypt it in a different AWS-Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *Developer Guide*.\n You can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n To create a replica of this primary key in a different AWS-Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key." + }, + "origin": { + "$ref": "#/types/aws-native:kms:KeyOrigin", + "description": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is ``AWS_KMS``, which means that KMS creates the key material.\n To [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to ``EXTERNAL``. For more information about importing key material into KMS, see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *Developer Guide*.\n You can ignore ``ENABLED`` when Origin is ``EXTERNAL``. When a KMS key with Origin ``EXTERNAL`` is created, the key state is ``PENDING_IMPORT`` and ``ENABLED`` is ``false``. After you import the key material, ``ENABLED`` updated to ``true``. The KMS key can then be used for Cryptographic Operations. \n CFN doesn't support creating an ``Origin`` parameter of the ``AWS_CLOUDHSM`` or ``EXTERNAL_KEY_STORE`` values." + }, + "pendingWindowInDays": { + "type": "integer", + "description": "Specifies the number of days in the waiting period before KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n When you remove a KMS key from a CloudFormation stack, KMS schedules the KMS key for deletion and starts the mandatory waiting period. The ``PendingWindowInDays`` property determines the length of waiting period. During the waiting period, the key state of KMS key is ``Pending Deletion`` or ``Pending Replica Deletion``, which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, KMS permanently deletes the KMS key.\n KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to ``PendingReplicaDeletion`` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to ``PendingDeletion`` and the waiting period specified by ``PendingWindowInDays`` begins. When this waiting period expires, KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *Developer Guide*.\n You cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n For information about the ``Pending Deletion`` and ``Pending Replica Deletion`` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *Developer Guide*. For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *Developer Guide*." + }, + "rotationPeriodInDays": { + "type": "integer", + "description": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n The rotation period defines the number of days after you enable automatic key rotation that KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n You can use the [kms:RotationPeriodInDays](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the ``RotationPeriodInDays`` parameter.\n For more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *Developer Guide*." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Assigns one or more tags to the replica key.\n Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *Developer Guide*.\n For information about tags in KMS, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *Developer Guide*. For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "writeOnly": [ + "bypassPolicyLockoutSafetyCheck", + "pendingWindowInDays", + "rotationPeriodInDays" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:kms:ReplicaKey": { + "cf": "AWS::KMS::ReplicaKey", + "inputs": { + "description": { + "type": "string", + "description": "A description of the AWS KMS key. Use a description that helps you to distinguish this AWS KMS key from others in the account, such as its intended use." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether the AWS KMS key is enabled. Disabled AWS KMS keys cannot be used in cryptographic operations." + }, + "keyPolicy": { + "$ref": "pulumi.json#/Any", + "description": "The key policy that authorizes use of the AWS KMS key. The key policy must observe the following rules.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::KMS::ReplicaKey` for more information about the expected schema for this property." + }, + "pendingWindowInDays": { + "type": "integer", + "description": "Specifies the number of days in the waiting period before AWS KMS deletes an AWS KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days." + }, + "primaryKeyArn": { + "type": "string", + "description": "Identifies the primary AWS KMS key to create a replica of. Specify the Amazon Resource Name (ARN) of the AWS KMS key. You cannot specify an alias or key ID. For help finding the ARN, see Finding the Key ID and ARN in the AWS Key Management Service Developer Guide." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the replica key, such as `arn:aws:kms:us-west-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab` .\n\nThe key ARNs of related multi-Region keys differ only in the Region value. For information about the key ARNs of multi-Region keys, see [How multi-Region keys work](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html#mrk-how-it-works) in the *AWS Key Management Service Developer Guide* ." + }, + "description": { + "type": "string", + "description": "A description of the AWS KMS key. Use a description that helps you to distinguish this AWS KMS key from others in the account, such as its intended use." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether the AWS KMS key is enabled. Disabled AWS KMS keys cannot be used in cryptographic operations." + }, + "keyId": { + "type": "string", + "description": "The key ID of the replica key, such as `mrk-1234abcd12ab34cd56ef1234567890ab` .\n\nRelated multi-Region keys have the same key ID. For information about the key IDs of multi-Region keys, see [How multi-Region keys work](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html#mrk-how-it-works) in the *AWS Key Management Service Developer Guide* ." + }, + "keyPolicy": { + "$ref": "pulumi.json#/Any", + "description": "The key policy that authorizes use of the AWS KMS key. The key policy must observe the following rules.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::KMS::ReplicaKey` for more information about the expected schema for this property." + }, + "pendingWindowInDays": { + "type": "integer", + "description": "Specifies the number of days in the waiting period before AWS KMS deletes an AWS KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days." + }, + "primaryKeyArn": { + "type": "string", + "description": "Identifies the primary AWS KMS key to create a replica of. Specify the Amazon Resource Name (ARN) of the AWS KMS key. You cannot specify an alias or key ID. For help finding the ARN, see Finding the Key ID and ARN in the AWS Key Management Service Developer Guide.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "keyPolicy", + "primaryKeyArn" + ], + "createOnly": [ + "primaryKeyArn" + ], + "writeOnly": [ + "pendingWindowInDays" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:lakeformation:DataCellsFilter": { + "cf": "AWS::LakeFormation::DataCellsFilter", + "inputs": { + "columnNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of columns to be included in this Data Cells Filter." + }, + "columnWildcard": { + "$ref": "#/types/aws-native:lakeformation:DataCellsFilterColumnWildcard", + "description": "An object representing the Data Cells Filter's Columns. Either Column Names or a Wildcard is required" + }, + "databaseName": { + "type": "string", + "description": "The name of the Database that the Table resides in." + }, + "name": { + "type": "string", + "description": "The desired name of the Data Cells Filter." + }, + "rowFilter": { + "$ref": "#/types/aws-native:lakeformation:DataCellsFilterRowFilter", + "description": "An object representing the Data Cells Filter's Row Filter. Either a Filter Expression or a Wildcard is required" + }, + "tableCatalogId": { + "type": "string", + "description": "The Catalog Id of the Table on which to create a Data Cells Filter." + }, + "tableName": { + "type": "string", + "description": "The name of the Table to create a Data Cells Filter for." + } + }, + "outputs": { + "columnNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of columns to be included in this Data Cells Filter.", + "replaceOnChanges": true + }, + "columnWildcard": { + "$ref": "#/types/aws-native:lakeformation:DataCellsFilterColumnWildcard", + "description": "An object representing the Data Cells Filter's Columns. Either Column Names or a Wildcard is required", + "replaceOnChanges": true + }, + "databaseName": { + "type": "string", + "description": "The name of the Database that the Table resides in.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The desired name of the Data Cells Filter.", + "replaceOnChanges": true + }, + "rowFilter": { + "$ref": "#/types/aws-native:lakeformation:DataCellsFilterRowFilter", + "description": "An object representing the Data Cells Filter's Row Filter. Either a Filter Expression or a Wildcard is required", + "replaceOnChanges": true + }, + "tableCatalogId": { + "type": "string", + "description": "The Catalog Id of the Table on which to create a Data Cells Filter.", + "replaceOnChanges": true + }, + "tableName": { + "type": "string", + "description": "The name of the Table to create a Data Cells Filter for.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "databaseName", + "tableCatalogId", + "tableName" + ], + "createOnly": [ + "columnNames", + "columnWildcard", + "databaseName", + "name", + "rowFilter", + "tableCatalogId", + "tableName" + ] + }, + "aws-native:lakeformation:PrincipalPermissions": { + "cf": "AWS::LakeFormation::PrincipalPermissions", + "inputs": { + "catalog": { + "type": "string", + "description": "The identifier for the GLUDC. By default, the account ID. The GLUDC is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsPermission" + }, + "description": "The permissions granted or revoked." + }, + "permissionsWithGrantOption": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsPermission" + }, + "description": "Indicates the ability to grant permissions (as a subset of permissions granted)." + }, + "principal": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsDataLakePrincipal", + "description": "The principal to be granted a permission." + }, + "resource": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsResource", + "description": "The resource to be granted or revoked permissions." + } + }, + "outputs": { + "catalog": { + "type": "string", + "description": "The identifier for the GLUDC. By default, the account ID. The GLUDC is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.", + "replaceOnChanges": true + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsPermission" + }, + "description": "The permissions granted or revoked.", + "replaceOnChanges": true + }, + "permissionsWithGrantOption": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsPermission" + }, + "description": "Indicates the ability to grant permissions (as a subset of permissions granted).", + "replaceOnChanges": true + }, + "principal": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsDataLakePrincipal", + "description": "The principal to be granted a permission.", + "replaceOnChanges": true + }, + "principalIdentifier": { + "type": "string", + "description": "Json encoding of the input principal. For example: `{\"DataLakePrincipalIdentifier\":\"arn:aws:iam::123456789012:role/ExampleRole\"}`" + }, + "resource": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsResource", + "description": "The resource to be granted or revoked permissions.", + "replaceOnChanges": true + }, + "resourceIdentifier": { + "type": "string", + "description": "Json encoding of the input resource. For example: `{\"Catalog\":null,\"Database\":null,\"Table\":null,\"TableWithColumns\":null,\"DataLocation\":null,\"DataCellsFilter\":{\"TableCatalogId\":\"123456789012\",\"DatabaseName\":\"ExampleDatabase\",\"TableName\":\"ExampleTable\",\"Name\":\"ExampleFilter\"},\"LFTag\":null,\"LFTagPolicy\":null}`" + } + }, + "required": [ + "permissions", + "permissionsWithGrantOption", + "principal", + "resource" + ], + "createOnly": [ + "catalog", + "permissions", + "permissionsWithGrantOption", + "principal", + "resource" + ] + }, + "aws-native:lakeformation:Tag": { + "cf": "AWS::LakeFormation::Tag", + "inputs": { + "catalogId": { + "type": "string", + "description": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment." + }, + "tagKey": { + "type": "string", + "description": "The key-name for the LF-tag." + }, + "tagValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of possible values an attribute can take." + } + }, + "outputs": { + "catalogId": { + "type": "string", + "description": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.", + "replaceOnChanges": true + }, + "tagKey": { + "type": "string", + "description": "The key-name for the LF-tag.", + "replaceOnChanges": true + }, + "tagValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of possible values an attribute can take." + } + }, + "required": [ + "tagKey", + "tagValues" + ], + "createOnly": [ + "catalogId", + "tagKey" + ] + }, + "aws-native:lakeformation:TagAssociation": { + "cf": "AWS::LakeFormation::TagAssociation", + "inputs": { + "lfTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lakeformation:TagAssociationLfTagPair" + }, + "description": "List of Lake Formation Tags to associate with the Lake Formation Resource" + }, + "resource": { + "$ref": "#/types/aws-native:lakeformation:TagAssociationResource", + "description": "Resource to tag with the Lake Formation Tags" + } + }, + "outputs": { + "lfTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lakeformation:TagAssociationLfTagPair" + }, + "description": "List of Lake Formation Tags to associate with the Lake Formation Resource", + "replaceOnChanges": true + }, + "resource": { + "$ref": "#/types/aws-native:lakeformation:TagAssociationResource", + "description": "Resource to tag with the Lake Formation Tags", + "replaceOnChanges": true + }, + "resourceIdentifier": { + "type": "string", + "description": "Unique string identifying the resource. Used as primary identifier, which ideally should be a string" + }, + "tagsIdentifier": { + "type": "string", + "description": "Unique string identifying the resource's tags. Used as primary identifier, which ideally should be a string" + } + }, + "required": [ + "lfTags", + "resource" + ], + "createOnly": [ + "lfTags", + "resource" + ], + "irreversibleNames": { + "lfTags": "LFTags" + } + }, + "aws-native:lambda:Alias": { + "cf": "AWS::Lambda::Alias", + "inputs": { + "description": { + "type": "string", + "description": "A description of the alias." + }, + "functionName": { + "type": "string", + "description": "The name of the Lambda function." + }, + "functionVersion": { + "type": "string", + "description": "The function version that the alias invokes." + }, + "name": { + "type": "string", + "description": "The name of the alias." + }, + "provisionedConcurrencyConfig": { + "$ref": "#/types/aws-native:lambda:AliasProvisionedConcurrencyConfiguration", + "description": "Specifies a provisioned concurrency configuration for a function's alias." + }, + "routingConfig": { + "$ref": "#/types/aws-native:lambda:AliasRoutingConfiguration", + "description": "The routing configuration of the alias." + } + }, + "outputs": { + "aliasArn": { + "type": "string", + "description": "Lambda Alias ARN generated by the service." + }, + "description": { + "type": "string", + "description": "A description of the alias." + }, + "functionName": { + "type": "string", + "description": "The name of the Lambda function.", + "replaceOnChanges": true + }, + "functionVersion": { + "type": "string", + "description": "The function version that the alias invokes." + }, + "name": { + "type": "string", + "description": "The name of the alias.", + "replaceOnChanges": true + }, + "provisionedConcurrencyConfig": { + "$ref": "#/types/aws-native:lambda:AliasProvisionedConcurrencyConfiguration", + "description": "Specifies a provisioned concurrency configuration for a function's alias." + }, + "routingConfig": { + "$ref": "#/types/aws-native:lambda:AliasRoutingConfiguration", + "description": "The routing configuration of the alias." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "functionName", + "functionVersion" + ], + "createOnly": [ + "functionName", + "name" + ] + }, + "aws-native:lambda:CodeSigningConfig": { + "cf": "AWS::Lambda::CodeSigningConfig", + "inputs": { + "allowedPublishers": { + "$ref": "#/types/aws-native:lambda:CodeSigningConfigAllowedPublishers", + "description": "When the CodeSigningConfig is later on attached to a function, the function code will be expected to be signed by profiles from this list" + }, + "codeSigningPolicies": { + "$ref": "#/types/aws-native:lambda:CodeSigningConfigCodeSigningPolicies", + "description": "Policies to control how to act if a signature is invalid" + }, + "description": { + "type": "string", + "description": "A description of the CodeSigningConfig" + } + }, + "outputs": { + "allowedPublishers": { + "$ref": "#/types/aws-native:lambda:CodeSigningConfigAllowedPublishers", + "description": "When the CodeSigningConfig is later on attached to a function, the function code will be expected to be signed by profiles from this list" + }, + "codeSigningConfigArn": { + "type": "string", + "description": "A unique Arn for CodeSigningConfig resource" + }, + "codeSigningConfigId": { + "type": "string", + "description": "A unique identifier for CodeSigningConfig resource" + }, + "codeSigningPolicies": { + "$ref": "#/types/aws-native:lambda:CodeSigningConfigCodeSigningPolicies", + "description": "Policies to control how to act if a signature is invalid" + }, + "description": { + "type": "string", + "description": "A description of the CodeSigningConfig" + } + }, + "required": [ + "allowedPublishers" + ] + }, + "aws-native:lambda:EventInvokeConfig": { + "cf": "AWS::Lambda::EventInvokeConfig", + "inputs": { + "destinationConfig": { + "$ref": "#/types/aws-native:lambda:EventInvokeConfigDestinationConfig", + "description": "A destination for events after they have been sent to a function for processing.\n\n**Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.\n- *Queue* - The ARN of a standard SQS queue.\n- *Topic* - The ARN of a standard SNS topic.\n- *Event Bus* - The ARN of an Amazon EventBridge event bus." + }, + "functionName": { + "type": "string", + "description": "The name of the Lambda function." + }, + "maximumEventAgeInSeconds": { + "type": "integer", + "description": "The maximum age of a request that Lambda sends to a function for processing." + }, + "maximumRetryAttempts": { + "type": "integer", + "description": "The maximum number of times to retry when the function returns an error." + }, + "qualifier": { + "type": "string", + "description": "The identifier of a version or alias." + } + }, + "outputs": { + "destinationConfig": { + "$ref": "#/types/aws-native:lambda:EventInvokeConfigDestinationConfig", + "description": "A destination for events after they have been sent to a function for processing.\n\n**Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.\n- *Queue* - The ARN of a standard SQS queue.\n- *Topic* - The ARN of a standard SNS topic.\n- *Event Bus* - The ARN of an Amazon EventBridge event bus." + }, + "functionName": { + "type": "string", + "description": "The name of the Lambda function.", + "replaceOnChanges": true + }, + "maximumEventAgeInSeconds": { + "type": "integer", + "description": "The maximum age of a request that Lambda sends to a function for processing." + }, + "maximumRetryAttempts": { + "type": "integer", + "description": "The maximum number of times to retry when the function returns an error." + }, + "qualifier": { + "type": "string", + "description": "The identifier of a version or alias.", + "replaceOnChanges": true + } + }, + "required": [ + "functionName", + "qualifier" + ], + "createOnly": [ + "functionName", + "qualifier" + ] + }, + "aws-native:lambda:EventSourceMapping": { + "cf": "AWS::Lambda::EventSourceMapping", + "inputs": { + "amazonManagedKafkaEventSourceConfig": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingAmazonManagedKafkaEventSourceConfig", + "description": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source." + }, + "batchSize": { + "type": "integer", + "description": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* – Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* – Default 100. Max 10,000.\n + *Amazon Simple Queue Service* – Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* – Default 100. Max 10,000.\n + *Self-managed Apache Kafka* – Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* – Default 100. Max 10,000.\n + *DocumentDB* – Default 100. Max 10,000." + }, + "bisectBatchOnFunctionError": { + "type": "boolean", + "description": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false." + }, + "destinationConfig": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingDestinationConfig", + "description": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it." + }, + "documentDbEventSourceConfig": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingDocumentDbEventSourceConfig", + "description": "Specific configuration settings for a DocumentDB event source." + }, + "enabled": { + "type": "boolean", + "description": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n Default: True" + }, + "eventSourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* – The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* – The ARN of the stream.\n + *Amazon Simple Queue Service* – The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* – The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* – The ARN of the broker.\n + *Amazon DocumentDB* – The ARN of the DocumentDB change stream." + }, + "filterCriteria": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingFilterCriteria", + "description": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html)." + }, + "functionName": { + "type": "string", + "description": "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* – ``MyFunction``.\n + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* – ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length." + }, + "functionResponseTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingFunctionResponseTypesItem" + }, + "description": "(Streams and SQS) A list of current response type enums applied to the event source mapping.\n Valid Values: ``ReportBatchItemFailures``" + }, + "maximumBatchingWindowInSeconds": { + "type": "integer", + "description": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n *Default (, , event sources)*: 0\n *Default (, Kafka, , event sources)*: 500 ms\n *Related setting:* For SQS event sources, when you set ``BatchSize`` to a value greater than 10, you must set ``MaximumBatchingWindowInSeconds`` to at least 1." + }, + "maximumRecordAgeInSeconds": { + "type": "integer", + "description": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed" + }, + "maximumRetryAttempts": { + "type": "integer", + "description": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source." + }, + "parallelizationFactor": { + "type": "integer", + "description": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1." + }, + "queues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume." + }, + "scalingConfig": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingScalingConfig", + "description": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency)." + }, + "selfManagedEventSource": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingSelfManagedEventSource", + "description": "The self-managed Apache Kafka cluster for your event source." + }, + "selfManagedKafkaEventSourceConfig": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingSelfManagedKafkaEventSourceConfig", + "description": "Specific configuration settings for a self-managed Apache Kafka event source." + }, + "sourceAccessConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingSourceAccessConfiguration" + }, + "description": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source." + }, + "startingPosition": { + "type": "string", + "description": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n + *LATEST* - Read only new records.\n + *TRIM_HORIZON* - Process all available records.\n + *AT_TIMESTAMP* - Specify a time from which to start reading records." + }, + "startingPositionTimestamp": { + "type": "number", + "description": "With ``StartingPosition`` set to ``AT_TIMESTAMP``, the time from which to start reading, in Unix time seconds. ``StartingPositionTimestamp`` cannot be in the future." + }, + "topics": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name of the Kafka topic." + }, + "tumblingWindowInSeconds": { + "type": "integer", + "description": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window." + } + }, + "outputs": { + "amazonManagedKafkaEventSourceConfig": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingAmazonManagedKafkaEventSourceConfig", + "description": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", + "replaceOnChanges": true + }, + "awsId": { + "type": "string", + "description": "The event source mapping's ID." + }, + "batchSize": { + "type": "integer", + "description": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n + *Amazon Kinesis* – Default 100. Max 10,000.\n + *Amazon DynamoDB Streams* – Default 100. Max 10,000.\n + *Amazon Simple Queue Service* – Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n + *Amazon Managed Streaming for Apache Kafka* – Default 100. Max 10,000.\n + *Self-managed Apache Kafka* – Default 100. Max 10,000.\n + *Amazon MQ (ActiveMQ and RabbitMQ)* – Default 100. Max 10,000.\n + *DocumentDB* – Default 100. Max 10,000." + }, + "bisectBatchOnFunctionError": { + "type": "boolean", + "description": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false." + }, + "destinationConfig": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingDestinationConfig", + "description": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it." + }, + "documentDbEventSourceConfig": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingDocumentDbEventSourceConfig", + "description": "Specific configuration settings for a DocumentDB event source." + }, + "enabled": { + "type": "boolean", + "description": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n Default: True" + }, + "eventSourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the event source.\n + *Amazon Kinesis* – The ARN of the data stream or a stream consumer.\n + *Amazon DynamoDB Streams* – The ARN of the stream.\n + *Amazon Simple Queue Service* – The ARN of the queue.\n + *Amazon Managed Streaming for Apache Kafka* – The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc)).\n + *Amazon MQ* – The ARN of the broker.\n + *Amazon DocumentDB* – The ARN of the DocumentDB change stream.", + "replaceOnChanges": true + }, + "filterCriteria": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingFilterCriteria", + "description": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html)." + }, + "functionName": { + "type": "string", + "description": "The name or ARN of the Lambda function.\n **Name formats**\n + *Function name* – ``MyFunction``.\n + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction``.\n + *Version or Alias ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD``.\n + *Partial ARN* – ``123456789012:function:MyFunction``.\n \n The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length." + }, + "functionResponseTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingFunctionResponseTypesItem" + }, + "description": "(Streams and SQS) A list of current response type enums applied to the event source mapping.\n Valid Values: ``ReportBatchItemFailures``" + }, + "maximumBatchingWindowInSeconds": { + "type": "integer", + "description": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n *Default (, , event sources)*: 0\n *Default (, Kafka, , event sources)*: 500 ms\n *Related setting:* For SQS event sources, when you set ``BatchSize`` to a value greater than 10, you must set ``MaximumBatchingWindowInSeconds`` to at least 1." + }, + "maximumRecordAgeInSeconds": { + "type": "integer", + "description": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed" + }, + "maximumRetryAttempts": { + "type": "integer", + "description": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source." + }, + "parallelizationFactor": { + "type": "integer", + "description": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1." + }, + "queues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume." + }, + "scalingConfig": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingScalingConfig", + "description": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency)." + }, + "selfManagedEventSource": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingSelfManagedEventSource", + "description": "The self-managed Apache Kafka cluster for your event source.", + "replaceOnChanges": true + }, + "selfManagedKafkaEventSourceConfig": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingSelfManagedKafkaEventSourceConfig", + "description": "Specific configuration settings for a self-managed Apache Kafka event source.", + "replaceOnChanges": true + }, + "sourceAccessConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingSourceAccessConfiguration" + }, + "description": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source." + }, + "startingPosition": { + "type": "string", + "description": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n + *LATEST* - Read only new records.\n + *TRIM_HORIZON* - Process all available records.\n + *AT_TIMESTAMP* - Specify a time from which to start reading records.", + "replaceOnChanges": true + }, + "startingPositionTimestamp": { + "type": "number", + "description": "With ``StartingPosition`` set to ``AT_TIMESTAMP``, the time from which to start reading, in Unix time seconds. ``StartingPositionTimestamp`` cannot be in the future.", + "replaceOnChanges": true + }, + "topics": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name of the Kafka topic." + }, + "tumblingWindowInSeconds": { + "type": "integer", + "description": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window." + } + }, + "required": [ + "functionName" + ], + "createOnly": [ + "amazonManagedKafkaEventSourceConfig", + "eventSourceArn", + "selfManagedEventSource", + "selfManagedKafkaEventSourceConfig", + "startingPosition", + "startingPositionTimestamp" + ], + "irreversibleNames": { + "awsId": "Id", + "documentDbEventSourceConfig": "DocumentDBEventSourceConfig" + } + }, + "aws-native:lambda:Function": { + "cf": "AWS::Lambda::Function", + "inputs": { + "architectures": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lambda:FunctionArchitecturesItem" + }, + "description": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is ``x86_64``." + }, + "code": { + "$ref": "#/types/aws-native:lambda:FunctionCode", + "description": "The code for the function." + }, + "codeSigningConfigArn": { + "type": "string", + "description": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function." + }, + "deadLetterConfig": { + "$ref": "#/types/aws-native:lambda:FunctionDeadLetterConfig", + "description": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq)." + }, + "description": { + "type": "string", + "description": "A description of the function." + }, + "environment": { + "$ref": "#/types/aws-native:lambda:FunctionEnvironment", + "description": "Environment variables that are accessible from function code during execution." + }, + "ephemeralStorage": { + "$ref": "#/types/aws-native:lambda:FunctionEphemeralStorage", + "description": "The size of the function's ``/tmp`` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB." + }, + "fileSystemConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lambda:FunctionFileSystemConfig" + }, + "description": "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a ``DependsOn`` attribute to ensure that the mount target is created or updated before the function.\n For more information about using the ``DependsOn`` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html)." + }, + "functionName": { + "type": "string", + "description": "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, CFN generates one.\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "handler": { + "type": "string", + "description": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html)." + }, + "imageConfig": { + "$ref": "#/types/aws-native:lambda:FunctionImageConfig", + "description": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms)." + }, + "kmsKeyArn": { + "type": "string", + "description": "The ARN of the KMSlong (KMS) customer managed key that's used to encrypt your function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption). When [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) is activated, Lambda also uses this key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to encrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). If you don't provide a customer managed key, Lambda uses a default service key." + }, + "layers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version." + }, + "loggingConfig": { + "$ref": "#/types/aws-native:lambda:FunctionLoggingConfig", + "description": "The function's Amazon CloudWatch Logs configuration settings." + }, + "memorySize": { + "type": "integer", + "description": "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase." + }, + "packageType": { + "$ref": "#/types/aws-native:lambda:FunctionPackageType", + "description": "The type of deployment package. Set to ``Image`` for container image and set ``Zip`` for .zip file archive." + }, + "reservedConcurrentExecutions": { + "type": "integer", + "description": "The number of simultaneous executions to reserve for the function." + }, + "role": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the function's execution role." + }, + "runtime": { + "type": "string", + "description": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n The following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels).\n For a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported)." + }, + "runtimeManagementConfig": { + "$ref": "#/types/aws-native:lambda:FunctionRuntimeManagementConfig", + "description": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html)." + }, + "snapStart": { + "$ref": "#/types/aws-native:lambda:FunctionSnapStart", + "description": "The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function." + }, + "timeout": { + "type": "integer", + "description": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html)." + }, + "tracingConfig": { + "$ref": "#/types/aws-native:lambda:FunctionTracingConfig", + "description": "Set ``Mode`` to ``Active`` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html)." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:lambda:FunctionVpcConfig", + "description": "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html)." + } + }, + "outputs": { + "architectures": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lambda:FunctionArchitecturesItem" + }, + "description": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is ``x86_64``." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the function." + }, + "code": { + "$ref": "#/types/aws-native:lambda:FunctionCode", + "description": "The code for the function." + }, + "codeSigningConfigArn": { + "type": "string", + "description": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function." + }, + "deadLetterConfig": { + "$ref": "#/types/aws-native:lambda:FunctionDeadLetterConfig", + "description": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq)." + }, + "description": { + "type": "string", + "description": "A description of the function." + }, + "environment": { + "$ref": "#/types/aws-native:lambda:FunctionEnvironment", + "description": "Environment variables that are accessible from function code during execution." + }, + "ephemeralStorage": { + "$ref": "#/types/aws-native:lambda:FunctionEphemeralStorage", + "description": "The size of the function's ``/tmp`` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB." + }, + "fileSystemConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lambda:FunctionFileSystemConfig" + }, + "description": "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a ``DependsOn`` attribute to ensure that the mount target is created or updated before the function.\n For more information about using the ``DependsOn`` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html)." + }, + "functionName": { + "type": "string", + "description": "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, CFN generates one.\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "handler": { + "type": "string", + "description": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html)." + }, + "imageConfig": { + "$ref": "#/types/aws-native:lambda:FunctionImageConfig", + "description": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms)." + }, + "kmsKeyArn": { + "type": "string", + "description": "The ARN of the KMSlong (KMS) customer managed key that's used to encrypt your function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption). When [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) is activated, Lambda also uses this key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to encrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). If you don't provide a customer managed key, Lambda uses a default service key." + }, + "layers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version." + }, + "loggingConfig": { + "$ref": "#/types/aws-native:lambda:FunctionLoggingConfig", + "description": "The function's Amazon CloudWatch Logs configuration settings." + }, + "memorySize": { + "type": "integer", + "description": "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase." + }, + "packageType": { + "$ref": "#/types/aws-native:lambda:FunctionPackageType", + "description": "The type of deployment package. Set to ``Image`` for container image and set ``Zip`` for .zip file archive." + }, + "reservedConcurrentExecutions": { + "type": "integer", + "description": "The number of simultaneous executions to reserve for the function." + }, + "role": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the function's execution role." + }, + "runtime": { + "type": "string", + "description": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n The following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels).\n For a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported)." + }, + "runtimeManagementConfig": { + "$ref": "#/types/aws-native:lambda:FunctionRuntimeManagementConfig", + "description": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html)." + }, + "snapStart": { + "$ref": "#/types/aws-native:lambda:FunctionSnapStart", + "description": "The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting." + }, + "snapStartResponse": { + "$ref": "#/types/aws-native:lambda:FunctionSnapStartResponse" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function." + }, + "timeout": { + "type": "integer", + "description": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html)." + }, + "tracingConfig": { + "$ref": "#/types/aws-native:lambda:FunctionTracingConfig", + "description": "Set ``Mode`` to ``Active`` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html)." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:lambda:FunctionVpcConfig", + "description": "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html)." + } + }, + "autoNamingSpec": { + "sdkName": "functionName", + "minLength": 1 + }, + "required": [ + "code", + "role" + ], + "createOnly": [ + "functionName" + ], + "writeOnly": [ + "code", + "code/ImageUri", + "code/S3Bucket", + "code/S3Key", + "code/S3ObjectVersion", + "code/ZipFile", + "snapStart", + "snapStart/ApplyOn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:lambda:LayerVersion": { + "cf": "AWS::Lambda::LayerVersion", + "inputs": { + "compatibleArchitectures": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of compatible instruction set architectures." + }, + "compatibleRuntimes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of compatible function runtimes. Used for filtering with ListLayers and ListLayerVersions." + }, + "content": { + "$ref": "#/types/aws-native:lambda:LayerVersionContent", + "description": "The function layer archive." + }, + "description": { + "type": "string", + "description": "The description of the version." + }, + "layerName": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the layer." + }, + "licenseInfo": { + "type": "string", + "description": "The layer's software license." + } + }, + "outputs": { + "compatibleArchitectures": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of compatible instruction set architectures.", + "replaceOnChanges": true + }, + "compatibleRuntimes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of compatible function runtimes. Used for filtering with ListLayers and ListLayerVersions.", + "replaceOnChanges": true + }, + "content": { + "$ref": "#/types/aws-native:lambda:LayerVersionContent", + "description": "The function layer archive.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the version.", + "replaceOnChanges": true + }, + "layerName": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the layer.", + "replaceOnChanges": true + }, + "layerVersionArn": { + "type": "string", + "description": "The ARN of the layer version." + }, + "licenseInfo": { + "type": "string", + "description": "The layer's software license.", + "replaceOnChanges": true + } + }, + "required": [ + "content" + ], + "createOnly": [ + "compatibleArchitectures", + "compatibleRuntimes", + "content", + "description", + "layerName", + "licenseInfo" + ], + "writeOnly": [ + "content" + ] + }, + "aws-native:lambda:LayerVersionPermission": { + "cf": "AWS::Lambda::LayerVersionPermission", + "inputs": { + "action": { + "type": "string", + "description": "The API action that grants access to the layer." + }, + "layerVersionArn": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the layer." + }, + "organizationId": { + "type": "string", + "description": "With the principal set to *, grant permission to all accounts in the specified organization." + }, + "principal": { + "type": "string", + "description": "An account ID, or * to grant layer usage permission to all accounts in an organization, or all AWS accounts (if organizationId is not specified)." + } + }, + "outputs": { + "action": { + "type": "string", + "description": "The API action that grants access to the layer.", + "replaceOnChanges": true + }, + "awsId": { + "type": "string", + "description": "ID generated by service" + }, + "layerVersionArn": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the layer.", + "replaceOnChanges": true + }, + "organizationId": { + "type": "string", + "description": "With the principal set to *, grant permission to all accounts in the specified organization.", + "replaceOnChanges": true + }, + "principal": { + "type": "string", + "description": "An account ID, or * to grant layer usage permission to all accounts in an organization, or all AWS accounts (if organizationId is not specified).", + "replaceOnChanges": true + } + }, + "required": [ + "action", + "layerVersionArn", + "principal" + ], + "createOnly": [ + "action", + "layerVersionArn", + "organizationId", + "principal" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:lambda:Permission": { + "cf": "AWS::Lambda::Permission", + "inputs": { + "action": { + "type": "string", + "description": "The action that the principal can use on the function. For example, ``lambda:InvokeFunction`` or ``lambda:GetFunction``." + }, + "eventSourceToken": { + "type": "string", + "description": "For Alexa Smart Home functions, a token that the invoker must supply." + }, + "functionName": { + "type": "string", + "description": "The name or ARN of the Lambda function, version, or alias.\n **Name formats**\n + *Function name* – ``my-function`` (name-only), ``my-function:v1`` (with alias).\n + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:my-function``.\n + *Partial ARN* – ``123456789012:function:my-function``.\n \n You can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length." + }, + "functionUrlAuthType": { + "$ref": "#/types/aws-native:lambda:PermissionFunctionUrlAuthType", + "description": "The type of authentication that your function URL uses. Set to ``AWS_IAM`` if you want to restrict access to authenticated users only. Set to ``NONE`` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html)." + }, + "principal": { + "type": "string", + "description": "The AWS-service or AWS-account that invokes the function. If you specify a service, use ``SourceArn`` or ``SourceAccount`` to limit who can invoke the function through that service." + }, + "principalOrgId": { + "type": "string", + "description": "The identifier for your organization in AOlong. Use this to grant permissions to all the AWS-accounts under this organization." + }, + "sourceAccount": { + "type": "string", + "description": "For AWS-service, the ID of the AWS-account that owns the resource. Use this together with ``SourceArn`` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account." + }, + "sourceArn": { + "type": "string", + "description": "For AWS-services, the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.\n Note that Lambda configures the comparison using the ``StringLike`` operator." + } + }, + "outputs": { + "action": { + "type": "string", + "description": "The action that the principal can use on the function. For example, ``lambda:InvokeFunction`` or ``lambda:GetFunction``.", + "replaceOnChanges": true + }, + "awsId": { + "type": "string" + }, + "eventSourceToken": { + "type": "string", + "description": "For Alexa Smart Home functions, a token that the invoker must supply.", + "replaceOnChanges": true + }, + "functionName": { + "type": "string", + "description": "The name or ARN of the Lambda function, version, or alias.\n **Name formats**\n + *Function name* – ``my-function`` (name-only), ``my-function:v1`` (with alias).\n + *Function ARN* – ``arn:aws:lambda:us-west-2:123456789012:function:my-function``.\n + *Partial ARN* – ``123456789012:function:my-function``.\n \n You can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", + "replaceOnChanges": true + }, + "functionUrlAuthType": { + "$ref": "#/types/aws-native:lambda:PermissionFunctionUrlAuthType", + "description": "The type of authentication that your function URL uses. Set to ``AWS_IAM`` if you want to restrict access to authenticated users only. Set to ``NONE`` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html).", + "replaceOnChanges": true + }, + "principal": { + "type": "string", + "description": "The AWS-service or AWS-account that invokes the function. If you specify a service, use ``SourceArn`` or ``SourceAccount`` to limit who can invoke the function through that service.", + "replaceOnChanges": true + }, + "principalOrgId": { + "type": "string", + "description": "The identifier for your organization in AOlong. Use this to grant permissions to all the AWS-accounts under this organization.", + "replaceOnChanges": true + }, + "sourceAccount": { + "type": "string", + "description": "For AWS-service, the ID of the AWS-account that owns the resource. Use this together with ``SourceArn`` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.", + "replaceOnChanges": true + }, + "sourceArn": { + "type": "string", + "description": "For AWS-services, the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.\n Note that Lambda configures the comparison using the ``StringLike`` operator.", + "replaceOnChanges": true + } + }, + "required": [ + "action", + "functionName", + "principal" + ], + "createOnly": [ + "action", + "eventSourceToken", + "functionName", + "functionUrlAuthType", + "principal", + "principalOrgId", + "sourceAccount", + "sourceArn" + ], + "irreversibleNames": { + "awsId": "Id", + "principalOrgId": "PrincipalOrgID" + } + }, + "aws-native:lambda:Url": { + "cf": "AWS::Lambda::Url", + "inputs": { + "authType": { + "$ref": "#/types/aws-native:lambda:UrlAuthType", + "description": "Can be either AWS_IAM if the requests are authorized via IAM, or NONE if no authorization is configured on the Function URL." + }, + "cors": { + "$ref": "#/types/aws-native:lambda:UrlCors", + "description": "The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL." + }, + "invokeMode": { + "$ref": "#/types/aws-native:lambda:UrlInvokeMode", + "description": "The invocation mode for the function's URL. Set to BUFFERED if you want to buffer responses before returning them to the client. Set to RESPONSE_STREAM if you want to stream responses, allowing faster time to first byte and larger response payload sizes. If not set, defaults to BUFFERED." + }, + "qualifier": { + "type": "string", + "description": "The alias qualifier for the target function. If TargetFunctionArn is unqualified then Qualifier must be passed." + }, + "targetFunctionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the function associated with the Function URL." + } + }, + "outputs": { + "authType": { + "$ref": "#/types/aws-native:lambda:UrlAuthType", + "description": "Can be either AWS_IAM if the requests are authorized via IAM, or NONE if no authorization is configured on the Function URL." + }, + "cors": { + "$ref": "#/types/aws-native:lambda:UrlCors", + "description": "The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL." + }, + "functionArn": { + "type": "string", + "description": "The full Amazon Resource Name (ARN) of the function associated with the Function URL." + }, + "functionUrl": { + "type": "string", + "description": "The generated url for this resource." + }, + "invokeMode": { + "$ref": "#/types/aws-native:lambda:UrlInvokeMode", + "description": "The invocation mode for the function's URL. Set to BUFFERED if you want to buffer responses before returning them to the client. Set to RESPONSE_STREAM if you want to stream responses, allowing faster time to first byte and larger response payload sizes. If not set, defaults to BUFFERED." + }, + "qualifier": { + "type": "string", + "description": "The alias qualifier for the target function. If TargetFunctionArn is unqualified then Qualifier must be passed.", + "replaceOnChanges": true + }, + "targetFunctionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the function associated with the Function URL.", + "replaceOnChanges": true + } + }, + "required": [ + "authType", + "targetFunctionArn" + ], + "createOnly": [ + "qualifier", + "targetFunctionArn" + ] + }, + "aws-native:lambda:Version": { + "cf": "AWS::Lambda::Version", + "inputs": { + "codeSha256": { + "type": "string", + "description": "Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property." + }, + "description": { + "type": "string", + "description": "A description for the version to override the description in the function configuration. Updates are not supported for this property." + }, + "functionName": { + "type": "string", + "description": "The name of the Lambda function." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The resource policy of your function\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Lambda::Version` for more information about the expected schema for this property." + }, + "provisionedConcurrencyConfig": { + "$ref": "#/types/aws-native:lambda:VersionProvisionedConcurrencyConfiguration", + "description": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property." + }, + "runtimePolicy": { + "$ref": "#/types/aws-native:lambda:VersionRuntimePolicy", + "description": "Specifies the runtime management configuration of a function. Displays runtimeVersionArn only for Manual." + } + }, + "outputs": { + "codeSha256": { + "type": "string", + "description": "Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "A description for the version to override the description in the function configuration. Updates are not supported for this property.", + "replaceOnChanges": true + }, + "functionArn": { + "type": "string", + "description": "The ARN of the version." + }, + "functionName": { + "type": "string", + "description": "The name of the Lambda function.", + "replaceOnChanges": true + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The resource policy of your function\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Lambda::Version` for more information about the expected schema for this property." + }, + "provisionedConcurrencyConfig": { + "$ref": "#/types/aws-native:lambda:VersionProvisionedConcurrencyConfiguration", + "description": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property.", + "replaceOnChanges": true + }, + "runtimePolicy": { + "$ref": "#/types/aws-native:lambda:VersionRuntimePolicy", + "description": "Specifies the runtime management configuration of a function. Displays runtimeVersionArn only for Manual.", + "replaceOnChanges": true + }, + "version": { + "type": "string", + "description": "The version number.", + "language": { + "csharp": { + "name": "VersionValue" + } + } + } + }, + "required": [ + "functionName" + ], + "createOnly": [ + "codeSha256", + "description", + "functionName", + "provisionedConcurrencyConfig", + "runtimePolicy" + ], + "irreversibleNames": { + "codeSha256": "CodeSha256" + } + }, + "aws-native:launchwizard:Deployment": { + "cf": "AWS::LaunchWizard::Deployment", + "inputs": { + "deploymentPatternName": { + "type": "string", + "description": "Workload deployment pattern name" + }, + "name": { + "type": "string", + "description": "Name of LaunchWizard deployment" + }, + "specifications": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "LaunchWizard deployment specifications" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for LaunchWizard deployment" + }, + "workloadName": { + "type": "string", + "description": "Workload Name for LaunchWizard deployment" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "ARN of the LaunchWizard deployment" + }, + "createdAt": { + "type": "string", + "description": "Timestamp of LaunchWizard deployment creation" + }, + "deletedAt": { + "type": "string", + "description": "Timestamp of LaunchWizard deployment deletion" + }, + "deploymentId": { + "type": "string", + "description": "Deployment ID of the LaunchWizard deployment" + }, + "deploymentPatternName": { + "type": "string", + "description": "Workload deployment pattern name", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Name of LaunchWizard deployment", + "replaceOnChanges": true + }, + "resourceGroup": { + "type": "string", + "description": "Resource Group Name created for LaunchWizard deployment" + }, + "specifications": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "LaunchWizard deployment specifications" + }, + "status": { + "$ref": "#/types/aws-native:launchwizard:DeploymentStatus", + "description": "Status of LaunchWizard deployment" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for LaunchWizard deployment" + }, + "workloadName": { + "type": "string", + "description": "Workload Name for LaunchWizard deployment", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 50 + }, + "required": [ + "deploymentPatternName", + "specifications", + "workloadName" + ], + "createOnly": [ + "deploymentPatternName", + "name", + "workloadName" + ], + "writeOnly": [ + "specifications" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:lex:Bot": { + "cf": "AWS::Lex::Bot", + "inputs": { + "autoBuildBotLocales": { + "type": "boolean", + "description": "Specifies whether to build the bot locales after bot creation completes." + }, + "botFileS3Location": { + "$ref": "#/types/aws-native:lex:BotS3Location", + "description": "The Amazon S3 location of files used to import a bot. The files must be in the import format specified in [JSON format for importing and exporting](https://docs.aws.amazon.com/lexv2/latest/dg/import-export-format.html) in the *Amazon Lex developer guide.*" + }, + "botLocales": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotLocale" + }, + "description": "List of bot locales" + }, + "botTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotTag" + }, + "description": "A list of tags to add to the bot, which can only be added at bot creation." + }, + "dataPrivacy": { + "$ref": "#/types/aws-native:lex:DataPrivacyProperties", + "description": "Data privacy setting of the Bot." + }, + "description": { + "type": "string", + "description": "The description of the version." + }, + "idleSessionTtlInSeconds": { + "type": "integer", + "description": "IdleSessionTTLInSeconds of the resource" + }, + "name": { + "type": "string", + "description": "The name of the bot locale." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role used to build and run the bot." + }, + "testBotAliasSettings": { + "$ref": "#/types/aws-native:lex:BotTestBotAliasSettings", + "description": "Specifies configuration settings for the alias used to test the bot. If the `TestBotAliasSettings` property is not specified, the settings are configured with default values." + }, + "testBotAliasTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotTag" + }, + "description": "A list of tags to add to the test alias for a bot, , which can only be added at bot/bot alias creation." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the bot." + }, + "autoBuildBotLocales": { + "type": "boolean", + "description": "Specifies whether to build the bot locales after bot creation completes." + }, + "awsId": { + "type": "string", + "description": "The unique identifier of the bot." + }, + "botFileS3Location": { + "$ref": "#/types/aws-native:lex:BotS3Location", + "description": "The Amazon S3 location of files used to import a bot. The files must be in the import format specified in [JSON format for importing and exporting](https://docs.aws.amazon.com/lexv2/latest/dg/import-export-format.html) in the *Amazon Lex developer guide.*" + }, + "botLocales": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotLocale" + }, + "description": "List of bot locales" + }, + "botTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotTag" + }, + "description": "A list of tags to add to the bot, which can only be added at bot creation." + }, + "dataPrivacy": { + "$ref": "#/types/aws-native:lex:DataPrivacyProperties", + "description": "Data privacy setting of the Bot." + }, + "description": { + "type": "string", + "description": "The description of the version." + }, + "idleSessionTtlInSeconds": { + "type": "integer", + "description": "IdleSessionTTLInSeconds of the resource" + }, + "name": { + "type": "string", + "description": "The name of the bot locale." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role used to build and run the bot." + }, + "testBotAliasSettings": { + "$ref": "#/types/aws-native:lex:BotTestBotAliasSettings", + "description": "Specifies configuration settings for the alias used to test the bot. If the `TestBotAliasSettings` property is not specified, the settings are configured with default values." + }, + "testBotAliasTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotTag" + }, + "description": "A list of tags to add to the test alias for a bot, , which can only be added at bot/bot alias creation." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "dataPrivacy", + "idleSessionTtlInSeconds", + "roleArn" + ], + "writeOnly": [ + "autoBuildBotLocales", + "botFileS3Location", + "botLocales", + "botTags", + "testBotAliasTags" + ], + "irreversibleNames": { + "awsId": "Id", + "botFileS3Location": "BotFileS3Location", + "idleSessionTtlInSeconds": "IdleSessionTTLInSeconds" + } + }, + "aws-native:lex:BotAlias": { + "cf": "AWS::Lex::BotAlias", + "inputs": { + "botAliasLocaleSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotAliasLocaleSettingsItem" + }, + "description": "Specifies settings that are unique to a locale. For example, you can use different Lambda function depending on the bot's locale." + }, + "botAliasName": { + "type": "string", + "description": "The name of the bot alias." + }, + "botAliasTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotAliasTag" + }, + "description": "A list of tags to add to the bot alias." + }, + "botId": { + "type": "string", + "description": "The unique identifier of the bot." + }, + "botVersion": { + "type": "string", + "description": "The version of the bot that the bot alias references." + }, + "conversationLogSettings": { + "$ref": "#/types/aws-native:lex:BotAliasConversationLogSettings", + "description": "Specifies whether Amazon Lex logs text and audio for conversations with the bot. When you enable conversation logs, text logs store text input, transcripts of audio input, and associated metadata in Amazon CloudWatch logs. Audio logs store input in Amazon S3 ." + }, + "description": { + "type": "string", + "description": "The description of the bot alias." + }, + "sentimentAnalysisSettings": { + "$ref": "#/types/aws-native:lex:SentimentAnalysisSettingsProperties", + "description": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the bot alias." + }, + "botAliasId": { + "type": "string", + "description": "The unique identifier of the bot alias." + }, + "botAliasLocaleSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotAliasLocaleSettingsItem" + }, + "description": "Specifies settings that are unique to a locale. For example, you can use different Lambda function depending on the bot's locale." + }, + "botAliasName": { + "type": "string", + "description": "The name of the bot alias." + }, + "botAliasStatus": { + "$ref": "#/types/aws-native:lex:BotAliasStatus", + "description": "The current status of the bot alias. When the status is Available the alias is ready for use with your bot." + }, + "botAliasTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotAliasTag" + }, + "description": "A list of tags to add to the bot alias." + }, + "botId": { + "type": "string", + "description": "The unique identifier of the bot.", + "replaceOnChanges": true + }, + "botVersion": { + "type": "string", + "description": "The version of the bot that the bot alias references." + }, + "conversationLogSettings": { + "$ref": "#/types/aws-native:lex:BotAliasConversationLogSettings", + "description": "Specifies whether Amazon Lex logs text and audio for conversations with the bot. When you enable conversation logs, text logs store text input, transcripts of audio input, and associated metadata in Amazon CloudWatch logs. Audio logs store input in Amazon S3 ." + }, + "description": { + "type": "string", + "description": "The description of the bot alias." + }, + "sentimentAnalysisSettings": { + "$ref": "#/types/aws-native:lex:SentimentAnalysisSettingsProperties", + "description": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances." + } + }, + "autoNamingSpec": { + "sdkName": "botAliasName" + }, + "required": [ + "botId" + ], + "createOnly": [ + "botId" + ], + "writeOnly": [ + "botAliasTags" + ] + }, + "aws-native:lex:BotVersion": { + "cf": "AWS::Lex::BotVersion", + "inputs": { + "botId": { + "type": "string", + "description": "The unique identifier of the bot." + }, + "botVersionLocaleSpecification": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotVersionLocaleSpecification" + }, + "description": "Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version." + }, + "description": { + "type": "string", + "description": "The description of the version." + } + }, + "outputs": { + "botId": { + "type": "string", + "description": "The unique identifier of the bot.", + "replaceOnChanges": true + }, + "botVersion": { + "type": "string", + "description": "The version of the bot.", + "language": { + "csharp": { + "name": "BotVersionValue" + } + } + }, + "botVersionLocaleSpecification": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotVersionLocaleSpecification" + }, + "description": "Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version." + }, + "description": { + "type": "string", + "description": "The description of the version." + } + }, + "required": [ + "botId", + "botVersionLocaleSpecification" + ], + "createOnly": [ + "botId" + ], + "writeOnly": [ + "botVersionLocaleSpecification" + ] + }, + "aws-native:lex:ResourcePolicy": { + "cf": "AWS::Lex::ResourcePolicy", + "inputs": { + "policy": { + "$ref": "#/types/aws-native:lex:ResourcePolicyPolicy", + "description": "A resource policy to add to the resource. The policy is a JSON structure that contains one or more statements that define the policy. The policy must follow IAM syntax. If the policy isn't valid, Amazon Lex returns a validation exception." + }, + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The identifier of the resource policy." + }, + "policy": { + "$ref": "#/types/aws-native:lex:ResourcePolicyPolicy", + "description": "A resource policy to add to the resource. The policy is a JSON structure that contains one or more statements that define the policy. The policy must follow IAM syntax. If the policy isn't valid, Amazon Lex returns a validation exception." + }, + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to." + }, + "revisionId": { + "type": "string", + "description": "Specifies the current revision of a resource policy." + } + }, + "required": [ + "policy", + "resourceArn" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:licensemanager:Grant": { + "cf": "AWS::LicenseManager::Grant", + "inputs": { + "allowedOperations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed operations for the grant." + }, + "grantName": { + "type": "string", + "description": "Name for the created Grant." + }, + "homeRegion": { + "type": "string", + "description": "Home region for the created grant." + }, + "licenseArn": { + "type": "string", + "description": "License Arn for the grant." + }, + "principals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The grant principals. You can specify one of the following as an Amazon Resource Name (ARN):\n\n- An AWS account, which includes only the account specified.\n\n- An organizational unit (OU), which includes all accounts in the OU.\n\n- An organization, which will include all accounts across your organization." + }, + "status": { + "type": "string", + "description": "Granted license status." + } + }, + "outputs": { + "allowedOperations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed operations for the grant." + }, + "grantArn": { + "type": "string", + "description": "Arn of the grant." + }, + "grantName": { + "type": "string", + "description": "Name for the created Grant." + }, + "homeRegion": { + "type": "string", + "description": "Home region for the created grant." + }, + "licenseArn": { + "type": "string", + "description": "License Arn for the grant." + }, + "principals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The grant principals. You can specify one of the following as an Amazon Resource Name (ARN):\n\n- An AWS account, which includes only the account specified.\n\n- An organizational unit (OU), which includes all accounts in the OU.\n\n- An organization, which will include all accounts across your organization." + }, + "status": { + "type": "string", + "description": "Granted license status." + }, + "version": { + "type": "string", + "description": "The version of the grant." + } + }, + "autoNamingSpec": { + "sdkName": "grantName" + }, + "writeOnly": [ + "allowedOperations", + "principals", + "status" + ] + }, + "aws-native:licensemanager:License": { + "cf": "AWS::LicenseManager::License", + "inputs": { + "beneficiary": { + "type": "string", + "description": "Beneficiary of the license." + }, + "consumptionConfiguration": { + "$ref": "#/types/aws-native:licensemanager:LicenseConsumptionConfiguration", + "description": "Configuration for consumption of the license." + }, + "entitlements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:licensemanager:LicenseEntitlement" + }, + "description": "License entitlements." + }, + "homeRegion": { + "type": "string", + "description": "Home region for the created license." + }, + "issuer": { + "$ref": "#/types/aws-native:licensemanager:LicenseIssuerData", + "description": "License issuer." + }, + "licenseMetadata": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:licensemanager:LicenseMetadata" + }, + "description": "License metadata." + }, + "licenseName": { + "type": "string", + "description": "Name for the created license." + }, + "productName": { + "type": "string", + "description": "Product name for the created license." + }, + "productSku": { + "type": "string", + "description": "ProductSKU of the license." + }, + "status": { + "type": "string", + "description": "License status." + }, + "validity": { + "$ref": "#/types/aws-native:licensemanager:LicenseValidityDateFormat", + "description": "Date and time range during which the license is valid, in ISO8601-UTC format." + } + }, + "outputs": { + "beneficiary": { + "type": "string", + "description": "Beneficiary of the license." + }, + "consumptionConfiguration": { + "$ref": "#/types/aws-native:licensemanager:LicenseConsumptionConfiguration", + "description": "Configuration for consumption of the license." + }, + "entitlements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:licensemanager:LicenseEntitlement" + }, + "description": "License entitlements." + }, + "homeRegion": { + "type": "string", + "description": "Home region for the created license." + }, + "issuer": { + "$ref": "#/types/aws-native:licensemanager:LicenseIssuerData", + "description": "License issuer." + }, + "licenseArn": { + "type": "string", + "description": "Amazon Resource Name is a unique name for each resource." + }, + "licenseMetadata": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:licensemanager:LicenseMetadata" + }, + "description": "License metadata." + }, + "licenseName": { + "type": "string", + "description": "Name for the created license." + }, + "productName": { + "type": "string", + "description": "Product name for the created license." + }, + "productSku": { + "type": "string", + "description": "ProductSKU of the license." + }, + "status": { + "type": "string", + "description": "License status." + }, + "validity": { + "$ref": "#/types/aws-native:licensemanager:LicenseValidityDateFormat", + "description": "Date and time range during which the license is valid, in ISO8601-UTC format." + }, + "version": { + "type": "string", + "description": "The version of the license." + } + }, + "autoNamingSpec": { + "sdkName": "licenseName" + }, + "required": [ + "consumptionConfiguration", + "entitlements", + "homeRegion", + "issuer", + "productName", + "validity" + ], + "writeOnly": [ + "status" + ], + "irreversibleNames": { + "productSku": "ProductSKU" + } + }, + "aws-native:lightsail:Alarm": { + "cf": "AWS::Lightsail::Alarm", + "inputs": { + "alarmName": { + "type": "string", + "description": "The name for the alarm. Specify the name of an existing alarm to update, and overwrite the previous configuration of the alarm." + }, + "comparisonOperator": { + "type": "string", + "description": "The arithmetic operation to use when comparing the specified statistic to the threshold. The specified statistic value is used as the first operand." + }, + "contactProtocols": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The contact protocols to use for the alarm, such as Email, SMS (text messaging), or both." + }, + "datapointsToAlarm": { + "type": "integer", + "description": "The number of data points that must be not within the specified threshold to trigger the alarm. If you are setting an \"M out of N\" alarm, this value (datapointsToAlarm) is the M." + }, + "evaluationPeriods": { + "type": "integer", + "description": "The number of most recent periods over which data is compared to the specified threshold. If you are setting an \"M out of N\" alarm, this value (evaluationPeriods) is the N." + }, + "metricName": { + "type": "string", + "description": "The name of the metric to associate with the alarm." + }, + "monitoredResourceName": { + "type": "string", + "description": "The name of the Lightsail resource that the alarm monitors." + }, + "notificationEnabled": { + "type": "boolean", + "description": "Indicates whether the alarm is enabled. Notifications are enabled by default if you don't specify this parameter." + }, + "notificationTriggers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The alarm states that trigger a notification." + }, + "threshold": { + "type": "number", + "description": "The value against which the specified statistic is compared." + }, + "treatMissingData": { + "type": "string", + "description": "Sets how this alarm will handle missing data points." + } + }, + "outputs": { + "alarmArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the alarm." + }, + "alarmName": { + "type": "string", + "description": "The name for the alarm. Specify the name of an existing alarm to update, and overwrite the previous configuration of the alarm.", + "replaceOnChanges": true + }, + "comparisonOperator": { + "type": "string", + "description": "The arithmetic operation to use when comparing the specified statistic to the threshold. The specified statistic value is used as the first operand." + }, + "contactProtocols": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The contact protocols to use for the alarm, such as Email, SMS (text messaging), or both." + }, + "datapointsToAlarm": { + "type": "integer", + "description": "The number of data points that must be not within the specified threshold to trigger the alarm. If you are setting an \"M out of N\" alarm, this value (datapointsToAlarm) is the M." + }, + "evaluationPeriods": { + "type": "integer", + "description": "The number of most recent periods over which data is compared to the specified threshold. If you are setting an \"M out of N\" alarm, this value (evaluationPeriods) is the N." + }, + "metricName": { + "type": "string", + "description": "The name of the metric to associate with the alarm.", + "replaceOnChanges": true + }, + "monitoredResourceName": { + "type": "string", + "description": "The name of the Lightsail resource that the alarm monitors.", + "replaceOnChanges": true + }, + "notificationEnabled": { + "type": "boolean", + "description": "Indicates whether the alarm is enabled. Notifications are enabled by default if you don't specify this parameter." + }, + "notificationTriggers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The alarm states that trigger a notification." + }, + "state": { + "type": "string", + "description": "The current state of the alarm." + }, + "threshold": { + "type": "number", + "description": "The value against which the specified statistic is compared." + }, + "treatMissingData": { + "type": "string", + "description": "Sets how this alarm will handle missing data points." + } + }, + "autoNamingSpec": { + "sdkName": "alarmName" + }, + "required": [ + "comparisonOperator", + "evaluationPeriods", + "metricName", + "monitoredResourceName", + "threshold" + ], + "createOnly": [ + "alarmName", + "metricName", + "monitoredResourceName" + ] + }, + "aws-native:lightsail:Bucket": { + "cf": "AWS::Lightsail::Bucket", + "inputs": { + "accessRules": { + "$ref": "#/types/aws-native:lightsail:BucketAccessRules", + "description": "An object that describes the access rules for the bucket." + }, + "bucketName": { + "type": "string", + "description": "The name for the bucket." + }, + "bundleId": { + "type": "string", + "description": "The ID of the bundle to use for the bucket." + }, + "objectVersioning": { + "type": "boolean", + "description": "Specifies whether to enable or disable versioning of objects in the bucket." + }, + "readOnlyAccessAccounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of strings to specify the AWS account IDs that can access the bucket." + }, + "resourcesReceivingAccess": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The names of the Lightsail resources for which to set bucket access." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "ableToUpdateBundle": { + "type": "boolean", + "description": "Indicates whether the bundle that is currently applied to a bucket can be changed to another bundle. You can update a bucket's bundle only one time within a monthly AWS billing cycle." + }, + "accessRules": { + "$ref": "#/types/aws-native:lightsail:BucketAccessRules", + "description": "An object that describes the access rules for the bucket." + }, + "bucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the bucket." + }, + "bucketName": { + "type": "string", + "description": "The name for the bucket.", + "replaceOnChanges": true + }, + "bundleId": { + "type": "string", + "description": "The ID of the bundle to use for the bucket." + }, + "objectVersioning": { + "type": "boolean", + "description": "Specifies whether to enable or disable versioning of objects in the bucket." + }, + "readOnlyAccessAccounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of strings to specify the AWS account IDs that can access the bucket." + }, + "resourcesReceivingAccess": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The names of the Lightsail resources for which to set bucket access." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "url": { + "type": "string", + "description": "The URL of the bucket." + } + }, + "autoNamingSpec": { + "sdkName": "bucketName", + "minLength": 3, + "maxLength": 54 + }, + "required": [ + "bundleId" + ], + "createOnly": [ + "bucketName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:lightsail:Certificate": { + "cf": "AWS::Lightsail::Certificate", + "inputs": { + "certificateName": { + "type": "string", + "description": "The name for the certificate." + }, + "domainName": { + "type": "string", + "description": "The domain name (e.g., example.com ) for the certificate." + }, + "subjectAlternativeNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of strings that specify the alternate domains (e.g., example2.com) and subdomains (e.g., blog.example.com) for the certificate." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "certificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the certificate." + }, + "certificateName": { + "type": "string", + "description": "The name for the certificate.", + "replaceOnChanges": true + }, + "domainName": { + "type": "string", + "description": "The domain name (e.g., example.com ) for the certificate.", + "replaceOnChanges": true + }, + "status": { + "type": "string", + "description": "The validation status of the certificate." + }, + "subjectAlternativeNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of strings that specify the alternate domains (e.g., example2.com) and subdomains (e.g., blog.example.com) for the certificate.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "certificateName" + }, + "required": [ + "domainName" + ], + "createOnly": [ + "certificateName", + "domainName", + "subjectAlternativeNames" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:lightsail:Container": { + "cf": "AWS::Lightsail::Container", + "inputs": { + "containerServiceDeployment": { + "$ref": "#/types/aws-native:lightsail:ContainerServiceDeployment", + "description": "Describes a container deployment configuration of an Amazon Lightsail container service." + }, + "isDisabled": { + "type": "boolean", + "description": "A Boolean value to indicate whether the container service is disabled." + }, + "power": { + "type": "string", + "description": "The power specification for the container service." + }, + "privateRegistryAccess": { + "$ref": "#/types/aws-native:lightsail:ContainerPrivateRegistryAccess", + "description": "A Boolean value to indicate whether the container service has access to private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories." + }, + "publicDomainNames": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:ContainerPublicDomainName" + }, + "description": "The public domain names to use with the container service, such as example.com and www.example.com." + }, + "scale": { + "type": "integer", + "description": "The scale specification for the container service." + }, + "serviceName": { + "type": "string", + "description": "The name for the container service." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "containerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the container." + }, + "containerServiceDeployment": { + "$ref": "#/types/aws-native:lightsail:ContainerServiceDeployment", + "description": "Describes a container deployment configuration of an Amazon Lightsail container service." + }, + "isDisabled": { + "type": "boolean", + "description": "A Boolean value to indicate whether the container service is disabled." + }, + "power": { + "type": "string", + "description": "The power specification for the container service." + }, + "principalArn": { + "type": "string", + "description": "The principal ARN of the container service." + }, + "privateRegistryAccess": { + "$ref": "#/types/aws-native:lightsail:ContainerPrivateRegistryAccess", + "description": "A Boolean value to indicate whether the container service has access to private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories." + }, + "publicDomainNames": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:ContainerPublicDomainName" + }, + "description": "The public domain names to use with the container service, such as example.com and www.example.com." + }, + "scale": { + "type": "integer", + "description": "The scale specification for the container service." + }, + "serviceName": { + "type": "string", + "description": "The name for the container service.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "url": { + "type": "string", + "description": "The publicly accessible URL of the container service." + } + }, + "required": [ + "power", + "scale", + "serviceName" + ], + "createOnly": [ + "serviceName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:lightsail:Database": { + "cf": "AWS::Lightsail::Database", + "inputs": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to create your new database. Use the us-east-2a case-sensitive format." + }, + "backupRetention": { + "type": "boolean", + "description": "When true, enables automated backup retention for your database. Updates are applied during the next maintenance window because this can result in an outage." + }, + "caCertificateIdentifier": { + "type": "string", + "description": "Indicates the certificate that needs to be associated with the database." + }, + "masterDatabaseName": { + "type": "string", + "description": "The name of the database to create when the Lightsail database resource is created. For MySQL, if this parameter isn't specified, no database is created in the database resource. For PostgreSQL, if this parameter isn't specified, a database named postgres is created in the database resource." + }, + "masterUserPassword": { + "type": "string", + "description": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\". It cannot contain spaces." + }, + "masterUsername": { + "type": "string", + "description": "The name for the master user." + }, + "preferredBackupWindow": { + "type": "string", + "description": "The daily time range during which automated backups are created for your new database if automated backups are enabled." + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The weekly time range during which system maintenance can occur on your new database." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "Specifies the accessibility options for your new database. A value of true specifies a database that is available to resources outside of your Lightsail account. A value of false specifies a database that is available only to your Lightsail resources in the same region as your database." + }, + "relationalDatabaseBlueprintId": { + "type": "string", + "description": "The blueprint ID for your new database. A blueprint describes the major engine version of a database." + }, + "relationalDatabaseBundleId": { + "type": "string", + "description": "The bundle ID for your new database. A bundle describes the performance specifications for your database." + }, + "relationalDatabaseName": { + "type": "string", + "description": "The name to use for your new Lightsail database resource." + }, + "relationalDatabaseParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:DatabaseRelationalDatabaseParameter" + }, + "description": "Update one or more parameters of the relational database." + }, + "rotateMasterUserPassword": { + "type": "boolean", + "description": "When true, the master user password is changed to a new strong password generated by Lightsail. Use the get relational database master user password operation to get the new password." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to create your new database. Use the us-east-2a case-sensitive format.", + "replaceOnChanges": true + }, + "backupRetention": { + "type": "boolean", + "description": "When true, enables automated backup retention for your database. Updates are applied during the next maintenance window because this can result in an outage." + }, + "caCertificateIdentifier": { + "type": "string", + "description": "Indicates the certificate that needs to be associated with the database." + }, + "databaseArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the database (for example, `arn:aws:lightsail:us-east-2:123456789101:RelationalDatabase/244ad76f-8aad-4741-809f-12345EXAMPLE` )." + }, + "masterDatabaseName": { + "type": "string", + "description": "The name of the database to create when the Lightsail database resource is created. For MySQL, if this parameter isn't specified, no database is created in the database resource. For PostgreSQL, if this parameter isn't specified, a database named postgres is created in the database resource.", + "replaceOnChanges": true + }, + "masterUserPassword": { + "type": "string", + "description": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\". It cannot contain spaces." + }, + "masterUsername": { + "type": "string", + "description": "The name for the master user.", + "replaceOnChanges": true + }, + "preferredBackupWindow": { + "type": "string", + "description": "The daily time range during which automated backups are created for your new database if automated backups are enabled." + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The weekly time range during which system maintenance can occur on your new database." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "Specifies the accessibility options for your new database. A value of true specifies a database that is available to resources outside of your Lightsail account. A value of false specifies a database that is available only to your Lightsail resources in the same region as your database." + }, + "relationalDatabaseBlueprintId": { + "type": "string", + "description": "The blueprint ID for your new database. A blueprint describes the major engine version of a database.", + "replaceOnChanges": true + }, + "relationalDatabaseBundleId": { + "type": "string", + "description": "The bundle ID for your new database. A bundle describes the performance specifications for your database.", + "replaceOnChanges": true + }, + "relationalDatabaseName": { + "type": "string", + "description": "The name to use for your new Lightsail database resource.", + "replaceOnChanges": true + }, + "relationalDatabaseParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:DatabaseRelationalDatabaseParameter" + }, + "description": "Update one or more parameters of the relational database." + }, + "rotateMasterUserPassword": { + "type": "boolean", + "description": "When true, the master user password is changed to a new strong password generated by Lightsail. Use the get relational database master user password operation to get the new password." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "masterDatabaseName", + "masterUsername", + "relationalDatabaseBlueprintId", + "relationalDatabaseBundleId", + "relationalDatabaseName" + ], + "createOnly": [ + "availabilityZone", + "masterDatabaseName", + "masterUsername", + "relationalDatabaseBlueprintId", + "relationalDatabaseBundleId", + "relationalDatabaseName" + ], + "writeOnly": [ + "masterUserPassword", + "relationalDatabaseParameters", + "rotateMasterUserPassword" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:lightsail:Disk": { + "cf": "AWS::Lightsail::Disk", + "inputs": { + "addOns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:DiskAddOn" + }, + "description": "An array of objects representing the add-ons to enable for the new instance." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to create your instance. Use the following format: us-east-2a (case sensitive). Be sure to add the include Availability Zones parameter to your request." + }, + "diskName": { + "type": "string", + "description": "The names to use for your new Lightsail disk." + }, + "location": { + "$ref": "#/types/aws-native:lightsail:DiskLocation", + "description": "The AWS Region and Availability Zone where the disk is located." + }, + "sizeInGb": { + "type": "integer", + "description": "Size of the Lightsail disk" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "addOns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:DiskAddOn" + }, + "description": "An array of objects representing the add-ons to enable for the new instance." + }, + "attachedTo": { + "type": "string", + "description": "Name of the attached Lightsail Instance" + }, + "attachmentState": { + "type": "string", + "description": "Attachment State of the Lightsail disk" + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to create your instance. Use the following format: us-east-2a (case sensitive). Be sure to add the include Availability Zones parameter to your request.", + "replaceOnChanges": true + }, + "diskArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the disk." + }, + "diskName": { + "type": "string", + "description": "The names to use for your new Lightsail disk.", + "replaceOnChanges": true + }, + "iops": { + "type": "integer", + "description": "Iops of the Lightsail disk" + }, + "isAttached": { + "type": "boolean", + "description": "Check is Disk is attached state" + }, + "location": { + "$ref": "#/types/aws-native:lightsail:DiskLocation", + "description": "The AWS Region and Availability Zone where the disk is located." + }, + "path": { + "type": "string", + "description": "Path of the attached Disk" + }, + "resourceType": { + "type": "string", + "description": "Resource type of Lightsail instance." + }, + "sizeInGb": { + "type": "integer", + "description": "Size of the Lightsail disk", + "replaceOnChanges": true + }, + "state": { + "type": "string", + "description": "State of the Lightsail disk" + }, + "supportCode": { + "type": "string", + "description": "Support code to help identify any issues" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "diskName", + "minLength": 1, + "maxLength": 254 + }, + "required": [ + "sizeInGb" + ], + "createOnly": [ + "availabilityZone", + "diskName", + "sizeInGb" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:lightsail:Instance": { + "cf": "AWS::Lightsail::Instance", + "inputs": { + "addOns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:InstanceAddOn" + }, + "description": "An array of objects representing the add-ons to enable for the new instance." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to create your instance. Use the following format: us-east-2a (case sensitive). Be sure to add the include Availability Zones parameter to your request." + }, + "blueprintId": { + "type": "string", + "description": "The ID for a virtual private server image (e.g., app_wordpress_4_4 or app_lamp_7_0 ). Use the get blueprints operation to return a list of available images (or blueprints )." + }, + "bundleId": { + "type": "string", + "description": "The bundle of specification information for your virtual private server (or instance ), including the pricing plan (e.g., micro_1_0 )." + }, + "hardware": { + "$ref": "#/types/aws-native:lightsail:InstanceHardware", + "description": "The hardware properties for the instance, such as the vCPU count, attached disks, and amount of RAM.\n\n\u003e The instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it." + }, + "instanceName": { + "type": "string", + "description": "The names to use for your new Lightsail instance." + }, + "keyPairName": { + "type": "string", + "description": "The name of your key pair." + }, + "location": { + "$ref": "#/types/aws-native:lightsail:InstanceLocation", + "description": "The location for the instance, such as the AWS Region and Availability Zone.\n\n\u003e The `Location` property is read-only and should not be specified in a create instance or update instance request." + }, + "networking": { + "$ref": "#/types/aws-native:lightsail:InstanceNetworking", + "description": "The public ports and the monthly amount of data transfer allocated for the instance." + }, + "state": { + "$ref": "#/types/aws-native:lightsail:InstanceState", + "description": "The status code and the state (for example, `running` ) of the instance.\n\n\u003e The `State` property is read-only and should not be specified in a create instance or update instance request." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "userData": { + "type": "string", + "description": "A launch script you can create that configures a server with additional user data. For example, you might want to run apt-get -y update." + } + }, + "outputs": { + "addOns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:InstanceAddOn" + }, + "description": "An array of objects representing the add-ons to enable for the new instance." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to create your instance. Use the following format: us-east-2a (case sensitive). Be sure to add the include Availability Zones parameter to your request.", + "replaceOnChanges": true + }, + "blueprintId": { + "type": "string", + "description": "The ID for a virtual private server image (e.g., app_wordpress_4_4 or app_lamp_7_0 ). Use the get blueprints operation to return a list of available images (or blueprints ).", + "replaceOnChanges": true + }, + "bundleId": { + "type": "string", + "description": "The bundle of specification information for your virtual private server (or instance ), including the pricing plan (e.g., micro_1_0 ).", + "replaceOnChanges": true + }, + "hardware": { + "$ref": "#/types/aws-native:lightsail:InstanceHardware", + "description": "The hardware properties for the instance, such as the vCPU count, attached disks, and amount of RAM.\n\n\u003e The instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it." + }, + "instanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance (for example, `arn:aws:lightsail:us-east-2:123456789101:Instance/244ad76f-8aad-4741-809f-12345EXAMPLE` )." + }, + "instanceName": { + "type": "string", + "description": "The names to use for your new Lightsail instance.", + "replaceOnChanges": true + }, + "ipv6Addresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "IPv6 addresses of the instance" + }, + "isStaticIp": { + "type": "boolean", + "description": "Is the IP Address of the Instance is the static IP" + }, + "keyPairName": { + "type": "string", + "description": "The name of your key pair." + }, + "location": { + "$ref": "#/types/aws-native:lightsail:InstanceLocation", + "description": "The location for the instance, such as the AWS Region and Availability Zone.\n\n\u003e The `Location` property is read-only and should not be specified in a create instance or update instance request." + }, + "networking": { + "$ref": "#/types/aws-native:lightsail:InstanceNetworking", + "description": "The public ports and the monthly amount of data transfer allocated for the instance." + }, + "privateIpAddress": { + "type": "string", + "description": "Private IP Address of the Instance" + }, + "publicIpAddress": { + "type": "string", + "description": "Public IP Address of the Instance" + }, + "resourceType": { + "type": "string", + "description": "Resource type of Lightsail instance." + }, + "sshKeyName": { + "type": "string", + "description": "SSH Key Name of the Lightsail instance." + }, + "state": { + "$ref": "#/types/aws-native:lightsail:InstanceState", + "description": "The status code and the state (for example, `running` ) of the instance.\n\n\u003e The `State` property is read-only and should not be specified in a create instance or update instance request." + }, + "supportCode": { + "type": "string", + "description": "Support code to help identify any issues" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "userData": { + "type": "string", + "description": "A launch script you can create that configures a server with additional user data. For example, you might want to run apt-get -y update." + }, + "userName": { + "type": "string", + "description": "Username of the Lightsail instance." + } + }, + "autoNamingSpec": { + "sdkName": "instanceName", + "minLength": 1, + "maxLength": 254 + }, + "required": [ + "blueprintId", + "bundleId" + ], + "createOnly": [ + "availabilityZone", + "blueprintId", + "bundleId", + "instanceName" + ], + "writeOnly": [ + "userData" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:lightsail:LoadBalancer": { + "cf": "AWS::Lightsail::LoadBalancer", + "inputs": { + "attachedInstances": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The names of the instances attached to the load balancer." + }, + "healthCheckPath": { + "type": "string", + "description": "The path you provided to perform the load balancer health check. If you didn't specify a health check path, Lightsail uses the root path of your website (e.g., \"/\")." + }, + "instancePort": { + "type": "integer", + "description": "The instance port where you're creating your load balancer." + }, + "ipAddressType": { + "type": "string", + "description": "The IP address type for the load balancer. The possible values are ipv4 for IPv4 only, and dualstack for IPv4 and IPv6. The default value is dualstack." + }, + "loadBalancerName": { + "type": "string", + "description": "The name of your load balancer." + }, + "sessionStickinessEnabled": { + "type": "boolean", + "description": "Configuration option to enable session stickiness." + }, + "sessionStickinessLbCookieDurationSeconds": { + "type": "string", + "description": "Configuration option to adjust session stickiness cookie duration parameter." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "tlsPolicyName": { + "type": "string", + "description": "The name of the TLS policy to apply to the load balancer." + } + }, + "outputs": { + "attachedInstances": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The names of the instances attached to the load balancer." + }, + "healthCheckPath": { + "type": "string", + "description": "The path you provided to perform the load balancer health check. If you didn't specify a health check path, Lightsail uses the root path of your website (e.g., \"/\")." + }, + "instancePort": { + "type": "integer", + "description": "The instance port where you're creating your load balancer.", + "replaceOnChanges": true + }, + "ipAddressType": { + "type": "string", + "description": "The IP address type for the load balancer. The possible values are ipv4 for IPv4 only, and dualstack for IPv4 and IPv6. The default value is dualstack.", + "replaceOnChanges": true + }, + "loadBalancerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the load balancer." + }, + "loadBalancerName": { + "type": "string", + "description": "The name of your load balancer.", + "replaceOnChanges": true + }, + "sessionStickinessEnabled": { + "type": "boolean", + "description": "Configuration option to enable session stickiness." + }, + "sessionStickinessLbCookieDurationSeconds": { + "type": "string", + "description": "Configuration option to adjust session stickiness cookie duration parameter." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "tlsPolicyName": { + "type": "string", + "description": "The name of the TLS policy to apply to the load balancer." + } + }, + "autoNamingSpec": { + "sdkName": "loadBalancerName" + }, + "required": [ + "instancePort" + ], + "createOnly": [ + "instancePort", + "ipAddressType", + "loadBalancerName" + ], + "irreversibleNames": { + "sessionStickinessLbCookieDurationSeconds": "SessionStickinessLBCookieDurationSeconds" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:lightsail:LoadBalancerTlsCertificate": { + "cf": "AWS::Lightsail::LoadBalancerTlsCertificate", + "inputs": { + "certificateAlternativeNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of strings listing alternative domains and subdomains for your SSL/TLS certificate." + }, + "certificateDomainName": { + "type": "string", + "description": "The domain name (e.g., example.com ) for your SSL/TLS certificate." + }, + "certificateName": { + "type": "string", + "description": "The SSL/TLS certificate name." + }, + "httpsRedirectionEnabled": { + "type": "boolean", + "description": "A Boolean value that indicates whether HTTPS redirection is enabled for the load balancer." + }, + "isAttached": { + "type": "boolean", + "description": "When true, the SSL/TLS certificate is attached to the Lightsail load balancer." + }, + "loadBalancerName": { + "type": "string", + "description": "The name of your load balancer." + } + }, + "outputs": { + "certificateAlternativeNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of strings listing alternative domains and subdomains for your SSL/TLS certificate.", + "replaceOnChanges": true + }, + "certificateDomainName": { + "type": "string", + "description": "The domain name (e.g., example.com ) for your SSL/TLS certificate.", + "replaceOnChanges": true + }, + "certificateName": { + "type": "string", + "description": "The SSL/TLS certificate name.", + "replaceOnChanges": true + }, + "httpsRedirectionEnabled": { + "type": "boolean", + "description": "A Boolean value that indicates whether HTTPS redirection is enabled for the load balancer." + }, + "isAttached": { + "type": "boolean", + "description": "When true, the SSL/TLS certificate is attached to the Lightsail load balancer." + }, + "loadBalancerName": { + "type": "string", + "description": "The name of your load balancer.", + "replaceOnChanges": true + }, + "loadBalancerTlsCertificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the SSL/TLS certificate." + }, + "status": { + "type": "string", + "description": "The validation status of the SSL/TLS certificate." + } + }, + "autoNamingSpec": { + "sdkName": "certificateName" + }, + "required": [ + "certificateDomainName", + "loadBalancerName" + ], + "createOnly": [ + "certificateAlternativeNames", + "certificateDomainName", + "certificateName", + "loadBalancerName" + ] + }, + "aws-native:lightsail:StaticIp": { + "cf": "AWS::Lightsail::StaticIp", + "inputs": { + "attachedTo": { + "type": "string", + "description": "The instance where the static IP is attached." + }, + "staticIpName": { + "type": "string", + "description": "The name of the static IP address." + } + }, + "outputs": { + "attachedTo": { + "type": "string", + "description": "The instance where the static IP is attached." + }, + "ipAddress": { + "type": "string", + "description": "The static IP address." + }, + "isAttached": { + "type": "boolean", + "description": "A Boolean value indicating whether the static IP is attached." + }, + "staticIpArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the static IP (for example, `arn:aws:lightsail:us-east-2:123456789101:StaticIp/244ad76f-8aad-4741-809f-12345EXAMPLE` )." + }, + "staticIpName": { + "type": "string", + "description": "The name of the static IP address.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "staticIpName" + }, + "createOnly": [ + "staticIpName" + ] + }, + "aws-native:location:ApiKey": { + "cf": "AWS::Location::APIKey", + "inputs": { + "description": { + "type": "string", + "description": "Updates the description for the API key resource." + }, + "expireTime": { + "type": "string", + "description": "The optional timestamp for when the API key resource will expire in [ISO 8601 format](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) ." + }, + "forceDelete": { + "type": "boolean", + "description": "ForceDelete bypasses an API key's expiry conditions and deletes the key. Set the parameter `true` to delete the key or to `false` to not preemptively delete the API key.\n\nValid values: `true` , or `false` .\n\n\u003e This action is irreversible. Only use ForceDelete if you are certain the key is no longer in use." + }, + "forceUpdate": { + "type": "boolean", + "description": "The boolean flag to be included for updating `ExpireTime` or Restrictions details.\nMust be set to `true` to update an API key resource that has been used in the past 7 days. `False` if force update is not preferred." + }, + "keyName": { + "type": "string", + "description": "A custom name for the API key resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A–Z, a–z, 0–9), hyphens (-), periods (.), and underscores (_).\n- Must be a unique API key name.\n- No spaces allowed. For example, `ExampleAPIKey` ." + }, + "noExpiry": { + "type": "boolean", + "description": "Whether the API key should expire. Set to `true` to set the API key to have no expiration time." + }, + "restrictions": { + "$ref": "#/types/aws-native:location:ApiKeyRestrictions", + "description": "The API key restrictions for the API key resource." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the resource. Used when you need to specify a resource across all AWS ." + }, + "createTime": { + "type": "string", + "description": "The timestamp for when the API key resource was created in ISO 8601 format: YYYY-MM-DDThh:mm:ss.sssZ." + }, + "description": { + "type": "string", + "description": "Updates the description for the API key resource." + }, + "expireTime": { + "type": "string", + "description": "The optional timestamp for when the API key resource will expire in [ISO 8601 format](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) ." + }, + "forceDelete": { + "type": "boolean", + "description": "ForceDelete bypasses an API key's expiry conditions and deletes the key. Set the parameter `true` to delete the key or to `false` to not preemptively delete the API key.\n\nValid values: `true` , or `false` .\n\n\u003e This action is irreversible. Only use ForceDelete if you are certain the key is no longer in use." + }, + "forceUpdate": { + "type": "boolean", + "description": "The boolean flag to be included for updating `ExpireTime` or Restrictions details.\nMust be set to `true` to update an API key resource that has been used in the past 7 days. `False` if force update is not preferred." + }, + "keyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the API key resource. Used when you need to specify a resource across all AWS ." + }, + "keyName": { + "type": "string", + "description": "A custom name for the API key resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A–Z, a–z, 0–9), hyphens (-), periods (.), and underscores (_).\n- Must be a unique API key name.\n- No spaces allowed. For example, `ExampleAPIKey` .", + "replaceOnChanges": true + }, + "noExpiry": { + "type": "boolean", + "description": "Whether the API key should expire. Set to `true` to set the API key to have no expiration time." + }, + "restrictions": { + "$ref": "#/types/aws-native:location:ApiKeyRestrictions", + "description": "The API key restrictions for the API key resource." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "updateTime": { + "type": "string", + "description": "The timestamp for when the API key resource was last updated in ISO 8601 format: `YYYY-MM-DDThh:mm:ss.sssZ` ." + } + }, + "autoNamingSpec": { + "sdkName": "keyName", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "restrictions" + ], + "createOnly": [ + "keyName" + ], + "writeOnly": [ + "forceDelete", + "forceUpdate", + "noExpiry" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:location:GeofenceCollection": { + "cf": "AWS::Location::GeofenceCollection", + "inputs": { + "collectionName": { + "type": "string", + "description": "A custom name for the geofence collection.\n\nRequirements:\n\n- Contain only alphanumeric characters (A–Z, a–z, 0–9), hyphens (-), periods (.), and underscores (_).\n- Must be a unique geofence collection name.\n- No spaces allowed. For example, `ExampleGeofenceCollection` ." + }, + "description": { + "type": "string", + "description": "An optional description for the geofence collection." + }, + "kmsKeyId": { + "type": "string", + "description": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN." + }, + "pricingPlan": { + "$ref": "#/types/aws-native:location:GeofenceCollectionPricingPlan" + }, + "pricingPlanDataSource": { + "type": "string", + "description": "This shape is deprecated since 2022-02-01: Deprecated. No longer allowed." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the geofence collection resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollection`" + }, + "collectionArn": { + "type": "string", + "description": "Synonym for `Arn` . The Amazon Resource Name (ARN) for the geofence collection resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollection`" + }, + "collectionName": { + "type": "string", + "description": "A custom name for the geofence collection.\n\nRequirements:\n\n- Contain only alphanumeric characters (A–Z, a–z, 0–9), hyphens (-), periods (.), and underscores (_).\n- Must be a unique geofence collection name.\n- No spaces allowed. For example, `ExampleGeofenceCollection` .", + "replaceOnChanges": true + }, + "createTime": { + "type": "string", + "description": "The timestamp for when the geofence collection resource was created in [ISO 8601](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) format: `YYYY-MM-DDThh:mm:ss.sssZ` ." + }, + "description": { + "type": "string", + "description": "An optional description for the geofence collection." + }, + "kmsKeyId": { + "type": "string", + "description": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", + "replaceOnChanges": true + }, + "pricingPlan": { + "$ref": "#/types/aws-native:location:GeofenceCollectionPricingPlan" + }, + "pricingPlanDataSource": { + "type": "string", + "description": "This shape is deprecated since 2022-02-01: Deprecated. No longer allowed." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "updateTime": { + "type": "string", + "description": "The timestamp for when the geofence collection resource was last updated in [ISO 8601](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) format: `YYYY-MM-DDThh:mm:ss.sssZ` ." + } + }, + "autoNamingSpec": { + "sdkName": "collectionName", + "minLength": 1, + "maxLength": 100 + }, + "createOnly": [ + "collectionName", + "kmsKeyId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:location:Map": { + "cf": "AWS::Location::Map", + "inputs": { + "configuration": { + "$ref": "#/types/aws-native:location:MapConfiguration", + "description": "Specifies the `MapConfiguration` , including the map style, for the map resource that you create. The map style defines the look of maps and the data provider for your map resource." + }, + "description": { + "type": "string", + "description": "An optional description for the map resource." + }, + "mapName": { + "type": "string", + "description": "The name for the map resource.\n\nRequirements:\n\n- Must contain only alphanumeric characters (A–Z, a–z, 0–9), hyphens (-), periods (.), and underscores (_).\n- Must be a unique map resource name.\n- No spaces allowed. For example, `ExampleMap` ." + }, + "pricingPlan": { + "$ref": "#/types/aws-native:location:MapPricingPlan", + "description": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the map resource. Used to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:maps/ExampleMap`" + }, + "configuration": { + "$ref": "#/types/aws-native:location:MapConfiguration", + "description": "Specifies the `MapConfiguration` , including the map style, for the map resource that you create. The map style defines the look of maps and the data provider for your map resource.", + "replaceOnChanges": true + }, + "createTime": { + "type": "string", + "description": "The timestamp for when the map resource was created in [ISO 8601](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) format: `YYYY-MM-DDThh:mm:ss.sssZ` ." + }, + "description": { + "type": "string", + "description": "An optional description for the map resource." + }, + "mapArn": { + "type": "string", + "description": "Synonym for `Arn` . The Amazon Resource Name (ARN) for the map resource. Used to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:maps/ExampleMap`" + }, + "mapName": { + "type": "string", + "description": "The name for the map resource.\n\nRequirements:\n\n- Must contain only alphanumeric characters (A–Z, a–z, 0–9), hyphens (-), periods (.), and underscores (_).\n- Must be a unique map resource name.\n- No spaces allowed. For example, `ExampleMap` .", + "replaceOnChanges": true + }, + "pricingPlan": { + "$ref": "#/types/aws-native:location:MapPricingPlan", + "description": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "updateTime": { + "type": "string", + "description": "The timestamp for when the map resource was last updated in [ISO 8601](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) format: `YYYY-MM-DDThh:mm:ss.sssZ` ." + } + }, + "autoNamingSpec": { + "sdkName": "mapName", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "configuration" + ], + "createOnly": [ + "configuration", + "mapName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:location:PlaceIndex": { + "cf": "AWS::Location::PlaceIndex", + "inputs": { + "dataSource": { + "type": "string", + "description": "Specifies the geospatial data provider for the new place index.\n\n\u003e This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` – For additional information about [Esri](https://docs.aws.amazon.com/location/latest/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on geocoding coverage](https://docs.aws.amazon.com/https://developers.arcgis.com/rest/geocode/api-reference/geocode-coverage.htm) .\n- `Grab` – Grab provides place index functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/latest/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/latest/developerguide/grab.html#grab-coverage-area) .\n- `Here` – For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/latest/developerguide/HERE.html) ' coverage in your region of interest, see [HERE details on goecoding coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/geocoder/dev_guide/topics/coverage-geocoder.html) .\n\n\u003e If you specify HERE Technologies ( `Here` ) as the data provider, you may not [store results](https://docs.aws.amazon.com//location-places/latest/APIReference/API_DataSourceConfiguration.html) for locations in Japan. For more information, see the [AWS Service Terms](https://docs.aws.amazon.com/service-terms/) for Amazon Location Service.\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/latest/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* ." + }, + "dataSourceConfiguration": { + "$ref": "#/types/aws-native:location:PlaceIndexDataSourceConfiguration", + "description": "Specifies the data storage option requesting Places." + }, + "description": { + "type": "string", + "description": "The optional description for the place index resource." + }, + "indexName": { + "type": "string", + "description": "The name of the place index resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A–Z, a–z, 0–9), hyphens (-), periods (.), and underscores (_).\n- Must be a unique place index resource name.\n- No spaces allowed. For example, `ExamplePlaceIndex` ." + }, + "pricingPlan": { + "$ref": "#/types/aws-native:location:PlaceIndexPricingPlan", + "description": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the place index resource. Used to specify a resource across AWS .\n\n- Format example: `arn:aws:geo:region:account-id:place-index/ExamplePlaceIndex`" + }, + "createTime": { + "type": "string", + "description": "The timestamp for when the place index resource was created in [ISO 8601](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) format: `YYYY-MM-DDThh:mm:ss.sssZ` ." + }, + "dataSource": { + "type": "string", + "description": "Specifies the geospatial data provider for the new place index.\n\n\u003e This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` – For additional information about [Esri](https://docs.aws.amazon.com/location/latest/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on geocoding coverage](https://docs.aws.amazon.com/https://developers.arcgis.com/rest/geocode/api-reference/geocode-coverage.htm) .\n- `Grab` – Grab provides place index functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/latest/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/latest/developerguide/grab.html#grab-coverage-area) .\n- `Here` – For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/latest/developerguide/HERE.html) ' coverage in your region of interest, see [HERE details on goecoding coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/geocoder/dev_guide/topics/coverage-geocoder.html) .\n\n\u003e If you specify HERE Technologies ( `Here` ) as the data provider, you may not [store results](https://docs.aws.amazon.com//location-places/latest/APIReference/API_DataSourceConfiguration.html) for locations in Japan. For more information, see the [AWS Service Terms](https://docs.aws.amazon.com/service-terms/) for Amazon Location Service.\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/latest/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", + "replaceOnChanges": true + }, + "dataSourceConfiguration": { + "$ref": "#/types/aws-native:location:PlaceIndexDataSourceConfiguration", + "description": "Specifies the data storage option requesting Places." + }, + "description": { + "type": "string", + "description": "The optional description for the place index resource." + }, + "indexArn": { + "type": "string", + "description": "Synonym for `Arn` . The Amazon Resource Name (ARN) for the place index resource. Used to specify a resource across AWS .\n\n- Format example: `arn:aws:geo:region:account-id:place-index/ExamplePlaceIndex`" + }, + "indexName": { + "type": "string", + "description": "The name of the place index resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A–Z, a–z, 0–9), hyphens (-), periods (.), and underscores (_).\n- Must be a unique place index resource name.\n- No spaces allowed. For example, `ExamplePlaceIndex` .", + "replaceOnChanges": true + }, + "pricingPlan": { + "$ref": "#/types/aws-native:location:PlaceIndexPricingPlan", + "description": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "updateTime": { + "type": "string", + "description": "The timestamp for when the place index resource was last updated in [ISO 8601](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) format: `YYYY-MM-DDThh:mm:ss.sssZ` ." + } + }, + "autoNamingSpec": { + "sdkName": "indexName", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "dataSource" + ], + "createOnly": [ + "dataSource", + "indexName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:location:RouteCalculator": { + "cf": "AWS::Location::RouteCalculator", + "inputs": { + "calculatorName": { + "type": "string", + "description": "The name of the route calculator resource.\n\nRequirements:\n\n- Can use alphanumeric characters (A–Z, a–z, 0–9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique Route calculator resource name.\n- No spaces allowed. For example, `ExampleRouteCalculator` ." + }, + "dataSource": { + "type": "string", + "description": "Specifies the data provider of traffic and road network data.\n\n\u003e This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` – For additional information about [Esri](https://docs.aws.amazon.com/location/latest/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on street networks and traffic coverage](https://docs.aws.amazon.com/https://doc.arcgis.com/en/arcgis-online/reference/network-coverage.htm) .\n\nRoute calculators that use Esri as a data source only calculate routes that are shorter than 400 km.\n- `Grab` – Grab provides routing functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/latest/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/latest/developerguide/grab.html#grab-coverage-area) .\n- `Here` – For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/latest/developerguide/HERE.html) ' coverage in your region of interest, see [HERE car routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/car-routing.html) and [HERE truck routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/truck-routing.html) .\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/latest/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* ." + }, + "description": { + "type": "string", + "description": "The optional description for the route calculator resource." + }, + "pricingPlan": { + "$ref": "#/types/aws-native:location:RouteCalculatorPricingPlan", + "description": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the route calculator resource. Use the ARN when you specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:route-calculator/ExampleCalculator`" + }, + "calculatorArn": { + "type": "string", + "description": "Synonym for `Arn` . The Amazon Resource Name (ARN) for the route calculator resource. Use the ARN when you specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:route-calculator/ExampleCalculator`" + }, + "calculatorName": { + "type": "string", + "description": "The name of the route calculator resource.\n\nRequirements:\n\n- Can use alphanumeric characters (A–Z, a–z, 0–9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique Route calculator resource name.\n- No spaces allowed. For example, `ExampleRouteCalculator` .", + "replaceOnChanges": true + }, + "createTime": { + "type": "string", + "description": "The timestamp for when the route calculator resource was created in [ISO 8601](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) format: `YYYY-MM-DDThh:mm:ss.sssZ` ." + }, + "dataSource": { + "type": "string", + "description": "Specifies the data provider of traffic and road network data.\n\n\u003e This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` – For additional information about [Esri](https://docs.aws.amazon.com/location/latest/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on street networks and traffic coverage](https://docs.aws.amazon.com/https://doc.arcgis.com/en/arcgis-online/reference/network-coverage.htm) .\n\nRoute calculators that use Esri as a data source only calculate routes that are shorter than 400 km.\n- `Grab` – Grab provides routing functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/latest/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/latest/developerguide/grab.html#grab-coverage-area) .\n- `Here` – For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/latest/developerguide/HERE.html) ' coverage in your region of interest, see [HERE car routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/car-routing.html) and [HERE truck routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/truck-routing.html) .\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/latest/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The optional description for the route calculator resource." + }, + "pricingPlan": { + "$ref": "#/types/aws-native:location:RouteCalculatorPricingPlan", + "description": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "updateTime": { + "type": "string", + "description": "The timestamp for when the route calculator resource was last updated in [ISO 8601](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) format: `YYYY-MM-DDThh:mm:ss.sssZ` ." + } + }, + "autoNamingSpec": { + "sdkName": "calculatorName", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "dataSource" + ], + "createOnly": [ + "calculatorName", + "dataSource" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:location:Tracker": { + "cf": "AWS::Location::Tracker", + "inputs": { + "description": { + "type": "string", + "description": "An optional description for the tracker resource." + }, + "eventBridgeEnabled": { + "type": "boolean" + }, + "kmsKeyEnableGeospatialQueries": { + "type": "boolean" + }, + "kmsKeyId": { + "type": "string", + "description": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN." + }, + "positionFiltering": { + "$ref": "#/types/aws-native:location:TrackerPositionFiltering", + "description": "Specifies the position filtering for the tracker resource.\n\nValid values:\n\n- `TimeBased` - Location updates are evaluated against linked geofence collections, but not every location update is stored. If your update frequency is more often than 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n- `DistanceBased` - If the device has moved less than 30 m (98.4 ft), location updates are ignored. Location updates within this area are neither evaluated against linked geofence collections, nor stored. This helps control costs by reducing the number of geofence evaluations and historical device positions to paginate through. Distance-based filtering can also reduce the effects of GPS noise when displaying device trajectories on a map.\n- `AccuracyBased` - If the device has moved less than the measured accuracy, location updates are ignored. For example, if two consecutive updates from a device have a horizontal accuracy of 5 m and 10 m, the second update is ignored if the device has moved less than 15 m. Ignored location updates are neither evaluated against linked geofence collections, nor stored. This can reduce the effects of GPS noise when displaying device trajectories on a map, and can help control your costs by reducing the number of geofence evaluations.\n\nThis field is optional. If not specified, the default value is `TimeBased` ." + }, + "pricingPlan": { + "$ref": "#/types/aws-native:location:TrackerPricingPlan" + }, + "pricingPlanDataSource": { + "type": "string", + "description": "This shape is deprecated since 2022-02-01: Deprecated. No longer allowed." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "trackerName": { + "type": "string", + "description": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:tracker/ExampleTracker`" + }, + "createTime": { + "type": "string", + "description": "The timestamp for when the tracker resource was created in [ISO 8601](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) format: `YYYY-MM-DDThh:mm:ss.sssZ` ." + }, + "description": { + "type": "string", + "description": "An optional description for the tracker resource." + }, + "eventBridgeEnabled": { + "type": "boolean" + }, + "kmsKeyEnableGeospatialQueries": { + "type": "boolean" + }, + "kmsKeyId": { + "type": "string", + "description": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", + "replaceOnChanges": true + }, + "positionFiltering": { + "$ref": "#/types/aws-native:location:TrackerPositionFiltering", + "description": "Specifies the position filtering for the tracker resource.\n\nValid values:\n\n- `TimeBased` - Location updates are evaluated against linked geofence collections, but not every location update is stored. If your update frequency is more often than 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n- `DistanceBased` - If the device has moved less than 30 m (98.4 ft), location updates are ignored. Location updates within this area are neither evaluated against linked geofence collections, nor stored. This helps control costs by reducing the number of geofence evaluations and historical device positions to paginate through. Distance-based filtering can also reduce the effects of GPS noise when displaying device trajectories on a map.\n- `AccuracyBased` - If the device has moved less than the measured accuracy, location updates are ignored. For example, if two consecutive updates from a device have a horizontal accuracy of 5 m and 10 m, the second update is ignored if the device has moved less than 15 m. Ignored location updates are neither evaluated against linked geofence collections, nor stored. This can reduce the effects of GPS noise when displaying device trajectories on a map, and can help control your costs by reducing the number of geofence evaluations.\n\nThis field is optional. If not specified, the default value is `TimeBased` ." + }, + "pricingPlan": { + "$ref": "#/types/aws-native:location:TrackerPricingPlan" + }, + "pricingPlanDataSource": { + "type": "string", + "description": "This shape is deprecated since 2022-02-01: Deprecated. No longer allowed." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "trackerArn": { + "type": "string", + "description": "Synonym for `Arn` . The Amazon Resource Name (ARN) for the tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:tracker/ExampleTracker`" + }, + "trackerName": { + "type": "string", + "description": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", + "replaceOnChanges": true + }, + "updateTime": { + "type": "string", + "description": "The timestamp for when the tracker resource was last updated in [ISO 8601](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) format: `YYYY-MM-DDThh:mm:ss.sssZ` ." + } + }, + "autoNamingSpec": { + "sdkName": "trackerName", + "minLength": 1, + "maxLength": 100 + }, + "createOnly": [ + "kmsKeyId", + "trackerName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:location:TrackerConsumer": { + "cf": "AWS::Location::TrackerConsumer", + "inputs": { + "consumerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer`" + }, + "trackerName": { + "type": "string", + "description": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` ." + } + }, + "outputs": { + "consumerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer`", + "replaceOnChanges": true + }, + "trackerName": { + "type": "string", + "description": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", + "replaceOnChanges": true + } + }, + "required": [ + "consumerArn", + "trackerName" + ], + "createOnly": [ + "consumerArn", + "trackerName" + ] + }, + "aws-native:logs:AccountPolicy": { + "cf": "AWS::Logs::AccountPolicy", + "inputs": { + "policyDocument": { + "type": "string", + "description": "The body of the policy document you want to use for this topic.\n\nYou can only add one policy per PolicyType.\n\nThe policy must be in JSON string format.\n\nLength Constraints: Maximum length of 30720" + }, + "policyName": { + "type": "string", + "description": "The name of the account policy" + }, + "policyType": { + "$ref": "#/types/aws-native:logs:AccountPolicyPolicyType", + "description": "Type of the policy." + }, + "scope": { + "$ref": "#/types/aws-native:logs:AccountPolicyScope", + "description": "Scope for policy application" + }, + "selectionCriteria": { + "type": "string", + "description": "Log group selection criteria to apply policy only to a subset of log groups. SelectionCriteria string can be up to 25KB and cloudwatchlogs determines the length of selectionCriteria by using its UTF-8 bytes" + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "User account id" + }, + "policyDocument": { + "type": "string", + "description": "The body of the policy document you want to use for this topic.\n\nYou can only add one policy per PolicyType.\n\nThe policy must be in JSON string format.\n\nLength Constraints: Maximum length of 30720" + }, + "policyName": { + "type": "string", + "description": "The name of the account policy", + "replaceOnChanges": true + }, + "policyType": { + "$ref": "#/types/aws-native:logs:AccountPolicyPolicyType", + "description": "Type of the policy.", + "replaceOnChanges": true + }, + "scope": { + "$ref": "#/types/aws-native:logs:AccountPolicyScope", + "description": "Scope for policy application" + }, + "selectionCriteria": { + "type": "string", + "description": "Log group selection criteria to apply policy only to a subset of log groups. SelectionCriteria string can be up to 25KB and cloudwatchlogs determines the length of selectionCriteria by using its UTF-8 bytes" + } + }, + "autoNamingSpec": { + "sdkName": "policyName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "policyDocument", + "policyType" + ], + "createOnly": [ + "policyName", + "policyType" + ] + }, + "aws-native:logs:Delivery": { + "cf": "AWS::Logs::Delivery", + "inputs": { + "deliveryDestinationArn": { + "type": "string", + "description": "The ARN of the delivery destination that is associated with this delivery." + }, + "deliverySourceName": { + "type": "string", + "description": "The name of the delivery source that is associated with this delivery." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags that have been assigned to this delivery." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that uniquely identifies this delivery." + }, + "deliveryDestinationArn": { + "type": "string", + "description": "The ARN of the delivery destination that is associated with this delivery.", + "replaceOnChanges": true + }, + "deliveryDestinationType": { + "type": "string", + "description": "Displays whether the delivery destination associated with this delivery is CloudWatch Logs, Amazon S3, or Kinesis Data Firehose." + }, + "deliveryId": { + "type": "string", + "description": "The unique ID that identifies this delivery in your account." + }, + "deliverySourceName": { + "type": "string", + "description": "The name of the delivery source that is associated with this delivery.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags that have been assigned to this delivery." + } + }, + "required": [ + "deliveryDestinationArn", + "deliverySourceName" + ], + "createOnly": [ + "deliveryDestinationArn", + "deliverySourceName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:logs:DeliveryDestination": { + "cf": "AWS::Logs::DeliveryDestination", + "inputs": { + "deliveryDestinationPolicy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:logs:DeliveryDestinationDestinationPolicy" + }, + "description": "IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account.\n\nThe policy must be in JSON string format.\n\nLength Constraints: Maximum length of 51200" + }, + "destinationResourceArn": { + "type": "string", + "description": "The ARN of the Amazon Web Services destination that this delivery destination represents. That Amazon Web Services destination can be a log group in CloudWatch Logs, an Amazon S3 bucket, or a delivery stream in Firehose." + }, + "name": { + "type": "string", + "description": "The name of this delivery destination." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags that have been assigned to this delivery destination." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that uniquely identifies this delivery destination." + }, + "deliveryDestinationPolicy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:logs:DeliveryDestinationDestinationPolicy" + }, + "description": "IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account.\n\nThe policy must be in JSON string format.\n\nLength Constraints: Maximum length of 51200" + }, + "deliveryDestinationType": { + "type": "string", + "description": "Displays whether this delivery destination is CloudWatch Logs, Amazon S3, or Kinesis Data Firehose." + }, + "destinationResourceArn": { + "type": "string", + "description": "The ARN of the Amazon Web Services destination that this delivery destination represents. That Amazon Web Services destination can be a log group in CloudWatch Logs, an Amazon S3 bucket, or a delivery stream in Firehose.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of this delivery destination.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags that have been assigned to this delivery destination." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 60 + }, + "createOnly": [ + "destinationResourceArn", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:logs:DeliverySource": { + "cf": "AWS::Logs::DeliverySource", + "inputs": { + "logType": { + "type": "string", + "description": "The type of logs being delivered. Only mandatory when the resourceArn could match more than one. In such a case, the error message will contain all the possible options." + }, + "name": { + "type": "string", + "description": "The unique name of the Log source." + }, + "resourceArn": { + "type": "string", + "description": "The ARN of the resource that will be sending the logs." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags that have been assigned to this delivery source." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that uniquely identifies this delivery source." + }, + "logType": { + "type": "string", + "description": "The type of logs being delivered. Only mandatory when the resourceArn could match more than one. In such a case, the error message will contain all the possible options." + }, + "name": { + "type": "string", + "description": "The unique name of the Log source.", + "replaceOnChanges": true + }, + "resourceArn": { + "type": "string", + "description": "The ARN of the resource that will be sending the logs." + }, + "resourceArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This array contains the ARN of the AWS resource that sends logs and is represented by this delivery source. Currently, only one ARN can be in the array." + }, + "service": { + "type": "string", + "description": "The AWS service that is sending logs." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags that have been assigned to this delivery source." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 60 + }, + "createOnly": [ + "name" + ], + "writeOnly": [ + "resourceArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:logs:Destination": { + "cf": "AWS::Logs::Destination", + "inputs": { + "destinationName": { + "type": "string", + "description": "The name of the destination resource" + }, + "destinationPolicy": { + "type": "string", + "description": "An IAM policy document that governs which AWS accounts can create subscription filters against this destination." + }, + "roleArn": { + "type": "string", + "description": "The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource" + }, + "targetArn": { + "type": "string", + "description": "The ARN of the physical target where the log events are delivered (for example, a Kinesis stream)" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the CloudWatch Logs destination, such as `arn:aws:logs:us-west-1:123456789012:destination:MyDestination` ." + }, + "destinationName": { + "type": "string", + "description": "The name of the destination resource", + "replaceOnChanges": true + }, + "destinationPolicy": { + "type": "string", + "description": "An IAM policy document that governs which AWS accounts can create subscription filters against this destination." + }, + "roleArn": { + "type": "string", + "description": "The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource" + }, + "targetArn": { + "type": "string", + "description": "The ARN of the physical target where the log events are delivered (for example, a Kinesis stream)" + } + }, + "autoNamingSpec": { + "sdkName": "destinationName", + "minLength": 1, + "maxLength": 512 + }, + "required": [ + "roleArn", + "targetArn" + ], + "createOnly": [ + "destinationName" + ] + }, + "aws-native:logs:LogAnomalyDetector": { + "cf": "AWS::Logs::LogAnomalyDetector", + "inputs": { + "accountId": { + "type": "string", + "description": "Account ID for owner of detector" + }, + "anomalyVisibilityTime": { + "type": "number", + "description": "The number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in `AnomalyVisibilityTime` , it will be considered normal going forward and will not be detected as an anomaly." + }, + "detectorName": { + "type": "string", + "description": "Name of detector" + }, + "evaluationFrequency": { + "$ref": "#/types/aws-native:logs:LogAnomalyDetectorEvaluationFrequency", + "description": "How often log group is evaluated" + }, + "filterPattern": { + "type": "string", + "description": "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) ." + }, + "kmsKeyId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the CMK to use when encrypting log data." + }, + "logGroupArnList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Arns for the given log group" + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "Account ID for owner of detector" + }, + "anomalyDetectorArn": { + "type": "string", + "description": "ARN of LogAnomalyDetector" + }, + "anomalyDetectorStatus": { + "type": "string", + "description": "Current status of detector." + }, + "anomalyVisibilityTime": { + "type": "number", + "description": "The number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in `AnomalyVisibilityTime` , it will be considered normal going forward and will not be detected as an anomaly." + }, + "creationTimeStamp": { + "type": "number", + "description": "When detector was created." + }, + "detectorName": { + "type": "string", + "description": "Name of detector" + }, + "evaluationFrequency": { + "$ref": "#/types/aws-native:logs:LogAnomalyDetectorEvaluationFrequency", + "description": "How often log group is evaluated" + }, + "filterPattern": { + "type": "string", + "description": "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) ." + }, + "kmsKeyId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the CMK to use when encrypting log data." + }, + "lastModifiedTimeStamp": { + "type": "number", + "description": "When detector was lsat modified." + }, + "logGroupArnList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Arns for the given log group" + } + }, + "autoNamingSpec": { + "sdkName": "detectorName" + }, + "writeOnly": [ + "accountId" + ] + }, + "aws-native:logs:LogGroup": { + "cf": "AWS::Logs::LogGroup", + "inputs": { + "dataProtectionPolicy": { + "$ref": "pulumi.json#/Any", + "description": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n For more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html).\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Logs::LogGroup` for more information about the expected schema for this property." + }, + "kmsKeyId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the KMS key to use when encrypting log data.\n To associate an KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CWL. This enables CWL to decrypt this data whenever it is requested.\n If you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an ``InvalidParameterException`` error.\n Log group data is always encrypted in CWL. If you omit this key, the encryption does not use KMS. For more information, see [Encrypt log data in using](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)" + }, + "logGroupClass": { + "$ref": "#/types/aws-native:logs:LogGroupClass", + "description": "Specifies the log group class for this log group. There are two classes:\n + The ``Standard`` log class supports all CWL features.\n + The ``Infrequent Access`` log class supports a subset of CWL features and incurs lower costs.\n \n For details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)" + }, + "logGroupName": { + "type": "string", + "description": "The name of the log group. If you don't specify a name, CFNlong generates a unique ID for the log group." + }, + "retentionInDays": { + "type": "integer", + "description": "The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.\n To set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to the log group.\n For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the log group, such as `arn:aws:logs:us-west-1:123456789012:log-group:/mystack-testgroup-12ABC1AB12A1:*`" + }, + "dataProtectionPolicy": { + "$ref": "pulumi.json#/Any", + "description": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n For more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html).\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Logs::LogGroup` for more information about the expected schema for this property." + }, + "kmsKeyId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the KMS key to use when encrypting log data.\n To associate an KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CWL. This enables CWL to decrypt this data whenever it is requested.\n If you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an ``InvalidParameterException`` error.\n Log group data is always encrypted in CWL. If you omit this key, the encryption does not use KMS. For more information, see [Encrypt log data in using](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)" + }, + "logGroupClass": { + "$ref": "#/types/aws-native:logs:LogGroupClass", + "description": "Specifies the log group class for this log group. There are two classes:\n + The ``Standard`` log class supports all CWL features.\n + The ``Infrequent Access`` log class supports a subset of CWL features and incurs lower costs.\n \n For details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)" + }, + "logGroupName": { + "type": "string", + "description": "The name of the log group. If you don't specify a name, CFNlong generates a unique ID for the log group.", + "replaceOnChanges": true + }, + "retentionInDays": { + "type": "integer", + "description": "The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.\n To set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to the log group.\n For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + }, + "autoNamingSpec": { + "sdkName": "logGroupName", + "minLength": 1, + "maxLength": 512 + }, + "createOnly": [ + "logGroupName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:logs:LogStream": { + "cf": "AWS::Logs::LogStream", + "inputs": { + "logGroupName": { + "type": "string", + "description": "The name of the log group where the log stream is created." + }, + "logStreamName": { + "type": "string", + "description": "The name of the log stream. The name must be unique wihtin the log group." + } + }, + "outputs": { + "logGroupName": { + "type": "string", + "description": "The name of the log group where the log stream is created.", + "replaceOnChanges": true + }, + "logStreamName": { + "type": "string", + "description": "The name of the log stream. The name must be unique wihtin the log group.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "logStreamName" + }, + "required": [ + "logGroupName" + ], + "createOnly": [ + "logGroupName", + "logStreamName" + ] + }, + "aws-native:logs:MetricFilter": { + "cf": "AWS::Logs::MetricFilter", + "inputs": { + "filterName": { + "type": "string", + "description": "The name of the metric filter." + }, + "filterPattern": { + "type": "string", + "description": "A filter pattern for extracting metric data out of ingested log events. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html)." + }, + "logGroupName": { + "type": "string", + "description": "The name of an existing log group that you want to associate with this metric filter." + }, + "metricTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:logs:MetricFilterMetricTransformation" + }, + "description": "The metric transformations." + } + }, + "outputs": { + "filterName": { + "type": "string", + "description": "The name of the metric filter.", + "replaceOnChanges": true + }, + "filterPattern": { + "type": "string", + "description": "A filter pattern for extracting metric data out of ingested log events. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html)." + }, + "logGroupName": { + "type": "string", + "description": "The name of an existing log group that you want to associate with this metric filter.", + "replaceOnChanges": true + }, + "metricTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:logs:MetricFilterMetricTransformation" + }, + "description": "The metric transformations." + } + }, + "autoNamingSpec": { + "sdkName": "filterName", + "minLength": 1, + "maxLength": 512 + }, + "required": [ + "filterPattern", + "logGroupName", + "metricTransformations" + ], + "createOnly": [ + "filterName", + "logGroupName" + ] + }, + "aws-native:logs:QueryDefinition": { + "cf": "AWS::Logs::QueryDefinition", + "inputs": { + "logGroupNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Optionally define specific log groups as part of your query definition" + }, + "name": { + "type": "string", + "description": "A name for the saved query definition" + }, + "queryString": { + "type": "string", + "description": "The query string to use for this definition" + } + }, + "outputs": { + "logGroupNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Optionally define specific log groups as part of your query definition" + }, + "name": { + "type": "string", + "description": "A name for the saved query definition" + }, + "queryDefinitionId": { + "type": "string", + "description": "Unique identifier of a query definition" + }, + "queryString": { + "type": "string", + "description": "The query string to use for this definition" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "queryString" + ] + }, + "aws-native:logs:ResourcePolicy": { + "cf": "AWS::Logs::ResourcePolicy", + "inputs": { + "policyDocument": { + "type": "string", + "description": "The policy document" + }, + "policyName": { + "type": "string", + "description": "A name for resource policy" + } + }, + "outputs": { + "policyDocument": { + "type": "string", + "description": "The policy document" + }, + "policyName": { + "type": "string", + "description": "A name for resource policy", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "policyName", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "policyDocument" + ], + "createOnly": [ + "policyName" + ] + }, + "aws-native:logs:SubscriptionFilter": { + "cf": "AWS::Logs::SubscriptionFilter", + "inputs": { + "destinationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the destination." + }, + "distribution": { + "$ref": "#/types/aws-native:logs:SubscriptionFilterDistribution", + "description": "The method used to distribute log data to the destination, which can be either random or grouped by log stream." + }, + "filterName": { + "type": "string", + "description": "The name of the subscription filter." + }, + "filterPattern": { + "type": "string", + "description": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html)." + }, + "logGroupName": { + "type": "string", + "description": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events." + }, + "roleArn": { + "type": "string", + "description": "The ARN of an IAM role that grants CWL permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery." + } + }, + "outputs": { + "destinationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the destination." + }, + "distribution": { + "$ref": "#/types/aws-native:logs:SubscriptionFilterDistribution", + "description": "The method used to distribute log data to the destination, which can be either random or grouped by log stream." + }, + "filterName": { + "type": "string", + "description": "The name of the subscription filter.", + "replaceOnChanges": true + }, + "filterPattern": { + "type": "string", + "description": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html)." + }, + "logGroupName": { + "type": "string", + "description": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The ARN of an IAM role that grants CWL permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery." + } + }, + "autoNamingSpec": { + "sdkName": "filterName" + }, + "required": [ + "destinationArn", + "filterPattern", + "logGroupName" + ], + "createOnly": [ + "filterName", + "logGroupName" + ] + }, + "aws-native:lookoutmetrics:Alert": { + "cf": "AWS::LookoutMetrics::Alert", + "inputs": { + "action": { + "$ref": "#/types/aws-native:lookoutmetrics:AlertAction", + "description": "The action to be taken by the alert when an anomaly is detected." + }, + "alertDescription": { + "type": "string", + "description": "A description for the alert." + }, + "alertName": { + "type": "string", + "description": "The name of the alert. If not provided, a name is generated automatically." + }, + "alertSensitivityThreshold": { + "type": "integer", + "description": "A number between 0 and 100 (inclusive) that tunes the sensitivity of the alert." + }, + "anomalyDetectorArn": { + "type": "string", + "description": "The Amazon resource name (ARN) of the Anomaly Detector to alert." + } + }, + "outputs": { + "action": { + "$ref": "#/types/aws-native:lookoutmetrics:AlertAction", + "description": "The action to be taken by the alert when an anomaly is detected.", + "replaceOnChanges": true + }, + "alertDescription": { + "type": "string", + "description": "A description for the alert.", + "replaceOnChanges": true + }, + "alertName": { + "type": "string", + "description": "The name of the alert. If not provided, a name is generated automatically.", + "replaceOnChanges": true + }, + "alertSensitivityThreshold": { + "type": "integer", + "description": "A number between 0 and 100 (inclusive) that tunes the sensitivity of the alert.", + "replaceOnChanges": true + }, + "anomalyDetectorArn": { + "type": "string", + "description": "The Amazon resource name (ARN) of the Anomaly Detector to alert.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "ARN assigned to the alert." + } + }, + "autoNamingSpec": { + "sdkName": "alertName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "action", + "alertSensitivityThreshold", + "anomalyDetectorArn" + ], + "createOnly": [ + "action", + "alertDescription", + "alertName", + "alertSensitivityThreshold", + "anomalyDetectorArn" + ] + }, + "aws-native:lookoutmetrics:AnomalyDetector": { + "cf": "AWS::LookoutMetrics::AnomalyDetector", + "inputs": { + "anomalyDetectorConfig": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorConfig", + "description": "Configuration options for the AnomalyDetector" + }, + "anomalyDetectorDescription": { + "type": "string", + "description": "A description for the AnomalyDetector." + }, + "anomalyDetectorName": { + "type": "string", + "description": "Name for the Amazon Lookout for Metrics Anomaly Detector" + }, + "kmsKeyArn": { + "type": "string", + "description": "KMS key used to encrypt the AnomalyDetector data" + }, + "metricSetList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorMetricSet" + }, + "description": "List of metric sets for anomaly detection" + } + }, + "outputs": { + "anomalyDetectorConfig": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorConfig", + "description": "Configuration options for the AnomalyDetector" + }, + "anomalyDetectorDescription": { + "type": "string", + "description": "A description for the AnomalyDetector." + }, + "anomalyDetectorName": { + "type": "string", + "description": "Name for the Amazon Lookout for Metrics Anomaly Detector", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the detector. For example, `arn:aws:lookoutmetrics:us-east-2:123456789012:AnomalyDetector:my-detector`" + }, + "kmsKeyArn": { + "type": "string", + "description": "KMS key used to encrypt the AnomalyDetector data" + }, + "metricSetList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorMetricSet" + }, + "description": "List of metric sets for anomaly detection" + } + }, + "autoNamingSpec": { + "sdkName": "anomalyDetectorName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "anomalyDetectorConfig", + "metricSetList" + ], + "createOnly": [ + "anomalyDetectorName", + "metricSource" + ] + }, + "aws-native:lookoutvision:Project": { + "cf": "AWS::LookoutVision::Project", + "inputs": { + "projectName": { + "type": "string", + "description": "The name of the project." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name of the project." + }, + "projectName": { + "type": "string", + "description": "The name of the project.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "projectName" + }, + "createOnly": [ + "projectName" + ] + }, + "aws-native:m2:Application": { + "cf": "AWS::M2::Application", + "inputs": { + "definition": { + "oneOf": [ + { + "$ref": "#/types/aws-native:m2:ApplicationDefinition0Properties" + }, + { + "$ref": "#/types/aws-native:m2:ApplicationDefinition1Properties" + } + ], + "description": "The application definition for a particular application. You can specify either inline JSON or an Amazon S3 bucket location.\n\nFor information about application definitions, see the [AWS Mainframe Modernization User Guide](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-definition.html) ." + }, + "description": { + "type": "string", + "description": "The description of the application." + }, + "engineType": { + "$ref": "#/types/aws-native:m2:ApplicationEngineType", + "description": "The type of the target platform for this application." + }, + "kmsKeyId": { + "type": "string", + "description": "The ID or the Amazon Resource Name (ARN) of the customer managed KMS Key used for encrypting application-related resources." + }, + "name": { + "type": "string", + "description": "The name of the application." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the role associated with the application." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "applicationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the application." + }, + "applicationId": { + "type": "string", + "description": "The identifier of the application." + }, + "definition": { + "oneOf": [ + { + "$ref": "#/types/aws-native:m2:ApplicationDefinition0Properties" + }, + { + "$ref": "#/types/aws-native:m2:ApplicationDefinition1Properties" + } + ], + "description": "The application definition for a particular application. You can specify either inline JSON or an Amazon S3 bucket location.\n\nFor information about application definitions, see the [AWS Mainframe Modernization User Guide](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-definition.html) ." + }, + "description": { + "type": "string", + "description": "The description of the application." + }, + "engineType": { + "$ref": "#/types/aws-native:m2:ApplicationEngineType", + "description": "The type of the target platform for this application.", + "replaceOnChanges": true + }, + "kmsKeyId": { + "type": "string", + "description": "The ID or the Amazon Resource Name (ARN) of the customer managed KMS Key used for encrypting application-related resources.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the application.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the role associated with the application.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "definition", + "engineType" + ], + "createOnly": [ + "engineType", + "kmsKeyId", + "name", + "roleArn" + ], + "writeOnly": [ + "definition" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:m2:Environment": { + "cf": "AWS::M2::Environment", + "inputs": { + "description": { + "type": "string", + "description": "The description of the environment." + }, + "engineType": { + "$ref": "#/types/aws-native:m2:EnvironmentEngineType", + "description": "The target platform for the runtime environment." + }, + "engineVersion": { + "type": "string", + "description": "The version of the runtime engine for the environment." + }, + "highAvailabilityConfig": { + "$ref": "#/types/aws-native:m2:EnvironmentHighAvailabilityConfig", + "description": "Defines the details of a high availability configuration." + }, + "instanceType": { + "type": "string", + "description": "The type of instance underlying the environment." + }, + "kmsKeyId": { + "type": "string", + "description": "The ID or the Amazon Resource Name (ARN) of the customer managed KMS Key used for encrypting environment-related resources." + }, + "name": { + "type": "string", + "description": "The name of the environment." + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "Configures a desired maintenance window for the environment. If you do not provide a value, a random system-generated value will be assigned." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "Specifies whether the environment is publicly accessible." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of security groups for the VPC associated with this environment." + }, + "storageConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:m2:EnvironmentStorageConfiguration" + }, + "description": "The storage configurations defined for the runtime environment." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The unique identifiers of the subnets assigned to this runtime environment." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags associated to this environment." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the environment.", + "replaceOnChanges": true + }, + "engineType": { + "$ref": "#/types/aws-native:m2:EnvironmentEngineType", + "description": "The target platform for the runtime environment.", + "replaceOnChanges": true + }, + "engineVersion": { + "type": "string", + "description": "The version of the runtime engine for the environment." + }, + "environmentArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the runtime environment." + }, + "environmentId": { + "type": "string", + "description": "The unique identifier of the environment." + }, + "highAvailabilityConfig": { + "$ref": "#/types/aws-native:m2:EnvironmentHighAvailabilityConfig", + "description": "Defines the details of a high availability configuration." + }, + "instanceType": { + "type": "string", + "description": "The type of instance underlying the environment." + }, + "kmsKeyId": { + "type": "string", + "description": "The ID or the Amazon Resource Name (ARN) of the customer managed KMS Key used for encrypting environment-related resources.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the environment.", + "replaceOnChanges": true + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "Configures a desired maintenance window for the environment. If you do not provide a value, a random system-generated value will be assigned." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "Specifies whether the environment is publicly accessible.", + "replaceOnChanges": true + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of security groups for the VPC associated with this environment.", + "replaceOnChanges": true + }, + "storageConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:m2:EnvironmentStorageConfiguration" + }, + "description": "The storage configurations defined for the runtime environment.", + "replaceOnChanges": true + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The unique identifiers of the subnets assigned to this runtime environment.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags associated to this environment." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "engineType", + "instanceType" + ], + "createOnly": [ + "description", + "engineType", + "kmsKeyId", + "name", + "publiclyAccessible", + "securityGroupIds", + "storageConfigurations", + "subnetIds" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:macie:AllowList": { + "cf": "AWS::Macie::AllowList", + "inputs": { + "criteria": { + "$ref": "#/types/aws-native:macie:AllowListCriteria", + "description": "AllowList criteria." + }, + "description": { + "type": "string", + "description": "Description of AllowList." + }, + "name": { + "type": "string", + "description": "Name of AllowList." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "AllowList ARN." + }, + "awsId": { + "type": "string", + "description": "AllowList ID." + }, + "criteria": { + "$ref": "#/types/aws-native:macie:AllowListCriteria", + "description": "AllowList criteria." + }, + "description": { + "type": "string", + "description": "Description of AllowList." + }, + "name": { + "type": "string", + "description": "Name of AllowList." + }, + "status": { + "$ref": "#/types/aws-native:macie:AllowListStatus", + "description": "AllowList status." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "criteria" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:macie:CustomDataIdentifier": { + "cf": "AWS::Macie::CustomDataIdentifier", + "inputs": { + "description": { + "type": "string", + "description": "Description of custom data identifier." + }, + "ignoreWords": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Words to be ignored." + }, + "keywords": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Keywords to be matched against." + }, + "maximumMatchDistance": { + "type": "integer", + "description": "Maximum match distance." + }, + "name": { + "type": "string", + "description": "Name of custom data identifier." + }, + "regex": { + "type": "string", + "description": "Regular expression for custom data identifier." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Custom data identifier ARN." + }, + "awsId": { + "type": "string", + "description": "Custom data identifier ID." + }, + "description": { + "type": "string", + "description": "Description of custom data identifier.", + "replaceOnChanges": true + }, + "ignoreWords": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Words to be ignored.", + "replaceOnChanges": true + }, + "keywords": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Keywords to be matched against.", + "replaceOnChanges": true + }, + "maximumMatchDistance": { + "type": "integer", + "description": "Maximum match distance.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Name of custom data identifier.", + "replaceOnChanges": true + }, + "regex": { + "type": "string", + "description": "Regular expression for custom data identifier.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "regex" + ], + "createOnly": [ + "description", + "ignoreWords", + "keywords", + "maximumMatchDistance", + "name", + "regex" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:macie:FindingsFilter": { + "cf": "AWS::Macie::FindingsFilter", + "inputs": { + "action": { + "$ref": "#/types/aws-native:macie:FindingsFilterFindingFilterAction", + "description": "Findings filter action." + }, + "description": { + "type": "string", + "description": "Findings filter description" + }, + "findingCriteria": { + "$ref": "#/types/aws-native:macie:FindingsFilterFindingCriteria", + "description": "Findings filter criteria." + }, + "name": { + "type": "string", + "description": "Findings filter name" + }, + "position": { + "type": "integer", + "description": "Findings filter position." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "action": { + "$ref": "#/types/aws-native:macie:FindingsFilterFindingFilterAction", + "description": "Findings filter action." + }, + "arn": { + "type": "string", + "description": "Findings filter ARN." + }, + "awsId": { + "type": "string", + "description": "Findings filter ID." + }, + "description": { + "type": "string", + "description": "Findings filter description" + }, + "findingCriteria": { + "$ref": "#/types/aws-native:macie:FindingsFilterFindingCriteria", + "description": "Findings filter criteria." + }, + "name": { + "type": "string", + "description": "Findings filter name" + }, + "position": { + "type": "integer", + "description": "Findings filter position." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "findingCriteria" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:macie:Session": { + "cf": "AWS::Macie::Session", + "inputs": { + "findingPublishingFrequency": { + "$ref": "#/types/aws-native:macie:SessionFindingPublishingFrequency", + "description": "A enumeration value that specifies how frequently finding updates are published." + }, + "status": { + "$ref": "#/types/aws-native:macie:SessionStatus", + "description": "A enumeration value that specifies the status of the Macie Session." + } + }, + "outputs": { + "awsAccountId": { + "type": "string", + "description": "AWS account ID of customer" + }, + "findingPublishingFrequency": { + "$ref": "#/types/aws-native:macie:SessionFindingPublishingFrequency", + "description": "A enumeration value that specifies how frequently finding updates are published." + }, + "serviceRole": { + "type": "string", + "description": "Service role used by Macie" + }, + "status": { + "$ref": "#/types/aws-native:macie:SessionStatus", + "description": "A enumeration value that specifies the status of the Macie Session." + } + } + }, + "aws-native:mediaconnect:Bridge": { + "cf": "AWS::MediaConnect::Bridge", + "inputs": { + "egressGatewayBridge": { + "$ref": "#/types/aws-native:mediaconnect:BridgeEgressGatewayBridge", + "description": "Create a bridge with the egress bridge type. An egress bridge is a cloud-to-ground bridge. The content comes from an existing MediaConnect flow and is delivered to your premises." + }, + "ingressGatewayBridge": { + "$ref": "#/types/aws-native:mediaconnect:BridgeIngressGatewayBridge", + "description": "Create a bridge with the ingress bridge type. An ingress bridge is a ground-to-cloud bridge. The content originates at your premises and is delivered to the cloud." + }, + "name": { + "type": "string", + "description": "The name of the bridge." + }, + "outputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:BridgeOutput" + }, + "description": "The outputs on this bridge." + }, + "placementArn": { + "type": "string", + "description": "The placement Amazon Resource Number (ARN) of the bridge." + }, + "sourceFailoverConfig": { + "$ref": "#/types/aws-native:mediaconnect:BridgeFailoverConfig", + "description": "The settings for source failover." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:BridgeSource" + }, + "description": "The sources on this bridge." + } + }, + "outputs": { + "bridgeArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the bridge." + }, + "bridgeState": { + "$ref": "#/types/aws-native:mediaconnect:BridgeStateEnum", + "description": "The current status of the bridge. Possible values are: ACTIVE or STANDBY." + }, + "egressGatewayBridge": { + "$ref": "#/types/aws-native:mediaconnect:BridgeEgressGatewayBridge", + "description": "Create a bridge with the egress bridge type. An egress bridge is a cloud-to-ground bridge. The content comes from an existing MediaConnect flow and is delivered to your premises." + }, + "ingressGatewayBridge": { + "$ref": "#/types/aws-native:mediaconnect:BridgeIngressGatewayBridge", + "description": "Create a bridge with the ingress bridge type. An ingress bridge is a ground-to-cloud bridge. The content originates at your premises and is delivered to the cloud." + }, + "name": { + "type": "string", + "description": "The name of the bridge." + }, + "outputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:BridgeOutput" + }, + "description": "The outputs on this bridge." + }, + "placementArn": { + "type": "string", + "description": "The placement Amazon Resource Number (ARN) of the bridge." + }, + "sourceFailoverConfig": { + "$ref": "#/types/aws-native:mediaconnect:BridgeFailoverConfig", + "description": "The settings for source failover." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:BridgeSource" + }, + "description": "The sources on this bridge." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "placementArn", + "sources" + ] + }, + "aws-native:mediaconnect:BridgeOutputResource": { + "cf": "AWS::MediaConnect::BridgeOutput", + "inputs": { + "bridgeArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the bridge." + }, + "name": { + "type": "string", + "description": "The network output name." + }, + "networkOutput": { + "$ref": "#/types/aws-native:mediaconnect:BridgeOutputResourceBridgeNetworkOutput", + "description": "The output of the bridge." + } + }, + "outputs": { + "bridgeArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the bridge.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The network output name.", + "replaceOnChanges": true + }, + "networkOutput": { + "$ref": "#/types/aws-native:mediaconnect:BridgeOutputResourceBridgeNetworkOutput", + "description": "The output of the bridge." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "bridgeArn", + "networkOutput" + ], + "createOnly": [ + "bridgeArn", + "name" + ] + }, + "aws-native:mediaconnect:BridgeSource": { + "cf": "AWS::MediaConnect::BridgeSource", + "inputs": { + "bridgeArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the bridge." + }, + "flowSource": { + "$ref": "#/types/aws-native:mediaconnect:BridgeSourceBridgeFlowSource", + "description": "Add a flow source to an existing bridge." + }, + "name": { + "type": "string", + "description": "The name of the source." + }, + "networkSource": { + "$ref": "#/types/aws-native:mediaconnect:BridgeSourceBridgeNetworkSource", + "description": "Add a network source to an existing bridge." + } + }, + "outputs": { + "bridgeArn": { + "type": "string", + "description": "The Amazon Resource Number (ARN) of the bridge.", + "replaceOnChanges": true + }, + "flowSource": { + "$ref": "#/types/aws-native:mediaconnect:BridgeSourceBridgeFlowSource", + "description": "Add a flow source to an existing bridge." + }, + "name": { + "type": "string", + "description": "The name of the source.", + "replaceOnChanges": true + }, + "networkSource": { + "$ref": "#/types/aws-native:mediaconnect:BridgeSourceBridgeNetworkSource", + "description": "Add a network source to an existing bridge." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "bridgeArn" + ], + "createOnly": [ + "bridgeArn", + "name" + ] + }, + "aws-native:mediaconnect:Flow": { + "cf": "AWS::MediaConnect::Flow", + "inputs": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS." + }, + "maintenance": { + "$ref": "#/types/aws-native:mediaconnect:FlowMaintenance", + "description": "The maintenance settings you want to use for the flow. " + }, + "mediaStreams": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:FlowMediaStream" + }, + "description": "The media streams associated with the flow. You can associate any of these media streams with sources and outputs on the flow." + }, + "name": { + "type": "string", + "description": "The name of the flow." + }, + "source": { + "$ref": "#/types/aws-native:mediaconnect:FlowSource", + "description": "The source of the flow." + }, + "sourceFailoverConfig": { + "$ref": "#/types/aws-native:mediaconnect:FlowFailoverConfig", + "description": "The source failover config of the flow." + }, + "vpcInterfaces": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:FlowVpcInterface" + }, + "description": "The VPC interfaces that you added to this flow." + } + }, + "outputs": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS.", + "replaceOnChanges": true + }, + "egressIp": { + "type": "string", + "description": "The IP address from which video will be sent to output destinations." + }, + "flowArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN), a unique identifier for any AWS resource, of the flow." + }, + "flowAvailabilityZone": { + "type": "string", + "description": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS.(ReadOnly)" + }, + "maintenance": { + "$ref": "#/types/aws-native:mediaconnect:FlowMaintenance", + "description": "The maintenance settings you want to use for the flow. " + }, + "mediaStreams": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:FlowMediaStream" + }, + "description": "The media streams associated with the flow. You can associate any of these media streams with sources and outputs on the flow." + }, + "name": { + "type": "string", + "description": "The name of the flow.", + "replaceOnChanges": true + }, + "source": { + "$ref": "#/types/aws-native:mediaconnect:FlowSource", + "description": "The source of the flow." + }, + "sourceFailoverConfig": { + "$ref": "#/types/aws-native:mediaconnect:FlowFailoverConfig", + "description": "The source failover config of the flow." + }, + "vpcInterfaces": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:FlowVpcInterface" + }, + "description": "The VPC interfaces that you added to this flow." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "source" + ], + "createOnly": [ + "availabilityZone", + "name", + "source/Name" + ] + }, + "aws-native:mediaconnect:FlowEntitlement": { + "cf": "AWS::MediaConnect::FlowEntitlement", + "inputs": { + "dataTransferSubscriberFeePercent": { + "type": "integer", + "description": "Percentage from 0-100 of the data transfer cost to be billed to the subscriber." + }, + "description": { + "type": "string", + "description": "A description of the entitlement." + }, + "encryption": { + "$ref": "#/types/aws-native:mediaconnect:FlowEntitlementEncryption", + "description": "The type of encryption that will be used on the output that is associated with this entitlement." + }, + "entitlementStatus": { + "$ref": "#/types/aws-native:mediaconnect:FlowEntitlementEntitlementStatus", + "description": " An indication of whether the entitlement is enabled." + }, + "flowArn": { + "type": "string", + "description": "The ARN of the flow." + }, + "name": { + "type": "string", + "description": "The name of the entitlement." + }, + "subscribers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flow using your content as the source." + } + }, + "outputs": { + "dataTransferSubscriberFeePercent": { + "type": "integer", + "description": "Percentage from 0-100 of the data transfer cost to be billed to the subscriber.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "A description of the entitlement." + }, + "encryption": { + "$ref": "#/types/aws-native:mediaconnect:FlowEntitlementEncryption", + "description": "The type of encryption that will be used on the output that is associated with this entitlement." + }, + "entitlementArn": { + "type": "string", + "description": "The ARN of the entitlement." + }, + "entitlementStatus": { + "$ref": "#/types/aws-native:mediaconnect:FlowEntitlementEntitlementStatus", + "description": " An indication of whether the entitlement is enabled." + }, + "flowArn": { + "type": "string", + "description": "The ARN of the flow." + }, + "name": { + "type": "string", + "description": "The name of the entitlement.", + "replaceOnChanges": true + }, + "subscribers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flow using your content as the source." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "description", + "flowArn", + "subscribers" + ], + "createOnly": [ + "dataTransferSubscriberFeePercent", + "name" + ] + }, + "aws-native:mediaconnect:FlowOutput": { + "cf": "AWS::MediaConnect::FlowOutput", + "inputs": { + "cidrAllowList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The range of IP addresses that should be allowed to initiate output requests to this flow. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16." + }, + "description": { + "type": "string", + "description": "A description of the output." + }, + "destination": { + "type": "string", + "description": "The address where you want to send the output." + }, + "encryption": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputEncryption", + "description": "The type of key used for the encryption. If no keyType is provided, the service will use the default setting (static-key)." + }, + "flowArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN), a unique identifier for any AWS resource, of the flow." + }, + "maxLatency": { + "type": "integer", + "description": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams." + }, + "mediaStreamOutputConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputMediaStreamOutputConfiguration" + }, + "description": "The definition for each media stream that is associated with the output." + }, + "minLatency": { + "type": "integer", + "description": "The minimum latency in milliseconds." + }, + "name": { + "type": "string", + "description": "The name of the output. This value must be unique within the current flow." + }, + "outputStatus": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputOutputStatus", + "description": "An indication of whether the output should transmit data or not." + }, + "port": { + "type": "integer", + "description": "The port to use when content is distributed to this output." + }, + "protocol": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputProtocol", + "description": "The protocol that is used by the source or output." + }, + "remoteId": { + "type": "string", + "description": "The remote ID for the Zixi-pull stream." + }, + "smoothingLatency": { + "type": "integer", + "description": "The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams." + }, + "streamId": { + "type": "string", + "description": "The stream ID that you want to use for this transport. This parameter applies only to Zixi-based streams." + }, + "vpcInterfaceAttachment": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputVpcInterfaceAttachment", + "description": "The name of the VPC interface attachment to use for this output." + } + }, + "outputs": { + "cidrAllowList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The range of IP addresses that should be allowed to initiate output requests to this flow. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16." + }, + "description": { + "type": "string", + "description": "A description of the output." + }, + "destination": { + "type": "string", + "description": "The address where you want to send the output." + }, + "encryption": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputEncryption", + "description": "The type of key used for the encryption. If no keyType is provided, the service will use the default setting (static-key)." + }, + "flowArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN), a unique identifier for any AWS resource, of the flow." + }, + "maxLatency": { + "type": "integer", + "description": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams." + }, + "mediaStreamOutputConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputMediaStreamOutputConfiguration" + }, + "description": "The definition for each media stream that is associated with the output." + }, + "minLatency": { + "type": "integer", + "description": "The minimum latency in milliseconds." + }, + "name": { + "type": "string", + "description": "The name of the output. This value must be unique within the current flow.", + "replaceOnChanges": true + }, + "outputArn": { + "type": "string", + "description": "The ARN of the output." + }, + "outputStatus": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputOutputStatus", + "description": "An indication of whether the output should transmit data or not." + }, + "port": { + "type": "integer", + "description": "The port to use when content is distributed to this output." + }, + "protocol": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputProtocol", + "description": "The protocol that is used by the source or output." + }, + "remoteId": { + "type": "string", + "description": "The remote ID for the Zixi-pull stream." + }, + "smoothingLatency": { + "type": "integer", + "description": "The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams." + }, + "streamId": { + "type": "string", + "description": "The stream ID that you want to use for this transport. This parameter applies only to Zixi-based streams." + }, + "vpcInterfaceAttachment": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputVpcInterfaceAttachment", + "description": "The name of the VPC interface attachment to use for this output." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "flowArn", + "protocol" + ], + "createOnly": [ + "name" + ] + }, + "aws-native:mediaconnect:FlowSource": { + "cf": "AWS::MediaConnect::FlowSource", + "inputs": { + "decryption": { + "$ref": "#/types/aws-native:mediaconnect:FlowSourceEncryption", + "description": "The type of encryption that is used on the content ingested from this source." + }, + "description": { + "type": "string", + "description": "A description for the source. This value is not used or seen outside of the current AWS Elemental MediaConnect account." + }, + "entitlementArn": { + "type": "string", + "description": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow." + }, + "flowArn": { + "type": "string", + "description": "The ARN of the flow." + }, + "gatewayBridgeSource": { + "$ref": "#/types/aws-native:mediaconnect:FlowSourceGatewayBridgeSource", + "description": "The source configuration for cloud flows receiving a stream from a bridge." + }, + "ingestPort": { + "type": "integer", + "description": "The port that the flow will be listening on for incoming content." + }, + "maxBitrate": { + "type": "integer", + "description": "The smoothing max bitrate for RIST, RTP, and RTP-FEC streams." + }, + "maxLatency": { + "type": "integer", + "description": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams." + }, + "minLatency": { + "type": "integer", + "description": "The minimum latency in milliseconds." + }, + "name": { + "type": "string", + "description": "The name of the source." + }, + "protocol": { + "$ref": "#/types/aws-native:mediaconnect:FlowSourceProtocol", + "description": "The protocol that is used by the source." + }, + "senderControlPort": { + "type": "integer", + "description": "The port that the flow uses to send outbound requests to initiate connection with the sender for fujitsu-qos protocol." + }, + "senderIpAddress": { + "type": "string", + "description": "The IP address that the flow communicates with to initiate connection with the sender for fujitsu-qos protocol." + }, + "sourceListenerAddress": { + "type": "string", + "description": "Source IP or domain name for SRT-caller protocol." + }, + "sourceListenerPort": { + "type": "integer", + "description": "Source port for SRT-caller protocol." + }, + "streamId": { + "type": "string", + "description": "The stream ID that you want to use for this transport. This parameter applies only to Zixi-based streams." + }, + "vpcInterfaceName": { + "type": "string", + "description": "The name of the VPC Interface this Source is configured with." + }, + "whitelistCidr": { + "type": "string", + "description": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16." + } + }, + "outputs": { + "decryption": { + "$ref": "#/types/aws-native:mediaconnect:FlowSourceEncryption", + "description": "The type of encryption that is used on the content ingested from this source." + }, + "description": { + "type": "string", + "description": "A description for the source. This value is not used or seen outside of the current AWS Elemental MediaConnect account." + }, + "entitlementArn": { + "type": "string", + "description": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow." + }, + "flowArn": { + "type": "string", + "description": "The ARN of the flow." + }, + "gatewayBridgeSource": { + "$ref": "#/types/aws-native:mediaconnect:FlowSourceGatewayBridgeSource", + "description": "The source configuration for cloud flows receiving a stream from a bridge." + }, + "ingestIp": { + "type": "string", + "description": "The IP address that the flow will be listening on for incoming content." + }, + "ingestPort": { + "type": "integer", + "description": "The port that the flow will be listening on for incoming content." + }, + "maxBitrate": { + "type": "integer", + "description": "The smoothing max bitrate for RIST, RTP, and RTP-FEC streams." + }, + "maxLatency": { + "type": "integer", + "description": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams." + }, + "minLatency": { + "type": "integer", + "description": "The minimum latency in milliseconds." + }, + "name": { + "type": "string", + "description": "The name of the source.", + "replaceOnChanges": true + }, + "protocol": { + "$ref": "#/types/aws-native:mediaconnect:FlowSourceProtocol", + "description": "The protocol that is used by the source." + }, + "senderControlPort": { + "type": "integer", + "description": "The port that the flow uses to send outbound requests to initiate connection with the sender for fujitsu-qos protocol." + }, + "senderIpAddress": { + "type": "string", + "description": "The IP address that the flow communicates with to initiate connection with the sender for fujitsu-qos protocol." + }, + "sourceArn": { + "type": "string", + "description": "The ARN of the source." + }, + "sourceIngestPort": { + "type": "string", + "description": "The port that the flow will be listening on for incoming content.(ReadOnly)" + }, + "sourceListenerAddress": { + "type": "string", + "description": "Source IP or domain name for SRT-caller protocol." + }, + "sourceListenerPort": { + "type": "integer", + "description": "Source port for SRT-caller protocol." + }, + "streamId": { + "type": "string", + "description": "The stream ID that you want to use for this transport. This parameter applies only to Zixi-based streams." + }, + "vpcInterfaceName": { + "type": "string", + "description": "The name of the VPC Interface this Source is configured with." + }, + "whitelistCidr": { + "type": "string", + "description": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "description" + ], + "createOnly": [ + "name" + ] + }, + "aws-native:mediaconnect:FlowVpcInterface": { + "cf": "AWS::MediaConnect::FlowVpcInterface", + "inputs": { + "flowArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN), a unique identifier for any AWS resource, of the flow." + }, + "name": { + "type": "string", + "description": "Immutable and has to be a unique against other VpcInterfaces in this Flow." + }, + "roleArn": { + "type": "string", + "description": "Role Arn MediaConnect can assume to create ENIs in customer's account." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Security Group IDs to be used on ENI." + }, + "subnetId": { + "type": "string", + "description": "Subnet must be in the AZ of the Flow" + } + }, + "outputs": { + "flowArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN), a unique identifier for any AWS resource, of the flow.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Immutable and has to be a unique against other VpcInterfaces in this Flow.", + "replaceOnChanges": true + }, + "networkInterfaceIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "IDs of the network interfaces created in customer's account by MediaConnect." + }, + "roleArn": { + "type": "string", + "description": "Role Arn MediaConnect can assume to create ENIs in customer's account." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Security Group IDs to be used on ENI." + }, + "subnetId": { + "type": "string", + "description": "Subnet must be in the AZ of the Flow" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "flowArn", + "roleArn", + "securityGroupIds", + "subnetId" + ], + "createOnly": [ + "flowArn", + "name" + ] + }, + "aws-native:mediaconnect:Gateway": { + "cf": "AWS::MediaConnect::Gateway", + "inputs": { + "egressCidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The range of IP addresses that contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16." + }, + "name": { + "type": "string", + "description": "The name of the gateway. This name can not be modified after the gateway is created." + }, + "networks": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:GatewayNetwork" + }, + "description": "The list of networks in the gateway." + } + }, + "outputs": { + "egressCidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The range of IP addresses that contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", + "replaceOnChanges": true + }, + "gatewayArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the gateway." + }, + "gatewayState": { + "$ref": "#/types/aws-native:mediaconnect:GatewayState", + "description": "The current status of the gateway." + }, + "name": { + "type": "string", + "description": "The name of the gateway. This name can not be modified after the gateway is created.", + "replaceOnChanges": true + }, + "networks": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:GatewayNetwork" + }, + "description": "The list of networks in the gateway.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "egressCidrBlocks", + "networks" + ], + "createOnly": [ + "egressCidrBlocks", + "name", + "networks" + ] + }, + "aws-native:medialive:Multiplex": { + "cf": "AWS::MediaLive::Multiplex", + "inputs": { + "availabilityZones": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of availability zones for the multiplex." + }, + "destinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:medialive:MultiplexOutputDestination" + }, + "description": "A list of the multiplex output destinations." + }, + "multiplexSettings": { + "$ref": "#/types/aws-native:medialive:MultiplexSettings", + "description": "Configuration for a multiplex event." + }, + "name": { + "type": "string", + "description": "Name of multiplex." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of key-value pairs." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The unique arn of the multiplex." + }, + "availabilityZones": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of availability zones for the multiplex.", + "replaceOnChanges": true + }, + "awsId": { + "type": "string", + "description": "The unique id of the multiplex." + }, + "destinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:medialive:MultiplexOutputDestination" + }, + "description": "A list of the multiplex output destinations." + }, + "multiplexSettings": { + "$ref": "#/types/aws-native:medialive:MultiplexSettings", + "description": "Configuration for a multiplex event." + }, + "name": { + "type": "string", + "description": "Name of multiplex." + }, + "pipelinesRunningCount": { + "type": "integer", + "description": "The number of currently healthy pipelines." + }, + "programCount": { + "type": "integer", + "description": "The number of programs in the multiplex." + }, + "state": { + "$ref": "#/types/aws-native:medialive:MultiplexState", + "description": "The current state of the multiplex." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of key-value pairs." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "availabilityZones", + "multiplexSettings" + ], + "createOnly": [ + "availabilityZones" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:medialive:Multiplexprogram": { + "cf": "AWS::MediaLive::Multiplexprogram", + "inputs": { + "multiplexId": { + "type": "string", + "description": "The ID of the multiplex that the program belongs to." + }, + "multiplexProgramSettings": { + "$ref": "#/types/aws-native:medialive:MultiplexprogramMultiplexProgramSettings", + "description": "The settings for this multiplex program." + }, + "packetIdentifiersMap": { + "$ref": "#/types/aws-native:medialive:MultiplexprogramMultiplexProgramPacketIdentifiersMap", + "description": "The packet identifier map for this multiplex program." + }, + "pipelineDetails": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:medialive:MultiplexprogramMultiplexProgramPipelineDetail" + }, + "description": "Contains information about the current sources for the specified program in the specified multiplex. Keep in mind that each multiplex pipeline connects to both pipelines in a given source channel (the channel identified by the program). But only one of those channel pipelines is ever active at one time." + }, + "preferredChannelPipeline": { + "$ref": "#/types/aws-native:medialive:MultiplexprogramPreferredChannelPipeline", + "description": "The settings for this multiplex program." + }, + "programName": { + "type": "string", + "description": "The name of the multiplex program." + } + }, + "outputs": { + "channelId": { + "type": "string", + "description": "The MediaLive channel associated with the program." + }, + "multiplexId": { + "type": "string", + "description": "The ID of the multiplex that the program belongs to.", + "replaceOnChanges": true + }, + "multiplexProgramSettings": { + "$ref": "#/types/aws-native:medialive:MultiplexprogramMultiplexProgramSettings", + "description": "The settings for this multiplex program." + }, + "packetIdentifiersMap": { + "$ref": "#/types/aws-native:medialive:MultiplexprogramMultiplexProgramPacketIdentifiersMap", + "description": "The packet identifier map for this multiplex program." + }, + "pipelineDetails": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:medialive:MultiplexprogramMultiplexProgramPipelineDetail" + }, + "description": "Contains information about the current sources for the specified program in the specified multiplex. Keep in mind that each multiplex pipeline connects to both pipelines in a given source channel (the channel identified by the program). But only one of those channel pipelines is ever active at one time." + }, + "preferredChannelPipeline": { + "$ref": "#/types/aws-native:medialive:MultiplexprogramPreferredChannelPipeline", + "description": "The settings for this multiplex program." + }, + "programName": { + "type": "string", + "description": "The name of the multiplex program.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "programName" + }, + "createOnly": [ + "multiplexId", + "programName" + ], + "writeOnly": [ + "preferredChannelPipeline" + ] + }, + "aws-native:mediapackage:Asset": { + "cf": "AWS::MediaPackage::Asset", + "inputs": { + "awsId": { + "type": "string", + "description": "The unique identifier for the Asset." + }, + "egressEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:AssetEgressEndpoint" + }, + "description": "The list of egress endpoints available for the Asset." + }, + "packagingGroupId": { + "type": "string", + "description": "The ID of the PackagingGroup for the Asset." + }, + "resourceId": { + "type": "string", + "description": "The resource ID to include in SPEKE key requests." + }, + "sourceArn": { + "type": "string", + "description": "ARN of the source object in S3." + }, + "sourceRoleArn": { + "type": "string", + "description": "The IAM role_arn used to access the source S3 bucket." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the Asset." + }, + "awsId": { + "type": "string", + "description": "The unique identifier for the Asset." + }, + "createdAt": { + "type": "string", + "description": "The time the Asset was initially submitted for Ingest." + }, + "egressEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:AssetEgressEndpoint" + }, + "description": "The list of egress endpoints available for the Asset." + }, + "packagingGroupId": { + "type": "string", + "description": "The ID of the PackagingGroup for the Asset." + }, + "resourceId": { + "type": "string", + "description": "The resource ID to include in SPEKE key requests." + }, + "sourceArn": { + "type": "string", + "description": "ARN of the source object in S3." + }, + "sourceRoleArn": { + "type": "string", + "description": "The IAM role_arn used to access the source S3 bucket." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "required": [ + "awsId", + "packagingGroupId", + "sourceArn", + "sourceRoleArn" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:mediapackage:Channel": { + "cf": "AWS::MediaPackage::Channel", + "inputs": { + "awsId": { + "type": "string", + "description": "The ID of the Channel." + }, + "description": { + "type": "string", + "description": "A short text description of the Channel." + }, + "egressAccessLogs": { + "$ref": "#/types/aws-native:mediapackage:ChannelLogConfiguration", + "description": "The configuration parameters for egress access logging." + }, + "hlsIngest": { + "$ref": "#/types/aws-native:mediapackage:ChannelHlsIngest", + "description": "An HTTP Live Streaming (HLS) ingest resource configuration." + }, + "ingressAccessLogs": { + "$ref": "#/types/aws-native:mediapackage:ChannelLogConfiguration", + "description": "The configuration parameters for egress access logging." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) assigned to the Channel." + }, + "awsId": { + "type": "string", + "description": "The ID of the Channel." + }, + "description": { + "type": "string", + "description": "A short text description of the Channel." + }, + "egressAccessLogs": { + "$ref": "#/types/aws-native:mediapackage:ChannelLogConfiguration", + "description": "The configuration parameters for egress access logging." + }, + "hlsIngest": { + "$ref": "#/types/aws-native:mediapackage:ChannelHlsIngest", + "description": "An HTTP Live Streaming (HLS) ingest resource configuration." + }, + "ingressAccessLogs": { + "$ref": "#/types/aws-native:mediapackage:ChannelLogConfiguration", + "description": "The configuration parameters for egress access logging." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A collection of tags associated with a resource", + "replaceOnChanges": true + } + }, + "required": [ + "awsId" + ], + "createOnly": [ + "id", + "tags" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:mediapackage:OriginEndpoint": { + "cf": "AWS::MediaPackage::OriginEndpoint", + "inputs": { + "authorization": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointAuthorization", + "description": "Parameters for CDN authorization." + }, + "awsId": { + "type": "string", + "description": "The ID of the OriginEndpoint." + }, + "channelId": { + "type": "string", + "description": "The ID of the Channel the OriginEndpoint is associated with." + }, + "cmafPackage": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointCmafPackage", + "description": "Parameters for Common Media Application Format (CMAF) packaging." + }, + "dashPackage": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointDashPackage", + "description": "Parameters for DASH packaging." + }, + "description": { + "type": "string", + "description": "A short text description of the OriginEndpoint." + }, + "hlsPackage": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointHlsPackage", + "description": "Parameters for Apple HLS packaging." + }, + "manifestName": { + "type": "string", + "description": "A short string appended to the end of the OriginEndpoint URL." + }, + "mssPackage": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointMssPackage", + "description": "Parameters for Microsoft Smooth Streaming packaging." + }, + "origination": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointOrigination", + "description": "Control whether origination of video is allowed for this OriginEndpoint. If set to ALLOW, the OriginEndpoint may by requested, pursuant to any other form of access control. If set to DENY, the OriginEndpoint may not be requested. This can be helpful for Live to VOD harvesting, or for temporarily disabling origination" + }, + "startoverWindowSeconds": { + "type": "integer", + "description": "Maximum duration (seconds) of content to retain for startover playback. If not specified, startover playback will be disabled for the OriginEndpoint." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + }, + "timeDelaySeconds": { + "type": "integer", + "description": "Amount of delay (seconds) to enforce on the playback of live content. If not specified, there will be no time delay in effect for the OriginEndpoint." + }, + "whitelist": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of source IP CIDR blocks that will be allowed to access the OriginEndpoint." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) assigned to the OriginEndpoint." + }, + "authorization": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointAuthorization", + "description": "Parameters for CDN authorization." + }, + "awsId": { + "type": "string", + "description": "The ID of the OriginEndpoint." + }, + "channelId": { + "type": "string", + "description": "The ID of the Channel the OriginEndpoint is associated with." + }, + "cmafPackage": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointCmafPackage", + "description": "Parameters for Common Media Application Format (CMAF) packaging." + }, + "dashPackage": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointDashPackage", + "description": "Parameters for DASH packaging." + }, + "description": { + "type": "string", + "description": "A short text description of the OriginEndpoint." + }, + "hlsPackage": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointHlsPackage", + "description": "Parameters for Apple HLS packaging." + }, + "manifestName": { + "type": "string", + "description": "A short string appended to the end of the OriginEndpoint URL." + }, + "mssPackage": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointMssPackage", + "description": "Parameters for Microsoft Smooth Streaming packaging." + }, + "origination": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointOrigination", + "description": "Control whether origination of video is allowed for this OriginEndpoint. If set to ALLOW, the OriginEndpoint may by requested, pursuant to any other form of access control. If set to DENY, the OriginEndpoint may not be requested. This can be helpful for Live to VOD harvesting, or for temporarily disabling origination" + }, + "startoverWindowSeconds": { + "type": "integer", + "description": "Maximum duration (seconds) of content to retain for startover playback. If not specified, startover playback will be disabled for the OriginEndpoint." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + }, + "timeDelaySeconds": { + "type": "integer", + "description": "Amount of delay (seconds) to enforce on the playback of live content. If not specified, there will be no time delay in effect for the OriginEndpoint." + }, + "url": { + "type": "string", + "description": "The URL of the packaged OriginEndpoint for consumption." + }, + "whitelist": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of source IP CIDR blocks that will be allowed to access the OriginEndpoint." + } + }, + "required": [ + "awsId", + "channelId" + ], + "createOnly": [ + "id" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:mediapackage:PackagingConfiguration": { + "cf": "AWS::MediaPackage::PackagingConfiguration", + "inputs": { + "awsId": { + "type": "string", + "description": "The ID of the PackagingConfiguration." + }, + "cmafPackage": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationCmafPackage", + "description": "A CMAF packaging configuration." + }, + "dashPackage": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationDashPackage", + "description": "A Dynamic Adaptive Streaming over HTTP (DASH) packaging configuration." + }, + "hlsPackage": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationHlsPackage", + "description": "An HTTP Live Streaming (HLS) packaging configuration." + }, + "mssPackage": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationMssPackage", + "description": "A Microsoft Smooth Streaming (MSS) PackagingConfiguration." + }, + "packagingGroupId": { + "type": "string", + "description": "The ID of a PackagingGroup." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the PackagingConfiguration." + }, + "awsId": { + "type": "string", + "description": "The ID of the PackagingConfiguration." + }, + "cmafPackage": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationCmafPackage", + "description": "A CMAF packaging configuration." + }, + "dashPackage": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationDashPackage", + "description": "A Dynamic Adaptive Streaming over HTTP (DASH) packaging configuration." + }, + "hlsPackage": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationHlsPackage", + "description": "An HTTP Live Streaming (HLS) packaging configuration." + }, + "mssPackage": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationMssPackage", + "description": "A Microsoft Smooth Streaming (MSS) PackagingConfiguration." + }, + "packagingGroupId": { + "type": "string", + "description": "The ID of a PackagingGroup." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "required": [ + "awsId", + "packagingGroupId" + ], + "createOnly": [ + "id" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:mediapackage:PackagingGroup": { + "cf": "AWS::MediaPackage::PackagingGroup", + "inputs": { + "authorization": { + "$ref": "#/types/aws-native:mediapackage:PackagingGroupAuthorization", + "description": "CDN Authorization" + }, + "awsId": { + "type": "string", + "description": "The ID of the PackagingGroup." + }, + "egressAccessLogs": { + "$ref": "#/types/aws-native:mediapackage:PackagingGroupLogConfiguration", + "description": "The configuration parameters for egress access logging." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the PackagingGroup." + }, + "authorization": { + "$ref": "#/types/aws-native:mediapackage:PackagingGroupAuthorization", + "description": "CDN Authorization" + }, + "awsId": { + "type": "string", + "description": "The ID of the PackagingGroup." + }, + "domainName": { + "type": "string", + "description": "The fully qualified domain name for Assets in the PackagingGroup." + }, + "egressAccessLogs": { + "$ref": "#/types/aws-native:mediapackage:PackagingGroupLogConfiguration", + "description": "The configuration parameters for egress access logging." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A collection of tags associated with a resource", + "replaceOnChanges": true + } + }, + "required": [ + "awsId" + ], + "createOnly": [ + "id", + "tags" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:mediapackagev2:Channel": { + "cf": "AWS::MediaPackageV2::Channel", + "inputs": { + "channelGroupName": { + "type": "string", + "description": "The name of the channel group associated with the channel configuration." + }, + "channelName": { + "type": "string", + "description": "The name of the channel." + }, + "description": { + "type": "string", + "description": "\u003cp\u003eEnter any descriptive text that helps you to identify the channel.\u003c/p\u003e" + }, + "inputType": { + "$ref": "#/types/aws-native:mediapackagev2:ChannelInputType" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with the channel." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) associated with the resource.\u003c/p\u003e" + }, + "channelGroupName": { + "type": "string", + "description": "The name of the channel group associated with the channel configuration.", + "replaceOnChanges": true + }, + "channelName": { + "type": "string", + "description": "The name of the channel.", + "replaceOnChanges": true + }, + "createdAt": { + "type": "string", + "description": "\u003cp\u003eThe date and time the channel was created.\u003c/p\u003e" + }, + "description": { + "type": "string", + "description": "\u003cp\u003eEnter any descriptive text that helps you to identify the channel.\u003c/p\u003e" + }, + "ingestEndpointUrls": { + "type": "array", + "items": { + "type": "string" + } + }, + "ingestEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackagev2:ChannelIngestEndpoint" + }, + "description": "\u003cp\u003eThe list of ingest endpoints.\u003c/p\u003e" + }, + "inputType": { + "$ref": "#/types/aws-native:mediapackagev2:ChannelInputType", + "replaceOnChanges": true + }, + "modifiedAt": { + "type": "string", + "description": "\u003cp\u003eThe date and time the channel was modified.\u003c/p\u003e" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with the channel." + } + }, + "autoNamingSpec": { + "sdkName": "channelName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "channelGroupName" + ], + "createOnly": [ + "channelGroupName", + "channelName", + "inputType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:mediapackagev2:ChannelGroup": { + "cf": "AWS::MediaPackageV2::ChannelGroup", + "inputs": { + "channelGroupName": { + "type": "string", + "description": "The name of the channel group." + }, + "description": { + "type": "string", + "description": "\u003cp\u003eEnter any descriptive text that helps you to identify the channel group.\u003c/p\u003e" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with the channel group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) associated with the resource.\u003c/p\u003e" + }, + "channelGroupName": { + "type": "string", + "description": "The name of the channel group.", + "replaceOnChanges": true + }, + "createdAt": { + "type": "string", + "description": "\u003cp\u003eThe date and time the channel group was created.\u003c/p\u003e" + }, + "description": { + "type": "string", + "description": "\u003cp\u003eEnter any descriptive text that helps you to identify the channel group.\u003c/p\u003e" + }, + "egressDomain": { + "type": "string", + "description": "\u003cp\u003eThe output domain where the source stream should be sent. Integrate the domain with a downstream CDN (such as Amazon CloudFront) or playback device.\u003c/p\u003e" + }, + "modifiedAt": { + "type": "string", + "description": "\u003cp\u003eThe date and time the channel group was modified.\u003c/p\u003e" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with the channel group." + } + }, + "autoNamingSpec": { + "sdkName": "channelGroupName", + "minLength": 1, + "maxLength": 256 + }, + "createOnly": [ + "channelGroupName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:mediapackagev2:ChannelPolicy": { + "cf": "AWS::MediaPackageV2::ChannelPolicy", + "inputs": { + "channelGroupName": { + "type": "string", + "description": "The name of the channel group associated with the channel policy." + }, + "channelName": { + "type": "string", + "description": "The name of the channel associated with the channel policy." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The policy associated with the channel.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MediaPackageV2::ChannelPolicy` for more information about the expected schema for this property." + } + }, + "outputs": { + "channelGroupName": { + "type": "string", + "description": "The name of the channel group associated with the channel policy.", + "replaceOnChanges": true + }, + "channelName": { + "type": "string", + "description": "The name of the channel associated with the channel policy.", + "replaceOnChanges": true + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The policy associated with the channel.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MediaPackageV2::ChannelPolicy` for more information about the expected schema for this property." + } + }, + "required": [ + "channelGroupName", + "channelName", + "policy" + ], + "createOnly": [ + "channelGroupName", + "channelName" + ] + }, + "aws-native:mediapackagev2:OriginEndpoint": { + "cf": "AWS::MediaPackageV2::OriginEndpoint", + "inputs": { + "channelGroupName": { + "type": "string", + "description": "The name of the channel group associated with the origin endpoint configuration." + }, + "channelName": { + "type": "string", + "description": "The channel name associated with the origin endpoint." + }, + "containerType": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointContainerType", + "description": "The container type associated with the origin endpoint configuration." + }, + "dashManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointDashManifestConfiguration" + }, + "description": "\u003cp\u003eA DASH manifest configuration.\u003c/p\u003e" + }, + "description": { + "type": "string", + "description": "\u003cp\u003eEnter any descriptive text that helps you to identify the origin endpoint.\u003c/p\u003e" + }, + "forceEndpointErrorConfiguration": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointForceEndpointErrorConfiguration" + }, + "hlsManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointHlsManifestConfiguration" + }, + "description": "\u003cp\u003eAn HTTP live streaming (HLS) manifest configuration.\u003c/p\u003e" + }, + "lowLatencyHlsManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointLowLatencyHlsManifestConfiguration" + }, + "description": "\u003cp\u003eA low-latency HLS manifest configuration.\u003c/p\u003e" + }, + "originEndpointName": { + "type": "string", + "description": "The name of the origin endpoint associated with the origin endpoint configuration." + }, + "segment": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointSegment", + "description": "The segment associated with the origin endpoint." + }, + "startoverWindowSeconds": { + "type": "integer", + "description": "\u003cp\u003eThe size of the window (in seconds) to create a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window. The maximum startover window is 1,209,600 seconds (14 days).\u003c/p\u003e" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with the origin endpoint." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) associated with the resource.\u003c/p\u003e" + }, + "channelGroupName": { + "type": "string", + "description": "The name of the channel group associated with the origin endpoint configuration.", + "replaceOnChanges": true + }, + "channelName": { + "type": "string", + "description": "The channel name associated with the origin endpoint.", + "replaceOnChanges": true + }, + "containerType": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointContainerType", + "description": "The container type associated with the origin endpoint configuration." + }, + "createdAt": { + "type": "string", + "description": "\u003cp\u003eThe date and time the origin endpoint was created.\u003c/p\u003e" + }, + "dashManifestUrls": { + "type": "array", + "items": { + "type": "string" + } + }, + "dashManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointDashManifestConfiguration" + }, + "description": "\u003cp\u003eA DASH manifest configuration.\u003c/p\u003e" + }, + "description": { + "type": "string", + "description": "\u003cp\u003eEnter any descriptive text that helps you to identify the origin endpoint.\u003c/p\u003e" + }, + "forceEndpointErrorConfiguration": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointForceEndpointErrorConfiguration" + }, + "hlsManifestUrls": { + "type": "array", + "items": { + "type": "string" + } + }, + "hlsManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointHlsManifestConfiguration" + }, + "description": "\u003cp\u003eAn HTTP live streaming (HLS) manifest configuration.\u003c/p\u003e" + }, + "lowLatencyHlsManifestUrls": { + "type": "array", + "items": { + "type": "string" + } + }, + "lowLatencyHlsManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointLowLatencyHlsManifestConfiguration" + }, + "description": "\u003cp\u003eA low-latency HLS manifest configuration.\u003c/p\u003e" + }, + "modifiedAt": { + "type": "string", + "description": "\u003cp\u003eThe date and time the origin endpoint was modified.\u003c/p\u003e" + }, + "originEndpointName": { + "type": "string", + "description": "The name of the origin endpoint associated with the origin endpoint configuration.", + "replaceOnChanges": true + }, + "segment": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointSegment", + "description": "The segment associated with the origin endpoint." + }, + "startoverWindowSeconds": { + "type": "integer", + "description": "\u003cp\u003eThe size of the window (in seconds) to create a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window. The maximum startover window is 1,209,600 seconds (14 days).\u003c/p\u003e" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with the origin endpoint." + } + }, + "autoNamingSpec": { + "sdkName": "originEndpointName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "channelGroupName", + "channelName" + ], + "createOnly": [ + "channelGroupName", + "channelName", + "originEndpointName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:mediapackagev2:OriginEndpointPolicy": { + "cf": "AWS::MediaPackageV2::OriginEndpointPolicy", + "inputs": { + "channelGroupName": { + "type": "string", + "description": "The name of the channel group associated with the origin endpoint policy." + }, + "channelName": { + "type": "string", + "description": "The channel name associated with the origin endpoint policy." + }, + "originEndpointName": { + "type": "string", + "description": "The name of the origin endpoint associated with the origin endpoint policy." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The policy associated with the origin endpoint.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MediaPackageV2::OriginEndpointPolicy` for more information about the expected schema for this property." + } + }, + "outputs": { + "channelGroupName": { + "type": "string", + "description": "The name of the channel group associated with the origin endpoint policy.", + "replaceOnChanges": true + }, + "channelName": { + "type": "string", + "description": "The channel name associated with the origin endpoint policy.", + "replaceOnChanges": true + }, + "originEndpointName": { + "type": "string", + "description": "The name of the origin endpoint associated with the origin endpoint policy.", + "replaceOnChanges": true + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The policy associated with the origin endpoint.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MediaPackageV2::OriginEndpointPolicy` for more information about the expected schema for this property." + } + }, + "required": [ + "channelGroupName", + "channelName", + "originEndpointName", + "policy" + ], + "createOnly": [ + "channelGroupName", + "channelName", + "originEndpointName" + ] + }, + "aws-native:mediatailor:Channel": { + "cf": "AWS::MediaTailor::Channel", + "inputs": { + "audiences": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe list of audiences defined in channel.\u003c/p\u003e" + }, + "channelName": { + "type": "string", + "description": "The name of the channel." + }, + "fillerSlate": { + "$ref": "#/types/aws-native:mediatailor:ChannelSlateSource", + "description": "The slate used to fill gaps between programs in the schedule. You must configure filler slate if your channel uses the `LINEAR` `PlaybackMode` . MediaTailor doesn't support filler slate for channels using the `LOOP` `PlaybackMode` ." + }, + "logConfiguration": { + "$ref": "#/types/aws-native:mediatailor:ChannelLogConfigurationForChannel", + "description": "The log configuration." + }, + "outputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediatailor:ChannelRequestOutputItem" + }, + "description": "\u003cp\u003eThe channel's output properties.\u003c/p\u003e" + }, + "playbackMode": { + "$ref": "#/types/aws-native:mediatailor:ChannelPlaybackMode", + "description": "The type of playback mode for this channel.\n\n`LINEAR` - Programs play back-to-back only once.\n\n`LOOP` - Programs play back-to-back in an endless loop. When the last program in the schedule plays, playback loops back to the first program in the schedule." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the channel." + }, + "tier": { + "$ref": "#/types/aws-native:mediatailor:ChannelTier", + "description": "The tier for this channel. STANDARD tier channels can contain live programs." + }, + "timeShiftConfiguration": { + "$ref": "#/types/aws-native:mediatailor:ChannelTimeShiftConfiguration", + "description": "The configuration for time-shifted viewing." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe ARN of the channel.\u003c/p\u003e" + }, + "audiences": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe list of audiences defined in channel.\u003c/p\u003e" + }, + "channelName": { + "type": "string", + "description": "The name of the channel.", + "replaceOnChanges": true + }, + "fillerSlate": { + "$ref": "#/types/aws-native:mediatailor:ChannelSlateSource", + "description": "The slate used to fill gaps between programs in the schedule. You must configure filler slate if your channel uses the `LINEAR` `PlaybackMode` . MediaTailor doesn't support filler slate for channels using the `LOOP` `PlaybackMode` ." + }, + "logConfiguration": { + "$ref": "#/types/aws-native:mediatailor:ChannelLogConfigurationForChannel", + "description": "The log configuration." + }, + "outputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediatailor:ChannelRequestOutputItem" + }, + "description": "\u003cp\u003eThe channel's output properties.\u003c/p\u003e" + }, + "playbackMode": { + "$ref": "#/types/aws-native:mediatailor:ChannelPlaybackMode", + "description": "The type of playback mode for this channel.\n\n`LINEAR` - Programs play back-to-back only once.\n\n`LOOP` - Programs play back-to-back in an endless loop. When the last program in the schedule plays, playback loops back to the first program in the schedule." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the channel." + }, + "tier": { + "$ref": "#/types/aws-native:mediatailor:ChannelTier", + "description": "The tier for this channel. STANDARD tier channels can contain live programs.", + "replaceOnChanges": true + }, + "timeShiftConfiguration": { + "$ref": "#/types/aws-native:mediatailor:ChannelTimeShiftConfiguration", + "description": "The configuration for time-shifted viewing." + } + }, + "autoNamingSpec": { + "sdkName": "channelName" + }, + "required": [ + "outputs", + "playbackMode" + ], + "createOnly": [ + "channelName", + "tier" + ], + "writeOnly": [ + "outputs" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:mediatailor:ChannelPolicy": { + "cf": "AWS::MediaTailor::ChannelPolicy", + "inputs": { + "channelName": { + "type": "string", + "description": "The name of the channel associated with this Channel Policy." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "\u003cp\u003eThe IAM policy for the channel. IAM policies are used to control access to your channel.\u003c/p\u003e\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MediaTailor::ChannelPolicy` for more information about the expected schema for this property." + } + }, + "outputs": { + "channelName": { + "type": "string", + "description": "The name of the channel associated with this Channel Policy.", + "replaceOnChanges": true + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "\u003cp\u003eThe IAM policy for the channel. IAM policies are used to control access to your channel.\u003c/p\u003e\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MediaTailor::ChannelPolicy` for more information about the expected schema for this property." + } + }, + "required": [ + "channelName", + "policy" + ], + "createOnly": [ + "channelName" + ] + }, + "aws-native:mediatailor:LiveSource": { + "cf": "AWS::MediaTailor::LiveSource", + "inputs": { + "httpPackageConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediatailor:LiveSourceHttpPackageConfiguration" + }, + "description": "\u003cp\u003eA list of HTTP package configuration parameters for this live source.\u003c/p\u003e" + }, + "liveSourceName": { + "type": "string", + "description": "The name that's used to refer to a live source." + }, + "sourceLocationName": { + "type": "string", + "description": "The name of the source location." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the live source." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe ARN of the live source.\u003c/p\u003e" + }, + "httpPackageConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediatailor:LiveSourceHttpPackageConfiguration" + }, + "description": "\u003cp\u003eA list of HTTP package configuration parameters for this live source.\u003c/p\u003e" + }, + "liveSourceName": { + "type": "string", + "description": "The name that's used to refer to a live source.", + "replaceOnChanges": true + }, + "sourceLocationName": { + "type": "string", + "description": "The name of the source location.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the live source." + } + }, + "autoNamingSpec": { + "sdkName": "liveSourceName" + }, + "required": [ + "httpPackageConfigurations", + "sourceLocationName" + ], + "createOnly": [ + "liveSourceName", + "sourceLocationName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:mediatailor:PlaybackConfiguration": { + "cf": "AWS::MediaTailor::PlaybackConfiguration", + "inputs": { + "adDecisionServerUrl": { + "type": "string", + "description": "The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters." + }, + "availSuppression": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationAvailSuppression", + "description": "The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see Ad Suppression (https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html)." + }, + "bumper": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationBumper", + "description": "The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see Bumpers (https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html)." + }, + "cdnConfiguration": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationCdnConfiguration", + "description": "The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management." + }, + "configurationAliases": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see Domain Variables. " + }, + "dashConfiguration": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationDashConfiguration", + "description": "The configuration for DASH content." + }, + "hlsConfiguration": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationHlsConfiguration", + "description": "The configuration for HLS content." + }, + "livePreRollConfiguration": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationLivePreRollConfiguration", + "description": "The configuration for pre-roll ad insertion." + }, + "manifestProcessingRules": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationManifestProcessingRules", + "description": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor." + }, + "name": { + "type": "string", + "description": "The identifier for the playback configuration." + }, + "personalizationThresholdSeconds": { + "type": "integer", + "description": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to ad replacement in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see Ad Behavior in AWS Elemental MediaTailor (https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html)." + }, + "slateAdUrl": { + "type": "string", + "description": "The URL for a high-quality video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID configurations. For VPAID, the slate is required because MediaTailor provides it in the slots that are designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the playback configuration." + }, + "transcodeProfileName": { + "type": "string", + "description": "The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support." + }, + "videoContentSourceUrl": { + "type": "string", + "description": "The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters." + } + }, + "outputs": { + "adDecisionServerUrl": { + "type": "string", + "description": "The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters." + }, + "availSuppression": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationAvailSuppression", + "description": "The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see Ad Suppression (https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html)." + }, + "bumper": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationBumper", + "description": "The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see Bumpers (https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html)." + }, + "cdnConfiguration": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationCdnConfiguration", + "description": "The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management." + }, + "configurationAliases": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see Domain Variables. " + }, + "dashConfiguration": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationDashConfiguration", + "description": "The configuration for DASH content." + }, + "hlsConfiguration": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationHlsConfiguration", + "description": "The configuration for HLS content." + }, + "livePreRollConfiguration": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationLivePreRollConfiguration", + "description": "The configuration for pre-roll ad insertion." + }, + "manifestProcessingRules": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationManifestProcessingRules", + "description": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor." + }, + "name": { + "type": "string", + "description": "The identifier for the playback configuration.", + "replaceOnChanges": true + }, + "personalizationThresholdSeconds": { + "type": "integer", + "description": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to ad replacement in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see Ad Behavior in AWS Elemental MediaTailor (https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html)." + }, + "playbackConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the playback configuration." + }, + "playbackEndpointPrefix": { + "type": "string", + "description": "The URL that the player accesses to get a manifest from MediaTailor. This session will use server-side reporting." + }, + "sessionInitializationEndpointPrefix": { + "type": "string", + "description": "The URL that the player uses to initialize a session that uses client-side reporting." + }, + "slateAdUrl": { + "type": "string", + "description": "The URL for a high-quality video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID configurations. For VPAID, the slate is required because MediaTailor provides it in the slots that are designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the playback configuration." + }, + "transcodeProfileName": { + "type": "string", + "description": "The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support." + }, + "videoContentSourceUrl": { + "type": "string", + "description": "The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "adDecisionServerUrl", + "videoContentSourceUrl" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:mediatailor:SourceLocation": { + "cf": "AWS::MediaTailor::SourceLocation", + "inputs": { + "accessConfiguration": { + "$ref": "#/types/aws-native:mediatailor:SourceLocationAccessConfiguration", + "description": "The access configuration for the source location." + }, + "defaultSegmentDeliveryConfiguration": { + "$ref": "#/types/aws-native:mediatailor:SourceLocationDefaultSegmentDeliveryConfiguration", + "description": "The default segment delivery configuration." + }, + "httpConfiguration": { + "$ref": "#/types/aws-native:mediatailor:SourceLocationHttpConfiguration", + "description": "The HTTP configuration for the source location." + }, + "segmentDeliveryConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediatailor:SourceLocationSegmentDeliveryConfiguration" + }, + "description": "\u003cp\u003eA list of the segment delivery configurations associated with this resource.\u003c/p\u003e" + }, + "sourceLocationName": { + "type": "string", + "description": "The name of the source location." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the source location." + } + }, + "outputs": { + "accessConfiguration": { + "$ref": "#/types/aws-native:mediatailor:SourceLocationAccessConfiguration", + "description": "The access configuration for the source location." + }, + "arn": { + "type": "string", + "description": "\u003cp\u003eThe ARN of the source location.\u003c/p\u003e" + }, + "defaultSegmentDeliveryConfiguration": { + "$ref": "#/types/aws-native:mediatailor:SourceLocationDefaultSegmentDeliveryConfiguration", + "description": "The default segment delivery configuration." + }, + "httpConfiguration": { + "$ref": "#/types/aws-native:mediatailor:SourceLocationHttpConfiguration", + "description": "The HTTP configuration for the source location." + }, + "segmentDeliveryConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediatailor:SourceLocationSegmentDeliveryConfiguration" + }, + "description": "\u003cp\u003eA list of the segment delivery configurations associated with this resource.\u003c/p\u003e" + }, + "sourceLocationName": { + "type": "string", + "description": "The name of the source location.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the source location." + } + }, + "autoNamingSpec": { + "sdkName": "sourceLocationName" + }, + "required": [ + "httpConfiguration" + ], + "createOnly": [ + "sourceLocationName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:mediatailor:VodSource": { + "cf": "AWS::MediaTailor::VodSource", + "inputs": { + "httpPackageConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediatailor:VodSourceHttpPackageConfiguration" + }, + "description": "\u003cp\u003eA list of HTTP package configuration parameters for this VOD source.\u003c/p\u003e" + }, + "sourceLocationName": { + "type": "string", + "description": "The name of the source location that the VOD source is associated with." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the VOD source." + }, + "vodSourceName": { + "type": "string", + "description": "The name of the VOD source." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe ARN of the VOD source.\u003c/p\u003e" + }, + "httpPackageConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediatailor:VodSourceHttpPackageConfiguration" + }, + "description": "\u003cp\u003eA list of HTTP package configuration parameters for this VOD source.\u003c/p\u003e" + }, + "sourceLocationName": { + "type": "string", + "description": "The name of the source location that the VOD source is associated with.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to assign to the VOD source." + }, + "vodSourceName": { + "type": "string", + "description": "The name of the VOD source.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "vodSourceName" + }, + "required": [ + "httpPackageConfigurations", + "sourceLocationName" + ], + "createOnly": [ + "sourceLocationName", + "vodSourceName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:memorydb:Acl": { + "cf": "AWS::MemoryDB::ACL", + "inputs": { + "aclName": { + "type": "string", + "description": "The name of the acl." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this cluster." + }, + "userNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of users associated to this acl." + } + }, + "outputs": { + "aclName": { + "type": "string", + "description": "The name of the acl.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the acl." + }, + "status": { + "type": "string", + "description": "Indicates acl status. Can be \"creating\", \"active\", \"modifying\", \"deleting\"." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this cluster." + }, + "userNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of users associated to this acl." + } + }, + "autoNamingSpec": { + "sdkName": "aclName" + }, + "createOnly": [ + "aclName" + ], + "irreversibleNames": { + "aclName": "ACLName" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:memorydb:Cluster": { + "cf": "AWS::MemoryDB::Cluster", + "inputs": { + "aclName": { + "type": "string", + "description": "The name of the Access Control List to associate with the cluster." + }, + "autoMinorVersionUpgrade": { + "type": "boolean", + "description": "A flag that enables automatic minor version upgrade when set to true.\n\nYou cannot modify the value of AutoMinorVersionUpgrade after the cluster is created. To enable AutoMinorVersionUpgrade on a cluster you must set AutoMinorVersionUpgrade to true when you create a cluster." + }, + "clusterEndpoint": { + "$ref": "#/types/aws-native:memorydb:ClusterEndpoint", + "description": "The cluster endpoint." + }, + "clusterName": { + "type": "string", + "description": "The name of the cluster. This value must be unique as it also serves as the cluster identifier." + }, + "dataTiering": { + "$ref": "#/types/aws-native:memorydb:ClusterDataTieringStatus", + "description": "Enables data tiering. Data tiering is only supported for clusters using the r6gd node type. This parameter must be set when using r6gd nodes." + }, + "description": { + "type": "string", + "description": "An optional description of the cluster." + }, + "engineVersion": { + "type": "string", + "description": "The Redis engine version used by the cluster." + }, + "finalSnapshotName": { + "type": "string", + "description": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward." + }, + "kmsKeyId": { + "type": "string", + "description": "The ID of the KMS key used to encrypt the cluster." + }, + "maintenanceWindow": { + "type": "string", + "description": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period." + }, + "nodeType": { + "type": "string", + "description": "The compute and memory capacity of the nodes in the cluster." + }, + "numReplicasPerShard": { + "type": "integer", + "description": "The number of replicas to apply to each shard. The limit is 5." + }, + "numShards": { + "type": "integer", + "description": "The number of shards the cluster will contain." + }, + "parameterGroupName": { + "type": "string", + "description": "The name of the parameter group associated with the cluster." + }, + "port": { + "type": "integer", + "description": "The port number on which each member of the cluster accepts connections." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more Amazon VPC security groups associated with this cluster." + }, + "snapshotArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster. The Amazon S3 object name in the ARN cannot contain any commas." + }, + "snapshotName": { + "type": "string", + "description": "The name of a snapshot from which to restore data into the new cluster. The snapshot status changes to restoring while the new cluster is being created." + }, + "snapshotRetentionLimit": { + "type": "integer", + "description": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted." + }, + "snapshotWindow": { + "type": "string", + "description": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your cluster." + }, + "snsTopicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent." + }, + "snsTopicStatus": { + "type": "string", + "description": "The status of the Amazon SNS notification topic. Notifications are sent only if the status is enabled." + }, + "subnetGroupName": { + "type": "string", + "description": "The name of the subnet group to be used for the cluster." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this cluster." + }, + "tlsEnabled": { + "type": "boolean", + "description": "A flag that enables in-transit encryption when set to true.\n\nYou cannot modify the value of TransitEncryptionEnabled after the cluster is created. To enable in-transit encryption on a cluster you must set TransitEncryptionEnabled to true when you create a cluster." + } + }, + "outputs": { + "aclName": { + "type": "string", + "description": "The name of the Access Control List to associate with the cluster." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the cluster." + }, + "autoMinorVersionUpgrade": { + "type": "boolean", + "description": "A flag that enables automatic minor version upgrade when set to true.\n\nYou cannot modify the value of AutoMinorVersionUpgrade after the cluster is created. To enable AutoMinorVersionUpgrade on a cluster you must set AutoMinorVersionUpgrade to true when you create a cluster." + }, + "clusterEndpoint": { + "$ref": "#/types/aws-native:memorydb:ClusterEndpoint", + "description": "The cluster endpoint." + }, + "clusterName": { + "type": "string", + "description": "The name of the cluster. This value must be unique as it also serves as the cluster identifier.", + "replaceOnChanges": true + }, + "dataTiering": { + "$ref": "#/types/aws-native:memorydb:ClusterDataTieringStatus", + "description": "Enables data tiering. Data tiering is only supported for clusters using the r6gd node type. This parameter must be set when using r6gd nodes.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "An optional description of the cluster." + }, + "engineVersion": { + "type": "string", + "description": "The Redis engine version used by the cluster." + }, + "finalSnapshotName": { + "type": "string", + "description": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward." + }, + "kmsKeyId": { + "type": "string", + "description": "The ID of the KMS key used to encrypt the cluster.", + "replaceOnChanges": true + }, + "maintenanceWindow": { + "type": "string", + "description": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period." + }, + "nodeType": { + "type": "string", + "description": "The compute and memory capacity of the nodes in the cluster." + }, + "numReplicasPerShard": { + "type": "integer", + "description": "The number of replicas to apply to each shard. The limit is 5." + }, + "numShards": { + "type": "integer", + "description": "The number of shards the cluster will contain." + }, + "parameterGroupName": { + "type": "string", + "description": "The name of the parameter group associated with the cluster." + }, + "parameterGroupStatus": { + "type": "string", + "description": "The status of the parameter group used by the cluster." + }, + "port": { + "type": "integer", + "description": "The port number on which each member of the cluster accepts connections.", + "replaceOnChanges": true + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more Amazon VPC security groups associated with this cluster." + }, + "snapshotArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster. The Amazon S3 object name in the ARN cannot contain any commas.", + "replaceOnChanges": true + }, + "snapshotName": { + "type": "string", + "description": "The name of a snapshot from which to restore data into the new cluster. The snapshot status changes to restoring while the new cluster is being created.", + "replaceOnChanges": true + }, + "snapshotRetentionLimit": { + "type": "integer", + "description": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted." + }, + "snapshotWindow": { + "type": "string", + "description": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your cluster." + }, + "snsTopicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent." + }, + "snsTopicStatus": { + "type": "string", + "description": "The status of the Amazon SNS notification topic. Notifications are sent only if the status is enabled." + }, + "status": { + "type": "string", + "description": "The status of the cluster. For example, Available, Updating, Creating." + }, + "subnetGroupName": { + "type": "string", + "description": "The name of the subnet group to be used for the cluster.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this cluster." + }, + "tlsEnabled": { + "type": "boolean", + "description": "A flag that enables in-transit encryption when set to true.\n\nYou cannot modify the value of TransitEncryptionEnabled after the cluster is created. To enable in-transit encryption on a cluster you must set TransitEncryptionEnabled to true when you create a cluster.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "clusterName" + }, + "required": [ + "aclName", + "nodeType" + ], + "createOnly": [ + "clusterName", + "dataTiering", + "kmsKeyId", + "port", + "snapshotArns", + "snapshotName", + "subnetGroupName", + "tlsEnabled" + ], + "writeOnly": [ + "finalSnapshotName", + "snapshotArns", + "snapshotName" + ], + "irreversibleNames": { + "aclName": "ACLName", + "arn": "ARN", + "tlsEnabled": "TLSEnabled" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:memorydb:ParameterGroup": { + "cf": "AWS::MemoryDB::ParameterGroup", + "inputs": { + "description": { + "type": "string", + "description": "A description of the parameter group." + }, + "family": { + "type": "string", + "description": "The name of the parameter group family that this parameter group is compatible with." + }, + "parameterGroupName": { + "type": "string", + "description": "The name of the parameter group." + }, + "parameters": { + "$ref": "pulumi.json#/Any", + "description": "An map of parameter names and values for the parameter update. You must supply at least one parameter name and value; subsequent arguments are optional.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MemoryDB::ParameterGroup` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this parameter group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the parameter group." + }, + "description": { + "type": "string", + "description": "A description of the parameter group.", + "replaceOnChanges": true + }, + "family": { + "type": "string", + "description": "The name of the parameter group family that this parameter group is compatible with.", + "replaceOnChanges": true + }, + "parameterGroupName": { + "type": "string", + "description": "The name of the parameter group.", + "replaceOnChanges": true + }, + "parameters": { + "$ref": "pulumi.json#/Any", + "description": "An map of parameter names and values for the parameter update. You must supply at least one parameter name and value; subsequent arguments are optional.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MemoryDB::ParameterGroup` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this parameter group." + } + }, + "autoNamingSpec": { + "sdkName": "parameterGroupName" + }, + "required": [ + "family" + ], + "createOnly": [ + "description", + "family", + "parameterGroupName" + ], + "writeOnly": [ + "parameters" + ], + "irreversibleNames": { + "arn": "ARN" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:memorydb:SubnetGroup": { + "cf": "AWS::MemoryDB::SubnetGroup", + "inputs": { + "description": { + "type": "string", + "description": "An optional description of the subnet group." + }, + "subnetGroupName": { + "type": "string", + "description": "The name of the subnet group. This value must be unique as it also serves as the subnet group identifier." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of VPC subnet IDs for the subnet group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this subnet group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the subnet group." + }, + "description": { + "type": "string", + "description": "An optional description of the subnet group." + }, + "subnetGroupName": { + "type": "string", + "description": "The name of the subnet group. This value must be unique as it also serves as the subnet group identifier.", + "replaceOnChanges": true + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of VPC subnet IDs for the subnet group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this subnet group." + } + }, + "autoNamingSpec": { + "sdkName": "subnetGroupName" + }, + "required": [ + "subnetIds" + ], + "createOnly": [ + "subnetGroupName" + ], + "irreversibleNames": { + "arn": "ARN" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:memorydb:User": { + "cf": "AWS::MemoryDB::User", + "inputs": { + "accessString": { + "type": "string", + "description": "Access permissions string used for this user account." + }, + "authenticationMode": { + "$ref": "#/types/aws-native:memorydb:AuthenticationModeProperties", + "description": "Denotes whether the user requires a password to authenticate.\n\n*Example:*\n\n`mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* \u0026* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { \"Passwords\": [\"1234567890123456\"], \"Type\": \"Password\" }`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this user." + }, + "userName": { + "type": "string", + "description": "The name of the user." + } + }, + "outputs": { + "accessString": { + "type": "string", + "description": "Access permissions string used for this user account." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the user account." + }, + "authenticationMode": { + "$ref": "#/types/aws-native:memorydb:AuthenticationModeProperties", + "description": "Denotes whether the user requires a password to authenticate.\n\n*Example:*\n\n`mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* \u0026* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { \"Passwords\": [\"1234567890123456\"], \"Type\": \"Password\" }`" + }, + "status": { + "type": "string", + "description": "Indicates the user status. Can be \"active\", \"modifying\" or \"deleting\"." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this user." + }, + "userName": { + "type": "string", + "description": "The name of the user.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "userName" + }, + "createOnly": [ + "userName" + ], + "writeOnly": [ + "accessString", + "authenticationMode" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:msk:BatchScramSecret": { + "cf": "AWS::MSK::BatchScramSecret", + "inputs": { + "clusterArn": { + "type": "string" + }, + "secretArnList": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "outputs": { + "clusterArn": { + "type": "string", + "replaceOnChanges": true + }, + "secretArnList": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "required": [ + "clusterArn" + ], + "createOnly": [ + "clusterArn" + ] + }, + "aws-native:msk:Cluster": { + "cf": "AWS::MSK::Cluster", + "inputs": { + "brokerNodeGroupInfo": { + "$ref": "#/types/aws-native:msk:ClusterBrokerNodeGroupInfo", + "description": "Information about the broker nodes in the cluster." + }, + "clientAuthentication": { + "$ref": "#/types/aws-native:msk:ClusterClientAuthentication", + "description": "Includes all client authentication related information." + }, + "clusterName": { + "type": "string", + "description": "The name of the cluster." + }, + "configurationInfo": { + "$ref": "#/types/aws-native:msk:ClusterConfigurationInfo", + "description": "Represents the configuration that you want MSK to use for the cluster." + }, + "currentVersion": { + "type": "string", + "description": "The current version of the MSK cluster" + }, + "encryptionInfo": { + "$ref": "#/types/aws-native:msk:ClusterEncryptionInfo", + "description": "Includes all encryption-related information." + }, + "enhancedMonitoring": { + "$ref": "#/types/aws-native:msk:ClusterEnhancedMonitoring", + "description": "Specifies the level of monitoring for the MSK cluster. The possible values are `DEFAULT` , `PER_BROKER` , and `PER_TOPIC_PER_BROKER` ." + }, + "kafkaVersion": { + "type": "string", + "description": "The version of Apache Kafka. You can use Amazon MSK to create clusters that use Apache Kafka versions 1.1.1 and 2.2.1." + }, + "loggingInfo": { + "$ref": "#/types/aws-native:msk:ClusterLoggingInfo", + "description": "Logging Info details." + }, + "numberOfBrokerNodes": { + "type": "integer", + "description": "The number of broker nodes in the cluster." + }, + "openMonitoring": { + "$ref": "#/types/aws-native:msk:ClusterOpenMonitoring", + "description": "The settings for open monitoring." + }, + "storageMode": { + "$ref": "#/types/aws-native:msk:ClusterStorageMode", + "description": "This controls storage mode for supported storage tiers." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + } + }, + "outputs": { + "arn": { + "type": "string" + }, + "brokerNodeGroupInfo": { + "$ref": "#/types/aws-native:msk:ClusterBrokerNodeGroupInfo", + "description": "Information about the broker nodes in the cluster." + }, + "clientAuthentication": { + "$ref": "#/types/aws-native:msk:ClusterClientAuthentication", + "description": "Includes all client authentication related information." + }, + "clusterName": { + "type": "string", + "description": "The name of the cluster.", + "replaceOnChanges": true + }, + "configurationInfo": { + "$ref": "#/types/aws-native:msk:ClusterConfigurationInfo", + "description": "Represents the configuration that you want MSK to use for the cluster." + }, + "currentVersion": { + "type": "string", + "description": "The current version of the MSK cluster" + }, + "encryptionInfo": { + "$ref": "#/types/aws-native:msk:ClusterEncryptionInfo", + "description": "Includes all encryption-related information." + }, + "enhancedMonitoring": { + "$ref": "#/types/aws-native:msk:ClusterEnhancedMonitoring", + "description": "Specifies the level of monitoring for the MSK cluster. The possible values are `DEFAULT` , `PER_BROKER` , and `PER_TOPIC_PER_BROKER` ." + }, + "kafkaVersion": { + "type": "string", + "description": "The version of Apache Kafka. You can use Amazon MSK to create clusters that use Apache Kafka versions 1.1.1 and 2.2.1." + }, + "loggingInfo": { + "$ref": "#/types/aws-native:msk:ClusterLoggingInfo", + "description": "Logging Info details." + }, + "numberOfBrokerNodes": { + "type": "integer", + "description": "The number of broker nodes in the cluster." + }, + "openMonitoring": { + "$ref": "#/types/aws-native:msk:ClusterOpenMonitoring", + "description": "The settings for open monitoring." + }, + "storageMode": { + "$ref": "#/types/aws-native:msk:ClusterStorageMode", + "description": "This controls storage mode for supported storage tiers." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + } + }, + "autoNamingSpec": { + "sdkName": "clusterName", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "brokerNodeGroupInfo", + "kafkaVersion", + "numberOfBrokerNodes" + ], + "createOnly": [ + "brokerNodeGroupInfo/BrokerAzDistribution", + "brokerNodeGroupInfo/ClientSubnets", + "brokerNodeGroupInfo/SecurityGroups", + "clusterName", + "encryptionInfo/EncryptionAtRest", + "encryptionInfo/EncryptionInTransit/InCluster" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:msk:ClusterPolicy": { + "cf": "AWS::MSK::ClusterPolicy", + "inputs": { + "clusterArn": { + "type": "string", + "description": "The arn of the cluster for the resource policy." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified cluster.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MSK::ClusterPolicy` for more information about the expected schema for this property." + } + }, + "outputs": { + "clusterArn": { + "type": "string", + "description": "The arn of the cluster for the resource policy.", + "replaceOnChanges": true + }, + "currentVersion": { + "type": "string", + "description": "The current version of the policy attached to the specified cluster" + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified cluster.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MSK::ClusterPolicy` for more information about the expected schema for this property." + } + }, + "required": [ + "clusterArn", + "policy" + ], + "createOnly": [ + "clusterArn" + ] + }, + "aws-native:msk:Configuration": { + "cf": "AWS::MSK::Configuration", + "inputs": { + "description": { + "type": "string", + "description": "The description of the configuration." + }, + "kafkaVersionsList": { + "type": "array", + "items": { + "type": "string" + } + }, + "latestRevision": { + "$ref": "#/types/aws-native:msk:ConfigurationLatestRevision", + "description": "Latest revision of the configuration." + }, + "name": { + "type": "string", + "description": "The name of the configuration. Configuration names are strings that match the regex \"^[0-9A-Za-z][0-9A-Za-z-]{0,}$\"." + }, + "serverProperties": { + "type": "string", + "description": "Contents of the server.properties file. When using the API, you must ensure that the contents of the file are base64 encoded. When using the console, the SDK, or the CLI, the contents of server.properties can be in plaintext." + } + }, + "outputs": { + "arn": { + "type": "string" + }, + "description": { + "type": "string", + "description": "The description of the configuration." + }, + "kafkaVersionsList": { + "type": "array", + "items": { + "type": "string" + }, + "replaceOnChanges": true + }, + "latestRevision": { + "$ref": "#/types/aws-native:msk:ConfigurationLatestRevision", + "description": "Latest revision of the configuration." + }, + "name": { + "type": "string", + "description": "The name of the configuration. Configuration names are strings that match the regex \"^[0-9A-Za-z][0-9A-Za-z-]{0,}$\".", + "replaceOnChanges": true + }, + "serverProperties": { + "type": "string", + "description": "Contents of the server.properties file. When using the API, you must ensure that the contents of the file are base64 encoded. When using the console, the SDK, or the CLI, the contents of server.properties can be in plaintext." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "serverProperties" + ], + "createOnly": [ + "kafkaVersionsList", + "name" + ], + "writeOnly": [ + "serverProperties" + ] + }, + "aws-native:msk:Replicator": { + "cf": "AWS::MSK::Replicator", + "inputs": { + "currentVersion": { + "type": "string", + "description": "The current version of the MSK replicator." + }, + "description": { + "type": "string", + "description": "A summary description of the replicator." + }, + "kafkaClusters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:msk:ReplicatorKafkaCluster" + }, + "description": "Specifies a list of Kafka clusters which are targets of the replicator." + }, + "replicationInfoList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:msk:ReplicatorReplicationInfo" + }, + "description": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow." + }, + "replicatorName": { + "type": "string", + "description": "The name of the replicator." + }, + "serviceExecutionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role used by the replicator to access external resources." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "currentVersion": { + "type": "string", + "description": "The current version of the MSK replicator." + }, + "description": { + "type": "string", + "description": "A summary description of the replicator.", + "replaceOnChanges": true + }, + "kafkaClusters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:msk:ReplicatorKafkaCluster" + }, + "description": "Specifies a list of Kafka clusters which are targets of the replicator.", + "replaceOnChanges": true + }, + "replicationInfoList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:msk:ReplicatorReplicationInfo" + }, + "description": "A list of replication configurations, where each configuration targets a given source cluster to target cluster replication flow." + }, + "replicatorArn": { + "type": "string", + "description": "Amazon Resource Name for the created replicator." + }, + "replicatorName": { + "type": "string", + "description": "The name of the replicator.", + "replaceOnChanges": true + }, + "serviceExecutionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role used by the replicator to access external resources.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "autoNamingSpec": { + "sdkName": "replicatorName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "kafkaClusters", + "replicationInfoList", + "serviceExecutionRoleArn" + ], + "createOnly": [ + "description", + "kafkaClusters", + "replicationInfoList/-/TopicReplication/StartingPosition/Type", + "replicatorName", + "serviceExecutionRoleArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:msk:ServerlessCluster": { + "cf": "AWS::MSK::ServerlessCluster", + "inputs": { + "clientAuthentication": { + "$ref": "#/types/aws-native:msk:ServerlessClusterClientAuthentication", + "description": "Includes all client authentication information." + }, + "clusterName": { + "type": "string" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + }, + "vpcConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:msk:ServerlessClusterVpcConfig" + } + } + }, + "outputs": { + "arn": { + "type": "string" + }, + "clientAuthentication": { + "$ref": "#/types/aws-native:msk:ServerlessClusterClientAuthentication", + "description": "Includes all client authentication information.", + "replaceOnChanges": true + }, + "clusterName": { + "type": "string", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource.", + "replaceOnChanges": true + }, + "vpcConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:msk:ServerlessClusterVpcConfig" + }, + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "clusterName", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "clientAuthentication", + "vpcConfigs" + ], + "createOnly": [ + "clientAuthentication", + "clusterName", + "tags", + "vpcConfigs" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:msk:VpcConnection": { + "cf": "AWS::MSK::VpcConnection", + "inputs": { + "authentication": { + "$ref": "#/types/aws-native:msk:VpcConnectionAuthentication", + "description": "The type of private link authentication." + }, + "clientSubnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of subnets in the client VPC to connect to." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security groups to attach to the ENIs for the broker nodes." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Create tags when creating the VPC connection." + }, + "targetClusterArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target cluster" + }, + "vpcId": { + "type": "string", + "description": "The VPC id of the remote client." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the VPC connection." + }, + "authentication": { + "$ref": "#/types/aws-native:msk:VpcConnectionAuthentication", + "description": "The type of private link authentication.", + "replaceOnChanges": true + }, + "clientSubnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of subnets in the client VPC to connect to.", + "replaceOnChanges": true + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security groups to attach to the ENIs for the broker nodes.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Create tags when creating the VPC connection." + }, + "targetClusterArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target cluster", + "replaceOnChanges": true + }, + "vpcId": { + "type": "string", + "description": "The VPC id of the remote client.", + "replaceOnChanges": true + } + }, + "required": [ + "authentication", + "clientSubnets", + "securityGroups", + "targetClusterArn", + "vpcId" + ], + "createOnly": [ + "authentication", + "clientSubnets", + "securityGroups", + "targetClusterArn", + "vpcId" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:mwaa:Environment": { + "cf": "AWS::MWAA::Environment", + "inputs": { + "airflowConfigurationOptions": { + "$ref": "pulumi.json#/Any", + "description": "Key/value pairs representing Airflow configuration variables.\n Keys are prefixed by their section:\n\n [core]\n dags_folder={AIRFLOW_HOME}/dags\n\n Would be represented as\n\n \"core.dags_folder\": \"{AIRFLOW_HOME}/dags\"\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MWAA::Environment` for more information about the expected schema for this property." + }, + "airflowVersion": { + "type": "string", + "description": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` | `2.8.1` | `2.9.2` (latest)" + }, + "dagS3Path": { + "type": "string", + "description": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) ." + }, + "endpointManagement": { + "$ref": "#/types/aws-native:mwaa:EnvironmentEndpointManagement", + "description": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC." + }, + "environmentClass": { + "type": "string", + "description": "The environment class type. Valid values: `mw1.small` , `mw1.medium` , `mw1.large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) ." + }, + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) ." + }, + "kmsKey": { + "type": "string", + "description": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced)." + }, + "loggingConfiguration": { + "$ref": "#/types/aws-native:mwaa:EnvironmentLoggingConfiguration", + "description": "The Apache Airflow logs being sent to CloudWatch Logs: `DagProcessingLogs` , `SchedulerLogs` , `TaskLogs` , `WebserverLogs` , `WorkerLogs` ." + }, + "maxWebservers": { + "type": "integer", + "description": "The maximum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. For example, in scenarios where your workload requires network calls to the Apache Airflow REST API with a high transaction-per-second (TPS) rate, Amazon MWAA will increase the number of web servers up to the number set in `MaxWebserers` . As TPS rates decrease Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: Accepts between `2` and `5` . Defaults to `2` ." + }, + "maxWorkers": { + "type": "integer", + "description": "The maximum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. For example, `20` . When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the one worker that is included with your environment, or the number you specify in `MinWorkers` ." + }, + "minWebservers": { + "type": "integer", + "description": "The minimum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. As the transaction-per-second rate, and the network load, decrease, Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: Accepts between `2` and `5` . Defaults to `2` ." + }, + "minWorkers": { + "type": "integer", + "description": "The minimum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the worker count you specify in the `MinWorkers` field. For example, `2` ." + }, + "name": { + "type": "string", + "description": "The name of your Amazon MWAA environment." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:mwaa:EnvironmentNetworkConfiguration", + "description": "The VPC networking components used to secure and enable network traffic between the AWS resources for your environment. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) ." + }, + "pluginsS3ObjectVersion": { + "type": "string", + "description": "The version of the plugins.zip file on your Amazon S3 bucket. To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) ." + }, + "pluginsS3Path": { + "type": "string", + "description": "The relative path to the `plugins.zip` file on your Amazon S3 bucket. For example, `plugins.zip` . To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) ." + }, + "requirementsS3ObjectVersion": { + "type": "string", + "description": "The version of the requirements.txt file on your Amazon S3 bucket. To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) ." + }, + "requirementsS3Path": { + "type": "string", + "description": "The relative path to the `requirements.txt` file on your Amazon S3 bucket. For example, `requirements.txt` . To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) ." + }, + "schedulers": { + "type": "integer", + "description": "The number of schedulers that you want to run in your environment. Valid values:\n\n- *v2* - Accepts between 2 to 5. Defaults to 2.\n- *v1* - Accepts 1." + }, + "sourceBucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon S3 bucket where your DAG code and supporting files are stored. For example, `arn:aws:s3:::my-airflow-bucket-unique-name` . To learn more, see [Create an Amazon S3 bucket for Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html) ." + }, + "startupScriptS3ObjectVersion": { + "type": "string", + "description": "The version of the startup shell script in your Amazon S3 bucket. You must specify the [version ID](https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html) that Amazon S3 assigns to the file every time you update the script.\n\nVersion IDs are Unicode, UTF-8 encoded, URL-ready, opaque strings that are no more than 1,024 bytes long. The following is an example:\n\n`3sL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo`\n\nFor more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) ." + }, + "startupScriptS3Path": { + "type": "string", + "description": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) ." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "A map of tags for the environment.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MWAA::Environment` for more information about the expected schema for this property." + }, + "webserverAccessMode": { + "$ref": "#/types/aws-native:mwaa:EnvironmentWebserverAccessMode", + "description": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` ." + }, + "weeklyMaintenanceWindowStart": { + "type": "string", + "description": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)" + } + }, + "outputs": { + "airflowConfigurationOptions": { + "$ref": "pulumi.json#/Any", + "description": "Key/value pairs representing Airflow configuration variables.\n Keys are prefixed by their section:\n\n [core]\n dags_folder={AIRFLOW_HOME}/dags\n\n Would be represented as\n\n \"core.dags_folder\": \"{AIRFLOW_HOME}/dags\"\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MWAA::Environment` for more information about the expected schema for this property." + }, + "airflowVersion": { + "type": "string", + "description": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` | `2.8.1` | `2.9.2` (latest)" + }, + "arn": { + "type": "string", + "description": "The ARN for the Amazon MWAA environment." + }, + "celeryExecutorQueue": { + "type": "string", + "description": "The queue ARN for the environment's [Celery Executor](https://docs.aws.amazon.com/https://airflow.apache.org/docs/apache-airflow/stable/core-concepts/executor/celery.html) . Amazon MWAA uses a Celery Executor to distribute tasks across multiple workers. When you create an environment in a shared VPC, you must provide access to the Celery Executor queue from your VPC." + }, + "dagS3Path": { + "type": "string", + "description": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) ." + }, + "databaseVpcEndpointService": { + "type": "string", + "description": "The VPC endpoint for the environment's Amazon RDS database." + }, + "endpointManagement": { + "$ref": "#/types/aws-native:mwaa:EnvironmentEndpointManagement", + "description": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC.", + "replaceOnChanges": true + }, + "environmentClass": { + "type": "string", + "description": "The environment class type. Valid values: `mw1.small` , `mw1.medium` , `mw1.large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) ." + }, + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) ." + }, + "kmsKey": { + "type": "string", + "description": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced).", + "replaceOnChanges": true + }, + "loggingConfiguration": { + "$ref": "#/types/aws-native:mwaa:EnvironmentLoggingConfiguration", + "description": "The Apache Airflow logs being sent to CloudWatch Logs: `DagProcessingLogs` , `SchedulerLogs` , `TaskLogs` , `WebserverLogs` , `WorkerLogs` ." + }, + "maxWebservers": { + "type": "integer", + "description": "The maximum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. For example, in scenarios where your workload requires network calls to the Apache Airflow REST API with a high transaction-per-second (TPS) rate, Amazon MWAA will increase the number of web servers up to the number set in `MaxWebserers` . As TPS rates decrease Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: Accepts between `2` and `5` . Defaults to `2` ." + }, + "maxWorkers": { + "type": "integer", + "description": "The maximum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. For example, `20` . When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the one worker that is included with your environment, or the number you specify in `MinWorkers` ." + }, + "minWebservers": { + "type": "integer", + "description": "The minimum number of web servers that you want to run in your environment. Amazon MWAA scales the number of Apache Airflow web servers up to the number you specify for `MaxWebservers` when you interact with your Apache Airflow environment using Apache Airflow REST API, or the Apache Airflow CLI. As the transaction-per-second rate, and the network load, decrease, Amazon MWAA disposes of the additional web servers, and scales down to the number set in `MinxWebserers` .\n\nValid values: Accepts between `2` and `5` . Defaults to `2` ." + }, + "minWorkers": { + "type": "integer", + "description": "The minimum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the worker count you specify in the `MinWorkers` field. For example, `2` ." + }, + "name": { + "type": "string", + "description": "The name of your Amazon MWAA environment.", + "replaceOnChanges": true + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:mwaa:EnvironmentNetworkConfiguration", + "description": "The VPC networking components used to secure and enable network traffic between the AWS resources for your environment. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) ." + }, + "pluginsS3ObjectVersion": { + "type": "string", + "description": "The version of the plugins.zip file on your Amazon S3 bucket. To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) ." + }, + "pluginsS3Path": { + "type": "string", + "description": "The relative path to the `plugins.zip` file on your Amazon S3 bucket. For example, `plugins.zip` . To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) ." + }, + "requirementsS3ObjectVersion": { + "type": "string", + "description": "The version of the requirements.txt file on your Amazon S3 bucket. To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) ." + }, + "requirementsS3Path": { + "type": "string", + "description": "The relative path to the `requirements.txt` file on your Amazon S3 bucket. For example, `requirements.txt` . To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) ." + }, + "schedulers": { + "type": "integer", + "description": "The number of schedulers that you want to run in your environment. Valid values:\n\n- *v2* - Accepts between 2 to 5. Defaults to 2.\n- *v1* - Accepts 1." + }, + "sourceBucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon S3 bucket where your DAG code and supporting files are stored. For example, `arn:aws:s3:::my-airflow-bucket-unique-name` . To learn more, see [Create an Amazon S3 bucket for Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html) ." + }, + "startupScriptS3ObjectVersion": { + "type": "string", + "description": "The version of the startup shell script in your Amazon S3 bucket. You must specify the [version ID](https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html) that Amazon S3 assigns to the file every time you update the script.\n\nVersion IDs are Unicode, UTF-8 encoded, URL-ready, opaque strings that are no more than 1,024 bytes long. The following is an example:\n\n`3sL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo`\n\nFor more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) ." + }, + "startupScriptS3Path": { + "type": "string", + "description": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) ." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "A map of tags for the environment.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::MWAA::Environment` for more information about the expected schema for this property." + }, + "webserverAccessMode": { + "$ref": "#/types/aws-native:mwaa:EnvironmentWebserverAccessMode", + "description": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` ." + }, + "webserverUrl": { + "type": "string", + "description": "The URL of your Apache Airflow UI." + }, + "webserverVpcEndpointService": { + "type": "string", + "description": "The VPC endpoint for the environment's web server." + }, + "weeklyMaintenanceWindowStart": { + "type": "string", + "description": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "endpointManagement", + "kmsKey", + "name", + "networkConfiguration/SubnetIds" + ], + "irreversibleNames": { + "dagS3Path": "DagS3Path", + "pluginsS3ObjectVersion": "PluginsS3ObjectVersion", + "pluginsS3Path": "PluginsS3Path", + "requirementsS3ObjectVersion": "RequirementsS3ObjectVersion", + "requirementsS3Path": "RequirementsS3Path", + "startupScriptS3ObjectVersion": "StartupScriptS3ObjectVersion", + "startupScriptS3Path": "StartupScriptS3Path" + }, + "tagsProperty": "tags", + "tagsStyle": "untyped" + }, + "aws-native:neptune:DbCluster": { + "cf": "AWS::Neptune::DBCluster", + "inputs": { + "associatedRoles": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:neptune:DbClusterDbClusterRole" + }, + "description": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf." + }, + "availabilityZones": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in." + }, + "backupRetentionPeriod": { + "type": "integer", + "description": "Specifies the number of days for which automatic DB snapshots are retained." + }, + "copyTagsToSnapshot": { + "type": "boolean", + "description": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default behaviour is not to copy them." + }, + "dbClusterIdentifier": { + "type": "string", + "description": "The DB cluster identifier. Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster stored as a lowercase string." + }, + "dbClusterParameterGroupName": { + "type": "string", + "description": "Provides the name of the DB cluster parameter group." + }, + "dbInstanceParameterGroupName": { + "type": "string", + "description": "The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major EngineVersion upgrade request." + }, + "dbPort": { + "type": "integer", + "description": "The port number on which the DB instances in the DB cluster accept connections. \n\nIf not specified, the default port used is `8182`. \n\nNote: `Port` property will soon be deprecated from this resource. Please update existing templates to rename it with new property `DBPort` having same functionalities." + }, + "dbSubnetGroupName": { + "type": "string", + "description": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group." + }, + "deletionProtection": { + "type": "boolean", + "description": "Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled." + }, + "enableCloudwatchLogsExports": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies a list of log types that are enabled for export to CloudWatch Logs." + }, + "engineVersion": { + "type": "string", + "description": "Indicates the database engine version." + }, + "iamAuthEnabled": { + "type": "boolean", + "description": "True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false." + }, + "kmsKeyId": { + "type": "string", + "description": "If `StorageEncrypted` is true, the Amazon KMS key identifier for the encrypted DB cluster." + }, + "preferredBackupWindow": { + "type": "string", + "description": "Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the BackupRetentionPeriod." + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC)." + }, + "restoreToTime": { + "type": "string", + "description": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group." + }, + "restoreType": { + "type": "string", + "description": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group." + }, + "serverlessScalingConfiguration": { + "$ref": "#/types/aws-native:neptune:DbClusterServerlessScalingConfiguration", + "description": "Contains the scaling configuration used by the Neptune Serverless Instances within this DB cluster." + }, + "snapshotIdentifier": { + "type": "string", + "description": "Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot.\n\nAfter you restore a DB cluster using a SnapshotIdentifier, you must specify the same SnapshotIdentifier for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed.\n\nHowever, if you don't specify the SnapshotIdentifier, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the SnapshotIdentifier, and the original DB cluster is deleted." + }, + "sourceDbClusterIdentifier": { + "type": "string", + "description": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group." + }, + "storageEncrypted": { + "type": "boolean", + "description": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `DBClusterIdentifier`, `DBSnapshotIdentifier`, or `SourceDBInstanceIdentifier` property, don't specify this property. The value is inherited from the cluster, snapshot, or source DB instance. If you specify the KmsKeyId property, you must enable encryption.\n\nIf you specify the KmsKeyId, you must enable encryption by setting StorageEncrypted to true." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags assigned to this cluster." + }, + "useLatestRestorableTime": { + "type": "boolean", + "description": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Provides a list of VPC security groups that the DB cluster belongs to." + } + }, + "outputs": { + "associatedRoles": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:neptune:DbClusterDbClusterRole" + }, + "description": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf." + }, + "availabilityZones": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in.", + "replaceOnChanges": true + }, + "backupRetentionPeriod": { + "type": "integer", + "description": "Specifies the number of days for which automatic DB snapshots are retained." + }, + "clusterResourceId": { + "type": "string", + "description": "The resource id for the DB cluster. For example: `cluster-ABCD1234EFGH5678IJKL90MNOP`. The cluster ID uniquely identifies the cluster and is used in things like IAM authentication policies." + }, + "copyTagsToSnapshot": { + "type": "boolean", + "description": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default behaviour is not to copy them." + }, + "dbClusterIdentifier": { + "type": "string", + "description": "The DB cluster identifier. Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster stored as a lowercase string.", + "replaceOnChanges": true + }, + "dbClusterParameterGroupName": { + "type": "string", + "description": "Provides the name of the DB cluster parameter group." + }, + "dbInstanceParameterGroupName": { + "type": "string", + "description": "The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major EngineVersion upgrade request." + }, + "dbPort": { + "type": "integer", + "description": "The port number on which the DB instances in the DB cluster accept connections. \n\nIf not specified, the default port used is `8182`. \n\nNote: `Port` property will soon be deprecated from this resource. Please update existing templates to rename it with new property `DBPort` having same functionalities." + }, + "dbSubnetGroupName": { + "type": "string", + "description": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", + "replaceOnChanges": true + }, + "deletionProtection": { + "type": "boolean", + "description": "Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled." + }, + "enableCloudwatchLogsExports": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies a list of log types that are enabled for export to CloudWatch Logs." + }, + "endpoint": { + "type": "string", + "description": "The connection endpoint for the DB cluster. For example: `mystack-mydbcluster-1apw1j4phylrk.cg034hpkmmjt.us-east-2.rds.amazonaws.com`" + }, + "engineVersion": { + "type": "string", + "description": "Indicates the database engine version." + }, + "iamAuthEnabled": { + "type": "boolean", + "description": "True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false." + }, + "kmsKeyId": { + "type": "string", + "description": "If `StorageEncrypted` is true, the Amazon KMS key identifier for the encrypted DB cluster.", + "replaceOnChanges": true + }, + "port": { + "type": "string", + "description": "The port number on which the DB cluster accepts connections. For example: `8182`." + }, + "preferredBackupWindow": { + "type": "string", + "description": "Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the BackupRetentionPeriod." + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC)." + }, + "readEndpoint": { + "type": "string", + "description": "The reader endpoint for the DB cluster. For example: `mystack-mydbcluster-ro-1apw1j4phylrk.cg034hpkmmjt.us-east-2.rds.amazonaws.com`" + }, + "restoreToTime": { + "type": "string", + "description": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "replaceOnChanges": true + }, + "restoreType": { + "type": "string", + "description": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "replaceOnChanges": true + }, + "serverlessScalingConfiguration": { + "$ref": "#/types/aws-native:neptune:DbClusterServerlessScalingConfiguration", + "description": "Contains the scaling configuration used by the Neptune Serverless Instances within this DB cluster." + }, + "snapshotIdentifier": { + "type": "string", + "description": "Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot.\n\nAfter you restore a DB cluster using a SnapshotIdentifier, you must specify the same SnapshotIdentifier for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed.\n\nHowever, if you don't specify the SnapshotIdentifier, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the SnapshotIdentifier, and the original DB cluster is deleted.", + "replaceOnChanges": true + }, + "sourceDbClusterIdentifier": { + "type": "string", + "description": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "replaceOnChanges": true + }, + "storageEncrypted": { + "type": "boolean", + "description": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `DBClusterIdentifier`, `DBSnapshotIdentifier`, or `SourceDBInstanceIdentifier` property, don't specify this property. The value is inherited from the cluster, snapshot, or source DB instance. If you specify the KmsKeyId property, you must enable encryption.\n\nIf you specify the KmsKeyId, you must enable encryption by setting StorageEncrypted to true.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags assigned to this cluster." + }, + "useLatestRestorableTime": { + "type": "boolean", + "description": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", + "replaceOnChanges": true + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Provides a list of VPC security groups that the DB cluster belongs to." + } + }, + "createOnly": [ + "availabilityZones", + "dbClusterIdentifier", + "dbSubnetGroupName", + "kmsKeyId", + "restoreToTime", + "restoreType", + "snapshotIdentifier", + "sourceDbClusterIdentifier", + "storageEncrypted", + "useLatestRestorableTime" + ], + "writeOnly": [ + "dbInstanceParameterGroupName", + "restoreToTime", + "restoreType", + "snapshotIdentifier", + "sourceDbClusterIdentifier", + "useLatestRestorableTime" + ], + "irreversibleNames": { + "dbClusterIdentifier": "DBClusterIdentifier", + "dbClusterParameterGroupName": "DBClusterParameterGroupName", + "dbInstanceParameterGroupName": "DBInstanceParameterGroupName", + "dbPort": "DBPort", + "dbSubnetGroupName": "DBSubnetGroupName", + "sourceDbClusterIdentifier": "SourceDBClusterIdentifier" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:neptunegraph:Graph": { + "cf": "AWS::NeptuneGraph::Graph", + "inputs": { + "deletionProtection": { + "type": "boolean", + "description": "Value that indicates whether the Graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled.\n\n_Default_: If not specified, the default value is true." + }, + "graphName": { + "type": "string", + "description": "Contains a user-supplied name for the Graph. \n\nIf you don't specify a name, we generate a unique Graph Name using a combination of Stack Name and a UUID comprising of 4 characters.\n\n_Important_: If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "provisionedMemory": { + "type": "integer", + "description": "Memory for the Graph." + }, + "publicConnectivity": { + "type": "boolean", + "description": "Specifies whether the Graph can be reached over the internet. Access to all graphs requires IAM authentication.\n\nWhen the Graph is publicly reachable, its Domain Name System (DNS) endpoint resolves to the public IP address from the internet.\n\nWhen the Graph isn't publicly reachable, you need to create a PrivateGraphEndpoint in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC.\n\n_Default_: If not specified, the default value is false." + }, + "replicaCount": { + "type": "integer", + "description": "Specifies the number of replicas you want when finished. All replicas will be provisioned in different availability zones.\n\nReplica Count should always be less than or equal to 2.\n\n_Default_: If not specified, the default value is 1." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with this graph." + }, + "vectorSearchConfiguration": { + "$ref": "#/types/aws-native:neptunegraph:GraphVectorSearchConfiguration", + "description": "Vector Search Configuration" + } + }, + "outputs": { + "deletionProtection": { + "type": "boolean", + "description": "Value that indicates whether the Graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled.\n\n_Default_: If not specified, the default value is true." + }, + "endpoint": { + "type": "string", + "description": "The connection endpoint for the graph. For example: `g-12a3bcdef4.us-east-1.neptune-graph.amazonaws.com`" + }, + "graphArn": { + "type": "string", + "description": "Graph resource ARN" + }, + "graphId": { + "type": "string", + "description": "The auto-generated id assigned by the service." + }, + "graphName": { + "type": "string", + "description": "Contains a user-supplied name for the Graph. \n\nIf you don't specify a name, we generate a unique Graph Name using a combination of Stack Name and a UUID comprising of 4 characters.\n\n_Important_: If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "provisionedMemory": { + "type": "integer", + "description": "Memory for the Graph." + }, + "publicConnectivity": { + "type": "boolean", + "description": "Specifies whether the Graph can be reached over the internet. Access to all graphs requires IAM authentication.\n\nWhen the Graph is publicly reachable, its Domain Name System (DNS) endpoint resolves to the public IP address from the internet.\n\nWhen the Graph isn't publicly reachable, you need to create a PrivateGraphEndpoint in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC.\n\n_Default_: If not specified, the default value is false." + }, + "replicaCount": { + "type": "integer", + "description": "Specifies the number of replicas you want when finished. All replicas will be provisioned in different availability zones.\n\nReplica Count should always be less than or equal to 2.\n\n_Default_: If not specified, the default value is 1.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags associated with this graph." + }, + "vectorSearchConfiguration": { + "$ref": "#/types/aws-native:neptunegraph:GraphVectorSearchConfiguration", + "description": "Vector Search Configuration", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "graphName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "provisionedMemory" + ], + "createOnly": [ + "graphName", + "replicaCount", + "vectorSearchConfiguration" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:neptunegraph:PrivateGraphEndpoint": { + "cf": "AWS::NeptuneGraph::PrivateGraphEndpoint", + "inputs": { + "graphIdentifier": { + "type": "string", + "description": "The auto-generated Graph Id assigned by the service." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security group Ids associated with the VPC where you want the private graph endpoint to be created, ie, the graph will be reachable from within the VPC." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The subnet Ids associated with the VPC where you want the private graph endpoint to be created, ie, the graph will be reachable from within the VPC." + }, + "vpcId": { + "type": "string", + "description": "The VPC where you want the private graph endpoint to be created, ie, the graph will be reachable from within the VPC." + } + }, + "outputs": { + "graphIdentifier": { + "type": "string", + "description": "The auto-generated Graph Id assigned by the service.", + "replaceOnChanges": true + }, + "privateGraphEndpointIdentifier": { + "type": "string", + "description": "PrivateGraphEndpoint resource identifier generated by concatenating the associated GraphIdentifier and VpcId with an underscore separator.\n\n For example, if GraphIdentifier is `g-12a3bcdef4` and VpcId is `vpc-0a12bc34567de8f90`, the generated PrivateGraphEndpointIdentifier will be `g-12a3bcdef4_vpc-0a12bc34567de8f90`" + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security group Ids associated with the VPC where you want the private graph endpoint to be created, ie, the graph will be reachable from within the VPC.", + "replaceOnChanges": true + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The subnet Ids associated with the VPC where you want the private graph endpoint to be created, ie, the graph will be reachable from within the VPC.", + "replaceOnChanges": true + }, + "vpcEndpointId": { + "type": "string", + "description": "VPC endpoint that provides a private connection between the Graph and specified VPC." + }, + "vpcId": { + "type": "string", + "description": "The VPC where you want the private graph endpoint to be created, ie, the graph will be reachable from within the VPC.", + "replaceOnChanges": true + } + }, + "required": [ + "graphIdentifier", + "vpcId" + ], + "createOnly": [ + "graphIdentifier", + "securityGroupIds", + "subnetIds", + "vpcId" + ], + "writeOnly": [ + "graphIdentifier", + "securityGroupIds" + ] + }, + "aws-native:networkfirewall:Firewall": { + "cf": "AWS::NetworkFirewall::Firewall", + "inputs": { + "deleteProtection": { + "type": "boolean", + "description": "A flag indicating whether it is possible to delete the firewall. A setting of `TRUE` indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to `TRUE` ." + }, + "description": { + "type": "string", + "description": "A description of the firewall." + }, + "firewallName": { + "type": "string", + "description": "The descriptive name of the firewall. You can't change the name of a firewall after you create it." + }, + "firewallPolicyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the firewall policy.\n\nThe relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls." + }, + "firewallPolicyChangeProtection": { + "type": "boolean", + "description": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` ." + }, + "subnetChangeProtection": { + "type": "boolean", + "description": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` ." + }, + "subnetMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:FirewallSubnetMapping" + }, + "description": "The public subnets that Network Firewall is using for the firewall. Each subnet must belong to a different Availability Zone." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "vpcId": { + "type": "string", + "description": "The unique identifier of the VPC where the firewall is in use. You can't change the VPC of a firewall after you create the firewall." + } + }, + "outputs": { + "deleteProtection": { + "type": "boolean", + "description": "A flag indicating whether it is possible to delete the firewall. A setting of `TRUE` indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to `TRUE` ." + }, + "description": { + "type": "string", + "description": "A description of the firewall." + }, + "endpointIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The unique IDs of the firewall endpoints for all of the subnets that you attached to the firewall. The subnets are not listed in any particular order. For example: `[\"us-west-2c:vpce-111122223333\", \"us-west-2a:vpce-987654321098\", \"us-west-2b:vpce-012345678901\"]` ." + }, + "firewallArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the `Firewall` ." + }, + "firewallId": { + "type": "string", + "description": "The name of the `Firewall` resource." + }, + "firewallName": { + "type": "string", + "description": "The descriptive name of the firewall. You can't change the name of a firewall after you create it.", + "replaceOnChanges": true + }, + "firewallPolicyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the firewall policy.\n\nThe relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls." + }, + "firewallPolicyChangeProtection": { + "type": "boolean", + "description": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` ." + }, + "subnetChangeProtection": { + "type": "boolean", + "description": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` ." + }, + "subnetMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:FirewallSubnetMapping" + }, + "description": "The public subnets that Network Firewall is using for the firewall. Each subnet must belong to a different Availability Zone." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "vpcId": { + "type": "string", + "description": "The unique identifier of the VPC where the firewall is in use. You can't change the VPC of a firewall after you create the firewall.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "firewallName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "firewallPolicyArn", + "subnetMappings", + "vpcId" + ], + "createOnly": [ + "firewallName", + "vpcId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkfirewall:FirewallPolicy": { + "cf": "AWS::NetworkFirewall::FirewallPolicy", + "inputs": { + "description": { + "type": "string", + "description": "A description of the firewall policy." + }, + "firewallPolicy": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicy", + "description": "The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.", + "language": { + "csharp": { + "name": "FirewallPolicyValue" + } + } + }, + "firewallPolicyName": { + "type": "string", + "description": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "A description of the firewall policy." + }, + "firewallPolicy": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicy", + "description": "The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.", + "language": { + "csharp": { + "name": "FirewallPolicyValue" + } + } + }, + "firewallPolicyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the `FirewallPolicy` ." + }, + "firewallPolicyId": { + "type": "string", + "description": "The unique ID of the `FirewallPolicy` resource." + }, + "firewallPolicyName": { + "type": "string", + "description": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "firewallPolicyName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "firewallPolicy" + ], + "createOnly": [ + "firewallPolicyName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkfirewall:LoggingConfiguration": { + "cf": "AWS::NetworkFirewall::LoggingConfiguration", + "inputs": { + "firewallArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration." + }, + "firewallName": { + "type": "string", + "description": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration." + }, + "loggingConfiguration": { + "$ref": "#/types/aws-native:networkfirewall:LoggingConfiguration", + "description": "Defines how AWS Network Firewall performs logging for a `Firewall` .", + "language": { + "csharp": { + "name": "LoggingConfigurationValue" + } + } + } + }, + "outputs": { + "firewallArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", + "replaceOnChanges": true + }, + "firewallName": { + "type": "string", + "description": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", + "replaceOnChanges": true + }, + "loggingConfiguration": { + "$ref": "#/types/aws-native:networkfirewall:LoggingConfiguration", + "description": "Defines how AWS Network Firewall performs logging for a `Firewall` .", + "language": { + "csharp": { + "name": "LoggingConfigurationValue" + } + } + } + }, + "required": [ + "firewallArn", + "loggingConfiguration" + ], + "createOnly": [ + "firewallArn", + "firewallName" + ] + }, + "aws-native:networkfirewall:RuleGroup": { + "cf": "AWS::NetworkFirewall::RuleGroup", + "inputs": { + "capacity": { + "type": "integer", + "description": "The maximum operating resources that this rule group can use. You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group." + }, + "description": { + "type": "string", + "description": "A description of the rule group." + }, + "ruleGroup": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroup", + "description": "An object that defines the rule group rules.", + "language": { + "csharp": { + "name": "RuleGroupValue" + } + } + }, + "ruleGroupName": { + "type": "string", + "description": "The descriptive name of the rule group. You can't change the name of a rule group after you create it." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "type": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupTypeEnum", + "description": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains\nstateless rules. If it is stateful, it contains stateful rules." + } + }, + "outputs": { + "capacity": { + "type": "integer", + "description": "The maximum operating resources that this rule group can use. You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "A description of the rule group." + }, + "ruleGroup": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroup", + "description": "An object that defines the rule group rules.", + "language": { + "csharp": { + "name": "RuleGroupValue" + } + } + }, + "ruleGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the `RuleGroup` ." + }, + "ruleGroupId": { + "type": "string", + "description": "The unique ID of the `RuleGroup` resource." + }, + "ruleGroupName": { + "type": "string", + "description": "The descriptive name of the rule group. You can't change the name of a rule group after you create it.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "type": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupTypeEnum", + "description": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains\nstateless rules. If it is stateful, it contains stateful rules.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "ruleGroupName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "capacity", + "type" + ], + "createOnly": [ + "capacity", + "ruleGroupName", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkfirewall:TlsInspectionConfiguration": { + "cf": "AWS::NetworkFirewall::TLSInspectionConfiguration", + "inputs": { + "description": { + "type": "string", + "description": "A description of the TLS inspection configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The key:value pairs to associate with the resource." + }, + "tlsInspectionConfiguration": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationTlsInspectionConfiguration", + "description": "The object that defines a TLS inspection configuration. AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection.html) in the *AWS Network Firewall Developer Guide* .", + "language": { + "csharp": { + "name": "TLSInspectionConfigurationValue" + } + } + }, + "tlsInspectionConfigurationName": { + "type": "string", + "description": "The descriptive name of the TLS inspection configuration. You can't change the name of a TLS inspection configuration after you create it." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "A description of the TLS inspection configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The key:value pairs to associate with the resource." + }, + "tlsInspectionConfiguration": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationTlsInspectionConfiguration", + "description": "The object that defines a TLS inspection configuration. AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection.html) in the *AWS Network Firewall Developer Guide* .", + "language": { + "csharp": { + "name": "TLSInspectionConfigurationValue" + } + } + }, + "tlsInspectionConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the TLS inspection configuration." + }, + "tlsInspectionConfigurationId": { + "type": "string", + "description": "A unique identifier for the TLS inspection configuration. This ID is returned in the responses to create and list commands. You provide it to operations such as update and delete." + }, + "tlsInspectionConfigurationName": { + "type": "string", + "description": "The descriptive name of the TLS inspection configuration. You can't change the name of a TLS inspection configuration after you create it.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "tlsInspectionConfigurationName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "tlsInspectionConfiguration" + ], + "createOnly": [ + "tlsInspectionConfigurationName" + ], + "irreversibleNames": { + "tlsInspectionConfiguration": "TLSInspectionConfiguration", + "tlsInspectionConfigurationArn": "TLSInspectionConfigurationArn", + "tlsInspectionConfigurationId": "TLSInspectionConfigurationId", + "tlsInspectionConfigurationName": "TLSInspectionConfigurationName" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkmanager:ConnectAttachment": { + "cf": "AWS::NetworkManager::ConnectAttachment", + "inputs": { + "coreNetworkId": { + "type": "string", + "description": "ID of the CoreNetwork that the attachment will be attached to." + }, + "edgeLocation": { + "type": "string", + "description": "Edge location of the attachment." + }, + "options": { + "$ref": "#/types/aws-native:networkmanager:ConnectAttachmentOptions", + "description": "Protocol options for connect attachment" + }, + "proposedSegmentChange": { + "$ref": "#/types/aws-native:networkmanager:ConnectAttachmentProposedSegmentChange", + "description": "The attachment to move from one segment to another." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for the attachment." + }, + "transportAttachmentId": { + "type": "string", + "description": "Id of transport attachment" + } + }, + "outputs": { + "attachmentId": { + "type": "string", + "description": "The ID of the attachment." + }, + "attachmentPolicyRuleNumber": { + "type": "integer", + "description": "The policy rule number associated with the attachment." + }, + "attachmentType": { + "type": "string", + "description": "The type of attachment." + }, + "coreNetworkArn": { + "type": "string", + "description": "The ARN of a core network." + }, + "coreNetworkId": { + "type": "string", + "description": "ID of the CoreNetwork that the attachment will be attached to.", + "replaceOnChanges": true + }, + "createdAt": { + "type": "string", + "description": "Creation time of the attachment." + }, + "edgeLocation": { + "type": "string", + "description": "Edge location of the attachment.", + "replaceOnChanges": true + }, + "options": { + "$ref": "#/types/aws-native:networkmanager:ConnectAttachmentOptions", + "description": "Protocol options for connect attachment", + "replaceOnChanges": true + }, + "ownerAccountId": { + "type": "string", + "description": "The ID of the attachment account owner." + }, + "proposedSegmentChange": { + "$ref": "#/types/aws-native:networkmanager:ConnectAttachmentProposedSegmentChange", + "description": "The attachment to move from one segment to another." + }, + "resourceArn": { + "type": "string", + "description": "The attachment resource ARN." + }, + "segmentName": { + "type": "string", + "description": "The name of the segment attachment." + }, + "state": { + "type": "string", + "description": "State of the attachment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for the attachment." + }, + "transportAttachmentId": { + "type": "string", + "description": "Id of transport attachment", + "replaceOnChanges": true + }, + "updatedAt": { + "type": "string", + "description": "Last update time of the attachment." + } + }, + "required": [ + "coreNetworkId", + "edgeLocation", + "options", + "transportAttachmentId" + ], + "createOnly": [ + "coreNetworkId", + "edgeLocation", + "options", + "transportAttachmentId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkmanager:ConnectPeer": { + "cf": "AWS::NetworkManager::ConnectPeer", + "inputs": { + "bgpOptions": { + "$ref": "#/types/aws-native:networkmanager:ConnectPeerBgpOptions", + "description": "Bgp options for connect peer." + }, + "connectAttachmentId": { + "type": "string", + "description": "The ID of the attachment to connect." + }, + "coreNetworkAddress": { + "type": "string", + "description": "The IP address of a core network." + }, + "insideCidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The inside IP addresses used for a Connect peer configuration." + }, + "peerAddress": { + "type": "string", + "description": "The IP address of the Connect peer." + }, + "subnetArn": { + "type": "string", + "description": "The subnet ARN for the connect peer." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "bgpOptions": { + "$ref": "#/types/aws-native:networkmanager:ConnectPeerBgpOptions", + "description": "Bgp options for connect peer.", + "replaceOnChanges": true + }, + "configuration": { + "$ref": "#/types/aws-native:networkmanager:ConnectPeerConfiguration", + "description": "Configuration of the connect peer." + }, + "connectAttachmentId": { + "type": "string", + "description": "The ID of the attachment to connect.", + "replaceOnChanges": true + }, + "connectPeerId": { + "type": "string", + "description": "The ID of the Connect peer." + }, + "coreNetworkAddress": { + "type": "string", + "description": "The IP address of a core network.", + "replaceOnChanges": true + }, + "coreNetworkId": { + "type": "string", + "description": "The ID of the core network." + }, + "createdAt": { + "type": "string", + "description": "Connect peer creation time." + }, + "edgeLocation": { + "type": "string", + "description": "The Connect peer Regions where edges are located." + }, + "insideCidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The inside IP addresses used for a Connect peer configuration.", + "replaceOnChanges": true + }, + "peerAddress": { + "type": "string", + "description": "The IP address of the Connect peer.", + "replaceOnChanges": true + }, + "state": { + "type": "string", + "description": "State of the connect peer." + }, + "subnetArn": { + "type": "string", + "description": "The subnet ARN for the connect peer.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "connectAttachmentId", + "peerAddress" + ], + "createOnly": [ + "bgpOptions", + "connectAttachmentId", + "coreNetworkAddress", + "insideCidrBlocks", + "peerAddress", + "subnetArn" + ], + "writeOnly": [ + "bgpOptions", + "coreNetworkAddress", + "subnetArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkmanager:CoreNetwork": { + "cf": "AWS::NetworkManager::CoreNetwork", + "inputs": { + "description": { + "type": "string", + "description": "The description of core network" + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network that your core network is a part of." + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "Live policy document for the core network, you must provide PolicyDocument in Json Format\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::NetworkManager::CoreNetwork` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the global network." + } + }, + "outputs": { + "coreNetworkArn": { + "type": "string", + "description": "The ARN (Amazon resource name) of core network" + }, + "coreNetworkId": { + "type": "string", + "description": "The Id of core network" + }, + "createdAt": { + "type": "string", + "description": "The creation time of core network" + }, + "description": { + "type": "string", + "description": "The description of core network" + }, + "edges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkmanager:CoreNetworkEdge" + }, + "description": "The edges within a core network." + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network that your core network is a part of.", + "replaceOnChanges": true + }, + "ownerAccount": { + "type": "string", + "description": "Owner of the core network" + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "Live policy document for the core network, you must provide PolicyDocument in Json Format\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::NetworkManager::CoreNetwork` for more information about the expected schema for this property." + }, + "segments": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkmanager:CoreNetworkSegment" + }, + "description": "The segments within a core network." + }, + "state": { + "type": "string", + "description": "The state of core network" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the global network." + } + }, + "required": [ + "globalNetworkId" + ], + "createOnly": [ + "globalNetworkId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkmanager:CustomerGatewayAssociation": { + "cf": "AWS::NetworkManager::CustomerGatewayAssociation", + "inputs": { + "customerGatewayArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the customer gateway." + }, + "deviceId": { + "type": "string", + "description": "The ID of the device" + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network." + }, + "linkId": { + "type": "string", + "description": "The ID of the link" + } + }, + "outputs": { + "customerGatewayArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the customer gateway.", + "replaceOnChanges": true + }, + "deviceId": { + "type": "string", + "description": "The ID of the device", + "replaceOnChanges": true + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network.", + "replaceOnChanges": true + }, + "linkId": { + "type": "string", + "description": "The ID of the link", + "replaceOnChanges": true + } + }, + "required": [ + "customerGatewayArn", + "deviceId", + "globalNetworkId" + ], + "createOnly": [ + "customerGatewayArn", + "deviceId", + "globalNetworkId", + "linkId" + ] + }, + "aws-native:networkmanager:Device": { + "cf": "AWS::NetworkManager::Device", + "inputs": { + "awsLocation": { + "$ref": "#/types/aws-native:networkmanager:DeviceAwsLocation", + "description": "The Amazon Web Services location of the device, if applicable." + }, + "description": { + "type": "string", + "description": "The description of the device." + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network." + }, + "location": { + "$ref": "#/types/aws-native:networkmanager:DeviceLocation", + "description": "The site location." + }, + "model": { + "type": "string", + "description": "The device model" + }, + "serialNumber": { + "type": "string", + "description": "The device serial number." + }, + "siteId": { + "type": "string", + "description": "The site ID." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the device." + }, + "type": { + "type": "string", + "description": "The device type." + }, + "vendor": { + "type": "string", + "description": "The device vendor." + } + }, + "outputs": { + "awsLocation": { + "$ref": "#/types/aws-native:networkmanager:DeviceAwsLocation", + "description": "The Amazon Web Services location of the device, if applicable." + }, + "createdAt": { + "type": "string", + "description": "The date and time that the device was created." + }, + "description": { + "type": "string", + "description": "The description of the device." + }, + "deviceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the device." + }, + "deviceId": { + "type": "string", + "description": "The ID of the device." + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network.", + "replaceOnChanges": true + }, + "location": { + "$ref": "#/types/aws-native:networkmanager:DeviceLocation", + "description": "The site location." + }, + "model": { + "type": "string", + "description": "The device model" + }, + "serialNumber": { + "type": "string", + "description": "The device serial number." + }, + "siteId": { + "type": "string", + "description": "The site ID." + }, + "state": { + "type": "string", + "description": "The state of the device." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the device." + }, + "type": { + "type": "string", + "description": "The device type." + }, + "vendor": { + "type": "string", + "description": "The device vendor." + } + }, + "required": [ + "globalNetworkId" + ], + "createOnly": [ + "globalNetworkId" + ], + "irreversibleNames": { + "awsLocation": "AWSLocation" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkmanager:GlobalNetwork": { + "cf": "AWS::NetworkManager::GlobalNetwork", + "inputs": { + "createdAt": { + "type": "string", + "description": "The date and time that the global network was created." + }, + "description": { + "type": "string", + "description": "The description of the global network." + }, + "state": { + "type": "string", + "description": "The state of the global network." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the global network." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the global network." + }, + "awsId": { + "type": "string", + "description": "The ID of the global network." + }, + "createdAt": { + "type": "string", + "description": "The date and time that the global network was created." + }, + "description": { + "type": "string", + "description": "The description of the global network." + }, + "state": { + "type": "string", + "description": "The state of the global network." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the global network." + } + }, + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkmanager:Link": { + "cf": "AWS::NetworkManager::Link", + "inputs": { + "bandwidth": { + "$ref": "#/types/aws-native:networkmanager:LinkBandwidth", + "description": "The Bandwidth for the link." + }, + "description": { + "type": "string", + "description": "The description of the link." + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network." + }, + "provider": { + "type": "string", + "description": "The provider of the link." + }, + "siteId": { + "type": "string", + "description": "The ID of the site" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the link." + }, + "type": { + "type": "string", + "description": "The type of the link." + } + }, + "outputs": { + "bandwidth": { + "$ref": "#/types/aws-native:networkmanager:LinkBandwidth", + "description": "The Bandwidth for the link." + }, + "createdAt": { + "type": "string", + "description": "The date and time that the device was created." + }, + "description": { + "type": "string", + "description": "The description of the link." + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network.", + "replaceOnChanges": true + }, + "linkArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the link." + }, + "linkId": { + "type": "string", + "description": "The ID of the link." + }, + "provider": { + "type": "string", + "description": "The provider of the link." + }, + "siteId": { + "type": "string", + "description": "The ID of the site", + "replaceOnChanges": true + }, + "state": { + "type": "string", + "description": "The state of the link." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the link." + }, + "type": { + "type": "string", + "description": "The type of the link." + } + }, + "required": [ + "bandwidth", + "globalNetworkId", + "siteId" + ], + "createOnly": [ + "globalNetworkId", + "siteId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkmanager:LinkAssociation": { + "cf": "AWS::NetworkManager::LinkAssociation", + "inputs": { + "deviceId": { + "type": "string", + "description": "The ID of the device" + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network." + }, + "linkId": { + "type": "string", + "description": "The ID of the link" + } + }, + "outputs": { + "deviceId": { + "type": "string", + "description": "The ID of the device", + "replaceOnChanges": true + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network.", + "replaceOnChanges": true + }, + "linkId": { + "type": "string", + "description": "The ID of the link", + "replaceOnChanges": true + } + }, + "required": [ + "deviceId", + "globalNetworkId", + "linkId" + ], + "createOnly": [ + "deviceId", + "globalNetworkId", + "linkId" + ] + }, + "aws-native:networkmanager:Site": { + "cf": "AWS::NetworkManager::Site", + "inputs": { + "description": { + "type": "string", + "description": "The description of the site." + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network." + }, + "location": { + "$ref": "#/types/aws-native:networkmanager:SiteLocation", + "description": "The location of the site." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the site." + } + }, + "outputs": { + "createdAt": { + "type": "string", + "description": "The date and time that the device was created." + }, + "description": { + "type": "string", + "description": "The description of the site." + }, + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network.", + "replaceOnChanges": true + }, + "location": { + "$ref": "#/types/aws-native:networkmanager:SiteLocation", + "description": "The location of the site." + }, + "siteArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the site." + }, + "siteId": { + "type": "string", + "description": "The ID of the site." + }, + "state": { + "type": "string", + "description": "The state of the site." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the site." + } + }, + "required": [ + "globalNetworkId" + ], + "createOnly": [ + "globalNetworkId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkmanager:SiteToSiteVpnAttachment": { + "cf": "AWS::NetworkManager::SiteToSiteVpnAttachment", + "inputs": { + "coreNetworkId": { + "type": "string", + "description": "The ID of a core network where you're creating a site-to-site VPN attachment." + }, + "proposedSegmentChange": { + "$ref": "#/types/aws-native:networkmanager:SiteToSiteVpnAttachmentProposedSegmentChange", + "description": "The attachment to move from one segment to another." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for the attachment." + }, + "vpnConnectionArn": { + "type": "string", + "description": "The ARN of the site-to-site VPN attachment." + } + }, + "outputs": { + "attachmentId": { + "type": "string", + "description": "The ID of the attachment." + }, + "attachmentPolicyRuleNumber": { + "type": "integer", + "description": "The policy rule number associated with the attachment." + }, + "attachmentType": { + "type": "string", + "description": "The type of attachment." + }, + "coreNetworkArn": { + "type": "string", + "description": "The ARN of a core network for the VPC attachment." + }, + "coreNetworkId": { + "type": "string", + "description": "The ID of a core network where you're creating a site-to-site VPN attachment.", + "replaceOnChanges": true + }, + "createdAt": { + "type": "string", + "description": "Creation time of the attachment." + }, + "edgeLocation": { + "type": "string", + "description": "The Region where the edge is located." + }, + "ownerAccountId": { + "type": "string", + "description": "Owner account of the attachment." + }, + "proposedSegmentChange": { + "$ref": "#/types/aws-native:networkmanager:SiteToSiteVpnAttachmentProposedSegmentChange", + "description": "The attachment to move from one segment to another." + }, + "resourceArn": { + "type": "string", + "description": "The ARN of the Resource." + }, + "segmentName": { + "type": "string", + "description": "The name of the segment that attachment is in." + }, + "state": { + "type": "string", + "description": "The state of the attachment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for the attachment." + }, + "updatedAt": { + "type": "string", + "description": "Last update time of the attachment." + }, + "vpnConnectionArn": { + "type": "string", + "description": "The ARN of the site-to-site VPN attachment.", + "replaceOnChanges": true + } + }, + "required": [ + "coreNetworkId", + "vpnConnectionArn" + ], + "createOnly": [ + "coreNetworkId", + "vpnConnectionArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkmanager:TransitGatewayPeering": { + "cf": "AWS::NetworkManager::TransitGatewayPeering", + "inputs": { + "coreNetworkId": { + "type": "string", + "description": "The Id of the core network that you want to peer a transit gateway to." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "transitGatewayArn": { + "type": "string", + "description": "The ARN (Amazon Resource Name) of the transit gateway that you will peer to a core network" + } + }, + "outputs": { + "coreNetworkArn": { + "type": "string", + "description": "The ARN (Amazon Resource Name) of the core network that you want to peer a transit gateway to." + }, + "coreNetworkId": { + "type": "string", + "description": "The Id of the core network that you want to peer a transit gateway to.", + "replaceOnChanges": true + }, + "createdAt": { + "type": "string", + "description": "The creation time of the transit gateway peering" + }, + "edgeLocation": { + "type": "string", + "description": "The location of the transit gateway peering" + }, + "ownerAccountId": { + "type": "string", + "description": "Peering owner account Id" + }, + "peeringId": { + "type": "string", + "description": "The Id of the transit gateway peering" + }, + "peeringType": { + "type": "string", + "description": "Peering type (TransitGatewayPeering)" + }, + "resourceArn": { + "type": "string", + "description": "The ARN (Amazon Resource Name) of the resource that you will peer to a core network" + }, + "state": { + "type": "string", + "description": "The state of the transit gateway peering" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "transitGatewayArn": { + "type": "string", + "description": "The ARN (Amazon Resource Name) of the transit gateway that you will peer to a core network", + "replaceOnChanges": true + }, + "transitGatewayPeeringAttachmentId": { + "type": "string", + "description": "The ID of the TransitGatewayPeeringAttachment" + } + }, + "required": [ + "coreNetworkId", + "transitGatewayArn" + ], + "createOnly": [ + "coreNetworkId", + "transitGatewayArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkmanager:TransitGatewayRegistration": { + "cf": "AWS::NetworkManager::TransitGatewayRegistration", + "inputs": { + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network." + }, + "transitGatewayArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the transit gateway." + } + }, + "outputs": { + "globalNetworkId": { + "type": "string", + "description": "The ID of the global network.", + "replaceOnChanges": true + }, + "transitGatewayArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the transit gateway.", + "replaceOnChanges": true + } + }, + "required": [ + "globalNetworkId", + "transitGatewayArn" + ], + "createOnly": [ + "globalNetworkId", + "transitGatewayArn" + ] + }, + "aws-native:networkmanager:TransitGatewayRouteTableAttachment": { + "cf": "AWS::NetworkManager::TransitGatewayRouteTableAttachment", + "inputs": { + "peeringId": { + "type": "string", + "description": "The Id of peering between transit gateway and core network." + }, + "proposedSegmentChange": { + "$ref": "#/types/aws-native:networkmanager:TransitGatewayRouteTableAttachmentProposedSegmentChange", + "description": "The attachment to move from one segment to another." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "transitGatewayRouteTableArn": { + "type": "string", + "description": "The Arn of transit gateway route table." + } + }, + "outputs": { + "attachmentId": { + "type": "string", + "description": "The ID of the attachment." + }, + "attachmentPolicyRuleNumber": { + "type": "integer", + "description": "The policy rule number associated with the attachment." + }, + "attachmentType": { + "type": "string", + "description": "The type of attachment." + }, + "coreNetworkArn": { + "type": "string", + "description": "The ARN of a core network for the VPC attachment." + }, + "coreNetworkId": { + "type": "string", + "description": "The ID of a core network where you're creating a site-to-site VPN attachment." + }, + "createdAt": { + "type": "string", + "description": "Creation time of the attachment." + }, + "edgeLocation": { + "type": "string", + "description": "The Region where the edge is located." + }, + "ownerAccountId": { + "type": "string", + "description": "Owner account of the attachment." + }, + "peeringId": { + "type": "string", + "description": "The Id of peering between transit gateway and core network.", + "replaceOnChanges": true + }, + "proposedSegmentChange": { + "$ref": "#/types/aws-native:networkmanager:TransitGatewayRouteTableAttachmentProposedSegmentChange", + "description": "The attachment to move from one segment to another." + }, + "resourceArn": { + "type": "string", + "description": "The ARN of the Resource." + }, + "segmentName": { + "type": "string", + "description": "The name of the segment that attachment is in." + }, + "state": { + "type": "string", + "description": "The state of the attachment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "transitGatewayRouteTableArn": { + "type": "string", + "description": "The Arn of transit gateway route table.", + "replaceOnChanges": true + }, + "updatedAt": { + "type": "string", + "description": "Last update time of the attachment." + } + }, + "required": [ + "peeringId", + "transitGatewayRouteTableArn" + ], + "createOnly": [ + "peeringId", + "transitGatewayRouteTableArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:networkmanager:VpcAttachment": { + "cf": "AWS::NetworkManager::VpcAttachment", + "inputs": { + "coreNetworkId": { + "type": "string", + "description": "The ID of a core network for the VPC attachment." + }, + "options": { + "$ref": "#/types/aws-native:networkmanager:VpcAttachmentVpcOptions", + "description": "Vpc options of the attachment." + }, + "proposedSegmentChange": { + "$ref": "#/types/aws-native:networkmanager:VpcAttachmentProposedSegmentChange", + "description": "The attachment to move from one segment to another." + }, + "subnetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Subnet Arn list" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for the attachment." + }, + "vpcArn": { + "type": "string", + "description": "The ARN of the VPC." + } + }, + "outputs": { + "attachmentId": { + "type": "string", + "description": "Id of the attachment." + }, + "attachmentPolicyRuleNumber": { + "type": "integer", + "description": "The policy rule number associated with the attachment." + }, + "attachmentType": { + "type": "string", + "description": "Attachment type." + }, + "coreNetworkArn": { + "type": "string", + "description": "The ARN of a core network for the VPC attachment." + }, + "coreNetworkId": { + "type": "string", + "description": "The ID of a core network for the VPC attachment.", + "replaceOnChanges": true + }, + "createdAt": { + "type": "string", + "description": "Creation time of the attachment." + }, + "edgeLocation": { + "type": "string", + "description": "The Region where the edge is located." + }, + "options": { + "$ref": "#/types/aws-native:networkmanager:VpcAttachmentVpcOptions", + "description": "Vpc options of the attachment." + }, + "ownerAccountId": { + "type": "string", + "description": "Owner account of the attachment." + }, + "proposedSegmentChange": { + "$ref": "#/types/aws-native:networkmanager:VpcAttachmentProposedSegmentChange", + "description": "The attachment to move from one segment to another." + }, + "resourceArn": { + "type": "string", + "description": "The ARN of the Resource." + }, + "segmentName": { + "type": "string", + "description": "The name of the segment attachment.." + }, + "state": { + "type": "string", + "description": "State of the attachment." + }, + "subnetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Subnet Arn list" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for the attachment." + }, + "updatedAt": { + "type": "string", + "description": "Last update time of the attachment." + }, + "vpcArn": { + "type": "string", + "description": "The ARN of the VPC.", + "replaceOnChanges": true + } + }, + "required": [ + "coreNetworkId", + "subnetArns", + "vpcArn" + ], + "createOnly": [ + "coreNetworkId", + "vpcArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:nimblestudio:LaunchProfile": { + "cf": "AWS::NimbleStudio::LaunchProfile", + "inputs": { + "description": { + "type": "string", + "description": "\u003cp\u003eThe description.\u003c/p\u003e" + }, + "ec2SubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eSpecifies the IDs of the EC2 subnets where streaming sessions will be accessible from.\n These subnets must support the specified instance types. \u003c/p\u003e" + }, + "launchProfileProtocolVersions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe version number of the protocol that is used by the launch profile. The only valid\n version is \"2021-03-31\".\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe name for the launch profile.\u003c/p\u003e" + }, + "streamConfiguration": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileStreamConfiguration", + "description": "A configuration for a streaming session." + }, + "studioComponentIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eUnique identifiers for a collection of studio components that can be used with this\n launch profile.\u003c/p\u003e" + }, + "studioId": { + "type": "string", + "description": "\u003cp\u003eThe studio ID. \u003c/p\u003e" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "\u003cp\u003eThe description.\u003c/p\u003e" + }, + "ec2SubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eSpecifies the IDs of the EC2 subnets where streaming sessions will be accessible from.\n These subnets must support the specified instance types. \u003c/p\u003e", + "replaceOnChanges": true + }, + "launchProfileId": { + "type": "string", + "description": "The unique identifier for the launch profile resource." + }, + "launchProfileProtocolVersions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe version number of the protocol that is used by the launch profile. The only valid\n version is \"2021-03-31\".\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe name for the launch profile.\u003c/p\u003e" + }, + "streamConfiguration": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileStreamConfiguration", + "description": "A configuration for a streaming session." + }, + "studioComponentIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eUnique identifiers for a collection of studio components that can be used with this\n launch profile.\u003c/p\u003e" + }, + "studioId": { + "type": "string", + "description": "\u003cp\u003eThe studio ID. \u003c/p\u003e", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "ec2SubnetIds", + "launchProfileProtocolVersions", + "streamConfiguration", + "studioComponentIds", + "studioId" + ], + "createOnly": [ + "ec2SubnetIds", + "studioId", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:nimblestudio:StreamingImage": { + "cf": "AWS::NimbleStudio::StreamingImage", + "inputs": { + "description": { + "type": "string", + "description": "\u003cp\u003eA human-readable description of the streaming image.\u003c/p\u003e" + }, + "ec2ImageId": { + "type": "string", + "description": "\u003cp\u003eThe ID of an EC2 machine image with which to create this streaming image.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eA friendly name for a streaming image resource.\u003c/p\u003e" + }, + "studioId": { + "type": "string", + "description": "\u003cp\u003eThe studioId. \u003c/p\u003e" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "\u003cp\u003eA human-readable description of the streaming image.\u003c/p\u003e" + }, + "ec2ImageId": { + "type": "string", + "description": "\u003cp\u003eThe ID of an EC2 machine image with which to create this streaming image.\u003c/p\u003e", + "replaceOnChanges": true + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:nimblestudio:StreamingImageEncryptionConfiguration" + }, + "eulaIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe list of EULAs that must be accepted before a Streaming Session can be started using this streaming image.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eA friendly name for a streaming image resource.\u003c/p\u003e" + }, + "owner": { + "type": "string", + "description": "\u003cp\u003eThe owner of the streaming image, either the studioId that contains the streaming image, or 'amazon' for images that are provided by Amazon Nimble Studio.\u003c/p\u003e" + }, + "platform": { + "type": "string", + "description": "\u003cp\u003eThe platform of the streaming image, either WINDOWS or LINUX.\u003c/p\u003e" + }, + "streamingImageId": { + "type": "string", + "description": "The unique identifier for the streaming image resource." + }, + "studioId": { + "type": "string", + "description": "\u003cp\u003eThe studioId. \u003c/p\u003e", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 64 + }, + "required": [ + "ec2ImageId", + "studioId" + ], + "createOnly": [ + "ec2ImageId", + "studioId", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:nimblestudio:Studio": { + "cf": "AWS::NimbleStudio::Studio", + "inputs": { + "adminRoleArn": { + "type": "string", + "description": "\u003cp\u003eThe IAM role that Studio Admins will assume when logging in to the Nimble Studio portal.\u003c/p\u003e" + }, + "displayName": { + "type": "string", + "description": "\u003cp\u003eA friendly name for the studio.\u003c/p\u003e" + }, + "studioEncryptionConfiguration": { + "$ref": "#/types/aws-native:nimblestudio:StudioEncryptionConfiguration", + "description": "Configuration of the encryption method that is used for the studio." + }, + "studioName": { + "type": "string", + "description": "\u003cp\u003eThe studio name that is used in the URL of the Nimble Studio portal when accessed by Nimble Studio users.\u003c/p\u003e" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "userRoleArn": { + "type": "string", + "description": "\u003cp\u003eThe IAM role that Studio Users will assume when logging in to the Nimble Studio portal.\u003c/p\u003e" + } + }, + "outputs": { + "adminRoleArn": { + "type": "string", + "description": "\u003cp\u003eThe IAM role that Studio Admins will assume when logging in to the Nimble Studio portal.\u003c/p\u003e" + }, + "displayName": { + "type": "string", + "description": "\u003cp\u003eA friendly name for the studio.\u003c/p\u003e" + }, + "homeRegion": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Web Services Region where the studio resource is located.\u003c/p\u003e" + }, + "ssoClientId": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Web Services SSO application client ID used to integrate with Amazon Web Services SSO to enable Amazon Web Services SSO users to log in to Nimble Studio portal.\u003c/p\u003e" + }, + "studioEncryptionConfiguration": { + "$ref": "#/types/aws-native:nimblestudio:StudioEncryptionConfiguration", + "description": "Configuration of the encryption method that is used for the studio." + }, + "studioId": { + "type": "string", + "description": "The unique identifier for the studio resource." + }, + "studioName": { + "type": "string", + "description": "\u003cp\u003eThe studio name that is used in the URL of the Nimble Studio portal when accessed by Nimble Studio users.\u003c/p\u003e", + "replaceOnChanges": true + }, + "studioUrl": { + "type": "string", + "description": "\u003cp\u003eThe address of the web page for the studio.\u003c/p\u003e" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "replaceOnChanges": true + }, + "userRoleArn": { + "type": "string", + "description": "\u003cp\u003eThe IAM role that Studio Users will assume when logging in to the Nimble Studio portal.\u003c/p\u003e" + } + }, + "autoNamingSpec": { + "sdkName": "studioName", + "minLength": 3, + "maxLength": 64 + }, + "required": [ + "adminRoleArn", + "displayName", + "userRoleArn" + ], + "createOnly": [ + "studioName", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:nimblestudio:StudioComponent": { + "cf": "AWS::NimbleStudio::StudioComponent", + "inputs": { + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentConfiguration1Properties" + }, + { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentConfiguration2Properties" + }, + { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentConfiguration3Properties" + } + ], + "description": "The configuration of the studio component, based on component type." + }, + "description": { + "type": "string", + "description": "\u003cp\u003eThe description.\u003c/p\u003e" + }, + "ec2SecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe EC2 security groups that control access to the studio component.\u003c/p\u003e" + }, + "initializationScripts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentInitializationScript" + }, + "description": "\u003cp\u003eInitialization scripts for studio components.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe name for the studio component.\u003c/p\u003e" + }, + "runtimeRoleArn": { + "type": "string", + "description": "An IAM role attached to a Studio Component that gives the studio component access to AWS resources at anytime while the instance is running." + }, + "scriptParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentScriptParameterKeyValue" + }, + "description": "\u003cp\u003eParameters for the studio component scripts.\u003c/p\u003e" + }, + "secureInitializationRoleArn": { + "type": "string", + "description": "An IAM role attached to Studio Component when the system initialization script runs which give the studio component access to AWS resources when the system initialization script runs." + }, + "studioId": { + "type": "string", + "description": "\u003cp\u003eThe studio ID. \u003c/p\u003e" + }, + "subtype": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentSubtype", + "description": "The specific subtype of a studio component." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "type": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentType", + "description": "The type of the studio component." + } + }, + "outputs": { + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentConfiguration1Properties" + }, + { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentConfiguration2Properties" + }, + { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentConfiguration3Properties" + } + ], + "description": "The configuration of the studio component, based on component type." + }, + "description": { + "type": "string", + "description": "\u003cp\u003eThe description.\u003c/p\u003e" + }, + "ec2SecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe EC2 security groups that control access to the studio component.\u003c/p\u003e" + }, + "initializationScripts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentInitializationScript" + }, + "description": "\u003cp\u003eInitialization scripts for studio components.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe name for the studio component.\u003c/p\u003e" + }, + "runtimeRoleArn": { + "type": "string", + "description": "An IAM role attached to a Studio Component that gives the studio component access to AWS resources at anytime while the instance is running." + }, + "scriptParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentScriptParameterKeyValue" + }, + "description": "\u003cp\u003eParameters for the studio component scripts.\u003c/p\u003e" + }, + "secureInitializationRoleArn": { + "type": "string", + "description": "An IAM role attached to Studio Component when the system initialization script runs which give the studio component access to AWS resources when the system initialization script runs." + }, + "studioComponentId": { + "type": "string", + "description": "The unique identifier for the studio component resource." + }, + "studioId": { + "type": "string", + "description": "\u003cp\u003eThe studio ID. \u003c/p\u003e", + "replaceOnChanges": true + }, + "subtype": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentSubtype", + "description": "The specific subtype of a studio component.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", + "replaceOnChanges": true + }, + "type": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentType", + "description": "The type of the studio component." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 64 + }, + "required": [ + "studioId", + "type" + ], + "createOnly": [ + "studioId", + "subtype", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:oam:Link": { + "cf": "AWS::Oam::Link", + "inputs": { + "labelTemplate": { + "type": "string", + "description": "Specify a friendly human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n\nYou can include the following variables in your template:\n\n- `$AccountName` is the name of the account\n- `$AccountEmail` is a globally-unique email address, which includes the email domain, such as `mariagarcia@example.com`\n- `$AccountEmailNoDomain` is an email address without the domain name, such as `mariagarcia`" + }, + "linkConfiguration": { + "$ref": "#/types/aws-native:oam:LinkConfiguration", + "description": "Use this structure to optionally create filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account." + }, + "resourceTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:oam:LinkResourceType" + }, + "description": "An array of strings that define which types of data that the source account shares with the monitoring account. Valid values are `AWS::CloudWatch::Metric | AWS::Logs::LogGroup | AWS::XRay::Trace | AWS::ApplicationInsights::Application | AWS::InternetMonitor::Monitor` ." + }, + "sinkIdentifier": { + "type": "string", + "description": "The ARN of the sink in the monitoring account that you want to link to. You can use [ListSinks](https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html) to find the ARNs of sinks." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags to apply to the link" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the link. For example, `arn:aws:oam:us-west-1:111111111111:link:abcd1234-a123-456a-a12b-a123b456c789`" + }, + "label": { + "type": "string", + "description": "The friendly human-readable name used to identify this source account when it is viewed from the monitoring account. For example, `my-account1` ." + }, + "labelTemplate": { + "type": "string", + "description": "Specify a friendly human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n\nYou can include the following variables in your template:\n\n- `$AccountName` is the name of the account\n- `$AccountEmail` is a globally-unique email address, which includes the email domain, such as `mariagarcia@example.com`\n- `$AccountEmailNoDomain` is an email address without the domain name, such as `mariagarcia`", + "replaceOnChanges": true + }, + "linkConfiguration": { + "$ref": "#/types/aws-native:oam:LinkConfiguration", + "description": "Use this structure to optionally create filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account." + }, + "resourceTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:oam:LinkResourceType" + }, + "description": "An array of strings that define which types of data that the source account shares with the monitoring account. Valid values are `AWS::CloudWatch::Metric | AWS::Logs::LogGroup | AWS::XRay::Trace | AWS::ApplicationInsights::Application | AWS::InternetMonitor::Monitor` ." + }, + "sinkIdentifier": { + "type": "string", + "description": "The ARN of the sink in the monitoring account that you want to link to. You can use [ListSinks](https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html) to find the ARNs of sinks.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags to apply to the link" + } + }, + "required": [ + "resourceTypes", + "sinkIdentifier" + ], + "createOnly": [ + "labelTemplate", + "sinkIdentifier" + ], + "writeOnly": [ + "labelTemplate" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:oam:Sink": { + "cf": "AWS::Oam::Sink", + "inputs": { + "name": { + "type": "string", + "description": "The name of the ObservabilityAccessManager Sink." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The policy of this ObservabilityAccessManager Sink.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Oam::Sink` for more information about the expected schema for this property." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags to apply to the sink" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon resource name (ARN) of the ObservabilityAccessManager Sink" + }, + "name": { + "type": "string", + "description": "The name of the ObservabilityAccessManager Sink.", + "replaceOnChanges": true + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The policy of this ObservabilityAccessManager Sink.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Oam::Sink` for more information about the expected schema for this property." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags to apply to the sink" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:omics:AnnotationStore": { + "cf": "AWS::Omics::AnnotationStore", + "inputs": { + "description": { + "type": "string", + "description": "A description for the store." + }, + "name": { + "type": "string", + "description": "The name of the Annotation Store." + }, + "reference": { + "$ref": "#/types/aws-native:omics:AnnotationStoreReferenceItem", + "description": "The genome reference for the store's annotations." + }, + "sseConfig": { + "$ref": "#/types/aws-native:omics:AnnotationStoreSseConfig", + "description": "The store's server-side encryption (SSE) settings." + }, + "storeFormat": { + "$ref": "#/types/aws-native:omics:AnnotationStoreStoreFormat", + "description": "The annotation file format of the store." + }, + "storeOptions": { + "$ref": "#/types/aws-native:omics:AnnotationStoreStoreOptionsProperties", + "description": "File parsing options for the annotation store." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the store." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The store's ID." + }, + "creationTime": { + "type": "string", + "description": "When the store was created." + }, + "description": { + "type": "string", + "description": "A description for the store." + }, + "name": { + "type": "string", + "description": "The name of the Annotation Store.", + "replaceOnChanges": true + }, + "reference": { + "$ref": "#/types/aws-native:omics:AnnotationStoreReferenceItem", + "description": "The genome reference for the store's annotations.", + "replaceOnChanges": true + }, + "sseConfig": { + "$ref": "#/types/aws-native:omics:AnnotationStoreSseConfig", + "description": "The store's server-side encryption (SSE) settings.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:omics:AnnotationStoreStoreStatus", + "description": "The store's status." + }, + "statusMessage": { + "type": "string", + "description": "The store's status message." + }, + "storeArn": { + "type": "string", + "description": "The store's ARN." + }, + "storeFormat": { + "$ref": "#/types/aws-native:omics:AnnotationStoreStoreFormat", + "description": "The annotation file format of the store.", + "replaceOnChanges": true + }, + "storeOptions": { + "$ref": "#/types/aws-native:omics:AnnotationStoreStoreOptionsProperties", + "description": "File parsing options for the annotation store.", + "replaceOnChanges": true + }, + "storeSizeBytes": { + "type": "number", + "description": "The store's size in bytes." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the store.", + "replaceOnChanges": true + }, + "updateTime": { + "type": "string", + "description": "When the store was updated." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "storeFormat" + ], + "createOnly": [ + "name", + "reference", + "sseConfig", + "storeFormat", + "storeOptions", + "tags" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:omics:ReferenceStore": { + "cf": "AWS::Omics::ReferenceStore", + "inputs": { + "description": { + "type": "string", + "description": "A description for the store." + }, + "name": { + "type": "string", + "description": "A name for the store." + }, + "sseConfig": { + "$ref": "#/types/aws-native:omics:ReferenceStoreSseConfig", + "description": "Server-side encryption (SSE) settings for the store." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the store." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The store's ARN." + }, + "creationTime": { + "type": "string", + "description": "When the store was created." + }, + "description": { + "type": "string", + "description": "A description for the store.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "A name for the store.", + "replaceOnChanges": true + }, + "referenceStoreId": { + "type": "string", + "description": "The store's ID." + }, + "sseConfig": { + "$ref": "#/types/aws-native:omics:ReferenceStoreSseConfig", + "description": "Server-side encryption (SSE) settings for the store.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the store.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "createOnly": [ + "description", + "name", + "sseConfig", + "tags" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:omics:RunGroup": { + "cf": "AWS::Omics::RunGroup", + "inputs": { + "maxCpus": { + "type": "number", + "description": "The group's maximum CPU count setting." + }, + "maxDuration": { + "type": "number", + "description": "The group's maximum duration setting in minutes." + }, + "maxGpus": { + "type": "number", + "description": "The maximum GPUs that can be used by a run group." + }, + "maxRuns": { + "type": "number", + "description": "The group's maximum concurrent run setting." + }, + "name": { + "type": "string", + "description": "The group's name." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The run group's ARN." + }, + "awsId": { + "type": "string", + "description": "The run group's ID." + }, + "creationTime": { + "type": "string", + "description": "When the run group was created." + }, + "maxCpus": { + "type": "number", + "description": "The group's maximum CPU count setting." + }, + "maxDuration": { + "type": "number", + "description": "The group's maximum duration setting in minutes." + }, + "maxGpus": { + "type": "number", + "description": "The maximum GPUs that can be used by a run group." + }, + "maxRuns": { + "type": "number", + "description": "The group's maximum concurrent run setting." + }, + "name": { + "type": "string", + "description": "The group's name." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the group." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:omics:SequenceStore": { + "cf": "AWS::Omics::SequenceStore", + "inputs": { + "description": { + "type": "string", + "description": "A description for the store." + }, + "fallbackLocation": { + "type": "string", + "description": "An S3 URI representing the bucket and folder to store failed read set uploads." + }, + "name": { + "type": "string", + "description": "A name for the store." + }, + "sseConfig": { + "$ref": "#/types/aws-native:omics:SequenceStoreSseConfig", + "description": "Server-side encryption (SSE) settings for the store." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the store." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The store's ARN." + }, + "creationTime": { + "type": "string", + "description": "When the store was created." + }, + "description": { + "type": "string", + "description": "A description for the store.", + "replaceOnChanges": true + }, + "fallbackLocation": { + "type": "string", + "description": "An S3 URI representing the bucket and folder to store failed read set uploads.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "A name for the store.", + "replaceOnChanges": true + }, + "sequenceStoreId": { + "type": "string", + "description": "The store's ID." + }, + "sseConfig": { + "$ref": "#/types/aws-native:omics:SequenceStoreSseConfig", + "description": "Server-side encryption (SSE) settings for the store.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the store.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 127 + }, + "createOnly": [ + "description", + "fallbackLocation", + "name", + "sseConfig", + "tags" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:omics:VariantStore": { + "cf": "AWS::Omics::VariantStore", + "inputs": { + "description": { + "type": "string", + "description": "A description for the store." + }, + "name": { + "type": "string", + "description": "A name for the store." + }, + "reference": { + "$ref": "#/types/aws-native:omics:VariantStoreReferenceItem", + "description": "The genome reference for the store's variants." + }, + "sseConfig": { + "$ref": "#/types/aws-native:omics:VariantStoreSseConfig", + "description": "Server-side encryption (SSE) settings for the store." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the store." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The store's ID." + }, + "creationTime": { + "type": "string", + "description": "When the store was created." + }, + "description": { + "type": "string", + "description": "A description for the store." + }, + "name": { + "type": "string", + "description": "A name for the store.", + "replaceOnChanges": true + }, + "reference": { + "$ref": "#/types/aws-native:omics:VariantStoreReferenceItem", + "description": "The genome reference for the store's variants.", + "replaceOnChanges": true + }, + "sseConfig": { + "$ref": "#/types/aws-native:omics:VariantStoreSseConfig", + "description": "Server-side encryption (SSE) settings for the store.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:omics:VariantStoreStoreStatus", + "description": "The store's status." + }, + "statusMessage": { + "type": "string", + "description": "The store's status message." + }, + "storeArn": { + "type": "string", + "description": "The store's ARN." + }, + "storeSizeBytes": { + "type": "number", + "description": "The store's size in bytes." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the store.", + "replaceOnChanges": true + }, + "updateTime": { + "type": "string", + "description": "When the store was updated." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "reference" + ], + "createOnly": [ + "name", + "reference", + "sseConfig", + "tags" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:omics:Workflow": { + "cf": "AWS::Omics::Workflow", + "inputs": { + "accelerators": { + "$ref": "#/types/aws-native:omics:WorkflowAccelerators" + }, + "definitionUri": { + "type": "string", + "description": "The URI of a definition for the workflow." + }, + "description": { + "type": "string", + "description": "The parameter's description." + }, + "engine": { + "$ref": "#/types/aws-native:omics:WorkflowEngine", + "description": "An engine for the workflow." + }, + "main": { + "type": "string", + "description": "The path of the main definition file for the workflow." + }, + "name": { + "type": "string", + "description": "The workflow's name." + }, + "parameterTemplate": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:omics:WorkflowParameter" + }, + "description": "The workflow's parameter template." + }, + "storageCapacity": { + "type": "number", + "description": "The default storage capacity for the workflow runs, in gibibytes." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the workflow." + } + }, + "outputs": { + "accelerators": { + "$ref": "#/types/aws-native:omics:WorkflowAccelerators", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The ARN for the workflow." + }, + "awsId": { + "type": "string", + "description": "The workflow's ID." + }, + "creationTime": { + "type": "string", + "description": "When the workflow was created." + }, + "definitionUri": { + "type": "string", + "description": "The URI of a definition for the workflow.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The parameter's description." + }, + "engine": { + "$ref": "#/types/aws-native:omics:WorkflowEngine", + "description": "An engine for the workflow.", + "replaceOnChanges": true + }, + "main": { + "type": "string", + "description": "The path of the main definition file for the workflow.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The workflow's name." + }, + "parameterTemplate": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:omics:WorkflowParameter" + }, + "description": "The workflow's parameter template.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:omics:WorkflowStatus", + "description": "The workflow's status." + }, + "storageCapacity": { + "type": "number", + "description": "The default storage capacity for the workflow runs, in gibibytes.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags for the workflow." + }, + "type": { + "$ref": "#/types/aws-native:omics:WorkflowType", + "description": "The workflow's type." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "accelerators", + "definitionUri", + "engine", + "main", + "parameterTemplate", + "storageCapacity" + ], + "writeOnly": [ + "definitionUri" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:opensearchserverless:AccessPolicy": { + "cf": "AWS::OpenSearchServerless::AccessPolicy", + "inputs": { + "description": { + "type": "string", + "description": "The description of the policy" + }, + "name": { + "type": "string", + "description": "The name of the policy" + }, + "policy": { + "type": "string", + "description": "The JSON policy document that is the content for the policy" + }, + "type": { + "$ref": "#/types/aws-native:opensearchserverless:AccessPolicyType", + "description": "The type of access policy. Currently the only option is `data` ." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the policy" + }, + "name": { + "type": "string", + "description": "The name of the policy", + "replaceOnChanges": true + }, + "policy": { + "type": "string", + "description": "The JSON policy document that is the content for the policy" + }, + "type": { + "$ref": "#/types/aws-native:opensearchserverless:AccessPolicyType", + "description": "The type of access policy. Currently the only option is `data` .", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 32 + }, + "required": [ + "policy", + "type" + ], + "createOnly": [ + "name", + "type" + ] + }, + "aws-native:opensearchserverless:Collection": { + "cf": "AWS::OpenSearchServerless::Collection", + "inputs": { + "description": { + "type": "string", + "description": "The description of the collection" + }, + "name": { + "type": "string", + "description": "The name of the collection.\n\nThe name must meet the following criteria:\nUnique to your account and AWS Region\nStarts with a lowercase letter\nContains only lowercase letters a-z, the numbers 0-9 and the hyphen (-)\nContains between 3 and 32 characters\n" + }, + "standbyReplicas": { + "$ref": "#/types/aws-native:opensearchserverless:CollectionStandbyReplicas", + "description": "Indicates whether to use standby replicas for the collection. You can't update this property after the collection is already created. If you attempt to modify this property, the collection continues to use the original value." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "List of tags to be added to the resource" + }, + "type": { + "$ref": "#/types/aws-native:opensearchserverless:CollectionType", + "description": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the collection." + }, + "awsId": { + "type": "string", + "description": "The identifier of the collection" + }, + "collectionEndpoint": { + "type": "string", + "description": "The endpoint for the collection." + }, + "dashboardEndpoint": { + "type": "string", + "description": "The OpenSearch Dashboards endpoint for the collection." + }, + "description": { + "type": "string", + "description": "The description of the collection" + }, + "name": { + "type": "string", + "description": "The name of the collection.\n\nThe name must meet the following criteria:\nUnique to your account and AWS Region\nStarts with a lowercase letter\nContains only lowercase letters a-z, the numbers 0-9 and the hyphen (-)\nContains between 3 and 32 characters\n", + "replaceOnChanges": true + }, + "standbyReplicas": { + "$ref": "#/types/aws-native:opensearchserverless:CollectionStandbyReplicas", + "description": "Indicates whether to use standby replicas for the collection. You can't update this property after the collection is already created. If you attempt to modify this property, the collection continues to use the original value." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "List of tags to be added to the resource", + "replaceOnChanges": true + }, + "type": { + "$ref": "#/types/aws-native:opensearchserverless:CollectionType", + "description": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 32 + }, + "createOnly": [ + "name", + "tags", + "type" + ], + "writeOnly": [ + "tags" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:opensearchserverless:LifecyclePolicy": { + "cf": "AWS::OpenSearchServerless::LifecyclePolicy", + "inputs": { + "description": { + "type": "string", + "description": "The description of the policy" + }, + "name": { + "type": "string", + "description": "The name of the policy" + }, + "policy": { + "type": "string", + "description": "The JSON policy document that is the content for the policy" + }, + "type": { + "$ref": "#/types/aws-native:opensearchserverless:LifecyclePolicyType", + "description": "The type of lifecycle policy." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the policy" + }, + "name": { + "type": "string", + "description": "The name of the policy", + "replaceOnChanges": true + }, + "policy": { + "type": "string", + "description": "The JSON policy document that is the content for the policy" + }, + "type": { + "$ref": "#/types/aws-native:opensearchserverless:LifecyclePolicyType", + "description": "The type of lifecycle policy.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 32 + }, + "required": [ + "policy", + "type" + ], + "createOnly": [ + "name", + "type" + ] + }, + "aws-native:opensearchserverless:SecurityConfig": { + "cf": "AWS::OpenSearchServerless::SecurityConfig", + "inputs": { + "description": { + "type": "string", + "description": "Security config description" + }, + "name": { + "type": "string", + "description": "The friendly name of the security config" + }, + "samlOptions": { + "$ref": "#/types/aws-native:opensearchserverless:SecurityConfigSamlConfigOptions", + "description": "SAML options for the security configuration in the form of a key-value map." + }, + "type": { + "$ref": "#/types/aws-native:opensearchserverless:SecurityConfigType", + "description": "The type of security configuration. Currently the only option is `saml` ." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The identifier of the security config" + }, + "description": { + "type": "string", + "description": "Security config description" + }, + "name": { + "type": "string", + "description": "The friendly name of the security config", + "replaceOnChanges": true + }, + "samlOptions": { + "$ref": "#/types/aws-native:opensearchserverless:SecurityConfigSamlConfigOptions", + "description": "SAML options for the security configuration in the form of a key-value map." + }, + "type": { + "$ref": "#/types/aws-native:opensearchserverless:SecurityConfigType", + "description": "The type of security configuration. Currently the only option is `saml` .", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 32 + }, + "createOnly": [ + "name", + "type" + ], + "writeOnly": [ + "name" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:opensearchserverless:SecurityPolicy": { + "cf": "AWS::OpenSearchServerless::SecurityPolicy", + "inputs": { + "description": { + "type": "string", + "description": "The description of the policy" + }, + "name": { + "type": "string", + "description": "The name of the policy" + }, + "policy": { + "type": "string", + "description": "The JSON policy document that is the content for the policy" + }, + "type": { + "$ref": "#/types/aws-native:opensearchserverless:SecurityPolicyType", + "description": "The type of security policy. Can be either `encryption` or `network` ." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the policy" + }, + "name": { + "type": "string", + "description": "The name of the policy", + "replaceOnChanges": true + }, + "policy": { + "type": "string", + "description": "The JSON policy document that is the content for the policy" + }, + "type": { + "$ref": "#/types/aws-native:opensearchserverless:SecurityPolicyType", + "description": "The type of security policy. Can be either `encryption` or `network` .", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 32 + }, + "required": [ + "policy", + "type" + ], + "createOnly": [ + "name", + "type" + ] + }, + "aws-native:opensearchserverless:VpcEndpoint": { + "cf": "AWS::OpenSearchServerless::VpcEndpoint", + "inputs": { + "name": { + "type": "string", + "description": "The name of the VPC Endpoint" + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of one or more security groups to associate with the endpoint network interface" + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of one or more subnets in which to create an endpoint network interface" + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC in which the endpoint will be used." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The identifier of the VPC Endpoint" + }, + "name": { + "type": "string", + "description": "The name of the VPC Endpoint", + "replaceOnChanges": true + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of one or more security groups to associate with the endpoint network interface" + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of one or more subnets in which to create an endpoint network interface" + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC in which the endpoint will be used.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 32 + }, + "required": [ + "subnetIds", + "vpcId" + ], + "createOnly": [ + "name", + "vpcId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:opensearchservice:Domain": { + "cf": "AWS::OpenSearchService::Domain", + "inputs": { + "accessPolicies": { + "$ref": "pulumi.json#/Any", + "description": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guide* .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::OpenSearchService::Domain` for more information about the expected schema for this property." + }, + "advancedOptions": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Additional options to specify for the OpenSearch Service domain. For more information, see [AdvancedOptions](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateDomain.html#API_CreateDomain_RequestBody) in the OpenSearch Service API reference." + }, + "advancedSecurityOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainAdvancedSecurityOptionsInput", + "description": "Specifies options for fine-grained access control and SAML authentication.\n\nIf you specify advanced security options, you must also enable node-to-node encryption ( [NodeToNodeEncryptionOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-nodetonodeencryptionoptions.html) ) and encryption at rest ( [EncryptionAtRestOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-encryptionatrestoptions.html) ). You must also enable `EnforceHTTPS` within [DomainEndpointOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-domainendpointoptions.html) , which requires HTTPS for all traffic to the domain." + }, + "clusterConfig": { + "$ref": "#/types/aws-native:opensearchservice:DomainClusterConfig", + "description": "Container for the cluster configuration of a domain." + }, + "cognitoOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainCognitoOptions", + "description": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards." + }, + "domainEndpointOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainEndpointOptions", + "description": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint." + }, + "domainName": { + "type": "string", + "description": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n\u003e If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "ebsOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainEbsOptions", + "description": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* ." + }, + "encryptionAtRestOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainEncryptionAtRestOptions", + "description": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property." + }, + "engineVersion": { + "type": "string", + "description": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) ." + }, + "ipAddressType": { + "type": "string", + "description": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later." + }, + "logPublishingOptions": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:opensearchservice:DomainLogPublishingOption" + }, + "description": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) ." + }, + "nodeToNodeEncryptionOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainNodeToNodeEncryptionOptions", + "description": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) ." + }, + "offPeakWindowOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainOffPeakWindowOptions", + "description": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain." + }, + "snapshotOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainSnapshotOptions", + "description": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indexes." + }, + "softwareUpdateOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainSoftwareUpdateOptions", + "description": "Service software update options for the domain." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this Domain." + }, + "vpcOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainVpcOptions", + "description": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint." + } + }, + "outputs": { + "accessPolicies": { + "$ref": "pulumi.json#/Any", + "description": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guide* .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::OpenSearchService::Domain` for more information about the expected schema for this property." + }, + "advancedOptions": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Additional options to specify for the OpenSearch Service domain. For more information, see [AdvancedOptions](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateDomain.html#API_CreateDomain_RequestBody) in the OpenSearch Service API reference." + }, + "advancedSecurityOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainAdvancedSecurityOptionsInput", + "description": "Specifies options for fine-grained access control and SAML authentication.\n\nIf you specify advanced security options, you must also enable node-to-node encryption ( [NodeToNodeEncryptionOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-nodetonodeencryptionoptions.html) ) and encryption at rest ( [EncryptionAtRestOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-encryptionatrestoptions.html) ). You must also enable `EnforceHTTPS` within [DomainEndpointOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-domainendpointoptions.html) , which requires HTTPS for all traffic to the domain." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the CloudFormation stack." + }, + "awsId": { + "type": "string", + "description": "The resource ID. For example, `123456789012/my-domain` ." + }, + "clusterConfig": { + "$ref": "#/types/aws-native:opensearchservice:DomainClusterConfig", + "description": "Container for the cluster configuration of a domain." + }, + "cognitoOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainCognitoOptions", + "description": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards." + }, + "domainArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the domain. See [Identifiers for IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in *Using AWS Identity and Access Management* for more information." + }, + "domainEndpoint": { + "type": "string", + "description": "The domain-specific endpoint used for requests to the OpenSearch APIs, such as `search-mystack-1ab2cdefghij-ab1c2deckoyb3hofw7wpqa3cm.us-west-1.es.amazonaws.com` ." + }, + "domainEndpointOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainEndpointOptions", + "description": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint." + }, + "domainEndpointV2": { + "type": "string", + "description": "If `IPAddressType` to set to `dualstack` , a version 2 domain endpoint is provisioned. This endpoint functions like a normal endpoint, except that it works with both IPv4 and IPv6 IP addresses. Normal endpoints work only with IPv4 IP addresses." + }, + "domainEndpoints": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "domainName": { + "type": "string", + "description": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n\u003e If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "ebsOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainEbsOptions", + "description": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* ." + }, + "encryptionAtRestOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainEncryptionAtRestOptions", + "description": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property." + }, + "engineVersion": { + "type": "string", + "description": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) ." + }, + "ipAddressType": { + "type": "string", + "description": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later." + }, + "logPublishingOptions": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:opensearchservice:DomainLogPublishingOption" + }, + "description": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) ." + }, + "nodeToNodeEncryptionOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainNodeToNodeEncryptionOptions", + "description": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) ." + }, + "offPeakWindowOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainOffPeakWindowOptions", + "description": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain." + }, + "serviceSoftwareOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainServiceSoftwareOptions" + }, + "snapshotOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainSnapshotOptions", + "description": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indexes." + }, + "softwareUpdateOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainSoftwareUpdateOptions", + "description": "Service software update options for the domain." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this Domain." + }, + "vpcOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainVpcOptions", + "description": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint." + } + }, + "autoNamingSpec": { + "sdkName": "domainName" + }, + "createOnly": [ + "domainName" + ], + "writeOnly": [ + "advancedSecurityOptions/MasterUserOptions", + "advancedSecurityOptions/SamlOptions/MasterBackendRole", + "advancedSecurityOptions/SamlOptions/MasterUserName" + ], + "irreversibleNames": { + "awsId": "Id", + "domainEndpointV2": "DomainEndpointV2", + "ebsOptions": "EBSOptions", + "ipAddressType": "IPAddressType", + "vpcOptions": "VPCOptions" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:opsworkscm:Server": { + "cf": "AWS::OpsWorksCM::Server", + "inputs": { + "associatePublicIpAddress": { + "type": "boolean", + "description": "Associate a public IP address with a server that you are launching. Valid values are `true` or `false` . The default value is `true` ." + }, + "backupId": { + "type": "string", + "description": "If you specify this field, AWS OpsWorks CM creates the server by using the backup represented by BackupId." + }, + "backupRetentionCount": { + "type": "integer", + "description": "The number of automated backups that you want to keep. Whenever a new backup is created, AWS OpsWorks CM deletes the oldest backups if this number is exceeded. The default value is `1` ." + }, + "customCertificate": { + "type": "string", + "description": "Supported on servers running Chef Automate 2.0 only. A PEM-formatted HTTPS certificate. The value can be be a single, self-signed certificate, or a certificate chain. If you specify a custom certificate, you must also specify values for `CustomDomain` and `CustomPrivateKey` . The following are requirements for the `CustomCertificate` value:\n\n- You can provide either a self-signed, custom certificate, or the full certificate chain.\n- The certificate must be a valid X509 certificate, or a certificate chain in PEM format.\n- The certificate must be valid at the time of upload. A certificate can't be used before its validity period begins (the certificate's `NotBefore` date), or after it expires (the certificate's `NotAfter` date).\n- The certificate’s common name or subject alternative names (SANs), if present, must match the value of `CustomDomain` .\n- The certificate must match the value of `CustomPrivateKey` ." + }, + "customDomain": { + "type": "string", + "description": "Supported on servers running Chef Automate 2.0 only. An optional public endpoint of a server, such as `https://aws.my-company.com` . To access the server, create a CNAME DNS record in your preferred DNS service that points the custom domain to the endpoint that is generated when the server is created (the value of the CreateServer Endpoint attribute). You cannot access the server by using the generated `Endpoint` value if the server is using a custom domain. If you specify a custom domain, you must also specify values for `CustomCertificate` and `CustomPrivateKey` ." + }, + "customPrivateKey": { + "type": "string", + "description": "Supported on servers running Chef Automate 2.0 only. A private key in PEM format for connecting to the server by using HTTPS. The private key must not be encrypted; it cannot be protected by a password or passphrase. If you specify a custom private key, you must also specify values for `CustomDomain` and `CustomCertificate` ." + }, + "disableAutomatedBackup": { + "type": "boolean", + "description": "Enable or disable scheduled backups. Valid values are `true` or `false` . The default value is `true` ." + }, + "engine": { + "type": "string", + "description": "The configuration management engine to use. Valid values include `ChefAutomate` and `Puppet` ." + }, + "engineAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:opsworkscm:ServerEngineAttribute" + }, + "description": "Optional engine attributes on a specified server.\n\n**Attributes accepted in a Chef createServer request:** - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. When no CHEF_AUTOMATE_PIVOTAL_KEY is set, a private key is generated and returned in the response. When you are specifying the value of CHEF_AUTOMATE_PIVOTAL_KEY as a parameter in the AWS CloudFormation console, you must add newline ( `\\n` ) characters at the end of each line of the pivotal key value.\n- `CHEF_AUTOMATE_ADMIN_PASSWORD` : The password for the administrative user in the Chef Automate web-based dashboard. The password length is a minimum of eight characters, and a maximum of 32. The password can contain letters, numbers, and special characters (!/@#$%^\u0026+=_). The password must contain at least one lower case letter, one upper case letter, one number, and one special character. When no CHEF_AUTOMATE_ADMIN_PASSWORD is set, one is generated and returned in the response.\n\n**Attributes accepted in a Puppet createServer request:** - `PUPPET_ADMIN_PASSWORD` : To work with the Puppet Enterprise console, a password must use ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add PUPPET_R10K_PRIVATE_KEY to specify a PEM-encoded private SSH key." + }, + "engineModel": { + "type": "string", + "description": "The engine model of the server. Valid values in this release include `Monolithic` for Puppet and `Single` for Chef." + }, + "engineVersion": { + "type": "string", + "description": "The major release version of the engine that you want to use. For a Chef server, the valid value for EngineVersion is currently `2` . For a Puppet server, valid values are `2019` or `2017` ." + }, + "instanceProfileArn": { + "type": "string", + "description": "The ARN of the instance profile that your Amazon EC2 instances use." + }, + "instanceType": { + "type": "string", + "description": "The Amazon EC2 instance type to use. For example, `m5.large` ." + }, + "keyPair": { + "type": "string", + "description": "The Amazon EC2 key pair to set for the instance. This parameter is optional; if desired, you may specify this parameter to connect to your instances by using SSH." + }, + "preferredBackupWindow": { + "type": "string", + "description": "The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats:\n\n- `HH:MM` for daily backups\n- `DDD:HH:MM` for weekly backups\n\n`MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time.\n\n*Example:* `08:00` , which represents a daily start time of 08:00 UTC.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)" + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)" + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone)." + }, + "serverName": { + "type": "string", + "description": "The name of the server. The server name must be unique within your AWS account, within each region. Server names must start with a letter; then letters, numbers, or hyphens (-) are allowed, up to a maximum of 40 characters." + }, + "serviceRoleArn": { + "type": "string", + "description": "The service role that the AWS OpsWorks CM service backend uses to work with your account. Although the AWS OpsWorks management console typically creates the service role for you, if you are using the AWS CLI or API commands, run the service-role-creation.yaml AWS CloudFormation template, located at https://s3.amazonaws.com/opsworks-cm-us-east-1-prod-default-assets/misc/opsworks-cm-roles.yaml. This template creates a CloudFormation stack that includes the service role and instance profile that you need." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the server, such as `arn:aws:OpsWorksCM:us-east-1:123456789012:server/server-a1bzhi` ." + }, + "associatePublicIpAddress": { + "type": "boolean", + "description": "Associate a public IP address with a server that you are launching. Valid values are `true` or `false` . The default value is `true` .", + "replaceOnChanges": true + }, + "backupId": { + "type": "string", + "description": "If you specify this field, AWS OpsWorks CM creates the server by using the backup represented by BackupId.", + "replaceOnChanges": true + }, + "backupRetentionCount": { + "type": "integer", + "description": "The number of automated backups that you want to keep. Whenever a new backup is created, AWS OpsWorks CM deletes the oldest backups if this number is exceeded. The default value is `1` ." + }, + "customCertificate": { + "type": "string", + "description": "Supported on servers running Chef Automate 2.0 only. A PEM-formatted HTTPS certificate. The value can be be a single, self-signed certificate, or a certificate chain. If you specify a custom certificate, you must also specify values for `CustomDomain` and `CustomPrivateKey` . The following are requirements for the `CustomCertificate` value:\n\n- You can provide either a self-signed, custom certificate, or the full certificate chain.\n- The certificate must be a valid X509 certificate, or a certificate chain in PEM format.\n- The certificate must be valid at the time of upload. A certificate can't be used before its validity period begins (the certificate's `NotBefore` date), or after it expires (the certificate's `NotAfter` date).\n- The certificate’s common name or subject alternative names (SANs), if present, must match the value of `CustomDomain` .\n- The certificate must match the value of `CustomPrivateKey` .", + "replaceOnChanges": true + }, + "customDomain": { + "type": "string", + "description": "Supported on servers running Chef Automate 2.0 only. An optional public endpoint of a server, such as `https://aws.my-company.com` . To access the server, create a CNAME DNS record in your preferred DNS service that points the custom domain to the endpoint that is generated when the server is created (the value of the CreateServer Endpoint attribute). You cannot access the server by using the generated `Endpoint` value if the server is using a custom domain. If you specify a custom domain, you must also specify values for `CustomCertificate` and `CustomPrivateKey` .", + "replaceOnChanges": true + }, + "customPrivateKey": { + "type": "string", + "description": "Supported on servers running Chef Automate 2.0 only. A private key in PEM format for connecting to the server by using HTTPS. The private key must not be encrypted; it cannot be protected by a password or passphrase. If you specify a custom private key, you must also specify values for `CustomDomain` and `CustomCertificate` .", + "replaceOnChanges": true + }, + "disableAutomatedBackup": { + "type": "boolean", + "description": "Enable or disable scheduled backups. Valid values are `true` or `false` . The default value is `true` ." + }, + "endpoint": { + "type": "string", + "description": "A DNS name that can be used to access the engine. Example: `myserver-asdfghjkl.us-east-1.opsworks.io` ." + }, + "engine": { + "type": "string", + "description": "The configuration management engine to use. Valid values include `ChefAutomate` and `Puppet` .", + "replaceOnChanges": true + }, + "engineAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:opsworkscm:ServerEngineAttribute" + }, + "description": "Optional engine attributes on a specified server.\n\n**Attributes accepted in a Chef createServer request:** - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. When no CHEF_AUTOMATE_PIVOTAL_KEY is set, a private key is generated and returned in the response. When you are specifying the value of CHEF_AUTOMATE_PIVOTAL_KEY as a parameter in the AWS CloudFormation console, you must add newline ( `\\n` ) characters at the end of each line of the pivotal key value.\n- `CHEF_AUTOMATE_ADMIN_PASSWORD` : The password for the administrative user in the Chef Automate web-based dashboard. The password length is a minimum of eight characters, and a maximum of 32. The password can contain letters, numbers, and special characters (!/@#$%^\u0026+=_). The password must contain at least one lower case letter, one upper case letter, one number, and one special character. When no CHEF_AUTOMATE_ADMIN_PASSWORD is set, one is generated and returned in the response.\n\n**Attributes accepted in a Puppet createServer request:** - `PUPPET_ADMIN_PASSWORD` : To work with the Puppet Enterprise console, a password must use ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add PUPPET_R10K_PRIVATE_KEY to specify a PEM-encoded private SSH key." + }, + "engineModel": { + "type": "string", + "description": "The engine model of the server. Valid values in this release include `Monolithic` for Puppet and `Single` for Chef.", + "replaceOnChanges": true + }, + "engineVersion": { + "type": "string", + "description": "The major release version of the engine that you want to use. For a Chef server, the valid value for EngineVersion is currently `2` . For a Puppet server, valid values are `2019` or `2017` .", + "replaceOnChanges": true + }, + "instanceProfileArn": { + "type": "string", + "description": "The ARN of the instance profile that your Amazon EC2 instances use.", + "replaceOnChanges": true + }, + "instanceType": { + "type": "string", + "description": "The Amazon EC2 instance type to use. For example, `m5.large` .", + "replaceOnChanges": true + }, + "keyPair": { + "type": "string", + "description": "The Amazon EC2 key pair to set for the instance. This parameter is optional; if desired, you may specify this parameter to connect to your instances by using SSH.", + "replaceOnChanges": true + }, + "preferredBackupWindow": { + "type": "string", + "description": "The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats:\n\n- `HH:MM` for daily backups\n- `DDD:HH:MM` for weekly backups\n\n`MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time.\n\n*Example:* `08:00` , which represents a daily start time of 08:00 UTC.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)" + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)" + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", + "replaceOnChanges": true + }, + "serverName": { + "type": "string", + "description": "The name of the server. The server name must be unique within your AWS account, within each region. Server names must start with a letter; then letters, numbers, or hyphens (-) are allowed, up to a maximum of 40 characters.", + "replaceOnChanges": true + }, + "serviceRoleArn": { + "type": "string", + "description": "The service role that the AWS OpsWorks CM service backend uses to work with your account. Although the AWS OpsWorks management console typically creates the service role for you, if you are using the AWS CLI or API commands, run the service-role-creation.yaml AWS CloudFormation template, located at https://s3.amazonaws.com/opsworks-cm-us-east-1-prod-default-assets/misc/opsworks-cm-roles.yaml. This template creates a CloudFormation stack that includes the service role and instance profile that you need.", + "replaceOnChanges": true + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server." + } + }, + "autoNamingSpec": { + "sdkName": "serverName", + "minLength": 1, + "maxLength": 40 + }, + "required": [ + "instanceProfileArn", + "instanceType", + "serviceRoleArn" + ], + "createOnly": [ + "associatePublicIpAddress", + "backupId", + "customCertificate", + "customDomain", + "customPrivateKey", + "engine", + "engineModel", + "engineVersion", + "instanceProfileArn", + "instanceType", + "keyPair", + "securityGroupIds", + "serverName", + "serviceRoleArn", + "subnetIds" + ], + "writeOnly": [ + "backupId", + "customCertificate", + "customDomain", + "customPrivateKey", + "engineAttributes", + "engineVersion", + "keyPair", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:organizations:Account": { + "cf": "AWS::Organizations::Account", + "inputs": { + "accountName": { + "type": "string", + "description": "The friendly name of the member account." + }, + "email": { + "type": "string", + "description": "The email address of the owner to assign to the new member account." + }, + "parentIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of parent nodes for the member account. Currently only one parent at a time is supported. Default is root." + }, + "roleName": { + "type": "string", + "description": "The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. Default name is OrganizationAccountAccessRole if not specified." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value." + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "If the account was created successfully, the unique identifier (ID) of the new account." + }, + "accountName": { + "type": "string", + "description": "The friendly name of the member account." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the account." + }, + "email": { + "type": "string", + "description": "The email address of the owner to assign to the new member account." + }, + "joinedMethod": { + "$ref": "#/types/aws-native:organizations:AccountJoinedMethod", + "description": "The method by which the account joined the organization." + }, + "joinedTimestamp": { + "type": "string", + "description": "The date the account became a part of the organization." + }, + "parentIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of parent nodes for the member account. Currently only one parent at a time is supported. Default is root." + }, + "roleName": { + "type": "string", + "description": "The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. Default name is OrganizationAccountAccessRole if not specified." + }, + "status": { + "$ref": "#/types/aws-native:organizations:AccountStatus", + "description": "The status of the account in the organization." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value." + } + }, + "autoNamingSpec": { + "sdkName": "accountName", + "minLength": 1, + "maxLength": 50 + }, + "required": [ + "email" + ], + "writeOnly": [ + "roleName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:organizations:Organization": { + "cf": "AWS::Organizations::Organization", + "inputs": { + "featureSet": { + "$ref": "#/types/aws-native:organizations:OrganizationFeatureSet", + "description": "Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an organization." + }, + "awsId": { + "type": "string", + "description": "The unique identifier (ID) of an organization." + }, + "featureSet": { + "$ref": "#/types/aws-native:organizations:OrganizationFeatureSet", + "description": "Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality." + }, + "managementAccountArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the account that is designated as the management account for the organization." + }, + "managementAccountEmail": { + "type": "string", + "description": "The email address that is associated with the AWS account that is designated as the management account for the organization." + }, + "managementAccountId": { + "type": "string", + "description": "The unique identifier (ID) of the management account of an organization." + }, + "rootId": { + "type": "string", + "description": "The unique identifier (ID) for the root." + } + }, + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:organizations:OrganizationalUnit": { + "cf": "AWS::Organizations::OrganizationalUnit", + "inputs": { + "name": { + "type": "string", + "description": "The friendly name of this OU." + }, + "parentId": { + "type": "string", + "description": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the newly created OU." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of this OU." + }, + "awsId": { + "type": "string", + "description": "The unique identifier (ID) associated with this OU." + }, + "name": { + "type": "string", + "description": "The friendly name of this OU." + }, + "parentId": { + "type": "string", + "description": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the newly created OU." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "parentId" + ], + "createOnly": [ + "parentId" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:organizations:Policy": { + "cf": "AWS::Organizations::Policy", + "inputs": { + "content": { + "$ref": "pulumi.json#/Any", + "description": "The Policy text content. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Organizations::Policy` for more information about the expected schema for this property." + }, + "description": { + "type": "string", + "description": "Human readable description of the policy" + }, + "name": { + "type": "string", + "description": "Name of the Policy" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to null." + }, + "targetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to" + }, + "type": { + "$ref": "#/types/aws-native:organizations:PolicyType", + "description": "The type of policy to create. You can specify one of the following values: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "ARN of the Policy" + }, + "awsId": { + "type": "string", + "description": "Id of the Policy" + }, + "awsManaged": { + "type": "boolean", + "description": "A boolean value that indicates whether the specified policy is an AWS managed policy. If true, then you can attach the policy to roots, OUs, or accounts, but you cannot edit it." + }, + "content": { + "$ref": "pulumi.json#/Any", + "description": "The Policy text content. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Organizations::Policy` for more information about the expected schema for this property." + }, + "description": { + "type": "string", + "description": "Human readable description of the policy" + }, + "name": { + "type": "string", + "description": "Name of the Policy" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to null." + }, + "targetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to" + }, + "type": { + "$ref": "#/types/aws-native:organizations:PolicyType", + "description": "The type of policy to create. You can specify one of the following values: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "content", + "type" + ], + "createOnly": [ + "type" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:organizations:ResourcePolicy": { + "cf": "AWS::Organizations::ResourcePolicy", + "inputs": { + "content": { + "$ref": "pulumi.json#/Any", + "description": "The policy document. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Organizations::ResourcePolicy` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the resource policy" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the resource policy." + }, + "awsId": { + "type": "string", + "description": "The unique identifier (ID) associated with this resource policy." + }, + "content": { + "$ref": "pulumi.json#/Any", + "description": "The policy document. For AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Organizations::ResourcePolicy` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags that you want to attach to the resource policy" + } + }, + "required": [ + "content" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:osis:Pipeline": { + "cf": "AWS::OSIS::Pipeline", + "inputs": { + "bufferOptions": { + "$ref": "#/types/aws-native:osis:PipelineBufferOptions", + "description": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) ." + }, + "encryptionAtRestOptions": { + "$ref": "#/types/aws-native:osis:PipelineEncryptionAtRestOptions", + "description": "Options to control how OpenSearch encrypts buffer data." + }, + "logPublishingOptions": { + "$ref": "#/types/aws-native:osis:PipelineLogPublishingOptions", + "description": "Key-value pairs that represent log publishing settings." + }, + "maxUnits": { + "type": "integer", + "description": "The maximum pipeline capacity, in Ingestion OpenSearch Compute Units (OCUs)." + }, + "minUnits": { + "type": "integer", + "description": "The minimum pipeline capacity, in Ingestion OpenSearch Compute Units (OCUs)." + }, + "pipelineConfigurationBody": { + "type": "string", + "description": "The Data Prepper pipeline configuration." + }, + "pipelineName": { + "type": "string", + "description": "Name of the OpenSearch Ingestion Service pipeline to create. Pipeline names are unique across the pipelines owned by an account within an AWS Region." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "vpcOptions": { + "$ref": "#/types/aws-native:osis:PipelineVpcOptions", + "description": "Options that specify the subnets and security groups for an OpenSearch Ingestion VPC endpoint." + } + }, + "outputs": { + "bufferOptions": { + "$ref": "#/types/aws-native:osis:PipelineBufferOptions", + "description": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) ." + }, + "encryptionAtRestOptions": { + "$ref": "#/types/aws-native:osis:PipelineEncryptionAtRestOptions", + "description": "Options to control how OpenSearch encrypts buffer data." + }, + "ingestEndpointUrls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of endpoints that can be used for ingesting data into a pipeline" + }, + "logPublishingOptions": { + "$ref": "#/types/aws-native:osis:PipelineLogPublishingOptions", + "description": "Key-value pairs that represent log publishing settings." + }, + "maxUnits": { + "type": "integer", + "description": "The maximum pipeline capacity, in Ingestion OpenSearch Compute Units (OCUs)." + }, + "minUnits": { + "type": "integer", + "description": "The minimum pipeline capacity, in Ingestion OpenSearch Compute Units (OCUs)." + }, + "pipelineArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the pipeline." + }, + "pipelineConfigurationBody": { + "type": "string", + "description": "The Data Prepper pipeline configuration." + }, + "pipelineName": { + "type": "string", + "description": "Name of the OpenSearch Ingestion Service pipeline to create. Pipeline names are unique across the pipelines owned by an account within an AWS Region.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "vpcEndpointService": { + "type": "string", + "description": "The VPC endpoint service name for the pipeline." + }, + "vpcEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:osis:PipelineVpcEndpoint" + }, + "description": "The VPC interface endpoints that have access to the pipeline." + }, + "vpcOptions": { + "$ref": "#/types/aws-native:osis:PipelineVpcOptions", + "description": "Options that specify the subnets and security groups for an OpenSearch Ingestion VPC endpoint." + } + }, + "autoNamingSpec": { + "sdkName": "pipelineName", + "minLength": 3, + "maxLength": 28 + }, + "required": [ + "maxUnits", + "minUnits", + "pipelineConfigurationBody" + ], + "createOnly": [ + "pipelineName" + ], + "writeOnly": [ + "vpcOptions" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:panorama:ApplicationInstance": { + "cf": "AWS::Panorama::ApplicationInstance", + "inputs": { + "applicationInstanceIdToReplace": { + "type": "string", + "description": "The ID of an application instance to replace with the new instance." + }, + "defaultRuntimeContextDevice": { + "type": "string", + "description": "The device's ID." + }, + "description": { + "type": "string", + "description": "A description for the application instance." + }, + "manifestOverridesPayload": { + "$ref": "#/types/aws-native:panorama:ApplicationInstanceManifestOverridesPayload", + "description": "Setting overrides for the application manifest." + }, + "manifestPayload": { + "$ref": "#/types/aws-native:panorama:ApplicationInstanceManifestPayload", + "description": "The application's manifest document." + }, + "name": { + "type": "string", + "description": "A name for the application instance." + }, + "runtimeRoleArn": { + "type": "string", + "description": "The ARN of a runtime role for the application instance." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for the application instance." + } + }, + "outputs": { + "applicationInstanceId": { + "type": "string", + "description": "The application instance's ID." + }, + "applicationInstanceIdToReplace": { + "type": "string", + "description": "The ID of an application instance to replace with the new instance.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The application instance's ARN." + }, + "createdTime": { + "type": "integer", + "description": "The application instance's created time." + }, + "defaultRuntimeContextDevice": { + "type": "string", + "description": "The device's ID.", + "replaceOnChanges": true + }, + "defaultRuntimeContextDeviceName": { + "type": "string", + "description": "The application instance's default runtime context device name." + }, + "description": { + "type": "string", + "description": "A description for the application instance.", + "replaceOnChanges": true + }, + "healthStatus": { + "$ref": "#/types/aws-native:panorama:ApplicationInstanceHealthStatus", + "description": "The application instance's health status." + }, + "lastUpdatedTime": { + "type": "integer", + "description": "The application instance's last updated time." + }, + "manifestOverridesPayload": { + "$ref": "#/types/aws-native:panorama:ApplicationInstanceManifestOverridesPayload", + "description": "Setting overrides for the application manifest.", + "replaceOnChanges": true + }, + "manifestPayload": { + "$ref": "#/types/aws-native:panorama:ApplicationInstanceManifestPayload", + "description": "The application's manifest document.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "A name for the application instance.", + "replaceOnChanges": true + }, + "runtimeRoleArn": { + "type": "string", + "description": "The ARN of a runtime role for the application instance.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:panorama:ApplicationInstanceStatus", + "description": "The application instance's status." + }, + "statusDescription": { + "type": "string", + "description": "The application instance's status description." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for the application instance." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "defaultRuntimeContextDevice", + "manifestPayload" + ], + "createOnly": [ + "applicationInstanceIdToReplace", + "defaultRuntimeContextDevice", + "description", + "manifestOverridesPayload", + "manifestPayload", + "name", + "runtimeRoleArn" + ], + "writeOnly": [ + "applicationInstanceIdToReplace" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:panorama:Package": { + "cf": "AWS::Panorama::Package", + "inputs": { + "packageName": { + "type": "string", + "description": "A name for the package." + }, + "storageLocation": { + "$ref": "#/types/aws-native:panorama:PackageStorageLocation", + "description": "A storage location." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for the package." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The package's ARN." + }, + "createdTime": { + "type": "integer", + "description": "When the package was created." + }, + "packageId": { + "type": "string", + "description": "The package's ID." + }, + "packageName": { + "type": "string", + "description": "A name for the package.", + "replaceOnChanges": true + }, + "storageLocation": { + "$ref": "#/types/aws-native:panorama:PackageStorageLocation", + "description": "A storage location." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags for the package." + } + }, + "autoNamingSpec": { + "sdkName": "packageName" + }, + "createOnly": [ + "packageName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:panorama:PackageVersion": { + "cf": "AWS::Panorama::PackageVersion", + "inputs": { + "markLatest": { + "type": "boolean", + "description": "Whether to mark the new version as the latest version." + }, + "ownerAccount": { + "type": "string", + "description": "An owner account." + }, + "packageId": { + "type": "string", + "description": "A package ID." + }, + "packageVersion": { + "type": "string", + "description": "A package version.", + "language": { + "csharp": { + "name": "PackageVersionValue" + } + } + }, + "patchVersion": { + "type": "string", + "description": "A patch version." + }, + "updatedLatestPatchVersion": { + "type": "string", + "description": "If the version was marked latest, the new version to maker as latest." + } + }, + "outputs": { + "isLatestPatch": { + "type": "boolean", + "description": "Whether the package version is the latest version." + }, + "markLatest": { + "type": "boolean", + "description": "Whether to mark the new version as the latest version." + }, + "ownerAccount": { + "type": "string", + "description": "An owner account.", + "replaceOnChanges": true + }, + "packageArn": { + "type": "string", + "description": "The package version's ARN." + }, + "packageId": { + "type": "string", + "description": "A package ID.", + "replaceOnChanges": true + }, + "packageName": { + "type": "string", + "description": "The package version's name." + }, + "packageVersion": { + "type": "string", + "description": "A package version.", + "language": { + "csharp": { + "name": "PackageVersionValue" + } + }, + "replaceOnChanges": true + }, + "patchVersion": { + "type": "string", + "description": "A patch version.", + "replaceOnChanges": true + }, + "registeredTime": { + "type": "integer", + "description": "The package version's registered time." + }, + "status": { + "$ref": "#/types/aws-native:panorama:PackageVersionStatus", + "description": "The package version's status." + }, + "statusDescription": { + "type": "string", + "description": "The package version's status description." + }, + "updatedLatestPatchVersion": { + "type": "string", + "description": "If the version was marked latest, the new version to maker as latest." + } + }, + "required": [ + "packageId", + "packageVersion", + "patchVersion" + ], + "createOnly": [ + "ownerAccount", + "packageId", + "packageVersion", + "patchVersion" + ], + "writeOnly": [ + "updatedLatestPatchVersion" + ] + }, + "aws-native:paymentcryptography:Alias": { + "cf": "AWS::PaymentCryptography::Alias", + "inputs": { + "aliasName": { + "type": "string", + "description": "A friendly name that you can use to refer to a key. The value must begin with `alias/` .\n\n\u003e Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in AWS CloudTrail logs and other output." + }, + "keyArn": { + "type": "string", + "description": "The `KeyARN` of the key associated with the alias." + } + }, + "outputs": { + "aliasName": { + "type": "string", + "description": "A friendly name that you can use to refer to a key. The value must begin with `alias/` .\n\n\u003e Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in AWS CloudTrail logs and other output.", + "replaceOnChanges": true + }, + "keyArn": { + "type": "string", + "description": "The `KeyARN` of the key associated with the alias." + } + }, + "autoNamingSpec": { + "sdkName": "aliasName", + "minLength": 7, + "maxLength": 256 + }, + "createOnly": [ + "aliasName" + ] + }, + "aws-native:paymentcryptography:Key": { + "cf": "AWS::PaymentCryptography::Key", + "inputs": { + "enabled": { + "type": "boolean", + "description": "Specifies whether the key is enabled." + }, + "exportable": { + "type": "boolean", + "description": "Specifies whether the key is exportable. This data is immutable after the key is created." + }, + "keyAttributes": { + "$ref": "#/types/aws-native:paymentcryptography:KeyAttributes", + "description": "The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created." + }, + "keyCheckValueAlgorithm": { + "$ref": "#/types/aws-native:paymentcryptography:KeyCheckValueAlgorithm", + "description": "The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.\n\nFor TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + }, + "outputs": { + "enabled": { + "type": "boolean", + "description": "Specifies whether the key is enabled." + }, + "exportable": { + "type": "boolean", + "description": "Specifies whether the key is exportable. This data is immutable after the key is created." + }, + "keyAttributes": { + "$ref": "#/types/aws-native:paymentcryptography:KeyAttributes", + "description": "The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created." + }, + "keyCheckValueAlgorithm": { + "$ref": "#/types/aws-native:paymentcryptography:KeyCheckValueAlgorithm", + "description": "The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.\n\nFor TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result." + }, + "keyIdentifier": { + "type": "string" + }, + "keyOrigin": { + "$ref": "#/types/aws-native:paymentcryptography:KeyOrigin", + "description": "The source of the key material. For keys created within AWS Payment Cryptography, the value is `AWS_PAYMENT_CRYPTOGRAPHY` . For keys imported into AWS Payment Cryptography, the value is `EXTERNAL` ." + }, + "keyState": { + "$ref": "#/types/aws-native:paymentcryptography:KeyState", + "description": "The state of key that is being created or deleted." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + } + }, + "required": [ + "exportable", + "keyAttributes" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:pcaconnectorad:Connector": { + "cf": "AWS::PCAConnectorAD::Connector", + "inputs": { + "certificateAuthorityArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the certificate authority being used." + }, + "directoryId": { + "type": "string", + "description": "The identifier of the Active Directory." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata assigned to a connector consisting of a key-value pair." + }, + "vpcInformation": { + "$ref": "#/types/aws-native:pcaconnectorad:ConnectorVpcInformation", + "description": "Information of the VPC and security group(s) used with the connector." + } + }, + "outputs": { + "certificateAuthorityArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the certificate authority being used.", + "replaceOnChanges": true + }, + "connectorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) ." + }, + "directoryId": { + "type": "string", + "description": "The identifier of the Active Directory.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata assigned to a connector consisting of a key-value pair." + }, + "vpcInformation": { + "$ref": "#/types/aws-native:pcaconnectorad:ConnectorVpcInformation", + "description": "Information of the VPC and security group(s) used with the connector.", + "replaceOnChanges": true + } + }, + "required": [ + "certificateAuthorityArn", + "directoryId", + "vpcInformation" + ], + "createOnly": [ + "certificateAuthorityArn", + "directoryId", + "vpcInformation" + ], + "writeOnly": [ + "certificateAuthorityArn", + "directoryId", + "tags", + "vpcInformation" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:pcaconnectorad:DirectoryRegistration": { + "cf": "AWS::PCAConnectorAD::DirectoryRegistration", + "inputs": { + "directoryId": { + "type": "string", + "description": "The identifier of the Active Directory." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata assigned to a directory registration consisting of a key-value pair." + } + }, + "outputs": { + "directoryId": { + "type": "string", + "description": "The identifier of the Active Directory.", + "replaceOnChanges": true + }, + "directoryRegistrationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) ." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata assigned to a directory registration consisting of a key-value pair." + } + }, + "required": [ + "directoryId" + ], + "createOnly": [ + "directoryId" + ], + "writeOnly": [ + "directoryId", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:pcaconnectorad:ServicePrincipalName": { + "cf": "AWS::PCAConnectorAD::ServicePrincipalName", + "inputs": { + "connectorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector.html](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) ." + }, + "directoryRegistrationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) ." + } + }, + "outputs": { + "connectorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector.html](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", + "replaceOnChanges": true + }, + "directoryRegistrationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) .", + "replaceOnChanges": true + } + }, + "createOnly": [ + "connectorArn", + "directoryRegistrationArn" + ] + }, + "aws-native:pcaconnectorad:Template": { + "cf": "AWS::PCAConnectorAD::Template", + "inputs": { + "connectorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) ." + }, + "definition": { + "oneOf": [ + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateDefinition0Properties" + }, + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateDefinition1Properties" + }, + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateDefinition2Properties" + } + ], + "description": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings." + }, + "name": { + "type": "string", + "description": "Name of the templates. Template names must be unique." + }, + "reenrollAllCertificateHolders": { + "type": "boolean", + "description": "This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata assigned to a template consisting of a key-value pair." + } + }, + "outputs": { + "connectorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", + "replaceOnChanges": true + }, + "definition": { + "oneOf": [ + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateDefinition0Properties" + }, + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateDefinition1Properties" + }, + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateDefinition2Properties" + } + ], + "description": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings." + }, + "name": { + "type": "string", + "description": "Name of the templates. Template names must be unique.", + "replaceOnChanges": true + }, + "reenrollAllCertificateHolders": { + "type": "boolean", + "description": "This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Metadata assigned to a template consisting of a key-value pair." + }, + "templateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "connectorArn", + "definition" + ], + "createOnly": [ + "connectorArn", + "name" + ], + "writeOnly": [ + "connectorArn", + "definition", + "name", + "reenrollAllCertificateHolders", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:pcaconnectorad:TemplateGroupAccessControlEntry": { + "cf": "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry", + "inputs": { + "accessRights": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateGroupAccessControlEntryAccessRights", + "description": "Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template." + }, + "groupDisplayName": { + "type": "string", + "description": "Name of the Active Directory group. This name does not need to match the group name in Active Directory." + }, + "groupSecurityIdentifier": { + "type": "string", + "description": "Security identifier (SID) of the group object from Active Directory. The SID starts with \"S-\"." + }, + "templateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) ." + } + }, + "outputs": { + "accessRights": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateGroupAccessControlEntryAccessRights", + "description": "Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template." + }, + "groupDisplayName": { + "type": "string", + "description": "Name of the Active Directory group. This name does not need to match the group name in Active Directory." + }, + "groupSecurityIdentifier": { + "type": "string", + "description": "Security identifier (SID) of the group object from Active Directory. The SID starts with \"S-\".", + "replaceOnChanges": true + }, + "templateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) .", + "replaceOnChanges": true + } + }, + "required": [ + "accessRights", + "groupDisplayName" + ], + "createOnly": [ + "groupSecurityIdentifier", + "templateArn" + ], + "writeOnly": [ + "accessRights", + "groupDisplayName" + ] + }, + "aws-native:personalize:Dataset": { + "cf": "AWS::Personalize::Dataset", + "inputs": { + "datasetGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the dataset group to add the dataset to" + }, + "datasetImportJob": { + "$ref": "#/types/aws-native:personalize:DatasetImportJob", + "description": "Describes a job that imports training data from a data source (Amazon S3 bucket) to an Amazon Personalize dataset. If you specify a dataset import job as part of a dataset, all dataset import job fields are required." + }, + "datasetType": { + "$ref": "#/types/aws-native:personalize:DatasetType", + "description": "The type of dataset" + }, + "name": { + "type": "string", + "description": "The name for the dataset" + }, + "schemaArn": { + "type": "string", + "description": "The ARN of the schema to associate with the dataset. The schema defines the dataset fields." + } + }, + "outputs": { + "datasetArn": { + "type": "string", + "description": "The ARN of the dataset" + }, + "datasetGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the dataset group to add the dataset to", + "replaceOnChanges": true + }, + "datasetImportJob": { + "$ref": "#/types/aws-native:personalize:DatasetImportJob", + "description": "Describes a job that imports training data from a data source (Amazon S3 bucket) to an Amazon Personalize dataset. If you specify a dataset import job as part of a dataset, all dataset import job fields are required." + }, + "datasetType": { + "$ref": "#/types/aws-native:personalize:DatasetType", + "description": "The type of dataset", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name for the dataset", + "replaceOnChanges": true + }, + "schemaArn": { + "type": "string", + "description": "The ARN of the schema to associate with the dataset. The schema defines the dataset fields.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "datasetGroupArn", + "datasetType", + "schemaArn" + ], + "createOnly": [ + "datasetGroupArn", + "datasetType", + "name", + "schemaArn" + ] + }, + "aws-native:personalize:DatasetGroup": { + "cf": "AWS::Personalize::DatasetGroup", + "inputs": { + "domain": { + "$ref": "#/types/aws-native:personalize:DatasetGroupDomain", + "description": "The domain of a Domain dataset group." + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name(ARN) of a AWS Key Management Service (KMS) key used to encrypt the datasets." + }, + "name": { + "type": "string", + "description": "The name for the new dataset group." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key." + } + }, + "outputs": { + "datasetGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the dataset group." + }, + "domain": { + "$ref": "#/types/aws-native:personalize:DatasetGroupDomain", + "description": "The domain of a Domain dataset group.", + "replaceOnChanges": true + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name(ARN) of a AWS Key Management Service (KMS) key used to encrypt the datasets.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name for the new dataset group.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 63 + }, + "createOnly": [ + "domain", + "kmsKeyArn", + "name", + "roleArn" + ] + }, + "aws-native:personalize:Schema": { + "cf": "AWS::Personalize::Schema", + "inputs": { + "domain": { + "$ref": "#/types/aws-native:personalize:SchemaDomain", + "description": "The domain of a Domain dataset group." + }, + "name": { + "type": "string", + "description": "Name for the schema." + }, + "schema": { + "type": "string", + "description": "A schema in Avro JSON format.", + "language": { + "csharp": { + "name": "SchemaValue" + } + } + } + }, + "outputs": { + "domain": { + "$ref": "#/types/aws-native:personalize:SchemaDomain", + "description": "The domain of a Domain dataset group.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Name for the schema.", + "replaceOnChanges": true + }, + "schema": { + "type": "string", + "description": "A schema in Avro JSON format.", + "language": { + "csharp": { + "name": "SchemaValue" + } + }, + "replaceOnChanges": true + }, + "schemaArn": { + "type": "string", + "description": "Arn for the schema." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "schema" + ], + "createOnly": [ + "domain", + "name", + "schema" + ] + }, + "aws-native:personalize:Solution": { + "cf": "AWS::Personalize::Solution", + "inputs": { + "datasetGroupArn": { + "type": "string", + "description": "The ARN of the dataset group that provides the training data." + }, + "eventType": { + "type": "string", + "description": "When your have multiple event types (using an EVENT_TYPE schema field), this parameter specifies which event type (for example, 'click' or 'like') is used for training the model. If you do not provide an eventType, Amazon Personalize will use all interactions for training with equal weight regardless of type." + }, + "name": { + "type": "string", + "description": "The name for the solution" + }, + "performAutoMl": { + "type": "boolean", + "description": "Whether to perform automated machine learning (AutoML). The default is false. For this case, you must specify recipeArn." + }, + "performHpo": { + "type": "boolean", + "description": "Whether to perform hyperparameter optimization (HPO) on the specified or selected recipe. The default is false. When performing AutoML, this parameter is always true and you should not set it to false." + }, + "recipeArn": { + "type": "string", + "description": "The ARN of the recipe to use for model training. Only specified when performAutoML is false." + }, + "solutionConfig": { + "$ref": "#/types/aws-native:personalize:SolutionConfig", + "description": "Describes the configuration properties for the solution." + } + }, + "outputs": { + "datasetGroupArn": { + "type": "string", + "description": "The ARN of the dataset group that provides the training data.", + "replaceOnChanges": true + }, + "eventType": { + "type": "string", + "description": "When your have multiple event types (using an EVENT_TYPE schema field), this parameter specifies which event type (for example, 'click' or 'like') is used for training the model. If you do not provide an eventType, Amazon Personalize will use all interactions for training with equal weight regardless of type.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name for the solution", + "replaceOnChanges": true + }, + "performAutoMl": { + "type": "boolean", + "description": "Whether to perform automated machine learning (AutoML). The default is false. For this case, you must specify recipeArn.", + "replaceOnChanges": true + }, + "performHpo": { + "type": "boolean", + "description": "Whether to perform hyperparameter optimization (HPO) on the specified or selected recipe. The default is false. When performing AutoML, this parameter is always true and you should not set it to false.", + "replaceOnChanges": true + }, + "recipeArn": { + "type": "string", + "description": "The ARN of the recipe to use for model training. Only specified when performAutoML is false.", + "replaceOnChanges": true + }, + "solutionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the solution." + }, + "solutionConfig": { + "$ref": "#/types/aws-native:personalize:SolutionConfig", + "description": "Describes the configuration properties for the solution.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "datasetGroupArn" + ], + "createOnly": [ + "datasetGroupArn", + "eventType", + "name", + "performAutoMl", + "performHpo", + "recipeArn", + "solutionConfig" + ], + "irreversibleNames": { + "performAutoMl": "PerformAutoML", + "performHpo": "PerformHPO" + } + }, + "aws-native:pinpoint:InAppTemplate": { + "cf": "AWS::Pinpoint::InAppTemplate", + "inputs": { + "content": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateInAppMessageContent" + }, + "description": "An object that contains information about the content of an in-app message, including its title and body text, text colors, background colors, images, buttons, and behaviors." + }, + "customConfig": { + "$ref": "pulumi.json#/Any", + "description": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Pinpoint::InAppTemplate` for more information about the expected schema for this property." + }, + "layout": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateLayout", + "description": "A string that determines the appearance of the in-app message. You can specify one of the following:\n\n- `BOTTOM_BANNER` – a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` – a message that appears as a banner at the top of the page.\n- `OVERLAYS` – a message that covers entire screen.\n- `MOBILE_FEED` – a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` – a message that appears as a banner in the middle of the page.\n- `CAROUSEL` – a scrollable layout of up to five unique messages." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Pinpoint::InAppTemplate` for more information about the expected schema for this property." + }, + "templateDescription": { + "type": "string", + "description": "An optional description of the in-app template." + }, + "templateName": { + "type": "string", + "description": "The name of the in-app message template." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the message template." + }, + "content": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateInAppMessageContent" + }, + "description": "An object that contains information about the content of an in-app message, including its title and body text, text colors, background colors, images, buttons, and behaviors." + }, + "customConfig": { + "$ref": "pulumi.json#/Any", + "description": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Pinpoint::InAppTemplate` for more information about the expected schema for this property." + }, + "layout": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateLayout", + "description": "A string that determines the appearance of the in-app message. You can specify one of the following:\n\n- `BOTTOM_BANNER` – a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` – a message that appears as a banner at the top of the page.\n- `OVERLAYS` – a message that covers entire screen.\n- `MOBILE_FEED` – a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` – a message that appears as a banner in the middle of the page.\n- `CAROUSEL` – a scrollable layout of up to five unique messages." + }, + "tags": { + "$ref": "pulumi.json#/Any", + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Pinpoint::InAppTemplate` for more information about the expected schema for this property." + }, + "templateDescription": { + "type": "string", + "description": "An optional description of the in-app template." + }, + "templateName": { + "type": "string", + "description": "The name of the in-app message template.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "templateName" + }, + "createOnly": [ + "templateName" + ], + "tagsProperty": "tags", + "tagsStyle": "untyped" + }, + "aws-native:pipes:Pipe": { + "cf": "AWS::Pipes::Pipe", + "inputs": { + "description": { + "type": "string", + "description": "A description of the pipe." + }, + "desiredState": { + "$ref": "#/types/aws-native:pipes:PipeRequestedPipeState", + "description": "The state the pipe should be in." + }, + "enrichment": { + "type": "string", + "description": "The ARN of the enrichment resource." + }, + "enrichmentParameters": { + "$ref": "#/types/aws-native:pipes:PipeEnrichmentParameters", + "description": "The parameters required to set up enrichment on your pipe." + }, + "logConfiguration": { + "$ref": "#/types/aws-native:pipes:PipeLogConfiguration", + "description": "The logging configuration settings for the pipe." + }, + "name": { + "type": "string", + "description": "The name of the pipe." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that allows the pipe to send data to the target." + }, + "source": { + "type": "string", + "description": "The ARN of the source resource." + }, + "sourceParameters": { + "$ref": "#/types/aws-native:pipes:PipeSourceParameters", + "description": "The parameters required to set up a source for your pipe." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The list of key-value pairs to associate with the pipe." + }, + "target": { + "type": "string", + "description": "The ARN of the target resource." + }, + "targetParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetParameters", + "description": "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic path parameters, see [Target parameters](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) in the *Amazon EventBridge User Guide* ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the pipe." + }, + "creationTime": { + "type": "string", + "description": "The time the pipe was created." + }, + "currentState": { + "$ref": "#/types/aws-native:pipes:PipeState", + "description": "The state the pipe is in." + }, + "description": { + "type": "string", + "description": "A description of the pipe." + }, + "desiredState": { + "$ref": "#/types/aws-native:pipes:PipeRequestedPipeState", + "description": "The state the pipe should be in." + }, + "enrichment": { + "type": "string", + "description": "The ARN of the enrichment resource." + }, + "enrichmentParameters": { + "$ref": "#/types/aws-native:pipes:PipeEnrichmentParameters", + "description": "The parameters required to set up enrichment on your pipe." + }, + "lastModifiedTime": { + "type": "string", + "description": "When the pipe was last updated, in [ISO-8601 format](https://docs.aws.amazon.com/https://www.w3.org/TR/NOTE-datetime) (YYYY-MM-DDThh:mm:ss.sTZD)." + }, + "logConfiguration": { + "$ref": "#/types/aws-native:pipes:PipeLogConfiguration", + "description": "The logging configuration settings for the pipe." + }, + "name": { + "type": "string", + "description": "The name of the pipe.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that allows the pipe to send data to the target." + }, + "source": { + "type": "string", + "description": "The ARN of the source resource.", + "replaceOnChanges": true + }, + "sourceParameters": { + "$ref": "#/types/aws-native:pipes:PipeSourceParameters", + "description": "The parameters required to set up a source for your pipe." + }, + "stateReason": { + "type": "string", + "description": "The reason the pipe is in its current state." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The list of key-value pairs to associate with the pipe." + }, + "target": { + "type": "string", + "description": "The ARN of the target resource." + }, + "targetParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetParameters", + "description": "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic path parameters, see [Target parameters](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) in the *Amazon EventBridge User Guide* ." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "roleArn", + "source", + "target" + ], + "createOnly": [ + "name", + "source", + "sourceParameters/ActiveMqBrokerParameters/QueueName", + "sourceParameters/DynamoDbStreamParameters/StartingPosition", + "sourceParameters/KinesisStreamParameters/StartingPosition", + "sourceParameters/KinesisStreamParameters/StartingPositionTimestamp", + "sourceParameters/ManagedStreamingKafkaParameters/ConsumerGroupId", + "sourceParameters/ManagedStreamingKafkaParameters/StartingPosition", + "sourceParameters/ManagedStreamingKafkaParameters/TopicName", + "sourceParameters/RabbitMqBrokerParameters/QueueName", + "sourceParameters/RabbitMqBrokerParameters/VirtualHost", + "sourceParameters/SelfManagedApacheKafkaParameters/AdditionalBootstrapServers", + "sourceParameters/SelfManagedApacheKafkaParameters/ConsumerGroupId", + "sourceParameters/SelfManagedApacheKafkaParameters/StartingPosition", + "sourceParameters/SelfManagedApacheKafkaParameters/TopicName" + ], + "writeOnly": [ + "sourceParameters", + "targetParameters" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:proton:EnvironmentAccountConnection": { + "cf": "AWS::Proton::EnvironmentAccountConnection", + "inputs": { + "codebuildRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account." + }, + "componentRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account." + }, + "environmentAccountId": { + "type": "string", + "description": "The environment account that's connected to the environment account connection." + }, + "environmentName": { + "type": "string", + "description": "The name of the AWS Proton environment that's created in the associated management account." + }, + "managementAccountId": { + "type": "string", + "description": "The ID of the management account that accepts or rejects the environment account connection. You create an manage the AWS Proton environment in this account. If the management account accepts the environment account connection, AWS Proton can use the associated IAM role to provision environment infrastructure resources in the associated environment account." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM service role that's created in the environment account. AWS Proton uses this role to provision infrastructure resources in the associated environment account." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "\u003cp\u003eAn optional list of metadata items that you can associate with the Proton environment account connection. A tag is a key-value pair.\u003c/p\u003e\n \u003cp\u003eFor more information, see \u003ca href=\"https://docs.aws.amazon.com/proton/latest/userguide/resources.html\"\u003eProton resources and tagging\u003c/a\u003e in the\n \u003ci\u003eProton User Guide\u003c/i\u003e.\u003c/p\u003e" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the environment account connection." + }, + "awsId": { + "type": "string", + "description": "The ID of the environment account connection." + }, + "codebuildRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account." + }, + "componentRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account." + }, + "environmentAccountId": { + "type": "string", + "description": "The environment account that's connected to the environment account connection." + }, + "environmentName": { + "type": "string", + "description": "The name of the AWS Proton environment that's created in the associated management account." + }, + "managementAccountId": { + "type": "string", + "description": "The ID of the management account that accepts or rejects the environment account connection. You create an manage the AWS Proton environment in this account. If the management account accepts the environment account connection, AWS Proton can use the associated IAM role to provision environment infrastructure resources in the associated environment account." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM service role that's created in the environment account. AWS Proton uses this role to provision infrastructure resources in the associated environment account." + }, + "status": { + "$ref": "#/types/aws-native:proton:EnvironmentAccountConnectionStatus", + "description": "The status of the environment account connection." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "\u003cp\u003eAn optional list of metadata items that you can associate with the Proton environment account connection. A tag is a key-value pair.\u003c/p\u003e\n \u003cp\u003eFor more information, see \u003ca href=\"https://docs.aws.amazon.com/proton/latest/userguide/resources.html\"\u003eProton resources and tagging\u003c/a\u003e in the\n \u003ci\u003eProton User Guide\u003c/i\u003e.\u003c/p\u003e" + } + }, + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:proton:EnvironmentTemplate": { + "cf": "AWS::Proton::EnvironmentTemplate", + "inputs": { + "description": { + "type": "string", + "description": "\u003cp\u003eA description of the environment template.\u003c/p\u003e" + }, + "displayName": { + "type": "string", + "description": "\u003cp\u003eThe environment template name as displayed in the developer interface.\u003c/p\u003e" + }, + "encryptionKey": { + "type": "string", + "description": "\u003cp\u003eA customer provided encryption key that Proton uses to encrypt data.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "The name of the environment template." + }, + "provisioning": { + "$ref": "#/types/aws-native:proton:EnvironmentTemplateProvisioning", + "description": "When included, indicates that the environment template is for customer provisioned and managed infrastructure." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "\u003cp\u003eAn optional list of metadata items that you can associate with the Proton environment template. A tag is a key-value pair.\u003c/p\u003e\n \u003cp\u003eFor more information, see \u003ca href=\"https://docs.aws.amazon.com/proton/latest/userguide/resources.html\"\u003eProton resources and tagging\u003c/a\u003e in the\n \u003ci\u003eProton User Guide\u003c/i\u003e.\u003c/p\u003e" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the environment template.\u003c/p\u003e" + }, + "description": { + "type": "string", + "description": "\u003cp\u003eA description of the environment template.\u003c/p\u003e" + }, + "displayName": { + "type": "string", + "description": "\u003cp\u003eThe environment template name as displayed in the developer interface.\u003c/p\u003e" + }, + "encryptionKey": { + "type": "string", + "description": "\u003cp\u003eA customer provided encryption key that Proton uses to encrypt data.\u003c/p\u003e", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the environment template.", + "replaceOnChanges": true + }, + "provisioning": { + "$ref": "#/types/aws-native:proton:EnvironmentTemplateProvisioning", + "description": "When included, indicates that the environment template is for customer provisioned and managed infrastructure.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "\u003cp\u003eAn optional list of metadata items that you can associate with the Proton environment template. A tag is a key-value pair.\u003c/p\u003e\n \u003cp\u003eFor more information, see \u003ca href=\"https://docs.aws.amazon.com/proton/latest/userguide/resources.html\"\u003eProton resources and tagging\u003c/a\u003e in the\n \u003ci\u003eProton User Guide\u003c/i\u003e.\u003c/p\u003e" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 100 + }, + "createOnly": [ + "encryptionKey", + "name", + "provisioning" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:proton:ServiceTemplate": { + "cf": "AWS::Proton::ServiceTemplate", + "inputs": { + "description": { + "type": "string", + "description": "\u003cp\u003eA description of the service template.\u003c/p\u003e" + }, + "displayName": { + "type": "string", + "description": "\u003cp\u003eThe name of the service template as displayed in the developer interface.\u003c/p\u003e" + }, + "encryptionKey": { + "type": "string", + "description": "\u003cp\u003eA customer provided encryption key that's used to encrypt data.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "The name of the service template." + }, + "pipelineProvisioning": { + "$ref": "#/types/aws-native:proton:ServiceTemplateProvisioning", + "description": "If `pipelineProvisioning` is `true` , a service pipeline is included in the service template. Otherwise, a service pipeline *isn't* included in the service template." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "\u003cp\u003eAn optional list of metadata items that you can associate with the Proton service template. A tag is a key-value pair.\u003c/p\u003e\n \u003cp\u003eFor more information, see \u003ca href=\"https://docs.aws.amazon.com/proton/latest/userguide/resources.html\"\u003eProton resources and tagging\u003c/a\u003e in the\n \u003ci\u003eProton User Guide\u003c/i\u003e.\u003c/p\u003e" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the service template.\u003c/p\u003e" + }, + "description": { + "type": "string", + "description": "\u003cp\u003eA description of the service template.\u003c/p\u003e" + }, + "displayName": { + "type": "string", + "description": "\u003cp\u003eThe name of the service template as displayed in the developer interface.\u003c/p\u003e" + }, + "encryptionKey": { + "type": "string", + "description": "\u003cp\u003eA customer provided encryption key that's used to encrypt data.\u003c/p\u003e", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the service template.", + "replaceOnChanges": true + }, + "pipelineProvisioning": { + "$ref": "#/types/aws-native:proton:ServiceTemplateProvisioning", + "description": "If `pipelineProvisioning` is `true` , a service pipeline is included in the service template. Otherwise, a service pipeline *isn't* included in the service template.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "\u003cp\u003eAn optional list of metadata items that you can associate with the Proton service template. A tag is a key-value pair.\u003c/p\u003e\n \u003cp\u003eFor more information, see \u003ca href=\"https://docs.aws.amazon.com/proton/latest/userguide/resources.html\"\u003eProton resources and tagging\u003c/a\u003e in the\n \u003ci\u003eProton User Guide\u003c/i\u003e.\u003c/p\u003e" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 100 + }, + "createOnly": [ + "encryptionKey", + "name", + "pipelineProvisioning" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:qbusiness:Application": { + "cf": "AWS::QBusiness::Application", + "inputs": { + "attachmentsConfiguration": { + "$ref": "#/types/aws-native:qbusiness:ApplicationAttachmentsConfiguration", + "description": "Configuration information for the file upload during chat feature." + }, + "description": { + "type": "string", + "description": "A description for the Amazon Q Business application." + }, + "displayName": { + "type": "string", + "description": "The name of the Amazon Q Business application." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:qbusiness:ApplicationEncryptionConfiguration", + "description": "Provides the identifier of the AWS KMS key used to encrypt data indexed by Amazon Q Business. Amazon Q Business doesn't support asymmetric keys." + }, + "identityCenterInstanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM Identity Center instance you are either creating for—or connecting to—your Amazon Q Business application.\n\n*Required* : `Yes`" + }, + "qAppsConfiguration": { + "$ref": "#/types/aws-native:qbusiness:ApplicationQAppsConfiguration", + "description": "Configuration information about Amazon Q Apps. (preview feature)" + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role with permissions to access your Amazon CloudWatch logs and metrics." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize your Amazon Q Business application. You can also use tags to help control access to the application. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + } + }, + "outputs": { + "applicationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon Q Business application." + }, + "applicationId": { + "type": "string", + "description": "The identifier for the Amazon Q Business application." + }, + "attachmentsConfiguration": { + "$ref": "#/types/aws-native:qbusiness:ApplicationAttachmentsConfiguration", + "description": "Configuration information for the file upload during chat feature." + }, + "createdAt": { + "type": "string", + "description": "The Unix timestamp when the Amazon Q Business application was created." + }, + "description": { + "type": "string", + "description": "A description for the Amazon Q Business application." + }, + "displayName": { + "type": "string", + "description": "The name of the Amazon Q Business application." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:qbusiness:ApplicationEncryptionConfiguration", + "description": "Provides the identifier of the AWS KMS key used to encrypt data indexed by Amazon Q Business. Amazon Q Business doesn't support asymmetric keys.", + "replaceOnChanges": true + }, + "identityCenterApplicationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS IAM Identity Center instance attached to your Amazon Q Business application." + }, + "identityCenterInstanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM Identity Center instance you are either creating for—or connecting to—your Amazon Q Business application.\n\n*Required* : `Yes`" + }, + "qAppsConfiguration": { + "$ref": "#/types/aws-native:qbusiness:ApplicationQAppsConfiguration", + "description": "Configuration information about Amazon Q Apps. (preview feature)" + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role with permissions to access your Amazon CloudWatch logs and metrics." + }, + "status": { + "$ref": "#/types/aws-native:qbusiness:ApplicationStatus", + "description": "The status of the Amazon Q Business application. The application is ready to use when the status is `ACTIVE` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize your Amazon Q Business application. You can also use tags to help control access to the application. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + }, + "updatedAt": { + "type": "string", + "description": "The Unix timestamp when the Amazon Q Business application was last updated." + } + }, + "required": [ + "displayName" + ], + "createOnly": [ + "encryptionConfiguration" + ], + "writeOnly": [ + "identityCenterInstanceArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:qbusiness:DataSource": { + "cf": "AWS::QBusiness::DataSource", + "inputs": { + "applicationId": { + "type": "string", + "description": "The identifier of the Amazon Q Business application the data source will be attached to." + }, + "configuration": { + "$ref": "pulumi.json#/Any", + "description": "Configuration information to connect your data source repository to Amazon Q Business. Use this parameter to provide a JSON schema with configuration information specific to your data source connector.\n\nEach data source has a JSON schema provided by Amazon Q Business that you must use. For example, the Amazon S3 and Web Crawler connectors require the following JSON schemas:\n\n- [Amazon S3 JSON schema](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/s3-api.html)\n- [Web Crawler JSON schema](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/web-crawler-api.html)\n\nYou can find configuration templates for your specific data source using the following steps:\n\n- Navigate to the [Supported connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connectors-list.html) page in the Amazon Q Business User Guide, and select the data source of your choice.\n- Then, from your specific data source connector page, select *Using the API* . You will find the JSON schema for your data source, including parameter descriptions, in this section.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::QBusiness::DataSource` for more information about the expected schema for this property." + }, + "description": { + "type": "string", + "description": "A description for the data source connector." + }, + "displayName": { + "type": "string", + "description": "The name of the Amazon Q Business data source." + }, + "documentEnrichmentConfiguration": { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentEnrichmentConfiguration", + "description": "Provides the configuration information for altering document metadata and content during the document ingestion process.\n\nFor more information, see [Custom document enrichment](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/custom-document-enrichment.html) ." + }, + "indexId": { + "type": "string", + "description": "The identifier of the index the data source is attached to." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role with permission to access the data source and required resources." + }, + "syncSchedule": { + "type": "string", + "description": "Sets the frequency for Amazon Q Business to check the documents in your data source repository and update your index. If you don't set a schedule, Amazon Q Business won't periodically update the index.\n\nSpecify a `cron-` format schedule string or an empty string to indicate that the index is updated on demand. You can't specify the `Schedule` parameter when the `Type` parameter is set to `CUSTOM` . If you do, you receive a `ValidationException` exception." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:qbusiness:DataSourceVpcConfiguration", + "description": "Configuration information for an Amazon VPC (Virtual Private Cloud) to connect to your data source. For more information, see [Using Amazon VPC with Amazon Q Business connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connector-vpc.html) ." + } + }, + "outputs": { + "applicationId": { + "type": "string", + "description": "The identifier of the Amazon Q Business application the data source will be attached to.", + "replaceOnChanges": true + }, + "configuration": { + "$ref": "pulumi.json#/Any", + "description": "Configuration information to connect your data source repository to Amazon Q Business. Use this parameter to provide a JSON schema with configuration information specific to your data source connector.\n\nEach data source has a JSON schema provided by Amazon Q Business that you must use. For example, the Amazon S3 and Web Crawler connectors require the following JSON schemas:\n\n- [Amazon S3 JSON schema](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/s3-api.html)\n- [Web Crawler JSON schema](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/web-crawler-api.html)\n\nYou can find configuration templates for your specific data source using the following steps:\n\n- Navigate to the [Supported connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connectors-list.html) page in the Amazon Q Business User Guide, and select the data source of your choice.\n- Then, from your specific data source connector page, select *Using the API* . You will find the JSON schema for your data source, including parameter descriptions, in this section.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::QBusiness::DataSource` for more information about the expected schema for this property." + }, + "createdAt": { + "type": "string", + "description": "The Unix timestamp when the Amazon Q Business data source was created." + }, + "dataSourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of a data source in an Amazon Q Business application." + }, + "dataSourceId": { + "type": "string", + "description": "The identifier of the Amazon Q Business data source." + }, + "description": { + "type": "string", + "description": "A description for the data source connector." + }, + "displayName": { + "type": "string", + "description": "The name of the Amazon Q Business data source." + }, + "documentEnrichmentConfiguration": { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentEnrichmentConfiguration", + "description": "Provides the configuration information for altering document metadata and content during the document ingestion process.\n\nFor more information, see [Custom document enrichment](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/custom-document-enrichment.html) ." + }, + "indexId": { + "type": "string", + "description": "The identifier of the index the data source is attached to.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role with permission to access the data source and required resources." + }, + "status": { + "$ref": "#/types/aws-native:qbusiness:DataSourceStatus", + "description": "The status of the Amazon Q Business data source." + }, + "syncSchedule": { + "type": "string", + "description": "Sets the frequency for Amazon Q Business to check the documents in your data source repository and update your index. If you don't set a schedule, Amazon Q Business won't periodically update the index.\n\nSpecify a `cron-` format schedule string or an empty string to indicate that the index is updated on demand. You can't specify the `Schedule` parameter when the `Type` parameter is set to `CUSTOM` . If you do, you receive a `ValidationException` exception." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + }, + "type": { + "type": "string", + "description": "The type of the Amazon Q Business data source." + }, + "updatedAt": { + "type": "string", + "description": "The Unix timestamp when the Amazon Q Business data source was last updated." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:qbusiness:DataSourceVpcConfiguration", + "description": "Configuration information for an Amazon VPC (Virtual Private Cloud) to connect to your data source. For more information, see [Using Amazon VPC with Amazon Q Business connectors](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/connector-vpc.html) ." + } + }, + "required": [ + "applicationId", + "configuration", + "displayName", + "indexId" + ], + "createOnly": [ + "applicationId", + "indexId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:qbusiness:Index": { + "cf": "AWS::QBusiness::Index", + "inputs": { + "applicationId": { + "type": "string", + "description": "The identifier of the Amazon Q Business application using the index." + }, + "capacityConfiguration": { + "$ref": "#/types/aws-native:qbusiness:IndexCapacityConfiguration", + "description": "The capacity units you want to provision for your index. You can add and remove capacity to fit your usage needs." + }, + "description": { + "type": "string", + "description": "A description for the Amazon Q Business index." + }, + "displayName": { + "type": "string", + "description": "The name of the index." + }, + "documentAttributeConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:qbusiness:IndexDocumentAttributeConfiguration" + }, + "description": "Configuration information for document attributes. Document attributes are metadata or fields associated with your documents. For example, the company department name associated with each document.\n\nFor more information, see [Understanding document attributes](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/doc-attributes.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize the index. You can also use tags to help control access to the index. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + }, + "type": { + "$ref": "#/types/aws-native:qbusiness:IndexType", + "description": "The index type that's suitable for your needs. For more information on what's included in each type of index, see [Amazon Q Business tiers](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/tiers.html#index-tiers) ." + } + }, + "outputs": { + "applicationId": { + "type": "string", + "description": "The identifier of the Amazon Q Business application using the index.", + "replaceOnChanges": true + }, + "capacityConfiguration": { + "$ref": "#/types/aws-native:qbusiness:IndexCapacityConfiguration", + "description": "The capacity units you want to provision for your index. You can add and remove capacity to fit your usage needs." + }, + "createdAt": { + "type": "string", + "description": "The Unix timestamp when the index was created." + }, + "description": { + "type": "string", + "description": "A description for the Amazon Q Business index." + }, + "displayName": { + "type": "string", + "description": "The name of the index." + }, + "documentAttributeConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:qbusiness:IndexDocumentAttributeConfiguration" + }, + "description": "Configuration information for document attributes. Document attributes are metadata or fields associated with your documents. For example, the company department name associated with each document.\n\nFor more information, see [Understanding document attributes](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/doc-attributes.html) ." + }, + "indexArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an Amazon Q Business index." + }, + "indexId": { + "type": "string", + "description": "The identifier for the index." + }, + "indexStatistics": { + "$ref": "#/types/aws-native:qbusiness:IndexStatistics" + }, + "status": { + "$ref": "#/types/aws-native:qbusiness:IndexStatus", + "description": "The current status of the index. When the status is `ACTIVE` , the index is ready." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize the index. You can also use tags to help control access to the index. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + }, + "type": { + "$ref": "#/types/aws-native:qbusiness:IndexType", + "description": "The index type that's suitable for your needs. For more information on what's included in each type of index, see [Amazon Q Business tiers](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/tiers.html#index-tiers) .", + "replaceOnChanges": true + }, + "updatedAt": { + "type": "string", + "description": "The Unix timestamp when the index was last updated." + } + }, + "required": [ + "applicationId", + "displayName" + ], + "createOnly": [ + "applicationId", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:qbusiness:Plugin": { + "cf": "AWS::QBusiness::Plugin", + "inputs": { + "applicationId": { + "type": "string", + "description": "The identifier of the application that will contain the plugin." + }, + "authConfiguration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:qbusiness:PluginAuthConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:PluginAuthConfiguration1Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:PluginAuthConfiguration2Properties" + } + ], + "description": "Authentication configuration information for an Amazon Q Business plugin." + }, + "customPluginConfiguration": { + "$ref": "#/types/aws-native:qbusiness:PluginCustomPluginConfiguration", + "description": "Configuration information required to create a custom plugin." + }, + "displayName": { + "type": "string", + "description": "The name of the plugin." + }, + "serverUrl": { + "type": "string", + "description": "The plugin server URL used for configuration." + }, + "state": { + "$ref": "#/types/aws-native:qbusiness:PluginState", + "description": "The current status of the plugin." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + }, + "type": { + "$ref": "#/types/aws-native:qbusiness:PluginType", + "description": "The type of the plugin." + } + }, + "outputs": { + "applicationId": { + "type": "string", + "description": "The identifier of the application that will contain the plugin.", + "replaceOnChanges": true + }, + "authConfiguration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:qbusiness:PluginAuthConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:PluginAuthConfiguration1Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:PluginAuthConfiguration2Properties" + } + ], + "description": "Authentication configuration information for an Amazon Q Business plugin." + }, + "buildStatus": { + "$ref": "#/types/aws-native:qbusiness:PluginBuildStatus", + "description": "The current status of a plugin. A plugin is modified asynchronously." + }, + "createdAt": { + "type": "string", + "description": "The timestamp for when the plugin was created." + }, + "customPluginConfiguration": { + "$ref": "#/types/aws-native:qbusiness:PluginCustomPluginConfiguration", + "description": "Configuration information required to create a custom plugin." + }, + "displayName": { + "type": "string", + "description": "The name of the plugin." + }, + "pluginArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of a plugin." + }, + "pluginId": { + "type": "string", + "description": "The identifier of the plugin." + }, + "serverUrl": { + "type": "string", + "description": "The plugin server URL used for configuration." + }, + "state": { + "$ref": "#/types/aws-native:qbusiness:PluginState", + "description": "The current status of the plugin." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize the data source connector. You can also use tags to help control access to the data source connector. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + }, + "type": { + "$ref": "#/types/aws-native:qbusiness:PluginType", + "description": "The type of the plugin.", + "replaceOnChanges": true + }, + "updatedAt": { + "type": "string", + "description": "The timestamp for when the plugin was last updated." + } + }, + "required": [ + "applicationId", + "authConfiguration", + "displayName", + "type" + ], + "createOnly": [ + "applicationId", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:qbusiness:Retriever": { + "cf": "AWS::QBusiness::Retriever", + "inputs": { + "applicationId": { + "type": "string", + "description": "The identifier of the Amazon Q Business application using the retriever." + }, + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:qbusiness:RetrieverConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:RetrieverConfiguration1Properties" + } + ], + "description": "Provides information on how the retriever used for your Amazon Q Business application is configured." + }, + "displayName": { + "type": "string", + "description": "The name of your retriever." + }, + "roleArn": { + "type": "string", + "description": "The ARN of an IAM role used by Amazon Q Business to access the basic authentication credentials stored in a Secrets Manager secret." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize the retriever. You can also use tags to help control access to the retriever. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + }, + "type": { + "$ref": "#/types/aws-native:qbusiness:RetrieverType", + "description": "The type of your retriever." + } + }, + "outputs": { + "applicationId": { + "type": "string", + "description": "The identifier of the Amazon Q Business application using the retriever.", + "replaceOnChanges": true + }, + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:qbusiness:RetrieverConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:RetrieverConfiguration1Properties" + } + ], + "description": "Provides information on how the retriever used for your Amazon Q Business application is configured." + }, + "createdAt": { + "type": "string", + "description": "The Unix timestamp when the retriever was created." + }, + "displayName": { + "type": "string", + "description": "The name of your retriever." + }, + "retrieverArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role associated with the retriever." + }, + "retrieverId": { + "type": "string", + "description": "The identifier of the retriever used by your Amazon Q Business application." + }, + "roleArn": { + "type": "string", + "description": "The ARN of an IAM role used by Amazon Q Business to access the basic authentication credentials stored in a Secrets Manager secret." + }, + "status": { + "$ref": "#/types/aws-native:qbusiness:RetrieverStatus", + "description": "The status of your retriever." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize the retriever. You can also use tags to help control access to the retriever. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + }, + "type": { + "$ref": "#/types/aws-native:qbusiness:RetrieverType", + "description": "The type of your retriever.", + "replaceOnChanges": true + }, + "updatedAt": { + "type": "string", + "description": "The Unix timestamp when the retriever was last updated." + } + }, + "required": [ + "applicationId", + "configuration", + "displayName", + "type" + ], + "createOnly": [ + "applicationId", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:qbusiness:WebExperience": { + "cf": "AWS::QBusiness::WebExperience", + "inputs": { + "applicationId": { + "type": "string", + "description": "The identifier of the Amazon Q Business web experience." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service role attached to your web experience.\n\n\u003e You must provide this value if you're using IAM Identity Center to manage end user access to your application. If you're using legacy identity management to manage user access, you don't need to provide this value." + }, + "samplePromptsControlMode": { + "$ref": "#/types/aws-native:qbusiness:WebExperienceSamplePromptsControlMode", + "description": "Determines whether sample prompts are enabled in the web experience for an end user." + }, + "subtitle": { + "type": "string", + "description": "A subtitle to personalize your Amazon Q Business web experience." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize your Amazon Q Business web experience. You can also use tags to help control access to the web experience. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + }, + "title": { + "type": "string", + "description": "The title for your Amazon Q Business web experience." + }, + "welcomeMessage": { + "type": "string", + "description": "A message in an Amazon Q Business web experience." + } + }, + "outputs": { + "applicationId": { + "type": "string", + "description": "The identifier of the Amazon Q Business web experience.", + "replaceOnChanges": true + }, + "createdAt": { + "type": "string", + "description": "The Unix timestamp when the Amazon Q Business application was last updated." + }, + "defaultEndpoint": { + "type": "string", + "description": "The endpoint URLs for your Amazon Q Business web experience. The URLs are unique and fully hosted by AWS ." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service role attached to your web experience.\n\n\u003e You must provide this value if you're using IAM Identity Center to manage end user access to your application. If you're using legacy identity management to manage user access, you don't need to provide this value." + }, + "samplePromptsControlMode": { + "$ref": "#/types/aws-native:qbusiness:WebExperienceSamplePromptsControlMode", + "description": "Determines whether sample prompts are enabled in the web experience for an end user." + }, + "status": { + "$ref": "#/types/aws-native:qbusiness:WebExperienceStatus", + "description": "The status of your Amazon Q Business web experience." + }, + "subtitle": { + "type": "string", + "description": "A subtitle to personalize your Amazon Q Business web experience." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs that identify or categorize your Amazon Q Business web experience. You can also use tags to help control access to the web experience. Tag keys and values can consist of Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @." + }, + "title": { + "type": "string", + "description": "The title for your Amazon Q Business web experience." + }, + "updatedAt": { + "type": "string", + "description": "The Unix timestamp when your Amazon Q Business web experience was updated." + }, + "webExperienceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an Amazon Q Business web experience." + }, + "webExperienceId": { + "type": "string", + "description": "The identifier of your Amazon Q Business web experience." + }, + "welcomeMessage": { + "type": "string", + "description": "A message in an Amazon Q Business web experience." + } + }, + "required": [ + "applicationId" + ], + "createOnly": [ + "applicationId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:qldb:Stream": { + "cf": "AWS::QLDB::Stream", + "inputs": { + "exclusiveEndTime": { + "type": "string", + "description": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.\n\nThe `ExclusiveEndTime` must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` ." + }, + "inclusiveStartTime": { + "type": "string", + "description": "The inclusive start date and time from which to start streaming journal data. This parameter must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .\n\nThe `InclusiveStartTime` cannot be in the future and must be before `ExclusiveEndTime` .\n\nIf you provide an `InclusiveStartTime` that is before the ledger's `CreationDateTime` , QLDB effectively defaults it to the ledger's `CreationDateTime` ." + }, + "kinesisConfiguration": { + "$ref": "#/types/aws-native:qldb:StreamKinesisConfiguration", + "description": "The configuration settings of the Kinesis Data Streams destination for your stream request." + }, + "ledgerName": { + "type": "string", + "description": "The name of the ledger." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n\nTo pass a role to QLDB when requesting a journal stream, you must have permissions to perform the `iam:PassRole` action on the IAM role resource. This is required for all journal stream requests." + }, + "streamName": { + "type": "string", + "description": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream.\n\nYour stream name must be unique among other *active* streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the QLDB journal stream. For example: `arn:aws:qldb:us-east-1:123456789012:stream/exampleLedger/IiPT4brpZCqCq3f4MTHbYy` ." + }, + "awsId": { + "type": "string", + "description": "The unique ID that QLDB assigns to each QLDB journal stream. For example: `IiPT4brpZCqCq3f4MTHbYy` ." + }, + "exclusiveEndTime": { + "type": "string", + "description": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.\n\nThe `ExclusiveEndTime` must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .", + "replaceOnChanges": true + }, + "inclusiveStartTime": { + "type": "string", + "description": "The inclusive start date and time from which to start streaming journal data. This parameter must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .\n\nThe `InclusiveStartTime` cannot be in the future and must be before `ExclusiveEndTime` .\n\nIf you provide an `InclusiveStartTime` that is before the ledger's `CreationDateTime` , QLDB effectively defaults it to the ledger's `CreationDateTime` .", + "replaceOnChanges": true + }, + "kinesisConfiguration": { + "$ref": "#/types/aws-native:qldb:StreamKinesisConfiguration", + "description": "The configuration settings of the Kinesis Data Streams destination for your stream request.", + "replaceOnChanges": true + }, + "ledgerName": { + "type": "string", + "description": "The name of the ledger.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n\nTo pass a role to QLDB when requesting a journal stream, you must have permissions to perform the `iam:PassRole` action on the IAM role resource. This is required for all journal stream requests.", + "replaceOnChanges": true + }, + "streamName": { + "type": "string", + "description": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream.\n\nYour stream name must be unique among other *active* streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "streamName" + }, + "required": [ + "inclusiveStartTime", + "kinesisConfiguration", + "ledgerName", + "roleArn" + ], + "createOnly": [ + "exclusiveEndTime", + "inclusiveStartTime", + "kinesisConfiguration", + "ledgerName", + "roleArn", + "streamName" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:quicksight:Analysis": { + "cf": "AWS::QuickSight::Analysis", + "inputs": { + "analysisId": { + "type": "string", + "description": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis." + }, + "awsAccountId": { + "type": "string", + "description": "The ID of the AWS account where you are creating an analysis." + }, + "definition": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefinition" + }, + "errors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisError" + }, + "description": "\u003cp\u003eErrors associated with the analysis.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe descriptive name of the analysis.\u003c/p\u003e" + }, + "parameters": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameters", + "description": "The parameter names and override values that you want to use. An analysis can have any parameter type, and some parameters might accept multiple values." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisResourcePermission" + }, + "description": "A structure that describes the principals and the resource-level permissions on an analysis. You can use the `Permissions` structure to grant permissions by providing a list of AWS Identity and Access Management (IAM) action information for each principal listed by Amazon Resource Name (ARN).\n\nTo specify no permissions, omit `Permissions` ." + }, + "sheets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheet" + }, + "description": "\u003cp\u003eA list of the associated sheets with the unique identifier and name of each sheet.\u003c/p\u003e" + }, + "sourceEntity": { + "$ref": "#/types/aws-native:quicksight:AnalysisSourceEntity", + "description": "A source entity to use for the analysis that you're creating. This metadata structure contains details that describe a source template and one or more datasets.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:AnalysisResourceStatus", + "description": "Status associated with the analysis." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Contains a map of the key-value pairs for the resource tag or tags assigned to the analysis." + }, + "themeArn": { + "type": "string", + "description": "\u003cp\u003eThe ARN of the theme of the analysis.\u003c/p\u003e" + }, + "validationStrategy": { + "$ref": "#/types/aws-native:quicksight:AnalysisValidationStrategy", + "description": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors." + } + }, + "outputs": { + "analysisId": { + "type": "string", + "description": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the analysis.\u003c/p\u003e" + }, + "awsAccountId": { + "type": "string", + "description": "The ID of the AWS account where you are creating an analysis.", + "replaceOnChanges": true + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe time that the analysis was created.\u003c/p\u003e" + }, + "dataSetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe ARNs of the datasets of the analysis.\u003c/p\u003e" + }, + "definition": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefinition" + }, + "errors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisError" + }, + "description": "\u003cp\u003eErrors associated with the analysis.\u003c/p\u003e" + }, + "lastUpdatedTime": { + "type": "string", + "description": "\u003cp\u003eThe time that the analysis was last updated.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe descriptive name of the analysis.\u003c/p\u003e" + }, + "parameters": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameters", + "description": "The parameter names and override values that you want to use. An analysis can have any parameter type, and some parameters might accept multiple values." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisResourcePermission" + }, + "description": "A structure that describes the principals and the resource-level permissions on an analysis. You can use the `Permissions` structure to grant permissions by providing a list of AWS Identity and Access Management (IAM) action information for each principal listed by Amazon Resource Name (ARN).\n\nTo specify no permissions, omit `Permissions` ." + }, + "sheets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheet" + }, + "description": "\u003cp\u003eA list of the associated sheets with the unique identifier and name of each sheet.\u003c/p\u003e" + }, + "sourceEntity": { + "$ref": "#/types/aws-native:quicksight:AnalysisSourceEntity", + "description": "A source entity to use for the analysis that you're creating. This metadata structure contains details that describe a source template and one or more datasets.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:AnalysisResourceStatus", + "description": "Status associated with the analysis." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Contains a map of the key-value pairs for the resource tag or tags assigned to the analysis." + }, + "themeArn": { + "type": "string", + "description": "\u003cp\u003eThe ARN of the theme of the analysis.\u003c/p\u003e" + }, + "validationStrategy": { + "$ref": "#/types/aws-native:quicksight:AnalysisValidationStrategy", + "description": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 2048 + }, + "required": [ + "analysisId", + "awsAccountId" + ], + "createOnly": [ + "analysisId", + "awsAccountId" + ], + "writeOnly": [ + "definition", + "parameters", + "sourceEntity", + "status", + "validationStrategy" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:quicksight:Dashboard": { + "cf": "AWS::QuickSight::Dashboard", + "inputs": { + "awsAccountId": { + "type": "string", + "description": "The ID of the AWS account where you want to create the dashboard." + }, + "dashboardId": { + "type": "string", + "description": "The ID for the dashboard, also added to the IAM policy." + }, + "dashboardPublishOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardPublishOptions", + "description": "Options for publishing the dashboard when you create it:\n\n- `AvailabilityStatus` for `AdHocFilteringOption` - This status can be either `ENABLED` or `DISABLED` . When this is set to `DISABLED` , Amazon QuickSight disables the left filter pane on the published dashboard, which can be used for ad hoc (one-time) filtering. This option is `ENABLED` by default.\n- `AvailabilityStatus` for `ExportToCSVOption` - This status can be either `ENABLED` or `DISABLED` . The visual option to export data to .CSV format isn't enabled when this is set to `DISABLED` . This option is `ENABLED` by default.\n- `VisibilityState` for `SheetControlsOption` - This visibility state can be either `COLLAPSED` or `EXPANDED` . This option is `COLLAPSED` by default." + }, + "definition": { + "$ref": "#/types/aws-native:quicksight:DashboardVersionDefinition" + }, + "linkEntities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of analysis Amazon Resource Names (ARNs) to be linked to the dashboard." + }, + "linkSharingConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardLinkSharingConfiguration", + "description": "A structure that contains the link sharing configurations that you want to apply overrides to." + }, + "name": { + "type": "string", + "description": "The display name of the dashboard." + }, + "parameters": { + "$ref": "#/types/aws-native:quicksight:DashboardParameters", + "description": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardResourcePermission" + }, + "description": "A structure that contains the permissions of the dashboard. You can use this structure for granting permissions by providing a list of IAM action information for each principal ARN.\n\nTo specify no permissions, omit the permissions list." + }, + "sourceEntity": { + "$ref": "#/types/aws-native:quicksight:DashboardSourceEntity", + "description": "The entity that you are using as a source when you create the dashboard. In `SourceEntity` , you specify the type of object that you want to use. You can only create a dashboard from a template, so you use a `SourceTemplate` entity. If you need to create a dashboard from an analysis, first convert the analysis to a template by using the `CreateTemplate` API operation. For `SourceTemplate` , specify the Amazon Resource Name (ARN) of the source template. The `SourceTemplate` ARN can contain any AWS account; and any QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dashboard." + }, + "themeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. If you add a value for this field, it overrides the value that is used in the source entity. The theme ARN must exist in the same AWS account where you create the dashboard." + }, + "validationStrategy": { + "$ref": "#/types/aws-native:quicksight:DashboardValidationStrategy", + "description": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors." + }, + "versionDescription": { + "type": "string", + "description": "A description for the first version of the dashboard being created." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the resource.\u003c/p\u003e" + }, + "awsAccountId": { + "type": "string", + "description": "The ID of the AWS account where you want to create the dashboard.", + "replaceOnChanges": true + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe time that this dashboard was created.\u003c/p\u003e" + }, + "dashboardId": { + "type": "string", + "description": "The ID for the dashboard, also added to the IAM policy.", + "replaceOnChanges": true + }, + "dashboardPublishOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardPublishOptions", + "description": "Options for publishing the dashboard when you create it:\n\n- `AvailabilityStatus` for `AdHocFilteringOption` - This status can be either `ENABLED` or `DISABLED` . When this is set to `DISABLED` , Amazon QuickSight disables the left filter pane on the published dashboard, which can be used for ad hoc (one-time) filtering. This option is `ENABLED` by default.\n- `AvailabilityStatus` for `ExportToCSVOption` - This status can be either `ENABLED` or `DISABLED` . The visual option to export data to .CSV format isn't enabled when this is set to `DISABLED` . This option is `ENABLED` by default.\n- `VisibilityState` for `SheetControlsOption` - This visibility state can be either `COLLAPSED` or `EXPANDED` . This option is `COLLAPSED` by default." + }, + "definition": { + "$ref": "#/types/aws-native:quicksight:DashboardVersionDefinition" + }, + "lastPublishedTime": { + "type": "string", + "description": "\u003cp\u003eThe last time that this dashboard was published.\u003c/p\u003e" + }, + "lastUpdatedTime": { + "type": "string", + "description": "\u003cp\u003eThe last time that this dashboard was updated.\u003c/p\u003e" + }, + "linkEntities": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of analysis Amazon Resource Names (ARNs) to be linked to the dashboard." + }, + "linkSharingConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardLinkSharingConfiguration", + "description": "A structure that contains the link sharing configurations that you want to apply overrides to." + }, + "name": { + "type": "string", + "description": "The display name of the dashboard." + }, + "parameters": { + "$ref": "#/types/aws-native:quicksight:DashboardParameters", + "description": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardResourcePermission" + }, + "description": "A structure that contains the permissions of the dashboard. You can use this structure for granting permissions by providing a list of IAM action information for each principal ARN.\n\nTo specify no permissions, omit the permissions list." + }, + "sourceEntity": { + "$ref": "#/types/aws-native:quicksight:DashboardSourceEntity", + "description": "The entity that you are using as a source when you create the dashboard. In `SourceEntity` , you specify the type of object that you want to use. You can only create a dashboard from a template, so you use a `SourceTemplate` entity. If you need to create a dashboard from an analysis, first convert the analysis to a template by using the `CreateTemplate` API operation. For `SourceTemplate` , specify the Amazon Resource Name (ARN) of the source template. The `SourceTemplate` ARN can contain any AWS account; and any QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dashboard." + }, + "themeArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. If you add a value for this field, it overrides the value that is used in the source entity. The theme ARN must exist in the same AWS account where you create the dashboard." + }, + "validationStrategy": { + "$ref": "#/types/aws-native:quicksight:DashboardValidationStrategy", + "description": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors." + }, + "version": { + "$ref": "#/types/aws-native:quicksight:DashboardVersion" + }, + "versionDescription": { + "type": "string", + "description": "A description for the first version of the dashboard being created." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 2048 + }, + "required": [ + "awsAccountId", + "dashboardId" + ], + "createOnly": [ + "awsAccountId", + "dashboardId" + ], + "writeOnly": [ + "dashboardPublishOptions", + "definition", + "linkSharingConfiguration", + "parameters", + "sourceEntity", + "themeArn", + "validationStrategy", + "versionDescription" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:quicksight:DataSet": { + "cf": "AWS::QuickSight::DataSet", + "inputs": { + "awsAccountId": { + "type": "string", + "description": "The AWS account ID." + }, + "columnGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnGroup" + }, + "description": "\u003cp\u003eGroupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported.\u003c/p\u003e" + }, + "columnLevelPermissionRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnLevelPermissionRule" + }, + "description": "\u003cp\u003eA set of one or more definitions of a \u003ccode\u003e\n \u003ca href=\"https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ColumnLevelPermissionRule.html\"\u003eColumnLevelPermissionRule\u003c/a\u003e\n \u003c/code\u003e.\u003c/p\u003e" + }, + "dataSetId": { + "type": "string", + "description": "An ID for the dataset that you want to create. This ID is unique per AWS Region for each AWS account." + }, + "dataSetRefreshProperties": { + "$ref": "#/types/aws-native:quicksight:DataSetRefreshProperties", + "description": "The refresh properties of a dataset." + }, + "dataSetUsageConfiguration": { + "$ref": "#/types/aws-native:quicksight:DataSetUsageConfiguration", + "description": "The usage configuration to apply to child datasets that reference this dataset as a source." + }, + "datasetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetDatasetParameter" + }, + "description": "\u003cp\u003eThe parameter declarations of the dataset.\u003c/p\u003e" + }, + "fieldFolders": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:quicksight:DataSetFieldFolder" + }, + "description": "The folder that contains fields and nested subfolders for your dataset." + }, + "importMode": { + "$ref": "#/types/aws-native:quicksight:DataSetImportMode", + "description": "Indicates whether you want to import the data into SPICE." + }, + "ingestionWaitPolicy": { + "$ref": "#/types/aws-native:quicksight:DataSetIngestionWaitPolicy", + "description": "The wait policy to use when creating or updating a Dataset. The default is to wait for SPICE ingestion to finish with timeout of 36 hours." + }, + "logicalTableMap": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:quicksight:DataSetLogicalTable" + }, + "description": "Configures the combination and transformation of the data from the physical tables." + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe display name for the dataset.\u003c/p\u003e" + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetResourcePermission" + }, + "description": "\u003cp\u003eA list of resource permissions on the dataset.\u003c/p\u003e" + }, + "physicalTableMap": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:quicksight:DataSetPhysicalTable" + }, + "description": "Declares the physical tables that are available in the underlying data sources." + }, + "rowLevelPermissionDataSet": { + "$ref": "#/types/aws-native:quicksight:DataSetRowLevelPermissionDataSet", + "description": "The row-level security configuration for the data that you want to create." + }, + "rowLevelPermissionTagConfiguration": { + "$ref": "#/types/aws-native:quicksight:DataSetRowLevelPermissionTagConfiguration", + "description": "The element you can use to define tags for row-level security." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "\u003cp\u003eContains a map of the key-value pairs for the resource tag or tags assigned to the dataset.\u003c/p\u003e" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the resource.\u003c/p\u003e" + }, + "awsAccountId": { + "type": "string", + "description": "The AWS account ID.", + "replaceOnChanges": true + }, + "columnGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnGroup" + }, + "description": "\u003cp\u003eGroupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported.\u003c/p\u003e" + }, + "columnLevelPermissionRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnLevelPermissionRule" + }, + "description": "\u003cp\u003eA set of one or more definitions of a \u003ccode\u003e\n \u003ca href=\"https://docs.aws.amazon.com/quicksight/latest/APIReference/API_ColumnLevelPermissionRule.html\"\u003eColumnLevelPermissionRule\u003c/a\u003e\n \u003c/code\u003e.\u003c/p\u003e" + }, + "consumedSpiceCapacityInBytes": { + "type": "number", + "description": "\u003cp\u003eThe amount of SPICE capacity used by this dataset. This is 0 if the dataset isn't\n imported into SPICE.\u003c/p\u003e" + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe time that this dataset was created.\u003c/p\u003e" + }, + "dataSetId": { + "type": "string", + "description": "An ID for the dataset that you want to create. This ID is unique per AWS Region for each AWS account.", + "replaceOnChanges": true + }, + "dataSetRefreshProperties": { + "$ref": "#/types/aws-native:quicksight:DataSetRefreshProperties", + "description": "The refresh properties of a dataset." + }, + "dataSetUsageConfiguration": { + "$ref": "#/types/aws-native:quicksight:DataSetUsageConfiguration", + "description": "The usage configuration to apply to child datasets that reference this dataset as a source." + }, + "datasetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetDatasetParameter" + }, + "description": "\u003cp\u003eThe parameter declarations of the dataset.\u003c/p\u003e" + }, + "fieldFolders": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:quicksight:DataSetFieldFolder" + }, + "description": "The folder that contains fields and nested subfolders for your dataset." + }, + "importMode": { + "$ref": "#/types/aws-native:quicksight:DataSetImportMode", + "description": "Indicates whether you want to import the data into SPICE." + }, + "ingestionWaitPolicy": { + "$ref": "#/types/aws-native:quicksight:DataSetIngestionWaitPolicy", + "description": "The wait policy to use when creating or updating a Dataset. The default is to wait for SPICE ingestion to finish with timeout of 36 hours." + }, + "lastUpdatedTime": { + "type": "string", + "description": "\u003cp\u003eThe last time that this dataset was updated.\u003c/p\u003e" + }, + "logicalTableMap": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:quicksight:DataSetLogicalTable" + }, + "description": "Configures the combination and transformation of the data from the physical tables." + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe display name for the dataset.\u003c/p\u003e" + }, + "outputColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetOutputColumn" + }, + "description": "\u003cp\u003eThe list of columns after all transforms. These columns are available in templates,\n analyses, and dashboards.\u003c/p\u003e" + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetResourcePermission" + }, + "description": "\u003cp\u003eA list of resource permissions on the dataset.\u003c/p\u003e" + }, + "physicalTableMap": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:quicksight:DataSetPhysicalTable" + }, + "description": "Declares the physical tables that are available in the underlying data sources." + }, + "rowLevelPermissionDataSet": { + "$ref": "#/types/aws-native:quicksight:DataSetRowLevelPermissionDataSet", + "description": "The row-level security configuration for the data that you want to create." + }, + "rowLevelPermissionTagConfiguration": { + "$ref": "#/types/aws-native:quicksight:DataSetRowLevelPermissionTagConfiguration", + "description": "The element you can use to define tags for row-level security." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "\u003cp\u003eContains a map of the key-value pairs for the resource tag or tags assigned to the dataset.\u003c/p\u003e" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "awsAccountId", + "dataSetId" + ], + "writeOnly": [ + "fieldFolders", + "ingestionWaitPolicy" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:quicksight:DataSource": { + "cf": "AWS::QuickSight::DataSource", + "inputs": { + "alternateDataSourceParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSourceParameters" + }, + "description": "\u003cp\u003eA set of alternate data source parameters that you want to share for the credentials\n stored with this data source. The credentials are applied in tandem with the data source\n parameters when you copy a data source by using a create or update request. The API\n operation compares the \u003ccode\u003eDataSourceParameters\u003c/code\u003e structure that's in the request\n with the structures in the \u003ccode\u003eAlternateDataSourceParameters\u003c/code\u003e allow list. If the\n structures are an exact match, the request is allowed to use the credentials from this\n existing data source. If the \u003ccode\u003eAlternateDataSourceParameters\u003c/code\u003e list is null,\n the \u003ccode\u003eCredentials\u003c/code\u003e originally used with this \u003ccode\u003eDataSourceParameters\u003c/code\u003e\n are automatically allowed.\u003c/p\u003e" + }, + "awsAccountId": { + "type": "string", + "description": "The AWS account ID." + }, + "credentials": { + "$ref": "#/types/aws-native:quicksight:DataSourceCredentials", + "description": "The credentials Amazon QuickSight that uses to connect to your underlying source. Currently, only credentials based on user name and password are supported." + }, + "dataSourceId": { + "type": "string", + "description": "An ID for the data source. This ID is unique per AWS Region for each AWS account." + }, + "dataSourceParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceParameters", + "description": "The parameters that Amazon QuickSight uses to connect to your underlying source." + }, + "errorInfo": { + "$ref": "#/types/aws-native:quicksight:DataSourceErrorInfo", + "description": "Error information from the last update or the creation of the data source." + }, + "name": { + "type": "string", + "description": "A display name for the data source." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSourceResourcePermission" + }, + "description": "A list of resource permissions on the data source." + }, + "sslProperties": { + "$ref": "#/types/aws-native:quicksight:DataSourceSslProperties", + "description": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Contains a map of the key-value pairs for the resource tag or tags assigned to the data source." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DataSourceType", + "description": "The type of the data source. To return a list of all data sources, use `ListDataSources` .\n\nUse `AMAZON_ELASTICSEARCH` for Amazon OpenSearch Service." + }, + "vpcConnectionProperties": { + "$ref": "#/types/aws-native:quicksight:DataSourceVpcConnectionProperties", + "description": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source." + } + }, + "outputs": { + "alternateDataSourceParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSourceParameters" + }, + "description": "\u003cp\u003eA set of alternate data source parameters that you want to share for the credentials\n stored with this data source. The credentials are applied in tandem with the data source\n parameters when you copy a data source by using a create or update request. The API\n operation compares the \u003ccode\u003eDataSourceParameters\u003c/code\u003e structure that's in the request\n with the structures in the \u003ccode\u003eAlternateDataSourceParameters\u003c/code\u003e allow list. If the\n structures are an exact match, the request is allowed to use the credentials from this\n existing data source. If the \u003ccode\u003eAlternateDataSourceParameters\u003c/code\u003e list is null,\n the \u003ccode\u003eCredentials\u003c/code\u003e originally used with this \u003ccode\u003eDataSourceParameters\u003c/code\u003e\n are automatically allowed.\u003c/p\u003e" + }, + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the data source.\u003c/p\u003e" + }, + "awsAccountId": { + "type": "string", + "description": "The AWS account ID.", + "replaceOnChanges": true + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe time that this data source was created.\u003c/p\u003e" + }, + "credentials": { + "$ref": "#/types/aws-native:quicksight:DataSourceCredentials", + "description": "The credentials Amazon QuickSight that uses to connect to your underlying source. Currently, only credentials based on user name and password are supported." + }, + "dataSourceId": { + "type": "string", + "description": "An ID for the data source. This ID is unique per AWS Region for each AWS account.", + "replaceOnChanges": true + }, + "dataSourceParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceParameters", + "description": "The parameters that Amazon QuickSight uses to connect to your underlying source." + }, + "errorInfo": { + "$ref": "#/types/aws-native:quicksight:DataSourceErrorInfo", + "description": "Error information from the last update or the creation of the data source." + }, + "lastUpdatedTime": { + "type": "string", + "description": "\u003cp\u003eThe last time that this data source was updated.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "A display name for the data source." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSourceResourcePermission" + }, + "description": "A list of resource permissions on the data source." + }, + "sslProperties": { + "$ref": "#/types/aws-native:quicksight:DataSourceSslProperties", + "description": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:DataSourceResourceStatus", + "description": "The HTTP status of the request." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Contains a map of the key-value pairs for the resource tag or tags assigned to the data source." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DataSourceType", + "description": "The type of the data source. To return a list of all data sources, use `ListDataSources` .\n\nUse `AMAZON_ELASTICSEARCH` for Amazon OpenSearch Service.", + "replaceOnChanges": true + }, + "vpcConnectionProperties": { + "$ref": "#/types/aws-native:quicksight:DataSourceVpcConnectionProperties", + "description": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "type" + ], + "createOnly": [ + "awsAccountId", + "dataSourceId", + "type" + ], + "writeOnly": [ + "credentials" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:quicksight:RefreshSchedule": { + "cf": "AWS::QuickSight::RefreshSchedule", + "inputs": { + "awsAccountId": { + "type": "string", + "description": "The AWS account ID of the account that you are creating a schedule in." + }, + "dataSetId": { + "type": "string", + "description": "The ID of the dataset that you are creating a refresh schedule for." + }, + "schedule": { + "$ref": "#/types/aws-native:quicksight:RefreshScheduleMap", + "description": "The refresh schedule of a dataset." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the data source.\u003c/p\u003e" + }, + "awsAccountId": { + "type": "string", + "description": "The AWS account ID of the account that you are creating a schedule in.", + "replaceOnChanges": true + }, + "dataSetId": { + "type": "string", + "description": "The ID of the dataset that you are creating a refresh schedule for.", + "replaceOnChanges": true + }, + "schedule": { + "$ref": "#/types/aws-native:quicksight:RefreshScheduleMap", + "description": "The refresh schedule of a dataset." + } + }, + "createOnly": [ + "awsAccountId", + "dataSetId", + "schedule/ScheduleId" + ] + }, + "aws-native:quicksight:Template": { + "cf": "AWS::QuickSight::Template", + "inputs": { + "awsAccountId": { + "type": "string", + "description": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account." + }, + "definition": { + "$ref": "#/types/aws-native:quicksight:TemplateVersionDefinition" + }, + "name": { + "type": "string", + "description": "A display name for the template." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateResourcePermission" + }, + "description": "A list of resource permissions to be set on the template." + }, + "sourceEntity": { + "$ref": "#/types/aws-native:quicksight:TemplateSourceEntity", + "description": "The entity that you are using as a source when you create the template. In `SourceEntity` , you specify the type of object you're using as source: `SourceTemplate` for a template or `SourceAnalysis` for an analysis. Both of these require an Amazon Resource Name (ARN). For `SourceTemplate` , specify the ARN of the source template. For `SourceAnalysis` , specify the ARN of the source analysis. The `SourceTemplate` ARN can contain any AWS account and any Amazon QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` or `SourceAnalysis` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Contains a map of the key-value pairs for the resource tag or tags assigned to the resource." + }, + "templateId": { + "type": "string", + "description": "An ID for the template that you want to create. This template is unique per AWS Region ; in each AWS account." + }, + "validationStrategy": { + "$ref": "#/types/aws-native:quicksight:TemplateValidationStrategy", + "description": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors." + }, + "versionDescription": { + "type": "string", + "description": "A description of the current template version being created. This API operation creates the first version of the template. Every time `UpdateTemplate` is called, a new version is created. Each version of the template maintains a description of the version in the `VersionDescription` field." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the template.\u003c/p\u003e" + }, + "awsAccountId": { + "type": "string", + "description": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account.", + "replaceOnChanges": true + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eTime when this was created.\u003c/p\u003e" + }, + "definition": { + "$ref": "#/types/aws-native:quicksight:TemplateVersionDefinition" + }, + "lastUpdatedTime": { + "type": "string", + "description": "\u003cp\u003eTime when this was last updated.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "A display name for the template." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateResourcePermission" + }, + "description": "A list of resource permissions to be set on the template." + }, + "sourceEntity": { + "$ref": "#/types/aws-native:quicksight:TemplateSourceEntity", + "description": "The entity that you are using as a source when you create the template. In `SourceEntity` , you specify the type of object you're using as source: `SourceTemplate` for a template or `SourceAnalysis` for an analysis. Both of these require an Amazon Resource Name (ARN). For `SourceTemplate` , specify the ARN of the source template. For `SourceAnalysis` , specify the ARN of the source analysis. The `SourceTemplate` ARN can contain any AWS account and any Amazon QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` or `SourceAnalysis` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Contains a map of the key-value pairs for the resource tag or tags assigned to the resource." + }, + "templateId": { + "type": "string", + "description": "An ID for the template that you want to create. This template is unique per AWS Region ; in each AWS account.", + "replaceOnChanges": true + }, + "validationStrategy": { + "$ref": "#/types/aws-native:quicksight:TemplateValidationStrategy", + "description": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors." + }, + "version": { + "$ref": "#/types/aws-native:quicksight:TemplateVersion" + }, + "versionDescription": { + "type": "string", + "description": "A description of the current template version being created. This API operation creates the first version of the template. Every time `UpdateTemplate` is called, a new version is created. Each version of the template maintains a description of the version in the `VersionDescription` field." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 2048 + }, + "required": [ + "awsAccountId", + "templateId" + ], + "createOnly": [ + "awsAccountId", + "templateId" + ], + "writeOnly": [ + "definition", + "sourceEntity", + "validationStrategy", + "versionDescription" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:quicksight:Theme": { + "cf": "AWS::QuickSight::Theme", + "inputs": { + "awsAccountId": { + "type": "string", + "description": "The ID of the AWS account where you want to store the new theme." + }, + "baseThemeId": { + "type": "string", + "description": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use `ListThemes` or choose *Themes* from within an analysis." + }, + "configuration": { + "$ref": "#/types/aws-native:quicksight:ThemeConfiguration", + "description": "The theme configuration, which contains the theme display properties." + }, + "name": { + "type": "string", + "description": "A display name for the theme." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:ThemeResourcePermission" + }, + "description": "A valid grouping of resource permissions to apply to the new theme." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A map of the key-value pairs for the resource tag or tags that you want to add to the resource." + }, + "themeId": { + "type": "string", + "description": "An ID for the theme that you want to create. The theme ID is unique per AWS Region in each AWS account." + }, + "versionDescription": { + "type": "string", + "description": "A description of the first version of the theme that you're creating. Every time `UpdateTheme` is called, a new version is created. Each version of the theme has a description of the version in the `VersionDescription` field." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the theme.\u003c/p\u003e" + }, + "awsAccountId": { + "type": "string", + "description": "The ID of the AWS account where you want to store the new theme.", + "replaceOnChanges": true + }, + "baseThemeId": { + "type": "string", + "description": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use `ListThemes` or choose *Themes* from within an analysis." + }, + "configuration": { + "$ref": "#/types/aws-native:quicksight:ThemeConfiguration", + "description": "The theme configuration, which contains the theme display properties." + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe date and time that the theme was created.\u003c/p\u003e" + }, + "lastUpdatedTime": { + "type": "string", + "description": "\u003cp\u003eThe date and time that the theme was last updated.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "A display name for the theme." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:ThemeResourcePermission" + }, + "description": "A valid grouping of resource permissions to apply to the new theme." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A map of the key-value pairs for the resource tag or tags that you want to add to the resource." + }, + "themeId": { + "type": "string", + "description": "An ID for the theme that you want to create. The theme ID is unique per AWS Region in each AWS account.", + "replaceOnChanges": true + }, + "type": { + "$ref": "#/types/aws-native:quicksight:ThemeType", + "description": "Theme type." + }, + "version": { + "$ref": "#/types/aws-native:quicksight:ThemeVersion" + }, + "versionDescription": { + "type": "string", + "description": "A description of the first version of the theme that you're creating. Every time `UpdateTheme` is called, a new version is created. Each version of the theme has a description of the version in the `VersionDescription` field." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 2048 + }, + "required": [ + "awsAccountId", + "baseThemeId", + "configuration", + "themeId" + ], + "createOnly": [ + "awsAccountId", + "themeId" + ], + "writeOnly": [ + "baseThemeId", + "configuration", + "versionDescription" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:quicksight:Topic": { + "cf": "AWS::QuickSight::Topic", + "inputs": { + "awsAccountId": { + "type": "string", + "description": "The ID of the AWS account that you want to create a topic in." + }, + "dataSets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicDatasetMetadata" + }, + "description": "The data sets that the topic is associated with." + }, + "description": { + "type": "string", + "description": "The description of the topic." + }, + "name": { + "type": "string", + "description": "The name of the topic." + }, + "topicId": { + "type": "string", + "description": "The ID for the topic. This ID is unique per AWS Region for each AWS account." + }, + "userExperienceVersion": { + "$ref": "#/types/aws-native:quicksight:TopicUserExperienceVersion", + "description": "The user experience version of the topic." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the topic." + }, + "awsAccountId": { + "type": "string", + "description": "The ID of the AWS account that you want to create a topic in.", + "replaceOnChanges": true + }, + "dataSets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicDatasetMetadata" + }, + "description": "The data sets that the topic is associated with." + }, + "description": { + "type": "string", + "description": "The description of the topic." + }, + "name": { + "type": "string", + "description": "The name of the topic." + }, + "topicId": { + "type": "string", + "description": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", + "replaceOnChanges": true + }, + "userExperienceVersion": { + "$ref": "#/types/aws-native:quicksight:TopicUserExperienceVersion", + "description": "The user experience version of the topic." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "awsAccountId", + "topicId" + ] + }, + "aws-native:quicksight:VpcConnection": { + "cf": "AWS::QuickSight::VPCConnection", + "inputs": { + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:VpcConnectionVpcConnectionAvailabilityStatus", + "description": "The availability status of the VPC connection." + }, + "awsAccountId": { + "type": "string", + "description": "The AWS account ID of the account where you want to create a new VPC connection." + }, + "dnsResolvers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IP addresses of DNS resolver endpoints for the VPC connection." + }, + "name": { + "type": "string", + "description": "The display name for the VPC connection." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role associated with the VPC connection." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon EC2 security group IDs associated with the VPC connection." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of subnet IDs for the VPC connection." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A map of the key-value pairs for the resource tag or tags assigned to the VPC connection." + }, + "vpcConnectionId": { + "type": "string", + "description": "The ID of the VPC connection that you're creating. This ID is a unique identifier for each AWS Region in an AWS account." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the VPC connection.\u003c/p\u003e" + }, + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:VpcConnectionVpcConnectionAvailabilityStatus", + "description": "The availability status of the VPC connection." + }, + "awsAccountId": { + "type": "string", + "description": "The AWS account ID of the account where you want to create a new VPC connection.", + "replaceOnChanges": true + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe time that the VPC connection was created.\u003c/p\u003e" + }, + "dnsResolvers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IP addresses of DNS resolver endpoints for the VPC connection." + }, + "lastUpdatedTime": { + "type": "string", + "description": "\u003cp\u003eThe time that the VPC connection was last updated.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "The display name for the VPC connection." + }, + "networkInterfaces": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:VpcConnectionNetworkInterface" + }, + "description": "\u003cp\u003eA list of network interfaces.\u003c/p\u003e" + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role associated with the VPC connection." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon EC2 security group IDs associated with the VPC connection." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:VpcConnectionVpcConnectionResourceStatus", + "description": "The HTTP status of the request." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of subnet IDs for the VPC connection." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A map of the key-value pairs for the resource tag or tags assigned to the VPC connection." + }, + "vpcConnectionId": { + "type": "string", + "description": "The ID of the VPC connection that you're creating. This ID is a unique identifier for each AWS Region in an AWS account.", + "replaceOnChanges": true + }, + "vpcId": { + "type": "string", + "description": "\u003cp\u003eThe Amazon EC2 VPC ID associated with the VPC connection.\u003c/p\u003e" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "createOnly": [ + "awsAccountId", + "vpcConnectionId" + ], + "writeOnly": [ + "subnetIds" + ], + "irreversibleNames": { + "vpcConnectionId": "VPCConnectionId", + "vpcId": "VPCId" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ram:Permission": { + "cf": "AWS::RAM::Permission", + "inputs": { + "name": { + "type": "string", + "description": "The name of the permission." + }, + "policyTemplate": { + "$ref": "pulumi.json#/Any", + "description": "Policy template for the permission.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::RAM::Permission` for more information about the expected schema for this property." + }, + "resourceType": { + "type": "string", + "description": "The resource type this permission can be used with." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies a list of one or more tag key and value pairs to attach to the permission." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the new permission." + }, + "isResourceTypeDefault": { + "type": "boolean", + "description": "Set to true to use this as the default permission." + }, + "name": { + "type": "string", + "description": "The name of the permission.", + "replaceOnChanges": true + }, + "permissionType": { + "type": "string", + "description": "The type of managed permission. This can be one of the following values:\n\n- *AWS_MANAGED_PERMISSION* – AWS created and manages this managed permission. You can associate it with your resource shares, but you can't modify it.\n- *CUSTOMER_MANAGED_PERMISSION* – You, or another principal in your account created this managed permission. You can associate it with your resource shares and create new versions that have different permissions." + }, + "policyTemplate": { + "$ref": "pulumi.json#/Any", + "description": "Policy template for the permission.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::RAM::Permission` for more information about the expected schema for this property.", + "replaceOnChanges": true + }, + "resourceType": { + "type": "string", + "description": "The resource type this permission can be used with.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies a list of one or more tag key and value pairs to attach to the permission." + }, + "version": { + "type": "string", + "description": "Version of the permission." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "policyTemplate", + "resourceType" + ], + "createOnly": [ + "name", + "policyTemplate", + "resourceType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rds:CustomDbEngineVersion": { + "cf": "AWS::RDS::CustomDBEngineVersion", + "inputs": { + "databaseInstallationFilesS3BucketName": { + "type": "string", + "description": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files`." + }, + "databaseInstallationFilesS3Prefix": { + "type": "string", + "description": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1`. If this setting isn't specified, no prefix is assumed." + }, + "description": { + "type": "string", + "description": "An optional description of your CEV." + }, + "engine": { + "type": "string", + "description": "The database engine to use for your custom engine version (CEV). The only supported value is `custom-oracle-ee`." + }, + "engineVersion": { + "type": "string", + "description": "The name of your CEV. The name format is 19.customized_string . For example, a valid name is 19.my_cev1. This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of Engine and EngineVersion is unique per customer per Region." + }, + "imageId": { + "type": "string", + "description": "The identifier of Amazon Machine Image (AMI) used for CEV." + }, + "kmsKeyId": { + "type": "string", + "description": "The AWS KMS key identifier for an encrypted CEV. A symmetric KMS key is required for RDS Custom, but optional for Amazon RDS." + }, + "manifest": { + "type": "string", + "description": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed." + }, + "sourceCustomDbEngineVersionIdentifier": { + "type": "string", + "description": "The identifier of the source custom engine version." + }, + "status": { + "$ref": "#/types/aws-native:rds:CustomDbEngineVersionStatus", + "description": "The availability status to be assigned to the CEV." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "useAwsProvidedLatestImage": { + "type": "boolean", + "description": "A value that indicates whether AWS provided latest image is applied automatically to the Custom Engine Version. By default, AWS provided latest image is applied automatically. This value is only applied on create." + } + }, + "outputs": { + "databaseInstallationFilesS3BucketName": { + "type": "string", + "description": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files`.", + "replaceOnChanges": true + }, + "databaseInstallationFilesS3Prefix": { + "type": "string", + "description": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1`. If this setting isn't specified, no prefix is assumed.", + "replaceOnChanges": true + }, + "dbEngineVersionArn": { + "type": "string", + "description": "The ARN of the custom engine version." + }, + "description": { + "type": "string", + "description": "An optional description of your CEV." + }, + "engine": { + "type": "string", + "description": "The database engine to use for your custom engine version (CEV). The only supported value is `custom-oracle-ee`.", + "replaceOnChanges": true + }, + "engineVersion": { + "type": "string", + "description": "The name of your CEV. The name format is 19.customized_string . For example, a valid name is 19.my_cev1. This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of Engine and EngineVersion is unique per customer per Region.", + "replaceOnChanges": true + }, + "imageId": { + "type": "string", + "description": "The identifier of Amazon Machine Image (AMI) used for CEV.", + "replaceOnChanges": true + }, + "kmsKeyId": { + "type": "string", + "description": "The AWS KMS key identifier for an encrypted CEV. A symmetric KMS key is required for RDS Custom, but optional for Amazon RDS.", + "replaceOnChanges": true + }, + "manifest": { + "type": "string", + "description": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.", + "replaceOnChanges": true + }, + "sourceCustomDbEngineVersionIdentifier": { + "type": "string", + "description": "The identifier of the source custom engine version.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:rds:CustomDbEngineVersionStatus", + "description": "The availability status to be assigned to the CEV." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "useAwsProvidedLatestImage": { + "type": "boolean", + "description": "A value that indicates whether AWS provided latest image is applied automatically to the Custom Engine Version. By default, AWS provided latest image is applied automatically. This value is only applied on create.", + "replaceOnChanges": true + } + }, + "required": [ + "engine", + "engineVersion" + ], + "createOnly": [ + "databaseInstallationFilesS3BucketName", + "databaseInstallationFilesS3Prefix", + "engine", + "engineVersion", + "imageId", + "kmsKeyId", + "manifest", + "sourceCustomDbEngineVersionIdentifier", + "useAwsProvidedLatestImage" + ], + "writeOnly": [ + "manifest", + "sourceCustomDbEngineVersionIdentifier", + "useAwsProvidedLatestImage" + ], + "irreversibleNames": { + "databaseInstallationFilesS3BucketName": "DatabaseInstallationFilesS3BucketName", + "databaseInstallationFilesS3Prefix": "DatabaseInstallationFilesS3Prefix", + "dbEngineVersionArn": "DBEngineVersionArn", + "kmsKeyId": "KMSKeyId" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rds:DbCluster": { + "cf": "AWS::RDS::DBCluster", + "inputs": { + "allocatedStorage": { + "type": "integer", + "description": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n Valid for Cluster Type: Multi-AZ DB clusters only\n This setting is required to create a Multi-AZ DB cluster." + }, + "associatedRoles": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rds:DbClusterDbClusterRole" + }, + "description": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "autoMinorVersionUpgrade": { + "type": "boolean", + "description": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n Valid for Cluster Type: Multi-AZ DB clusters only" + }, + "availabilityZones": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide*. \n Valid for: Aurora DB clusters only" + }, + "backtrackWindow": { + "type": "integer", + "description": "The target backtrack window, in seconds. To disable backtracking, set this value to ``0``.\n Valid for Cluster Type: Aurora MySQL DB clusters only\n Default: ``0`` \n Constraints:\n + If specified, this value must be set to a number from 0 to 259,200 (72 hours)." + }, + "backupRetentionPeriod": { + "type": "integer", + "description": "The number of days for which automated backups are retained.\n Default: 1\n Constraints:\n + Must be a value from 1 to 35\n \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "copyTagsToSnapshot": { + "type": "boolean", + "description": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "databaseName": { + "type": "string", + "description": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide*. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "dbClusterIdentifier": { + "type": "string", + "description": "The DB cluster identifier. This parameter is stored as a lowercase string.\n Constraints:\n + Must contain from 1 to 63 letters, numbers, or hyphens.\n + First character must be a letter.\n + Can't end with a hyphen or contain two consecutive hyphens.\n \n Example: ``my-cluster1`` \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "dbClusterInstanceClass": { + "type": "string", + "description": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example ``db.m6gd.xlarge``. Not all DB instance classes are available in all AWS-Regions, or for all database engines.\n For the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide*.\n This setting is required to create a Multi-AZ DB cluster.\n Valid for Cluster Type: Multi-AZ DB clusters only" + }, + "dbClusterParameterGroupName": { + "type": "string", + "description": "The name of the DB cluster parameter group to associate with this DB cluster.\n If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started.\n To list all of the available DB cluster parameter group names, use the following command:\n ``aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`` \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "dbInstanceParameterGroupName": { + "type": "string", + "description": "The name of the DB parameter group to apply to all instances of the DB cluster.\n When you apply a parameter group using the ``DBInstanceParameterGroupName`` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window.\n Valid for Cluster Type: Aurora DB clusters only\n Default: The existing name setting\n Constraints:\n + The DB parameter group must be in the same DB parameter group family as this DB cluster.\n + The ``DBInstanceParameterGroupName`` parameter is valid in combination with the ``AllowMajorVersionUpgrade`` parameter for a major version upgrade only." + }, + "dbSubnetGroupName": { + "type": "string", + "description": "A DB subnet group that you want to associate with this DB cluster. \n If you are restoring a DB cluster to a point in time with ``RestoreType`` set to ``copy-on-write``, and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "dbSystemId": { + "type": "string", + "description": "Reserved for future use." + }, + "deletionProtection": { + "type": "boolean", + "description": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "domain": { + "type": "string", + "description": "Indicates the directory ID of the Active Directory to create the DB cluster.\n For Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n For more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide*.\n Valid for: Aurora DB clusters only" + }, + "domainIamRoleName": { + "type": "string", + "description": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n Valid for: Aurora DB clusters only" + }, + "enableCloudwatchLogsExports": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide*.\n *Aurora MySQL* \n Valid values: ``audit``, ``error``, ``general``, ``slowquery`` \n *Aurora PostgreSQL* \n Valid values: ``postgresql`` \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "enableGlobalWriteForwarding": { + "type": "boolean", + "description": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n You can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n Valid for Cluster Type: Aurora DB clusters only" + }, + "enableHttpEndpoint": { + "type": "boolean", + "description": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n When enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n RDS Data API is supported with the following DB clusters:\n + Aurora PostgreSQL Serverless v2 and provisioned\n + Aurora PostgreSQL and Aurora MySQL Serverless v1\n \n For more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide*.\n Valid for Cluster Type: Aurora DB clusters only" + }, + "enableIamDatabaseAuthentication": { + "type": "boolean", + "description": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n For more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.* \n Valid for: Aurora DB clusters only" + }, + "enableLocalWriteForwarding": { + "type": "boolean", + "description": "Specifies whether read replicas can forward write operations to the writer DB instance in the DB cluster. By default, write operations aren't allowed on reader DB instances.\n Valid for: Aurora DB clusters only" + }, + "engine": { + "type": "string", + "description": "The name of the database engine to be used for this DB cluster.\n Valid Values:\n + ``aurora-mysql`` \n + ``aurora-postgresql`` \n + ``mysql`` \n + ``postgres`` \n \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "engineLifecycleSupport": { + "type": "string", + "description": "The life cycle type for this DB cluster.\n By default, this value is set to ``open-source-rds-extended-support``, which enrolls your DB cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to ``open-source-rds-extended-support-disabled``. In this case, creating the DB cluster will fail if the DB major version is past its end of standard support date.\n You can use this setting to enroll your DB cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB cluster past the end of standard support for that engine version. For more information, see the following sections:\n + Amazon Aurora (PostgreSQL only) - [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* \n + Amazon RDS - [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide* \n \n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n Valid Values: ``open-source-rds-extended-support | open-source-rds-extended-support-disabled`` \n Default: ``open-source-rds-extended-support``" + }, + "engineMode": { + "type": "string", + "description": "The DB engine mode of the DB cluster, either ``provisioned`` or ``serverless``.\n The ``serverless`` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the ``provisioned`` engine mode.\n For information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide*:\n + [Limitations of Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations) \n + [Requirements for Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html) \n \n Valid for Cluster Type: Aurora DB clusters only" + }, + "engineVersion": { + "type": "string", + "description": "The version number of the database engine to use.\n To list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:\n ``aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"`` \n You can supply either ``5.7`` or ``8.0`` to use the default engine version for Aurora MySQL version 2 or version 3, respectively.\n To list all of the available engine versions for Aurora PostgreSQL, use the following command:\n ``aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"`` \n To list all of the available engine versions for RDS for MySQL, use the following command:\n ``aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"`` \n To list all of the available engine versions for RDS for PostgreSQL, use the following command:\n ``aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"`` \n *Aurora MySQL* \n For information, see [Database engine updates for Amazon Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the *Amazon Aurora User Guide*.\n *Aurora PostgreSQL* \n For information, see [Amazon Aurora PostgreSQL releases and engine versions](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the *Amazon Aurora User Guide*.\n *MySQL* \n For information, see [Amazon RDS for MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide*.\n *PostgreSQL* \n For information, see [Amazon RDS for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the *Amazon RDS User Guide*.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "globalClusterIdentifier": { + "type": "string", + "description": "If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource. \n If you aren't configuring a global database cluster, don't specify this property. \n To remove the DB cluster from a global database cluster, specify an empty value for the ``GlobalClusterIdentifier`` property.\n For information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide*.\n Valid for: Aurora DB clusters only" + }, + "iops": { + "type": "integer", + "description": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.\n For information about valid IOPS values, see [Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide*.\n This setting is required to create a Multi-AZ DB cluster.\n Valid for Cluster Type: Multi-AZ DB clusters only\n Constraints:\n + Must be a multiple between .5 and 50 of the storage amount for the DB cluster." + }, + "kmsKeyId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef``. If you enable the ``StorageEncrypted`` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the ``StorageEncrypted`` property to ``true``.\n If you specify the ``SnapshotIdentifier`` property, the ``StorageEncrypted`` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified ``KmsKeyId`` property is used.\n If you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set ``KmsKeyId`` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "manageMasterUserPassword": { + "type": "boolean", + "description": "Specifies whether to manage the master user password with AWS Secrets Manager.\n For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.* \n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n Constraints:\n + Can't manage the master user password with AWS Secrets Manager if ``MasterUserPassword`` is specified." + }, + "masterUserPassword": { + "type": "string", + "description": "The master password for the DB instance.\n If you specify the ``SourceDBClusterIdentifier``, ``SnapshotIdentifier``, or ``GlobalClusterIdentifier`` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "masterUserSecret": { + "$ref": "#/types/aws-native:rds:DbClusterMasterUserSecret", + "description": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*" + }, + "masterUsername": { + "type": "string", + "description": "The name of the master user for the DB cluster.\n If you specify the ``SourceDBClusterIdentifier``, ``SnapshotIdentifier``, or ``GlobalClusterIdentifier`` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "monitoringInterval": { + "type": "integer", + "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify ``0``.\n If ``MonitoringRoleArn`` is specified, also set ``MonitoringInterval`` to a value other than ``0``.\n Valid for Cluster Type: Multi-AZ DB clusters only\n Valid Values: ``0 | 1 | 5 | 10 | 15 | 30 | 60`` \n Default: ``0``" + }, + "monitoringRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is ``arn:aws:iam:123456789012:role/emaccess``. For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide*.\n If ``MonitoringInterval`` is set to a value other than ``0``, supply a ``MonitoringRoleArn`` value.\n Valid for Cluster Type: Multi-AZ DB clusters only" + }, + "networkType": { + "type": "string", + "description": "The network type of the DB cluster.\n Valid values:\n + ``IPV4`` \n + ``DUAL`` \n \n The network type is determined by the ``DBSubnetGroup`` specified for the DB cluster. A ``DBSubnetGroup`` can support only the IPv4 protocol or the IPv4 and IPv6 protocols (``DUAL``).\n For more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.* \n Valid for: Aurora DB clusters only" + }, + "performanceInsightsEnabled": { + "type": "boolean", + "description": "Specifies whether to turn on Performance Insights for the DB cluster.\n For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide*.\n Valid for Cluster Type: Multi-AZ DB clusters only" + }, + "performanceInsightsKmsKeyId": { + "type": "string", + "description": "The AWS KMS key identifier for encryption of Performance Insights data.\n The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n If you don't specify a value for ``PerformanceInsightsKMSKeyId``, then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS-account. Your AWS-account has a different default KMS key for each AWS-Region.\n Valid for Cluster Type: Multi-AZ DB clusters only" + }, + "performanceInsightsRetentionPeriod": { + "type": "integer", + "description": "The number of days to retain Performance Insights data.\n Valid for Cluster Type: Multi-AZ DB clusters only\n Valid Values:\n + ``7`` \n + *month* * 31, where *month* is a number of months from 1-23. Examples: ``93`` (3 months * 31), ``341`` (11 months * 31), ``589`` (19 months * 31)\n + ``731`` \n \n Default: ``7`` days\n If you specify a retention period that isn't valid, such as ``94``, Amazon RDS issues an error." + }, + "port": { + "type": "integer", + "description": "The port number on which the DB instances in the DB cluster accept connections.\n Default:\n + When ``EngineMode`` is ``provisioned``, ``3306`` (for both Aurora MySQL and Aurora PostgreSQL)\n + When ``EngineMode`` is ``serverless``:\n + ``3306`` when ``Engine`` is ``aurora`` or ``aurora-mysql`` \n + ``5432`` when ``Engine`` is ``aurora-postgresql`` \n \n \n The ``No interruption`` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "preferredBackupWindow": { + "type": "string", + "description": "The daily time range during which automated backups are created. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.* \n Constraints:\n + Must be in the format ``hh24:mi-hh24:mi``.\n + Must be in Universal Coordinated Time (UTC).\n + Must not conflict with the preferred maintenance window.\n + Must be at least 30 minutes.\n \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Cluster Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.* \n Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n Constraints: Minimum 30-minute window.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "publiclyAccessible": { + "type": "boolean", + "description": "Specifies whether the DB cluster is publicly accessible.\n When the DB cluster is publicly accessible and you connect from outside of the DB cluster's virtual private cloud (VPC), its Domain Name System (DNS) endpoint resolves to the public IP address. When you connect from within the same VPC as the DB cluster, the endpoint resolves to the private IP address. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.\n When the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.\n Valid for Cluster Type: Multi-AZ DB clusters only\n Default: The default behavior varies depending on whether ``DBSubnetGroupName`` is specified.\n If ``DBSubnetGroupName`` isn't specified, and ``PubliclyAccessible`` isn't specified, the following applies:\n + If the default VPC in the target Region doesn’t have an internet gateway attached to it, the DB cluster is private.\n + If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.\n \n If ``DBSubnetGroupName`` is specified, and ``PubliclyAccessible`` isn't specified, the following applies:\n + If the subnets are part of a VPC that doesn’t have an internet gateway attached to it, the DB cluster is private.\n + If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public." + }, + "readEndpoint": { + "$ref": "#/types/aws-native:rds:DbClusterReadEndpoint", + "description": "This data type represents the information you need to connect to an Amazon RDS DB instance. This data type is used as a response element in the following actions:\n + ``CreateDBInstance`` \n + ``DescribeDBInstances`` \n + ``DeleteDBInstance`` \n \n For the data structure that represents Amazon Aurora DB cluster endpoints, see ``DBClusterEndpoint``." + }, + "replicationSourceIdentifier": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n Valid for: Aurora DB clusters only" + }, + "restoreToTime": { + "type": "string", + "description": "The date and time to restore the DB cluster to.\n Valid Values: Value must be a time in Universal Coordinated Time (UTC) format\n Constraints:\n + Must be before the latest restorable time for the DB instance\n + Must be specified if ``UseLatestRestorableTime`` parameter isn't provided\n + Can't be specified if the ``UseLatestRestorableTime`` parameter is enabled\n + Can't be specified if the ``RestoreType`` parameter is ``copy-on-write`` \n \n This property must be used with ``SourceDBClusterIdentifier`` property. The resulting cluster will have the identifier that matches the value of the ``DBclusterIdentifier`` property.\n Example: ``2015-03-07T23:45:00Z`` \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "restoreType": { + "type": "string", + "description": "The type of restore to be performed. You can specify one of the following values:\n + ``full-copy`` - The new DB cluster is restored as a full copy of the source DB cluster.\n + ``copy-on-write`` - The new DB cluster is restored as a clone of the source DB cluster.\n \n If you don't specify a ``RestoreType`` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "scalingConfiguration": { + "$ref": "#/types/aws-native:rds:DbClusterScalingConfiguration", + "description": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n This property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the ``ServerlessV2ScalingConfiguration`` property.\n Valid for: Aurora Serverless v1 DB clusters only" + }, + "serverlessV2ScalingConfiguration": { + "$ref": "#/types/aws-native:rds:DbClusterServerlessV2ScalingConfiguration", + "description": "The scaling configuration of an Aurora Serverless V2 DB cluster. \n This property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the ``ScalingConfiguration`` property.\n Valid for: Aurora Serverless v2 DB clusters only" + }, + "snapshotIdentifier": { + "type": "string", + "description": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n After you restore a DB cluster with a ``SnapshotIdentifier`` property, you must specify the same ``SnapshotIdentifier`` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the ``SnapshotIdentifier`` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified ``SnapshotIdentifier`` property, and the original DB cluster is deleted.\n If you specify the ``SnapshotIdentifier`` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n + ``GlobalClusterIdentifier`` \n + ``MasterUsername`` \n + ``MasterUserPassword`` \n + ``ReplicationSourceIdentifier`` \n + ``RestoreType`` \n + ``SourceDBClusterIdentifier`` \n + ``SourceRegion`` \n + ``StorageEncrypted`` (for an encrypted snapshot)\n + ``UseLatestRestorableTime`` \n \n Constraints:\n + Must match the identifier of an existing Snapshot.\n \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "sourceDbClusterIdentifier": { + "type": "string", + "description": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n Constraints:\n + Must match the identifier of an existing DBCluster.\n \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "sourceRegion": { + "type": "string", + "description": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, ``us-east-1``. \n Valid for: Aurora DB clusters only" + }, + "storageEncrypted": { + "type": "boolean", + "description": "Indicates whether the DB cluster is encrypted.\n If you specify the ``KmsKeyId`` property, then you must enable encryption.\n If you specify the ``SourceDBClusterIdentifier`` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified ``KmsKeyId`` property is used.\n If you specify the ``SnapshotIdentifier`` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified ``KmsKeyId`` property is used.\n If you specify the ``SnapshotIdentifier`` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the ``KmsKeyId`` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to ``false``.\n If you specify both the ``StorageEncrypted`` and ``SnapshotIdentifier`` properties without specifying the ``KmsKeyId`` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "storageType": { + "type": "string", + "description": "The storage type to associate with the DB cluster.\n For information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type). For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings).\n This setting is required to create a Multi-AZ DB cluster.\n When specified for a Multi-AZ DB cluster, a value for the ``Iops`` parameter is required.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n Valid Values:\n + Aurora DB clusters - ``aurora | aurora-iopt1`` \n + Multi-AZ DB clusters - ``io1 | io2 | gp3`` \n \n Default:\n + Aurora DB clusters - ``aurora`` \n + Multi-AZ DB clusters - ``io1`` \n \n When you create an Aurora DB cluster with the storage type set to ``aurora-iopt1``, the storage type is returned in the response. The storage type isn't returned when you set it to ``aurora``." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the DB cluster.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" + }, + "useLatestRestorableTime": { + "type": "boolean", + "description": "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of EC2 VPC security groups to associate with this DB cluster.\n If you plan to update the resource, don't specify VPC security groups in a shared VPC.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + } + }, + "outputs": { + "allocatedStorage": { + "type": "integer", + "description": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n Valid for Cluster Type: Multi-AZ DB clusters only\n This setting is required to create a Multi-AZ DB cluster." + }, + "associatedRoles": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rds:DbClusterDbClusterRole" + }, + "description": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "autoMinorVersionUpgrade": { + "type": "boolean", + "description": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n Valid for Cluster Type: Multi-AZ DB clusters only" + }, + "availabilityZones": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide*. \n Valid for: Aurora DB clusters only", + "replaceOnChanges": true + }, + "backtrackWindow": { + "type": "integer", + "description": "The target backtrack window, in seconds. To disable backtracking, set this value to ``0``.\n Valid for Cluster Type: Aurora MySQL DB clusters only\n Default: ``0`` \n Constraints:\n + If specified, this value must be set to a number from 0 to 259,200 (72 hours)." + }, + "backupRetentionPeriod": { + "type": "integer", + "description": "The number of days for which automated backups are retained.\n Default: 1\n Constraints:\n + Must be a value from 1 to 35\n \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "copyTagsToSnapshot": { + "type": "boolean", + "description": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "databaseName": { + "type": "string", + "description": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide*. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "replaceOnChanges": true + }, + "dbClusterArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the DB cluster." + }, + "dbClusterIdentifier": { + "type": "string", + "description": "The DB cluster identifier. This parameter is stored as a lowercase string.\n Constraints:\n + Must contain from 1 to 63 letters, numbers, or hyphens.\n + First character must be a letter.\n + Can't end with a hyphen or contain two consecutive hyphens.\n \n Example: ``my-cluster1`` \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "replaceOnChanges": true + }, + "dbClusterInstanceClass": { + "type": "string", + "description": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example ``db.m6gd.xlarge``. Not all DB instance classes are available in all AWS-Regions, or for all database engines.\n For the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide*.\n This setting is required to create a Multi-AZ DB cluster.\n Valid for Cluster Type: Multi-AZ DB clusters only" + }, + "dbClusterParameterGroupName": { + "type": "string", + "description": "The name of the DB cluster parameter group to associate with this DB cluster.\n If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started.\n To list all of the available DB cluster parameter group names, use the following command:\n ``aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`` \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "dbClusterResourceId": { + "type": "string", + "description": "The AWS Region -unique, immutable identifier for the DB cluster. This identifier is found in AWS CloudTrail log entries whenever the KMS key for the DB cluster is accessed." + }, + "dbInstanceParameterGroupName": { + "type": "string", + "description": "The name of the DB parameter group to apply to all instances of the DB cluster.\n When you apply a parameter group using the ``DBInstanceParameterGroupName`` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window.\n Valid for Cluster Type: Aurora DB clusters only\n Default: The existing name setting\n Constraints:\n + The DB parameter group must be in the same DB parameter group family as this DB cluster.\n + The ``DBInstanceParameterGroupName`` parameter is valid in combination with the ``AllowMajorVersionUpgrade`` parameter for a major version upgrade only." + }, + "dbSubnetGroupName": { + "type": "string", + "description": "A DB subnet group that you want to associate with this DB cluster. \n If you are restoring a DB cluster to a point in time with ``RestoreType`` set to ``copy-on-write``, and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "replaceOnChanges": true + }, + "dbSystemId": { + "type": "string", + "description": "Reserved for future use.", + "replaceOnChanges": true + }, + "deletionProtection": { + "type": "boolean", + "description": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "domain": { + "type": "string", + "description": "Indicates the directory ID of the Active Directory to create the DB cluster.\n For Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n For more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide*.\n Valid for: Aurora DB clusters only" + }, + "domainIamRoleName": { + "type": "string", + "description": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n Valid for: Aurora DB clusters only" + }, + "enableCloudwatchLogsExports": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide*.\n *Aurora MySQL* \n Valid values: ``audit``, ``error``, ``general``, ``slowquery`` \n *Aurora PostgreSQL* \n Valid values: ``postgresql`` \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "enableGlobalWriteForwarding": { + "type": "boolean", + "description": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n You can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n Valid for Cluster Type: Aurora DB clusters only" + }, + "enableHttpEndpoint": { + "type": "boolean", + "description": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n When enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n RDS Data API is supported with the following DB clusters:\n + Aurora PostgreSQL Serverless v2 and provisioned\n + Aurora PostgreSQL and Aurora MySQL Serverless v1\n \n For more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide*.\n Valid for Cluster Type: Aurora DB clusters only" + }, + "enableIamDatabaseAuthentication": { + "type": "boolean", + "description": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n For more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.* \n Valid for: Aurora DB clusters only" + }, + "enableLocalWriteForwarding": { + "type": "boolean", + "description": "Specifies whether read replicas can forward write operations to the writer DB instance in the DB cluster. By default, write operations aren't allowed on reader DB instances.\n Valid for: Aurora DB clusters only" + }, + "endpoint": { + "$ref": "#/types/aws-native:rds:DbClusterEndpoint" + }, + "engine": { + "type": "string", + "description": "The name of the database engine to be used for this DB cluster.\n Valid Values:\n + ``aurora-mysql`` \n + ``aurora-postgresql`` \n + ``mysql`` \n + ``postgres`` \n \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "engineLifecycleSupport": { + "type": "string", + "description": "The life cycle type for this DB cluster.\n By default, this value is set to ``open-source-rds-extended-support``, which enrolls your DB cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to ``open-source-rds-extended-support-disabled``. In this case, creating the DB cluster will fail if the DB major version is past its end of standard support date.\n You can use this setting to enroll your DB cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB cluster past the end of standard support for that engine version. For more information, see the following sections:\n + Amazon Aurora (PostgreSQL only) - [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* \n + Amazon RDS - [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide* \n \n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n Valid Values: ``open-source-rds-extended-support | open-source-rds-extended-support-disabled`` \n Default: ``open-source-rds-extended-support``" + }, + "engineMode": { + "type": "string", + "description": "The DB engine mode of the DB cluster, either ``provisioned`` or ``serverless``.\n The ``serverless`` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the ``provisioned`` engine mode.\n For information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide*:\n + [Limitations of Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations) \n + [Requirements for Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html) \n \n Valid for Cluster Type: Aurora DB clusters only", + "replaceOnChanges": true + }, + "engineVersion": { + "type": "string", + "description": "The version number of the database engine to use.\n To list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:\n ``aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"`` \n You can supply either ``5.7`` or ``8.0`` to use the default engine version for Aurora MySQL version 2 or version 3, respectively.\n To list all of the available engine versions for Aurora PostgreSQL, use the following command:\n ``aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"`` \n To list all of the available engine versions for RDS for MySQL, use the following command:\n ``aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"`` \n To list all of the available engine versions for RDS for PostgreSQL, use the following command:\n ``aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"`` \n *Aurora MySQL* \n For information, see [Database engine updates for Amazon Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the *Amazon Aurora User Guide*.\n *Aurora PostgreSQL* \n For information, see [Amazon Aurora PostgreSQL releases and engine versions](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the *Amazon Aurora User Guide*.\n *MySQL* \n For information, see [Amazon RDS for MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide*.\n *PostgreSQL* \n For information, see [Amazon RDS for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the *Amazon RDS User Guide*.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "globalClusterIdentifier": { + "type": "string", + "description": "If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource. \n If you aren't configuring a global database cluster, don't specify this property. \n To remove the DB cluster from a global database cluster, specify an empty value for the ``GlobalClusterIdentifier`` property.\n For information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide*.\n Valid for: Aurora DB clusters only" + }, + "iops": { + "type": "integer", + "description": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.\n For information about valid IOPS values, see [Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide*.\n This setting is required to create a Multi-AZ DB cluster.\n Valid for Cluster Type: Multi-AZ DB clusters only\n Constraints:\n + Must be a multiple between .5 and 50 of the storage amount for the DB cluster." + }, + "kmsKeyId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef``. If you enable the ``StorageEncrypted`` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the ``StorageEncrypted`` property to ``true``.\n If you specify the ``SnapshotIdentifier`` property, the ``StorageEncrypted`` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified ``KmsKeyId`` property is used.\n If you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set ``KmsKeyId`` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "replaceOnChanges": true + }, + "manageMasterUserPassword": { + "type": "boolean", + "description": "Specifies whether to manage the master user password with AWS Secrets Manager.\n For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.* \n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n Constraints:\n + Can't manage the master user password with AWS Secrets Manager if ``MasterUserPassword`` is specified." + }, + "masterUserPassword": { + "type": "string", + "description": "The master password for the DB instance.\n If you specify the ``SourceDBClusterIdentifier``, ``SnapshotIdentifier``, or ``GlobalClusterIdentifier`` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "masterUserSecret": { + "$ref": "#/types/aws-native:rds:DbClusterMasterUserSecret", + "description": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*" + }, + "masterUsername": { + "type": "string", + "description": "The name of the master user for the DB cluster.\n If you specify the ``SourceDBClusterIdentifier``, ``SnapshotIdentifier``, or ``GlobalClusterIdentifier`` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "monitoringInterval": { + "type": "integer", + "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify ``0``.\n If ``MonitoringRoleArn`` is specified, also set ``MonitoringInterval`` to a value other than ``0``.\n Valid for Cluster Type: Multi-AZ DB clusters only\n Valid Values: ``0 | 1 | 5 | 10 | 15 | 30 | 60`` \n Default: ``0``" + }, + "monitoringRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is ``arn:aws:iam:123456789012:role/emaccess``. For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide*.\n If ``MonitoringInterval`` is set to a value other than ``0``, supply a ``MonitoringRoleArn`` value.\n Valid for Cluster Type: Multi-AZ DB clusters only" + }, + "networkType": { + "type": "string", + "description": "The network type of the DB cluster.\n Valid values:\n + ``IPV4`` \n + ``DUAL`` \n \n The network type is determined by the ``DBSubnetGroup`` specified for the DB cluster. A ``DBSubnetGroup`` can support only the IPv4 protocol or the IPv4 and IPv6 protocols (``DUAL``).\n For more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.* \n Valid for: Aurora DB clusters only" + }, + "performanceInsightsEnabled": { + "type": "boolean", + "description": "Specifies whether to turn on Performance Insights for the DB cluster.\n For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide*.\n Valid for Cluster Type: Multi-AZ DB clusters only" + }, + "performanceInsightsKmsKeyId": { + "type": "string", + "description": "The AWS KMS key identifier for encryption of Performance Insights data.\n The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n If you don't specify a value for ``PerformanceInsightsKMSKeyId``, then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS-account. Your AWS-account has a different default KMS key for each AWS-Region.\n Valid for Cluster Type: Multi-AZ DB clusters only" + }, + "performanceInsightsRetentionPeriod": { + "type": "integer", + "description": "The number of days to retain Performance Insights data.\n Valid for Cluster Type: Multi-AZ DB clusters only\n Valid Values:\n + ``7`` \n + *month* * 31, where *month* is a number of months from 1-23. Examples: ``93`` (3 months * 31), ``341`` (11 months * 31), ``589`` (19 months * 31)\n + ``731`` \n \n Default: ``7`` days\n If you specify a retention period that isn't valid, such as ``94``, Amazon RDS issues an error." + }, + "port": { + "type": "integer", + "description": "The port number on which the DB instances in the DB cluster accept connections.\n Default:\n + When ``EngineMode`` is ``provisioned``, ``3306`` (for both Aurora MySQL and Aurora PostgreSQL)\n + When ``EngineMode`` is ``serverless``:\n + ``3306`` when ``Engine`` is ``aurora`` or ``aurora-mysql`` \n + ``5432`` when ``Engine`` is ``aurora-postgresql`` \n \n \n The ``No interruption`` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "preferredBackupWindow": { + "type": "string", + "description": "The daily time range during which automated backups are created. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.* \n Constraints:\n + Must be in the format ``hh24:mi-hh24:mi``.\n + Must be in Universal Coordinated Time (UTC).\n + Must not conflict with the preferred maintenance window.\n + Must be at least 30 minutes.\n \n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Cluster Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.* \n Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n Constraints: Minimum 30-minute window.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + }, + "publiclyAccessible": { + "type": "boolean", + "description": "Specifies whether the DB cluster is publicly accessible.\n When the DB cluster is publicly accessible and you connect from outside of the DB cluster's virtual private cloud (VPC), its Domain Name System (DNS) endpoint resolves to the public IP address. When you connect from within the same VPC as the DB cluster, the endpoint resolves to the private IP address. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.\n When the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.\n Valid for Cluster Type: Multi-AZ DB clusters only\n Default: The default behavior varies depending on whether ``DBSubnetGroupName`` is specified.\n If ``DBSubnetGroupName`` isn't specified, and ``PubliclyAccessible`` isn't specified, the following applies:\n + If the default VPC in the target Region doesn’t have an internet gateway attached to it, the DB cluster is private.\n + If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.\n \n If ``DBSubnetGroupName`` is specified, and ``PubliclyAccessible`` isn't specified, the following applies:\n + If the subnets are part of a VPC that doesn’t have an internet gateway attached to it, the DB cluster is private.\n + If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.", + "replaceOnChanges": true + }, + "readEndpoint": { + "$ref": "#/types/aws-native:rds:DbClusterReadEndpoint", + "description": "This data type represents the information you need to connect to an Amazon RDS DB instance. This data type is used as a response element in the following actions:\n + ``CreateDBInstance`` \n + ``DescribeDBInstances`` \n + ``DeleteDBInstance`` \n \n For the data structure that represents Amazon Aurora DB cluster endpoints, see ``DBClusterEndpoint``." + }, + "replicationSourceIdentifier": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n Valid for: Aurora DB clusters only" + }, + "restoreToTime": { + "type": "string", + "description": "The date and time to restore the DB cluster to.\n Valid Values: Value must be a time in Universal Coordinated Time (UTC) format\n Constraints:\n + Must be before the latest restorable time for the DB instance\n + Must be specified if ``UseLatestRestorableTime`` parameter isn't provided\n + Can't be specified if the ``UseLatestRestorableTime`` parameter is enabled\n + Can't be specified if the ``RestoreType`` parameter is ``copy-on-write`` \n \n This property must be used with ``SourceDBClusterIdentifier`` property. The resulting cluster will have the identifier that matches the value of the ``DBclusterIdentifier`` property.\n Example: ``2015-03-07T23:45:00Z`` \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "replaceOnChanges": true + }, + "restoreType": { + "type": "string", + "description": "The type of restore to be performed. You can specify one of the following values:\n + ``full-copy`` - The new DB cluster is restored as a full copy of the source DB cluster.\n + ``copy-on-write`` - The new DB cluster is restored as a clone of the source DB cluster.\n \n If you don't specify a ``RestoreType`` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "replaceOnChanges": true + }, + "scalingConfiguration": { + "$ref": "#/types/aws-native:rds:DbClusterScalingConfiguration", + "description": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n This property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the ``ServerlessV2ScalingConfiguration`` property.\n Valid for: Aurora Serverless v1 DB clusters only" + }, + "serverlessV2ScalingConfiguration": { + "$ref": "#/types/aws-native:rds:DbClusterServerlessV2ScalingConfiguration", + "description": "The scaling configuration of an Aurora Serverless V2 DB cluster. \n This property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the ``ScalingConfiguration`` property.\n Valid for: Aurora Serverless v2 DB clusters only" + }, + "snapshotIdentifier": { + "type": "string", + "description": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n After you restore a DB cluster with a ``SnapshotIdentifier`` property, you must specify the same ``SnapshotIdentifier`` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the ``SnapshotIdentifier`` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified ``SnapshotIdentifier`` property, and the original DB cluster is deleted.\n If you specify the ``SnapshotIdentifier`` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n + ``GlobalClusterIdentifier`` \n + ``MasterUsername`` \n + ``MasterUserPassword`` \n + ``ReplicationSourceIdentifier`` \n + ``RestoreType`` \n + ``SourceDBClusterIdentifier`` \n + ``SourceRegion`` \n + ``StorageEncrypted`` (for an encrypted snapshot)\n + ``UseLatestRestorableTime`` \n \n Constraints:\n + Must match the identifier of an existing Snapshot.\n \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "replaceOnChanges": true + }, + "sourceDbClusterIdentifier": { + "type": "string", + "description": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n Constraints:\n + Must match the identifier of an existing DBCluster.\n \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "replaceOnChanges": true + }, + "sourceRegion": { + "type": "string", + "description": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, ``us-east-1``. \n Valid for: Aurora DB clusters only", + "replaceOnChanges": true + }, + "storageEncrypted": { + "type": "boolean", + "description": "Indicates whether the DB cluster is encrypted.\n If you specify the ``KmsKeyId`` property, then you must enable encryption.\n If you specify the ``SourceDBClusterIdentifier`` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified ``KmsKeyId`` property is used.\n If you specify the ``SnapshotIdentifier`` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified ``KmsKeyId`` property is used.\n If you specify the ``SnapshotIdentifier`` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the ``KmsKeyId`` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to ``false``.\n If you specify both the ``StorageEncrypted`` and ``SnapshotIdentifier`` properties without specifying the ``KmsKeyId`` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "replaceOnChanges": true + }, + "storageThroughput": { + "type": "integer", + "description": "The storage throughput for the DB cluster. The throughput is automatically set based on the IOPS that you provision, and is not configurable.\n\nThis setting is only for non-Aurora Multi-AZ DB clusters." + }, + "storageType": { + "type": "string", + "description": "The storage type to associate with the DB cluster.\n For information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type). For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings).\n This setting is required to create a Multi-AZ DB cluster.\n When specified for a Multi-AZ DB cluster, a value for the ``Iops`` parameter is required.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n Valid Values:\n + Aurora DB clusters - ``aurora | aurora-iopt1`` \n + Multi-AZ DB clusters - ``io1 | io2 | gp3`` \n \n Default:\n + Aurora DB clusters - ``aurora`` \n + Multi-AZ DB clusters - ``io1`` \n \n When you create an Aurora DB cluster with the storage type set to ``aurora-iopt1``, the storage type is returned in the response. The storage type isn't returned when you set it to ``aurora``." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the DB cluster.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters" + }, + "useLatestRestorableTime": { + "type": "boolean", + "description": "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters", + "replaceOnChanges": true + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of EC2 VPC security groups to associate with this DB cluster.\n If you plan to update the resource, don't specify VPC security groups in a shared VPC.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters" + } + }, + "createOnly": [ + "availabilityZones", + "databaseName", + "dbClusterIdentifier", + "dbSubnetGroupName", + "dbSystemId", + "engineMode", + "kmsKeyId", + "publiclyAccessible", + "restoreToTime", + "restoreType", + "snapshotIdentifier", + "sourceDbClusterIdentifier", + "sourceRegion", + "storageEncrypted", + "useLatestRestorableTime" + ], + "writeOnly": [ + "dbInstanceParameterGroupName", + "masterUserPassword", + "restoreToTime", + "restoreType", + "snapshotIdentifier", + "sourceDbClusterIdentifier", + "sourceRegion", + "useLatestRestorableTime" + ], + "irreversibleNames": { + "dbClusterArn": "DBClusterArn", + "dbClusterIdentifier": "DBClusterIdentifier", + "dbClusterInstanceClass": "DBClusterInstanceClass", + "dbClusterParameterGroupName": "DBClusterParameterGroupName", + "dbClusterResourceId": "DBClusterResourceId", + "dbInstanceParameterGroupName": "DBInstanceParameterGroupName", + "dbSubnetGroupName": "DBSubnetGroupName", + "dbSystemId": "DBSystemId", + "domainIamRoleName": "DomainIAMRoleName", + "enableIamDatabaseAuthentication": "EnableIAMDatabaseAuthentication", + "serverlessV2ScalingConfiguration": "ServerlessV2ScalingConfiguration", + "sourceDbClusterIdentifier": "SourceDBClusterIdentifier" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rds:DbClusterParameterGroup": { + "cf": "AWS::RDS::DBClusterParameterGroup", + "inputs": { + "dbClusterParameterGroupName": { + "type": "string", + "description": "The name of the DB cluster parameter group.\n Constraints:\n + Must not match the name of an existing DB cluster parameter group.\n \n This value is stored as a lowercase string." + }, + "description": { + "type": "string", + "description": "The description for the DB cluster parameter group." + }, + "family": { + "type": "string", + "description": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.\n *Aurora MySQL* \n Example: ``aurora-mysql5.7``, ``aurora-mysql8.0`` \n *Aurora PostgreSQL* \n Example: ``aurora-postgresql14`` \n *RDS for MySQL* \n Example: ``mysql8.0`` \n *RDS for PostgreSQL* \n Example: ``postgres13`` \n To list all of the available parameter group families for a DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine \u003cengine\u003e`` \n For example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql`` \n The output contains duplicates.\n The following are the valid DB engine values:\n + ``aurora-mysql`` \n + ``aurora-postgresql`` \n + ``mysql`` \n + ``postgres``" + }, + "parameters": { + "$ref": "pulumi.json#/Any", + "description": "Provides a list of parameters for the DB cluster parameter group.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::RDS::DBClusterParameterGroup` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the DB cluster parameter group." + } + }, + "outputs": { + "dbClusterParameterGroupName": { + "type": "string", + "description": "The name of the DB cluster parameter group.\n Constraints:\n + Must not match the name of an existing DB cluster parameter group.\n \n This value is stored as a lowercase string.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description for the DB cluster parameter group.", + "replaceOnChanges": true + }, + "family": { + "type": "string", + "description": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.\n *Aurora MySQL* \n Example: ``aurora-mysql5.7``, ``aurora-mysql8.0`` \n *Aurora PostgreSQL* \n Example: ``aurora-postgresql14`` \n *RDS for MySQL* \n Example: ``mysql8.0`` \n *RDS for PostgreSQL* \n Example: ``postgres13`` \n To list all of the available parameter group families for a DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine \u003cengine\u003e`` \n For example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql`` \n The output contains duplicates.\n The following are the valid DB engine values:\n + ``aurora-mysql`` \n + ``aurora-postgresql`` \n + ``mysql`` \n + ``postgres``", + "replaceOnChanges": true + }, + "parameters": { + "$ref": "pulumi.json#/Any", + "description": "Provides a list of parameters for the DB cluster parameter group.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::RDS::DBClusterParameterGroup` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the DB cluster parameter group." + } + }, + "autoNamingSpec": { + "sdkName": "dbClusterParameterGroupName" + }, + "required": [ + "description", + "family", + "parameters" + ], + "createOnly": [ + "dbClusterParameterGroupName", + "description", + "family" + ], + "irreversibleNames": { + "dbClusterParameterGroupName": "DBClusterParameterGroupName" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rds:DbInstance": { + "cf": "AWS::RDS::DBInstance", + "inputs": { + "allocatedStorage": { + "type": "string", + "description": "The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.\n If any value is set in the ``Iops`` parameter, ``AllocatedStorage`` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the ``Iops`` value (in 1,000 IOPS increments), then you must also increase the ``AllocatedStorage`` value (in 100-GiB increments). \n *Amazon Aurora* \n Not applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.\n *Db2* \n Constraints to the amount of storage for each storage type are the following:\n + General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000.\n + Provisioned IOPS storage (io1): Must be an integer from 100 to 64000.\n \n *MySQL* \n Constraints to the amount of storage for each storage type are the following: \n + General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n + Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n + Magnetic storage (standard): Must be an integer from 5 to 3072.\n \n *MariaDB* \n Constraints to the amount of storage for each storage type are the following: \n + General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n + Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n + Magnetic storage (standard): Must be an integer from 5 to 3072.\n \n *PostgreSQL* \n Constraints to the amount of storage for each storage type are the following: \n + General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n + Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n + Magnetic storage (standard): Must be an integer from 5 to 3072.\n \n *Oracle* \n Constraints to the amount of storage for each storage type are the following: \n + General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n + Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n + Magnetic storage (standard): Must be an integer from 10 to 3072.\n \n *SQL Server* \n Constraints to the amount of storage for each storage type are the following: \n + General Purpose (SSD) storage (gp2):\n + Enterprise and Standard editions: Must be an integer from 20 to 16384.\n + Web and Express editions: Must be an integer from 20 to 16384.\n \n + Provisioned IOPS storage (io1):\n + Enterprise and Standard editions: Must be an integer from 20 to 16384.\n + Web and Express editions: Must be an integer from 20 to 16384.\n \n + Magnetic storage (standard):\n + Enterprise and Standard editions: Must be an integer from 20 to 1024.\n + Web and Express editions: Must be an integer from 20 to 1024." + }, + "allowMajorVersionUpgrade": { + "type": "boolean", + "description": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n Constraints: Major version upgrades must be allowed when specifying a value for the ``EngineVersion`` parameter that is a different major version than the DB instance's current version." + }, + "associatedRoles": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rds:DbInstanceDbInstanceRole" + }, + "description": "The IAMlong (IAM) roles associated with the DB instance. \n *Amazon Aurora* \n Not applicable. The associated roles are managed by the DB cluster." + }, + "autoMinorVersionUpgrade": { + "type": "boolean", + "description": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically." + }, + "automaticBackupReplicationKmsKeyId": { + "type": "string", + "description": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS-Region, for example, ``arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE``." + }, + "automaticBackupReplicationRegion": { + "type": "string", + "description": "The AWS-Region associated with the automated backup." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone (AZ) where the database will be created. For information on AWS-Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).\n For Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n Default: A random, system-chosen Availability Zone in the endpoint's AWS-Region.\n Constraints:\n + The ``AvailabilityZone`` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n + The specified Availability Zone must be in the same AWS-Region as the current endpoint.\n \n Example: ``us-east-1d``" + }, + "backupRetentionPeriod": { + "type": "integer", + "description": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n *Amazon Aurora* \n Not applicable. The retention period for automated backups is managed by the DB cluster.\n Default: 1\n Constraints:\n + Must be a value from 0 to 35\n + Can't be set to 0 if the DB instance is a source to read replicas" + }, + "caCertificateIdentifier": { + "type": "string", + "description": "The identifier of the CA certificate for this DB instance.\n For more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide*." + }, + "certificateDetails": { + "$ref": "#/types/aws-native:rds:DbInstanceCertificateDetails", + "description": "The details of the DB instance's server certificate." + }, + "certificateRotationRestart": { + "type": "boolean", + "description": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n By default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance.\n If you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n + For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.* \n + For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide*.\n \n This setting doesn't apply to RDS Custom DB instances." + }, + "characterSetName": { + "type": "string", + "description": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n *Amazon Aurora* \n Not applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html)." + }, + "copyTagsToSnapshot": { + "type": "boolean", + "description": "Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.\n This setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting." + }, + "customIamInstanceProfile": { + "type": "string", + "description": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n This setting is required for RDS Custom.\n Constraints:\n + The profile must exist in your account.\n + The profile must have an IAM role that Amazon EC2 has permissions to assume.\n + The instance profile name and the associated IAM role name must start with the prefix ``AWSRDSCustom``.\n \n For the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide*." + }, + "dbClusterIdentifier": { + "type": "string", + "description": "The identifier of the DB cluster that this DB instance will belong to.\n This setting doesn't apply to RDS Custom DB instances." + }, + "dbClusterSnapshotIdentifier": { + "type": "string", + "description": "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n For more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide*.\n Constraints:\n + Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n + Can't be specified when ``DBSnapshotIdentifier`` is specified.\n + Must be specified when ``DBSnapshotIdentifier`` isn't specified.\n + If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the ``DBClusterSnapshotIdentifier`` must be the ARN of the shared snapshot.\n + Can't be the identifier of an Aurora DB cluster snapshot." + }, + "dbInstanceClass": { + "type": "string", + "description": "The compute and memory capacity of the DB instance, for example ``db.m5.large``. Not all DB instance classes are available in all AWS-Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see [DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* or [Aurora DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the *Amazon Aurora User Guide*." + }, + "dbInstanceIdentifier": { + "type": "string", + "description": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n For information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide*.\n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "dbName": { + "type": "string", + "description": "The meaning of this parameter differs according to the database engine you use.\n If you specify the ``DBSnapshotIdentifier`` property, this property only applies to RDS for Oracle.\n *Amazon Aurora* \n Not applicable. The database name is managed by the DB cluster.\n *Db2* \n The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.\n Constraints:\n + Must contain 1 to 64 letters or numbers.\n + Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n + Can't be a word reserved by the specified database engine.\n \n *MySQL* \n The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n Constraints:\n + Must contain 1 to 64 letters or numbers.\n + Can't be a word reserved by the specified database engine\n \n *MariaDB* \n The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n Constraints:\n + Must contain 1 to 64 letters or numbers.\n + Can't be a word reserved by the specified database engine\n \n *PostgreSQL* \n The name of the database to create when the DB instance is created. If this parameter is not specified, the default ``postgres`` database is created in the DB instance.\n Constraints:\n + Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n + Must contain 1 to 63 characters.\n + Can't be a word reserved by the specified database engine\n \n *Oracle* \n The Oracle System ID (SID) of the created DB instance. If you specify ``null``, the default value ``ORCL`` is used. You can't specify the string NULL, or any other reserved word, for ``DBName``. \n Default: ``ORCL`` \n Constraints:\n + Can't be longer than 8 characters\n \n *SQL Server* \n Not applicable. Must be null." + }, + "dbParameterGroupName": { + "type": "string", + "description": "The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.\n To list all of the available DB parameter group names, use the following command:\n ``aws rds describe-db-parameter-groups --query \"DBParameterGroups[].DBParameterGroupName\" --output text`` \n If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.\n If you don't specify a value for ``DBParameterGroupName`` property, the default DB parameter group for the specified engine and engine version is used." + }, + "dbSecurityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.\n If you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.\n If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:\n + ``AllocatedStorage`` \n + ``AutoMinorVersionUpgrade`` \n + ``AvailabilityZone`` \n + ``BackupRetentionPeriod`` \n + ``CharacterSetName`` \n + ``DBInstanceClass`` \n + ``DBName`` \n + ``DBParameterGroupName`` \n + ``DBSecurityGroups`` \n + ``DBSubnetGroupName`` \n + ``Engine`` \n + ``EngineVersion`` \n + ``Iops`` \n + ``LicenseModel`` \n + ``MasterUsername`` \n + ``MasterUserPassword`` \n + ``MultiAZ`` \n + ``OptionGroupName`` \n + ``PreferredBackupWindow`` \n + ``PreferredMaintenanceWindow`` \n \n All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as ``StorageType``, ``StorageEncrypted``, or ``KmsKeyId``. If you're already using the ``DBSecurityGroups`` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance." + }, + "dbSnapshotIdentifier": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n By specifying this property, you can create a DB instance from the specified DB snapshot. If the ``DBSnapshotIdentifier`` property is an empty string or the ``AWS::RDS::DBInstance`` declaration has no ``DBSnapshotIdentifier`` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n Some DB instance properties aren't valid when you restore from a snapshot, such as the ``MasterUsername`` and ``MasterUserPassword`` properties. For information about the properties that you can specify, see the ``RestoreDBInstanceFromDBSnapshot`` action in the *Amazon RDS API Reference*.\n After you restore a DB instance with a ``DBSnapshotIdentifier`` property, you must specify the same ``DBSnapshotIdentifier`` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the ``DBSnapshotIdentifier`` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified ``DBSnapshotIdentifier`` property, and the original DB instance is deleted.\n If you specify the ``DBSnapshotIdentifier`` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n + ``CharacterSetName`` \n + ``DBClusterIdentifier`` \n + ``DBName`` \n + ``DeleteAutomatedBackups`` \n + ``KmsKeyId`` \n + ``MasterUsername`` \n + ``MasterUserPassword`` \n + ``PerformanceInsightsKMSKeyId`` \n + ``PerformanceInsightsRetentionPeriod`` \n + ``PromotionTier`` \n + ``SourceDBInstanceIdentifier`` \n + ``SourceRegion`` \n + ``StorageEncrypted`` (for an encrypted snapshot)\n + ``Timezone`` \n \n *Amazon Aurora* \n Not applicable. Snapshot restore is managed by the DB cluster." + }, + "dbSubnetGroupName": { + "type": "string", + "description": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC. \n If there's no DB subnet group, then the DB instance isn't a VPC DB instance.\n For more information about using Amazon RDS in a VPC, see [Amazon VPC and Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide*. \n This setting doesn't apply to Amazon Aurora DB instances. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting." + }, + "dedicatedLogVolume": { + "type": "boolean", + "description": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled." + }, + "deleteAutomatedBackups": { + "type": "boolean", + "description": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n *Amazon Aurora* \n Not applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted." + }, + "deletionProtection": { + "type": "boolean", + "description": "Specifies whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html).\n This setting doesn't apply to Amazon Aurora DB instances. You can enable or disable deletion protection for the DB cluster. For more information, see ``CreateDBCluster``. DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster." + }, + "domain": { + "type": "string", + "description": "The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n For more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide*." + }, + "domainAuthSecretArn": { + "type": "string", + "description": "The ARN for the Secrets Manager secret with the credentials for the user joining the domain.\n Example: ``arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456``" + }, + "domainDnsIps": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers.\n Constraints:\n + Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list.\n \n Example: ``123.124.125.126,234.235.236.237``" + }, + "domainFqdn": { + "type": "string", + "description": "The fully qualified domain name (FQDN) of an Active Directory domain.\n Constraints:\n + Can't be longer than 64 characters.\n \n Example: ``mymanagedADtest.mymanagedAD.mydomain``" + }, + "domainIamRoleName": { + "type": "string", + "description": "The name of the IAM role to use when making API calls to the Directory Service.\n This setting doesn't apply to the following DB instances:\n + Amazon Aurora (The domain is managed by the DB cluster.)\n + RDS Custom" + }, + "domainOu": { + "type": "string", + "description": "The Active Directory organizational unit for your DB instance to join.\n Constraints:\n + Must be in the distinguished name format.\n + Can't be longer than 64 characters.\n \n Example: ``OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain``" + }, + "enableCloudwatchLogsExports": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide*.\n *Amazon Aurora* \n Not applicable. CloudWatch Logs exports are managed by the DB cluster. \n *Db2* \n Valid values: ``diag.log``, ``notify.log`` \n *MariaDB* \n Valid values: ``audit``, ``error``, ``general``, ``slowquery`` \n *Microsoft SQL Server* \n Valid values: ``agent``, ``error`` \n *MySQL* \n Valid values: ``audit``, ``error``, ``general``, ``slowquery`` \n *Oracle* \n Valid values: ``alert``, ``audit``, ``listener``, ``trace``, ``oemagent`` \n *PostgreSQL* \n Valid values: ``postgresql``, ``upgrade``" + }, + "enableIamDatabaseAuthentication": { + "type": "boolean", + "description": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n This property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.* \n *Amazon Aurora* \n Not applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster." + }, + "enablePerformanceInsights": { + "type": "boolean", + "description": "Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide*.\n This setting doesn't apply to RDS Custom DB instances." + }, + "endpoint": { + "$ref": "#/types/aws-native:rds:DbInstanceEndpoint", + "description": "The connection endpoint for the DB instance.\n The endpoint might not be shown for instances with the status of ``creating``." + }, + "engine": { + "type": "string", + "description": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n This property is required when creating a DB instance.\n You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` to ``oracle-ee-cdb`` or from ``oracle-se2`` to ``oracle-se2-cdb``. Converting to the CDB architecture requires an interruption.\n Valid Values:\n + ``aurora-mysql`` (for Aurora MySQL DB instances)\n + ``aurora-postgresql`` (for Aurora PostgreSQL DB instances)\n + ``custom-oracle-ee`` (for RDS Custom for Oracle DB instances)\n + ``custom-oracle-ee-cdb`` (for RDS Custom for Oracle DB instances)\n + ``custom-sqlserver-ee`` (for RDS Custom for SQL Server DB instances)\n + ``custom-sqlserver-se`` (for RDS Custom for SQL Server DB instances)\n + ``custom-sqlserver-web`` (for RDS Custom for SQL Server DB instances)\n + ``db2-ae`` \n + ``db2-se`` \n + ``mariadb`` \n + ``mysql`` \n + ``oracle-ee`` \n + ``oracle-ee-cdb`` \n + ``oracle-se2`` \n + ``oracle-se2-cdb`` \n + ``postgres`` \n + ``sqlserver-ee`` \n + ``sqlserver-se`` \n + ``sqlserver-ex`` \n + ``sqlserver-web``" + }, + "engineLifecycleSupport": { + "type": "string", + "description": "The life cycle type for this DB instance.\n By default, this value is set to ``open-source-rds-extended-support``, which enrolls your DB instance into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to ``open-source-rds-extended-support-disabled``. In this case, creating the DB instance will fail if the DB major version is past its end of standard support date.\n This setting applies only to RDS for MySQL and RDS for PostgreSQL. For Amazon Aurora DB instances, the life cycle type is managed by the DB cluster.\n You can use this setting to enroll your DB instance into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB instance past the end of standard support for that engine version. For more information, see [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide*.\n Valid Values: ``open-source-rds-extended-support | open-source-rds-extended-support-disabled`` \n Default: ``open-source-rds-extended-support``" + }, + "engineVersion": { + "type": "string", + "description": "The version number of the database engine to use.\n For a list of valid engine versions, use the ``DescribeDBEngineVersions`` action.\n The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.\n *Amazon Aurora* \n Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.\n *Db2* \n See [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.* \n *MariaDB* \n See [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.* \n *Microsoft SQL Server* \n See [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.* \n *MySQL* \n See [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.* \n *Oracle* \n See [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.* \n *PostgreSQL* \n See [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*" + }, + "iops": { + "type": "integer", + "description": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000. \n If you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide*.\n If you specify ``io1`` for the ``StorageType`` property, then you must also specify the ``Iops`` property.\n Constraints:\n + For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance.\n + For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance." + }, + "kmsKeyId": { + "type": "string", + "description": "The ARN of the AWS KMS key that's used to encrypt the DB instance, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef``. If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true. \n If you specify the ``SourceDBInstanceIdentifier`` or ``SourceDbiResourceId`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID.\n If you specify the ``SourceDBInstanceAutomatedBackupsArn`` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified ``KmsKeyId`` property is used.\n If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.\n If you specify the ``DBSnapshotIdentifier`` property, don't specify this property. The ``StorageEncrypted`` property value is inherited from the snapshot. If the DB instance is encrypted, the specified ``KmsKeyId`` property is also inherited from the snapshot.\n If you specify ``DBSecurityGroups``, AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide*.\n *Amazon Aurora* \n Not applicable. The KMS key identifier is managed by the DB cluster." + }, + "licenseModel": { + "type": "string", + "description": "License model information for this DB instance.\n Valid Values:\n + Aurora MySQL - ``general-public-license`` \n + Aurora PostgreSQL - ``postgresql-license`` \n + RDS for Db2 - ``bring-your-own-license``. For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.* \n + RDS for MariaDB - ``general-public-license`` \n + RDS for Microsoft SQL Server - ``license-included`` \n + RDS for MySQL - ``general-public-license`` \n + RDS for Oracle - ``bring-your-own-license`` or ``license-included`` \n + RDS for PostgreSQL - ``postgresql-license`` \n \n If you've specified ``DBSecurityGroups`` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability." + }, + "manageMasterUserPassword": { + "type": "boolean", + "description": "Specifies whether to manage the master user password with AWS Secrets Manager.\n For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.* \n Constraints:\n + Can't manage the master user password with AWS Secrets Manager if ``MasterUserPassword`` is specified." + }, + "masterUserPassword": { + "type": "string", + "description": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n *Amazon Aurora* \n Not applicable. The password for the master user is managed by the DB cluster.\n *RDS for Db2* \n Must contain from 8 to 255 characters.\n *RDS for MariaDB* \n Constraints: Must contain from 8 to 41 characters.\n *RDS for Microsoft SQL Server* \n Constraints: Must contain from 8 to 128 characters.\n *RDS for MySQL* \n Constraints: Must contain from 8 to 41 characters.\n *RDS for Oracle* \n Constraints: Must contain from 8 to 30 characters.\n *RDS for PostgreSQL* \n Constraints: Must contain from 8 to 128 characters." + }, + "masterUserSecret": { + "$ref": "#/types/aws-native:rds:DbInstanceMasterUserSecret", + "description": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*" + }, + "masterUsername": { + "type": "string", + "description": "The master user name for the DB instance.\n If you specify the ``SourceDBInstanceIdentifier`` or ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name.\n *Amazon Aurora* \n Not applicable. The name for the master user is managed by the DB cluster. \n *RDS for Db2* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for MariaDB* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for Microsoft SQL Server* \n Constraints:\n + Must be 1 to 128 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for MySQL* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for Oracle* \n Constraints:\n + Must be 1 to 30 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for PostgreSQL* \n Constraints:\n + Must be 1 to 63 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine." + }, + "maxAllocatedStorage": { + "type": "integer", + "description": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n For more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide*.\n This setting doesn't apply to the following DB instances:\n + Amazon Aurora (Storage is managed by the DB cluster.)\n + RDS Custom" + }, + "monitoringInterval": { + "type": "integer", + "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify ``0``.\n If ``MonitoringRoleArn`` is specified, then you must set ``MonitoringInterval`` to a value other than ``0``.\n This setting doesn't apply to RDS Custom DB instances.\n Valid Values: ``0 | 1 | 5 | 10 | 15 | 30 | 60`` \n Default: ``0``" + }, + "monitoringRoleArn": { + "type": "string", + "description": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, ``arn:aws:iam:123456789012:role/emaccess``. For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide*.\n If ``MonitoringInterval`` is set to a value other than ``0``, then you must supply a ``MonitoringRoleArn`` value.\n This setting doesn't apply to RDS Custom DB instances." + }, + "multiAz": { + "type": "boolean", + "description": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the ``AvailabilityZone`` parameter if the DB instance is a Multi-AZ deployment.\n This setting doesn't apply to the following DB instances:\n + Amazon Aurora (DB instance Availability Zones (AZs) are managed by the DB cluster.)\n + RDS Custom" + }, + "ncharCharacterSetName": { + "type": "string", + "description": "The name of the NCHAR character set for the Oracle DB instance.\n This setting doesn't apply to RDS Custom DB instances." + }, + "networkType": { + "type": "string", + "description": "The network type of the DB instance.\n Valid values:\n + ``IPV4`` \n + ``DUAL`` \n \n The network type is determined by the ``DBSubnetGroup`` specified for the DB instance. A ``DBSubnetGroup`` can support only the IPv4 protocol or the IPv4 and IPv6 protocols (``DUAL``).\n For more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*" + }, + "optionGroupName": { + "type": "string", + "description": "Indicates that the DB instance should be associated with the specified option group.\n Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance." + }, + "performanceInsightsKmsKeyId": { + "type": "string", + "description": "The AWS KMS key identifier for encryption of Performance Insights data.\n The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n If you do not specify a value for ``PerformanceInsightsKMSKeyId``, then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.\n For information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights)." + }, + "performanceInsightsRetentionPeriod": { + "type": "integer", + "description": "The number of days to retain Performance Insights data.\n This setting doesn't apply to RDS Custom DB instances.\n Valid Values:\n + ``7`` \n + *month* * 31, where *month* is a number of months from 1-23. Examples: ``93`` (3 months * 31), ``341`` (11 months * 31), ``589`` (19 months * 31)\n + ``731`` \n \n Default: ``7`` days\n If you specify a retention period that isn't valid, such as ``94``, Amazon RDS returns an error." + }, + "port": { + "type": "string", + "description": "The port number on which the database accepts connections.\n This setting doesn't apply to Aurora DB instances. The port number is managed by the cluster.\n Valid Values: ``1150-65535`` \n Default:\n + RDS for Db2 - ``50000`` \n + RDS for MariaDB - ``3306`` \n + RDS for Microsoft SQL Server - ``1433`` \n + RDS for MySQL - ``3306`` \n + RDS for Oracle - ``1521`` \n + RDS for PostgreSQL - ``5432`` \n \n Constraints:\n + For RDS for Microsoft SQL Server, the value can't be ``1234``, ``1434``, ``3260``, ``3343``, ``3389``, ``47001``, or ``49152-49156``." + }, + "preferredBackupWindow": { + "type": "string", + "description": "The daily time range during which automated backups are created if automated backups are enabled, using the ``BackupRetentionPeriod`` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.* \n Constraints:\n + Must be in the format ``hh24:mi-hh24:mi``.\n + Must be in Universal Coordinated Time (UTC).\n + Must not conflict with the preferred maintenance window.\n + Must be at least 30 minutes.\n \n *Amazon Aurora* \n Not applicable. The daily time range for creating automated backups is managed by the DB cluster." + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Instance Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.* \n This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately.\n Constraints: Minimum 30-minute window." + }, + "processorFeatures": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rds:DbInstanceProcessorFeature" + }, + "description": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.\n This setting doesn't apply to Amazon Aurora or RDS Custom DB instances." + }, + "promotionTier": { + "type": "integer", + "description": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide*.\n This setting doesn't apply to RDS Custom DB instances.\n Default: ``1`` \n Valid Values: ``0 - 15``" + }, + "publiclyAccessible": { + "type": "boolean", + "description": "Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address. \n The default behavior value depends on your VPC setup and the database subnet group. For more information, see the ``PubliclyAccessible`` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference*." + }, + "replicaMode": { + "type": "string", + "description": "The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide*.\n This setting is only supported in RDS for Oracle.\n Default: ``open-read-only`` \n Valid Values: ``open-read-only`` or ``mounted``" + }, + "restoreTime": { + "type": "string", + "description": "The date and time to restore from.\n Constraints:\n + Must be a time in Universal Coordinated Time (UTC) format.\n + Must be before the latest restorable time for the DB instance.\n + Can't be specified if the ``UseLatestRestorableTime`` parameter is enabled.\n \n Example: ``2009-09-07T23:45:00Z``" + }, + "sourceDbClusterIdentifier": { + "type": "string", + "description": "The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas.\n Constraints:\n + Must be the identifier of an existing Multi-AZ DB cluster.\n + Can't be specified if the ``SourceDBInstanceIdentifier`` parameter is also specified.\n + The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0.\n + The source DB cluster must be in the same AWS-Region as the read replica. Cross-Region replication isn't supported." + }, + "sourceDbInstanceAutomatedBackupsArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, ``arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE``.\n This setting doesn't apply to RDS Custom." + }, + "sourceDbInstanceIdentifier": { + "type": "string", + "description": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide*.\n For information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide*.\n The ``SourceDBInstanceIdentifier`` property determines whether a DB instance is a read replica. If you remove the ``SourceDBInstanceIdentifier`` property from your template and then update your stack, AWS CloudFormation promotes the read replica to a standalone DB instance.\n If you specify the ``UseLatestRestorableTime`` or ``RestoreTime`` properties in conjunction with the ``SourceDBInstanceIdentifier`` property, RDS restores the DB instance to the requested point in time, thereby creating a new DB instance.\n + If you specify a source DB instance that uses VPC security groups, we recommend that you specify the ``VPCSecurityGroups`` property. If you don't specify the property, the read replica inherits the value of the ``VPCSecurityGroups`` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's ``VPCSecurityGroups`` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.\n + Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.\n + If you specify ``SourceDBInstanceIdentifier``, don't specify the ``DBSnapshotIdentifier`` property. You can't create a read replica from a snapshot.\n + Don't set the ``BackupRetentionPeriod``, ``DBName``, ``MasterUsername``, ``MasterUserPassword``, and ``PreferredBackupWindow`` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.\n + If the source DB instance is in a different region than the read replica, specify the source region in ``SourceRegion``, and specify an ARN for a valid DB instance in ``SourceDBInstanceIdentifier``. For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide*.\n + For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances." + }, + "sourceDbiResourceId": { + "type": "string", + "description": "The resource ID of the source DB instance from which to restore." + }, + "sourceRegion": { + "type": "string", + "description": "The ID of the region that contains the source DB instance for the read replica." + }, + "storageEncrypted": { + "type": "boolean", + "description": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.\n If you specify the ``KmsKeyId`` property, then you must enable encryption.\n If you specify the ``SourceDBInstanceIdentifier`` or ``SourceDbiResourceId`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used.\n If you specify the ``SourceDBInstanceAutomatedBackupsArn`` property, don't specify this property. The value is inherited from the source DB instance automated backup. \n If you specify ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the snapshot.\n *Amazon Aurora* \n Not applicable. The encryption for DB instances is managed by the DB cluster." + }, + "storageThroughput": { + "type": "integer", + "description": "Specifies the storage throughput value for the DB instance. This setting applies only to the ``gp3`` storage type. \n This setting doesn't apply to RDS Custom or Amazon Aurora." + }, + "storageType": { + "type": "string", + "description": "The storage type to associate with the DB instance.\n If you specify ``io1``, ``io2``, or ``gp3``, you must also include a value for the ``Iops`` parameter.\n This setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n Valid Values: ``gp2 | gp3 | io1 | io2 | standard`` \n Default: ``io1``, if the ``Iops`` parameter is specified. Otherwise, ``gp2``." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the DB instance." + }, + "tdeCredentialArn": { + "type": "string" + }, + "tdeCredentialPassword": { + "type": "string" + }, + "timezone": { + "type": "string", + "description": "The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone)." + }, + "useDefaultProcessorFeatures": { + "type": "boolean", + "description": "Specifies whether the DB instance class of the DB instance uses its default processor features.\n This setting doesn't apply to RDS Custom DB instances." + }, + "useLatestRestorableTime": { + "type": "boolean", + "description": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time.\n Constraints:\n + Can't be specified if the ``RestoreTime`` parameter is provided." + }, + "vpcSecurityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n If you plan to update the resource, don't specify VPC security groups in a shared VPC.\n If you set ``VPCSecurityGroups``, you must not set [DBSecurityGroups](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups), and vice versa.\n You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:\n + You can't revert to using an RDS security group after you establish a VPC security group membership.\n + When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.\n + To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [DBSecurityGroups](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property.\n \n To avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template. \n *Amazon Aurora* \n Not applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting." + } + }, + "outputs": { + "allocatedStorage": { + "type": "string", + "description": "The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.\n If any value is set in the ``Iops`` parameter, ``AllocatedStorage`` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the ``Iops`` value (in 1,000 IOPS increments), then you must also increase the ``AllocatedStorage`` value (in 100-GiB increments). \n *Amazon Aurora* \n Not applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.\n *Db2* \n Constraints to the amount of storage for each storage type are the following:\n + General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000.\n + Provisioned IOPS storage (io1): Must be an integer from 100 to 64000.\n \n *MySQL* \n Constraints to the amount of storage for each storage type are the following: \n + General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n + Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n + Magnetic storage (standard): Must be an integer from 5 to 3072.\n \n *MariaDB* \n Constraints to the amount of storage for each storage type are the following: \n + General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n + Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n + Magnetic storage (standard): Must be an integer from 5 to 3072.\n \n *PostgreSQL* \n Constraints to the amount of storage for each storage type are the following: \n + General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n + Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n + Magnetic storage (standard): Must be an integer from 5 to 3072.\n \n *Oracle* \n Constraints to the amount of storage for each storage type are the following: \n + General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n + Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n + Magnetic storage (standard): Must be an integer from 10 to 3072.\n \n *SQL Server* \n Constraints to the amount of storage for each storage type are the following: \n + General Purpose (SSD) storage (gp2):\n + Enterprise and Standard editions: Must be an integer from 20 to 16384.\n + Web and Express editions: Must be an integer from 20 to 16384.\n \n + Provisioned IOPS storage (io1):\n + Enterprise and Standard editions: Must be an integer from 20 to 16384.\n + Web and Express editions: Must be an integer from 20 to 16384.\n \n + Magnetic storage (standard):\n + Enterprise and Standard editions: Must be an integer from 20 to 1024.\n + Web and Express editions: Must be an integer from 20 to 1024." + }, + "allowMajorVersionUpgrade": { + "type": "boolean", + "description": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n Constraints: Major version upgrades must be allowed when specifying a value for the ``EngineVersion`` parameter that is a different major version than the DB instance's current version." + }, + "associatedRoles": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rds:DbInstanceDbInstanceRole" + }, + "description": "The IAMlong (IAM) roles associated with the DB instance. \n *Amazon Aurora* \n Not applicable. The associated roles are managed by the DB cluster." + }, + "autoMinorVersionUpgrade": { + "type": "boolean", + "description": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically." + }, + "automaticBackupReplicationKmsKeyId": { + "type": "string", + "description": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS-Region, for example, ``arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE``." + }, + "automaticBackupReplicationRegion": { + "type": "string", + "description": "The AWS-Region associated with the automated backup." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone (AZ) where the database will be created. For information on AWS-Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).\n For Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n Default: A random, system-chosen Availability Zone in the endpoint's AWS-Region.\n Constraints:\n + The ``AvailabilityZone`` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n + The specified Availability Zone must be in the same AWS-Region as the current endpoint.\n \n Example: ``us-east-1d``" + }, + "backupRetentionPeriod": { + "type": "integer", + "description": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n *Amazon Aurora* \n Not applicable. The retention period for automated backups is managed by the DB cluster.\n Default: 1\n Constraints:\n + Must be a value from 0 to 35\n + Can't be set to 0 if the DB instance is a source to read replicas" + }, + "caCertificateIdentifier": { + "type": "string", + "description": "The identifier of the CA certificate for this DB instance.\n For more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide*." + }, + "certificateDetails": { + "$ref": "#/types/aws-native:rds:DbInstanceCertificateDetails", + "description": "The details of the DB instance's server certificate." + }, + "certificateRotationRestart": { + "type": "boolean", + "description": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n By default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance.\n If you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n + For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.* \n + For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide*.\n \n This setting doesn't apply to RDS Custom DB instances." + }, + "characterSetName": { + "type": "string", + "description": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n *Amazon Aurora* \n Not applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html).", + "replaceOnChanges": true + }, + "copyTagsToSnapshot": { + "type": "boolean", + "description": "Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.\n This setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting." + }, + "customIamInstanceProfile": { + "type": "string", + "description": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n This setting is required for RDS Custom.\n Constraints:\n + The profile must exist in your account.\n + The profile must have an IAM role that Amazon EC2 has permissions to assume.\n + The instance profile name and the associated IAM role name must start with the prefix ``AWSRDSCustom``.\n \n For the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide*.", + "replaceOnChanges": true + }, + "dbClusterIdentifier": { + "type": "string", + "description": "The identifier of the DB cluster that this DB instance will belong to.\n This setting doesn't apply to RDS Custom DB instances.", + "replaceOnChanges": true + }, + "dbClusterSnapshotIdentifier": { + "type": "string", + "description": "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n For more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide*.\n Constraints:\n + Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n + Can't be specified when ``DBSnapshotIdentifier`` is specified.\n + Must be specified when ``DBSnapshotIdentifier`` isn't specified.\n + If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the ``DBClusterSnapshotIdentifier`` must be the ARN of the shared snapshot.\n + Can't be the identifier of an Aurora DB cluster snapshot." + }, + "dbInstanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the DB instance." + }, + "dbInstanceClass": { + "type": "string", + "description": "The compute and memory capacity of the DB instance, for example ``db.m5.large``. Not all DB instance classes are available in all AWS-Regions, or for all database engines. For the full list of DB instance classes, and availability for your engine, see [DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* or [Aurora DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the *Amazon Aurora User Guide*." + }, + "dbInstanceIdentifier": { + "type": "string", + "description": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n For information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide*.\n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "dbName": { + "type": "string", + "description": "The meaning of this parameter differs according to the database engine you use.\n If you specify the ``DBSnapshotIdentifier`` property, this property only applies to RDS for Oracle.\n *Amazon Aurora* \n Not applicable. The database name is managed by the DB cluster.\n *Db2* \n The name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.\n Constraints:\n + Must contain 1 to 64 letters or numbers.\n + Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n + Can't be a word reserved by the specified database engine.\n \n *MySQL* \n The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n Constraints:\n + Must contain 1 to 64 letters or numbers.\n + Can't be a word reserved by the specified database engine\n \n *MariaDB* \n The name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n Constraints:\n + Must contain 1 to 64 letters or numbers.\n + Can't be a word reserved by the specified database engine\n \n *PostgreSQL* \n The name of the database to create when the DB instance is created. If this parameter is not specified, the default ``postgres`` database is created in the DB instance.\n Constraints:\n + Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n + Must contain 1 to 63 characters.\n + Can't be a word reserved by the specified database engine\n \n *Oracle* \n The Oracle System ID (SID) of the created DB instance. If you specify ``null``, the default value ``ORCL`` is used. You can't specify the string NULL, or any other reserved word, for ``DBName``. \n Default: ``ORCL`` \n Constraints:\n + Can't be longer than 8 characters\n \n *SQL Server* \n Not applicable. Must be null.", + "replaceOnChanges": true + }, + "dbParameterGroupName": { + "type": "string", + "description": "The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.\n To list all of the available DB parameter group names, use the following command:\n ``aws rds describe-db-parameter-groups --query \"DBParameterGroups[].DBParameterGroupName\" --output text`` \n If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.\n If you don't specify a value for ``DBParameterGroupName`` property, the default DB parameter group for the specified engine and engine version is used." + }, + "dbSecurityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.\n If you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.\n If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:\n + ``AllocatedStorage`` \n + ``AutoMinorVersionUpgrade`` \n + ``AvailabilityZone`` \n + ``BackupRetentionPeriod`` \n + ``CharacterSetName`` \n + ``DBInstanceClass`` \n + ``DBName`` \n + ``DBParameterGroupName`` \n + ``DBSecurityGroups`` \n + ``DBSubnetGroupName`` \n + ``Engine`` \n + ``EngineVersion`` \n + ``Iops`` \n + ``LicenseModel`` \n + ``MasterUsername`` \n + ``MasterUserPassword`` \n + ``MultiAZ`` \n + ``OptionGroupName`` \n + ``PreferredBackupWindow`` \n + ``PreferredMaintenanceWindow`` \n \n All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as ``StorageType``, ``StorageEncrypted``, or ``KmsKeyId``. If you're already using the ``DBSecurityGroups`` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance." + }, + "dbSnapshotIdentifier": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n By specifying this property, you can create a DB instance from the specified DB snapshot. If the ``DBSnapshotIdentifier`` property is an empty string or the ``AWS::RDS::DBInstance`` declaration has no ``DBSnapshotIdentifier`` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n Some DB instance properties aren't valid when you restore from a snapshot, such as the ``MasterUsername`` and ``MasterUserPassword`` properties. For information about the properties that you can specify, see the ``RestoreDBInstanceFromDBSnapshot`` action in the *Amazon RDS API Reference*.\n After you restore a DB instance with a ``DBSnapshotIdentifier`` property, you must specify the same ``DBSnapshotIdentifier`` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the ``DBSnapshotIdentifier`` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified ``DBSnapshotIdentifier`` property, and the original DB instance is deleted.\n If you specify the ``DBSnapshotIdentifier`` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n + ``CharacterSetName`` \n + ``DBClusterIdentifier`` \n + ``DBName`` \n + ``DeleteAutomatedBackups`` \n + ``KmsKeyId`` \n + ``MasterUsername`` \n + ``MasterUserPassword`` \n + ``PerformanceInsightsKMSKeyId`` \n + ``PerformanceInsightsRetentionPeriod`` \n + ``PromotionTier`` \n + ``SourceDBInstanceIdentifier`` \n + ``SourceRegion`` \n + ``StorageEncrypted`` (for an encrypted snapshot)\n + ``Timezone`` \n \n *Amazon Aurora* \n Not applicable. Snapshot restore is managed by the DB cluster." + }, + "dbSubnetGroupName": { + "type": "string", + "description": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC. \n If there's no DB subnet group, then the DB instance isn't a VPC DB instance.\n For more information about using Amazon RDS in a VPC, see [Amazon VPC and Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide*. \n This setting doesn't apply to Amazon Aurora DB instances. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", + "replaceOnChanges": true + }, + "dbSystemId": { + "type": "string", + "description": "The Oracle system identifier (SID), which is the name of the Oracle database instance that manages your database files. In this context, the term \"Oracle database instance\" refers exclusively to the system global area (SGA) and Oracle background processes. If you don't specify a SID, the value defaults to ``RDSCDB``. The Oracle SID is also the name of your CDB." + }, + "dbiResourceId": { + "type": "string", + "description": "The AWS Region-unique, immutable identifier for the DB instance. This identifier is found in AWS CloudTrail log entries whenever the AWS KMS key for the DB instance is accessed." + }, + "dedicatedLogVolume": { + "type": "boolean", + "description": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled." + }, + "deleteAutomatedBackups": { + "type": "boolean", + "description": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n *Amazon Aurora* \n Not applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted." + }, + "deletionProtection": { + "type": "boolean", + "description": "Specifies whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html).\n This setting doesn't apply to Amazon Aurora DB instances. You can enable or disable deletion protection for the DB cluster. For more information, see ``CreateDBCluster``. DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster." + }, + "domain": { + "type": "string", + "description": "The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n For more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide*." + }, + "domainAuthSecretArn": { + "type": "string", + "description": "The ARN for the Secrets Manager secret with the credentials for the user joining the domain.\n Example: ``arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456``" + }, + "domainDnsIps": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers.\n Constraints:\n + Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list.\n \n Example: ``123.124.125.126,234.235.236.237``" + }, + "domainFqdn": { + "type": "string", + "description": "The fully qualified domain name (FQDN) of an Active Directory domain.\n Constraints:\n + Can't be longer than 64 characters.\n \n Example: ``mymanagedADtest.mymanagedAD.mydomain``" + }, + "domainIamRoleName": { + "type": "string", + "description": "The name of the IAM role to use when making API calls to the Directory Service.\n This setting doesn't apply to the following DB instances:\n + Amazon Aurora (The domain is managed by the DB cluster.)\n + RDS Custom" + }, + "domainOu": { + "type": "string", + "description": "The Active Directory organizational unit for your DB instance to join.\n Constraints:\n + Must be in the distinguished name format.\n + Can't be longer than 64 characters.\n \n Example: ``OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain``" + }, + "enableCloudwatchLogsExports": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide*.\n *Amazon Aurora* \n Not applicable. CloudWatch Logs exports are managed by the DB cluster. \n *Db2* \n Valid values: ``diag.log``, ``notify.log`` \n *MariaDB* \n Valid values: ``audit``, ``error``, ``general``, ``slowquery`` \n *Microsoft SQL Server* \n Valid values: ``agent``, ``error`` \n *MySQL* \n Valid values: ``audit``, ``error``, ``general``, ``slowquery`` \n *Oracle* \n Valid values: ``alert``, ``audit``, ``listener``, ``trace``, ``oemagent`` \n *PostgreSQL* \n Valid values: ``postgresql``, ``upgrade``" + }, + "enableIamDatabaseAuthentication": { + "type": "boolean", + "description": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n This property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.* \n *Amazon Aurora* \n Not applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster." + }, + "enablePerformanceInsights": { + "type": "boolean", + "description": "Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide*.\n This setting doesn't apply to RDS Custom DB instances." + }, + "endpoint": { + "$ref": "#/types/aws-native:rds:DbInstanceEndpoint", + "description": "The connection endpoint for the DB instance.\n The endpoint might not be shown for instances with the status of ``creating``." + }, + "engine": { + "type": "string", + "description": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n This property is required when creating a DB instance.\n You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` to ``oracle-ee-cdb`` or from ``oracle-se2`` to ``oracle-se2-cdb``. Converting to the CDB architecture requires an interruption.\n Valid Values:\n + ``aurora-mysql`` (for Aurora MySQL DB instances)\n + ``aurora-postgresql`` (for Aurora PostgreSQL DB instances)\n + ``custom-oracle-ee`` (for RDS Custom for Oracle DB instances)\n + ``custom-oracle-ee-cdb`` (for RDS Custom for Oracle DB instances)\n + ``custom-sqlserver-ee`` (for RDS Custom for SQL Server DB instances)\n + ``custom-sqlserver-se`` (for RDS Custom for SQL Server DB instances)\n + ``custom-sqlserver-web`` (for RDS Custom for SQL Server DB instances)\n + ``db2-ae`` \n + ``db2-se`` \n + ``mariadb`` \n + ``mysql`` \n + ``oracle-ee`` \n + ``oracle-ee-cdb`` \n + ``oracle-se2`` \n + ``oracle-se2-cdb`` \n + ``postgres`` \n + ``sqlserver-ee`` \n + ``sqlserver-se`` \n + ``sqlserver-ex`` \n + ``sqlserver-web``" + }, + "engineLifecycleSupport": { + "type": "string", + "description": "The life cycle type for this DB instance.\n By default, this value is set to ``open-source-rds-extended-support``, which enrolls your DB instance into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to ``open-source-rds-extended-support-disabled``. In this case, creating the DB instance will fail if the DB major version is past its end of standard support date.\n This setting applies only to RDS for MySQL and RDS for PostgreSQL. For Amazon Aurora DB instances, the life cycle type is managed by the DB cluster.\n You can use this setting to enroll your DB instance into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB instance past the end of standard support for that engine version. For more information, see [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide*.\n Valid Values: ``open-source-rds-extended-support | open-source-rds-extended-support-disabled`` \n Default: ``open-source-rds-extended-support``" + }, + "engineVersion": { + "type": "string", + "description": "The version number of the database engine to use.\n For a list of valid engine versions, use the ``DescribeDBEngineVersions`` action.\n The following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.\n *Amazon Aurora* \n Not applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.\n *Db2* \n See [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.* \n *MariaDB* \n See [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.* \n *Microsoft SQL Server* \n See [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.* \n *MySQL* \n See [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.* \n *Oracle* \n See [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.* \n *PostgreSQL* \n See [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*" + }, + "iops": { + "type": "integer", + "description": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000. \n If you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide*.\n If you specify ``io1`` for the ``StorageType`` property, then you must also specify the ``Iops`` property.\n Constraints:\n + For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance.\n + For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance." + }, + "kmsKeyId": { + "type": "string", + "description": "The ARN of the AWS KMS key that's used to encrypt the DB instance, such as ``arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef``. If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true. \n If you specify the ``SourceDBInstanceIdentifier`` or ``SourceDbiResourceId`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID.\n If you specify the ``SourceDBInstanceAutomatedBackupsArn`` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified ``KmsKeyId`` property is used.\n If you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.\n If you specify the ``DBSnapshotIdentifier`` property, don't specify this property. The ``StorageEncrypted`` property value is inherited from the snapshot. If the DB instance is encrypted, the specified ``KmsKeyId`` property is also inherited from the snapshot.\n If you specify ``DBSecurityGroups``, AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide*.\n *Amazon Aurora* \n Not applicable. The KMS key identifier is managed by the DB cluster.", + "replaceOnChanges": true + }, + "licenseModel": { + "type": "string", + "description": "License model information for this DB instance.\n Valid Values:\n + Aurora MySQL - ``general-public-license`` \n + Aurora PostgreSQL - ``postgresql-license`` \n + RDS for Db2 - ``bring-your-own-license``. For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.* \n + RDS for MariaDB - ``general-public-license`` \n + RDS for Microsoft SQL Server - ``license-included`` \n + RDS for MySQL - ``general-public-license`` \n + RDS for Oracle - ``bring-your-own-license`` or ``license-included`` \n + RDS for PostgreSQL - ``postgresql-license`` \n \n If you've specified ``DBSecurityGroups`` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability." + }, + "manageMasterUserPassword": { + "type": "boolean", + "description": "Specifies whether to manage the master user password with AWS Secrets Manager.\n For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.* \n Constraints:\n + Can't manage the master user password with AWS Secrets Manager if ``MasterUserPassword`` is specified." + }, + "masterUserPassword": { + "type": "string", + "description": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n *Amazon Aurora* \n Not applicable. The password for the master user is managed by the DB cluster.\n *RDS for Db2* \n Must contain from 8 to 255 characters.\n *RDS for MariaDB* \n Constraints: Must contain from 8 to 41 characters.\n *RDS for Microsoft SQL Server* \n Constraints: Must contain from 8 to 128 characters.\n *RDS for MySQL* \n Constraints: Must contain from 8 to 41 characters.\n *RDS for Oracle* \n Constraints: Must contain from 8 to 30 characters.\n *RDS for PostgreSQL* \n Constraints: Must contain from 8 to 128 characters." + }, + "masterUserSecret": { + "$ref": "#/types/aws-native:rds:DbInstanceMasterUserSecret", + "description": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*" + }, + "masterUsername": { + "type": "string", + "description": "The master user name for the DB instance.\n If you specify the ``SourceDBInstanceIdentifier`` or ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name.\n *Amazon Aurora* \n Not applicable. The name for the master user is managed by the DB cluster. \n *RDS for Db2* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for MariaDB* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for Microsoft SQL Server* \n Constraints:\n + Must be 1 to 128 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for MySQL* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for Oracle* \n Constraints:\n + Must be 1 to 30 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for PostgreSQL* \n Constraints:\n + Must be 1 to 63 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.", + "replaceOnChanges": true + }, + "maxAllocatedStorage": { + "type": "integer", + "description": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n For more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide*.\n This setting doesn't apply to the following DB instances:\n + Amazon Aurora (Storage is managed by the DB cluster.)\n + RDS Custom" + }, + "monitoringInterval": { + "type": "integer", + "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify ``0``.\n If ``MonitoringRoleArn`` is specified, then you must set ``MonitoringInterval`` to a value other than ``0``.\n This setting doesn't apply to RDS Custom DB instances.\n Valid Values: ``0 | 1 | 5 | 10 | 15 | 30 | 60`` \n Default: ``0``" + }, + "monitoringRoleArn": { + "type": "string", + "description": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, ``arn:aws:iam:123456789012:role/emaccess``. For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide*.\n If ``MonitoringInterval`` is set to a value other than ``0``, then you must supply a ``MonitoringRoleArn`` value.\n This setting doesn't apply to RDS Custom DB instances." + }, + "multiAz": { + "type": "boolean", + "description": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the ``AvailabilityZone`` parameter if the DB instance is a Multi-AZ deployment.\n This setting doesn't apply to the following DB instances:\n + Amazon Aurora (DB instance Availability Zones (AZs) are managed by the DB cluster.)\n + RDS Custom" + }, + "ncharCharacterSetName": { + "type": "string", + "description": "The name of the NCHAR character set for the Oracle DB instance.\n This setting doesn't apply to RDS Custom DB instances.", + "replaceOnChanges": true + }, + "networkType": { + "type": "string", + "description": "The network type of the DB instance.\n Valid values:\n + ``IPV4`` \n + ``DUAL`` \n \n The network type is determined by the ``DBSubnetGroup`` specified for the DB instance. A ``DBSubnetGroup`` can support only the IPv4 protocol or the IPv4 and IPv6 protocols (``DUAL``).\n For more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*" + }, + "optionGroupName": { + "type": "string", + "description": "Indicates that the DB instance should be associated with the specified option group.\n Permanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance." + }, + "performanceInsightsKmsKeyId": { + "type": "string", + "description": "The AWS KMS key identifier for encryption of Performance Insights data.\n The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n If you do not specify a value for ``PerformanceInsightsKMSKeyId``, then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.\n For information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights)." + }, + "performanceInsightsRetentionPeriod": { + "type": "integer", + "description": "The number of days to retain Performance Insights data.\n This setting doesn't apply to RDS Custom DB instances.\n Valid Values:\n + ``7`` \n + *month* * 31, where *month* is a number of months from 1-23. Examples: ``93`` (3 months * 31), ``341`` (11 months * 31), ``589`` (19 months * 31)\n + ``731`` \n \n Default: ``7`` days\n If you specify a retention period that isn't valid, such as ``94``, Amazon RDS returns an error." + }, + "port": { + "type": "string", + "description": "The port number on which the database accepts connections.\n This setting doesn't apply to Aurora DB instances. The port number is managed by the cluster.\n Valid Values: ``1150-65535`` \n Default:\n + RDS for Db2 - ``50000`` \n + RDS for MariaDB - ``3306`` \n + RDS for Microsoft SQL Server - ``1433`` \n + RDS for MySQL - ``3306`` \n + RDS for Oracle - ``1521`` \n + RDS for PostgreSQL - ``5432`` \n \n Constraints:\n + For RDS for Microsoft SQL Server, the value can't be ``1234``, ``1434``, ``3260``, ``3343``, ``3389``, ``47001``, or ``49152-49156``.", + "replaceOnChanges": true + }, + "preferredBackupWindow": { + "type": "string", + "description": "The daily time range during which automated backups are created if automated backups are enabled, using the ``BackupRetentionPeriod`` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.* \n Constraints:\n + Must be in the format ``hh24:mi-hh24:mi``.\n + Must be in Universal Coordinated Time (UTC).\n + Must not conflict with the preferred maintenance window.\n + Must be at least 30 minutes.\n \n *Amazon Aurora* \n Not applicable. The daily time range for creating automated backups is managed by the DB cluster." + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Instance Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.* \n This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately.\n Constraints: Minimum 30-minute window." + }, + "processorFeatures": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rds:DbInstanceProcessorFeature" + }, + "description": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.\n This setting doesn't apply to Amazon Aurora or RDS Custom DB instances." + }, + "promotionTier": { + "type": "integer", + "description": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide*.\n This setting doesn't apply to RDS Custom DB instances.\n Default: ``1`` \n Valid Values: ``0 - 15``" + }, + "publiclyAccessible": { + "type": "boolean", + "description": "Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address. \n The default behavior value depends on your VPC setup and the database subnet group. For more information, see the ``PubliclyAccessible`` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference*." + }, + "replicaMode": { + "type": "string", + "description": "The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide*.\n This setting is only supported in RDS for Oracle.\n Default: ``open-read-only`` \n Valid Values: ``open-read-only`` or ``mounted``" + }, + "restoreTime": { + "type": "string", + "description": "The date and time to restore from.\n Constraints:\n + Must be a time in Universal Coordinated Time (UTC) format.\n + Must be before the latest restorable time for the DB instance.\n + Can't be specified if the ``UseLatestRestorableTime`` parameter is enabled.\n \n Example: ``2009-09-07T23:45:00Z``" + }, + "sourceDbClusterIdentifier": { + "type": "string", + "description": "The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas.\n Constraints:\n + Must be the identifier of an existing Multi-AZ DB cluster.\n + Can't be specified if the ``SourceDBInstanceIdentifier`` parameter is also specified.\n + The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0.\n + The source DB cluster must be in the same AWS-Region as the read replica. Cross-Region replication isn't supported." + }, + "sourceDbInstanceAutomatedBackupsArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, ``arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE``.\n This setting doesn't apply to RDS Custom." + }, + "sourceDbInstanceIdentifier": { + "type": "string", + "description": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide*.\n For information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide*.\n The ``SourceDBInstanceIdentifier`` property determines whether a DB instance is a read replica. If you remove the ``SourceDBInstanceIdentifier`` property from your template and then update your stack, AWS CloudFormation promotes the read replica to a standalone DB instance.\n If you specify the ``UseLatestRestorableTime`` or ``RestoreTime`` properties in conjunction with the ``SourceDBInstanceIdentifier`` property, RDS restores the DB instance to the requested point in time, thereby creating a new DB instance.\n + If you specify a source DB instance that uses VPC security groups, we recommend that you specify the ``VPCSecurityGroups`` property. If you don't specify the property, the read replica inherits the value of the ``VPCSecurityGroups`` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's ``VPCSecurityGroups`` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.\n + Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.\n + If you specify ``SourceDBInstanceIdentifier``, don't specify the ``DBSnapshotIdentifier`` property. You can't create a read replica from a snapshot.\n + Don't set the ``BackupRetentionPeriod``, ``DBName``, ``MasterUsername``, ``MasterUserPassword``, and ``PreferredBackupWindow`` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.\n + If the source DB instance is in a different region than the read replica, specify the source region in ``SourceRegion``, and specify an ARN for a valid DB instance in ``SourceDBInstanceIdentifier``. For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide*.\n + For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances." + }, + "sourceDbiResourceId": { + "type": "string", + "description": "The resource ID of the source DB instance from which to restore." + }, + "sourceRegion": { + "type": "string", + "description": "The ID of the region that contains the source DB instance for the read replica.", + "replaceOnChanges": true + }, + "storageEncrypted": { + "type": "boolean", + "description": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.\n If you specify the ``KmsKeyId`` property, then you must enable encryption.\n If you specify the ``SourceDBInstanceIdentifier`` or ``SourceDbiResourceId`` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified ``KmsKeyId`` property is used.\n If you specify the ``SourceDBInstanceAutomatedBackupsArn`` property, don't specify this property. The value is inherited from the source DB instance automated backup. \n If you specify ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the snapshot.\n *Amazon Aurora* \n Not applicable. The encryption for DB instances is managed by the DB cluster.", + "replaceOnChanges": true + }, + "storageThroughput": { + "type": "integer", + "description": "Specifies the storage throughput value for the DB instance. This setting applies only to the ``gp3`` storage type. \n This setting doesn't apply to RDS Custom or Amazon Aurora." + }, + "storageType": { + "type": "string", + "description": "The storage type to associate with the DB instance.\n If you specify ``io1``, ``io2``, or ``gp3``, you must also include a value for the ``Iops`` parameter.\n This setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n Valid Values: ``gp2 | gp3 | io1 | io2 | standard`` \n Default: ``io1``, if the ``Iops`` parameter is specified. Otherwise, ``gp2``." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the DB instance." + }, + "tdeCredentialArn": { + "type": "string" + }, + "tdeCredentialPassword": { + "type": "string" + }, + "timezone": { + "type": "string", + "description": "The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone).", + "replaceOnChanges": true + }, + "useDefaultProcessorFeatures": { + "type": "boolean", + "description": "Specifies whether the DB instance class of the DB instance uses its default processor features.\n This setting doesn't apply to RDS Custom DB instances." + }, + "useLatestRestorableTime": { + "type": "boolean", + "description": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time.\n Constraints:\n + Can't be specified if the ``RestoreTime`` parameter is provided." + }, + "vpcSecurityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n If you plan to update the resource, don't specify VPC security groups in a shared VPC.\n If you set ``VPCSecurityGroups``, you must not set [DBSecurityGroups](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups), and vice versa.\n You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:\n + You can't revert to using an RDS security group after you establish a VPC security group membership.\n + When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.\n + To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [DBSecurityGroups](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property.\n \n To avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template. \n *Amazon Aurora* \n Not applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting." + } + }, + "createOnly": [ + "characterSetName", + "customIamInstanceProfile", + "dbClusterIdentifier", + "dbInstanceIdentifier", + "dbName", + "dbSubnetGroupName", + "kmsKeyId", + "masterUsername", + "ncharCharacterSetName", + "port", + "sourceRegion", + "storageEncrypted", + "timezone" + ], + "writeOnly": [ + "allowMajorVersionUpgrade", + "automaticBackupReplicationKmsKeyId", + "certificateRotationRestart", + "dbSnapshotIdentifier", + "deleteAutomatedBackups", + "masterUserPassword", + "port", + "restoreTime", + "sourceDbInstanceAutomatedBackupsArn", + "sourceDbInstanceIdentifier", + "sourceDbiResourceId", + "sourceRegion", + "tdeCredentialPassword", + "useDefaultProcessorFeatures", + "useLatestRestorableTime" + ], + "irreversibleNames": { + "caCertificateIdentifier": "CACertificateIdentifier", + "customIamInstanceProfile": "CustomIAMInstanceProfile", + "dbClusterIdentifier": "DBClusterIdentifier", + "dbClusterSnapshotIdentifier": "DBClusterSnapshotIdentifier", + "dbInstanceArn": "DBInstanceArn", + "dbInstanceClass": "DBInstanceClass", + "dbInstanceIdentifier": "DBInstanceIdentifier", + "dbName": "DBName", + "dbParameterGroupName": "DBParameterGroupName", + "dbSecurityGroups": "DBSecurityGroups", + "dbSnapshotIdentifier": "DBSnapshotIdentifier", + "dbSubnetGroupName": "DBSubnetGroupName", + "dbSystemId": "DBSystemId", + "domainIamRoleName": "DomainIAMRoleName", + "enableIamDatabaseAuthentication": "EnableIAMDatabaseAuthentication", + "multiAz": "MultiAZ", + "performanceInsightsKmsKeyId": "PerformanceInsightsKMSKeyId", + "sourceDbClusterIdentifier": "SourceDBClusterIdentifier", + "sourceDbInstanceAutomatedBackupsArn": "SourceDBInstanceAutomatedBackupsArn", + "sourceDbInstanceIdentifier": "SourceDBInstanceIdentifier", + "vpcSecurityGroups": "VPCSecurityGroups" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rds:DbParameterGroup": { + "cf": "AWS::RDS::DBParameterGroup", + "inputs": { + "dbParameterGroupName": { + "type": "string", + "description": "The name of the DB parameter group.\n Constraints:\n + Must be 1 to 255 letters, numbers, or hyphens.\n + First character must be a letter\n + Can't end with a hyphen or contain two consecutive hyphens\n \n If you don't specify a value for ``DBParameterGroupName`` property, a name is automatically created for the DB parameter group.\n This value is stored as a lowercase string." + }, + "description": { + "type": "string", + "description": "Provides the customer-specified description for this DB parameter group." + }, + "family": { + "type": "string", + "description": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.\n To list all of the available parameter group families for a DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine \u003cengine\u003e`` \n For example, to list all of the available parameter group families for the MySQL DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql`` \n The output contains duplicates.\n The following are the valid DB engine values:\n + ``aurora-mysql`` \n + ``aurora-postgresql`` \n + ``db2-ae`` \n + ``db2-se`` \n + ``mysql`` \n + ``oracle-ee`` \n + ``oracle-ee-cdb`` \n + ``oracle-se2`` \n + ``oracle-se2-cdb`` \n + ``postgres`` \n + ``sqlserver-ee`` \n + ``sqlserver-se`` \n + ``sqlserver-ex`` \n + ``sqlserver-web``" + }, + "parameters": { + "$ref": "pulumi.json#/Any", + "description": "An array of parameter names and values for the parameter update. You must specify at least one parameter name and value.\n For more information about parameter groups, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide*, or [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide*.\n AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::RDS::DBParameterGroup` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the DB parameter group." + } + }, + "outputs": { + "dbParameterGroupName": { + "type": "string", + "description": "The name of the DB parameter group.\n Constraints:\n + Must be 1 to 255 letters, numbers, or hyphens.\n + First character must be a letter\n + Can't end with a hyphen or contain two consecutive hyphens\n \n If you don't specify a value for ``DBParameterGroupName`` property, a name is automatically created for the DB parameter group.\n This value is stored as a lowercase string.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "Provides the customer-specified description for this DB parameter group.", + "replaceOnChanges": true + }, + "family": { + "type": "string", + "description": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.\n To list all of the available parameter group families for a DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine \u003cengine\u003e`` \n For example, to list all of the available parameter group families for the MySQL DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql`` \n The output contains duplicates.\n The following are the valid DB engine values:\n + ``aurora-mysql`` \n + ``aurora-postgresql`` \n + ``db2-ae`` \n + ``db2-se`` \n + ``mysql`` \n + ``oracle-ee`` \n + ``oracle-ee-cdb`` \n + ``oracle-se2`` \n + ``oracle-se2-cdb`` \n + ``postgres`` \n + ``sqlserver-ee`` \n + ``sqlserver-se`` \n + ``sqlserver-ex`` \n + ``sqlserver-web``", + "replaceOnChanges": true + }, + "parameters": { + "$ref": "pulumi.json#/Any", + "description": "An array of parameter names and values for the parameter update. You must specify at least one parameter name and value.\n For more information about parameter groups, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide*, or [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide*.\n AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::RDS::DBParameterGroup` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the DB parameter group." + } + }, + "autoNamingSpec": { + "sdkName": "dbParameterGroupName" + }, + "required": [ + "description", + "family" + ], + "createOnly": [ + "dbParameterGroupName", + "description", + "family" + ], + "irreversibleNames": { + "dbParameterGroupName": "DBParameterGroupName" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rds:DbProxy": { + "cf": "AWS::RDS::DBProxy", + "inputs": { + "auth": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rds:DbProxyAuthFormat" + }, + "description": "The authorization mechanism that the proxy uses." + }, + "dbProxyName": { + "type": "string", + "description": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region." + }, + "debugLogging": { + "type": "boolean", + "description": "Whether the proxy includes detailed information about SQL statements in its logs." + }, + "engineFamily": { + "$ref": "#/types/aws-native:rds:DbProxyEngineFamily", + "description": "The kinds of databases that the proxy can connect to." + }, + "idleClientTimeout": { + "type": "integer", + "description": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it." + }, + "requireTls": { + "type": "boolean", + "description": "A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "VPC security group IDs to associate with the new proxy." + }, + "vpcSubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "VPC subnet IDs to associate with the new proxy." + } + }, + "outputs": { + "auth": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rds:DbProxyAuthFormat" + }, + "description": "The authorization mechanism that the proxy uses." + }, + "dbProxyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the proxy." + }, + "dbProxyName": { + "type": "string", + "description": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region.", + "replaceOnChanges": true + }, + "debugLogging": { + "type": "boolean", + "description": "Whether the proxy includes detailed information about SQL statements in its logs." + }, + "endpoint": { + "type": "string", + "description": "The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application." + }, + "engineFamily": { + "$ref": "#/types/aws-native:rds:DbProxyEngineFamily", + "description": "The kinds of databases that the proxy can connect to.", + "replaceOnChanges": true + }, + "idleClientTimeout": { + "type": "integer", + "description": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it." + }, + "requireTls": { + "type": "boolean", + "description": "A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy." + }, + "vpcId": { + "type": "string", + "description": "VPC ID to associate with the new DB proxy." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "VPC security group IDs to associate with the new proxy." + }, + "vpcSubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "VPC subnet IDs to associate with the new proxy.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "dbProxyName", + "maxLength": 64 + }, + "required": [ + "auth", + "engineFamily", + "roleArn", + "vpcSubnetIds" + ], + "createOnly": [ + "dbProxyName", + "engineFamily", + "vpcSubnetIds" + ], + "irreversibleNames": { + "dbProxyArn": "DBProxyArn", + "dbProxyName": "DBProxyName", + "requireTls": "RequireTLS" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rds:DbProxyEndpoint": { + "cf": "AWS::RDS::DBProxyEndpoint", + "inputs": { + "dbProxyEndpointName": { + "type": "string", + "description": "The identifier for the DB proxy endpoint. This name must be unique for all DB proxy endpoints owned by your AWS account in the specified AWS Region." + }, + "dbProxyName": { + "type": "string", + "description": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An optional set of key-value pairs to associate arbitrary data of your choosing with the DB proxy endpoint." + }, + "targetRole": { + "$ref": "#/types/aws-native:rds:DbProxyEndpointTargetRole", + "description": "A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "VPC security group IDs to associate with the new DB proxy endpoint." + }, + "vpcSubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "VPC subnet IDs to associate with the new DB proxy endpoint." + } + }, + "outputs": { + "dbProxyEndpointArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the DB proxy endpoint." + }, + "dbProxyEndpointName": { + "type": "string", + "description": "The identifier for the DB proxy endpoint. This name must be unique for all DB proxy endpoints owned by your AWS account in the specified AWS Region.", + "replaceOnChanges": true + }, + "dbProxyName": { + "type": "string", + "description": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region.", + "replaceOnChanges": true + }, + "endpoint": { + "type": "string", + "description": "The endpoint that you can use to connect to the DB proxy. You include the endpoint value in the connection string for a database client application." + }, + "isDefault": { + "type": "boolean", + "description": "A value that indicates whether this endpoint is the default endpoint for the associated DB proxy. Default DB proxy endpoints always have read/write capability. Other endpoints that you associate with the DB proxy can be either read/write or read-only." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An optional set of key-value pairs to associate arbitrary data of your choosing with the DB proxy endpoint." + }, + "targetRole": { + "$ref": "#/types/aws-native:rds:DbProxyEndpointTargetRole", + "description": "A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations." + }, + "vpcId": { + "type": "string", + "description": "VPC ID to associate with the new DB proxy endpoint." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "VPC security group IDs to associate with the new DB proxy endpoint." + }, + "vpcSubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "VPC subnet IDs to associate with the new DB proxy endpoint.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "dbProxyEndpointName", + "maxLength": 64 + }, + "required": [ + "dbProxyName", + "vpcSubnetIds" + ], + "createOnly": [ + "dbProxyEndpointName", + "dbProxyName", + "vpcSubnetIds" + ], + "irreversibleNames": { + "dbProxyEndpointArn": "DBProxyEndpointArn", + "dbProxyEndpointName": "DBProxyEndpointName", + "dbProxyName": "DBProxyName" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rds:DbProxyTargetGroup": { + "cf": "AWS::RDS::DBProxyTargetGroup", + "inputs": { + "connectionPoolConfigurationInfo": { + "$ref": "#/types/aws-native:rds:DbProxyTargetGroupConnectionPoolConfigurationInfoFormat", + "description": "Displays the settings that control the size and behavior of the connection pool associated with a `DBProxyTarget` ." + }, + "dbClusterIdentifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more DB cluster identifiers." + }, + "dbInstanceIdentifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more DB instance identifiers." + }, + "dbProxyName": { + "type": "string", + "description": "The identifier for the proxy." + }, + "targetGroupName": { + "$ref": "#/types/aws-native:rds:DbProxyTargetGroupTargetGroupName", + "description": "The identifier for the DBProxyTargetGroup" + } + }, + "outputs": { + "connectionPoolConfigurationInfo": { + "$ref": "#/types/aws-native:rds:DbProxyTargetGroupConnectionPoolConfigurationInfoFormat", + "description": "Displays the settings that control the size and behavior of the connection pool associated with a `DBProxyTarget` ." + }, + "dbClusterIdentifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more DB cluster identifiers." + }, + "dbInstanceIdentifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more DB instance identifiers." + }, + "dbProxyName": { + "type": "string", + "description": "The identifier for the proxy.", + "replaceOnChanges": true + }, + "targetGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) representing the target group." + }, + "targetGroupName": { + "$ref": "#/types/aws-native:rds:DbProxyTargetGroupTargetGroupName", + "description": "The identifier for the DBProxyTargetGroup", + "replaceOnChanges": true + } + }, + "required": [ + "dbProxyName", + "targetGroupName" + ], + "createOnly": [ + "dbProxyName", + "targetGroupName" + ], + "irreversibleNames": { + "dbClusterIdentifiers": "DBClusterIdentifiers", + "dbInstanceIdentifiers": "DBInstanceIdentifiers", + "dbProxyName": "DBProxyName" + } + }, + "aws-native:rds:DbSubnetGroup": { + "cf": "AWS::RDS::DBSubnetGroup", + "inputs": { + "dbSubnetGroupDescription": { + "type": "string", + "description": "The description for the DB subnet group." + }, + "dbSubnetGroupName": { + "type": "string", + "description": "The name for the DB subnet group. This value is stored as a lowercase string.\n Constraints:\n + Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens.\n + Must not be default.\n + First character must be a letter.\n \n Example: ``mydbsubnetgroup``" + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The EC2 Subnet IDs for the DB subnet group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the DB subnet group." + } + }, + "outputs": { + "dbSubnetGroupDescription": { + "type": "string", + "description": "The description for the DB subnet group." + }, + "dbSubnetGroupName": { + "type": "string", + "description": "The name for the DB subnet group. This value is stored as a lowercase string.\n Constraints:\n + Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens.\n + Must not be default.\n + First character must be a letter.\n \n Example: ``mydbsubnetgroup``", + "replaceOnChanges": true + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The EC2 Subnet IDs for the DB subnet group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the DB subnet group." + } + }, + "autoNamingSpec": { + "sdkName": "dbSubnetGroupName" + }, + "required": [ + "dbSubnetGroupDescription", + "subnetIds" + ], + "createOnly": [ + "dbSubnetGroupName" + ], + "writeOnly": [ + "subnetIds" + ], + "irreversibleNames": { + "dbSubnetGroupDescription": "DBSubnetGroupDescription", + "dbSubnetGroupName": "DBSubnetGroupName" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rds:EventSubscription": { + "cf": "AWS::RDS::EventSubscription", + "inputs": { + "enabled": { + "type": "boolean", + "description": "Specifies whether to activate the subscription. If the event notification subscription isn't activated, the subscription is created but not active." + }, + "eventCategories": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of event categories for a particular source type (``SourceType``) that you want to subscribe to. You can see a list of the categories for a given source type in the \"Amazon RDS event categories and event messages\" section of the [Amazon RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [Amazon Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html). You can also see this list by using the ``DescribeEventCategories`` operation." + }, + "snsTopicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. SNS automatically creates the ARN when you create a topic and subscribe to it.\n RDS doesn't support FIFO (first in, first out) topics. For more information, see [Message ordering and deduplication (FIFO topics)](https://docs.aws.amazon.com/sns/latest/dg/sns-fifo-topics.html) in the *Amazon Simple Notification Service Developer Guide*." + }, + "sourceIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n Constraints:\n + If ``SourceIds`` are supplied, ``SourceType`` must also be provided.\n + If the source type is a DB instance, a ``DBInstanceIdentifier`` value must be supplied.\n + If the source type is a DB cluster, a ``DBClusterIdentifier`` value must be supplied.\n + If the source type is a DB parameter group, a ``DBParameterGroupName`` value must be supplied.\n + If the source type is a DB security group, a ``DBSecurityGroupName`` value must be supplied.\n + If the source type is a DB snapshot, a ``DBSnapshotIdentifier`` value must be supplied.\n + If the source type is a DB cluster snapshot, a ``DBClusterSnapshotIdentifier`` value must be supplied.\n + If the source type is an RDS Proxy, a ``DBProxyName`` value must be supplied." + }, + "sourceType": { + "type": "string", + "description": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to ``db-instance``. For RDS Proxy events, specify ``db-proxy``. If this value isn't specified, all events are returned.\n Valid Values:``db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot | db-proxy | zero-etl | custom-engine-version | blue-green-deployment``" + }, + "subscriptionName": { + "type": "string", + "description": "The name of the subscription.\n Constraints: The name must be less than 255 characters." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An optional array of key-value pairs to apply to this subscription." + } + }, + "outputs": { + "enabled": { + "type": "boolean", + "description": "Specifies whether to activate the subscription. If the event notification subscription isn't activated, the subscription is created but not active." + }, + "eventCategories": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of event categories for a particular source type (``SourceType``) that you want to subscribe to. You can see a list of the categories for a given source type in the \"Amazon RDS event categories and event messages\" section of the [Amazon RDS User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [Amazon Aurora User Guide](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html). You can also see this list by using the ``DescribeEventCategories`` operation." + }, + "snsTopicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. SNS automatically creates the ARN when you create a topic and subscribe to it.\n RDS doesn't support FIFO (first in, first out) topics. For more information, see [Message ordering and deduplication (FIFO topics)](https://docs.aws.amazon.com/sns/latest/dg/sns-fifo-topics.html) in the *Amazon Simple Notification Service Developer Guide*.", + "replaceOnChanges": true + }, + "sourceIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n Constraints:\n + If ``SourceIds`` are supplied, ``SourceType`` must also be provided.\n + If the source type is a DB instance, a ``DBInstanceIdentifier`` value must be supplied.\n + If the source type is a DB cluster, a ``DBClusterIdentifier`` value must be supplied.\n + If the source type is a DB parameter group, a ``DBParameterGroupName`` value must be supplied.\n + If the source type is a DB security group, a ``DBSecurityGroupName`` value must be supplied.\n + If the source type is a DB snapshot, a ``DBSnapshotIdentifier`` value must be supplied.\n + If the source type is a DB cluster snapshot, a ``DBClusterSnapshotIdentifier`` value must be supplied.\n + If the source type is an RDS Proxy, a ``DBProxyName`` value must be supplied." + }, + "sourceType": { + "type": "string", + "description": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to ``db-instance``. For RDS Proxy events, specify ``db-proxy``. If this value isn't specified, all events are returned.\n Valid Values:``db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot | db-proxy | zero-etl | custom-engine-version | blue-green-deployment``" + }, + "subscriptionName": { + "type": "string", + "description": "The name of the subscription.\n Constraints: The name must be less than 255 characters.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An optional array of key-value pairs to apply to this subscription." + } + }, + "autoNamingSpec": { + "sdkName": "subscriptionName", + "maxLength": 255 + }, + "required": [ + "snsTopicArn" + ], + "createOnly": [ + "snsTopicArn", + "subscriptionName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rds:GlobalCluster": { + "cf": "AWS::RDS::GlobalCluster", + "inputs": { + "deletionProtection": { + "type": "boolean", + "description": "The deletion protection setting for the new global database. The global database can't be deleted when deletion protection is enabled." + }, + "engine": { + "$ref": "#/types/aws-native:rds:GlobalClusterEngine", + "description": "The name of the database engine to be used for this DB cluster. Valid Values: aurora (for MySQL 5.6-compatible Aurora), aurora-mysql (for MySQL 5.7-compatible Aurora).\nIf you specify the SourceDBClusterIdentifier property, don't specify this property. The value is inherited from the cluster." + }, + "engineLifecycleSupport": { + "type": "string", + "description": "The life cycle type of the global cluster. You can use this setting to enroll your global cluster into Amazon RDS Extended Support." + }, + "engineVersion": { + "type": "string", + "description": "The version number of the database engine to use. If you specify the SourceDBClusterIdentifier property, don't specify this property. The value is inherited from the cluster." + }, + "globalClusterIdentifier": { + "type": "string", + "description": "The cluster identifier of the new global database cluster. This parameter is stored as a lowercase string." + }, + "sourceDbClusterIdentifier": { + "type": "string", + "description": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database. This parameter is optional. This parameter is stored as a lowercase string." + }, + "storageEncrypted": { + "type": "boolean", + "description": " The storage encryption setting for the new global database cluster.\nIf you specify the SourceDBClusterIdentifier property, don't specify this property. The value is inherited from the cluster." + } + }, + "outputs": { + "deletionProtection": { + "type": "boolean", + "description": "The deletion protection setting for the new global database. The global database can't be deleted when deletion protection is enabled." + }, + "engine": { + "$ref": "#/types/aws-native:rds:GlobalClusterEngine", + "description": "The name of the database engine to be used for this DB cluster. Valid Values: aurora (for MySQL 5.6-compatible Aurora), aurora-mysql (for MySQL 5.7-compatible Aurora).\nIf you specify the SourceDBClusterIdentifier property, don't specify this property. The value is inherited from the cluster.", + "replaceOnChanges": true + }, + "engineLifecycleSupport": { + "type": "string", + "description": "The life cycle type of the global cluster. You can use this setting to enroll your global cluster into Amazon RDS Extended Support." + }, + "engineVersion": { + "type": "string", + "description": "The version number of the database engine to use. If you specify the SourceDBClusterIdentifier property, don't specify this property. The value is inherited from the cluster." + }, + "globalClusterIdentifier": { + "type": "string", + "description": "The cluster identifier of the new global database cluster. This parameter is stored as a lowercase string.", + "replaceOnChanges": true + }, + "sourceDbClusterIdentifier": { + "type": "string", + "description": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database. This parameter is optional. This parameter is stored as a lowercase string.", + "replaceOnChanges": true + }, + "storageEncrypted": { + "type": "boolean", + "description": " The storage encryption setting for the new global database cluster.\nIf you specify the SourceDBClusterIdentifier property, don't specify this property. The value is inherited from the cluster.", + "replaceOnChanges": true + } + }, + "createOnly": [ + "engine", + "globalClusterIdentifier", + "sourceDbClusterIdentifier", + "storageEncrypted" + ], + "irreversibleNames": { + "sourceDbClusterIdentifier": "SourceDBClusterIdentifier" + } + }, + "aws-native:rds:Integration": { + "cf": "AWS::RDS::Integration", + "inputs": { + "additionalEncryptionContext": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An optional set of non-secret key–value pairs that contains additional contextual information about the data. For more information, see [Encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the *Key Management Service Developer Guide*.\n You can only include this parameter if you specify the ``KMSKeyId`` parameter." + }, + "dataFilter": { + "type": "string", + "description": "Data filters for the integration. These filters determine which tables from the source database are sent to the target Amazon Redshift data warehouse." + }, + "description": { + "type": "string", + "description": "A description of the integration." + }, + "integrationName": { + "type": "string", + "description": "The name of the integration." + }, + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management System (AWS KMS) key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, RDS uses a default AWS owned key." + }, + "sourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the database to use as the source for replication." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*." + }, + "targetArn": { + "type": "string", + "description": "The ARN of the Redshift data warehouse to use as the target for replication." + } + }, + "outputs": { + "additionalEncryptionContext": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An optional set of non-secret key–value pairs that contains additional contextual information about the data. For more information, see [Encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the *Key Management Service Developer Guide*.\n You can only include this parameter if you specify the ``KMSKeyId`` parameter.", + "replaceOnChanges": true + }, + "createTime": { + "type": "string", + "description": "The time when the integration was created, in Universal Coordinated Time (UTC)." + }, + "dataFilter": { + "type": "string", + "description": "Data filters for the integration. These filters determine which tables from the source database are sent to the target Amazon Redshift data warehouse." + }, + "description": { + "type": "string", + "description": "A description of the integration." + }, + "integrationArn": { + "type": "string", + "description": "The ARN of the integration." + }, + "integrationName": { + "type": "string", + "description": "The name of the integration." + }, + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management System (AWS KMS) key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, RDS uses a default AWS owned key.", + "replaceOnChanges": true + }, + "sourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the database to use as the source for replication.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*." + }, + "targetArn": { + "type": "string", + "description": "The ARN of the Redshift data warehouse to use as the target for replication.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "integrationName", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "sourceArn", + "targetArn" + ], + "createOnly": [ + "additionalEncryptionContext", + "kmsKeyId", + "sourceArn", + "targetArn" + ], + "irreversibleNames": { + "kmsKeyId": "KMSKeyId" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rds:OptionGroup": { + "cf": "AWS::RDS::OptionGroup", + "inputs": { + "engineName": { + "type": "string", + "description": "Specifies the name of the engine that this option group should be associated with.\n Valid Values: \n + ``mariadb`` \n + ``mysql`` \n + ``oracle-ee`` \n + ``oracle-ee-cdb`` \n + ``oracle-se2`` \n + ``oracle-se2-cdb`` \n + ``postgres`` \n + ``sqlserver-ee`` \n + ``sqlserver-se`` \n + ``sqlserver-ex`` \n + ``sqlserver-web``" + }, + "majorEngineVersion": { + "type": "string", + "description": "Specifies the major version of the engine that this option group should be associated with." + }, + "optionConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rds:OptionGroupOptionConfiguration" + }, + "description": "A list of all available options for an option group." + }, + "optionGroupDescription": { + "type": "string", + "description": "The description of the option group." + }, + "optionGroupName": { + "type": "string", + "description": "The name of the option group to be created.\n Constraints:\n + Must be 1 to 255 letters, numbers, or hyphens\n + First character must be a letter\n + Can't end with a hyphen or contain two consecutive hyphens\n \n Example: ``myoptiongroup`` \n If you don't specify a value for ``OptionGroupName`` property, a name is automatically created for the option group.\n This value is stored as a lowercase string." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the option group." + } + }, + "outputs": { + "engineName": { + "type": "string", + "description": "Specifies the name of the engine that this option group should be associated with.\n Valid Values: \n + ``mariadb`` \n + ``mysql`` \n + ``oracle-ee`` \n + ``oracle-ee-cdb`` \n + ``oracle-se2`` \n + ``oracle-se2-cdb`` \n + ``postgres`` \n + ``sqlserver-ee`` \n + ``sqlserver-se`` \n + ``sqlserver-ex`` \n + ``sqlserver-web``", + "replaceOnChanges": true + }, + "majorEngineVersion": { + "type": "string", + "description": "Specifies the major version of the engine that this option group should be associated with.", + "replaceOnChanges": true + }, + "optionConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rds:OptionGroupOptionConfiguration" + }, + "description": "A list of all available options for an option group." + }, + "optionGroupDescription": { + "type": "string", + "description": "The description of the option group.", + "replaceOnChanges": true + }, + "optionGroupName": { + "type": "string", + "description": "The name of the option group to be created.\n Constraints:\n + Must be 1 to 255 letters, numbers, or hyphens\n + First character must be a letter\n + Can't end with a hyphen or contain two consecutive hyphens\n \n Example: ``myoptiongroup`` \n If you don't specify a value for ``OptionGroupName`` property, a name is automatically created for the option group.\n This value is stored as a lowercase string.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags to assign to the option group." + } + }, + "autoNamingSpec": { + "sdkName": "optionGroupName" + }, + "required": [ + "engineName", + "majorEngineVersion", + "optionGroupDescription" + ], + "createOnly": [ + "engineName", + "majorEngineVersion", + "optionGroupDescription", + "optionGroupName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:redshift:Cluster": { + "cf": "AWS::Redshift::Cluster", + "inputs": { + "allowVersionUpgrade": { + "type": "boolean", + "description": "Major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster. Default value is True" + }, + "aquaConfigurationStatus": { + "type": "string", + "description": "The value represents how the cluster is configured to use AQUA (Advanced Query Accelerator) after the cluster is restored. Possible values include the following.\n\nenabled - Use AQUA if it is available for the current Region and Amazon Redshift node type.\ndisabled - Don't use AQUA.\nauto - Amazon Redshift determines whether to use AQUA.\n" + }, + "automatedSnapshotRetentionPeriod": { + "type": "integer", + "description": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Default value is 1" + }, + "availabilityZone": { + "type": "string", + "description": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. Default: A random, system-chosen Availability Zone in the region that is specified by the endpoint" + }, + "availabilityZoneRelocation": { + "type": "boolean", + "description": "The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster modification is complete." + }, + "availabilityZoneRelocationStatus": { + "type": "string", + "description": "The availability zone relocation status of the cluster" + }, + "classic": { + "type": "boolean", + "description": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to false , the resize type is elastic." + }, + "clusterIdentifier": { + "type": "string", + "description": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. All alphabetical characters must be lower case, no hypens at the end, no two consecutive hyphens. Cluster name should be unique for all clusters within an AWS account" + }, + "clusterParameterGroupName": { + "type": "string", + "description": "The name of the parameter group to be associated with this cluster." + }, + "clusterSecurityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security groups to be associated with this cluster." + }, + "clusterSubnetGroupName": { + "type": "string", + "description": "The name of a cluster subnet group to be associated with this cluster." + }, + "clusterType": { + "type": "string", + "description": "The type of the cluster. When cluster type is specified as single-node, the NumberOfNodes parameter is not required and if multi-node, the NumberOfNodes parameter is required" + }, + "clusterVersion": { + "type": "string", + "description": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.The version selected runs on all the nodes in the cluster." + }, + "dbName": { + "type": "string", + "description": "The name of the first database to be created when the cluster is created. To create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database." + }, + "deferMaintenance": { + "type": "boolean", + "description": "A boolean indicating whether to enable the deferred maintenance window." + }, + "deferMaintenanceDuration": { + "type": "integer", + "description": "An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less." + }, + "deferMaintenanceEndTime": { + "type": "string", + "description": "A timestamp indicating end time for the deferred maintenance window. If you specify an end time, you can't specify a duration." + }, + "deferMaintenanceStartTime": { + "type": "string", + "description": "A timestamp indicating the start time for the deferred maintenance window." + }, + "destinationRegion": { + "type": "string", + "description": "The destination AWS Region that you want to copy snapshots to. Constraints: Must be the name of a valid AWS Region. For more information, see Regions and Endpoints in the Amazon Web Services [https://docs.aws.amazon.com/general/latest/gr/rande.html#redshift_region] General Reference" + }, + "elasticIp": { + "type": "string", + "description": "The Elastic IP (EIP) address for the cluster." + }, + "encrypted": { + "type": "boolean", + "description": "If true, the data in the cluster is encrypted at rest." + }, + "endpoint": { + "$ref": "#/types/aws-native:redshift:ClusterEndpoint", + "description": "The connection endpoint." + }, + "enhancedVpcRouting": { + "type": "boolean", + "description": "An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see Enhanced VPC Routing in the Amazon Redshift Cluster Management Guide.\n\nIf this option is true , enhanced VPC routing is enabled.\n\nDefault: false" + }, + "hsmClientCertificateIdentifier": { + "type": "string", + "description": "Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM" + }, + "hsmConfigurationIdentifier": { + "type": "string", + "description": "Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM." + }, + "iamRoles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format. You can supply up to 50 IAM roles in a single request" + }, + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster." + }, + "loggingProperties": { + "$ref": "#/types/aws-native:redshift:ClusterLoggingProperties", + "description": "Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster." + }, + "maintenanceTrackName": { + "type": "string", + "description": "The name for the maintenance track that you want to assign for the cluster. This name change is asynchronous. The new track name stays in the PendingModifiedValues for the cluster until the next maintenance window. When the maintenance track changes, the cluster is switched to the latest cluster release available for the maintenance track. At this point, the maintenance track name is applied." + }, + "manageMasterPassword": { + "type": "boolean", + "description": "A boolean indicating if the redshift cluster's admin user credentials is managed by Redshift or not. You can't use MasterUserPassword if ManageMasterPassword is true. If ManageMasterPassword is false or not set, Amazon Redshift uses MasterUserPassword for the admin user account's password." + }, + "manualSnapshotRetentionPeriod": { + "type": "integer", + "description": "The number of days to retain newly copied snapshots in the destination AWS Region after they are copied from the source AWS Region. If the value is -1, the manual snapshot is retained indefinitely.\n\nThe value must be either -1 or an integer between 1 and 3,653." + }, + "masterPasswordSecretKmsKeyId": { + "type": "string", + "description": "The ID of the Key Management Service (KMS) key used to encrypt and store the cluster's admin user credentials secret." + }, + "masterUserPassword": { + "type": "string", + "description": "The password associated with the master user account for the cluster that is being created. You can't use MasterUserPassword if ManageMasterPassword is true. Password must be between 8 and 64 characters in length, should have at least one uppercase letter.Must contain at least one lowercase letter.Must contain one number.Can be any printable ASCII character." + }, + "masterUsername": { + "type": "string", + "description": "The user name associated with the master user account for the cluster that is being created. The user name can't be PUBLIC and first character must be a letter." + }, + "multiAz": { + "type": "boolean", + "description": "A boolean indicating if the redshift cluster is multi-az or not. If you don't provide this parameter or set the value to false, the redshift cluster will be single-az." + }, + "namespaceResourcePolicy": { + "$ref": "pulumi.json#/Any", + "description": "The namespace resource policy document that will be attached to a Redshift cluster.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Redshift::Cluster` for more information about the expected schema for this property." + }, + "nodeType": { + "type": "string", + "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge" + }, + "numberOfNodes": { + "type": "integer", + "description": "The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node." + }, + "ownerAccount": { + "type": "string", + "description": "The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot." + }, + "port": { + "type": "integer", + "description": "The port number on which the cluster accepts incoming connections. The cluster is accessible only via the JDBC and ODBC connection strings" + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The weekly time range (in UTC) during which automated cluster maintenance can occur." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "If true, the cluster can be accessed from a public network." + }, + "resourceAction": { + "type": "string", + "description": "The Redshift operation to be performed. Resource Action supports pause-cluster, resume-cluster, failover-primary-compute APIs" + }, + "revisionTarget": { + "type": "string", + "description": "The identifier of the database revision. You can retrieve this value from the response to the DescribeClusterDbRevisions request." + }, + "rotateEncryptionKey": { + "type": "boolean", + "description": "A boolean indicating if we want to rotate Encryption Keys." + }, + "snapshotClusterIdentifier": { + "type": "string", + "description": "The name of the cluster the source snapshot was created from. This parameter is required if your IAM user has a policy containing a snapshot resource element that specifies anything other than * for the cluster name." + }, + "snapshotCopyGrantName": { + "type": "string", + "description": "The name of the snapshot copy grant to use when snapshots of an AWS KMS-encrypted cluster are copied to the destination region." + }, + "snapshotCopyManual": { + "type": "boolean", + "description": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots." + }, + "snapshotCopyRetentionPeriod": { + "type": "integer", + "description": "The number of days to retain automated snapshots in the destination region after they are copied from the source region. \n\n Default is 7. \n\n Constraints: Must be at least 1 and no more than 35." + }, + "snapshotIdentifier": { + "type": "string", + "description": "The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags for the cluster parameter group." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster." + } + }, + "outputs": { + "allowVersionUpgrade": { + "type": "boolean", + "description": "Major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster. Default value is True" + }, + "aquaConfigurationStatus": { + "type": "string", + "description": "The value represents how the cluster is configured to use AQUA (Advanced Query Accelerator) after the cluster is restored. Possible values include the following.\n\nenabled - Use AQUA if it is available for the current Region and Amazon Redshift node type.\ndisabled - Don't use AQUA.\nauto - Amazon Redshift determines whether to use AQUA.\n" + }, + "automatedSnapshotRetentionPeriod": { + "type": "integer", + "description": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Default value is 1" + }, + "availabilityZone": { + "type": "string", + "description": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. Default: A random, system-chosen Availability Zone in the region that is specified by the endpoint" + }, + "availabilityZoneRelocation": { + "type": "boolean", + "description": "The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster modification is complete." + }, + "availabilityZoneRelocationStatus": { + "type": "string", + "description": "The availability zone relocation status of the cluster" + }, + "classic": { + "type": "boolean", + "description": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to false , the resize type is elastic." + }, + "clusterIdentifier": { + "type": "string", + "description": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. All alphabetical characters must be lower case, no hypens at the end, no two consecutive hyphens. Cluster name should be unique for all clusters within an AWS account", + "replaceOnChanges": true + }, + "clusterNamespaceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the cluster namespace." + }, + "clusterParameterGroupName": { + "type": "string", + "description": "The name of the parameter group to be associated with this cluster." + }, + "clusterSecurityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security groups to be associated with this cluster." + }, + "clusterSubnetGroupName": { + "type": "string", + "description": "The name of a cluster subnet group to be associated with this cluster.", + "replaceOnChanges": true + }, + "clusterType": { + "type": "string", + "description": "The type of the cluster. When cluster type is specified as single-node, the NumberOfNodes parameter is not required and if multi-node, the NumberOfNodes parameter is required" + }, + "clusterVersion": { + "type": "string", + "description": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.The version selected runs on all the nodes in the cluster." + }, + "dbName": { + "type": "string", + "description": "The name of the first database to be created when the cluster is created. To create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database.", + "replaceOnChanges": true + }, + "deferMaintenance": { + "type": "boolean", + "description": "A boolean indicating whether to enable the deferred maintenance window." + }, + "deferMaintenanceDuration": { + "type": "integer", + "description": "An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less." + }, + "deferMaintenanceEndTime": { + "type": "string", + "description": "A timestamp indicating end time for the deferred maintenance window. If you specify an end time, you can't specify a duration." + }, + "deferMaintenanceIdentifier": { + "type": "string", + "description": "A unique identifier for the deferred maintenance window." + }, + "deferMaintenanceStartTime": { + "type": "string", + "description": "A timestamp indicating the start time for the deferred maintenance window." + }, + "destinationRegion": { + "type": "string", + "description": "The destination AWS Region that you want to copy snapshots to. Constraints: Must be the name of a valid AWS Region. For more information, see Regions and Endpoints in the Amazon Web Services [https://docs.aws.amazon.com/general/latest/gr/rande.html#redshift_region] General Reference" + }, + "elasticIp": { + "type": "string", + "description": "The Elastic IP (EIP) address for the cluster." + }, + "encrypted": { + "type": "boolean", + "description": "If true, the data in the cluster is encrypted at rest." + }, + "endpoint": { + "$ref": "#/types/aws-native:redshift:ClusterEndpoint", + "description": "The connection endpoint." + }, + "enhancedVpcRouting": { + "type": "boolean", + "description": "An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see Enhanced VPC Routing in the Amazon Redshift Cluster Management Guide.\n\nIf this option is true , enhanced VPC routing is enabled.\n\nDefault: false" + }, + "hsmClientCertificateIdentifier": { + "type": "string", + "description": "Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM" + }, + "hsmConfigurationIdentifier": { + "type": "string", + "description": "Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM." + }, + "iamRoles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format. You can supply up to 50 IAM roles in a single request" + }, + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster." + }, + "loggingProperties": { + "$ref": "#/types/aws-native:redshift:ClusterLoggingProperties", + "description": "Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster." + }, + "maintenanceTrackName": { + "type": "string", + "description": "The name for the maintenance track that you want to assign for the cluster. This name change is asynchronous. The new track name stays in the PendingModifiedValues for the cluster until the next maintenance window. When the maintenance track changes, the cluster is switched to the latest cluster release available for the maintenance track. At this point, the maintenance track name is applied." + }, + "manageMasterPassword": { + "type": "boolean", + "description": "A boolean indicating if the redshift cluster's admin user credentials is managed by Redshift or not. You can't use MasterUserPassword if ManageMasterPassword is true. If ManageMasterPassword is false or not set, Amazon Redshift uses MasterUserPassword for the admin user account's password." + }, + "manualSnapshotRetentionPeriod": { + "type": "integer", + "description": "The number of days to retain newly copied snapshots in the destination AWS Region after they are copied from the source AWS Region. If the value is -1, the manual snapshot is retained indefinitely.\n\nThe value must be either -1 or an integer between 1 and 3,653." + }, + "masterPasswordSecretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the cluster's admin user credentials secret." + }, + "masterPasswordSecretKmsKeyId": { + "type": "string", + "description": "The ID of the Key Management Service (KMS) key used to encrypt and store the cluster's admin user credentials secret." + }, + "masterUserPassword": { + "type": "string", + "description": "The password associated with the master user account for the cluster that is being created. You can't use MasterUserPassword if ManageMasterPassword is true. Password must be between 8 and 64 characters in length, should have at least one uppercase letter.Must contain at least one lowercase letter.Must contain one number.Can be any printable ASCII character." + }, + "masterUsername": { + "type": "string", + "description": "The user name associated with the master user account for the cluster that is being created. The user name can't be PUBLIC and first character must be a letter.", + "replaceOnChanges": true + }, + "multiAz": { + "type": "boolean", + "description": "A boolean indicating if the redshift cluster is multi-az or not. If you don't provide this parameter or set the value to false, the redshift cluster will be single-az." + }, + "namespaceResourcePolicy": { + "$ref": "pulumi.json#/Any", + "description": "The namespace resource policy document that will be attached to a Redshift cluster.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Redshift::Cluster` for more information about the expected schema for this property." + }, + "nodeType": { + "type": "string", + "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge" + }, + "numberOfNodes": { + "type": "integer", + "description": "The number of compute nodes in the cluster. This parameter is required when the ClusterType parameter is specified as multi-node." + }, + "ownerAccount": { + "type": "string", + "description": "The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.", + "replaceOnChanges": true + }, + "port": { + "type": "integer", + "description": "The port number on which the cluster accepts incoming connections. The cluster is accessible only via the JDBC and ODBC connection strings" + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The weekly time range (in UTC) during which automated cluster maintenance can occur." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "If true, the cluster can be accessed from a public network." + }, + "resourceAction": { + "type": "string", + "description": "The Redshift operation to be performed. Resource Action supports pause-cluster, resume-cluster, failover-primary-compute APIs" + }, + "revisionTarget": { + "type": "string", + "description": "The identifier of the database revision. You can retrieve this value from the response to the DescribeClusterDbRevisions request." + }, + "rotateEncryptionKey": { + "type": "boolean", + "description": "A boolean indicating if we want to rotate Encryption Keys." + }, + "snapshotClusterIdentifier": { + "type": "string", + "description": "The name of the cluster the source snapshot was created from. This parameter is required if your IAM user has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", + "replaceOnChanges": true + }, + "snapshotCopyGrantName": { + "type": "string", + "description": "The name of the snapshot copy grant to use when snapshots of an AWS KMS-encrypted cluster are copied to the destination region." + }, + "snapshotCopyManual": { + "type": "boolean", + "description": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots." + }, + "snapshotCopyRetentionPeriod": { + "type": "integer", + "description": "The number of days to retain automated snapshots in the destination region after they are copied from the source region. \n\n Default is 7. \n\n Constraints: Must be at least 1 and no more than 35." + }, + "snapshotIdentifier": { + "type": "string", + "description": "The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags for the cluster parameter group." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster." + } + }, + "required": [ + "clusterType", + "dbName", + "masterUsername", + "nodeType" + ], + "createOnly": [ + "clusterIdentifier", + "clusterSubnetGroupName", + "dbName", + "masterUsername", + "ownerAccount", + "snapshotClusterIdentifier", + "snapshotIdentifier" + ], + "writeOnly": [ + "classic", + "deferMaintenance", + "deferMaintenanceDuration", + "manageMasterPassword", + "masterUserPassword", + "snapshotIdentifier" + ], + "irreversibleNames": { + "dbName": "DBName", + "multiAz": "MultiAZ" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:redshift:ClusterParameterGroup": { + "cf": "AWS::Redshift::ClusterParameterGroup", + "inputs": { + "description": { + "type": "string", + "description": "A description of the parameter group." + }, + "parameterGroupFamily": { + "type": "string", + "description": "The Amazon Redshift engine version to which the cluster parameter group applies. The cluster engine version determines the set of parameters." + }, + "parameterGroupName": { + "type": "string", + "description": "The name of the cluster parameter group." + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshift:ClusterParameterGroupParameter" + }, + "description": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "A description of the parameter group.", + "replaceOnChanges": true + }, + "parameterGroupFamily": { + "type": "string", + "description": "The Amazon Redshift engine version to which the cluster parameter group applies. The cluster engine version determines the set of parameters.", + "replaceOnChanges": true + }, + "parameterGroupName": { + "type": "string", + "description": "The name of the cluster parameter group.", + "replaceOnChanges": true + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshift:ClusterParameterGroupParameter" + }, + "description": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "parameterGroupName", + "maxLength": 255 + }, + "required": [ + "description", + "parameterGroupFamily" + ], + "createOnly": [ + "description", + "parameterGroupFamily", + "parameterGroupName" + ], + "writeOnly": [ + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:redshift:ClusterSubnetGroup": { + "cf": "AWS::Redshift::ClusterSubnetGroup", + "inputs": { + "description": { + "type": "string", + "description": "The description of the parameter group." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of VPC subnet IDs" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags for the cluster parameter group." + } + }, + "outputs": { + "clusterSubnetGroupName": { + "type": "string", + "description": "This name must be unique for all subnet groups that are created by your AWS account. If costumer do not provide it, cloudformation will generate it. Must not be \"Default\". " + }, + "description": { + "type": "string", + "description": "The description of the parameter group." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of VPC subnet IDs" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags for the cluster parameter group." + } + }, + "required": [ + "description", + "subnetIds" + ], + "writeOnly": [ + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:redshift:EndpointAccess": { + "cf": "AWS::Redshift::EndpointAccess", + "inputs": { + "clusterIdentifier": { + "type": "string", + "description": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. All alphabetical characters must be lower case, no hypens at the end, no two consecutive hyphens. Cluster name should be unique for all clusters within an AWS account" + }, + "endpointName": { + "type": "string", + "description": "The name of the endpoint." + }, + "resourceOwner": { + "type": "string", + "description": "The AWS account ID of the owner of the cluster." + }, + "subnetGroupName": { + "type": "string", + "description": "The subnet group name where Amazon Redshift chooses to deploy the endpoint." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of vpc security group ids to apply to the created endpoint access." + } + }, + "outputs": { + "address": { + "type": "string", + "description": "The DNS address of the endpoint." + }, + "clusterIdentifier": { + "type": "string", + "description": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. All alphabetical characters must be lower case, no hypens at the end, no two consecutive hyphens. Cluster name should be unique for all clusters within an AWS account", + "replaceOnChanges": true + }, + "endpointCreateTime": { + "type": "string", + "description": "The time (UTC) that the endpoint was created." + }, + "endpointName": { + "type": "string", + "description": "The name of the endpoint.", + "replaceOnChanges": true + }, + "endpointStatus": { + "type": "string", + "description": "The status of the endpoint." + }, + "port": { + "type": "integer", + "description": "The port number on which the cluster accepts incoming connections." + }, + "resourceOwner": { + "type": "string", + "description": "The AWS account ID of the owner of the cluster.", + "replaceOnChanges": true + }, + "subnetGroupName": { + "type": "string", + "description": "The subnet group name where Amazon Redshift chooses to deploy the endpoint.", + "replaceOnChanges": true + }, + "vpcEndpoint": { + "$ref": "#/types/aws-native:redshift:VpcEndpointProperties", + "description": "The connection endpoint for connecting to an Amazon Redshift cluster through the proxy." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of vpc security group ids to apply to the created endpoint access." + }, + "vpcSecurityGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshift:EndpointAccessVpcSecurityGroup" + }, + "description": "A list of Virtual Private Cloud (VPC) security groups to be associated with the endpoint." + } + }, + "required": [ + "clusterIdentifier", + "endpointName", + "subnetGroupName", + "vpcSecurityGroupIds" + ], + "createOnly": [ + "clusterIdentifier", + "endpointName", + "resourceOwner", + "subnetGroupName" + ] + }, + "aws-native:redshift:EndpointAuthorization": { + "cf": "AWS::Redshift::EndpointAuthorization", + "inputs": { + "account": { + "type": "string", + "description": "The target AWS account ID to grant or revoke access for." + }, + "clusterIdentifier": { + "type": "string", + "description": "The cluster identifier." + }, + "force": { + "type": "boolean", + "description": " Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted." + }, + "vpcIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The virtual private cloud (VPC) identifiers to grant or revoke access to." + } + }, + "outputs": { + "account": { + "type": "string", + "description": "The target AWS account ID to grant or revoke access for.", + "replaceOnChanges": true + }, + "allowedAllVpcs": { + "type": "boolean", + "description": "Indicates whether all VPCs in the grantee account are allowed access to the cluster." + }, + "allowedVpcs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The VPCs allowed access to the cluster." + }, + "authorizeTime": { + "type": "string", + "description": "The time (UTC) when the authorization was created." + }, + "clusterIdentifier": { + "type": "string", + "description": "The cluster identifier.", + "replaceOnChanges": true + }, + "clusterStatus": { + "type": "string", + "description": "The status of the cluster." + }, + "endpointCount": { + "type": "integer", + "description": "The number of Redshift-managed VPC endpoints created for the authorization." + }, + "force": { + "type": "boolean", + "description": " Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted." + }, + "grantee": { + "type": "string", + "description": "The AWS account ID of the grantee of the cluster." + }, + "grantor": { + "type": "string", + "description": "The AWS account ID of the cluster owner." + }, + "status": { + "type": "string", + "description": "The status of the authorization action." + }, + "vpcIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The virtual private cloud (VPC) identifiers to grant or revoke access to." + } + }, + "required": [ + "account", + "clusterIdentifier" + ], + "createOnly": [ + "account", + "clusterIdentifier" + ], + "writeOnly": [ + "force" + ], + "irreversibleNames": { + "allowedAllVpcs": "AllowedAllVPCs", + "allowedVpcs": "AllowedVPCs" + } + }, + "aws-native:redshift:EventSubscription": { + "cf": "AWS::Redshift::EventSubscription", + "inputs": { + "enabled": { + "type": "boolean", + "description": "A boolean value; set to true to activate the subscription, and set to false to create the subscription but not activate it." + }, + "eventCategories": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshift:EventSubscriptionEventCategoriesItem" + }, + "description": "Specifies the Amazon Redshift event categories to be published by the event notification subscription." + }, + "severity": { + "$ref": "#/types/aws-native:redshift:EventSubscriptionSeverity", + "description": "Specifies the Amazon Redshift event severity to be published by the event notification subscription." + }, + "snsTopicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications." + }, + "sourceIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of one or more identifiers of Amazon Redshift source objects." + }, + "sourceType": { + "$ref": "#/types/aws-native:redshift:EventSubscriptionSourceType", + "description": "The type of source that will be generating the events." + }, + "subscriptionName": { + "type": "string", + "description": "The name of the Amazon Redshift event notification subscription" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "custSubscriptionId": { + "type": "string", + "description": "The name of the Amazon Redshift event notification subscription." + }, + "customerAwsId": { + "type": "string", + "description": "The AWS account associated with the Amazon Redshift event notification subscription." + }, + "enabled": { + "type": "boolean", + "description": "A boolean value; set to true to activate the subscription, and set to false to create the subscription but not activate it." + }, + "eventCategories": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshift:EventSubscriptionEventCategoriesItem" + }, + "description": "Specifies the Amazon Redshift event categories to be published by the event notification subscription." + }, + "eventCategoriesList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of Amazon Redshift event categories specified in the event notification subscription." + }, + "severity": { + "$ref": "#/types/aws-native:redshift:EventSubscriptionSeverity", + "description": "Specifies the Amazon Redshift event severity to be published by the event notification subscription." + }, + "snsTopicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications." + }, + "sourceIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of one or more identifiers of Amazon Redshift source objects." + }, + "sourceIdsList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the sources that publish events to the Amazon Redshift event notification subscription." + }, + "sourceType": { + "$ref": "#/types/aws-native:redshift:EventSubscriptionSourceType", + "description": "The type of source that will be generating the events." + }, + "status": { + "$ref": "#/types/aws-native:redshift:EventSubscriptionStatus", + "description": "The status of the Amazon Redshift event notification subscription." + }, + "subscriptionCreationTime": { + "type": "string", + "description": "The date and time the Amazon Redshift event notification subscription was created." + }, + "subscriptionName": { + "type": "string", + "description": "The name of the Amazon Redshift event notification subscription", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "subscriptionName" + }, + "createOnly": [ + "subscriptionName" + ], + "writeOnly": [ + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:redshift:ScheduledAction": { + "cf": "AWS::Redshift::ScheduledAction", + "inputs": { + "enable": { + "type": "boolean", + "description": "If true, the schedule is enabled. If false, the scheduled action does not trigger." + }, + "endTime": { + "type": "string", + "description": "The end time in UTC of the scheduled action. After this time, the scheduled action does not trigger." + }, + "iamRole": { + "type": "string", + "description": "The IAM role to assume to run the target action." + }, + "schedule": { + "type": "string", + "description": "The schedule in `at( )` or `cron( )` format." + }, + "scheduledActionDescription": { + "type": "string", + "description": "The description of the scheduled action." + }, + "scheduledActionName": { + "type": "string", + "description": "The name of the scheduled action. The name must be unique within an account." + }, + "startTime": { + "type": "string", + "description": "The start time in UTC of the scheduled action. Before this time, the scheduled action does not trigger." + }, + "targetAction": { + "$ref": "#/types/aws-native:redshift:ScheduledActionType", + "description": "A JSON format string of the Amazon Redshift API operation with input parameters." + } + }, + "outputs": { + "enable": { + "type": "boolean", + "description": "If true, the schedule is enabled. If false, the scheduled action does not trigger." + }, + "endTime": { + "type": "string", + "description": "The end time in UTC of the scheduled action. After this time, the scheduled action does not trigger." + }, + "iamRole": { + "type": "string", + "description": "The IAM role to assume to run the target action." + }, + "nextInvocations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of times when the scheduled action will run." + }, + "schedule": { + "type": "string", + "description": "The schedule in `at( )` or `cron( )` format." + }, + "scheduledActionDescription": { + "type": "string", + "description": "The description of the scheduled action." + }, + "scheduledActionName": { + "type": "string", + "description": "The name of the scheduled action. The name must be unique within an account.", + "replaceOnChanges": true + }, + "startTime": { + "type": "string", + "description": "The start time in UTC of the scheduled action. Before this time, the scheduled action does not trigger." + }, + "state": { + "$ref": "#/types/aws-native:redshift:ScheduledActionState", + "description": "The state of the scheduled action." + }, + "targetAction": { + "$ref": "#/types/aws-native:redshift:ScheduledActionType", + "description": "A JSON format string of the Amazon Redshift API operation with input parameters." + } + }, + "autoNamingSpec": { + "sdkName": "scheduledActionName" + }, + "createOnly": [ + "scheduledActionName" + ] + }, + "aws-native:redshiftserverless:Namespace": { + "cf": "AWS::RedshiftServerless::Namespace", + "inputs": { + "adminPasswordSecretKmsKeyId": { + "type": "string", + "description": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if manageAdminPassword is true." + }, + "adminUserPassword": { + "type": "string", + "description": "The password associated with the admin user for the namespace that is being created. Password must be at least 8 characters in length, should be any printable ASCII character. Must contain at least one lowercase letter, one uppercase letter and one decimal digit. You can't use adminUserPassword if manageAdminPassword is true." + }, + "adminUsername": { + "type": "string", + "description": "The user name associated with the admin user for the namespace that is being created. Only alphanumeric characters and underscores are allowed. It should start with an alphabet." + }, + "dbName": { + "type": "string", + "description": "The database name associated for the namespace that is being created. Only alphanumeric characters and underscores are allowed. It should start with an alphabet." + }, + "defaultIamRoleArn": { + "type": "string", + "description": "The default IAM role ARN for the namespace that is being created." + }, + "finalSnapshotName": { + "type": "string", + "description": "The name of the namespace the source snapshot was created from. Please specify the name if needed before deleting namespace" + }, + "finalSnapshotRetentionPeriod": { + "type": "integer", + "description": "The number of days to retain automated snapshot in the destination region after they are copied from the source region. If the value is -1, the manual snapshot is retained indefinitely. The value must be either -1 or an integer between 1 and 3,653." + }, + "iamRoles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of AWS Identity and Access Management (IAM) roles that can be used by the namespace to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format. The Default role limit for each request is 10." + }, + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the namespace." + }, + "logExports": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshiftserverless:NamespaceLogExport" + }, + "description": "The collection of log types to be exported provided by the customer. Should only be one of the three supported log types: userlog, useractivitylog and connectionlog" + }, + "manageAdminPassword": { + "type": "boolean", + "description": "If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use adminUserPassword if manageAdminPassword is true. If manageAdminPassword is false or not set, Amazon Redshift uses adminUserPassword for the admin user account's password." + }, + "namespaceName": { + "type": "string", + "description": "A unique identifier for the namespace. You use this identifier to refer to the namespace for any subsequent namespace operations such as deleting or modifying. All alphabetical characters must be lower case. Namespace name should be unique for all namespaces within an AWS account." + }, + "namespaceResourcePolicy": { + "$ref": "pulumi.json#/Any", + "description": "The resource policy document that will be attached to the namespace.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::RedshiftServerless::Namespace` for more information about the expected schema for this property." + }, + "redshiftIdcApplicationArn": { + "type": "string", + "description": "The ARN for the Redshift application that integrates with IAM Identity Center." + }, + "snapshotCopyConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshiftserverless:NamespaceSnapshotCopyConfiguration" + }, + "description": "The snapshot copy configurations for the namespace." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The list of tags for the namespace." + } + }, + "outputs": { + "adminPasswordSecretKmsKeyId": { + "type": "string", + "description": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if manageAdminPassword is true." + }, + "adminUserPassword": { + "type": "string", + "description": "The password associated with the admin user for the namespace that is being created. Password must be at least 8 characters in length, should be any printable ASCII character. Must contain at least one lowercase letter, one uppercase letter and one decimal digit. You can't use adminUserPassword if manageAdminPassword is true." + }, + "adminUsername": { + "type": "string", + "description": "The user name associated with the admin user for the namespace that is being created. Only alphanumeric characters and underscores are allowed. It should start with an alphabet." + }, + "dbName": { + "type": "string", + "description": "The database name associated for the namespace that is being created. Only alphanumeric characters and underscores are allowed. It should start with an alphabet." + }, + "defaultIamRoleArn": { + "type": "string", + "description": "The default IAM role ARN for the namespace that is being created." + }, + "finalSnapshotName": { + "type": "string", + "description": "The name of the namespace the source snapshot was created from. Please specify the name if needed before deleting namespace" + }, + "finalSnapshotRetentionPeriod": { + "type": "integer", + "description": "The number of days to retain automated snapshot in the destination region after they are copied from the source region. If the value is -1, the manual snapshot is retained indefinitely. The value must be either -1 or an integer between 1 and 3,653." + }, + "iamRoles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of AWS Identity and Access Management (IAM) roles that can be used by the namespace to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format. The Default role limit for each request is 10." + }, + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the namespace." + }, + "logExports": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshiftserverless:NamespaceLogExport" + }, + "description": "The collection of log types to be exported provided by the customer. Should only be one of the three supported log types: userlog, useractivitylog and connectionlog" + }, + "manageAdminPassword": { + "type": "boolean", + "description": "If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use adminUserPassword if manageAdminPassword is true. If manageAdminPassword is false or not set, Amazon Redshift uses adminUserPassword for the admin user account's password." + }, + "namespace": { + "$ref": "#/types/aws-native:redshiftserverless:Namespace", + "description": "Definition of Namespace resource.", + "language": { + "csharp": { + "name": "NamespaceValue" + } + } + }, + "namespaceName": { + "type": "string", + "description": "A unique identifier for the namespace. You use this identifier to refer to the namespace for any subsequent namespace operations such as deleting or modifying. All alphabetical characters must be lower case. Namespace name should be unique for all namespaces within an AWS account.", + "replaceOnChanges": true + }, + "namespaceResourcePolicy": { + "$ref": "pulumi.json#/Any", + "description": "The resource policy document that will be attached to the namespace.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::RedshiftServerless::Namespace` for more information about the expected schema for this property." + }, + "redshiftIdcApplicationArn": { + "type": "string", + "description": "The ARN for the Redshift application that integrates with IAM Identity Center." + }, + "snapshotCopyConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshiftserverless:NamespaceSnapshotCopyConfiguration" + }, + "description": "The snapshot copy configurations for the namespace." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The list of tags for the namespace.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "namespaceName", + "minLength": 3, + "maxLength": 64 + }, + "createOnly": [ + "namespaceName", + "tags" + ], + "writeOnly": [ + "adminUserPassword", + "finalSnapshotName", + "finalSnapshotRetentionPeriod", + "manageAdminPassword", + "redshiftIdcApplicationArn", + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:redshiftserverless:Workgroup": { + "cf": "AWS::RedshiftServerless::Workgroup", + "inputs": { + "baseCapacity": { + "type": "integer", + "description": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs)." + }, + "configParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshiftserverless:WorkgroupConfigParameter" + }, + "description": "A list of parameters to set for finer control over a database. Available options are datestyle, enable_user_activity_logging, query_group, search_path, max_query_execution_time, and require_ssl." + }, + "enhancedVpcRouting": { + "type": "boolean", + "description": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC." + }, + "maxCapacity": { + "type": "integer", + "description": "The max compute capacity of the workgroup in Redshift Processing Units (RPUs)." + }, + "namespaceName": { + "type": "string", + "description": "The namespace the workgroup is associated with." + }, + "port": { + "type": "integer", + "description": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "A value that specifies whether the workgroup can be accessible from a public network." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security group IDs to associate with the workgroup." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of subnet IDs the workgroup is associated with." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The map of the key-value pairs used to tag the workgroup." + }, + "workgroupName": { + "type": "string", + "description": "The name of the workgroup." + } + }, + "outputs": { + "baseCapacity": { + "type": "integer", + "description": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs)." + }, + "configParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshiftserverless:WorkgroupConfigParameter" + }, + "description": "A list of parameters to set for finer control over a database. Available options are datestyle, enable_user_activity_logging, query_group, search_path, max_query_execution_time, and require_ssl." + }, + "enhancedVpcRouting": { + "type": "boolean", + "description": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC." + }, + "maxCapacity": { + "type": "integer", + "description": "The max compute capacity of the workgroup in Redshift Processing Units (RPUs)." + }, + "namespaceName": { + "type": "string", + "description": "The namespace the workgroup is associated with.", + "replaceOnChanges": true + }, + "port": { + "type": "integer", + "description": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "A value that specifies whether the workgroup can be accessible from a public network." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security group IDs to associate with the workgroup." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of subnet IDs the workgroup is associated with." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The map of the key-value pairs used to tag the workgroup." + }, + "workgroup": { + "$ref": "#/types/aws-native:redshiftserverless:Workgroup", + "description": "Definition for workgroup resource", + "language": { + "csharp": { + "name": "WorkgroupValue" + } + } + }, + "workgroupName": { + "type": "string", + "description": "The name of the workgroup.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "workgroupName", + "minLength": 3, + "maxLength": 64 + }, + "createOnly": [ + "namespaceName", + "workgroupName" + ], + "writeOnly": [ + "baseCapacity", + "configParameters", + "maxCapacity", + "securityGroupIds", + "subnetIds", + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:refactorspaces:Application": { + "cf": "AWS::RefactorSpaces::Application", + "inputs": { + "apiGatewayProxy": { + "$ref": "#/types/aws-native:refactorspaces:ApplicationApiGatewayProxyInput", + "description": "The endpoint URL of the Amazon API Gateway proxy." + }, + "environmentIdentifier": { + "type": "string", + "description": "The unique identifier of the environment." + }, + "name": { + "type": "string", + "description": "The name of the application." + }, + "proxyType": { + "$ref": "#/types/aws-native:refactorspaces:ApplicationProxyType", + "description": "The proxy type of the proxy created within the application." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair." + }, + "vpcId": { + "type": "string", + "description": "The ID of the virtual private cloud (VPC)." + } + }, + "outputs": { + "apiGatewayId": { + "type": "string", + "description": "The resource ID of the API Gateway for the proxy." + }, + "apiGatewayProxy": { + "$ref": "#/types/aws-native:refactorspaces:ApplicationApiGatewayProxyInput", + "description": "The endpoint URL of the Amazon API Gateway proxy.", + "replaceOnChanges": true + }, + "applicationIdentifier": { + "type": "string", + "description": "The unique identifier of the application." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the application." + }, + "environmentIdentifier": { + "type": "string", + "description": "The unique identifier of the environment.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the application.", + "replaceOnChanges": true + }, + "nlbArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Network Load Balancer ." + }, + "nlbName": { + "type": "string", + "description": "The name of the Network Load Balancer configured by the API Gateway proxy." + }, + "proxyType": { + "$ref": "#/types/aws-native:refactorspaces:ApplicationProxyType", + "description": "The proxy type of the proxy created within the application.", + "replaceOnChanges": true + }, + "proxyUrl": { + "type": "string", + "description": "The endpoint URL of the Amazon API Gateway proxy." + }, + "stageName": { + "type": "string", + "description": "The name of the API Gateway stage. The name defaults to `prod` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair." + }, + "vpcId": { + "type": "string", + "description": "The ID of the virtual private cloud (VPC).", + "replaceOnChanges": true + }, + "vpcLinkId": { + "type": "string", + "description": "The `VpcLink` ID of the API Gateway proxy." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 63 + }, + "required": [ + "environmentIdentifier", + "proxyType", + "vpcId" + ], + "createOnly": [ + "apiGatewayProxy", + "environmentIdentifier", + "name", + "proxyType", + "vpcId" + ], + "writeOnly": [ + "apiGatewayProxy" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:refactorspaces:Environment": { + "cf": "AWS::RefactorSpaces::Environment", + "inputs": { + "description": { + "type": "string", + "description": "A description of the environment." + }, + "name": { + "type": "string", + "description": "The name of the environment." + }, + "networkFabricType": { + "$ref": "#/types/aws-native:refactorspaces:EnvironmentNetworkFabricType", + "description": "The network fabric type of the environment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the environment." + }, + "description": { + "type": "string", + "description": "A description of the environment.", + "replaceOnChanges": true + }, + "environmentIdentifier": { + "type": "string", + "description": "The unique identifier of the environment." + }, + "name": { + "type": "string", + "description": "The name of the environment.", + "replaceOnChanges": true + }, + "networkFabricType": { + "$ref": "#/types/aws-native:refactorspaces:EnvironmentNetworkFabricType", + "description": "The network fabric type of the environment.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair." + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of the AWS Transit Gateway set up by the environment." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 63 + }, + "required": [ + "networkFabricType" + ], + "createOnly": [ + "description", + "name", + "networkFabricType" + ], + "writeOnly": [ + "description", + "name", + "networkFabricType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:refactorspaces:Route": { + "cf": "AWS::RefactorSpaces::Route", + "inputs": { + "applicationIdentifier": { + "type": "string", + "description": "The unique identifier of the application." + }, + "defaultRoute": { + "$ref": "#/types/aws-native:refactorspaces:RouteDefaultRouteInput", + "description": "Configuration for the default route type." + }, + "environmentIdentifier": { + "type": "string", + "description": "The unique identifier of the environment." + }, + "routeType": { + "$ref": "#/types/aws-native:refactorspaces:RouteType", + "description": "The route type of the route." + }, + "serviceIdentifier": { + "type": "string", + "description": "The unique identifier of the service." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair." + }, + "uriPathRoute": { + "$ref": "#/types/aws-native:refactorspaces:RouteUriPathRouteInput", + "description": "The configuration for the URI path route type." + } + }, + "outputs": { + "applicationIdentifier": { + "type": "string", + "description": "The unique identifier of the application.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the route." + }, + "defaultRoute": { + "$ref": "#/types/aws-native:refactorspaces:RouteDefaultRouteInput", + "description": "Configuration for the default route type." + }, + "environmentIdentifier": { + "type": "string", + "description": "The unique identifier of the environment.", + "replaceOnChanges": true + }, + "pathResourceToId": { + "type": "string", + "description": "A mapping of Amazon API Gateway path resources to resource IDs." + }, + "routeIdentifier": { + "type": "string", + "description": "The unique identifier of the route." + }, + "routeType": { + "$ref": "#/types/aws-native:refactorspaces:RouteType", + "description": "The route type of the route.", + "replaceOnChanges": true + }, + "serviceIdentifier": { + "type": "string", + "description": "The unique identifier of the service.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair." + }, + "uriPathRoute": { + "$ref": "#/types/aws-native:refactorspaces:RouteUriPathRouteInput", + "description": "The configuration for the URI path route type." + } + }, + "required": [ + "applicationIdentifier", + "environmentIdentifier", + "routeType", + "serviceIdentifier" + ], + "createOnly": [ + "applicationIdentifier", + "environmentIdentifier", + "routeType", + "serviceIdentifier", + "uriPathRoute/AppendSourcePath", + "uriPathRoute/IncludeChildPaths", + "uriPathRoute/Methods", + "uriPathRoute/SourcePath" + ], + "writeOnly": [ + "defaultRoute", + "routeType", + "serviceIdentifier", + "uriPathRoute" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:refactorspaces:Service": { + "cf": "AWS::RefactorSpaces::Service", + "inputs": { + "applicationIdentifier": { + "type": "string", + "description": "The unique identifier of the application." + }, + "description": { + "type": "string", + "description": "A description of the service." + }, + "endpointType": { + "$ref": "#/types/aws-native:refactorspaces:ServiceEndpointType", + "description": "The endpoint type of the service." + }, + "environmentIdentifier": { + "type": "string", + "description": "The unique identifier of the environment." + }, + "lambdaEndpoint": { + "$ref": "#/types/aws-native:refactorspaces:ServiceLambdaEndpointInput", + "description": "A summary of the configuration for the AWS Lambda endpoint type." + }, + "name": { + "type": "string", + "description": "The name of the service." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair." + }, + "urlEndpoint": { + "$ref": "#/types/aws-native:refactorspaces:ServiceUrlEndpointInput", + "description": "The summary of the configuration for the URL endpoint type." + }, + "vpcId": { + "type": "string", + "description": "The ID of the virtual private cloud (VPC)." + } + }, + "outputs": { + "applicationIdentifier": { + "type": "string", + "description": "The unique identifier of the application.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service." + }, + "description": { + "type": "string", + "description": "A description of the service.", + "replaceOnChanges": true + }, + "endpointType": { + "$ref": "#/types/aws-native:refactorspaces:ServiceEndpointType", + "description": "The endpoint type of the service.", + "replaceOnChanges": true + }, + "environmentIdentifier": { + "type": "string", + "description": "The unique identifier of the environment.", + "replaceOnChanges": true + }, + "lambdaEndpoint": { + "$ref": "#/types/aws-native:refactorspaces:ServiceLambdaEndpointInput", + "description": "A summary of the configuration for the AWS Lambda endpoint type.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the service.", + "replaceOnChanges": true + }, + "serviceIdentifier": { + "type": "string", + "description": "The unique identifier of the service." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Metadata that you can assign to help organize the frameworks that you create. Each tag is a key-value pair." + }, + "urlEndpoint": { + "$ref": "#/types/aws-native:refactorspaces:ServiceUrlEndpointInput", + "description": "The summary of the configuration for the URL endpoint type.", + "replaceOnChanges": true + }, + "vpcId": { + "type": "string", + "description": "The ID of the virtual private cloud (VPC).", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 63 + }, + "required": [ + "applicationIdentifier", + "endpointType", + "environmentIdentifier" + ], + "createOnly": [ + "applicationIdentifier", + "description", + "endpointType", + "environmentIdentifier", + "lambdaEndpoint", + "name", + "urlEndpoint", + "vpcId" + ], + "writeOnly": [ + "description", + "endpointType", + "lambdaEndpoint", + "name", + "urlEndpoint", + "vpcId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rekognition:Collection": { + "cf": "AWS::Rekognition::Collection", + "inputs": { + "collectionId": { + "type": "string", + "description": "ID for the collection that you are creating." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name of the collection." + }, + "collectionId": { + "type": "string", + "description": "ID for the collection that you are creating.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "collectionId" + ], + "createOnly": [ + "collectionId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rekognition:Project": { + "cf": "AWS::Rekognition::Project", + "inputs": { + "projectName": { + "type": "string", + "description": "The name of the project to create." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name of the project." + }, + "projectName": { + "type": "string", + "description": "The name of the project to create.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "projectName" + }, + "createOnly": [ + "projectName" + ] + }, + "aws-native:rekognition:StreamProcessor": { + "cf": "AWS::Rekognition::StreamProcessor", + "inputs": { + "boundingBoxRegionsOfInterest": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorBoundingBox" + }, + "description": "The BoundingBoxRegionsOfInterest specifies an array of bounding boxes of interest in the video frames to analyze, as part of connected home feature. If an object is partially in a region of interest, Rekognition will tag it as detected if the overlap of the object with the region-of-interest is greater than 20%." + }, + "connectedHomeSettings": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorConnectedHomeSettings", + "description": "Connected home settings to use on a streaming video. You can use a stream processor for connected home features and select what you want the stream processor to detect, such as people or pets. When the stream processor has started, one notification is sent for each object class specified. For more information, see the ConnectedHome section of [StreamProcessorSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorSettings) ." + }, + "dataSharingPreference": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorDataSharingPreference", + "description": "Allows you to opt in or opt out to share data with Rekognition to improve model performance. You can choose this option at the account level or on a per-stream basis. Note that if you opt out at the account level this setting is ignored on individual streams. For more information, see [StreamProcessorDataSharingPreference](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorDataSharingPreference) ." + }, + "faceSearchSettings": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorFaceSearchSettings", + "description": "The input parameters used to recognize faces in a streaming video analyzed by an Amazon Rekognition stream processor. For more information regarding the contents of the parameters, see [FaceSearchSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_FaceSearchSettings) ." + }, + "kinesisDataStream": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorKinesisDataStream", + "description": "Amazon Rekognition's Video Stream Processor takes a Kinesis video stream as input. This is the Amazon Kinesis Data Streams instance to which the Amazon Rekognition stream processor streams the analysis results. This must be created within the constraints specified at [KinesisDataStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisDataStream) ." + }, + "kinesisVideoStream": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorKinesisVideoStream", + "description": "The Kinesis video stream that provides the source of the streaming video for an Amazon Rekognition Video stream processor. For more information, see [KinesisVideoStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisVideoStream) ." + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key that is used by Rekognition to encrypt any intermediate customer metadata and store in the customer's S3 bucket." + }, + "name": { + "type": "string", + "description": "Name of the stream processor. It's an identifier you assign to the stream processor. You can use it to manage the stream processor." + }, + "notificationChannel": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorNotificationChannel", + "description": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the object detection results and completion status of a video analysis operation. Amazon Rekognition publishes a notification the first time an object of interest or a person is detected in the video stream. Amazon Rekognition also publishes an end-of-session notification with a summary when the stream processing session is complete. For more information, see [StreamProcessorNotificationChannel](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorNotificationChannel) ." + }, + "polygonRegionsOfInterest": { + "type": "array", + "items": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorPoint" + } + }, + "description": "The PolygonRegionsOfInterest specifies a set of polygon areas of interest in the video frames to analyze, as part of connected home feature. Each polygon is in turn, an ordered list of Point" + }, + "roleArn": { + "type": "string", + "description": "ARN of the IAM role that allows access to the stream processor, and provides Rekognition read permissions for KVS stream and write permissions to S3 bucket and SNS topic." + }, + "s3Destination": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorS3Destination", + "description": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. For more information, see the S3Destination section of [StreamProcessorOutput](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorOutput) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Amazon Resource Name for the newly created stream processor." + }, + "boundingBoxRegionsOfInterest": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorBoundingBox" + }, + "description": "The BoundingBoxRegionsOfInterest specifies an array of bounding boxes of interest in the video frames to analyze, as part of connected home feature. If an object is partially in a region of interest, Rekognition will tag it as detected if the overlap of the object with the region-of-interest is greater than 20%.", + "replaceOnChanges": true + }, + "connectedHomeSettings": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorConnectedHomeSettings", + "description": "Connected home settings to use on a streaming video. You can use a stream processor for connected home features and select what you want the stream processor to detect, such as people or pets. When the stream processor has started, one notification is sent for each object class specified. For more information, see the ConnectedHome section of [StreamProcessorSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorSettings) .", + "replaceOnChanges": true + }, + "dataSharingPreference": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorDataSharingPreference", + "description": "Allows you to opt in or opt out to share data with Rekognition to improve model performance. You can choose this option at the account level or on a per-stream basis. Note that if you opt out at the account level this setting is ignored on individual streams. For more information, see [StreamProcessorDataSharingPreference](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorDataSharingPreference) .", + "replaceOnChanges": true + }, + "faceSearchSettings": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorFaceSearchSettings", + "description": "The input parameters used to recognize faces in a streaming video analyzed by an Amazon Rekognition stream processor. For more information regarding the contents of the parameters, see [FaceSearchSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_FaceSearchSettings) .", + "replaceOnChanges": true + }, + "kinesisDataStream": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorKinesisDataStream", + "description": "Amazon Rekognition's Video Stream Processor takes a Kinesis video stream as input. This is the Amazon Kinesis Data Streams instance to which the Amazon Rekognition stream processor streams the analysis results. This must be created within the constraints specified at [KinesisDataStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisDataStream) .", + "replaceOnChanges": true + }, + "kinesisVideoStream": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorKinesisVideoStream", + "description": "The Kinesis video stream that provides the source of the streaming video for an Amazon Rekognition Video stream processor. For more information, see [KinesisVideoStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisVideoStream) .", + "replaceOnChanges": true + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key that is used by Rekognition to encrypt any intermediate customer metadata and store in the customer's S3 bucket.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Name of the stream processor. It's an identifier you assign to the stream processor. You can use it to manage the stream processor.", + "replaceOnChanges": true + }, + "notificationChannel": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorNotificationChannel", + "description": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the object detection results and completion status of a video analysis operation. Amazon Rekognition publishes a notification the first time an object of interest or a person is detected in the video stream. Amazon Rekognition also publishes an end-of-session notification with a summary when the stream processing session is complete. For more information, see [StreamProcessorNotificationChannel](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorNotificationChannel) .", + "replaceOnChanges": true + }, + "polygonRegionsOfInterest": { + "type": "array", + "items": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorPoint" + } + }, + "description": "The PolygonRegionsOfInterest specifies a set of polygon areas of interest in the video frames to analyze, as part of connected home feature. Each polygon is in turn, an ordered list of Point", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "ARN of the IAM role that allows access to the stream processor, and provides Rekognition read permissions for KVS stream and write permissions to S3 bucket and SNS topic.", + "replaceOnChanges": true + }, + "s3Destination": { + "$ref": "#/types/aws-native:rekognition:StreamProcessorS3Destination", + "description": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. For more information, see the S3Destination section of [StreamProcessorOutput](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorOutput) .", + "replaceOnChanges": true + }, + "status": { + "type": "string", + "description": "Current status of the stream processor." + }, + "statusMessage": { + "type": "string", + "description": "Detailed status message about the stream processor." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "kinesisVideoStream", + "roleArn" + ], + "createOnly": [ + "boundingBoxRegionsOfInterest", + "connectedHomeSettings", + "dataSharingPreference", + "faceSearchSettings", + "kinesisDataStream", + "kinesisVideoStream", + "kmsKeyId", + "name", + "notificationChannel", + "polygonRegionsOfInterest", + "roleArn", + "s3Destination" + ], + "irreversibleNames": { + "s3Destination": "S3Destination" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:resiliencehub:App": { + "cf": "AWS::ResilienceHub::App", + "inputs": { + "appAssessmentSchedule": { + "$ref": "#/types/aws-native:resiliencehub:AppAssessmentSchedule", + "description": "Assessment execution schedule." + }, + "appTemplateBody": { + "type": "string", + "description": "A string containing full ResilienceHub app template body." + }, + "description": { + "type": "string", + "description": "App description." + }, + "eventSubscriptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:resiliencehub:AppEventSubscription" + }, + "description": "The list of events you would like to subscribe and get notification for." + }, + "name": { + "type": "string", + "description": "Name of the app." + }, + "permissionModel": { + "$ref": "#/types/aws-native:resiliencehub:AppPermissionModel", + "description": "Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment." + }, + "resiliencyPolicyArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the Resiliency Policy." + }, + "resourceMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:resiliencehub:AppResourceMapping" + }, + "description": "An array of ResourceMapping objects." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair." + } + }, + "outputs": { + "appArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the App." + }, + "appAssessmentSchedule": { + "$ref": "#/types/aws-native:resiliencehub:AppAssessmentSchedule", + "description": "Assessment execution schedule." + }, + "appTemplateBody": { + "type": "string", + "description": "A string containing full ResilienceHub app template body." + }, + "description": { + "type": "string", + "description": "App description." + }, + "driftStatus": { + "$ref": "#/types/aws-native:resiliencehub:AppDriftStatus", + "description": "Indicates if compliance drifts (deviations) were detected while running an assessment for your application." + }, + "eventSubscriptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:resiliencehub:AppEventSubscription" + }, + "description": "The list of events you would like to subscribe and get notification for." + }, + "name": { + "type": "string", + "description": "Name of the app.", + "replaceOnChanges": true + }, + "permissionModel": { + "$ref": "#/types/aws-native:resiliencehub:AppPermissionModel", + "description": "Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment." + }, + "resiliencyPolicyArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the Resiliency Policy." + }, + "resourceMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:resiliencehub:AppResourceMapping" + }, + "description": "An array of ResourceMapping objects." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "appTemplateBody", + "resourceMappings" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:resiliencehub:ResiliencyPolicy": { + "cf": "AWS::ResilienceHub::ResiliencyPolicy", + "inputs": { + "dataLocationConstraint": { + "$ref": "#/types/aws-native:resiliencehub:ResiliencyPolicyDataLocationConstraint", + "description": "Data Location Constraint of the Policy." + }, + "policy": { + "$ref": "#/types/aws-native:resiliencehub:ResiliencyPolicyPolicyMap", + "description": "The resiliency policy." + }, + "policyDescription": { + "type": "string", + "description": "Description of Resiliency Policy." + }, + "policyName": { + "type": "string", + "description": "Name of Resiliency Policy." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair." + }, + "tier": { + "$ref": "#/types/aws-native:resiliencehub:ResiliencyPolicyTier", + "description": "Resiliency Policy Tier." + } + }, + "outputs": { + "dataLocationConstraint": { + "$ref": "#/types/aws-native:resiliencehub:ResiliencyPolicyDataLocationConstraint", + "description": "Data Location Constraint of the Policy." + }, + "policy": { + "$ref": "#/types/aws-native:resiliencehub:ResiliencyPolicyPolicyMap", + "description": "The resiliency policy." + }, + "policyArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the Resiliency Policy." + }, + "policyDescription": { + "type": "string", + "description": "Description of Resiliency Policy." + }, + "policyName": { + "type": "string", + "description": "Name of Resiliency Policy." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair." + }, + "tier": { + "$ref": "#/types/aws-native:resiliencehub:ResiliencyPolicyTier", + "description": "Resiliency Policy Tier." + } + }, + "autoNamingSpec": { + "sdkName": "policyName" + }, + "required": [ + "policy", + "tier" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:resourceexplorer2:DefaultViewAssociation": { + "cf": "AWS::ResourceExplorer2::DefaultViewAssociation", + "inputs": { + "viewArn": { + "type": "string", + "description": "The ARN of the view to set as the default for the AWS Region and AWS account in which you call this operation. The specified view must already exist in the specified Region." + } + }, + "outputs": { + "associatedAwsPrincipal": { + "type": "string", + "description": "The AWS principal that the default view is associated with, used as the unique identifier for this resource." + }, + "viewArn": { + "type": "string", + "description": "The ARN of the view to set as the default for the AWS Region and AWS account in which you call this operation. The specified view must already exist in the specified Region." + } + }, + "required": [ + "viewArn" + ] + }, + "aws-native:resourceexplorer2:Index": { + "cf": "AWS::ResourceExplorer2::Index", + "inputs": { + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The specified tags are attached to only the index created in this AWS Region . The tags don't attach to any of the resources listed in the index." + }, + "type": { + "$ref": "#/types/aws-native:resourceexplorer2:IndexType", + "description": "Specifies the type of the index in this Region. For information about the aggregator index and how it differs from a local index, see [Turning on cross-Region search by creating an aggregator index](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html) in the *AWS Resource Explorer User Guide.* ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the new index for the AWS Region . For example:\n\n`arn:aws:resource-explorer-2:us-east-1:123456789012:index/EXAMPLE8-90ab-cdef-fedc-EXAMPLE22222`" + }, + "indexState": { + "$ref": "#/types/aws-native:resourceexplorer2:IndexState", + "description": "Indicates the current state of the index. For example:\n\n`CREATING`" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The specified tags are attached to only the index created in this AWS Region . The tags don't attach to any of the resources listed in the index." + }, + "type": { + "$ref": "#/types/aws-native:resourceexplorer2:IndexType", + "description": "Specifies the type of the index in this Region. For information about the aggregator index and how it differs from a local index, see [Turning on cross-Region search by creating an aggregator index](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html) in the *AWS Resource Explorer User Guide.* ." + } + }, + "required": [ + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:resourceexplorer2:View": { + "cf": "AWS::ResourceExplorer2::View", + "inputs": { + "filters": { + "$ref": "#/types/aws-native:resourceexplorer2:ViewSearchFilter", + "description": "An array of strings that include search keywords, prefixes, and operators that filter the results that are returned for queries made using this view. When you use this view in a [Search](https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html) operation, the filter string is combined with the search's `QueryString` parameter using a logical `AND` operator.\n\nFor information about the supported syntax, see [Search query reference for Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n\u003e This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` ." + }, + "includedProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:resourceexplorer2:ViewIncludedProperty" + }, + "description": "A list of fields that provide additional information about the view." + }, + "scope": { + "type": "string", + "description": "The root ARN of the account, an organizational unit (OU), or an organization ARN. If left empty, the default is account." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tag key and value pairs that are attached to the view." + }, + "viewName": { + "type": "string", + "description": "The name of the new view." + } + }, + "outputs": { + "filters": { + "$ref": "#/types/aws-native:resourceexplorer2:ViewSearchFilter", + "description": "An array of strings that include search keywords, prefixes, and operators that filter the results that are returned for queries made using this view. When you use this view in a [Search](https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html) operation, the filter string is combined with the search's `QueryString` parameter using a logical `AND` operator.\n\nFor information about the supported syntax, see [Search query reference for Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n\u003e This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` ." + }, + "includedProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:resourceexplorer2:ViewIncludedProperty" + }, + "description": "A list of fields that provide additional information about the view." + }, + "scope": { + "type": "string", + "description": "The root ARN of the account, an organizational unit (OU), or an organization ARN. If left empty, the default is account.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Tag key and value pairs that are attached to the view." + }, + "viewArn": { + "type": "string", + "description": "The ARN of the new view. For example:\n\n`arn:aws:resource-explorer-2:us-east-1:123456789012:view/MyView/EXAMPLE8-90ab-cdef-fedc-EXAMPLE22222`" + }, + "viewName": { + "type": "string", + "description": "The name of the new view.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "viewName" + }, + "createOnly": [ + "scope", + "viewName" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:resourcegroups:Group": { + "cf": "AWS::ResourceGroups::Group", + "inputs": { + "configuration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:resourcegroups:GroupConfigurationItem" + }, + "description": "The service configuration currently associated with the resource group and in effect for the members of the resource group. A `Configuration` consists of one or more `ConfigurationItem` entries. For information about service configurations for resource groups and how to construct them, see [Service configurations for resource groups](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html) in the *AWS Resource Groups User Guide* .\n\n\u003e You can include either a `Configuration` or a `ResourceQuery` , but not both." + }, + "description": { + "type": "string", + "description": "The description of the resource group" + }, + "name": { + "type": "string", + "description": "The name of the resource group" + }, + "resourceQuery": { + "$ref": "#/types/aws-native:resourcegroups:GroupResourceQuery", + "description": "The resource query structure that is used to dynamically determine which AWS resources are members of the associated resource group. For more information about queries and how to construct them, see [Build queries and groups in AWS Resource Groups](https://docs.aws.amazon.com//ARG/latest/userguide/gettingstarted-query.html) in the *AWS Resource Groups User Guide*\n\n\u003e - You can include either a `ResourceQuery` or a `Configuration` , but not both.\n\u003e - You can specify the group's membership either by using a `ResourceQuery` or by using a list of `Resources` , but not both." + }, + "resources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the Amazon Resource Names (ARNs) of AWS resources that you want to add to the specified group.\n\n\u003e - You can specify the group membership either by using a list of `Resources` or by using a `ResourceQuery` , but not both.\n\u003e - You can include a `Resources` property only if you also specify a `Configuration` property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tag key and value pairs that are attached to the resource group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Resource Group ARN." + }, + "configuration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:resourcegroups:GroupConfigurationItem" + }, + "description": "The service configuration currently associated with the resource group and in effect for the members of the resource group. A `Configuration` consists of one or more `ConfigurationItem` entries. For information about service configurations for resource groups and how to construct them, see [Service configurations for resource groups](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html) in the *AWS Resource Groups User Guide* .\n\n\u003e You can include either a `Configuration` or a `ResourceQuery` , but not both." + }, + "description": { + "type": "string", + "description": "The description of the resource group" + }, + "name": { + "type": "string", + "description": "The name of the resource group", + "replaceOnChanges": true + }, + "resourceQuery": { + "$ref": "#/types/aws-native:resourcegroups:GroupResourceQuery", + "description": "The resource query structure that is used to dynamically determine which AWS resources are members of the associated resource group. For more information about queries and how to construct them, see [Build queries and groups in AWS Resource Groups](https://docs.aws.amazon.com//ARG/latest/userguide/gettingstarted-query.html) in the *AWS Resource Groups User Guide*\n\n\u003e - You can include either a `ResourceQuery` or a `Configuration` , but not both.\n\u003e - You can specify the group's membership either by using a `ResourceQuery` or by using a list of `Resources` , but not both." + }, + "resources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the Amazon Resource Names (ARNs) of AWS resources that you want to add to the specified group.\n\n\u003e - You can specify the group membership either by using a list of `Resources` or by using a `ResourceQuery` , but not both.\n\u003e - You can include a `Resources` property only if you also specify a `Configuration` property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tag key and value pairs that are attached to the resource group." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 128 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:robomaker:Fleet": { + "cf": "AWS::RoboMaker::Fleet", + "inputs": { + "name": { + "type": "string", + "description": "The name of the fleet." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The list of all tags added to the fleet." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the fleet, such as `arn:aws:robomaker:us-west-2:123456789012:deployment-fleet/MyFleet/1539894765711` ." + }, + "name": { + "type": "string", + "description": "The name of the fleet.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The list of all tags added to the fleet." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:robomaker:Robot": { + "cf": "AWS::RoboMaker::Robot", + "inputs": { + "architecture": { + "$ref": "#/types/aws-native:robomaker:RobotArchitecture", + "description": "The target architecture of the robot." + }, + "fleet": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the fleet." + }, + "greengrassGroupId": { + "type": "string", + "description": "The Greengrass group id." + }, + "name": { + "type": "string", + "description": "The name for the robot." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map that contains tag keys and tag values that are attached to the robot." + } + }, + "outputs": { + "architecture": { + "$ref": "#/types/aws-native:robomaker:RobotArchitecture", + "description": "The target architecture of the robot.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the robot." + }, + "fleet": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the fleet.", + "replaceOnChanges": true + }, + "greengrassGroupId": { + "type": "string", + "description": "The Greengrass group id.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name for the robot.", + "replaceOnChanges": true + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map that contains tag keys and tag values that are attached to the robot." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "architecture", + "greengrassGroupId" + ], + "createOnly": [ + "architecture", + "fleet", + "greengrassGroupId", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:robomaker:RobotApplication": { + "cf": "AWS::RoboMaker::RobotApplication", + "inputs": { + "currentRevisionId": { + "type": "string", + "description": "The revision ID of robot application." + }, + "environment": { + "type": "string", + "description": "The URI of the Docker image for the robot application." + }, + "name": { + "type": "string", + "description": "The name of the robot application." + }, + "robotSoftwareSuite": { + "$ref": "#/types/aws-native:robomaker:RobotApplicationRobotSoftwareSuite", + "description": "The robot software suite used by the robot application." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:robomaker:RobotApplicationSourceConfig" + }, + "description": "The sources of the robot application." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map that contains tag keys and tag values that are attached to the robot application." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the robot application." + }, + "currentRevisionId": { + "type": "string", + "description": "The revision ID of robot application." + }, + "environment": { + "type": "string", + "description": "The URI of the Docker image for the robot application." + }, + "name": { + "type": "string", + "description": "The name of the robot application.", + "replaceOnChanges": true + }, + "robotSoftwareSuite": { + "$ref": "#/types/aws-native:robomaker:RobotApplicationRobotSoftwareSuite", + "description": "The robot software suite used by the robot application." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:robomaker:RobotApplicationSourceConfig" + }, + "description": "The sources of the robot application." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map that contains tag keys and tag values that are attached to the robot application." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "robotSoftwareSuite" + ], + "createOnly": [ + "name" + ], + "writeOnly": [ + "robotSoftwareSuite/Version", + "sources" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:robomaker:RobotApplicationVersion": { + "cf": "AWS::RoboMaker::RobotApplicationVersion", + "inputs": { + "application": { + "type": "string", + "description": "The application information for the robot application." + }, + "currentRevisionId": { + "type": "string", + "description": "The revision ID of robot application." + } + }, + "outputs": { + "application": { + "type": "string", + "description": "The application information for the robot application.", + "replaceOnChanges": true + }, + "applicationVersion": { + "type": "string", + "description": "The robot application version." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the robot application version." + }, + "currentRevisionId": { + "type": "string", + "description": "The revision ID of robot application.", + "replaceOnChanges": true + } + }, + "required": [ + "application" + ], + "createOnly": [ + "application", + "currentRevisionId" + ] + }, + "aws-native:robomaker:SimulationApplication": { + "cf": "AWS::RoboMaker::SimulationApplication", + "inputs": { + "currentRevisionId": { + "type": "string", + "description": "The current revision id." + }, + "environment": { + "type": "string", + "description": "The URI of the Docker image for the robot application." + }, + "name": { + "type": "string", + "description": "The name of the simulation application." + }, + "renderingEngine": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationRenderingEngine", + "description": "The rendering engine for the simulation application." + }, + "robotSoftwareSuite": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationRobotSoftwareSuite", + "description": "The robot software suite used by the simulation application." + }, + "simulationSoftwareSuite": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationSimulationSoftwareSuite", + "description": "The simulation software suite used by the simulation application." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationSourceConfig" + }, + "description": "The sources of the simulation application." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map that contains tag keys and tag values that are attached to the simulation application." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the simulation application." + }, + "currentRevisionId": { + "type": "string", + "description": "The current revision id." + }, + "environment": { + "type": "string", + "description": "The URI of the Docker image for the robot application." + }, + "name": { + "type": "string", + "description": "The name of the simulation application.", + "replaceOnChanges": true + }, + "renderingEngine": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationRenderingEngine", + "description": "The rendering engine for the simulation application." + }, + "robotSoftwareSuite": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationRobotSoftwareSuite", + "description": "The robot software suite used by the simulation application." + }, + "simulationSoftwareSuite": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationSimulationSoftwareSuite", + "description": "The simulation software suite used by the simulation application." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationSourceConfig" + }, + "description": "The sources of the simulation application." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map that contains tag keys and tag values that are attached to the simulation application." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "robotSoftwareSuite", + "simulationSoftwareSuite" + ], + "createOnly": [ + "name" + ], + "writeOnly": [ + "renderingEngine", + "robotSoftwareSuite/Version", + "simulationSoftwareSuite/Version", + "sources" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:robomaker:SimulationApplicationVersion": { + "cf": "AWS::RoboMaker::SimulationApplicationVersion", + "inputs": { + "application": { + "type": "string", + "description": "The application information for the simulation application." + }, + "currentRevisionId": { + "type": "string", + "description": "The revision ID of robot application." + } + }, + "outputs": { + "application": { + "type": "string", + "description": "The application information for the simulation application.", + "replaceOnChanges": true + }, + "applicationVersion": { + "type": "string", + "description": "The simulation application version." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the simulation application version." + }, + "currentRevisionId": { + "type": "string", + "description": "The revision ID of robot application.", + "replaceOnChanges": true + } + }, + "required": [ + "application" + ], + "createOnly": [ + "application", + "currentRevisionId" + ] + }, + "aws-native:rolesanywhere:Crl": { + "cf": "AWS::RolesAnywhere::CRL", + "inputs": { + "crlData": { + "type": "string", + "description": "The x509 v3 specified certificate revocation list (CRL)." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether the certificate revocation list (CRL) is enabled." + }, + "name": { + "type": "string", + "description": "The name of the certificate revocation list (CRL)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags to attach to the certificate revocation list (CRL)." + }, + "trustAnchorArn": { + "type": "string", + "description": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for." + } + }, + "outputs": { + "crlData": { + "type": "string", + "description": "The x509 v3 specified certificate revocation list (CRL)." + }, + "crlId": { + "type": "string", + "description": "The unique primary identifier of the Crl" + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether the certificate revocation list (CRL) is enabled." + }, + "name": { + "type": "string", + "description": "The name of the certificate revocation list (CRL)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags to attach to the certificate revocation list (CRL)." + }, + "trustAnchorArn": { + "type": "string", + "description": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "crlData" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rolesanywhere:Profile": { + "cf": "AWS::RolesAnywhere::Profile", + "inputs": { + "acceptRoleSessionName": { + "type": "boolean", + "description": "Used to determine if a custom role session name will be accepted in a temporary credential request." + }, + "attributeMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rolesanywhere:ProfileAttributeMapping" + }, + "description": "A mapping applied to the authenticating end-entity certificate." + }, + "durationSeconds": { + "type": "number", + "description": "The number of seconds vended session credentials will be valid for" + }, + "enabled": { + "type": "boolean", + "description": "The enabled status of the resource." + }, + "managedPolicyArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials." + }, + "name": { + "type": "string", + "description": "The customer specified name of the resource." + }, + "requireInstanceProperties": { + "type": "boolean", + "description": "Specifies whether instance properties are required in CreateSession requests with this profile." + }, + "roleArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request." + }, + "sessionPolicy": { + "type": "string", + "description": "A session policy that will applied to the trust boundary of the vended session credentials." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of Tags." + } + }, + "outputs": { + "acceptRoleSessionName": { + "type": "boolean", + "description": "Used to determine if a custom role session name will be accepted in a temporary credential request." + }, + "attributeMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rolesanywhere:ProfileAttributeMapping" + }, + "description": "A mapping applied to the authenticating end-entity certificate." + }, + "durationSeconds": { + "type": "number", + "description": "The number of seconds vended session credentials will be valid for" + }, + "enabled": { + "type": "boolean", + "description": "The enabled status of the resource." + }, + "managedPolicyArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials." + }, + "name": { + "type": "string", + "description": "The customer specified name of the resource." + }, + "profileArn": { + "type": "string", + "description": "The ARN of the profile." + }, + "profileId": { + "type": "string", + "description": "The unique primary identifier of the Profile" + }, + "requireInstanceProperties": { + "type": "boolean", + "description": "Specifies whether instance properties are required in CreateSession requests with this profile." + }, + "roleArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request." + }, + "sessionPolicy": { + "type": "string", + "description": "A session policy that will applied to the trust boundary of the vended session credentials." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of Tags." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "roleArns" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:rolesanywhere:TrustAnchor": { + "cf": "AWS::RolesAnywhere::TrustAnchor", + "inputs": { + "enabled": { + "type": "boolean", + "description": "Indicates whether the trust anchor is enabled." + }, + "name": { + "type": "string", + "description": "The name of the trust anchor." + }, + "notificationSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rolesanywhere:TrustAnchorNotificationSetting" + }, + "description": "A list of notification settings to be associated to the trust anchor." + }, + "source": { + "$ref": "#/types/aws-native:rolesanywhere:TrustAnchorSource", + "description": "The trust anchor type and its related certificate data." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to attach to the trust anchor." + } + }, + "outputs": { + "enabled": { + "type": "boolean", + "description": "Indicates whether the trust anchor is enabled." + }, + "name": { + "type": "string", + "description": "The name of the trust anchor." + }, + "notificationSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rolesanywhere:TrustAnchorNotificationSetting" + }, + "description": "A list of notification settings to be associated to the trust anchor." + }, + "source": { + "$ref": "#/types/aws-native:rolesanywhere:TrustAnchorSource", + "description": "The trust anchor type and its related certificate data." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to attach to the trust anchor." + }, + "trustAnchorArn": { + "type": "string", + "description": "The ARN of the trust anchor." + }, + "trustAnchorId": { + "type": "string", + "description": "The unique identifier of the trust anchor." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "source" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53:CidrCollection": { + "cf": "AWS::Route53::CidrCollection", + "inputs": { + "locations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53:CidrCollectionLocation" + }, + "description": "A complex type that contains information about the list of CIDR locations." + }, + "name": { + "type": "string", + "description": "A unique name for the CIDR collection." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon resource name (ARN) to uniquely identify the AWS resource." + }, + "awsId": { + "type": "string", + "description": "UUID of the CIDR collection." + }, + "locations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53:CidrCollectionLocation" + }, + "description": "A complex type that contains information about the list of CIDR locations." + }, + "name": { + "type": "string", + "description": "A unique name for the CIDR collection.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "name" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:route53:Dnssec": { + "cf": "AWS::Route53::DNSSEC", + "inputs": { + "hostedZoneId": { + "type": "string", + "description": "The unique string (ID) used to identify a hosted zone." + } + }, + "outputs": { + "hostedZoneId": { + "type": "string", + "description": "The unique string (ID) used to identify a hosted zone.", + "replaceOnChanges": true + } + }, + "required": [ + "hostedZoneId" + ], + "createOnly": [ + "hostedZoneId" + ] + }, + "aws-native:route53:HealthCheck": { + "cf": "AWS::Route53::HealthCheck", + "inputs": { + "healthCheckConfig": { + "$ref": "#/types/aws-native:route53:HealthCheckConfigProperties", + "description": "A complex type that contains information about the health check." + }, + "healthCheckTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53:HealthCheckTag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "healthCheckConfig": { + "$ref": "#/types/aws-native:route53:HealthCheckConfigProperties", + "description": "A complex type that contains information about the health check." + }, + "healthCheckId": { + "type": "string", + "description": "The identifier that Amazon Route 53 assigned to the health check when you created it. When you add or update a resource record set, you use this value to specify which health check to use. The value can be up to 64 characters long." + }, + "healthCheckTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53:HealthCheckTag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "healthCheckConfig" + ], + "createOnly": [ + "healthCheckConfig/MeasureLatency", + "healthCheckConfig/RequestInterval", + "healthCheckConfig/Type" + ] + }, + "aws-native:route53:HostedZone": { + "cf": "AWS::Route53::HostedZone", + "inputs": { + "hostedZoneConfig": { + "$ref": "#/types/aws-native:route53:HostedZoneConfig", + "description": "A complex type that contains an optional comment.\n If you don't want to specify a comment, omit the ``HostedZoneConfig`` and ``Comment`` elements." + }, + "hostedZoneTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53:HostedZoneTag" + }, + "description": "Adds, edits, or deletes tags for a health check or a hosted zone.\n For information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *User Guide*." + }, + "name": { + "type": "string", + "description": "The name of the domain. Specify a fully qualified domain name, for example, *www.example.com*. The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.\n If you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of ``NameServers`` that are returned by the ``Fn::GetAtt`` intrinsic function." + }, + "queryLoggingConfig": { + "$ref": "#/types/aws-native:route53:HostedZoneQueryLoggingConfig", + "description": "Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.\n DNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:\n + Route 53 edge location that responded to the DNS query\n + Domain or subdomain that was requested\n + DNS record type, such as A or AAAA\n + DNS response code, such as ``NoError`` or ``ServFail`` \n \n + Log Group and Resource Policy Before you create a query logging configuration, perform the following operations. If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following: You must create the log group in the us-east-1 region. You must use the same to create the log group and the hosted zone that you want to configure query logging for. When you create log groups for query logging, we recommend that you use a consistent prefix, for example: /aws/route53/hosted zone name In the next step, you'll create a resource policy, which controls access to one or more log groups and the associated resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging. Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of Resource, specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with *, for example: arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/* To avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values: For aws:SourceArn, supply the hosted zone ARN used in creating the query logging configuration. For example, aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID. For aws:SourceAccount, supply the account ID for the account that creates the query logging configuration. For example, aws:SourceAccount:111111111111. For more information, see The confused deputy problem in the IAM User Guide. You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the SDKs, or the . + Log Streams and Edge Locations When Route 53 finishes creating the configuration for DNS query logging, it does the following: Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location. Begins to send query logs to the applicable log stream. The name of each log stream is in the following format: hosted zone ID/edge location code The edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see \"The Route 53 Global Network\" on the Route 53 Product Details page. + Queries That Are Logged Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see Routing Internet Traffic to Your Website or Web Application in the Amazon Route 53 Developer Guide. + Log File Format For a list of the values in each query log and the format of each value, see Logging DNS Queries in the Amazon Route 53 Developer Guide. + Pricing For information about charges for query logs, see Amazon CloudWatch Pricing. + How to Stop Logging If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see DeleteQueryLoggingConfig." + }, + "vpcs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53:HostedZoneVpc" + }, + "description": "*Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.\n For public hosted zones, omit ``VPCs``, ``VPCId``, and ``VPCRegion``." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ID that Amazon Route 53 assigned to the hosted zone when you created it." + }, + "hostedZoneConfig": { + "$ref": "#/types/aws-native:route53:HostedZoneConfig", + "description": "A complex type that contains an optional comment.\n If you don't want to specify a comment, omit the ``HostedZoneConfig`` and ``Comment`` elements." + }, + "hostedZoneTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53:HostedZoneTag" + }, + "description": "Adds, edits, or deletes tags for a health check or a hosted zone.\n For information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *User Guide*." + }, + "name": { + "type": "string", + "description": "The name of the domain. Specify a fully qualified domain name, for example, *www.example.com*. The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.\n If you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of ``NameServers`` that are returned by the ``Fn::GetAtt`` intrinsic function.", + "replaceOnChanges": true + }, + "nameServers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Returns the set of name servers for the specific hosted zone. For example: `ns1.example.com` .\n\nThis attribute is not supported for private hosted zones." + }, + "queryLoggingConfig": { + "$ref": "#/types/aws-native:route53:HostedZoneQueryLoggingConfig", + "description": "Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.\n DNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:\n + Route 53 edge location that responded to the DNS query\n + Domain or subdomain that was requested\n + DNS record type, such as A or AAAA\n + DNS response code, such as ``NoError`` or ``ServFail`` \n \n + Log Group and Resource Policy Before you create a query logging configuration, perform the following operations. If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following: You must create the log group in the us-east-1 region. You must use the same to create the log group and the hosted zone that you want to configure query logging for. When you create log groups for query logging, we recommend that you use a consistent prefix, for example: /aws/route53/hosted zone name In the next step, you'll create a resource policy, which controls access to one or more log groups and the associated resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging. Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of Resource, specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with *, for example: arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/* To avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values: For aws:SourceArn, supply the hosted zone ARN used in creating the query logging configuration. For example, aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID. For aws:SourceAccount, supply the account ID for the account that creates the query logging configuration. For example, aws:SourceAccount:111111111111. For more information, see The confused deputy problem in the IAM User Guide. You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the SDKs, or the . + Log Streams and Edge Locations When Route 53 finishes creating the configuration for DNS query logging, it does the following: Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location. Begins to send query logs to the applicable log stream. The name of each log stream is in the following format: hosted zone ID/edge location code The edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see \"The Route 53 Global Network\" on the Route 53 Product Details page. + Queries That Are Logged Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see Routing Internet Traffic to Your Website or Web Application in the Amazon Route 53 Developer Guide. + Log File Format For a list of the values in each query log and the format of each value, see Logging DNS Queries in the Amazon Route 53 Developer Guide. + Pricing For information about charges for query logs, see Amazon CloudWatch Pricing. + How to Stop Logging If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see DeleteQueryLoggingConfig." + }, + "vpcs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53:HostedZoneVpc" + }, + "description": "*Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.\n For public hosted zones, omit ``VPCs``, ``VPCId``, and ``VPCRegion``." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 1024 + }, + "createOnly": [ + "name" + ], + "irreversibleNames": { + "awsId": "Id", + "vpcs": "VPCs" + } + }, + "aws-native:route53:KeySigningKey": { + "cf": "AWS::Route53::KeySigningKey", + "inputs": { + "hostedZoneId": { + "type": "string", + "description": "The unique string (ID) used to identify a hosted zone." + }, + "keyManagementServiceArn": { + "type": "string", + "description": "The Amazon resource name (ARN) for a customer managed key (CMK) in AWS Key Management Service (KMS). The KeyManagementServiceArn must be unique for each key signing key (KSK) in a single hosted zone." + }, + "name": { + "type": "string", + "description": "An alphanumeric string used to identify a key signing key (KSK). Name must be unique for each key signing key in the same hosted zone." + }, + "status": { + "$ref": "#/types/aws-native:route53:KeySigningKeyStatus", + "description": "A string specifying the initial status of the key signing key (KSK). You can set the value to ACTIVE or INACTIVE." + } + }, + "outputs": { + "hostedZoneId": { + "type": "string", + "description": "The unique string (ID) used to identify a hosted zone.", + "replaceOnChanges": true + }, + "keyManagementServiceArn": { + "type": "string", + "description": "The Amazon resource name (ARN) for a customer managed key (CMK) in AWS Key Management Service (KMS). The KeyManagementServiceArn must be unique for each key signing key (KSK) in a single hosted zone.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "An alphanumeric string used to identify a key signing key (KSK). Name must be unique for each key signing key in the same hosted zone.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:route53:KeySigningKeyStatus", + "description": "A string specifying the initial status of the key signing key (KSK). You can set the value to ACTIVE or INACTIVE." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "hostedZoneId", + "keyManagementServiceArn", + "status" + ], + "createOnly": [ + "hostedZoneId", + "keyManagementServiceArn", + "name" + ] + }, + "aws-native:route53profiles:Profile": { + "cf": "AWS::Route53Profiles::Profile", + "inputs": { + "name": { + "type": "string", + "description": "The name of the profile." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the resolver profile." + }, + "awsId": { + "type": "string", + "description": "The ID of the profile." + }, + "clientToken": { + "type": "string", + "description": "The id of the creator request" + }, + "name": { + "type": "string", + "description": "The name of the profile.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "name" + ], + "writeOnly": [ + "tags" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53profiles:ProfileAssociation": { + "cf": "AWS::Route53Profiles::ProfileAssociation", + "inputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the profile association." + }, + "name": { + "type": "string", + "description": "The name of an association between a Profile and a VPC." + }, + "profileId": { + "type": "string", + "description": "The ID of the profile that you associated with the resource that is specified by ResourceId." + }, + "resourceId": { + "type": "string", + "description": "The resource that you associated the profile with." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the profile association." + }, + "awsId": { + "type": "string", + "description": "Primary Identifier for Profile Association" + }, + "name": { + "type": "string", + "description": "The name of an association between a Profile and a VPC.", + "replaceOnChanges": true + }, + "profileId": { + "type": "string", + "description": "The ID of the profile that you associated with the resource that is specified by ResourceId.", + "replaceOnChanges": true + }, + "resourceId": { + "type": "string", + "description": "The resource that you associated the profile with.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "profileId", + "resourceId" + ], + "createOnly": [ + "name", + "profileId", + "resourceId" + ], + "writeOnly": [ + "arn", + "tags" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53profiles:ProfileResourceAssociation": { + "cf": "AWS::Route53Profiles::ProfileResourceAssociation", + "inputs": { + "name": { + "type": "string", + "description": "The name of an association between the Profile and resource." + }, + "profileId": { + "type": "string", + "description": "The ID of the profile that you associated the resource to that is specified by ResourceArn." + }, + "resourceArn": { + "type": "string", + "description": "The arn of the resource that you associated to the Profile." + }, + "resourceProperties": { + "type": "string", + "description": "A JSON-formatted string with key-value pairs specifying the properties of the associated resource." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "Primary Identifier for Profile Resource Association" + }, + "name": { + "type": "string", + "description": "The name of an association between the Profile and resource.", + "replaceOnChanges": true + }, + "profileId": { + "type": "string", + "description": "The ID of the profile that you associated the resource to that is specified by ResourceArn.", + "replaceOnChanges": true + }, + "resourceArn": { + "type": "string", + "description": "The arn of the resource that you associated to the Profile.", + "replaceOnChanges": true + }, + "resourceProperties": { + "type": "string", + "description": "A JSON-formatted string with key-value pairs specifying the properties of the associated resource." + }, + "resourceType": { + "type": "string", + "description": "The type of the resource associated to the Profile." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "profileId", + "resourceArn" + ], + "createOnly": [ + "name", + "profileId", + "resourceArn" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:route53recoverycontrol:Cluster": { + "cf": "AWS::Route53RecoveryControl::Cluster", + "inputs": { + "name": { + "type": "string", + "description": "Name of a Cluster. You can use any non-white space character in the name" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "clusterArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the cluster." + }, + "clusterEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53recoverycontrol:ClusterEndpoint" + }, + "description": "Endpoints for the cluster." + }, + "name": { + "type": "string", + "description": "Name of a Cluster. You can use any non-white space character in the name", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:route53recoverycontrol:ClusterStatus", + "description": "Deployment status of a resource. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A collection of tags associated with a resource", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "name", + "tags" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:route53recoverycontrol:ControlPanel": { + "cf": "AWS::Route53RecoveryControl::ControlPanel", + "inputs": { + "clusterArn": { + "type": "string", + "description": "Cluster to associate with the Control Panel" + }, + "name": { + "type": "string", + "description": "The name of the control panel. You can use any non-white space character in the name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "clusterArn": { + "type": "string", + "description": "Cluster to associate with the Control Panel", + "replaceOnChanges": true + }, + "controlPanelArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the cluster." + }, + "defaultControlPanel": { + "type": "boolean", + "description": "A flag that Amazon Route 53 Application Recovery Controller sets to true to designate the default control panel for a cluster. When you create a cluster, Amazon Route 53 Application Recovery Controller creates a control panel, and sets this flag for that control panel. If you create a control panel yourself, this flag is set to false." + }, + "name": { + "type": "string", + "description": "The name of the control panel. You can use any non-white space character in the name." + }, + "routingControlCount": { + "type": "integer", + "description": "Count of associated routing controls" + }, + "status": { + "$ref": "#/types/aws-native:route53recoverycontrol:ControlPanelStatus", + "description": "The deployment status of control panel. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A collection of tags associated with a resource", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "clusterArn", + "tags" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:route53recoverycontrol:RoutingControl": { + "cf": "AWS::Route53RecoveryControl::RoutingControl", + "inputs": { + "clusterArn": { + "type": "string", + "description": "Arn associated with Control Panel" + }, + "controlPanelArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the control panel." + }, + "name": { + "type": "string", + "description": "The name of the routing control. You can use any non-white space character in the name." + } + }, + "outputs": { + "clusterArn": { + "type": "string", + "description": "Arn associated with Control Panel", + "replaceOnChanges": true + }, + "controlPanelArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the control panel.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the routing control. You can use any non-white space character in the name." + }, + "routingControlArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the routing control." + }, + "status": { + "$ref": "#/types/aws-native:route53recoverycontrol:RoutingControlStatus", + "description": "The deployment status of the routing control. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "clusterArn", + "controlPanelArn" + ], + "writeOnly": [ + "clusterArn" + ] + }, + "aws-native:route53recoverycontrol:SafetyRule": { + "cf": "AWS::Route53RecoveryControl::SafetyRule", + "inputs": { + "assertionRule": { + "$ref": "#/types/aws-native:route53recoverycontrol:SafetyRuleAssertionRule", + "description": "An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is `On` after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario." + }, + "controlPanelArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the control panel." + }, + "gatingRule": { + "$ref": "#/types/aws-native:route53recoverycontrol:SafetyRuleGatingRule", + "description": "A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.\n\nFor example, if you specify one gating routing control and you set the `Type` in the rule configuration to `OR` , that indicates that you must set the gating routing control to `On` for the rule to evaluate as true; that is, for the gating control switch to be On. When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule." + }, + "name": { + "type": "string", + "description": "The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: \u0026 \u003e \u003c ' (single quote) \" (double quote) ; (semicolon)" + }, + "ruleConfig": { + "$ref": "#/types/aws-native:route53recoverycontrol:SafetyRuleRuleConfig", + "description": "The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be `ON` as the result of a transaction. For example, if you have three assertion controls, you might specify `ATLEAST 2` for your rule configuration. This means that at least two assertion controls must be `ON` , so that at least two AWS Regions have traffic flowing to them." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "assertionRule": { + "$ref": "#/types/aws-native:route53recoverycontrol:SafetyRuleAssertionRule", + "description": "An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is `On` after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario." + }, + "controlPanelArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the control panel." + }, + "gatingRule": { + "$ref": "#/types/aws-native:route53recoverycontrol:SafetyRuleGatingRule", + "description": "A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.\n\nFor example, if you specify one gating routing control and you set the `Type` in the rule configuration to `OR` , that indicates that you must set the gating routing control to `On` for the rule to evaluate as true; that is, for the gating control switch to be On. When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule." + }, + "name": { + "type": "string", + "description": "The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: \u0026 \u003e \u003c ' (single quote) \" (double quote) ; (semicolon)" + }, + "ruleConfig": { + "$ref": "#/types/aws-native:route53recoverycontrol:SafetyRuleRuleConfig", + "description": "The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be `ON` as the result of a transaction. For example, if you have three assertion controls, you might specify `ATLEAST 2` for your rule configuration. This means that at least two assertion controls must be `ON` , so that at least two AWS Regions have traffic flowing to them." + }, + "safetyRuleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the safety rule." + }, + "status": { + "$ref": "#/types/aws-native:route53recoverycontrol:SafetyRuleStatus", + "description": "The deployment status of the routing control. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53recoveryreadiness:Cell": { + "cf": "AWS::Route53RecoveryReadiness::Cell", + "inputs": { + "cellName": { + "type": "string", + "description": "The name of the cell to create." + }, + "cells": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific Regions." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "outputs": { + "cellArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the cell." + }, + "cellName": { + "type": "string", + "description": "The name of the cell to create.", + "replaceOnChanges": true + }, + "cells": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific Regions." + }, + "parentReadinessScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The readiness scope for the cell, which can be a cell Amazon Resource Name (ARN) or a recovery group ARN. This is a list but currently can have only one element." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource" + } + }, + "autoNamingSpec": { + "sdkName": "cellName", + "maxLength": 64 + }, + "createOnly": [ + "cellName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53recoveryreadiness:ReadinessCheck": { + "cf": "AWS::Route53RecoveryReadiness::ReadinessCheck", + "inputs": { + "readinessCheckName": { + "type": "string", + "description": "Name of the ReadinessCheck to create." + }, + "resourceSetName": { + "type": "string", + "description": "The name of the resource set to check." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource." + } + }, + "outputs": { + "readinessCheckArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the readiness check." + }, + "readinessCheckName": { + "type": "string", + "description": "Name of the ReadinessCheck to create.", + "replaceOnChanges": true + }, + "resourceSetName": { + "type": "string", + "description": "The name of the resource set to check." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource." + } + }, + "autoNamingSpec": { + "sdkName": "readinessCheckName", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "readinessCheckName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53recoveryreadiness:RecoveryGroup": { + "cf": "AWS::Route53RecoveryReadiness::RecoveryGroup", + "inputs": { + "cells": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the cell Amazon Resource Names (ARNs) in the recovery group." + }, + "recoveryGroupName": { + "type": "string", + "description": "The name of the recovery group to create." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource." + } + }, + "outputs": { + "cells": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the cell Amazon Resource Names (ARNs) in the recovery group." + }, + "recoveryGroupArn": { + "type": "string", + "description": "A collection of tags associated with a resource." + }, + "recoveryGroupName": { + "type": "string", + "description": "The name of the recovery group to create.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A collection of tags associated with a resource." + } + }, + "autoNamingSpec": { + "sdkName": "recoveryGroupName", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "recoveryGroupName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53recoveryreadiness:ResourceSet": { + "cf": "AWS::Route53RecoveryReadiness::ResourceSet", + "inputs": { + "resourceSetName": { + "type": "string", + "description": "The name of the resource set to create." + }, + "resourceSetType": { + "type": "string", + "description": "The resource type of the resources in the resource set. Enter one of the following values for resource type: \n\nAWS: :AutoScaling: :AutoScalingGroup, AWS: :CloudWatch: :Alarm, AWS: :EC2: :CustomerGateway, AWS: :DynamoDB: :Table, AWS: :EC2: :Volume, AWS: :ElasticLoadBalancing: :LoadBalancer, AWS: :ElasticLoadBalancingV2: :LoadBalancer, AWS: :MSK: :Cluster, AWS: :RDS: :DBCluster, AWS: :Route53: :HealthCheck, AWS: :SQS: :Queue, AWS: :SNS: :Topic, AWS: :SNS: :Subscription, AWS: :EC2: :VPC, AWS: :EC2: :VPNConnection, AWS: :EC2: :VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource" + }, + "resources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53recoveryreadiness:ResourceSetResource" + }, + "description": "A list of resource objects in the resource set." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A tag to associate with the parameters for a resource set." + } + }, + "outputs": { + "resourceSetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the resource set." + }, + "resourceSetName": { + "type": "string", + "description": "The name of the resource set to create.", + "replaceOnChanges": true + }, + "resourceSetType": { + "type": "string", + "description": "The resource type of the resources in the resource set. Enter one of the following values for resource type: \n\nAWS: :AutoScaling: :AutoScalingGroup, AWS: :CloudWatch: :Alarm, AWS: :EC2: :CustomerGateway, AWS: :DynamoDB: :Table, AWS: :EC2: :Volume, AWS: :ElasticLoadBalancing: :LoadBalancer, AWS: :ElasticLoadBalancingV2: :LoadBalancer, AWS: :MSK: :Cluster, AWS: :RDS: :DBCluster, AWS: :Route53: :HealthCheck, AWS: :SQS: :Queue, AWS: :SNS: :Topic, AWS: :SNS: :Subscription, AWS: :EC2: :VPC, AWS: :EC2: :VPNConnection, AWS: :EC2: :VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource", + "replaceOnChanges": true + }, + "resources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53recoveryreadiness:ResourceSetResource" + }, + "description": "A list of resource objects in the resource set." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A tag to associate with the parameters for a resource set." + } + }, + "autoNamingSpec": { + "sdkName": "resourceSetName" + }, + "required": [ + "resourceSetType", + "resources" + ], + "createOnly": [ + "resourceSetName", + "resourceSetType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53resolver:FirewallDomainList": { + "cf": "AWS::Route53Resolver::FirewallDomainList", + "inputs": { + "domainFileUrl": { + "type": "string", + "description": "S3 URL to import domains from." + }, + "domains": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the domain lists that you have defined." + }, + "name": { + "type": "string", + "description": "FirewallDomainListName" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Arn" + }, + "awsId": { + "type": "string", + "description": "ResourceId" + }, + "creationTime": { + "type": "string", + "description": "Rfc3339TimeString" + }, + "creatorRequestId": { + "type": "string", + "description": "The id of the creator request." + }, + "domainCount": { + "type": "integer", + "description": "Count" + }, + "domainFileUrl": { + "type": "string", + "description": "S3 URL to import domains from." + }, + "domains": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the domain lists that you have defined." + }, + "managedOwnerName": { + "type": "string", + "description": "ServicePrincipal" + }, + "modificationTime": { + "type": "string", + "description": "Rfc3339TimeString" + }, + "name": { + "type": "string", + "description": "FirewallDomainListName", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:route53resolver:FirewallDomainListStatus", + "description": "ResolverFirewallDomainList, possible values are COMPLETE, DELETING, UPDATING, COMPLETE_IMPORT_FAILED, IMPORTING, and INACTIVE_OWNER_ACCOUNT_CLOSED." + }, + "statusMessage": { + "type": "string", + "description": "FirewallDomainListAssociationStatus" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "name" + ], + "writeOnly": [ + "domainFileUrl", + "domains" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53resolver:FirewallRuleGroup": { + "cf": "AWS::Route53Resolver::FirewallRuleGroup", + "inputs": { + "firewallRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53resolver:FirewallRuleGroupFirewallRule" + }, + "description": "FirewallRules" + }, + "name": { + "type": "string", + "description": "FirewallRuleGroupName" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Arn" + }, + "awsId": { + "type": "string", + "description": "ResourceId" + }, + "creationTime": { + "type": "string", + "description": "Rfc3339TimeString" + }, + "creatorRequestId": { + "type": "string", + "description": "The id of the creator request." + }, + "firewallRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53resolver:FirewallRuleGroupFirewallRule" + }, + "description": "FirewallRules" + }, + "modificationTime": { + "type": "string", + "description": "Rfc3339TimeString" + }, + "name": { + "type": "string", + "description": "FirewallRuleGroupName", + "replaceOnChanges": true + }, + "ownerId": { + "type": "string", + "description": "AccountId" + }, + "ruleCount": { + "type": "integer", + "description": "Count" + }, + "shareStatus": { + "$ref": "#/types/aws-native:route53resolver:FirewallRuleGroupShareStatus", + "description": "ShareStatus, possible values are NOT_SHARED, SHARED_WITH_ME, SHARED_BY_ME." + }, + "status": { + "$ref": "#/types/aws-native:route53resolver:FirewallRuleGroupStatus", + "description": "ResolverFirewallRuleGroupAssociation, possible values are COMPLETE, DELETING, UPDATING, and INACTIVE_OWNER_ACCOUNT_CLOSED." + }, + "statusMessage": { + "type": "string", + "description": "FirewallRuleGroupStatus" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "name" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53resolver:FirewallRuleGroupAssociation": { + "cf": "AWS::Route53Resolver::FirewallRuleGroupAssociation", + "inputs": { + "firewallRuleGroupId": { + "type": "string", + "description": "FirewallRuleGroupId" + }, + "mutationProtection": { + "$ref": "#/types/aws-native:route53resolver:FirewallRuleGroupAssociationMutationProtection", + "description": "MutationProtectionStatus" + }, + "name": { + "type": "string", + "description": "FirewallRuleGroupAssociationName" + }, + "priority": { + "type": "integer", + "description": "Priority" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags" + }, + "vpcId": { + "type": "string", + "description": "VpcId" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Arn" + }, + "awsId": { + "type": "string", + "description": "Id" + }, + "creationTime": { + "type": "string", + "description": "Rfc3339TimeString" + }, + "creatorRequestId": { + "type": "string", + "description": "The id of the creator request." + }, + "firewallRuleGroupId": { + "type": "string", + "description": "FirewallRuleGroupId", + "replaceOnChanges": true + }, + "managedOwnerName": { + "type": "string", + "description": "ServicePrincipal" + }, + "modificationTime": { + "type": "string", + "description": "Rfc3339TimeString" + }, + "mutationProtection": { + "$ref": "#/types/aws-native:route53resolver:FirewallRuleGroupAssociationMutationProtection", + "description": "MutationProtectionStatus" + }, + "name": { + "type": "string", + "description": "FirewallRuleGroupAssociationName" + }, + "priority": { + "type": "integer", + "description": "Priority" + }, + "status": { + "$ref": "#/types/aws-native:route53resolver:FirewallRuleGroupAssociationStatus", + "description": "ResolverFirewallRuleGroupAssociation, possible values are COMPLETE, DELETING, UPDATING, and INACTIVE_OWNER_ACCOUNT_CLOSED." + }, + "statusMessage": { + "type": "string", + "description": "FirewallDomainListAssociationStatus" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Tags" + }, + "vpcId": { + "type": "string", + "description": "VpcId", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 64 + }, + "required": [ + "firewallRuleGroupId", + "priority", + "vpcId" + ], + "createOnly": [ + "firewallRuleGroupId", + "vpcId" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53resolver:OutpostResolver": { + "cf": "AWS::Route53Resolver::OutpostResolver", + "inputs": { + "instanceCount": { + "type": "integer", + "description": "The number of OutpostResolvers." + }, + "name": { + "type": "string", + "description": "The OutpostResolver name." + }, + "outpostArn": { + "type": "string", + "description": "The Outpost ARN." + }, + "preferredInstanceType": { + "type": "string", + "description": "The OutpostResolver instance type." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The OutpostResolver ARN." + }, + "awsId": { + "type": "string", + "description": "Id" + }, + "creationTime": { + "type": "string", + "description": "The OutpostResolver creation time" + }, + "creatorRequestId": { + "type": "string", + "description": "The id of the creator request." + }, + "instanceCount": { + "type": "integer", + "description": "The number of OutpostResolvers." + }, + "modificationTime": { + "type": "string", + "description": "The OutpostResolver last modified time" + }, + "name": { + "type": "string", + "description": "The OutpostResolver name." + }, + "outpostArn": { + "type": "string", + "description": "The Outpost ARN.", + "replaceOnChanges": true + }, + "preferredInstanceType": { + "type": "string", + "description": "The OutpostResolver instance type." + }, + "status": { + "$ref": "#/types/aws-native:route53resolver:OutpostResolverStatus", + "description": "The OutpostResolver status, possible values are CREATING, OPERATIONAL, UPDATING, DELETING, ACTION_NEEDED, FAILED_CREATION and FAILED_DELETION." + }, + "statusMessage": { + "type": "string", + "description": "The OutpostResolver status message." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "outpostArn", + "preferredInstanceType" + ], + "createOnly": [ + "outpostArn" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53resolver:ResolverConfig": { + "cf": "AWS::Route53Resolver::ResolverConfig", + "inputs": { + "autodefinedReverseFlag": { + "$ref": "#/types/aws-native:route53resolver:ResolverConfigAutodefinedReverseFlag", + "description": "Represents the desired status of AutodefinedReverse. The only supported value on creation is DISABLE. Deletion of this resource will return AutodefinedReverse to its default value (ENABLED)." + }, + "resourceId": { + "type": "string", + "description": "ResourceId" + } + }, + "outputs": { + "autodefinedReverse": { + "$ref": "#/types/aws-native:route53resolver:ResolverConfigAutodefinedReverse", + "description": "ResolverAutodefinedReverseStatus, possible values are ENABLING, ENABLED, DISABLING AND DISABLED." + }, + "autodefinedReverseFlag": { + "$ref": "#/types/aws-native:route53resolver:ResolverConfigAutodefinedReverseFlag", + "description": "Represents the desired status of AutodefinedReverse. The only supported value on creation is DISABLE. Deletion of this resource will return AutodefinedReverse to its default value (ENABLED).", + "replaceOnChanges": true + }, + "awsId": { + "type": "string", + "description": "Id" + }, + "ownerId": { + "type": "string", + "description": "AccountId" + }, + "resourceId": { + "type": "string", + "description": "ResourceId", + "replaceOnChanges": true + } + }, + "required": [ + "autodefinedReverseFlag", + "resourceId" + ], + "createOnly": [ + "autodefinedReverseFlag", + "resourceId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:route53resolver:ResolverDnssecConfig": { + "cf": "AWS::Route53Resolver::ResolverDNSSECConfig", + "inputs": { + "resourceId": { + "type": "string", + "description": "ResourceId" + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "Id" + }, + "ownerId": { + "type": "string", + "description": "AccountId" + }, + "resourceId": { + "type": "string", + "description": "ResourceId", + "replaceOnChanges": true + }, + "validationStatus": { + "$ref": "#/types/aws-native:route53resolver:ResolverDnssecConfigValidationStatus", + "description": "ResolverDNSSECValidationStatus, possible values are ENABLING, ENABLED, DISABLING AND DISABLED." + } + }, + "createOnly": [ + "resourceId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:route53resolver:ResolverQueryLoggingConfig": { + "cf": "AWS::Route53Resolver::ResolverQueryLoggingConfig", + "inputs": { + "destinationArn": { + "type": "string", + "description": "destination arn" + }, + "name": { + "type": "string", + "description": "ResolverQueryLogConfigName" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Arn" + }, + "associationCount": { + "type": "integer", + "description": "Count" + }, + "awsId": { + "type": "string", + "description": "ResourceId" + }, + "creationTime": { + "type": "string", + "description": "Rfc3339TimeString" + }, + "creatorRequestId": { + "type": "string", + "description": "The id of the creator request." + }, + "destinationArn": { + "type": "string", + "description": "destination arn", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "ResolverQueryLogConfigName", + "replaceOnChanges": true + }, + "ownerId": { + "type": "string", + "description": "AccountId" + }, + "shareStatus": { + "$ref": "#/types/aws-native:route53resolver:ResolverQueryLoggingConfigShareStatus", + "description": "ShareStatus, possible values are NOT_SHARED, SHARED_WITH_ME, SHARED_BY_ME." + }, + "status": { + "$ref": "#/types/aws-native:route53resolver:ResolverQueryLoggingConfigStatus", + "description": "ResolverQueryLogConfigStatus, possible values are CREATING, CREATED, DELETED AND FAILED." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "destinationArn", + "name" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:route53resolver:ResolverQueryLoggingConfigAssociation": { + "cf": "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation", + "inputs": { + "resolverQueryLogConfigId": { + "type": "string", + "description": "ResolverQueryLogConfigId" + }, + "resourceId": { + "type": "string", + "description": "ResourceId" + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "Id" + }, + "creationTime": { + "type": "string", + "description": "Rfc3339TimeString" + }, + "error": { + "$ref": "#/types/aws-native:route53resolver:ResolverQueryLoggingConfigAssociationError", + "description": "ResolverQueryLogConfigAssociationError" + }, + "errorMessage": { + "type": "string", + "description": "ResolverQueryLogConfigAssociationErrorMessage" + }, + "resolverQueryLogConfigId": { + "type": "string", + "description": "ResolverQueryLogConfigId", + "replaceOnChanges": true + }, + "resourceId": { + "type": "string", + "description": "ResourceId", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:route53resolver:ResolverQueryLoggingConfigAssociationStatus", + "description": "ResolverQueryLogConfigAssociationStatus" + } + }, + "createOnly": [ + "resolverQueryLogConfigId", + "resourceId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:route53resolver:ResolverRule": { + "cf": "AWS::Route53Resolver::ResolverRule", + "inputs": { + "delegationRecord": { + "type": "string", + "description": "The name server domain for queries to be delegated to if a query matches the delegation record." + }, + "domainName": { + "type": "string", + "description": "DNS queries for this domain name are forwarded to the IP addresses that are specified in TargetIps" + }, + "name": { + "type": "string", + "description": "The name for the Resolver rule" + }, + "resolverEndpointId": { + "type": "string", + "description": "The ID of the endpoint that the rule is associated with." + }, + "ruleType": { + "$ref": "#/types/aws-native:route53resolver:ResolverRuleRuleType", + "description": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD. When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify SYSTEM." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "targetIps": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53resolver:ResolverRuleTargetAddress" + }, + "description": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network. Specify IPv4 addresses. IPv6 is not supported." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the resolver rule." + }, + "delegationRecord": { + "type": "string", + "description": "The name server domain for queries to be delegated to if a query matches the delegation record." + }, + "domainName": { + "type": "string", + "description": "DNS queries for this domain name are forwarded to the IP addresses that are specified in TargetIps" + }, + "name": { + "type": "string", + "description": "The name for the Resolver rule" + }, + "resolverEndpointId": { + "type": "string", + "description": "The ID of the endpoint that the rule is associated with." + }, + "resolverRuleId": { + "type": "string", + "description": "The ID of the endpoint that the rule is associated with." + }, + "ruleType": { + "$ref": "#/types/aws-native:route53resolver:ResolverRuleRuleType", + "description": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD. When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify SYSTEM.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "targetIps": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:route53resolver:ResolverRuleTargetAddress" + }, + "description": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network. Specify IPv4 addresses. IPv6 is not supported." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 64 + }, + "required": [ + "ruleType" + ], + "createOnly": [ + "ruleType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:route53resolver:ResolverRuleAssociation": { + "cf": "AWS::Route53Resolver::ResolverRuleAssociation", + "inputs": { + "name": { + "type": "string", + "description": "The name of an association between a Resolver rule and a VPC." + }, + "resolverRuleId": { + "type": "string", + "description": "The ID of the Resolver rule that you associated with the VPC that is specified by ``VPCId``." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC that you associated the Resolver rule with." + } + }, + "outputs": { + "name": { + "type": "string", + "description": "The name of an association between a Resolver rule and a VPC.", + "replaceOnChanges": true + }, + "resolverRuleAssociationId": { + "type": "string", + "description": "The ID of the resolver rule association that you want to get information about, such as `rslvr-rrassoc-97242eaf88example` ." + }, + "resolverRuleId": { + "type": "string", + "description": "The ID of the Resolver rule that you associated with the VPC that is specified by ``VPCId``.", + "replaceOnChanges": true + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC that you associated the Resolver rule with.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "resolverRuleId", + "vpcId" + ], + "createOnly": [ + "name", + "resolverRuleId", + "vpcId" + ], + "irreversibleNames": { + "vpcId": "VPCId" + } + }, + "aws-native:rum:AppMonitor": { + "cf": "AWS::RUM::AppMonitor", + "inputs": { + "appMonitorConfiguration": { + "$ref": "#/types/aws-native:rum:AppMonitorConfiguration", + "description": "A structure that contains much of the configuration data for the app monitor. If you are using Amazon Cognito for authorization, you must include this structure in your request, and it must include the ID of the Amazon Cognito identity pool to use for authorization. If you don't include `AppMonitorConfiguration` , you must set up your own authorization method. For more information, see [Authorize your application to send data to AWS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html) .\n\nIf you omit this argument, the sample rate used for CloudWatch RUM is set to 10% of the user sessions." + }, + "customEvents": { + "$ref": "#/types/aws-native:rum:AppMonitorCustomEvents", + "description": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED` ." + }, + "cwLogEnabled": { + "type": "boolean", + "description": "Data collected by RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether RUM sends a copy of this telemetry data to CWLlong in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur CWLlong charges. If you omit this parameter, the default is false" + }, + "domain": { + "type": "string", + "description": "The top-level internet domain name for which your application has administrative authority." + }, + "name": { + "type": "string", + "description": "A name for the app monitor" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Assigns one or more tags (key-value pairs) to the app monitor.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an app monitor.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) ." + } + }, + "outputs": { + "appMonitorConfiguration": { + "$ref": "#/types/aws-native:rum:AppMonitorConfiguration", + "description": "A structure that contains much of the configuration data for the app monitor. If you are using Amazon Cognito for authorization, you must include this structure in your request, and it must include the ID of the Amazon Cognito identity pool to use for authorization. If you don't include `AppMonitorConfiguration` , you must set up your own authorization method. For more information, see [Authorize your application to send data to AWS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html) .\n\nIf you omit this argument, the sample rate used for CloudWatch RUM is set to 10% of the user sessions." + }, + "awsId": { + "type": "string", + "description": "The unique ID of the new app monitor." + }, + "customEvents": { + "$ref": "#/types/aws-native:rum:AppMonitorCustomEvents", + "description": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED` ." + }, + "cwLogEnabled": { + "type": "boolean", + "description": "Data collected by RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether RUM sends a copy of this telemetry data to CWLlong in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur CWLlong charges. If you omit this parameter, the default is false" + }, + "domain": { + "type": "string", + "description": "The top-level internet domain name for which your application has administrative authority." + }, + "name": { + "type": "string", + "description": "A name for the app monitor", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Assigns one or more tags (key-value pairs) to the app monitor.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an app monitor.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) ." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "domain" + ], + "createOnly": [ + "name" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:s3:AccessGrant": { + "cf": "AWS::S3::AccessGrant", + "inputs": { + "accessGrantsLocationConfiguration": { + "$ref": "#/types/aws-native:s3:AccessGrantsLocationConfiguration", + "description": "The configuration options of the grant location, which is the S3 path to the data to which you are granting access." + }, + "accessGrantsLocationId": { + "type": "string", + "description": "The custom S3 location to be accessed by the grantee" + }, + "applicationArn": { + "type": "string", + "description": "The ARN of the application grantees will use to access the location" + }, + "grantee": { + "$ref": "#/types/aws-native:s3:AccessGrantGrantee", + "description": "The principal who will be granted permission to access S3." + }, + "permission": { + "$ref": "#/types/aws-native:s3:AccessGrantPermission", + "description": "The level of access to be afforded to the grantee" + }, + "s3PrefixType": { + "$ref": "#/types/aws-native:s3:AccessGrantS3PrefixType", + "description": "The type of S3SubPrefix." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources." + } + }, + "outputs": { + "accessGrantArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified access grant." + }, + "accessGrantId": { + "type": "string", + "description": "The ID assigned to this access grant." + }, + "accessGrantsLocationConfiguration": { + "$ref": "#/types/aws-native:s3:AccessGrantsLocationConfiguration", + "description": "The configuration options of the grant location, which is the S3 path to the data to which you are granting access." + }, + "accessGrantsLocationId": { + "type": "string", + "description": "The custom S3 location to be accessed by the grantee" + }, + "applicationArn": { + "type": "string", + "description": "The ARN of the application grantees will use to access the location" + }, + "grantScope": { + "type": "string", + "description": "The S3 path of the data to which you are granting access. It is a combination of the S3 path of the registered location and the subprefix." + }, + "grantee": { + "$ref": "#/types/aws-native:s3:AccessGrantGrantee", + "description": "The principal who will be granted permission to access S3." + }, + "permission": { + "$ref": "#/types/aws-native:s3:AccessGrantPermission", + "description": "The level of access to be afforded to the grantee" + }, + "s3PrefixType": { + "$ref": "#/types/aws-native:s3:AccessGrantS3PrefixType", + "description": "The type of S3SubPrefix.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "replaceOnChanges": true + } + }, + "required": [ + "accessGrantsLocationId", + "grantee", + "permission" + ], + "createOnly": [ + "s3PrefixType", + "tags" + ], + "writeOnly": [ + "s3PrefixType", + "tags" + ], + "irreversibleNames": { + "s3PrefixType": "S3PrefixType" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:s3:AccessGrantsInstance": { + "cf": "AWS::S3::AccessGrantsInstance", + "inputs": { + "identityCenterArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified AWS Identity Center." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources." + } + }, + "outputs": { + "accessGrantsInstanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified Access Grants instance." + }, + "accessGrantsInstanceId": { + "type": "string", + "description": "A unique identifier for the specified access grants instance." + }, + "identityCenterArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified AWS Identity Center." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "replaceOnChanges": true + } + }, + "createOnly": [ + "tags" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:s3:AccessGrantsLocation": { + "cf": "AWS::S3::AccessGrantsLocation", + "inputs": { + "iamRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the access grant location's associated IAM role." + }, + "locationScope": { + "type": "string", + "description": "Descriptor for where the location actually points" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources." + } + }, + "outputs": { + "accessGrantsLocationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified Access Grants location." + }, + "accessGrantsLocationId": { + "type": "string", + "description": "The unique identifier for the specified Access Grants location." + }, + "iamRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the access grant location's associated IAM role." + }, + "locationScope": { + "type": "string", + "description": "Descriptor for where the location actually points" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", + "replaceOnChanges": true + } + }, + "createOnly": [ + "tags" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:s3:AccessPoint": { + "cf": "AWS::S3::AccessPoint", + "inputs": { + "bucket": { + "type": "string", + "description": "The name of the bucket that you want to associate this Access Point with." + }, + "bucketAccountId": { + "type": "string", + "description": "The AWS account ID associated with the S3 bucket associated with this access point." + }, + "name": { + "type": "string", + "description": "The name you want to assign to this Access Point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The Access Point Policy you want to apply to this access point.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3::AccessPoint` for more information about the expected schema for this property." + }, + "publicAccessBlockConfiguration": { + "$ref": "#/types/aws-native:s3:AccessPointPublicAccessBlockConfiguration", + "description": "The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:s3:AccessPointVpcConfiguration", + "description": "If you include this field, Amazon S3 restricts access to this Access Point to requests from the specified Virtual Private Cloud (VPC)." + } + }, + "outputs": { + "alias": { + "type": "string", + "description": "The alias of this Access Point. This alias can be used for compatibility purposes with other AWS services and third-party applications." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified accesspoint." + }, + "bucket": { + "type": "string", + "description": "The name of the bucket that you want to associate this Access Point with.", + "replaceOnChanges": true + }, + "bucketAccountId": { + "type": "string", + "description": "The AWS account ID associated with the S3 bucket associated with this access point.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name you want to assign to this Access Point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.", + "replaceOnChanges": true + }, + "networkOrigin": { + "$ref": "#/types/aws-native:s3:AccessPointNetworkOrigin", + "description": "Indicates whether this Access Point allows access from the public Internet. If VpcConfiguration is specified for this Access Point, then NetworkOrigin is VPC, and the Access Point doesn't allow access from the public Internet. Otherwise, NetworkOrigin is Internet, and the Access Point allows access from the public Internet, subject to the Access Point and bucket access policies." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The Access Point Policy you want to apply to this access point.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3::AccessPoint` for more information about the expected schema for this property." + }, + "publicAccessBlockConfiguration": { + "$ref": "#/types/aws-native:s3:AccessPointPublicAccessBlockConfiguration", + "description": "The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:s3:AccessPointVpcConfiguration", + "description": "If you include this field, Amazon S3 restricts access to this Access Point to requests from the specified Virtual Private Cloud (VPC).", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 50 + }, + "required": [ + "bucket" + ], + "createOnly": [ + "bucket", + "bucketAccountId", + "name", + "vpcConfiguration" + ] + }, + "aws-native:s3:Bucket": { + "cf": "AWS::S3::Bucket", + "inputs": { + "accelerateConfiguration": { + "$ref": "#/types/aws-native:s3:BucketAccelerateConfiguration", + "description": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*." + }, + "accessControl": { + "$ref": "#/types/aws-native:s3:BucketAccessControl", + "description": "This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*.\n A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide*.\n S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html). For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide*." + }, + "analyticsConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketAnalyticsConfiguration" + }, + "description": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket." + }, + "bucketEncryption": { + "$ref": "#/types/aws-native:s3:BucketEncryption", + "description": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*." + }, + "bucketName": { + "type": "string", + "description": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html). For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules) in the *Amazon S3 User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name." + }, + "corsConfiguration": { + "$ref": "#/types/aws-native:s3:BucketCorsConfiguration", + "description": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*." + }, + "intelligentTieringConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketIntelligentTieringConfiguration" + }, + "description": "Defines how Amazon S3 handles Intelligent-Tiering storage." + }, + "inventoryConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketInventoryConfiguration" + }, + "description": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*." + }, + "lifecycleConfiguration": { + "$ref": "#/types/aws-native:s3:BucketLifecycleConfiguration", + "description": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*." + }, + "loggingConfiguration": { + "$ref": "#/types/aws-native:s3:BucketLoggingConfiguration", + "description": "Settings that define where logs are stored." + }, + "metricsConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketMetricsConfiguration" + }, + "description": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html)." + }, + "notificationConfiguration": { + "$ref": "#/types/aws-native:s3:BucketNotificationConfiguration", + "description": "Configuration that defines how Amazon S3 handles bucket notifications." + }, + "objectLockConfiguration": { + "$ref": "#/types/aws-native:s3:BucketObjectLockConfiguration", + "description": "This operation is not supported by directory buckets.\n Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). \n + The ``DefaultRetention`` settings require both a mode and a period.\n + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.\n + You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html)." + }, + "objectLockEnabled": { + "type": "boolean", + "description": "Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket." + }, + "ownershipControls": { + "$ref": "#/types/aws-native:s3:BucketOwnershipControls", + "description": "Configuration that defines how Amazon S3 handles Object Ownership rules." + }, + "publicAccessBlockConfiguration": { + "$ref": "#/types/aws-native:s3:BucketPublicAccessBlockConfiguration", + "description": "Configuration that defines how Amazon S3 handles public access." + }, + "replicationConfiguration": { + "$ref": "#/types/aws-native:s3:BucketReplicationConfiguration", + "description": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the ``VersioningConfiguration`` property.\n Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this S3 bucket." + }, + "versioningConfiguration": { + "$ref": "#/types/aws-native:s3:BucketVersioningConfiguration", + "description": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them." + }, + "websiteConfiguration": { + "$ref": "#/types/aws-native:s3:BucketWebsiteConfiguration", + "description": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html)." + } + }, + "outputs": { + "accelerateConfiguration": { + "$ref": "#/types/aws-native:s3:BucketAccelerateConfiguration", + "description": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*." + }, + "accessControl": { + "$ref": "#/types/aws-native:s3:BucketAccessControl", + "description": "This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*.\n A canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide*.\n S3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n The majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html). For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide*." + }, + "analyticsConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketAnalyticsConfiguration" + }, + "description": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket." + }, + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) of the specified bucket.\n\nExample: `arn:aws:s3:::DOC-EXAMPLE-BUCKET`" + }, + "bucketEncryption": { + "$ref": "#/types/aws-native:s3:BucketEncryption", + "description": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*." + }, + "bucketName": { + "type": "string", + "description": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html). For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules) in the *Amazon S3 User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "corsConfiguration": { + "$ref": "#/types/aws-native:s3:BucketCorsConfiguration", + "description": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*." + }, + "domainName": { + "type": "string", + "description": "Returns the IPv4 DNS name of the specified bucket.\n\nExample: `DOC-EXAMPLE-BUCKET.s3.amazonaws.com`" + }, + "dualStackDomainName": { + "type": "string", + "description": "Returns the IPv6 DNS name of the specified bucket.\n\nExample: `DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com`\n\nFor more information about dual-stack endpoints, see [Using Amazon S3 Dual-Stack Endpoints](https://docs.aws.amazon.com/AmazonS3/latest/dev/dual-stack-endpoints.html) ." + }, + "intelligentTieringConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketIntelligentTieringConfiguration" + }, + "description": "Defines how Amazon S3 handles Intelligent-Tiering storage." + }, + "inventoryConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketInventoryConfiguration" + }, + "description": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*." + }, + "lifecycleConfiguration": { + "$ref": "#/types/aws-native:s3:BucketLifecycleConfiguration", + "description": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*." + }, + "loggingConfiguration": { + "$ref": "#/types/aws-native:s3:BucketLoggingConfiguration", + "description": "Settings that define where logs are stored." + }, + "metricsConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketMetricsConfiguration" + }, + "description": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html)." + }, + "notificationConfiguration": { + "$ref": "#/types/aws-native:s3:BucketNotificationConfiguration", + "description": "Configuration that defines how Amazon S3 handles bucket notifications." + }, + "objectLockConfiguration": { + "$ref": "#/types/aws-native:s3:BucketObjectLockConfiguration", + "description": "This operation is not supported by directory buckets.\n Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). \n + The ``DefaultRetention`` settings require both a mode and a period.\n + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.\n + You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html)." + }, + "objectLockEnabled": { + "type": "boolean", + "description": "Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket." + }, + "ownershipControls": { + "$ref": "#/types/aws-native:s3:BucketOwnershipControls", + "description": "Configuration that defines how Amazon S3 handles Object Ownership rules." + }, + "publicAccessBlockConfiguration": { + "$ref": "#/types/aws-native:s3:BucketPublicAccessBlockConfiguration", + "description": "Configuration that defines how Amazon S3 handles public access." + }, + "regionalDomainName": { + "type": "string", + "description": "Returns the regional domain name of the specified bucket.\n\nExample: `DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com`" + }, + "replicationConfiguration": { + "$ref": "#/types/aws-native:s3:BucketReplicationConfiguration", + "description": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the ``VersioningConfiguration`` property.\n Amazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this S3 bucket." + }, + "versioningConfiguration": { + "$ref": "#/types/aws-native:s3:BucketVersioningConfiguration", + "description": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them." + }, + "websiteConfiguration": { + "$ref": "#/types/aws-native:s3:BucketWebsiteConfiguration", + "description": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html)." + }, + "websiteUrl": { + "type": "string", + "description": "Returns the Amazon S3 website endpoint for the specified bucket.\n\nExample (IPv4): `http://DOC-EXAMPLE-BUCKET.s3-website.us-east-2.amazonaws.com`\n\nExample (IPv6): `http://DOC-EXAMPLE-BUCKET.s3.dualstack.us-east-2.amazonaws.com`" + } + }, + "autoNamingSpec": { + "sdkName": "bucketName" + }, + "createOnly": [ + "bucketName" + ], + "writeOnly": [ + "accessControl", + "lifecycleConfiguration/Rules/*/ExpiredObjectDeleteMarker", + "lifecycleConfiguration/Rules/*/NoncurrentVersionExpirationInDays", + "lifecycleConfiguration/Rules/*/NoncurrentVersionTransition", + "lifecycleConfiguration/Rules/*/Transition", + "replicationConfiguration/Rules/*/Prefix" + ], + "irreversibleNames": { + "websiteUrl": "WebsiteURL" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:s3:BucketPolicy": { + "cf": "AWS::S3::BucketPolicy", + "inputs": { + "bucket": { + "type": "string", + "description": "The name of the Amazon S3 bucket to which the policy applies." + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide*.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3::BucketPolicy` for more information about the expected schema for this property." + } + }, + "outputs": { + "bucket": { + "type": "string", + "description": "The name of the Amazon S3 bucket to which the policy applies.", + "replaceOnChanges": true + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide*.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3::BucketPolicy` for more information about the expected schema for this property." + } + }, + "required": [ + "bucket", + "policyDocument" + ], + "createOnly": [ + "bucket" + ] + }, + "aws-native:s3:MultiRegionAccessPoint": { + "cf": "AWS::S3::MultiRegionAccessPoint", + "inputs": { + "name": { + "type": "string", + "description": "The name you want to assign to this Multi Region Access Point." + }, + "publicAccessBlockConfiguration": { + "$ref": "#/types/aws-native:s3:MultiRegionAccessPointPublicAccessBlockConfiguration", + "description": "The PublicAccessBlock configuration that you want to apply to this Multi Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide." + }, + "regions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:MultiRegionAccessPointRegion" + }, + "description": "The list of buckets that you want to associate this Multi Region Access Point with." + } + }, + "outputs": { + "alias": { + "type": "string", + "description": "The alias is a unique identifier to, and is part of the public DNS name for this Multi Region Access Point" + }, + "createdAt": { + "type": "string", + "description": "The timestamp of the when the Multi Region Access Point is created" + }, + "name": { + "type": "string", + "description": "The name you want to assign to this Multi Region Access Point.", + "replaceOnChanges": true + }, + "publicAccessBlockConfiguration": { + "$ref": "#/types/aws-native:s3:MultiRegionAccessPointPublicAccessBlockConfiguration", + "description": "The PublicAccessBlock configuration that you want to apply to this Multi Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide.", + "replaceOnChanges": true + }, + "regions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:MultiRegionAccessPointRegion" + }, + "description": "The list of buckets that you want to associate this Multi Region Access Point with.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 50 + }, + "required": [ + "regions" + ], + "createOnly": [ + "name", + "publicAccessBlockConfiguration", + "regions" + ] + }, + "aws-native:s3:MultiRegionAccessPointPolicy": { + "cf": "AWS::S3::MultiRegionAccessPointPolicy", + "inputs": { + "mrapName": { + "type": "string", + "description": "The name of the Multi Region Access Point to apply policy" + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "Policy document to apply to a Multi Region Access Point\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3::MultiRegionAccessPointPolicy` for more information about the expected schema for this property." + } + }, + "outputs": { + "mrapName": { + "type": "string", + "description": "The name of the Multi Region Access Point to apply policy", + "replaceOnChanges": true + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "Policy document to apply to a Multi Region Access Point\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3::MultiRegionAccessPointPolicy` for more information about the expected schema for this property." + }, + "policyStatus": { + "$ref": "#/types/aws-native:s3:PolicyStatusProperties", + "description": "The Policy Status associated with this Multi Region Access Point" + } + }, + "required": [ + "mrapName", + "policy" + ], + "createOnly": [ + "mrapName" + ] + }, + "aws-native:s3:StorageLens": { + "cf": "AWS::S3::StorageLens", + "inputs": { + "storageLensConfiguration": { + "$ref": "#/types/aws-native:s3:StorageLensConfiguration", + "description": "This resource contains the details Amazon S3 Storage Lens configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A set of tags (key-value pairs) for this Amazon S3 Storage Lens configuration." + } + }, + "outputs": { + "storageLensConfiguration": { + "$ref": "#/types/aws-native:s3:StorageLensConfiguration", + "description": "This resource contains the details Amazon S3 Storage Lens configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A set of tags (key-value pairs) for this Amazon S3 Storage Lens configuration." + } + }, + "required": [ + "storageLensConfiguration" + ], + "createOnly": [ + "storageLensConfiguration/Id" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:s3:StorageLensGroup": { + "cf": "AWS::S3::StorageLensGroup", + "inputs": { + "filter": { + "$ref": "#/types/aws-native:s3:StorageLensGroupFilter", + "description": "This property contains the criteria for the Storage Lens group data that is displayed" + }, + "name": { + "type": "string", + "description": "This property contains the Storage Lens group name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A set of tags (key-value pairs) for this Amazon S3 Storage Lens Group." + } + }, + "outputs": { + "filter": { + "$ref": "#/types/aws-native:s3:StorageLensGroupFilter", + "description": "This property contains the criteria for the Storage Lens group data that is displayed" + }, + "name": { + "type": "string", + "description": "This property contains the Storage Lens group name.", + "replaceOnChanges": true + }, + "storageLensGroupArn": { + "type": "string", + "description": "The ARN for the Amazon S3 Storage Lens Group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A set of tags (key-value pairs) for this Amazon S3 Storage Lens Group." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "filter" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:s3express:BucketPolicy": { + "cf": "AWS::S3Express::BucketPolicy", + "inputs": { + "bucket": { + "type": "string", + "description": "The name of the S3 directory bucket to which the policy applies." + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3Express::BucketPolicy` for more information about the expected schema for this property." + } + }, + "outputs": { + "bucket": { + "type": "string", + "description": "The name of the S3 directory bucket to which the policy applies.", + "replaceOnChanges": true + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3Express::BucketPolicy` for more information about the expected schema for this property." + } + }, + "required": [ + "bucket", + "policyDocument" + ], + "createOnly": [ + "bucket" + ] + }, + "aws-native:s3express:DirectoryBucket": { + "cf": "AWS::S3Express::DirectoryBucket", + "inputs": { + "bucketName": { + "type": "string", + "description": "Specifies a name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone. The bucket name must also follow the format 'bucket_base_name--az_id--x-s3' (for example, 'DOC-EXAMPLE-BUCKET--usw2-az1--x-s3'). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name." + }, + "dataRedundancy": { + "$ref": "#/types/aws-native:s3express:DirectoryBucketDataRedundancy", + "description": "Specifies the number of Availability Zone that's used for redundancy for the bucket." + }, + "locationName": { + "type": "string", + "description": "Specifies the AZ ID of the Availability Zone where the directory bucket will be created. An example AZ ID value is 'use1-az5'." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) of the specified bucket." + }, + "bucketName": { + "type": "string", + "description": "Specifies a name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone. The bucket name must also follow the format 'bucket_base_name--az_id--x-s3' (for example, 'DOC-EXAMPLE-BUCKET--usw2-az1--x-s3'). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name.", + "replaceOnChanges": true + }, + "dataRedundancy": { + "$ref": "#/types/aws-native:s3express:DirectoryBucketDataRedundancy", + "description": "Specifies the number of Availability Zone that's used for redundancy for the bucket.", + "replaceOnChanges": true + }, + "locationName": { + "type": "string", + "description": "Specifies the AZ ID of the Availability Zone where the directory bucket will be created. An example AZ ID value is 'use1-az5'.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "bucketName", + "maxLength": 63 + }, + "required": [ + "dataRedundancy", + "locationName" + ], + "createOnly": [ + "bucketName", + "dataRedundancy", + "locationName" + ] + }, + "aws-native:s3objectlambda:AccessPoint": { + "cf": "AWS::S3ObjectLambda::AccessPoint", + "inputs": { + "name": { + "type": "string", + "description": "The name you want to assign to this Object lambda Access Point." + }, + "objectLambdaConfiguration": { + "$ref": "#/types/aws-native:s3objectlambda:AccessPointObjectLambdaConfiguration", + "description": "The Object lambda Access Point Configuration that configures transformations to be applied on the objects on specified S3 Actions" + } + }, + "outputs": { + "alias": { + "$ref": "#/types/aws-native:s3objectlambda:AccessPointAlias" + }, + "arn": { + "type": "string", + "description": "Specifies the ARN for the Object Lambda Access Point." + }, + "creationDate": { + "type": "string", + "description": "The date and time when the Object lambda Access Point was created." + }, + "name": { + "type": "string", + "description": "The name you want to assign to this Object lambda Access Point.", + "replaceOnChanges": true + }, + "objectLambdaConfiguration": { + "$ref": "#/types/aws-native:s3objectlambda:AccessPointObjectLambdaConfiguration", + "description": "The Object lambda Access Point Configuration that configures transformations to be applied on the objects on specified S3 Actions" + }, + "policyStatus": { + "$ref": "#/types/aws-native:s3objectlambda:AccessPointPolicyStatus" + }, + "publicAccessBlockConfiguration": { + "$ref": "#/types/aws-native:s3objectlambda:AccessPointPublicAccessBlockConfiguration", + "description": "The PublicAccessBlock configuration that you want to apply to this Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status 'The Meaning of Public' in the Amazon Simple Storage Service Developer Guide." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 45 + }, + "required": [ + "objectLambdaConfiguration" + ], + "createOnly": [ + "name" + ] + }, + "aws-native:s3objectlambda:AccessPointPolicy": { + "cf": "AWS::S3ObjectLambda::AccessPointPolicy", + "inputs": { + "objectLambdaAccessPoint": { + "type": "string", + "description": "The name of the Amazon S3 ObjectLambdaAccessPoint to which the policy applies." + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified ObjectLambdaAccessPoint. For more information, see Access Policy Language Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the Amazon Simple Storage Service Developer Guide. \n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3ObjectLambda::AccessPointPolicy` for more information about the expected schema for this property." + } + }, + "outputs": { + "objectLambdaAccessPoint": { + "type": "string", + "description": "The name of the Amazon S3 ObjectLambdaAccessPoint to which the policy applies.", + "replaceOnChanges": true + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified ObjectLambdaAccessPoint. For more information, see Access Policy Language Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the Amazon Simple Storage Service Developer Guide. \n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3ObjectLambda::AccessPointPolicy` for more information about the expected schema for this property." + } + }, + "required": [ + "objectLambdaAccessPoint", + "policyDocument" + ], + "createOnly": [ + "objectLambdaAccessPoint" + ] + }, + "aws-native:s3outposts:AccessPoint": { + "cf": "AWS::S3Outposts::AccessPoint", + "inputs": { + "bucket": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the bucket you want to associate this AccessPoint with." + }, + "name": { + "type": "string", + "description": "A name for the AccessPoint." + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The access point policy associated with this access point.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3Outposts::AccessPoint` for more information about the expected schema for this property." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:s3outposts:AccessPointVpcConfiguration", + "description": "Virtual Private Cloud (VPC) from which requests can be made to the AccessPoint." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified AccessPoint." + }, + "bucket": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the bucket you want to associate this AccessPoint with.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "A name for the AccessPoint.", + "replaceOnChanges": true + }, + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The access point policy associated with this access point.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3Outposts::AccessPoint` for more information about the expected schema for this property." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:s3outposts:AccessPointVpcConfiguration", + "description": "Virtual Private Cloud (VPC) from which requests can be made to the AccessPoint.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 50 + }, + "required": [ + "bucket", + "vpcConfiguration" + ], + "createOnly": [ + "bucket", + "name", + "vpcConfiguration" + ] + }, + "aws-native:s3outposts:Bucket": { + "cf": "AWS::S3Outposts::Bucket", + "inputs": { + "bucketName": { + "type": "string", + "description": "A name for the bucket." + }, + "lifecycleConfiguration": { + "$ref": "#/types/aws-native:s3outposts:BucketLifecycleConfiguration", + "description": "Rules that define how Amazon S3Outposts manages objects during their lifetime." + }, + "outpostId": { + "type": "string", + "description": "The id of the customer outpost on which the bucket resides." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this S3Outposts bucket." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified bucket." + }, + "bucketName": { + "type": "string", + "description": "A name for the bucket.", + "replaceOnChanges": true + }, + "lifecycleConfiguration": { + "$ref": "#/types/aws-native:s3outposts:BucketLifecycleConfiguration", + "description": "Rules that define how Amazon S3Outposts manages objects during their lifetime." + }, + "outpostId": { + "type": "string", + "description": "The id of the customer outpost on which the bucket resides.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this S3Outposts bucket." + } + }, + "autoNamingSpec": { + "sdkName": "bucketName", + "minLength": 3, + "maxLength": 63 + }, + "required": [ + "outpostId" + ], + "createOnly": [ + "bucketName", + "outpostId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:s3outposts:BucketPolicy": { + "cf": "AWS::S3Outposts::BucketPolicy", + "inputs": { + "bucket": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified bucket." + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified bucket.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3Outposts::BucketPolicy` for more information about the expected schema for this property." + } + }, + "outputs": { + "bucket": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified bucket.", + "replaceOnChanges": true + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document containing permissions to add to the specified bucket.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::S3Outposts::BucketPolicy` for more information about the expected schema for this property." + } + }, + "required": [ + "bucket", + "policyDocument" + ], + "createOnly": [ + "bucket" + ] + }, + "aws-native:s3outposts:Endpoint": { + "cf": "AWS::S3Outposts::Endpoint", + "inputs": { + "accessType": { + "$ref": "#/types/aws-native:s3outposts:EndpointAccessType", + "description": "The type of access for the on-premise network connectivity for the Outpost endpoint. To access endpoint from an on-premises network, you must specify the access type and provide the customer owned Ipv4 pool." + }, + "customerOwnedIpv4Pool": { + "type": "string", + "description": "The ID of the customer-owned IPv4 pool for the Endpoint. IP addresses will be allocated from this pool for the endpoint." + }, + "failedReason": { + "$ref": "#/types/aws-native:s3outposts:EndpointFailedReason", + "description": "The failure reason, if any, for a create or delete endpoint operation." + }, + "outpostId": { + "type": "string", + "description": "The id of the customer outpost on which the bucket resides." + }, + "securityGroupId": { + "type": "string", + "description": "The ID of the security group to use with the endpoint." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet in the selected VPC. The subnet must belong to the Outpost." + } + }, + "outputs": { + "accessType": { + "$ref": "#/types/aws-native:s3outposts:EndpointAccessType", + "description": "The type of access for the on-premise network connectivity for the Outpost endpoint. To access endpoint from an on-premises network, you must specify the access type and provide the customer owned Ipv4 pool.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the endpoint." + }, + "awsId": { + "type": "string", + "description": "The ID of the endpoint." + }, + "cidrBlock": { + "type": "string", + "description": "The VPC CIDR committed by this endpoint." + }, + "creationTime": { + "type": "string", + "description": "The time the endpoint was created." + }, + "customerOwnedIpv4Pool": { + "type": "string", + "description": "The ID of the customer-owned IPv4 pool for the Endpoint. IP addresses will be allocated from this pool for the endpoint.", + "replaceOnChanges": true + }, + "failedReason": { + "$ref": "#/types/aws-native:s3outposts:EndpointFailedReason", + "description": "The failure reason, if any, for a create or delete endpoint operation." + }, + "networkInterfaces": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3outposts:EndpointNetworkInterface" + }, + "description": "The network interfaces of the endpoint." + }, + "outpostId": { + "type": "string", + "description": "The id of the customer outpost on which the bucket resides.", + "replaceOnChanges": true + }, + "securityGroupId": { + "type": "string", + "description": "The ID of the security group to use with the endpoint.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:s3outposts:EndpointStatus", + "description": "The status of the endpoint." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet in the selected VPC. The subnet must belong to the Outpost.", + "replaceOnChanges": true + } + }, + "required": [ + "outpostId", + "securityGroupId", + "subnetId" + ], + "createOnly": [ + "accessType", + "customerOwnedIpv4Pool", + "outpostId", + "securityGroupId", + "subnetId" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:sagemaker:App": { + "cf": "AWS::SageMaker::App", + "inputs": { + "appName": { + "type": "string", + "description": "The name of the app." + }, + "appType": { + "$ref": "#/types/aws-native:sagemaker:AppType", + "description": "The type of app." + }, + "domainId": { + "type": "string", + "description": "The domain ID." + }, + "resourceSpec": { + "$ref": "#/types/aws-native:sagemaker:AppResourceSpec", + "description": "The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of tags to apply to the app." + }, + "userProfileName": { + "type": "string", + "description": "The user profile name." + } + }, + "outputs": { + "appArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the app." + }, + "appName": { + "type": "string", + "description": "The name of the app.", + "replaceOnChanges": true + }, + "appType": { + "$ref": "#/types/aws-native:sagemaker:AppType", + "description": "The type of app.", + "replaceOnChanges": true + }, + "domainId": { + "type": "string", + "description": "The domain ID.", + "replaceOnChanges": true + }, + "resourceSpec": { + "$ref": "#/types/aws-native:sagemaker:AppResourceSpec", + "description": "The instance type and the Amazon Resource Name (ARN) of the SageMaker image created on the instance.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of tags to apply to the app.", + "replaceOnChanges": true + }, + "userProfileName": { + "type": "string", + "description": "The user profile name.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "appName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "appType", + "domainId", + "userProfileName" + ], + "createOnly": [ + "appName", + "appType", + "domainId", + "resourceSpec", + "tags", + "userProfileName" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:sagemaker:AppImageConfig": { + "cf": "AWS::SageMaker::AppImageConfig", + "inputs": { + "appImageConfigName": { + "type": "string", + "description": "The Name of the AppImageConfig." + }, + "codeEditorAppImageConfig": { + "$ref": "#/types/aws-native:sagemaker:AppImageConfigCodeEditorAppImageConfig", + "description": "The CodeEditorAppImageConfig." + }, + "jupyterLabAppImageConfig": { + "$ref": "#/types/aws-native:sagemaker:AppImageConfigJupyterLabAppImageConfig", + "description": "The JupyterLabAppImageConfig." + }, + "kernelGatewayImageConfig": { + "$ref": "#/types/aws-native:sagemaker:AppImageConfigKernelGatewayImageConfig", + "description": "The KernelGatewayImageConfig." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of tags to apply to the AppImageConfig." + } + }, + "outputs": { + "appImageConfigArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AppImageConfig." + }, + "appImageConfigName": { + "type": "string", + "description": "The Name of the AppImageConfig.", + "replaceOnChanges": true + }, + "codeEditorAppImageConfig": { + "$ref": "#/types/aws-native:sagemaker:AppImageConfigCodeEditorAppImageConfig", + "description": "The CodeEditorAppImageConfig." + }, + "jupyterLabAppImageConfig": { + "$ref": "#/types/aws-native:sagemaker:AppImageConfigJupyterLabAppImageConfig", + "description": "The JupyterLabAppImageConfig." + }, + "kernelGatewayImageConfig": { + "$ref": "#/types/aws-native:sagemaker:AppImageConfigKernelGatewayImageConfig", + "description": "The KernelGatewayImageConfig." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of tags to apply to the AppImageConfig.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "appImageConfigName", + "minLength": 1, + "maxLength": 63 + }, + "createOnly": [ + "appImageConfigName", + "tags" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:sagemaker:DataQualityJobDefinition": { + "cf": "AWS::SageMaker::DataQualityJobDefinition", + "inputs": { + "dataQualityAppSpecification": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionDataQualityAppSpecification", + "description": "Specifies the container that runs the monitoring job." + }, + "dataQualityBaselineConfig": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionDataQualityBaselineConfig", + "description": "Configures the constraints and baselines for the monitoring job." + }, + "dataQualityJobInput": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionDataQualityJobInput", + "description": "A list of inputs for the monitoring job. Currently endpoints are supported as monitoring inputs." + }, + "dataQualityJobOutputConfig": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionMonitoringOutputConfig", + "description": "The output configuration for monitoring jobs." + }, + "endpointName": { + "type": "string" + }, + "jobDefinitionName": { + "type": "string", + "description": "The name for the monitoring job definition." + }, + "jobResources": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionMonitoringResources", + "description": "Identifies the resources to deploy for a monitoring job." + }, + "networkConfig": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionNetworkConfig", + "description": "Specifies networking configuration for the monitoring job." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf." + }, + "stoppingCondition": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionStoppingCondition", + "description": "A time limit for how long the monitoring job is allowed to run before stopping." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The time at which the job definition was created." + }, + "dataQualityAppSpecification": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionDataQualityAppSpecification", + "description": "Specifies the container that runs the monitoring job.", + "replaceOnChanges": true + }, + "dataQualityBaselineConfig": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionDataQualityBaselineConfig", + "description": "Configures the constraints and baselines for the monitoring job.", + "replaceOnChanges": true + }, + "dataQualityJobInput": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionDataQualityJobInput", + "description": "A list of inputs for the monitoring job. Currently endpoints are supported as monitoring inputs.", + "replaceOnChanges": true + }, + "dataQualityJobOutputConfig": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionMonitoringOutputConfig", + "description": "The output configuration for monitoring jobs.", + "replaceOnChanges": true + }, + "endpointName": { + "type": "string", + "replaceOnChanges": true + }, + "jobDefinitionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of job definition." + }, + "jobDefinitionName": { + "type": "string", + "description": "The name for the monitoring job definition.", + "replaceOnChanges": true + }, + "jobResources": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionMonitoringResources", + "description": "Identifies the resources to deploy for a monitoring job.", + "replaceOnChanges": true + }, + "networkConfig": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionNetworkConfig", + "description": "Specifies networking configuration for the monitoring job.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "replaceOnChanges": true + }, + "stoppingCondition": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionStoppingCondition", + "description": "A time limit for how long the monitoring job is allowed to run before stopping.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "jobDefinitionName" + }, + "required": [ + "dataQualityAppSpecification", + "dataQualityJobInput", + "dataQualityJobOutputConfig", + "jobResources", + "roleArn" + ], + "createOnly": [ + "dataQualityAppSpecification", + "dataQualityBaselineConfig", + "dataQualityJobInput", + "dataQualityJobOutputConfig", + "endpointName", + "jobDefinitionName", + "jobResources", + "networkConfig", + "roleArn", + "stoppingCondition", + "tags" + ], + "writeOnly": [ + "endpointName", + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:sagemaker:Device": { + "cf": "AWS::SageMaker::Device", + "inputs": { + "device": { + "$ref": "#/types/aws-native:sagemaker:Device", + "description": "The Edge Device you want to register against a device fleet", + "language": { + "csharp": { + "name": "DeviceValue" + } + } + }, + "deviceFleetName": { + "type": "string", + "description": "The name of the edge device fleet" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Associate tags with the resource" + } + }, + "outputs": { + "device": { + "$ref": "#/types/aws-native:sagemaker:Device", + "description": "The Edge Device you want to register against a device fleet", + "language": { + "csharp": { + "name": "DeviceValue" + } + } + }, + "deviceFleetName": { + "type": "string", + "description": "The name of the edge device fleet" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Associate tags with the resource" + } + }, + "required": [ + "deviceFleetName" + ], + "createOnly": [ + "device/DeviceName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:DeviceFleet": { + "cf": "AWS::SageMaker::DeviceFleet", + "inputs": { + "description": { + "type": "string", + "description": "Description for the edge device fleet" + }, + "deviceFleetName": { + "type": "string", + "description": "The name of the edge device fleet" + }, + "outputConfig": { + "$ref": "#/types/aws-native:sagemaker:DeviceFleetEdgeOutputConfig", + "description": "S3 bucket and an ecryption key id (if available) to store outputs for the fleet" + }, + "roleArn": { + "type": "string", + "description": "Role associated with the device fleet" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Associate tags with the resource" + } + }, + "outputs": { + "description": { + "type": "string", + "description": "Description for the edge device fleet" + }, + "deviceFleetName": { + "type": "string", + "description": "The name of the edge device fleet", + "replaceOnChanges": true + }, + "outputConfig": { + "$ref": "#/types/aws-native:sagemaker:DeviceFleetEdgeOutputConfig", + "description": "S3 bucket and an ecryption key id (if available) to store outputs for the fleet" + }, + "roleArn": { + "type": "string", + "description": "Role associated with the device fleet" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Associate tags with the resource" + } + }, + "autoNamingSpec": { + "sdkName": "deviceFleetName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "outputConfig", + "roleArn" + ], + "createOnly": [ + "deviceFleetName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:Domain": { + "cf": "AWS::SageMaker::Domain", + "inputs": { + "appNetworkAccessType": { + "$ref": "#/types/aws-native:sagemaker:DomainAppNetworkAccessType", + "description": "Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly." + }, + "appSecurityGroupManagement": { + "$ref": "#/types/aws-native:sagemaker:DomainAppSecurityGroupManagement", + "description": "The entity that creates and manages the required security groups for inter-app communication in VPCOnly mode. Required when CreateDomain.AppNetworkAccessType is VPCOnly and DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is provided." + }, + "authMode": { + "$ref": "#/types/aws-native:sagemaker:DomainAuthMode", + "description": "The mode of authentication that members use to access the domain." + }, + "defaultSpaceSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainDefaultSpaceSettings", + "description": "The default space settings." + }, + "defaultUserSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainUserSettings", + "description": "The default user settings." + }, + "domainName": { + "type": "string", + "description": "A name for the domain." + }, + "domainSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainSettings", + "description": "A collection of settings that apply to the `SageMaker Domain` . These settings are specified through the `CreateDomain` API call." + }, + "kmsKeyId": { + "type": "string", + "description": "SageMaker uses AWS KMS to encrypt the EFS volume attached to the domain with an AWS managed customer master key (CMK) by default." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The VPC subnets that Studio uses for communication." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of tags to apply to the user profile." + }, + "vpcId": { + "type": "string", + "description": "The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication." + } + }, + "outputs": { + "appNetworkAccessType": { + "$ref": "#/types/aws-native:sagemaker:DomainAppNetworkAccessType", + "description": "Specifies the VPC used for non-EFS traffic. The default value is PublicInternetOnly." + }, + "appSecurityGroupManagement": { + "$ref": "#/types/aws-native:sagemaker:DomainAppSecurityGroupManagement", + "description": "The entity that creates and manages the required security groups for inter-app communication in VPCOnly mode. Required when CreateDomain.AppNetworkAccessType is VPCOnly and DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn is provided." + }, + "authMode": { + "$ref": "#/types/aws-native:sagemaker:DomainAuthMode", + "description": "The mode of authentication that members use to access the domain.", + "replaceOnChanges": true + }, + "defaultSpaceSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainDefaultSpaceSettings", + "description": "The default space settings." + }, + "defaultUserSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainUserSettings", + "description": "The default user settings." + }, + "domainArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the created domain." + }, + "domainId": { + "type": "string", + "description": "The domain name." + }, + "domainName": { + "type": "string", + "description": "A name for the domain.", + "replaceOnChanges": true + }, + "domainSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainSettings", + "description": "A collection of settings that apply to the `SageMaker Domain` . These settings are specified through the `CreateDomain` API call." + }, + "homeEfsFileSystemId": { + "type": "string", + "description": "The ID of the Amazon Elastic File System (EFS) managed by this Domain." + }, + "kmsKeyId": { + "type": "string", + "description": "SageMaker uses AWS KMS to encrypt the EFS volume attached to the domain with an AWS managed customer master key (CMK) by default.", + "replaceOnChanges": true + }, + "securityGroupIdForDomainBoundary": { + "type": "string", + "description": "The ID of the security group that authorizes traffic between the RSessionGateway apps and the RStudioServerPro app." + }, + "singleSignOnApplicationArn": { + "type": "string", + "description": "The ARN of the application managed by SageMaker in IAM Identity Center. This value is only returned for domains created after October 1, 2023." + }, + "singleSignOnManagedApplicationInstanceId": { + "type": "string", + "description": "The SSO managed application instance ID." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The VPC subnets that Studio uses for communication." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of tags to apply to the user profile.", + "replaceOnChanges": true + }, + "url": { + "type": "string", + "description": "The URL to the created domain." + }, + "vpcId": { + "type": "string", + "description": "The ID of the Amazon Virtual Private Cloud (VPC) that Studio uses for communication.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "domainName", + "maxLength": 63 + }, + "required": [ + "authMode", + "defaultUserSettings", + "subnetIds", + "vpcId" + ], + "createOnly": [ + "authMode", + "domainName", + "domainSettings/RStudioServerProDomainSettings/DefaultResourceSpec", + "kmsKeyId", + "tags", + "vpcId" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:sagemaker:FeatureGroup": { + "cf": "AWS::SageMaker::FeatureGroup", + "inputs": { + "description": { + "type": "string", + "description": "Description about the FeatureGroup." + }, + "eventTimeFeatureName": { + "type": "string", + "description": "The Event Time Feature Name." + }, + "featureDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupFeatureDefinition" + }, + "description": "An Array of Feature Definition" + }, + "featureGroupName": { + "type": "string", + "description": "The Name of the FeatureGroup." + }, + "offlineStoreConfig": { + "$ref": "#/types/aws-native:sagemaker:OfflineStoreConfigProperties", + "description": "The configuration of an `OfflineStore` ." + }, + "onlineStoreConfig": { + "$ref": "#/types/aws-native:sagemaker:OnlineStoreConfigProperties", + "description": "The configuration of an `OnlineStore` ." + }, + "recordIdentifierFeatureName": { + "type": "string", + "description": "The Record Identifier Feature Name." + }, + "roleArn": { + "type": "string", + "description": "Role Arn" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pair to apply to this resource." + }, + "throughputConfig": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupThroughputConfig", + "description": "Used to set feature group throughput configuration. There are two modes: `ON_DEMAND` and `PROVISIONED` . With on-demand mode, you are charged for data reads and writes that your application performs on your feature group. You do not need to specify read and write throughput because Feature Store accommodates your workloads as they ramp up and down. You can switch a feature group to on-demand only once in a 24 hour period. With provisioned throughput mode, you specify the read and write capacity per second that you expect your application to require, and you are billed based on those limits. Exceeding provisioned throughput will result in your requests being throttled.\n\nNote: `PROVISIONED` throughput mode is supported only for feature groups that are offline-only, or use the [`Standard`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) tier online store." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "A timestamp of FeatureGroup creation time." + }, + "description": { + "type": "string", + "description": "Description about the FeatureGroup.", + "replaceOnChanges": true + }, + "eventTimeFeatureName": { + "type": "string", + "description": "The Event Time Feature Name.", + "replaceOnChanges": true + }, + "featureDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupFeatureDefinition" + }, + "description": "An Array of Feature Definition" + }, + "featureGroupName": { + "type": "string", + "description": "The Name of the FeatureGroup.", + "replaceOnChanges": true + }, + "featureGroupStatus": { + "type": "string", + "description": "The status of the feature group." + }, + "offlineStoreConfig": { + "$ref": "#/types/aws-native:sagemaker:OfflineStoreConfigProperties", + "description": "The configuration of an `OfflineStore` .", + "replaceOnChanges": true + }, + "onlineStoreConfig": { + "$ref": "#/types/aws-native:sagemaker:OnlineStoreConfigProperties", + "description": "The configuration of an `OnlineStore` ." + }, + "recordIdentifierFeatureName": { + "type": "string", + "description": "The Record Identifier Feature Name.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "Role Arn", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pair to apply to this resource.", + "replaceOnChanges": true + }, + "throughputConfig": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupThroughputConfig", + "description": "Used to set feature group throughput configuration. There are two modes: `ON_DEMAND` and `PROVISIONED` . With on-demand mode, you are charged for data reads and writes that your application performs on your feature group. You do not need to specify read and write throughput because Feature Store accommodates your workloads as they ramp up and down. You can switch a feature group to on-demand only once in a 24 hour period. With provisioned throughput mode, you specify the read and write capacity per second that you expect your application to require, and you are billed based on those limits. Exceeding provisioned throughput will result in your requests being throttled.\n\nNote: `PROVISIONED` throughput mode is supported only for feature groups that are offline-only, or use the [`Standard`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) tier online store." + } + }, + "autoNamingSpec": { + "sdkName": "featureGroupName", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "eventTimeFeatureName", + "featureDefinitions", + "recordIdentifierFeatureName" + ], + "createOnly": [ + "description", + "eventTimeFeatureName", + "featureGroupName", + "offlineStoreConfig", + "onlineStoreConfig/EnableOnlineStore", + "onlineStoreConfig/SecurityConfig", + "onlineStoreConfig/StorageType", + "recordIdentifierFeatureName", + "roleArn", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:sagemaker:Image": { + "cf": "AWS::SageMaker::Image", + "inputs": { + "imageDescription": { + "type": "string", + "description": "The description of the image." + }, + "imageDisplayName": { + "type": "string", + "description": "The display name of the image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.\n\n*Pattern* : `^\\S(.*\\S)?$`" + }, + "imageName": { + "type": "string", + "description": "The name of the Image. Must be unique by region in your account.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`" + }, + "imageRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n\n*Length Constraints* : Minimum length of 20. Maximum length of 2048.\n\n*Pattern* : `^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "imageArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the image.\n\n*Type* : String\n\n*Length Constraints* : Maximum length of 256.\n\n*Pattern* : `^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image/[a-z0-9]([-.]?[a-z0-9])*$`" + }, + "imageDescription": { + "type": "string", + "description": "The description of the image." + }, + "imageDisplayName": { + "type": "string", + "description": "The display name of the image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.\n\n*Pattern* : `^\\S(.*\\S)?$`" + }, + "imageName": { + "type": "string", + "description": "The name of the Image. Must be unique by region in your account.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", + "replaceOnChanges": true + }, + "imageRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n\n*Length Constraints* : Minimum length of 20. Maximum length of 2048.\n\n*Pattern* : `^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "imageName" + }, + "required": [ + "imageRoleArn" + ], + "createOnly": [ + "imageName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:ImageVersion": { + "cf": "AWS::SageMaker::ImageVersion", + "inputs": { + "alias": { + "type": "string" + }, + "aliases": { + "type": "array", + "items": { + "type": "string" + } + }, + "baseImage": { + "type": "string", + "description": "The container image that the SageMaker image version is based on." + }, + "horovod": { + "type": "boolean" + }, + "imageName": { + "type": "string", + "description": "The name of the parent image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`" + }, + "jobType": { + "$ref": "#/types/aws-native:sagemaker:ImageVersionJobType" + }, + "mlFramework": { + "type": "string" + }, + "processor": { + "$ref": "#/types/aws-native:sagemaker:ImageVersionProcessor" + }, + "programmingLang": { + "type": "string" + }, + "releaseNotes": { + "type": "string" + }, + "vendorGuidance": { + "$ref": "#/types/aws-native:sagemaker:ImageVersionVendorGuidance" + } + }, + "outputs": { + "alias": { + "type": "string" + }, + "aliases": { + "type": "array", + "items": { + "type": "string" + } + }, + "baseImage": { + "type": "string", + "description": "The container image that the SageMaker image version is based on.", + "replaceOnChanges": true + }, + "containerImage": { + "type": "string", + "description": "The URI of the container image version referenced by ImageVersion." + }, + "horovod": { + "type": "boolean" + }, + "imageArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the parent Image." + }, + "imageName": { + "type": "string", + "description": "The name of the parent image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", + "replaceOnChanges": true + }, + "imageVersionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the image version.\n\n*Type* : String\n\n*Length Constraints* : Maximum length of 256.\n\n*Pattern* : `^arn:aws(-[\\w]+)*:sagemaker:.+:[0-9]{12}:image-version/[a-z0-9]([-.]?[a-z0-9])*/[0-9]+$`" + }, + "jobType": { + "$ref": "#/types/aws-native:sagemaker:ImageVersionJobType" + }, + "mlFramework": { + "type": "string" + }, + "processor": { + "$ref": "#/types/aws-native:sagemaker:ImageVersionProcessor" + }, + "programmingLang": { + "type": "string" + }, + "releaseNotes": { + "type": "string" + }, + "vendorGuidance": { + "$ref": "#/types/aws-native:sagemaker:ImageVersionVendorGuidance" + }, + "version": { + "type": "integer", + "description": "The version of the image." + } + }, + "required": [ + "baseImage", + "imageName" + ], + "createOnly": [ + "baseImage", + "imageName" + ], + "writeOnly": [ + "alias", + "aliases" + ], + "irreversibleNames": { + "mlFramework": "MLFramework" + } + }, + "aws-native:sagemaker:InferenceComponent": { + "cf": "AWS::SageMaker::InferenceComponent", + "inputs": { + "endpointArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the endpoint that hosts the inference component." + }, + "endpointName": { + "type": "string", + "description": "The name of the endpoint that hosts the inference component." + }, + "inferenceComponentName": { + "type": "string", + "description": "The name of the inference component." + }, + "runtimeConfig": { + "$ref": "#/types/aws-native:sagemaker:InferenceComponentRuntimeConfig" + }, + "specification": { + "$ref": "#/types/aws-native:sagemaker:InferenceComponentSpecification" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + }, + "variantName": { + "type": "string", + "description": "The name of the production variant that hosts the inference component." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The time when the inference component was created." + }, + "endpointArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the endpoint that hosts the inference component." + }, + "endpointName": { + "type": "string", + "description": "The name of the endpoint that hosts the inference component." + }, + "failureReason": { + "type": "string" + }, + "inferenceComponentArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the inference component." + }, + "inferenceComponentName": { + "type": "string", + "description": "The name of the inference component." + }, + "inferenceComponentStatus": { + "$ref": "#/types/aws-native:sagemaker:InferenceComponentStatus", + "description": "The status of the inference component." + }, + "lastModifiedTime": { + "type": "string", + "description": "The time when the inference component was last updated." + }, + "runtimeConfig": { + "$ref": "#/types/aws-native:sagemaker:InferenceComponentRuntimeConfig" + }, + "specification": { + "$ref": "#/types/aws-native:sagemaker:InferenceComponentSpecification" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + } + }, + "variantName": { + "type": "string", + "description": "The name of the production variant that hosts the inference component." + } + }, + "autoNamingSpec": { + "sdkName": "inferenceComponentName" + }, + "required": [ + "endpointName", + "runtimeConfig", + "specification", + "variantName" + ], + "writeOnly": [ + "runtimeConfig/CopyCount", + "specification/Container/Image" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:InferenceExperiment": { + "cf": "AWS::SageMaker::InferenceExperiment", + "inputs": { + "dataStorageConfig": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentDataStorageConfig", + "description": "The Amazon S3 location and configuration for storing inference request and response data." + }, + "description": { + "type": "string", + "description": "The description of the inference experiment." + }, + "desiredState": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentDesiredState", + "description": "The desired state of the experiment after starting or stopping operation." + }, + "endpointName": { + "type": "string", + "description": "The name of the endpoint." + }, + "kmsKey": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint." + }, + "modelVariants": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentModelVariantConfig" + }, + "description": "An array of ModelVariantConfig objects. Each ModelVariantConfig object in the array describes the infrastructure configuration for the corresponding variant." + }, + "name": { + "type": "string", + "description": "The name for the inference experiment." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to access model artifacts and container images, and manage Amazon SageMaker Inference endpoints for model deployment." + }, + "schedule": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentSchedule", + "description": "The duration for which the inference experiment ran or will run.\n\nThe maximum duration that you can set for an inference experiment is 30 days." + }, + "shadowModeConfig": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentShadowModeConfig", + "description": "The configuration of `ShadowMode` inference experiment type, which shows the production variant that takes all the inference requests, and the shadow variant to which Amazon SageMaker replicates a percentage of the inference requests. For the shadow variant it also shows the percentage of requests that Amazon SageMaker replicates." + }, + "statusReason": { + "type": "string", + "description": "The error message or client-specified reason from the StopInferenceExperiment API, that explains the status of the inference experiment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "type": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentType", + "description": "The type of the inference experiment that you want to run." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the inference experiment." + }, + "creationTime": { + "type": "string", + "description": "The timestamp at which you created the inference experiment." + }, + "dataStorageConfig": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentDataStorageConfig", + "description": "The Amazon S3 location and configuration for storing inference request and response data." + }, + "description": { + "type": "string", + "description": "The description of the inference experiment." + }, + "desiredState": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentDesiredState", + "description": "The desired state of the experiment after starting or stopping operation." + }, + "endpointMetadata": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentEndpointMetadata" + }, + "endpointName": { + "type": "string", + "description": "The name of the endpoint.", + "replaceOnChanges": true + }, + "kmsKey": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.", + "replaceOnChanges": true + }, + "lastModifiedTime": { + "type": "string", + "description": "The timestamp at which you last modified the inference experiment." + }, + "modelVariants": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentModelVariantConfig" + }, + "description": "An array of ModelVariantConfig objects. Each ModelVariantConfig object in the array describes the infrastructure configuration for the corresponding variant." + }, + "name": { + "type": "string", + "description": "The name for the inference experiment.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to access model artifacts and container images, and manage Amazon SageMaker Inference endpoints for model deployment.", + "replaceOnChanges": true + }, + "schedule": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentSchedule", + "description": "The duration for which the inference experiment ran or will run.\n\nThe maximum duration that you can set for an inference experiment is 30 days." + }, + "shadowModeConfig": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentShadowModeConfig", + "description": "The configuration of `ShadowMode` inference experiment type, which shows the production variant that takes all the inference requests, and the shadow variant to which Amazon SageMaker replicates a percentage of the inference requests. For the shadow variant it also shows the percentage of requests that Amazon SageMaker replicates." + }, + "status": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentStatus", + "description": "The status of the inference experiment." + }, + "statusReason": { + "type": "string", + "description": "The error message or client-specified reason from the StopInferenceExperiment API, that explains the status of the inference experiment." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "type": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentType", + "description": "The type of the inference experiment that you want to run.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 120 + }, + "required": [ + "endpointName", + "modelVariants", + "roleArn", + "type" + ], + "createOnly": [ + "endpointName", + "kmsKey", + "name", + "roleArn", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:MlflowTrackingServer": { + "cf": "AWS::SageMaker::MlflowTrackingServer", + "inputs": { + "artifactStoreUri": { + "type": "string", + "description": "The Amazon S3 URI for MLFlow Tracking Server artifacts." + }, + "automaticModelRegistration": { + "type": "boolean", + "description": "A flag to enable Automatic SageMaker Model Registration." + }, + "mlflowVersion": { + "type": "string", + "description": "The MLFlow Version used on the MLFlow Tracking Server." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on behalf of the customer." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "trackingServerName": { + "type": "string", + "description": "The name of the MLFlow Tracking Server." + }, + "trackingServerSize": { + "$ref": "#/types/aws-native:sagemaker:MlflowTrackingServerTrackingServerSize", + "description": "The size of the MLFlow Tracking Server." + }, + "weeklyMaintenanceWindowStart": { + "type": "string", + "description": "The start of the time window for maintenance of the MLFlow Tracking Server in UTC time." + } + }, + "outputs": { + "artifactStoreUri": { + "type": "string", + "description": "The Amazon S3 URI for MLFlow Tracking Server artifacts." + }, + "automaticModelRegistration": { + "type": "boolean", + "description": "A flag to enable Automatic SageMaker Model Registration." + }, + "mlflowVersion": { + "type": "string", + "description": "The MLFlow Version used on the MLFlow Tracking Server." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on behalf of the customer." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "trackingServerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the MLFlow Tracking Server." + }, + "trackingServerName": { + "type": "string", + "description": "The name of the MLFlow Tracking Server.", + "replaceOnChanges": true + }, + "trackingServerSize": { + "$ref": "#/types/aws-native:sagemaker:MlflowTrackingServerTrackingServerSize", + "description": "The size of the MLFlow Tracking Server." + }, + "weeklyMaintenanceWindowStart": { + "type": "string", + "description": "The start of the time window for maintenance of the MLFlow Tracking Server in UTC time." + } + }, + "autoNamingSpec": { + "sdkName": "trackingServerName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "artifactStoreUri", + "roleArn" + ], + "createOnly": [ + "trackingServerName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:ModelBiasJobDefinition": { + "cf": "AWS::SageMaker::ModelBiasJobDefinition", + "inputs": { + "endpointName": { + "type": "string" + }, + "jobDefinitionName": { + "type": "string", + "description": "The name of the bias job definition. The name must be unique within an AWS Region in the AWS account." + }, + "jobResources": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionMonitoringResources", + "description": "Identifies the resources to deploy for a monitoring job." + }, + "modelBiasAppSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionModelBiasAppSpecification", + "description": "Configures the model bias job to run a specified Docker container image." + }, + "modelBiasBaselineConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionModelBiasBaselineConfig", + "description": "The baseline configuration for a model bias job." + }, + "modelBiasJobInput": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionModelBiasJobInput", + "description": "Inputs for the model bias job." + }, + "modelBiasJobOutputConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionMonitoringOutputConfig", + "description": "The output configuration for monitoring jobs." + }, + "networkConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionNetworkConfig", + "description": "Networking options for a model bias job." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf." + }, + "stoppingCondition": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionStoppingCondition", + "description": "A time limit for how long the monitoring job is allowed to run before stopping." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The time at which the job definition was created." + }, + "endpointName": { + "type": "string", + "replaceOnChanges": true + }, + "jobDefinitionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of job definition." + }, + "jobDefinitionName": { + "type": "string", + "description": "The name of the bias job definition. The name must be unique within an AWS Region in the AWS account.", + "replaceOnChanges": true + }, + "jobResources": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionMonitoringResources", + "description": "Identifies the resources to deploy for a monitoring job.", + "replaceOnChanges": true + }, + "modelBiasAppSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionModelBiasAppSpecification", + "description": "Configures the model bias job to run a specified Docker container image.", + "replaceOnChanges": true + }, + "modelBiasBaselineConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionModelBiasBaselineConfig", + "description": "The baseline configuration for a model bias job.", + "replaceOnChanges": true + }, + "modelBiasJobInput": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionModelBiasJobInput", + "description": "Inputs for the model bias job.", + "replaceOnChanges": true + }, + "modelBiasJobOutputConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionMonitoringOutputConfig", + "description": "The output configuration for monitoring jobs.", + "replaceOnChanges": true + }, + "networkConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionNetworkConfig", + "description": "Networking options for a model bias job.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "replaceOnChanges": true + }, + "stoppingCondition": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionStoppingCondition", + "description": "A time limit for how long the monitoring job is allowed to run before stopping.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "jobDefinitionName" + }, + "required": [ + "jobResources", + "modelBiasAppSpecification", + "modelBiasJobInput", + "modelBiasJobOutputConfig", + "roleArn" + ], + "createOnly": [ + "endpointName", + "jobDefinitionName", + "jobResources", + "modelBiasAppSpecification", + "modelBiasBaselineConfig", + "modelBiasJobInput", + "modelBiasJobOutputConfig", + "networkConfig", + "roleArn", + "stoppingCondition", + "tags" + ], + "writeOnly": [ + "endpointName", + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:sagemaker:ModelCard": { + "cf": "AWS::SageMaker::ModelCard", + "inputs": { + "content": { + "$ref": "#/types/aws-native:sagemaker:ModelCardContent", + "description": "The content of the model card. Content uses the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) ." + }, + "createdBy": { + "$ref": "#/types/aws-native:sagemaker:ModelCardUserContext", + "description": "Information about the user who created or modified an experiment, trial, trial component, lineage group, project, or model card." + }, + "lastModifiedBy": { + "$ref": "#/types/aws-native:sagemaker:ModelCardUserContext", + "description": "Information about the user who created or modified an experiment, trial, trial component, lineage group, project, or model card." + }, + "modelCardName": { + "type": "string", + "description": "The unique name of the model card." + }, + "modelCardStatus": { + "$ref": "#/types/aws-native:sagemaker:ModelCardStatus", + "description": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval." + }, + "securityConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelCardSecurityConfig", + "description": "The security configuration used to protect model card data." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs used to manage metadata for model cards." + } + }, + "outputs": { + "content": { + "$ref": "#/types/aws-native:sagemaker:ModelCardContent", + "description": "The content of the model card. Content uses the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) ." + }, + "createdBy": { + "$ref": "#/types/aws-native:sagemaker:ModelCardUserContext", + "description": "Information about the user who created or modified an experiment, trial, trial component, lineage group, project, or model card." + }, + "creationTime": { + "type": "string", + "description": "The date and time the model card was created." + }, + "lastModifiedBy": { + "$ref": "#/types/aws-native:sagemaker:ModelCardUserContext", + "description": "Information about the user who created or modified an experiment, trial, trial component, lineage group, project, or model card." + }, + "lastModifiedTime": { + "type": "string", + "description": "The date and time the model card was last modified." + }, + "modelCardArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the successfully created model card." + }, + "modelCardName": { + "type": "string", + "description": "The unique name of the model card.", + "replaceOnChanges": true + }, + "modelCardProcessingStatus": { + "$ref": "#/types/aws-native:sagemaker:ModelCardProcessingStatus", + "description": "The processing status of model card deletion. The ModelCardProcessingStatus updates throughout the different deletion steps." + }, + "modelCardStatus": { + "$ref": "#/types/aws-native:sagemaker:ModelCardStatus", + "description": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval." + }, + "modelCardVersion": { + "type": "integer", + "description": "A version of the model card." + }, + "securityConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelCardSecurityConfig", + "description": "The security configuration used to protect model card data.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs used to manage metadata for model cards." + } + }, + "autoNamingSpec": { + "sdkName": "modelCardName", + "maxLength": 63 + }, + "required": [ + "content", + "modelCardStatus" + ], + "createOnly": [ + "modelCardName", + "securityConfig" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinition": { + "cf": "AWS::SageMaker::ModelExplainabilityJobDefinition", + "inputs": { + "endpointName": { + "type": "string" + }, + "jobDefinitionName": { + "type": "string", + "description": "The name of the model explainability job definition. The name must be unique within an AWS Region in the AWS account." + }, + "jobResources": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionMonitoringResources", + "description": "Identifies the resources to deploy for a monitoring job." + }, + "modelExplainabilityAppSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionModelExplainabilityAppSpecification", + "description": "Configures the model explainability job to run a specified Docker container image." + }, + "modelExplainabilityBaselineConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionModelExplainabilityBaselineConfig", + "description": "The baseline configuration for a model explainability job." + }, + "modelExplainabilityJobInput": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionModelExplainabilityJobInput", + "description": "Inputs for the model explainability job." + }, + "modelExplainabilityJobOutputConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionMonitoringOutputConfig", + "description": "The output configuration for monitoring jobs." + }, + "networkConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionNetworkConfig", + "description": "Networking options for a model explainability job." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf." + }, + "stoppingCondition": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionStoppingCondition", + "description": "A time limit for how long the monitoring job is allowed to run before stopping." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The time at which the job definition was created." + }, + "endpointName": { + "type": "string", + "replaceOnChanges": true + }, + "jobDefinitionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of job definition." + }, + "jobDefinitionName": { + "type": "string", + "description": "The name of the model explainability job definition. The name must be unique within an AWS Region in the AWS account.", + "replaceOnChanges": true + }, + "jobResources": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionMonitoringResources", + "description": "Identifies the resources to deploy for a monitoring job.", + "replaceOnChanges": true + }, + "modelExplainabilityAppSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionModelExplainabilityAppSpecification", + "description": "Configures the model explainability job to run a specified Docker container image.", + "replaceOnChanges": true + }, + "modelExplainabilityBaselineConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionModelExplainabilityBaselineConfig", + "description": "The baseline configuration for a model explainability job.", + "replaceOnChanges": true + }, + "modelExplainabilityJobInput": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionModelExplainabilityJobInput", + "description": "Inputs for the model explainability job.", + "replaceOnChanges": true + }, + "modelExplainabilityJobOutputConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionMonitoringOutputConfig", + "description": "The output configuration for monitoring jobs.", + "replaceOnChanges": true + }, + "networkConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionNetworkConfig", + "description": "Networking options for a model explainability job.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "replaceOnChanges": true + }, + "stoppingCondition": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionStoppingCondition", + "description": "A time limit for how long the monitoring job is allowed to run before stopping.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "jobDefinitionName" + }, + "required": [ + "jobResources", + "modelExplainabilityAppSpecification", + "modelExplainabilityJobInput", + "modelExplainabilityJobOutputConfig", + "roleArn" + ], + "createOnly": [ + "endpointName", + "jobDefinitionName", + "jobResources", + "modelExplainabilityAppSpecification", + "modelExplainabilityBaselineConfig", + "modelExplainabilityJobInput", + "modelExplainabilityJobOutputConfig", + "networkConfig", + "roleArn", + "stoppingCondition", + "tags" + ], + "writeOnly": [ + "endpointName", + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:sagemaker:ModelPackage": { + "cf": "AWS::SageMaker::ModelPackage", + "inputs": { + "additionalInferenceSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageAdditionalInferenceSpecificationDefinition" + }, + "description": "An array of additional Inference Specification objects." + }, + "additionalInferenceSpecificationsToAdd": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageAdditionalInferenceSpecificationDefinition" + }, + "description": "An array of additional Inference Specification objects to be added to the existing array. The total number of additional Inference Specification objects cannot exceed 15. Each additional Inference Specification object specifies artifacts based on this model package that can be used on inference endpoints. Generally used with SageMaker Neo to store the compiled artifacts." + }, + "approvalDescription": { + "type": "string", + "description": "A description provided when the model approval is set." + }, + "certifyForMarketplace": { + "type": "boolean", + "description": "Whether the model package is to be certified to be listed on AWS Marketplace. For information about listing model packages on AWS Marketplace, see [List Your Algorithm or Model Package on AWS Marketplace](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-mkt-list.html) ." + }, + "clientToken": { + "type": "string", + "description": "A unique token that guarantees that the call to this API is idempotent." + }, + "customerMetadataProperties": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageCustomerMetadataProperties", + "description": "The metadata properties for the model package." + }, + "domain": { + "type": "string", + "description": "The machine learning domain of your model package and its components. Common machine learning domains include computer vision and natural language processing." + }, + "driftCheckBaselines": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageDriftCheckBaselines", + "description": "Represents the drift check baselines that can be used when the model monitor is set using the model package." + }, + "inferenceSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageInferenceSpecification", + "description": "Defines how to perform inference generation after a training job is run." + }, + "lastModifiedTime": { + "type": "string", + "description": "The last time the model package was modified." + }, + "metadataProperties": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetadataProperties", + "description": "Metadata properties of the tracking entity, trial, or trial component." + }, + "modelApprovalStatus": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageModelApprovalStatus", + "description": "The approval status of the model. This can be one of the following values.\n\n- `APPROVED` - The model is approved\n- `REJECTED` - The model is rejected.\n- `PENDING_MANUAL_APPROVAL` - The model is waiting for manual approval." + }, + "modelCard": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageModelCard", + "description": "An Amazon SageMaker Model Card." + }, + "modelMetrics": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageModelMetrics", + "description": "Metrics for the model." + }, + "modelPackageDescription": { + "type": "string", + "description": "The description of the model package." + }, + "modelPackageGroupName": { + "type": "string", + "description": "The model group to which the model belongs." + }, + "modelPackageName": { + "type": "string", + "description": "The name of the model." + }, + "modelPackageStatusDetails": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageStatusDetails", + "description": "Specifies the validation and image scan statuses of the model package." + }, + "modelPackageVersion": { + "type": "integer", + "description": "The version number of a versioned model." + }, + "samplePayloadUrl": { + "type": "string", + "description": "The Amazon Simple Storage Service path where the sample payload are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix)." + }, + "securityConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageSecurityConfig" + }, + "skipModelValidation": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageSkipModelValidation", + "description": "Indicates if you want to skip model validation." + }, + "sourceAlgorithmSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageSourceAlgorithmSpecification", + "description": "A list of algorithms that were used to create a model package." + }, + "sourceUri": { + "type": "string", + "description": "The URI of the source for the model package." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "task": { + "type": "string", + "description": "The machine learning task your model package accomplishes. Common machine learning tasks include object detection and image classification." + }, + "validationSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageValidationSpecification", + "description": "Specifies batch transform jobs that SageMaker runs to validate your model package." + } + }, + "outputs": { + "additionalInferenceSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageAdditionalInferenceSpecificationDefinition" + }, + "description": "An array of additional Inference Specification objects." + }, + "additionalInferenceSpecificationsToAdd": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageAdditionalInferenceSpecificationDefinition" + }, + "description": "An array of additional Inference Specification objects to be added to the existing array. The total number of additional Inference Specification objects cannot exceed 15. Each additional Inference Specification object specifies artifacts based on this model package that can be used on inference endpoints. Generally used with SageMaker Neo to store the compiled artifacts." + }, + "approvalDescription": { + "type": "string", + "description": "A description provided when the model approval is set." + }, + "certifyForMarketplace": { + "type": "boolean", + "description": "Whether the model package is to be certified to be listed on AWS Marketplace. For information about listing model packages on AWS Marketplace, see [List Your Algorithm or Model Package on AWS Marketplace](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-mkt-list.html) ." + }, + "clientToken": { + "type": "string", + "description": "A unique token that guarantees that the call to this API is idempotent.", + "replaceOnChanges": true + }, + "creationTime": { + "type": "string", + "description": "The time that the model package was created." + }, + "customerMetadataProperties": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageCustomerMetadataProperties", + "description": "The metadata properties for the model package." + }, + "domain": { + "type": "string", + "description": "The machine learning domain of your model package and its components. Common machine learning domains include computer vision and natural language processing.", + "replaceOnChanges": true + }, + "driftCheckBaselines": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageDriftCheckBaselines", + "description": "Represents the drift check baselines that can be used when the model monitor is set using the model package.", + "replaceOnChanges": true + }, + "inferenceSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageInferenceSpecification", + "description": "Defines how to perform inference generation after a training job is run.", + "replaceOnChanges": true + }, + "lastModifiedTime": { + "type": "string", + "description": "The last time the model package was modified." + }, + "metadataProperties": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetadataProperties", + "description": "Metadata properties of the tracking entity, trial, or trial component.", + "replaceOnChanges": true + }, + "modelApprovalStatus": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageModelApprovalStatus", + "description": "The approval status of the model. This can be one of the following values.\n\n- `APPROVED` - The model is approved\n- `REJECTED` - The model is rejected.\n- `PENDING_MANUAL_APPROVAL` - The model is waiting for manual approval." + }, + "modelCard": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageModelCard", + "description": "An Amazon SageMaker Model Card." + }, + "modelMetrics": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageModelMetrics", + "description": "Metrics for the model.", + "replaceOnChanges": true + }, + "modelPackageArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the model package." + }, + "modelPackageDescription": { + "type": "string", + "description": "The description of the model package.", + "replaceOnChanges": true + }, + "modelPackageGroupName": { + "type": "string", + "description": "The model group to which the model belongs.", + "replaceOnChanges": true + }, + "modelPackageName": { + "type": "string", + "description": "The name of the model." + }, + "modelPackageStatus": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageStatus", + "description": "The status of the model package. This can be one of the following values.\n\n- `PENDING` - The model package creation is pending.\n- `IN_PROGRESS` - The model package is in the process of being created.\n- `COMPLETED` - The model package was successfully created.\n- `FAILED` - The model package creation failed.\n- `DELETING` - The model package is in the process of being deleted." + }, + "modelPackageStatusDetails": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageStatusDetails", + "description": "Specifies the validation and image scan statuses of the model package." + }, + "modelPackageVersion": { + "type": "integer", + "description": "The version number of a versioned model." + }, + "samplePayloadUrl": { + "type": "string", + "description": "The Amazon Simple Storage Service path where the sample payload are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", + "replaceOnChanges": true + }, + "securityConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageSecurityConfig", + "replaceOnChanges": true + }, + "skipModelValidation": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageSkipModelValidation", + "description": "Indicates if you want to skip model validation." + }, + "sourceAlgorithmSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageSourceAlgorithmSpecification", + "description": "A list of algorithms that were used to create a model package.", + "replaceOnChanges": true + }, + "sourceUri": { + "type": "string", + "description": "The URI of the source for the model package." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "task": { + "type": "string", + "description": "The machine learning task your model package accomplishes. Common machine learning tasks include object detection and image classification.", + "replaceOnChanges": true + }, + "validationSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageValidationSpecification", + "description": "Specifies batch transform jobs that SageMaker runs to validate your model package.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "modelPackageName" + }, + "createOnly": [ + "clientToken", + "domain", + "driftCheckBaselines", + "inferenceSpecification", + "metadataProperties", + "modelMetrics", + "modelPackageDescription", + "modelPackageGroupName", + "samplePayloadUrl", + "securityConfig", + "sourceAlgorithmSpecification", + "task", + "validationSpecification" + ], + "writeOnly": [ + "additionalInferenceSpecificationsToAdd", + "clientToken" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:ModelPackageGroup": { + "cf": "AWS::SageMaker::ModelPackageGroup", + "inputs": { + "modelPackageGroupDescription": { + "type": "string", + "description": "The description for the model group." + }, + "modelPackageGroupName": { + "type": "string", + "description": "The name of the model group." + }, + "modelPackageGroupPolicy": { + "$ref": "pulumi.json#/Any", + "description": "A resouce policy to control access to a model group. For information about resoure policies, see [Identity-based policies and resource-based policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html) in the *AWS Identity and Access Management User Guide.* .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SageMaker::ModelPackageGroup` for more information about the expected schema for this property." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The time at which the model package group was created." + }, + "modelPackageGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the model group." + }, + "modelPackageGroupDescription": { + "type": "string", + "description": "The description for the model group.", + "replaceOnChanges": true + }, + "modelPackageGroupName": { + "type": "string", + "description": "The name of the model group.", + "replaceOnChanges": true + }, + "modelPackageGroupPolicy": { + "$ref": "pulumi.json#/Any", + "description": "A resouce policy to control access to a model group. For information about resoure policies, see [Identity-based policies and resource-based policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html) in the *AWS Identity and Access Management User Guide.* .\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SageMaker::ModelPackageGroup` for more information about the expected schema for this property." + }, + "modelPackageGroupStatus": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageGroupStatus", + "description": "The status of a modelpackage group job." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "modelPackageGroupName" + }, + "createOnly": [ + "modelPackageGroupDescription", + "modelPackageGroupName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:ModelQualityJobDefinition": { + "cf": "AWS::SageMaker::ModelQualityJobDefinition", + "inputs": { + "endpointName": { + "type": "string" + }, + "jobDefinitionName": { + "type": "string", + "description": "The name of the monitoring job definition." + }, + "jobResources": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionMonitoringResources", + "description": "Identifies the resources to deploy for a monitoring job." + }, + "modelQualityAppSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionModelQualityAppSpecification", + "description": "Container image configuration object for the monitoring job." + }, + "modelQualityBaselineConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionModelQualityBaselineConfig", + "description": "Specifies the constraints and baselines for the monitoring job." + }, + "modelQualityJobInput": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionModelQualityJobInput", + "description": "A list of the inputs that are monitored. Currently endpoints are supported." + }, + "modelQualityJobOutputConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionMonitoringOutputConfig", + "description": "The output configuration for monitoring jobs." + }, + "networkConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionNetworkConfig", + "description": "Specifies the network configuration for the monitoring job." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf." + }, + "stoppingCondition": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionStoppingCondition", + "description": "A time limit for how long the monitoring job is allowed to run before stopping." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The time at which the job definition was created." + }, + "endpointName": { + "type": "string", + "replaceOnChanges": true + }, + "jobDefinitionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of job definition." + }, + "jobDefinitionName": { + "type": "string", + "description": "The name of the monitoring job definition.", + "replaceOnChanges": true + }, + "jobResources": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionMonitoringResources", + "description": "Identifies the resources to deploy for a monitoring job.", + "replaceOnChanges": true + }, + "modelQualityAppSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionModelQualityAppSpecification", + "description": "Container image configuration object for the monitoring job.", + "replaceOnChanges": true + }, + "modelQualityBaselineConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionModelQualityBaselineConfig", + "description": "Specifies the constraints and baselines for the monitoring job.", + "replaceOnChanges": true + }, + "modelQualityJobInput": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionModelQualityJobInput", + "description": "A list of the inputs that are monitored. Currently endpoints are supported.", + "replaceOnChanges": true + }, + "modelQualityJobOutputConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionMonitoringOutputConfig", + "description": "The output configuration for monitoring jobs.", + "replaceOnChanges": true + }, + "networkConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionNetworkConfig", + "description": "Specifies the network configuration for the monitoring job.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", + "replaceOnChanges": true + }, + "stoppingCondition": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionStoppingCondition", + "description": "A time limit for how long the monitoring job is allowed to run before stopping.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "jobDefinitionName" + }, + "required": [ + "jobResources", + "modelQualityAppSpecification", + "modelQualityJobInput", + "modelQualityJobOutputConfig", + "roleArn" + ], + "createOnly": [ + "endpointName", + "jobDefinitionName", + "jobResources", + "modelQualityAppSpecification", + "modelQualityBaselineConfig", + "modelQualityJobInput", + "modelQualityJobOutputConfig", + "networkConfig", + "roleArn", + "stoppingCondition", + "tags" + ], + "writeOnly": [ + "endpointName", + "tags", + "tags/*/Key", + "tags/*/Value" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:sagemaker:MonitoringSchedule": { + "cf": "AWS::SageMaker::MonitoringSchedule", + "inputs": { + "endpointName": { + "type": "string", + "description": "The name of the endpoint using the monitoring schedule." + }, + "failureReason": { + "type": "string", + "description": "Contains the reason a monitoring job failed, if it failed." + }, + "lastMonitoringExecutionSummary": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleMonitoringExecutionSummary", + "description": "Describes metadata on the last execution to run, if there was one." + }, + "monitoringScheduleConfig": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleConfig", + "description": "The configuration object that specifies the monitoring schedule and defines the monitoring job." + }, + "monitoringScheduleName": { + "type": "string", + "description": "The name of the monitoring schedule." + }, + "monitoringScheduleStatus": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleStatus", + "description": "The status of a schedule job." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The time at which the schedule was created." + }, + "endpointName": { + "type": "string", + "description": "The name of the endpoint using the monitoring schedule." + }, + "failureReason": { + "type": "string", + "description": "Contains the reason a monitoring job failed, if it failed." + }, + "lastModifiedTime": { + "type": "string", + "description": "A timestamp that indicates the last time the monitoring job was modified." + }, + "lastMonitoringExecutionSummary": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleMonitoringExecutionSummary", + "description": "Describes metadata on the last execution to run, if there was one." + }, + "monitoringScheduleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the monitoring schedule." + }, + "monitoringScheduleConfig": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleConfig", + "description": "The configuration object that specifies the monitoring schedule and defines the monitoring job." + }, + "monitoringScheduleName": { + "type": "string", + "description": "The name of the monitoring schedule.", + "replaceOnChanges": true + }, + "monitoringScheduleStatus": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleStatus", + "description": "The status of a schedule job." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "monitoringScheduleName" + }, + "required": [ + "monitoringScheduleConfig" + ], + "createOnly": [ + "monitoringScheduleName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:Pipeline": { + "cf": "AWS::SageMaker::Pipeline", + "inputs": { + "parallelismConfiguration": { + "$ref": "#/types/aws-native:sagemaker:ParallelismConfigurationProperties", + "description": "The parallelism configuration applied to the pipeline." + }, + "pipelineDefinition": { + "oneOf": [ + { + "$ref": "#/types/aws-native:sagemaker:PipelineDefinition0Properties" + }, + { + "$ref": "#/types/aws-native:sagemaker:PipelineDefinition1Properties" + } + ], + "description": "The definition of the pipeline. This can be either a JSON string or an Amazon S3 location." + }, + "pipelineDescription": { + "type": "string", + "description": "The description of the Pipeline." + }, + "pipelineDisplayName": { + "type": "string", + "description": "The display name of the Pipeline." + }, + "pipelineName": { + "type": "string", + "description": "The name of the Pipeline." + }, + "roleArn": { + "type": "string", + "description": "Role Arn" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of the pipeline." + } + }, + "outputs": { + "parallelismConfiguration": { + "$ref": "#/types/aws-native:sagemaker:ParallelismConfigurationProperties", + "description": "The parallelism configuration applied to the pipeline." + }, + "pipelineDefinition": { + "oneOf": [ + { + "$ref": "#/types/aws-native:sagemaker:PipelineDefinition0Properties" + }, + { + "$ref": "#/types/aws-native:sagemaker:PipelineDefinition1Properties" + } + ], + "description": "The definition of the pipeline. This can be either a JSON string or an Amazon S3 location." + }, + "pipelineDescription": { + "type": "string", + "description": "The description of the Pipeline." + }, + "pipelineDisplayName": { + "type": "string", + "description": "The display name of the Pipeline." + }, + "pipelineName": { + "type": "string", + "description": "The name of the Pipeline.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "Role Arn" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of the pipeline." + } + }, + "autoNamingSpec": { + "sdkName": "pipelineName", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "pipelineDefinition", + "roleArn" + ], + "createOnly": [ + "pipelineName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:Project": { + "cf": "AWS::SageMaker::Project", + "inputs": { + "projectDescription": { + "type": "string", + "description": "The description of the project." + }, + "projectName": { + "type": "string", + "description": "The name of the project." + }, + "serviceCatalogProvisionedProductDetails": { + "$ref": "#/types/aws-native:sagemaker:ServiceCatalogProvisionedProductDetailsProperties", + "description": "Provisioned ServiceCatalog Details" + }, + "serviceCatalogProvisioningDetails": { + "$ref": "#/types/aws-native:sagemaker:ServiceCatalogProvisioningDetailsProperties", + "description": "Input ServiceCatalog Provisioning Details" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "creationTime": { + "type": "string", + "description": "The time at which the project was created." + }, + "projectArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the project." + }, + "projectDescription": { + "type": "string", + "description": "The description of the project.", + "replaceOnChanges": true + }, + "projectId": { + "type": "string", + "description": "The ID of the project. This ID is prepended to all entities associated with this project." + }, + "projectName": { + "type": "string", + "description": "The name of the project.", + "replaceOnChanges": true + }, + "projectStatus": { + "$ref": "#/types/aws-native:sagemaker:ProjectStatus", + "description": "The status of a project." + }, + "serviceCatalogProvisionedProductDetails": { + "$ref": "#/types/aws-native:sagemaker:ServiceCatalogProvisionedProductDetailsProperties", + "description": "Provisioned ServiceCatalog Details" + }, + "serviceCatalogProvisioningDetails": { + "$ref": "#/types/aws-native:sagemaker:ServiceCatalogProvisioningDetailsProperties", + "description": "Input ServiceCatalog Provisioning Details", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "An array of key-value pairs to apply to this resource.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "projectName" + }, + "required": [ + "serviceCatalogProvisioningDetails" + ], + "createOnly": [ + "projectDescription", + "projectName", + "serviceCatalogProvisioningDetails", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:sagemaker:Space": { + "cf": "AWS::SageMaker::Space", + "inputs": { + "domainId": { + "type": "string", + "description": "The ID of the associated Domain." + }, + "ownershipSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceOwnershipSettings", + "description": "The collection of ownership settings for a space." + }, + "spaceDisplayName": { + "type": "string", + "description": "The name of the space that appears in the Studio UI." + }, + "spaceName": { + "type": "string", + "description": "A name for the Space." + }, + "spaceSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceSettings", + "description": "A collection of settings." + }, + "spaceSharingSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceSharingSettings", + "description": "A collection of space sharing settings." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags to apply to the space." + } + }, + "outputs": { + "domainId": { + "type": "string", + "description": "The ID of the associated Domain.", + "replaceOnChanges": true + }, + "ownershipSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceOwnershipSettings", + "description": "The collection of ownership settings for a space.", + "replaceOnChanges": true + }, + "spaceArn": { + "type": "string", + "description": "The space Amazon Resource Name (ARN)." + }, + "spaceDisplayName": { + "type": "string", + "description": "The name of the space that appears in the Studio UI." + }, + "spaceName": { + "type": "string", + "description": "A name for the Space.", + "replaceOnChanges": true + }, + "spaceSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceSettings", + "description": "A collection of settings." + }, + "spaceSharingSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceSharingSettings", + "description": "A collection of space sharing settings.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags to apply to the space." + }, + "url": { + "type": "string", + "description": "Returns the URL of the space. If the space is created with AWS IAM Identity Center (Successor to AWS Single Sign-On) authentication, users can navigate to the URL after appending the respective redirect parameter for the application type to be federated through AWS IAM Identity Center.\n\nThe following application types are supported:\n\n- Studio Classic: `\u0026redirect=JupyterServer`\n- JupyterLab: `\u0026redirect=JupyterLab`\n- Code Editor, based on Code-OSS, Visual Studio Code - Open Source: `\u0026redirect=CodeEditor`" + } + }, + "autoNamingSpec": { + "sdkName": "spaceName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "domainId" + ], + "createOnly": [ + "domainId", + "ownershipSettings", + "spaceName", + "spaceSharingSettings" + ], + "writeOnly": [ + "spaceSettings", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sagemaker:StudioLifecycleConfig": { + "cf": "AWS::SageMaker::StudioLifecycleConfig", + "inputs": { + "studioLifecycleConfigAppType": { + "$ref": "#/types/aws-native:sagemaker:StudioLifecycleConfigAppType", + "description": "The App type that the Lifecycle Configuration is attached to." + }, + "studioLifecycleConfigContent": { + "type": "string", + "description": "The content of your Amazon SageMaker Studio Lifecycle Configuration script." + }, + "studioLifecycleConfigName": { + "type": "string", + "description": "The name of the Amazon SageMaker Studio Lifecycle Configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Tags to be associated with the Lifecycle Configuration." + } + }, + "outputs": { + "studioLifecycleConfigAppType": { + "$ref": "#/types/aws-native:sagemaker:StudioLifecycleConfigAppType", + "description": "The App type that the Lifecycle Configuration is attached to.", + "replaceOnChanges": true + }, + "studioLifecycleConfigArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration." + }, + "studioLifecycleConfigContent": { + "type": "string", + "description": "The content of your Amazon SageMaker Studio Lifecycle Configuration script.", + "replaceOnChanges": true + }, + "studioLifecycleConfigName": { + "type": "string", + "description": "The name of the Amazon SageMaker Studio Lifecycle Configuration.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "Tags to be associated with the Lifecycle Configuration.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "studioLifecycleConfigName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "studioLifecycleConfigAppType", + "studioLifecycleConfigContent" + ], + "createOnly": [ + "studioLifecycleConfigAppType", + "studioLifecycleConfigContent", + "studioLifecycleConfigName", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:sagemaker:UserProfile": { + "cf": "AWS::SageMaker::UserProfile", + "inputs": { + "domainId": { + "type": "string", + "description": "The ID of the associated Domain." + }, + "singleSignOnUserIdentifier": { + "type": "string", + "description": "A specifier for the type of value specified in SingleSignOnUserValue. Currently, the only supported value is \"UserName\". If the Domain's AuthMode is SSO, this field is required. If the Domain's AuthMode is not SSO, this field cannot be specified." + }, + "singleSignOnUserValue": { + "type": "string", + "description": "The username of the associated AWS Single Sign-On User for this UserProfile. If the Domain's AuthMode is SSO, this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not SSO, this field cannot be specified." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of tags to apply to the user profile." + }, + "userProfileName": { + "type": "string", + "description": "A name for the UserProfile." + }, + "userSettings": { + "$ref": "#/types/aws-native:sagemaker:UserProfileUserSettings", + "description": "A collection of settings." + } + }, + "outputs": { + "domainId": { + "type": "string", + "description": "The ID of the associated Domain.", + "replaceOnChanges": true + }, + "singleSignOnUserIdentifier": { + "type": "string", + "description": "A specifier for the type of value specified in SingleSignOnUserValue. Currently, the only supported value is \"UserName\". If the Domain's AuthMode is SSO, this field is required. If the Domain's AuthMode is not SSO, this field cannot be specified.", + "replaceOnChanges": true + }, + "singleSignOnUserValue": { + "type": "string", + "description": "The username of the associated AWS Single Sign-On User for this UserProfile. If the Domain's AuthMode is SSO, this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not SSO, this field cannot be specified.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "A list of tags to apply to the user profile.", + "replaceOnChanges": true + }, + "userProfileArn": { + "type": "string", + "description": "The user profile Amazon Resource Name (ARN)." + }, + "userProfileName": { + "type": "string", + "description": "A name for the UserProfile.", + "replaceOnChanges": true + }, + "userSettings": { + "$ref": "#/types/aws-native:sagemaker:UserProfileUserSettings", + "description": "A collection of settings." + } + }, + "autoNamingSpec": { + "sdkName": "userProfileName", + "minLength": 1, + "maxLength": 63 + }, + "required": [ + "domainId" + ], + "createOnly": [ + "domainId", + "singleSignOnUserIdentifier", + "singleSignOnUserValue", + "tags", + "userProfileName", + "userSettings/RStudioServerProAppSettings/AccessStatus", + "userSettings/RStudioServerProAppSettings/UserGroup" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:scheduler:Schedule": { + "cf": "AWS::Scheduler::Schedule", + "inputs": { + "description": { + "type": "string", + "description": "The description of the schedule." + }, + "endDate": { + "type": "string", + "description": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the EndDate you specify." + }, + "flexibleTimeWindow": { + "$ref": "#/types/aws-native:scheduler:ScheduleFlexibleTimeWindow", + "description": "Allows you to configure a time window during which EventBridge Scheduler invokes the schedule." + }, + "groupName": { + "type": "string", + "description": "The name of the schedule group to associate with this schedule. If you omit this, the default schedule group is used." + }, + "kmsKeyArn": { + "type": "string", + "description": "The ARN for a KMS Key that will be used to encrypt customer data." + }, + "name": { + "type": "string", + "description": "The name of the schedule." + }, + "scheduleExpression": { + "type": "string", + "description": "The scheduling expression." + }, + "scheduleExpressionTimezone": { + "type": "string", + "description": "The timezone in which the scheduling expression is evaluated." + }, + "startDate": { + "type": "string", + "description": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the StartDate you specify." + }, + "state": { + "$ref": "#/types/aws-native:scheduler:ScheduleState", + "description": "Specifies whether the schedule is enabled or disabled.\n\n*Allowed Values* : `ENABLED` | `DISABLED`" + }, + "target": { + "$ref": "#/types/aws-native:scheduler:ScheduleTarget", + "description": "The schedule's target details." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the schedule." + }, + "description": { + "type": "string", + "description": "The description of the schedule." + }, + "endDate": { + "type": "string", + "description": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the EndDate you specify." + }, + "flexibleTimeWindow": { + "$ref": "#/types/aws-native:scheduler:ScheduleFlexibleTimeWindow", + "description": "Allows you to configure a time window during which EventBridge Scheduler invokes the schedule." + }, + "groupName": { + "type": "string", + "description": "The name of the schedule group to associate with this schedule. If you omit this, the default schedule group is used." + }, + "kmsKeyArn": { + "type": "string", + "description": "The ARN for a KMS Key that will be used to encrypt customer data." + }, + "name": { + "type": "string", + "description": "The name of the schedule.", + "replaceOnChanges": true + }, + "scheduleExpression": { + "type": "string", + "description": "The scheduling expression." + }, + "scheduleExpressionTimezone": { + "type": "string", + "description": "The timezone in which the scheduling expression is evaluated." + }, + "startDate": { + "type": "string", + "description": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the StartDate you specify." + }, + "state": { + "$ref": "#/types/aws-native:scheduler:ScheduleState", + "description": "Specifies whether the schedule is enabled or disabled.\n\n*Allowed Values* : `ENABLED` | `DISABLED`" + }, + "target": { + "$ref": "#/types/aws-native:scheduler:ScheduleTarget", + "description": "The schedule's target details." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "flexibleTimeWindow", + "scheduleExpression", + "target" + ], + "createOnly": [ + "name" + ] + }, + "aws-native:scheduler:ScheduleGroup": { + "cf": "AWS::Scheduler::ScheduleGroup", + "inputs": { + "name": { + "type": "string", + "description": "The name of the schedule group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags to associate with the schedule group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the schedule group." + }, + "creationDate": { + "type": "string", + "description": "The time at which the schedule group was created." + }, + "lastModificationDate": { + "type": "string", + "description": "The time at which the schedule group was last modified." + }, + "name": { + "type": "string", + "description": "The name of the schedule group.", + "replaceOnChanges": true + }, + "state": { + "$ref": "#/types/aws-native:scheduler:ScheduleGroupState", + "description": "Specifies the state of the schedule group.\n\n*Allowed Values* : `ACTIVE` | `DELETING`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags to associate with the schedule group." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:secretsmanager:ResourcePolicy": { + "cf": "AWS::SecretsManager::ResourcePolicy", + "inputs": { + "blockPublicPolicy": { + "type": "boolean", + "description": "Specifies whether to block resource-based policies that allow broad access to the secret." + }, + "resourcePolicy": { + "$ref": "pulumi.json#/Any", + "description": "A JSON-formatted string for an AWS resource-based policy.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SecretsManager::ResourcePolicy` for more information about the expected schema for this property.", + "language": { + "csharp": { + "name": "ResourcePolicyValue" + } + } + }, + "secretId": { + "type": "string", + "description": "The ARN or name of the secret to attach the resource-based policy." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The Arn of the secret." + }, + "blockPublicPolicy": { + "type": "boolean", + "description": "Specifies whether to block resource-based policies that allow broad access to the secret." + }, + "resourcePolicy": { + "$ref": "pulumi.json#/Any", + "description": "A JSON-formatted string for an AWS resource-based policy.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SecretsManager::ResourcePolicy` for more information about the expected schema for this property.", + "language": { + "csharp": { + "name": "ResourcePolicyValue" + } + } + }, + "secretId": { + "type": "string", + "description": "The ARN or name of the secret to attach the resource-based policy.", + "replaceOnChanges": true + } + }, + "required": [ + "resourcePolicy", + "secretId" + ], + "createOnly": [ + "secretId" + ], + "writeOnly": [ + "blockPublicPolicy" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:secretsmanager:Secret": { + "cf": "AWS::SecretsManager::Secret", + "inputs": { + "description": { + "type": "string", + "description": "The description of the secret." + }, + "generateSecretString": { + "$ref": "#/types/aws-native:secretsmanager:SecretGenerateSecretString", + "description": "A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the secret, use ``SecretString`` instead. If you omit both ``GenerateSecretString`` and ``SecretString``, you create an empty secret. When you make a change to this property, a new secret version is created.\n We recommend that you specify the maximum length and include every character type that the system you are generating a password for can support." + }, + "kmsKeyId": { + "type": "string", + "description": "The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt the secret value in the secret. An alias is always prefixed by ``alias/``, for example ``alias/aws/secretsmanager``. For more information, see [About aliases](https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html).\n To use a KMS key in a different account, use the key ARN or the alias ARN.\n If you don't specify this value, then Secrets Manager uses the key ``aws/secretsmanager``. If that key doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.\n If the secret is in a different AWS account from the credentials calling the API, then you can't use ``aws/secretsmanager`` to encrypt the secret, and you must create and use a customer managed KMS key." + }, + "name": { + "type": "string", + "description": "The name of the new secret.\n The secret name can contain ASCII letters, numbers, and the following characters: /_+=.@-\n Do not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN." + }, + "replicaRegions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:secretsmanager:SecretReplicaRegion" + }, + "description": "A custom type that specifies a ``Region`` and the ``KmsKeyId`` for a replica secret." + }, + "secretString": { + "type": "string", + "description": "The text to encrypt and store in the secret. We recommend you use a JSON structure of key/value pairs for your secret value. To generate a random password, use ``GenerateSecretString`` instead. If you omit both ``GenerateSecretString`` and ``SecretString``, you create an empty secret. When you make a change to this property, a new secret version is created." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n ``[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`` \n Secrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n Stack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret. \n If you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an ``Access Denied`` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2).\n For information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json). If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n The following restrictions apply to tags:\n + Maximum number of tags per secret: 50\n + Maximum key length: 127 Unicode characters in UTF-8\n + Maximum value length: 255 Unicode characters in UTF-8\n + Tag keys and values are case sensitive.\n + Do not use the ``aws:`` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n + If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The ARN of the secret." + }, + "description": { + "type": "string", + "description": "The description of the secret." + }, + "generateSecretString": { + "$ref": "#/types/aws-native:secretsmanager:SecretGenerateSecretString", + "description": "A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the secret, use ``SecretString`` instead. If you omit both ``GenerateSecretString`` and ``SecretString``, you create an empty secret. When you make a change to this property, a new secret version is created.\n We recommend that you specify the maximum length and include every character type that the system you are generating a password for can support." + }, + "kmsKeyId": { + "type": "string", + "description": "The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt the secret value in the secret. An alias is always prefixed by ``alias/``, for example ``alias/aws/secretsmanager``. For more information, see [About aliases](https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html).\n To use a KMS key in a different account, use the key ARN or the alias ARN.\n If you don't specify this value, then Secrets Manager uses the key ``aws/secretsmanager``. If that key doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.\n If the secret is in a different AWS account from the credentials calling the API, then you can't use ``aws/secretsmanager`` to encrypt the secret, and you must create and use a customer managed KMS key." + }, + "name": { + "type": "string", + "description": "The name of the new secret.\n The secret name can contain ASCII letters, numbers, and the following characters: /_+=.@-\n Do not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN.", + "replaceOnChanges": true + }, + "replicaRegions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:secretsmanager:SecretReplicaRegion" + }, + "description": "A custom type that specifies a ``Region`` and the ``KmsKeyId`` for a replica secret." + }, + "secretString": { + "type": "string", + "description": "The text to encrypt and store in the secret. We recommend you use a JSON structure of key/value pairs for your secret value. To generate a random password, use ``GenerateSecretString`` instead. If you omit both ``GenerateSecretString`` and ``SecretString``, you create an empty secret. When you make a change to this property, a new secret version is created." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n ``[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`` \n Secrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n Stack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret. \n If you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an ``Access Denied`` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2).\n For information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json). If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n The following restrictions apply to tags:\n + Maximum number of tags per secret: 50\n + Maximum key length: 127 Unicode characters in UTF-8\n + Maximum value length: 255 Unicode characters in UTF-8\n + Tag keys and values are case sensitive.\n + Do not use the ``aws:`` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n + If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "name" + ], + "writeOnly": [ + "generateSecretString", + "secretString" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:securityhub:AutomationRule": { + "cf": "AWS::SecurityHub::AutomationRule", + "inputs": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRulesAction" + }, + "description": "One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` ." + }, + "criteria": { + "$ref": "#/types/aws-native:securityhub:AutomationRulesFindingFilters", + "description": "A set of [Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding." + }, + "description": { + "type": "string", + "description": "A description of the rule." + }, + "isTerminal": { + "type": "boolean", + "description": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal." + }, + "ruleName": { + "type": "string", + "description": "The name of the rule." + }, + "ruleOrder": { + "type": "integer", + "description": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first." + }, + "ruleStatus": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleRuleStatus", + "description": "Whether the rule is active after it is created. If this parameter is equal to ``ENABLED``, ASH applies the rule to findings and finding updates after the rule is created." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-defined tags associated with an automation rule." + } + }, + "outputs": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRulesAction" + }, + "description": "One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` ." + }, + "createdAt": { + "type": "string", + "description": "A timestamp that indicates when the rule was created.\n\nUses the `date-time` format specified in [RFC 3339 section 5.6, Internet Date/Time Format](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3339#section-5.6) . The value cannot contain spaces. For example, `2020-03-22T13:22:13.933Z` ." + }, + "createdBy": { + "type": "string", + "description": "The principal that created the rule. For example, `arn:aws:sts::123456789012:assumed-role/Developer-Role/JaneDoe` ." + }, + "criteria": { + "$ref": "#/types/aws-native:securityhub:AutomationRulesFindingFilters", + "description": "A set of [Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding." + }, + "description": { + "type": "string", + "description": "A description of the rule." + }, + "isTerminal": { + "type": "boolean", + "description": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal." + }, + "ruleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the automation rule that you create. For example, `arn:aws:securityhub:us-east-1:123456789012:automation-rule/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` ." + }, + "ruleName": { + "type": "string", + "description": "The name of the rule." + }, + "ruleOrder": { + "type": "integer", + "description": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first." + }, + "ruleStatus": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleRuleStatus", + "description": "Whether the rule is active after it is created. If this parameter is equal to ``ENABLED``, ASH applies the rule to findings and finding updates after the rule is created." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-defined tags associated with an automation rule." + }, + "updatedAt": { + "type": "string", + "description": "A timestamp that indicates when the rule was most recently updated.\n\nUses the `date-time` format specified in [RFC 3339 section 5.6, Internet Date/Time Format](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3339#section-5.6) . The value cannot contain spaces. For example, `2020-03-22T13:22:13.933Z` ." + } + }, + "autoNamingSpec": { + "sdkName": "ruleName", + "minLength": 1, + "maxLength": 256 + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:securityhub:ConfigurationPolicy": { + "cf": "AWS::SecurityHub::ConfigurationPolicy", + "inputs": { + "configurationPolicy": { + "$ref": "#/types/aws-native:securityhub:ConfigurationPolicyPolicy", + "description": "An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).", + "language": { + "csharp": { + "name": "ConfigurationPolicyValue" + } + } + }, + "description": { + "type": "string", + "description": "The description of the configuration policy." + }, + "name": { + "type": "string", + "description": "The name of the configuration policy." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-defined tags associated with a configuration policy. For more information, see [Tagging AWS Security Hub resources](https://docs.aws.amazon.com/securityhub/latest/userguide/tagging-resources.html) in the *Security Hub user guide* ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the configuration policy." + }, + "awsId": { + "type": "string", + "description": "The universally unique identifier (UUID) of the configuration policy." + }, + "configurationPolicy": { + "$ref": "#/types/aws-native:securityhub:ConfigurationPolicyPolicy", + "description": "An object that defines how AWS Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).", + "language": { + "csharp": { + "name": "ConfigurationPolicyValue" + } + } + }, + "createdAt": { + "type": "string", + "description": "The date and time, in UTC and ISO 8601 format." + }, + "description": { + "type": "string", + "description": "The description of the configuration policy." + }, + "name": { + "type": "string", + "description": "The name of the configuration policy." + }, + "serviceEnabled": { + "type": "boolean", + "description": "Indicates whether the service that the configuration policy applies to is enabled in the policy." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-defined tags associated with a configuration policy. For more information, see [Tagging AWS Security Hub resources](https://docs.aws.amazon.com/securityhub/latest/userguide/tagging-resources.html) in the *Security Hub user guide* ." + }, + "updatedAt": { + "type": "string", + "description": "The date and time, in UTC and ISO 8601 format." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "configurationPolicy" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:securityhub:DelegatedAdmin": { + "cf": "AWS::SecurityHub::DelegatedAdmin", + "inputs": { + "adminAccountId": { + "type": "string", + "description": "The Amazon Web Services account identifier of the account to designate as the Security Hub administrator account" + } + }, + "outputs": { + "adminAccountId": { + "type": "string", + "description": "The Amazon Web Services account identifier of the account to designate as the Security Hub administrator account", + "replaceOnChanges": true + }, + "delegatedAdminIdentifier": { + "type": "string", + "description": "The identifier of the DelegatedAdmin being created and assigned as the unique identifier" + }, + "status": { + "$ref": "#/types/aws-native:securityhub:DelegatedAdminStatus", + "description": "The current status of the Security Hub administrator account. Indicates whether the account is currently enabled as a Security Hub administrator" + } + }, + "required": [ + "adminAccountId" + ], + "createOnly": [ + "adminAccountId" + ], + "tagsProperty": "tags" + }, + "aws-native:securityhub:FindingAggregator": { + "cf": "AWS::SecurityHub::FindingAggregator", + "inputs": { + "regionLinkingMode": { + "$ref": "#/types/aws-native:securityhub:FindingAggregatorRegionLinkingMode", + "description": "Indicates whether to link all Regions, all Regions except for a list of excluded Regions, or a list of included Regions" + }, + "regions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of excluded Regions or included Regions" + } + }, + "outputs": { + "findingAggregationRegion": { + "type": "string", + "description": "The aggregation Region of the FindingAggregator" + }, + "findingAggregatorArn": { + "type": "string", + "description": "The ARN of the FindingAggregator being created and assigned as the unique identifier" + }, + "regionLinkingMode": { + "$ref": "#/types/aws-native:securityhub:FindingAggregatorRegionLinkingMode", + "description": "Indicates whether to link all Regions, all Regions except for a list of excluded Regions, or a list of included Regions" + }, + "regions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of excluded Regions or included Regions" + } + }, + "required": [ + "regionLinkingMode" + ] + }, + "aws-native:securityhub:Hub": { + "cf": "AWS::SecurityHub::Hub", + "inputs": { + "autoEnableControls": { + "type": "boolean", + "description": "Whether to automatically enable new controls when they are added to standards that are enabled" + }, + "controlFindingGenerator": { + "type": "string", + "description": "This field, used when enabling Security Hub, specifies whether the calling account has consolidated control findings turned on. If the value for this field is set to SECURITY_CONTROL, Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards. If the value for this field is set to STANDARD_CONTROL, Security Hub generates separate findings for a control check when the check applies to multiple enabled standards." + }, + "enableDefaultStandards": { + "type": "boolean", + "description": "Whether to enable the security standards that Security Hub has designated as automatically enabled." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "An ARN is automatically created for the customer." + }, + "autoEnableControls": { + "type": "boolean", + "description": "Whether to automatically enable new controls when they are added to standards that are enabled" + }, + "controlFindingGenerator": { + "type": "string", + "description": "This field, used when enabling Security Hub, specifies whether the calling account has consolidated control findings turned on. If the value for this field is set to SECURITY_CONTROL, Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards. If the value for this field is set to STANDARD_CONTROL, Security Hub generates separate findings for a control check when the check applies to multiple enabled standards." + }, + "enableDefaultStandards": { + "type": "boolean", + "description": "Whether to enable the security standards that Security Hub has designated as automatically enabled." + }, + "subscribedAt": { + "type": "string", + "description": "The date and time when Security Hub was enabled in the account." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "writeOnly": [ + "enableDefaultStandards" + ], + "irreversibleNames": { + "arn": "ARN" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:securityhub:Insight": { + "cf": "AWS::SecurityHub::Insight", + "inputs": { + "filters": { + "$ref": "#/types/aws-native:securityhub:InsightAwsSecurityFindingFilters", + "description": "One or more attributes used to filter the findings included in the insight" + }, + "groupByAttribute": { + "type": "string", + "description": "The grouping attribute for the insight's findings" + }, + "name": { + "type": "string", + "description": "The name of a Security Hub insight" + } + }, + "outputs": { + "filters": { + "$ref": "#/types/aws-native:securityhub:InsightAwsSecurityFindingFilters", + "description": "One or more attributes used to filter the findings included in the insight" + }, + "groupByAttribute": { + "type": "string", + "description": "The grouping attribute for the insight's findings" + }, + "insightArn": { + "type": "string", + "description": "The ARN of a Security Hub insight" + }, + "name": { + "type": "string", + "description": "The name of a Security Hub insight" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "filters", + "groupByAttribute" + ] + }, + "aws-native:securityhub:OrganizationConfiguration": { + "cf": "AWS::SecurityHub::OrganizationConfiguration", + "inputs": { + "autoEnable": { + "type": "boolean", + "description": "Whether to automatically enable Security Hub in new member accounts when they join the organization." + }, + "autoEnableStandards": { + "$ref": "#/types/aws-native:securityhub:OrganizationConfigurationAutoEnableStandards", + "description": "Whether to automatically enable Security Hub default standards in new member accounts when they join the organization." + }, + "configurationType": { + "$ref": "#/types/aws-native:securityhub:OrganizationConfigurationConfigurationType", + "description": "Indicates whether the organization uses local or central configuration." + } + }, + "outputs": { + "autoEnable": { + "type": "boolean", + "description": "Whether to automatically enable Security Hub in new member accounts when they join the organization." + }, + "autoEnableStandards": { + "$ref": "#/types/aws-native:securityhub:OrganizationConfigurationAutoEnableStandards", + "description": "Whether to automatically enable Security Hub default standards in new member accounts when they join the organization." + }, + "configurationType": { + "$ref": "#/types/aws-native:securityhub:OrganizationConfigurationConfigurationType", + "description": "Indicates whether the organization uses local or central configuration." + }, + "memberAccountLimitReached": { + "type": "boolean", + "description": "Whether the maximum number of allowed member accounts are already associated with the Security Hub administrator account." + }, + "organizationConfigurationIdentifier": { + "type": "string", + "description": "The identifier of the OrganizationConfiguration being created and assigned as the unique identifier." + }, + "status": { + "$ref": "#/types/aws-native:securityhub:OrganizationConfigurationStatus", + "description": "Describes whether central configuration could be enabled as the ConfigurationType for the organization." + }, + "statusMessage": { + "type": "string", + "description": "Provides an explanation if the value of Status is equal to FAILED when ConfigurationType is equal to CENTRAL." + } + }, + "required": [ + "autoEnable" + ] + }, + "aws-native:securityhub:PolicyAssociation": { + "cf": "AWS::SecurityHub::PolicyAssociation", + "inputs": { + "configurationPolicyId": { + "type": "string", + "description": "The universally unique identifier (UUID) of the configuration policy or a value of SELF_MANAGED_SECURITY_HUB for a self-managed configuration" + }, + "targetId": { + "type": "string", + "description": "The identifier of the target account, organizational unit, or the root" + }, + "targetType": { + "$ref": "#/types/aws-native:securityhub:PolicyAssociationTargetType", + "description": "Indicates whether the target is an AWS account, organizational unit, or the organization root" + } + }, + "outputs": { + "associationIdentifier": { + "type": "string", + "description": "A unique identifier to indicates if the target has an association" + }, + "associationStatus": { + "$ref": "#/types/aws-native:securityhub:PolicyAssociationAssociationStatus", + "description": "The current status of the association between the specified target and the configuration" + }, + "associationStatusMessage": { + "type": "string", + "description": "An explanation for a FAILED value for AssociationStatus" + }, + "associationType": { + "$ref": "#/types/aws-native:securityhub:PolicyAssociationAssociationType", + "description": "Indicates whether the association between the specified target and the configuration was directly applied by the Security Hub delegated administrator or inherited from a parent" + }, + "configurationPolicyId": { + "type": "string", + "description": "The universally unique identifier (UUID) of the configuration policy or a value of SELF_MANAGED_SECURITY_HUB for a self-managed configuration" + }, + "targetId": { + "type": "string", + "description": "The identifier of the target account, organizational unit, or the root", + "replaceOnChanges": true + }, + "targetType": { + "$ref": "#/types/aws-native:securityhub:PolicyAssociationTargetType", + "description": "Indicates whether the target is an AWS account, organizational unit, or the organization root", + "replaceOnChanges": true + }, + "updatedAt": { + "type": "string", + "description": "The date and time, in UTC and ISO 8601 format, that the configuration policy association was last updated" + } + }, + "required": [ + "configurationPolicyId", + "targetId", + "targetType" + ], + "createOnly": [ + "targetId", + "targetType" + ] + }, + "aws-native:securityhub:ProductSubscription": { + "cf": "AWS::SecurityHub::ProductSubscription", + "inputs": { + "productArn": { + "type": "string", + "description": "The generic ARN of the product being subscribed to" + } + }, + "outputs": { + "productArn": { + "type": "string", + "description": "The generic ARN of the product being subscribed to", + "replaceOnChanges": true + }, + "productSubscriptionArn": { + "type": "string", + "description": "The ARN of the product subscription for the account" + } + }, + "required": [ + "productArn" + ], + "createOnly": [ + "productArn" + ], + "tagsProperty": "tags" + }, + "aws-native:securityhub:SecurityControl": { + "cf": "AWS::SecurityHub::SecurityControl", + "inputs": { + "lastUpdateReason": { + "type": "string", + "description": "The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:securityhub:SecurityControlParameterConfiguration" + }, + "description": "An object that identifies the name of a control parameter, its current value, and whether it has been customized." + }, + "securityControlArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for a security control across standards, such as `arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1`. This parameter doesn't mention a specific standard." + }, + "securityControlId": { + "type": "string", + "description": "The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3." + } + }, + "outputs": { + "lastUpdateReason": { + "type": "string", + "description": "The most recent reason for updating the customizable properties of a security control. This differs from the UpdateReason field of the BatchUpdateStandardsControlAssociations API, which tracks the reason for updating the enablement status of a control. This field accepts alphanumeric characters in addition to white spaces, dashes, and underscores." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:securityhub:SecurityControlParameterConfiguration" + }, + "description": "An object that identifies the name of a control parameter, its current value, and whether it has been customized." + }, + "securityControlArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for a security control across standards, such as `arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1`. This parameter doesn't mention a specific standard." + }, + "securityControlId": { + "type": "string", + "description": "The unique identifier of a security control across standards. Values for this field typically consist of an AWS service name and a number, such as APIGateway.3.", + "replaceOnChanges": true + } + }, + "required": [ + "parameters" + ], + "createOnly": [ + "securityControlId" + ] + }, + "aws-native:securityhub:Standard": { + "cf": "AWS::SecurityHub::Standard", + "inputs": { + "disabledStandardsControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:StandardsControl" + }, + "description": "Specifies which controls are to be disabled in a standard. \n *Maximum*: ``100``" + }, + "standardsArn": { + "type": "string", + "description": "The ARN of the standard that you want to enable. To view a list of available ASH standards and their ARNs, use the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation." + } + }, + "outputs": { + "disabledStandardsControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:StandardsControl" + }, + "description": "Specifies which controls are to be disabled in a standard. \n *Maximum*: ``100``" + }, + "standardsArn": { + "type": "string", + "description": "The ARN of the standard that you want to enable. To view a list of available ASH standards and their ARNs, use the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.", + "replaceOnChanges": true + }, + "standardsSubscriptionArn": { + "type": "string", + "description": "The ARN of a resource that represents your subscription to a supported standard." + } + }, + "required": [ + "standardsArn" + ], + "createOnly": [ + "standardsArn" + ], + "tagsProperty": "tags" + }, + "aws-native:securitylake:AwsLogSource": { + "cf": "AWS::SecurityLake::AwsLogSource", + "inputs": { + "accounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "AWS account where you want to collect logs from." + }, + "dataLakeArn": { + "type": "string", + "description": "The ARN for the data lake." + }, + "sourceName": { + "type": "string", + "description": "The name for a AWS source. This must be a Regionally unique value." + }, + "sourceVersion": { + "type": "string", + "description": "The version for a AWS source. This must be a Regionally unique value." + } + }, + "outputs": { + "accounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "AWS account where you want to collect logs from." + }, + "dataLakeArn": { + "type": "string", + "description": "The ARN for the data lake.", + "replaceOnChanges": true + }, + "sourceName": { + "type": "string", + "description": "The name for a AWS source. This must be a Regionally unique value.", + "replaceOnChanges": true + }, + "sourceVersion": { + "type": "string", + "description": "The version for a AWS source. This must be a Regionally unique value.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "sourceName" + }, + "required": [ + "dataLakeArn", + "sourceVersion" + ], + "createOnly": [ + "dataLakeArn", + "sourceName", + "sourceVersion" + ] + }, + "aws-native:securitylake:DataLake": { + "cf": "AWS::SecurityLake::DataLake", + "inputs": { + "encryptionConfiguration": { + "$ref": "#/types/aws-native:securitylake:DataLakeEncryptionConfiguration", + "description": "Provides encryption details of the Amazon Security Lake object." + }, + "lifecycleConfiguration": { + "$ref": "#/types/aws-native:securitylake:DataLakeLifecycleConfiguration", + "description": "You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see [Lifecycle management](https://docs.aws.amazon.com//security-lake/latest/userguide/lifecycle-management.html) in the Amazon Security Lake User Guide." + }, + "metaStoreManagerRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) used to index AWS Glue table partitions that are generated by the ingestion and normalization of AWS log sources and custom sources." + }, + "replicationConfiguration": { + "$ref": "#/types/aws-native:securitylake:DataLakeReplicationConfiguration", + "description": "Provides replication details of Amazon Security Lake object." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) created by you to provide to the subscriber." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:securitylake:DataLakeEncryptionConfiguration", + "description": "Provides encryption details of the Amazon Security Lake object." + }, + "lifecycleConfiguration": { + "$ref": "#/types/aws-native:securitylake:DataLakeLifecycleConfiguration", + "description": "You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see [Lifecycle management](https://docs.aws.amazon.com//security-lake/latest/userguide/lifecycle-management.html) in the Amazon Security Lake User Guide." + }, + "metaStoreManagerRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) used to index AWS Glue table partitions that are generated by the ingestion and normalization of AWS log sources and custom sources." + }, + "replicationConfiguration": { + "$ref": "#/types/aws-native:securitylake:DataLakeReplicationConfiguration", + "description": "Provides replication details of Amazon Security Lake object." + }, + "s3BucketArn": { + "type": "string", + "description": "The ARN for the Amazon Security Lake Amazon S3 bucket." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string." + } + }, + "writeOnly": [ + "metaStoreManagerRoleArn" + ], + "irreversibleNames": { + "s3BucketArn": "S3BucketArn" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:securitylake:Subscriber": { + "cf": "AWS::SecurityLake::Subscriber", + "inputs": { + "accessTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securitylake:SubscriberAccessTypesItem" + }, + "description": "You can choose to notify subscribers of new objects with an Amazon Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the subscriber.\n\nSubscribers can consume data by directly querying AWS Lake Formation tables in your Amazon S3 bucket through services like Amazon Athena. This subscription type is defined as `LAKEFORMATION` ." + }, + "dataLakeArn": { + "type": "string", + "description": "The ARN for the data lake." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securitylake:SubscriberSource" + }, + "description": "The supported AWS services from which logs and events are collected." + }, + "subscriberDescription": { + "type": "string", + "description": "The description for your subscriber account in Security Lake." + }, + "subscriberIdentity": { + "$ref": "#/types/aws-native:securitylake:SubscriberIdentityProperties", + "description": "The AWS identity used to access your data." + }, + "subscriberName": { + "type": "string", + "description": "The name of your Security Lake subscriber account." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of objects, one for each tag to associate with the subscriber. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string." + } + }, + "outputs": { + "accessTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securitylake:SubscriberAccessTypesItem" + }, + "description": "You can choose to notify subscribers of new objects with an Amazon Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the subscriber.\n\nSubscribers can consume data by directly querying AWS Lake Formation tables in your Amazon S3 bucket through services like Amazon Athena. This subscription type is defined as `LAKEFORMATION` ." + }, + "dataLakeArn": { + "type": "string", + "description": "The ARN for the data lake.", + "replaceOnChanges": true + }, + "resourceShareArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon Security Lake subscriber." + }, + "resourceShareName": { + "type": "string", + "description": "The ARN name of the Amazon Security Lake subscriber." + }, + "s3BucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the S3 bucket." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securitylake:SubscriberSource" + }, + "description": "The supported AWS services from which logs and events are collected." + }, + "subscriberArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Security Lake subscriber." + }, + "subscriberDescription": { + "type": "string", + "description": "The description for your subscriber account in Security Lake." + }, + "subscriberIdentity": { + "$ref": "#/types/aws-native:securitylake:SubscriberIdentityProperties", + "description": "The AWS identity used to access your data." + }, + "subscriberName": { + "type": "string", + "description": "The name of your Security Lake subscriber account." + }, + "subscriberRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the role used to create the Security Lake subscriber." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of objects, one for each tag to associate with the subscriber. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string." + } + }, + "autoNamingSpec": { + "sdkName": "subscriberName", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "accessTypes", + "dataLakeArn", + "sources", + "subscriberIdentity" + ], + "createOnly": [ + "dataLakeArn" + ], + "irreversibleNames": { + "s3BucketArn": "S3BucketArn" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:securitylake:SubscriberNotification": { + "cf": "AWS::SecurityLake::SubscriberNotification", + "inputs": { + "notificationConfiguration": { + "$ref": "#/types/aws-native:securitylake:SubscriberNotificationNotificationConfiguration", + "description": "Specify the configurations you want to use for subscriber notification. The subscriber is notified when new data is written to the data lake for sources that the subscriber consumes in Security Lake ." + }, + "subscriberArn": { + "type": "string", + "description": "The ARN for the subscriber" + } + }, + "outputs": { + "notificationConfiguration": { + "$ref": "#/types/aws-native:securitylake:SubscriberNotificationNotificationConfiguration", + "description": "Specify the configurations you want to use for subscriber notification. The subscriber is notified when new data is written to the data lake for sources that the subscriber consumes in Security Lake ." + }, + "subscriberArn": { + "type": "string", + "description": "The ARN for the subscriber", + "replaceOnChanges": true + }, + "subscriberEndpoint": { + "type": "string", + "description": "The endpoint the subscriber should listen to for notifications" + } + }, + "required": [ + "notificationConfiguration", + "subscriberArn" + ], + "createOnly": [ + "subscriberArn" + ], + "writeOnly": [ + "notificationConfiguration/HttpsNotificationConfiguration/AuthorizationApiKeyName", + "notificationConfiguration/HttpsNotificationConfiguration/AuthorizationApiKeyValue", + "notificationConfiguration/HttpsNotificationConfiguration/Endpoint", + "notificationConfiguration/HttpsNotificationConfiguration/HttpMethod", + "notificationConfiguration/HttpsNotificationConfiguration/TargetRoleArn" + ] + }, + "aws-native:servicecatalog:CloudFormationProvisionedProduct": { + "cf": "AWS::ServiceCatalog::CloudFormationProvisionedProduct", + "inputs": { + "acceptLanguage": { + "$ref": "#/types/aws-native:servicecatalog:CloudFormationProvisionedProductAcceptLanguage", + "description": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese" + }, + "notificationArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Passed to AWS CloudFormation . The SNS topic ARNs to which to publish stack-related events." + }, + "pathId": { + "type": "string", + "description": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n\u003e You must provide the name or ID, but not both." + }, + "pathName": { + "type": "string", + "description": "The name of the path. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n\u003e You must provide the name or ID, but not both." + }, + "productId": { + "type": "string", + "description": "The product identifier.\n\n\u003e You must specify either the ID or the name of the product, but not both." + }, + "productName": { + "type": "string", + "description": "The name of the Service Catalog product.\n\nEach time a stack is created or updated, if `ProductName` is provided it will successfully resolve to `ProductId` as long as only one product exists in the account or Region with that `ProductName` .\n\n\u003e You must specify either the name or the ID of the product, but not both." + }, + "provisionedProductName": { + "type": "string", + "description": "A user-friendly name for the provisioned product. This value must be unique for the AWS account and cannot be updated after the product is provisioned." + }, + "provisioningArtifactId": { + "type": "string", + "description": "The identifier of the provisioning artifact (also known as a version).\n\n\u003e You must specify either the ID or the name of the provisioning artifact, but not both." + }, + "provisioningArtifactName": { + "type": "string", + "description": "The name of the provisioning artifact (also known as a version) for the product. This name must be unique for the product.\n\n\u003e You must specify either the name or the ID of the provisioning artifact, but not both. You must also specify either the name or the ID of the product, but not both." + }, + "provisioningParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:servicecatalog:CloudFormationProvisionedProductProvisioningParameter" + }, + "description": "Parameters specified by the administrator that are required for provisioning the product." + }, + "provisioningPreferences": { + "$ref": "#/types/aws-native:servicecatalog:CloudFormationProvisionedProductProvisioningPreferences", + "description": "StackSet preferences that are required for provisioning the product or updating a provisioned product." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags.\n\n\u003e Requires the provisioned product to have an [ResourceUpdateConstraint](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-resourceupdateconstraint.html) resource with `TagUpdatesOnProvisionedProduct` set to `ALLOWED` to allow tag updates. If `RESOURCE_UPDATE` constraint is not present, tags updates are ignored." + } + }, + "outputs": { + "acceptLanguage": { + "$ref": "#/types/aws-native:servicecatalog:CloudFormationProvisionedProductAcceptLanguage", + "description": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese" + }, + "cloudformationStackArn": { + "type": "string" + }, + "notificationArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Passed to AWS CloudFormation . The SNS topic ARNs to which to publish stack-related events.", + "replaceOnChanges": true + }, + "outputs": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "List of key-value pair outputs." + }, + "pathId": { + "type": "string", + "description": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n\u003e You must provide the name or ID, but not both." + }, + "pathName": { + "type": "string", + "description": "The name of the path. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n\u003e You must provide the name or ID, but not both." + }, + "productId": { + "type": "string", + "description": "The product identifier.\n\n\u003e You must specify either the ID or the name of the product, but not both." + }, + "productName": { + "type": "string", + "description": "The name of the Service Catalog product.\n\nEach time a stack is created or updated, if `ProductName` is provided it will successfully resolve to `ProductId` as long as only one product exists in the account or Region with that `ProductName` .\n\n\u003e You must specify either the name or the ID of the product, but not both." + }, + "provisionedProductId": { + "type": "string", + "description": "The ID of the provisioned product." + }, + "provisionedProductName": { + "type": "string", + "description": "A user-friendly name for the provisioned product. This value must be unique for the AWS account and cannot be updated after the product is provisioned.", + "replaceOnChanges": true + }, + "provisioningArtifactId": { + "type": "string", + "description": "The identifier of the provisioning artifact (also known as a version).\n\n\u003e You must specify either the ID or the name of the provisioning artifact, but not both." + }, + "provisioningArtifactName": { + "type": "string", + "description": "The name of the provisioning artifact (also known as a version) for the product. This name must be unique for the product.\n\n\u003e You must specify either the name or the ID of the provisioning artifact, but not both. You must also specify either the name or the ID of the product, but not both." + }, + "provisioningParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:servicecatalog:CloudFormationProvisionedProductProvisioningParameter" + }, + "description": "Parameters specified by the administrator that are required for provisioning the product." + }, + "provisioningPreferences": { + "$ref": "#/types/aws-native:servicecatalog:CloudFormationProvisionedProductProvisioningPreferences", + "description": "StackSet preferences that are required for provisioning the product or updating a provisioned product." + }, + "recordId": { + "type": "string", + "description": "The ID of the record, such as `rec-rjeatvy434trk` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tags.\n\n\u003e Requires the provisioned product to have an [ResourceUpdateConstraint](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-resourceupdateconstraint.html) resource with `TagUpdatesOnProvisionedProduct` set to `ALLOWED` to allow tag updates. If `RESOURCE_UPDATE` constraint is not present, tags updates are ignored." + } + }, + "createOnly": [ + "notificationArns", + "provisionedProductName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:servicecatalog:ServiceAction": { + "cf": "AWS::ServiceCatalog::ServiceAction", + "inputs": { + "acceptLanguage": { + "$ref": "#/types/aws-native:servicecatalog:ServiceActionAcceptLanguage", + "description": "The language code.\n\n- `en` - English (default)\n- `jp` - Japanese\n- `zh` - Chinese" + }, + "definition": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:servicecatalog:ServiceActionDefinitionParameter" + }, + "description": "A map that defines the self-service action." + }, + "definitionType": { + "$ref": "#/types/aws-native:servicecatalog:ServiceActionDefinitionType", + "description": "The self-service action definition type. For example, `SSM_AUTOMATION` ." + }, + "description": { + "type": "string", + "description": "The self-service action description." + }, + "name": { + "type": "string", + "description": "The self-service action name." + } + }, + "outputs": { + "acceptLanguage": { + "$ref": "#/types/aws-native:servicecatalog:ServiceActionAcceptLanguage", + "description": "The language code.\n\n- `en` - English (default)\n- `jp` - Japanese\n- `zh` - Chinese" + }, + "awsId": { + "type": "string", + "description": "The self-service action identifier. For example, `act-fs7abcd89wxyz` ." + }, + "definition": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:servicecatalog:ServiceActionDefinitionParameter" + }, + "description": "A map that defines the self-service action." + }, + "definitionType": { + "$ref": "#/types/aws-native:servicecatalog:ServiceActionDefinitionType", + "description": "The self-service action definition type. For example, `SSM_AUTOMATION` ." + }, + "description": { + "type": "string", + "description": "The self-service action description." + }, + "name": { + "type": "string", + "description": "The self-service action name." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "definition", + "definitionType" + ], + "writeOnly": [ + "acceptLanguage" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:servicecatalog:ServiceActionAssociation": { + "cf": "AWS::ServiceCatalog::ServiceActionAssociation", + "inputs": { + "productId": { + "type": "string", + "description": "The product identifier. For example, `prod-abcdzk7xy33qa` ." + }, + "provisioningArtifactId": { + "type": "string", + "description": "The identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne` ." + }, + "serviceActionId": { + "type": "string", + "description": "The self-service action identifier. For example, `act-fs7abcd89wxyz` ." + } + }, + "outputs": { + "productId": { + "type": "string", + "description": "The product identifier. For example, `prod-abcdzk7xy33qa` .", + "replaceOnChanges": true + }, + "provisioningArtifactId": { + "type": "string", + "description": "The identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne` .", + "replaceOnChanges": true + }, + "serviceActionId": { + "type": "string", + "description": "The self-service action identifier. For example, `act-fs7abcd89wxyz` .", + "replaceOnChanges": true + } + }, + "required": [ + "productId", + "provisioningArtifactId", + "serviceActionId" + ], + "createOnly": [ + "productId", + "provisioningArtifactId", + "serviceActionId" + ] + }, + "aws-native:servicecatalogappregistry:Application": { + "cf": "AWS::ServiceCatalogAppRegistry::Application", + "inputs": { + "description": { + "type": "string", + "description": "The description of the application. " + }, + "name": { + "type": "string", + "description": "The name of the application. " + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Key-value pairs you can use to associate with the application." + } + }, + "outputs": { + "applicationName": { + "type": "string", + "description": "The name of the application. " + }, + "applicationTagKey": { + "type": "string", + "description": "The key of the AWS application tag, which is awsApplication. Applications created before 11/13/2023 or applications without the AWS application tag resource group return no value." + }, + "applicationTagValue": { + "type": "string", + "description": "The value of the AWS application tag, which is the identifier of an associated resource. Applications created before 11/13/2023 or applications without the AWS application tag resource group return no value. " + }, + "arn": { + "type": "string", + "description": "The Amazon resource name (ARN) that specifies the application across services." + }, + "awsId": { + "type": "string", + "description": "The identifier of the application." + }, + "description": { + "type": "string", + "description": "The description of the application. " + }, + "name": { + "type": "string", + "description": "The name of the application. " + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Key-value pairs you can use to associate with the application." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:servicecatalogappregistry:AttributeGroup": { + "cf": "AWS::ServiceCatalogAppRegistry::AttributeGroup", + "inputs": { + "attributes": { + "$ref": "pulumi.json#/Any", + "description": "A nested object in a JSON or YAML template that supports arbitrary definitions. Represents the attributes in an attribute group that describes an application and its components.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ServiceCatalogAppRegistry::AttributeGroup` for more information about the expected schema for this property." + }, + "description": { + "type": "string", + "description": "The description of the attribute group. " + }, + "name": { + "type": "string", + "description": "The name of the attribute group. " + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Key-value pairs you can use to associate with the attribute group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon resource name (ARN) that specifies the attribute group across services." + }, + "attributes": { + "$ref": "pulumi.json#/Any", + "description": "A nested object in a JSON or YAML template that supports arbitrary definitions. Represents the attributes in an attribute group that describes an application and its components.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::ServiceCatalogAppRegistry::AttributeGroup` for more information about the expected schema for this property." + }, + "awsId": { + "type": "string", + "description": "The globally unique attribute group identifier of the attribute group." + }, + "description": { + "type": "string", + "description": "The description of the attribute group. " + }, + "name": { + "type": "string", + "description": "The name of the attribute group. " + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Key-value pairs you can use to associate with the attribute group." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "attributes" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:servicecatalogappregistry:AttributeGroupAssociation": { + "cf": "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation", + "inputs": { + "application": { + "type": "string", + "description": "The name or the Id of the Application." + }, + "attributeGroup": { + "type": "string", + "description": "The name or the Id of the AttributeGroup." + } + }, + "outputs": { + "application": { + "type": "string", + "description": "The name or the Id of the Application.", + "replaceOnChanges": true + }, + "applicationArn": { + "type": "string", + "description": "The Amazon resource name (ARN) of the application that was augmented with attributes." + }, + "attributeGroup": { + "type": "string", + "description": "The name or the Id of the AttributeGroup.", + "replaceOnChanges": true + }, + "attributeGroupArn": { + "type": "string", + "description": "The Amazon resource name (ARN) of the attribute group which contains the application's new attributes." + } + }, + "required": [ + "application", + "attributeGroup" + ], + "createOnly": [ + "application", + "attributeGroup" + ] + }, + "aws-native:servicecatalogappregistry:ResourceAssociation": { + "cf": "AWS::ServiceCatalogAppRegistry::ResourceAssociation", + "inputs": { + "application": { + "type": "string", + "description": "The name or the Id of the Application." + }, + "resource": { + "type": "string", + "description": "The name or the Id of the Resource." + }, + "resourceType": { + "$ref": "#/types/aws-native:servicecatalogappregistry:ResourceAssociationResourceType", + "description": "The type of the CFN Resource for now it's enum CFN_STACK." + } + }, + "outputs": { + "application": { + "type": "string", + "description": "The name or the Id of the Application.", + "replaceOnChanges": true + }, + "applicationArn": { + "type": "string", + "description": "The Amazon resource name (ARN) that specifies the application." + }, + "resource": { + "type": "string", + "description": "The name or the Id of the Resource.", + "replaceOnChanges": true + }, + "resourceArn": { + "type": "string", + "description": "The Amazon resource name (ARN) that specifies the resource." + }, + "resourceType": { + "$ref": "#/types/aws-native:servicecatalogappregistry:ResourceAssociationResourceType", + "description": "The type of the CFN Resource for now it's enum CFN_STACK.", + "replaceOnChanges": true + } + }, + "required": [ + "application", + "resource", + "resourceType" + ], + "createOnly": [ + "application", + "resource", + "resourceType" + ] + }, + "aws-native:ses:ConfigurationSet": { + "cf": "AWS::SES::ConfigurationSet", + "inputs": { + "deliveryOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetDeliveryOptions", + "description": "Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS)." + }, + "name": { + "type": "string", + "description": "The name of the configuration set." + }, + "reputationOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetReputationOptions", + "description": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set." + }, + "sendingOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetSendingOptions", + "description": "An object that defines whether or not Amazon SES can send email that you send using the configuration set." + }, + "suppressionOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetSuppressionOptions", + "description": "An object that contains information about the suppression list preferences for your account." + }, + "trackingOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetTrackingOptions", + "description": "An object that defines the open and click tracking options for emails that you send using the configuration set." + }, + "vdmOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetVdmOptions", + "description": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set." + } + }, + "outputs": { + "deliveryOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetDeliveryOptions", + "description": "Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS)." + }, + "name": { + "type": "string", + "description": "The name of the configuration set.", + "replaceOnChanges": true + }, + "reputationOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetReputationOptions", + "description": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set." + }, + "sendingOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetSendingOptions", + "description": "An object that defines whether or not Amazon SES can send email that you send using the configuration set." + }, + "suppressionOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetSuppressionOptions", + "description": "An object that contains information about the suppression list preferences for your account." + }, + "trackingOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetTrackingOptions", + "description": "An object that defines the open and click tracking options for emails that you send using the configuration set." + }, + "vdmOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetVdmOptions", + "description": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "name" + ] + }, + "aws-native:ses:ConfigurationSetEventDestination": { + "cf": "AWS::SES::ConfigurationSetEventDestination", + "inputs": { + "configurationSetName": { + "type": "string", + "description": "The name of the configuration set that contains the event destination." + }, + "eventDestination": { + "$ref": "#/types/aws-native:ses:ConfigurationSetEventDestinationEventDestination", + "description": "The event destination object." + } + }, + "outputs": { + "awsId": { + "type": "string" + }, + "configurationSetName": { + "type": "string", + "description": "The name of the configuration set that contains the event destination.", + "replaceOnChanges": true + }, + "eventDestination": { + "$ref": "#/types/aws-native:ses:ConfigurationSetEventDestinationEventDestination", + "description": "The event destination object." + } + }, + "required": [ + "configurationSetName", + "eventDestination" + ], + "createOnly": [ + "configurationSetName" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:ses:ContactList": { + "cf": "AWS::SES::ContactList", + "inputs": { + "contactListName": { + "type": "string", + "description": "The name of the contact list." + }, + "description": { + "type": "string", + "description": "The description of the contact list." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the contact list." + }, + "topics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ses:ContactListTopic" + }, + "description": "The topics associated with the contact list." + } + }, + "outputs": { + "contactListName": { + "type": "string", + "description": "The name of the contact list.", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the contact list." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags (keys and values) associated with the contact list." + }, + "topics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ses:ContactListTopic" + }, + "description": "The topics associated with the contact list." + } + }, + "autoNamingSpec": { + "sdkName": "contactListName" + }, + "createOnly": [ + "contactListName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ses:DedicatedIpPool": { + "cf": "AWS::SES::DedicatedIpPool", + "inputs": { + "poolName": { + "type": "string", + "description": "The name of the dedicated IP pool." + }, + "scalingMode": { + "type": "string", + "description": "Specifies whether the dedicated IP pool is managed or not. The default value is STANDARD." + } + }, + "outputs": { + "poolName": { + "type": "string", + "description": "The name of the dedicated IP pool.", + "replaceOnChanges": true + }, + "scalingMode": { + "type": "string", + "description": "Specifies whether the dedicated IP pool is managed or not. The default value is STANDARD." + } + }, + "autoNamingSpec": { + "sdkName": "poolName" + }, + "createOnly": [ + "poolName" + ] + }, + "aws-native:ses:EmailIdentity": { + "cf": "AWS::SES::EmailIdentity", + "inputs": { + "configurationSetAttributes": { + "$ref": "#/types/aws-native:ses:EmailIdentityConfigurationSetAttributes", + "description": "Used to associate a configuration set with an email identity." + }, + "dkimAttributes": { + "$ref": "#/types/aws-native:ses:EmailIdentityDkimAttributes", + "description": "An object that contains information about the DKIM attributes for the identity." + }, + "dkimSigningAttributes": { + "$ref": "#/types/aws-native:ses:EmailIdentityDkimSigningAttributes", + "description": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address." + }, + "emailIdentity": { + "type": "string", + "description": "The email address or domain to verify.", + "language": { + "csharp": { + "name": "EmailIdentityValue" + } + } + }, + "feedbackAttributes": { + "$ref": "#/types/aws-native:ses:EmailIdentityFeedbackAttributes", + "description": "Used to enable or disable feedback forwarding for an identity." + }, + "mailFromAttributes": { + "$ref": "#/types/aws-native:ses:EmailIdentityMailFromAttributes", + "description": "Used to enable or disable the custom Mail-From domain configuration for an email identity." + } + }, + "outputs": { + "configurationSetAttributes": { + "$ref": "#/types/aws-native:ses:EmailIdentityConfigurationSetAttributes", + "description": "Used to associate a configuration set with an email identity." + }, + "dkimAttributes": { + "$ref": "#/types/aws-native:ses:EmailIdentityDkimAttributes", + "description": "An object that contains information about the DKIM attributes for the identity." + }, + "dkimDnsTokenName1": { + "type": "string", + "description": "The host name for the first token that you have to add to the DNS configuration for your domain." + }, + "dkimDnsTokenName2": { + "type": "string", + "description": "The host name for the second token that you have to add to the DNS configuration for your domain." + }, + "dkimDnsTokenName3": { + "type": "string", + "description": "The host name for the third token that you have to add to the DNS configuration for your domain." + }, + "dkimDnsTokenValue1": { + "type": "string", + "description": "The record value for the first token that you have to add to the DNS configuration for your domain." + }, + "dkimDnsTokenValue2": { + "type": "string", + "description": "The record value for the second token that you have to add to the DNS configuration for your domain." + }, + "dkimDnsTokenValue3": { + "type": "string", + "description": "The record value for the third token that you have to add to the DNS configuration for your domain." + }, + "dkimSigningAttributes": { + "$ref": "#/types/aws-native:ses:EmailIdentityDkimSigningAttributes", + "description": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address." + }, + "emailIdentity": { + "type": "string", + "description": "The email address or domain to verify.", + "language": { + "csharp": { + "name": "EmailIdentityValue" + } + }, + "replaceOnChanges": true + }, + "feedbackAttributes": { + "$ref": "#/types/aws-native:ses:EmailIdentityFeedbackAttributes", + "description": "Used to enable or disable feedback forwarding for an identity." + }, + "mailFromAttributes": { + "$ref": "#/types/aws-native:ses:EmailIdentityMailFromAttributes", + "description": "Used to enable or disable the custom Mail-From domain configuration for an email identity." + } + }, + "required": [ + "emailIdentity" + ], + "createOnly": [ + "emailIdentity" + ], + "writeOnly": [ + "dkimSigningAttributes/DomainSigningPrivateKey", + "dkimSigningAttributes/DomainSigningSelector" + ], + "irreversibleNames": { + "dkimDnsTokenName1": "DkimDNSTokenName1", + "dkimDnsTokenName2": "DkimDNSTokenName2", + "dkimDnsTokenName3": "DkimDNSTokenName3", + "dkimDnsTokenValue1": "DkimDNSTokenValue1", + "dkimDnsTokenValue2": "DkimDNSTokenValue2", + "dkimDnsTokenValue3": "DkimDNSTokenValue3" + } + }, + "aws-native:ses:MailManagerAddonInstance": { + "cf": "AWS::SES::MailManagerAddonInstance", + "inputs": { + "addonSubscriptionId": { + "type": "string", + "description": "The subscription ID for the instance." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + } + }, + "outputs": { + "addonInstanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Add On instance." + }, + "addonInstanceId": { + "type": "string", + "description": "The unique ID of the Add On instance." + }, + "addonName": { + "type": "string", + "description": "The name of the Add On for the instance." + }, + "addonSubscriptionId": { + "type": "string", + "description": "The subscription ID for the instance.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + } + }, + "required": [ + "addonSubscriptionId" + ], + "createOnly": [ + "addonSubscriptionId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ses:MailManagerAddonSubscription": { + "cf": "AWS::SES::MailManagerAddonSubscription", + "inputs": { + "addonName": { + "type": "string", + "description": "The name of the Add On to subscribe to. You can only have one subscription for each Add On name.\n\nValid Values: `TRENDMICRO_VSAPI | SPAMHAUS_DBL | ABUSIX_MAIL_INTELLIGENCE`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + } + }, + "outputs": { + "addonName": { + "type": "string", + "description": "The name of the Add On to subscribe to. You can only have one subscription for each Add On name.\n\nValid Values: `TRENDMICRO_VSAPI | SPAMHAUS_DBL | ABUSIX_MAIL_INTELLIGENCE`", + "replaceOnChanges": true + }, + "addonSubscriptionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Add On subscription." + }, + "addonSubscriptionId": { + "type": "string", + "description": "The unique ID of the Add On subscription." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + } + }, + "required": [ + "addonName" + ], + "createOnly": [ + "addonName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ses:MailManagerArchive": { + "cf": "AWS::SES::MailManagerArchive", + "inputs": { + "archiveName": { + "type": "string", + "description": "A unique name for the new archive." + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the KMS key for encrypting emails in the archive." + }, + "retention": { + "$ref": "#/types/aws-native:ses:MailManagerArchiveArchiveRetentionProperties", + "description": "The period for retaining emails in the archive before automatic deletion." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + } + }, + "outputs": { + "archiveArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the archive." + }, + "archiveId": { + "type": "string", + "description": "The unique identifier of the archive." + }, + "archiveName": { + "type": "string", + "description": "A unique name for the new archive." + }, + "archiveState": { + "$ref": "#/types/aws-native:ses:MailManagerArchiveArchiveState", + "description": "The current state of the archive:\n\n- `ACTIVE` – The archive is ready and available for use.\n- `PENDING_DELETION` – The archive has been marked for deletion and will be permanently deleted in 30 days. No further modifications can be made in this state." + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the KMS key for encrypting emails in the archive.", + "replaceOnChanges": true + }, + "retention": { + "$ref": "#/types/aws-native:ses:MailManagerArchiveArchiveRetentionProperties", + "description": "The period for retaining emails in the archive before automatic deletion." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + } + }, + "autoNamingSpec": { + "sdkName": "archiveName", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "kmsKeyArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ses:MailManagerIngressPoint": { + "cf": "AWS::SES::MailManagerIngressPoint", + "inputs": { + "ingressPointConfiguration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ses:MailManagerIngressPointIngressPointConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerIngressPointIngressPointConfiguration1Properties" + } + ], + "description": "The configuration of the ingress endpoint resource." + }, + "ingressPointName": { + "type": "string", + "description": "A user friendly name for an ingress endpoint resource." + }, + "ruleSetId": { + "type": "string", + "description": "The identifier of an existing rule set that you attach to an ingress endpoint resource." + }, + "statusToUpdate": { + "$ref": "#/types/aws-native:ses:MailManagerIngressPointIngressPointStatusToUpdate", + "description": "The update status of an ingress endpoint." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + }, + "trafficPolicyId": { + "type": "string", + "description": "The identifier of an existing traffic policy that you attach to an ingress endpoint resource." + }, + "type": { + "$ref": "#/types/aws-native:ses:MailManagerIngressPointIngressPointType", + "description": "The type of the ingress endpoint to create." + } + }, + "outputs": { + "aRecord": { + "type": "string", + "description": "The DNS A Record that identifies your ingress endpoint. Configure your DNS Mail Exchange (MX) record with this value to route emails to Mail Manager." + }, + "ingressPointArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the ingress endpoint resource." + }, + "ingressPointConfiguration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ses:MailManagerIngressPointIngressPointConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerIngressPointIngressPointConfiguration1Properties" + } + ], + "description": "The configuration of the ingress endpoint resource." + }, + "ingressPointId": { + "type": "string", + "description": "The identifier of the ingress endpoint resource." + }, + "ingressPointName": { + "type": "string", + "description": "A user friendly name for an ingress endpoint resource." + }, + "ruleSetId": { + "type": "string", + "description": "The identifier of an existing rule set that you attach to an ingress endpoint resource." + }, + "status": { + "$ref": "#/types/aws-native:ses:MailManagerIngressPointIngressPointStatus", + "description": "The status of the ingress endpoint resource." + }, + "statusToUpdate": { + "$ref": "#/types/aws-native:ses:MailManagerIngressPointIngressPointStatusToUpdate", + "description": "The update status of an ingress endpoint." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + }, + "trafficPolicyId": { + "type": "string", + "description": "The identifier of an existing traffic policy that you attach to an ingress endpoint resource." + }, + "type": { + "$ref": "#/types/aws-native:ses:MailManagerIngressPointIngressPointType", + "description": "The type of the ingress endpoint to create.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "ingressPointName", + "minLength": 3, + "maxLength": 63 + }, + "required": [ + "ruleSetId", + "trafficPolicyId", + "type" + ], + "createOnly": [ + "type" + ], + "writeOnly": [ + "ingressPointConfiguration" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ses:MailManagerRelay": { + "cf": "AWS::SES::MailManagerRelay", + "inputs": { + "authentication": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ses:MailManagerRelayRelayAuthentication0Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRelayRelayAuthentication1Properties" + } + ], + "description": "Authentication for the relay destination server—specify the secretARN where the SMTP credentials are stored." + }, + "relayName": { + "type": "string", + "description": "The unique relay name." + }, + "serverName": { + "type": "string", + "description": "The destination relay server address." + }, + "serverPort": { + "type": "number", + "description": "The destination relay server port." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + } + }, + "outputs": { + "authentication": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ses:MailManagerRelayRelayAuthentication0Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRelayRelayAuthentication1Properties" + } + ], + "description": "Authentication for the relay destination server—specify the secretARN where the SMTP credentials are stored." + }, + "relayArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the relay." + }, + "relayId": { + "type": "string", + "description": "The unique relay identifier." + }, + "relayName": { + "type": "string", + "description": "The unique relay name." + }, + "serverName": { + "type": "string", + "description": "The destination relay server address." + }, + "serverPort": { + "type": "number", + "description": "The destination relay server port." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + } + }, + "autoNamingSpec": { + "sdkName": "relayName", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "authentication", + "serverName", + "serverPort" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ses:MailManagerRuleSet": { + "cf": "AWS::SES::MailManagerRuleSet", + "inputs": { + "ruleSetName": { + "type": "string", + "description": "A user-friendly name for the rule set." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRule" + }, + "description": "Conditional rules that are evaluated for determining actions on email." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + } + }, + "outputs": { + "ruleSetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the rule set resource." + }, + "ruleSetId": { + "type": "string", + "description": "The identifier of the rule set." + }, + "ruleSetName": { + "type": "string", + "description": "A user-friendly name for the rule set." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRule" + }, + "description": "Conditional rules that are evaluated for determining actions on email." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + } + }, + "autoNamingSpec": { + "sdkName": "ruleSetName", + "minLength": 1, + "maxLength": 100 + }, + "required": [ + "rules" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ses:MailManagerTrafficPolicy": { + "cf": "AWS::SES::MailManagerTrafficPolicy", + "inputs": { + "defaultAction": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyAcceptAction", + "description": "Default action instructs the traffic policy to either Allow or Deny (block) messages that fall outside of (or not addressed by) the conditions of your policy statements" + }, + "maxMessageSizeBytes": { + "type": "number", + "description": "The maximum message size in bytes of email which is allowed in by this traffic policy—anything larger will be blocked." + }, + "policyStatements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyPolicyStatement" + }, + "description": "Conditional statements for filtering email traffic." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + }, + "trafficPolicyName": { + "type": "string", + "description": "The name of the policy.\n\nThe policy name cannot exceed 64 characters and can only include alphanumeric characters, dashes, and underscores." + } + }, + "outputs": { + "defaultAction": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyAcceptAction", + "description": "Default action instructs the traffic policy to either Allow or Deny (block) messages that fall outside of (or not addressed by) the conditions of your policy statements" + }, + "maxMessageSizeBytes": { + "type": "number", + "description": "The maximum message size in bytes of email which is allowed in by this traffic policy—anything larger will be blocked." + }, + "policyStatements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyPolicyStatement" + }, + "description": "Conditional statements for filtering email traffic." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for the resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }." + }, + "trafficPolicyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the traffic policy resource." + }, + "trafficPolicyId": { + "type": "string", + "description": "The identifier of the traffic policy resource." + }, + "trafficPolicyName": { + "type": "string", + "description": "The name of the policy.\n\nThe policy name cannot exceed 64 characters and can only include alphanumeric characters, dashes, and underscores." + } + }, + "autoNamingSpec": { + "sdkName": "trafficPolicyName", + "minLength": 3, + "maxLength": 63 + }, + "required": [ + "defaultAction", + "policyStatements" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ses:Template": { + "cf": "AWS::SES::Template", + "inputs": { + "template": { + "$ref": "#/types/aws-native:ses:Template", + "description": "The content of the email, composed of a subject line and either an HTML part or a text-only part.", + "language": { + "csharp": { + "name": "TemplateValue" + } + } + } + }, + "outputs": { + "awsId": { + "type": "string" + }, + "template": { + "$ref": "#/types/aws-native:ses:Template", + "description": "The content of the email, composed of a subject line and either an HTML part or a text-only part.", + "language": { + "csharp": { + "name": "TemplateValue" + } + } + } + }, + "createOnly": [ + "template/TemplateName" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:ses:VdmAttributes": { + "cf": "AWS::SES::VdmAttributes", + "inputs": { + "dashboardAttributes": { + "$ref": "#/types/aws-native:ses:VdmAttributesDashboardAttributes", + "description": "Specifies additional settings for your VDM configuration as applicable to the Dashboard." + }, + "guardianAttributes": { + "$ref": "#/types/aws-native:ses:VdmAttributesGuardianAttributes", + "description": "Specifies additional settings for your VDM configuration as applicable to the Guardian." + } + }, + "outputs": { + "dashboardAttributes": { + "$ref": "#/types/aws-native:ses:VdmAttributesDashboardAttributes", + "description": "Specifies additional settings for your VDM configuration as applicable to the Dashboard." + }, + "guardianAttributes": { + "$ref": "#/types/aws-native:ses:VdmAttributesGuardianAttributes", + "description": "Specifies additional settings for your VDM configuration as applicable to the Guardian." + }, + "vdmAttributesResourceId": { + "type": "string", + "description": "Unique identifier for this resource" + } + } + }, + "aws-native:shield:DrtAccess": { + "cf": "AWS::Shield::DRTAccess", + "inputs": { + "logBucketList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription." + }, + "roleArn": { + "type": "string", + "description": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and create or update AWS WAF rules and web ACLs." + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "The ID of the account that submitted the template." + }, + "logBucketList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription." + }, + "roleArn": { + "type": "string", + "description": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and create or update AWS WAF rules and web ACLs." + } + }, + "required": [ + "roleArn" + ] + }, + "aws-native:shield:ProactiveEngagement": { + "cf": "AWS::Shield::ProactiveEngagement", + "inputs": { + "emergencyContactList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:shield:ProactiveEngagementEmergencyContact" + }, + "description": "A list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support.\nTo enable proactive engagement, the contact list must include at least one phone number." + }, + "proactiveEngagementStatus": { + "$ref": "#/types/aws-native:shield:ProactiveEngagementStatus", + "description": "If `ENABLED`, the Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\nIf `DISABLED`, the SRT will not proactively notify contacts about escalations or to initiate proactive customer support." + } + }, + "outputs": { + "accountId": { + "type": "string", + "description": "The ID of the account that submitted the template." + }, + "emergencyContactList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:shield:ProactiveEngagementEmergencyContact" + }, + "description": "A list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support.\nTo enable proactive engagement, the contact list must include at least one phone number." + }, + "proactiveEngagementStatus": { + "$ref": "#/types/aws-native:shield:ProactiveEngagementStatus", + "description": "If `ENABLED`, the Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\nIf `DISABLED`, the SRT will not proactively notify contacts about escalations or to initiate proactive customer support." + } + }, + "required": [ + "emergencyContactList", + "proactiveEngagementStatus" + ] + }, + "aws-native:shield:Protection": { + "cf": "AWS::Shield::Protection", + "inputs": { + "applicationLayerAutomaticResponseConfiguration": { + "$ref": "#/types/aws-native:shield:ProtectionApplicationLayerAutomaticResponseConfiguration", + "description": "The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.\n\nIf you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the `AWS::WAFv2::WebACL` resource description." + }, + "healthCheckArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the health check to associate with the protection." + }, + "name": { + "type": "string", + "description": "Friendly name for the Protection." + }, + "resourceArn": { + "type": "string", + "description": "The ARN (Amazon Resource Name) of the resource to be protected." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tag key-value pairs for the Protection object." + } + }, + "outputs": { + "applicationLayerAutomaticResponseConfiguration": { + "$ref": "#/types/aws-native:shield:ProtectionApplicationLayerAutomaticResponseConfiguration", + "description": "The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.\n\nIf you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the `AWS::WAFv2::WebACL` resource description." + }, + "healthCheckArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the health check to associate with the protection." + }, + "name": { + "type": "string", + "description": "Friendly name for the Protection.", + "replaceOnChanges": true + }, + "protectionArn": { + "type": "string", + "description": "The ARN (Amazon Resource Name) of the protection." + }, + "protectionId": { + "type": "string", + "description": "The unique identifier (ID) of the protection." + }, + "resourceArn": { + "type": "string", + "description": "The ARN (Amazon Resource Name) of the resource to be protected.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tag key-value pairs for the Protection object." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "resourceArn" + ], + "createOnly": [ + "name", + "resourceArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:shield:ProtectionGroup": { + "cf": "AWS::Shield::ProtectionGroup", + "inputs": { + "aggregation": { + "$ref": "#/types/aws-native:shield:ProtectionGroupAggregation", + "description": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n* Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.\n* Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.\n* Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront and origin resources for CloudFront distributions." + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting." + }, + "pattern": { + "$ref": "#/types/aws-native:shield:ProtectionGroupPattern", + "description": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource Amazon Resource Names (ARNs), or include all resources of a specified resource type." + }, + "protectionGroupId": { + "type": "string", + "description": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it." + }, + "resourceType": { + "$ref": "#/types/aws-native:shield:ProtectionGroupResourceType", + "description": "The resource type to include in the protection group. All protected resources of this type are included in the protection group. Newly protected resources of this type are automatically added to the group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tag key-value pairs for the Protection object." + } + }, + "outputs": { + "aggregation": { + "$ref": "#/types/aws-native:shield:ProtectionGroupAggregation", + "description": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n* Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.\n* Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.\n* Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront and origin resources for CloudFront distributions." + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting." + }, + "pattern": { + "$ref": "#/types/aws-native:shield:ProtectionGroupPattern", + "description": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource Amazon Resource Names (ARNs), or include all resources of a specified resource type." + }, + "protectionGroupArn": { + "type": "string", + "description": "The ARN (Amazon Resource Name) of the protection group." + }, + "protectionGroupId": { + "type": "string", + "description": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.", + "replaceOnChanges": true + }, + "resourceType": { + "$ref": "#/types/aws-native:shield:ProtectionGroupResourceType", + "description": "The resource type to include in the protection group. All protected resources of this type are included in the protection group. Newly protected resources of this type are automatically added to the group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "One or more tag key-value pairs for the Protection object." + } + }, + "required": [ + "aggregation", + "pattern", + "protectionGroupId" + ], + "createOnly": [ + "protectionGroupId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:signer:ProfilePermission": { + "cf": "AWS::Signer::ProfilePermission", + "inputs": { + "action": { + "type": "string", + "description": "The AWS Signer action permitted as part of cross-account permissions." + }, + "principal": { + "type": "string", + "description": "The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID." + }, + "profileName": { + "type": "string", + "description": "The human-readable name of the signing profile." + }, + "profileVersion": { + "type": "string", + "description": "The version of the signing profile." + }, + "statementId": { + "type": "string", + "description": "A unique identifier for the cross-account permission statement." + } + }, + "outputs": { + "action": { + "type": "string", + "description": "The AWS Signer action permitted as part of cross-account permissions.", + "replaceOnChanges": true + }, + "principal": { + "type": "string", + "description": "The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID.", + "replaceOnChanges": true + }, + "profileName": { + "type": "string", + "description": "The human-readable name of the signing profile.", + "replaceOnChanges": true + }, + "profileVersion": { + "type": "string", + "description": "The version of the signing profile.", + "replaceOnChanges": true + }, + "statementId": { + "type": "string", + "description": "A unique identifier for the cross-account permission statement.", + "replaceOnChanges": true + } + }, + "required": [ + "action", + "principal", + "profileName", + "statementId" + ], + "createOnly": [ + "action", + "principal", + "profileName", + "profileVersion", + "statementId" + ] + }, + "aws-native:signer:SigningProfile": { + "cf": "AWS::Signer::SigningProfile", + "inputs": { + "platformId": { + "$ref": "#/types/aws-native:signer:SigningProfilePlatformId", + "description": "The ID of the target signing platform." + }, + "profileName": { + "type": "string", + "description": "A name for the signing profile. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the signing profile name. " + }, + "signatureValidityPeriod": { + "$ref": "#/types/aws-native:signer:SigningProfileSignatureValidityPeriod", + "description": "Signature validity period of the profile." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags associated with the signing profile." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified signing profile." + }, + "platformId": { + "$ref": "#/types/aws-native:signer:SigningProfilePlatformId", + "description": "The ID of the target signing platform.", + "replaceOnChanges": true + }, + "profileName": { + "type": "string", + "description": "A name for the signing profile. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the signing profile name. ", + "replaceOnChanges": true + }, + "profileVersion": { + "type": "string", + "description": "A version for the signing profile. AWS Signer generates a unique version for each profile of the same profile name." + }, + "profileVersionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the specified signing profile version." + }, + "signatureValidityPeriod": { + "$ref": "#/types/aws-native:signer:SigningProfileSignatureValidityPeriod", + "description": "Signature validity period of the profile.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of tags associated with the signing profile." + } + }, + "autoNamingSpec": { + "sdkName": "profileName" + }, + "required": [ + "platformId" + ], + "createOnly": [ + "platformId", + "profileName", + "signatureValidityPeriod" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:simspaceweaver:Simulation": { + "cf": "AWS::SimSpaceWeaver::Simulation", + "inputs": { + "maximumDuration": { + "type": "string", + "description": "The maximum running time of the simulation." + }, + "name": { + "type": "string", + "description": "The name of the simulation." + }, + "roleArn": { + "type": "string", + "description": "Role ARN." + }, + "schemaS3Location": { + "$ref": "#/types/aws-native:simspaceweaver:SimulationS3Location", + "description": "The location of the simulation schema in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SchemaS3Location` to start your simulation from a schema.\n\nIf you provide a `SchemaS3Location` then you can't provide a `SnapshotS3Location` ." + }, + "snapshotS3Location": { + "$ref": "#/types/aws-native:simspaceweaver:SimulationS3Location", + "description": "The location of the snapshot in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SnapshotS3Location` to start your simulation from a snapshot.\n\nIf you provide a `SnapshotS3Location` then you can't provide a `SchemaS3Location` ." + } + }, + "outputs": { + "describePayload": { + "type": "string", + "description": "Json object with all simulation details" + }, + "maximumDuration": { + "type": "string", + "description": "The maximum running time of the simulation.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the simulation.", + "replaceOnChanges": true + }, + "roleArn": { + "type": "string", + "description": "Role ARN.", + "replaceOnChanges": true + }, + "schemaS3Location": { + "$ref": "#/types/aws-native:simspaceweaver:SimulationS3Location", + "description": "The location of the simulation schema in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SchemaS3Location` to start your simulation from a schema.\n\nIf you provide a `SchemaS3Location` then you can't provide a `SnapshotS3Location` .", + "replaceOnChanges": true + }, + "snapshotS3Location": { + "$ref": "#/types/aws-native:simspaceweaver:SimulationS3Location", + "description": "The location of the snapshot in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SnapshotS3Location` to start your simulation from a snapshot.\n\nIf you provide a `SnapshotS3Location` then you can't provide a `SchemaS3Location` .", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 2048 + }, + "required": [ + "roleArn" + ], + "createOnly": [ + "maximumDuration", + "name", + "roleArn", + "schemaS3Location", + "snapshotS3Location" + ], + "irreversibleNames": { + "schemaS3Location": "SchemaS3Location", + "snapshotS3Location": "SnapshotS3Location" + } + }, + "aws-native:sns:Topic": { + "cf": "AWS::SNS::Topic", + "inputs": { + "archivePolicy": { + "$ref": "pulumi.json#/Any", + "description": "The archive policy determines the number of days SNS retains messages. You can set a retention period from 1 to 365 days.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SNS::Topic` for more information about the expected schema for this property." + }, + "contentBasedDeduplication": { + "type": "boolean", + "description": "Enables content-based deduplication for FIFO topics.\n + By default, ``ContentBasedDeduplication`` is set to ``false``. If you create a FIFO topic and this attribute is ``false``, you must specify a value for the ``MessageDeduplicationId`` parameter for the [Publish](https://docs.aws.amazon.com/sns/latest/api/API_Publish.html) action. \n + When you set ``ContentBasedDeduplication`` to ``true``, SNS uses a SHA-256 hash to generate the ``MessageDeduplicationId`` using the body of the message (but not the attributes of the message).\n (Optional) To override the generated value, you can specify a value for the the ``MessageDeduplicationId`` parameter for the ``Publish`` action." + }, + "dataProtectionPolicy": { + "$ref": "pulumi.json#/Any", + "description": "The body of the policy document you want to use for this topic.\n You can only add one policy per topic.\n The policy must be in JSON string format.\n Length Constraints: Maximum length of 30,720.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SNS::Topic` for more information about the expected schema for this property." + }, + "deliveryStatusLogging": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sns:TopicLoggingConfig" + }, + "description": "The ``DeliveryStatusLogging`` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:\n + HTTP \n + Amazon Kinesis Data Firehose\n + AWS Lambda\n + Platform application endpoint\n + Amazon Simple Queue Service\n \n Once configured, log entries are sent to Amazon CloudWatch Logs." + }, + "displayName": { + "type": "string", + "description": "The display name to use for an SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs." + }, + "fifoTopic": { + "type": "boolean", + "description": "Set to true to create a FIFO topic." + }, + "kmsMasterKeyId": { + "type": "string", + "description": "The ID of an AWS managed customer master key (CMK) for SNS or a custom CMK. For more information, see [Key terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms). For more examples, see ``KeyId`` in the *API Reference*.\n This property applies only to [server-side-encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html)." + }, + "signatureVersion": { + "type": "string", + "description": "The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, ``SignatureVersion`` is set to ``1``." + }, + "subscription": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sns:TopicSubscription" + }, + "description": "The SNS subscriptions (endpoints) for this topic.\n If you specify the ``Subscription`` property in the ``AWS::SNS::Topic`` resource and it creates an associated subscription resource, the associated subscription is not deleted when the ``AWS::SNS::Topic`` resource is deleted." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags to add to a new topic.\n To be able to tag a topic on creation, you must have the ``sns:CreateTopic`` and ``sns:TagResource`` permissions." + }, + "topicName": { + "type": "string", + "description": "The name of the topic you want to create. Topic names must include only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. FIFO topic names must end with ``.fifo``.\n If you don't specify a name, CFN generates a unique physical ID and uses that ID for the topic name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "tracingConfig": { + "type": "string", + "description": "Tracing mode of an SNS topic. By default ``TracingConfig`` is set to ``PassThrough``, and the topic passes through the tracing header it receives from an SNS publisher to its subscriptions. If set to ``Active``, SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true." + } + }, + "outputs": { + "archivePolicy": { + "$ref": "pulumi.json#/Any", + "description": "The archive policy determines the number of days SNS retains messages. You can set a retention period from 1 to 365 days.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SNS::Topic` for more information about the expected schema for this property." + }, + "contentBasedDeduplication": { + "type": "boolean", + "description": "Enables content-based deduplication for FIFO topics.\n + By default, ``ContentBasedDeduplication`` is set to ``false``. If you create a FIFO topic and this attribute is ``false``, you must specify a value for the ``MessageDeduplicationId`` parameter for the [Publish](https://docs.aws.amazon.com/sns/latest/api/API_Publish.html) action. \n + When you set ``ContentBasedDeduplication`` to ``true``, SNS uses a SHA-256 hash to generate the ``MessageDeduplicationId`` using the body of the message (but not the attributes of the message).\n (Optional) To override the generated value, you can specify a value for the the ``MessageDeduplicationId`` parameter for the ``Publish`` action." + }, + "dataProtectionPolicy": { + "$ref": "pulumi.json#/Any", + "description": "The body of the policy document you want to use for this topic.\n You can only add one policy per topic.\n The policy must be in JSON string format.\n Length Constraints: Maximum length of 30,720.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SNS::Topic` for more information about the expected schema for this property." + }, + "deliveryStatusLogging": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sns:TopicLoggingConfig" + }, + "description": "The ``DeliveryStatusLogging`` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:\n + HTTP \n + Amazon Kinesis Data Firehose\n + AWS Lambda\n + Platform application endpoint\n + Amazon Simple Queue Service\n \n Once configured, log entries are sent to Amazon CloudWatch Logs." + }, + "displayName": { + "type": "string", + "description": "The display name to use for an SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs." + }, + "fifoTopic": { + "type": "boolean", + "description": "Set to true to create a FIFO topic.", + "replaceOnChanges": true + }, + "kmsMasterKeyId": { + "type": "string", + "description": "The ID of an AWS managed customer master key (CMK) for SNS or a custom CMK. For more information, see [Key terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms). For more examples, see ``KeyId`` in the *API Reference*.\n This property applies only to [server-side-encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html)." + }, + "signatureVersion": { + "type": "string", + "description": "The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, ``SignatureVersion`` is set to ``1``." + }, + "subscription": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sns:TopicSubscription" + }, + "description": "The SNS subscriptions (endpoints) for this topic.\n If you specify the ``Subscription`` property in the ``AWS::SNS::Topic`` resource and it creates an associated subscription resource, the associated subscription is not deleted when the ``AWS::SNS::Topic`` resource is deleted." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags to add to a new topic.\n To be able to tag a topic on creation, you must have the ``sns:CreateTopic`` and ``sns:TagResource`` permissions." + }, + "topicArn": { + "type": "string", + "description": "Returns the ARN of an Amazon SNS topic." + }, + "topicName": { + "type": "string", + "description": "The name of the topic you want to create. Topic names must include only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. FIFO topic names must end with ``.fifo``.\n If you don't specify a name, CFN generates a unique physical ID and uses that ID for the topic name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html).\n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "tracingConfig": { + "type": "string", + "description": "Tracing mode of an SNS topic. By default ``TracingConfig`` is set to ``PassThrough``, and the topic passes through the tracing header it receives from an SNS publisher to its subscriptions. If set to ``Active``, SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true." + } + }, + "autoNamingSpec": { + "sdkName": "topicName" + }, + "createOnly": [ + "fifoTopic", + "topicName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sns:TopicInlinePolicy": { + "cf": "AWS::SNS::TopicInlinePolicy", + "inputs": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document that contains permissions to add to the specified SNS topics.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SNS::TopicInlinePolicy` for more information about the expected schema for this property." + }, + "topicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the topic to which you want to add the policy." + } + }, + "outputs": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document that contains permissions to add to the specified SNS topics.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SNS::TopicInlinePolicy` for more information about the expected schema for this property." + }, + "topicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the topic to which you want to add the policy.", + "replaceOnChanges": true + } + }, + "required": [ + "policyDocument", + "topicArn" + ], + "createOnly": [ + "topicArn" + ] + }, + "aws-native:sns:TopicPolicy": { + "cf": "AWS::SNS::TopicPolicy", + "inputs": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document that contains permissions to add to the specified SNS topics.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SNS::TopicPolicy` for more information about the expected schema for this property." + }, + "topics": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARN) of the topics to which you want to add the policy. You can use the ``Ref`` function to specify an ``AWS::SNS::Topic`` resource." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "The provider-assigned unique ID for this managed resource." + }, + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document that contains permissions to add to the specified SNS topics.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SNS::TopicPolicy` for more information about the expected schema for this property." + }, + "topics": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARN) of the topics to which you want to add the policy. You can use the ``Ref`` function to specify an ``AWS::SNS::Topic`` resource." + } + }, + "required": [ + "policyDocument", + "topics" + ], + "irreversibleNames": { + "awsId": "Id" + } + }, + "aws-native:sqs:Queue": { + "cf": "AWS::SQS::Queue", + "inputs": { + "contentBasedDeduplication": { + "type": "boolean", + "description": "For first-in-first-out (FIFO) queues, specifies whether to enable content-based deduplication. During the deduplication interval, SQS treats messages that are sent with identical content as duplicates and delivers only one copy of the message. For more information, see the ``ContentBasedDeduplication`` attribute for the ``CreateQueue`` action in the *API Reference*." + }, + "deduplicationScope": { + "type": "string", + "description": "For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level. Valid values are ``messageGroup`` and ``queue``.\n To enable high throughput for a FIFO queue, set this attribute to ``messageGroup`` *and* set the ``FifoThroughputLimit`` attribute to ``perMessageGroupId``. If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Developer Guide*." + }, + "delaySeconds": { + "type": "integer", + "description": "The time in seconds for which the delivery of all messages in the queue is delayed. You can specify an integer value of ``0`` to ``900`` (15 minutes). The default value is ``0``." + }, + "fifoQueue": { + "type": "boolean", + "description": "If set to true, creates a FIFO queue. If you don't specify this property, SQS creates a standard queue. For more information, see [FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html) in the *Developer Guide*." + }, + "fifoThroughputLimit": { + "type": "string", + "description": "For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are ``perQueue`` and ``perMessageGroupId``.\n To enable high throughput for a FIFO queue, set this attribute to ``perMessageGroupId`` *and* set the ``DeduplicationScope`` attribute to ``messageGroup``. If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Developer Guide*." + }, + "kmsDataKeyReusePeriodSeconds": { + "type": "integer", + "description": "The length of time in seconds for which SQS can reuse a data key to encrypt or decrypt messages before calling KMS again. The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes).\n A shorter time period provides better security, but results in more calls to KMS, which might incur charges after Free Tier. For more information, see [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-how-does-the-data-key-reuse-period-work) in the *Developer Guide*." + }, + "kmsMasterKeyId": { + "type": "string", + "description": "The ID of an AWS Key Management Service (KMS) for SQS, or a custom KMS. To use the AWS managed KMS for SQS, specify a (default) alias ARN, alias name (e.g. ``alias/aws/sqs``), key ARN, or key ID. For more information, see the following:\n + [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html) in the *Developer Guide* \n + [CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html) in the *API Reference* \n + [Request Parameters](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the *Key Management Service API Reference* \n + The Key Management Service (KMS) section of the [Best Practices](https://docs.aws.amazon.com/https://d0.awsstatic.com/whitepapers/aws-kms-best-practices.pdf) whitepaper" + }, + "maximumMessageSize": { + "type": "integer", + "description": "The limit of how many bytes that a message can contain before SQS rejects it. You can specify an integer value from ``1,024`` bytes (1 KiB) to ``262,144`` bytes (256 KiB). The default value is ``262,144`` (256 KiB)." + }, + "messageRetentionPeriod": { + "type": "integer", + "description": "The number of seconds that SQS retains a message. You can specify an integer value from ``60`` seconds (1 minute) to ``1,209,600`` seconds (14 days). The default value is ``345,600`` seconds (4 days)." + }, + "queueName": { + "type": "string", + "description": "A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the ``.fifo`` suffix. For more information, see [FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html) in the *Developer Guide*.\n If you don't specify a name, CFN generates a unique physical ID and uses that ID for the queue name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) in the *User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "receiveMessageWaitTimeSeconds": { + "type": "integer", + "description": "Specifies the duration, in seconds, that the ReceiveMessage action call waits until a message is in the queue in order to include it in the response, rather than returning an empty response if a message isn't yet available. You can specify an integer from 1 to 20. Short polling is used as the default or when you specify 0 for this property. For more information, see [Consuming messages using long polling](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-short-and-long-polling.html#sqs-long-polling) in the *Developer Guide*." + }, + "redriveAllowPolicy": { + "$ref": "pulumi.json#/Any", + "description": "The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. The parameters are as follows:\n + ``redrivePermission``: The permission type that defines which source queues can specify the current queue as the dead-letter queue. Valid values are:\n + ``allowAll``: (Default) Any source queues in this AWS account in the same Region can specify this queue as the dead-letter queue.\n + ``denyAll``: No source queues can specify this queue as the dead-letter queue.\n + ``byQueue``: Only queues specified by the ``sourceQueueArns`` parameter can specify this queue as the dead-letter queue.\n \n + ``sourceQueueArns``: The Amazon Resource Names (ARN)s of the source queues that can specify this queue as the dead-letter queue and redrive messages. You can specify this parameter only when the ``redrivePermission`` parameter is set to ``byQueue``. You can specify up to 10 source queue ARNs. To allow more than 10 source queues to specify dead-letter queues, set the ``redrivePermission`` parameter to ``allowAll``.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SQS::Queue` for more information about the expected schema for this property." + }, + "redrivePolicy": { + "$ref": "pulumi.json#/Any", + "description": "The string that includes the parameters for the dead-letter queue functionality of the source queue as a JSON object. The parameters are as follows:\n + ``deadLetterTargetArn``: The Amazon Resource Name (ARN) of the dead-letter queue to which SQS moves messages after the value of ``maxReceiveCount`` is exceeded.\n + ``maxReceiveCount``: The number of times a message is delivered to the source queue before being moved to the dead-letter queue. When the ``ReceiveCount`` for a message exceeds the ``maxReceiveCount`` for a queue, SQS moves the message to the dead-letter-queue.\n \n The dead-letter queue of a FIFO queue must also be a FIFO queue. Similarly, the dead-letter queue of a standard queue must also be a standard queue.\n *JSON* \n ``{ \"deadLetterTargetArn\" : String, \"maxReceiveCount\" : Integer }`` \n *YAML* \n ``deadLetterTargetArn : String`` \n ``maxReceiveCount : Integer``\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SQS::Queue` for more information about the expected schema for this property." + }, + "sqsManagedSseEnabled": { + "type": "boolean", + "description": "Enables server-side queue encryption using SQS owned encryption keys. Only one server-side encryption option is supported per queue (for example, [SSE-KMS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sse-existing-queue.html) or [SSE-SQS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sqs-sse-queue.html)). When ``SqsManagedSseEnabled`` is not defined, ``SSE-SQS`` encryption is enabled by default." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags that you attach to this queue. For more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *User Guide*." + }, + "visibilityTimeout": { + "type": "integer", + "description": "The length of time during which a message will be unavailable after a message is delivered from the queue. This blocks other components from receiving the same message and gives the initial component time to process and delete the message from the queue.\n Values must be from 0 to 43,200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds.\n For more information about SQS queue visibility timeouts, see [Visibility timeout](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html) in the *Developer Guide*." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the Amazon Resource Name (ARN) of the queue. For example: `arn:aws:sqs:us-east-2:123456789012:mystack-myqueue-15PG5C2FC1CW8` ." + }, + "contentBasedDeduplication": { + "type": "boolean", + "description": "For first-in-first-out (FIFO) queues, specifies whether to enable content-based deduplication. During the deduplication interval, SQS treats messages that are sent with identical content as duplicates and delivers only one copy of the message. For more information, see the ``ContentBasedDeduplication`` attribute for the ``CreateQueue`` action in the *API Reference*." + }, + "deduplicationScope": { + "type": "string", + "description": "For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level. Valid values are ``messageGroup`` and ``queue``.\n To enable high throughput for a FIFO queue, set this attribute to ``messageGroup`` *and* set the ``FifoThroughputLimit`` attribute to ``perMessageGroupId``. If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Developer Guide*." + }, + "delaySeconds": { + "type": "integer", + "description": "The time in seconds for which the delivery of all messages in the queue is delayed. You can specify an integer value of ``0`` to ``900`` (15 minutes). The default value is ``0``." + }, + "fifoQueue": { + "type": "boolean", + "description": "If set to true, creates a FIFO queue. If you don't specify this property, SQS creates a standard queue. For more information, see [FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html) in the *Developer Guide*.", + "replaceOnChanges": true + }, + "fifoThroughputLimit": { + "type": "string", + "description": "For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are ``perQueue`` and ``perMessageGroupId``.\n To enable high throughput for a FIFO queue, set this attribute to ``perMessageGroupId`` *and* set the ``DeduplicationScope`` attribute to ``messageGroup``. If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Developer Guide*." + }, + "kmsDataKeyReusePeriodSeconds": { + "type": "integer", + "description": "The length of time in seconds for which SQS can reuse a data key to encrypt or decrypt messages before calling KMS again. The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes).\n A shorter time period provides better security, but results in more calls to KMS, which might incur charges after Free Tier. For more information, see [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-how-does-the-data-key-reuse-period-work) in the *Developer Guide*." + }, + "kmsMasterKeyId": { + "type": "string", + "description": "The ID of an AWS Key Management Service (KMS) for SQS, or a custom KMS. To use the AWS managed KMS for SQS, specify a (default) alias ARN, alias name (e.g. ``alias/aws/sqs``), key ARN, or key ID. For more information, see the following:\n + [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html) in the *Developer Guide* \n + [CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html) in the *API Reference* \n + [Request Parameters](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the *Key Management Service API Reference* \n + The Key Management Service (KMS) section of the [Best Practices](https://docs.aws.amazon.com/https://d0.awsstatic.com/whitepapers/aws-kms-best-practices.pdf) whitepaper" + }, + "maximumMessageSize": { + "type": "integer", + "description": "The limit of how many bytes that a message can contain before SQS rejects it. You can specify an integer value from ``1,024`` bytes (1 KiB) to ``262,144`` bytes (256 KiB). The default value is ``262,144`` (256 KiB)." + }, + "messageRetentionPeriod": { + "type": "integer", + "description": "The number of seconds that SQS retains a message. You can specify an integer value from ``60`` seconds (1 minute) to ``1,209,600`` seconds (14 days). The default value is ``345,600`` seconds (4 days)." + }, + "queueName": { + "type": "string", + "description": "A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the ``.fifo`` suffix. For more information, see [FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html) in the *Developer Guide*.\n If you don't specify a name, CFN generates a unique physical ID and uses that ID for the queue name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) in the *User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "queueUrl": { + "type": "string", + "description": "Returns the URLs of the queues from the policy." + }, + "receiveMessageWaitTimeSeconds": { + "type": "integer", + "description": "Specifies the duration, in seconds, that the ReceiveMessage action call waits until a message is in the queue in order to include it in the response, rather than returning an empty response if a message isn't yet available. You can specify an integer from 1 to 20. Short polling is used as the default or when you specify 0 for this property. For more information, see [Consuming messages using long polling](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-short-and-long-polling.html#sqs-long-polling) in the *Developer Guide*." + }, + "redriveAllowPolicy": { + "$ref": "pulumi.json#/Any", + "description": "The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. The parameters are as follows:\n + ``redrivePermission``: The permission type that defines which source queues can specify the current queue as the dead-letter queue. Valid values are:\n + ``allowAll``: (Default) Any source queues in this AWS account in the same Region can specify this queue as the dead-letter queue.\n + ``denyAll``: No source queues can specify this queue as the dead-letter queue.\n + ``byQueue``: Only queues specified by the ``sourceQueueArns`` parameter can specify this queue as the dead-letter queue.\n \n + ``sourceQueueArns``: The Amazon Resource Names (ARN)s of the source queues that can specify this queue as the dead-letter queue and redrive messages. You can specify this parameter only when the ``redrivePermission`` parameter is set to ``byQueue``. You can specify up to 10 source queue ARNs. To allow more than 10 source queues to specify dead-letter queues, set the ``redrivePermission`` parameter to ``allowAll``.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SQS::Queue` for more information about the expected schema for this property." + }, + "redrivePolicy": { + "$ref": "pulumi.json#/Any", + "description": "The string that includes the parameters for the dead-letter queue functionality of the source queue as a JSON object. The parameters are as follows:\n + ``deadLetterTargetArn``: The Amazon Resource Name (ARN) of the dead-letter queue to which SQS moves messages after the value of ``maxReceiveCount`` is exceeded.\n + ``maxReceiveCount``: The number of times a message is delivered to the source queue before being moved to the dead-letter queue. When the ``ReceiveCount`` for a message exceeds the ``maxReceiveCount`` for a queue, SQS moves the message to the dead-letter-queue.\n \n The dead-letter queue of a FIFO queue must also be a FIFO queue. Similarly, the dead-letter queue of a standard queue must also be a standard queue.\n *JSON* \n ``{ \"deadLetterTargetArn\" : String, \"maxReceiveCount\" : Integer }`` \n *YAML* \n ``deadLetterTargetArn : String`` \n ``maxReceiveCount : Integer``\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SQS::Queue` for more information about the expected schema for this property." + }, + "sqsManagedSseEnabled": { + "type": "boolean", + "description": "Enables server-side queue encryption using SQS owned encryption keys. Only one server-side encryption option is supported per queue (for example, [SSE-KMS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sse-existing-queue.html) or [SSE-SQS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sqs-sse-queue.html)). When ``SqsManagedSseEnabled`` is not defined, ``SSE-SQS`` encryption is enabled by default." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags that you attach to this queue. For more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *User Guide*." + }, + "visibilityTimeout": { + "type": "integer", + "description": "The length of time during which a message will be unavailable after a message is delivered from the queue. This blocks other components from receiving the same message and gives the initial component time to process and delete the message from the queue.\n Values must be from 0 to 43,200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds.\n For more information about SQS queue visibility timeouts, see [Visibility timeout](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html) in the *Developer Guide*." + } + }, + "autoNamingSpec": { + "sdkName": "queueName", + "namingTriviaSpec": { + "rule": { + "field": "fifoQueue", + "condition": { + "predicate": "equal", + "value": { + "V": true + } + } + }, + "trivia": { + "suffix": ".fifo" + } + } + }, + "createOnly": [ + "fifoQueue", + "queueName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sqs:QueueInlinePolicy": { + "cf": "AWS::SQS::QueueInlinePolicy", + "inputs": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document that contains permissions to add to the specified SQS queue\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SQS::QueueInlinePolicy` for more information about the expected schema for this property." + }, + "queue": { + "type": "string", + "description": "The URL of the SQS queue." + } + }, + "outputs": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A policy document that contains permissions to add to the specified SQS queue\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SQS::QueueInlinePolicy` for more information about the expected schema for this property." + }, + "queue": { + "type": "string", + "description": "The URL of the SQS queue.", + "replaceOnChanges": true + } + }, + "required": [ + "policyDocument", + "queue" + ], + "createOnly": [ + "queue" + ] + }, + "aws-native:ssm:Association": { + "cf": "AWS::SSM::Association", + "inputs": { + "applyOnlyAtCronInterval": { + "type": "boolean", + "description": "By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions." + }, + "associationName": { + "type": "string", + "description": "The name of the association." + }, + "automationTargetParameterName": { + "type": "string", + "description": "Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a capability of AWS Systems Manager ." + }, + "calendarNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) ." + }, + "complianceSeverity": { + "$ref": "#/types/aws-native:ssm:AssociationComplianceSeverity", + "description": "The severity level that is assigned to the association." + }, + "documentVersion": { + "type": "string", + "description": "The version of the SSM document to associate with the target." + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance that the SSM document is associated with." + }, + "maxConcurrency": { + "type": "string", + "description": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.\n\nIf a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` ." + }, + "maxErrors": { + "type": "string", + "description": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.\n\nExecutions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time." + }, + "name": { + "type": "string", + "description": "The name of the SSM document." + }, + "outputLocation": { + "$ref": "#/types/aws-native:ssm:AssociationInstanceAssociationOutputLocation", + "description": "An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + }, + "description": "Parameter values that the SSM document uses at runtime." + }, + "scheduleExpression": { + "type": "string", + "description": "A Cron or Rate expression that specifies when the association is applied to the target." + }, + "scheduleOffset": { + "type": "integer", + "description": "Number of days to wait after the scheduled day to run an association." + }, + "syncCompliance": { + "$ref": "#/types/aws-native:ssm:AssociationSyncCompliance", + "description": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL` . In `AUTO` mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is `COMPLIANT` . If the association execution doesn't run successfully, the association is `NON-COMPLIANT` .\n\nIn `MANUAL` mode, you must specify the `AssociationId` as a parameter for the `PutComplianceItems` API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the `PutComplianceItems` API action.\n\nBy default, all associations use `AUTO` mode." + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssm:AssociationTarget" + }, + "description": "The targets that the SSM document sends commands to." + }, + "waitForSuccessTimeoutSeconds": { + "type": "integer", + "description": "The number of seconds the service should wait for the association status to show \"Success\" before proceeding with the stack execution. If the association status doesn't show \"Success\" after the specified number of seconds, then stack creation fails.\n\n\u003e When you specify a value for the `WaitForSuccessTimeoutSeconds` , [drift detection](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html) for your AWS CloudFormation stack’s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don’t include `WaitForSuccessTimeoutSeconds` in your template." + } + }, + "outputs": { + "applyOnlyAtCronInterval": { + "type": "boolean", + "description": "By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions." + }, + "associationId": { + "type": "string", + "description": "Unique identifier of the association." + }, + "associationName": { + "type": "string", + "description": "The name of the association." + }, + "automationTargetParameterName": { + "type": "string", + "description": "Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a capability of AWS Systems Manager ." + }, + "calendarNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) ." + }, + "complianceSeverity": { + "$ref": "#/types/aws-native:ssm:AssociationComplianceSeverity", + "description": "The severity level that is assigned to the association." + }, + "documentVersion": { + "type": "string", + "description": "The version of the SSM document to associate with the target." + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance that the SSM document is associated with." + }, + "maxConcurrency": { + "type": "string", + "description": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.\n\nIf a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` ." + }, + "maxErrors": { + "type": "string", + "description": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.\n\nExecutions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time." + }, + "name": { + "type": "string", + "description": "The name of the SSM document." + }, + "outputLocation": { + "$ref": "#/types/aws-native:ssm:AssociationInstanceAssociationOutputLocation", + "description": "An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + }, + "description": "Parameter values that the SSM document uses at runtime." + }, + "scheduleExpression": { + "type": "string", + "description": "A Cron or Rate expression that specifies when the association is applied to the target." + }, + "scheduleOffset": { + "type": "integer", + "description": "Number of days to wait after the scheduled day to run an association." + }, + "syncCompliance": { + "$ref": "#/types/aws-native:ssm:AssociationSyncCompliance", + "description": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL` . In `AUTO` mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is `COMPLIANT` . If the association execution doesn't run successfully, the association is `NON-COMPLIANT` .\n\nIn `MANUAL` mode, you must specify the `AssociationId` as a parameter for the `PutComplianceItems` API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the `PutComplianceItems` API action.\n\nBy default, all associations use `AUTO` mode." + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssm:AssociationTarget" + }, + "description": "The targets that the SSM document sends commands to." + }, + "waitForSuccessTimeoutSeconds": { + "type": "integer", + "description": "The number of seconds the service should wait for the association status to show \"Success\" before proceeding with the stack execution. If the association status doesn't show \"Success\" after the specified number of seconds, then stack creation fails.\n\n\u003e When you specify a value for the `WaitForSuccessTimeoutSeconds` , [drift detection](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html) for your AWS CloudFormation stack’s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don’t include `WaitForSuccessTimeoutSeconds` in your template." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "writeOnly": [ + "waitForSuccessTimeoutSeconds" + ] + }, + "aws-native:ssm:Document": { + "cf": "AWS::SSM::Document", + "inputs": { + "attachments": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssm:DocumentAttachmentsSource" + }, + "description": "A list of key and value pairs that describe attachments to a version of a document." + }, + "content": { + "$ref": "pulumi.json#/Any", + "description": "The content for the Systems Manager document in JSON, YAML or String format.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SSM::Document` for more information about the expected schema for this property." + }, + "documentFormat": { + "$ref": "#/types/aws-native:ssm:DocumentFormat", + "description": "Specify the document format for the request. The document format can be either JSON or YAML. JSON is the default format." + }, + "documentType": { + "$ref": "#/types/aws-native:ssm:DocumentType", + "description": "The type of document to create." + }, + "name": { + "type": "string", + "description": "A name for the Systems Manager document." + }, + "requires": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssm:DocumentRequires" + }, + "description": "A list of SSM documents required by a document. For example, an ApplicationConfiguration document requires an ApplicationConfigurationSchema document." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment." + }, + "targetType": { + "type": "string", + "description": "Specify a target type to define the kinds of resources the document can run on." + }, + "updateMethod": { + "$ref": "#/types/aws-native:ssm:DocumentUpdateMethod", + "description": "Update method - when set to 'Replace', the update will replace the existing document; when set to 'NewVersion', the update will create a new version." + }, + "versionName": { + "type": "string", + "description": "An optional field specifying the version of the artifact you are creating with the document. This value is unique across all versions of a document, and cannot be changed." + } + }, + "outputs": { + "attachments": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssm:DocumentAttachmentsSource" + }, + "description": "A list of key and value pairs that describe attachments to a version of a document." + }, + "content": { + "$ref": "pulumi.json#/Any", + "description": "The content for the Systems Manager document in JSON, YAML or String format.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SSM::Document` for more information about the expected schema for this property." + }, + "documentFormat": { + "$ref": "#/types/aws-native:ssm:DocumentFormat", + "description": "Specify the document format for the request. The document format can be either JSON or YAML. JSON is the default format." + }, + "documentType": { + "$ref": "#/types/aws-native:ssm:DocumentType", + "description": "The type of document to create.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "A name for the Systems Manager document.", + "replaceOnChanges": true + }, + "requires": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssm:DocumentRequires" + }, + "description": "A list of SSM documents required by a document. For example, an ApplicationConfiguration document requires an ApplicationConfigurationSchema document." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment." + }, + "targetType": { + "type": "string", + "description": "Specify a target type to define the kinds of resources the document can run on." + }, + "updateMethod": { + "$ref": "#/types/aws-native:ssm:DocumentUpdateMethod", + "description": "Update method - when set to 'Replace', the update will replace the existing document; when set to 'NewVersion', the update will create a new version." + }, + "versionName": { + "type": "string", + "description": "An optional field specifying the version of the artifact you are creating with the document. This value is unique across all versions of a document, and cannot be changed." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "content" + ], + "createOnly": [ + "documentType", + "name" + ], + "writeOnly": [ + "attachments", + "updateMethod" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ssm:Parameter": { + "cf": "AWS::SSM::Parameter", + "inputs": { + "allowedPattern": { + "type": "string", + "description": "A regular expression used to validate the parameter value. For example, for ``String`` types with values restricted to numbers, you can specify the following: ``AllowedPattern=^\\d+$``" + }, + "dataType": { + "$ref": "#/types/aws-native:ssm:ParameterDataType", + "description": "The data type of the parameter, such as ``text`` or ``aws:ec2:image``. The default is ``text``." + }, + "description": { + "type": "string", + "description": "Information about the parameter." + }, + "name": { + "type": "string", + "description": "The name of the parameter.\n The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter Amazon Resource Name (ARN), is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: ``arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName``" + }, + "policies": { + "type": "string", + "description": "Information about the policies assigned to a parameter.\n [Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *User Guide*." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a SYS parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter." + }, + "tier": { + "$ref": "#/types/aws-native:ssm:ParameterTier", + "description": "The parameter tier." + }, + "type": { + "$ref": "#/types/aws-native:ssm:ParameterType", + "description": "The type of parameter." + }, + "value": { + "type": "string", + "description": "The parameter value.\n If type is ``StringList``, the system returns a comma-separated string with no spaces between commas in the ``Value`` field." + } + }, + "outputs": { + "allowedPattern": { + "type": "string", + "description": "A regular expression used to validate the parameter value. For example, for ``String`` types with values restricted to numbers, you can specify the following: ``AllowedPattern=^\\d+$``" + }, + "dataType": { + "$ref": "#/types/aws-native:ssm:ParameterDataType", + "description": "The data type of the parameter, such as ``text`` or ``aws:ec2:image``. The default is ``text``." + }, + "description": { + "type": "string", + "description": "Information about the parameter." + }, + "name": { + "type": "string", + "description": "The name of the parameter.\n The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter Amazon Resource Name (ARN), is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: ``arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName``", + "replaceOnChanges": true + }, + "policies": { + "type": "string", + "description": "Information about the policies assigned to a parameter.\n [Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *User Guide*." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a SYS parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter." + }, + "tier": { + "$ref": "#/types/aws-native:ssm:ParameterTier", + "description": "The parameter tier." + }, + "type": { + "$ref": "#/types/aws-native:ssm:ParameterType", + "description": "The type of parameter." + }, + "value": { + "type": "string", + "description": "The parameter value.\n If type is ``StringList``, the system returns a comma-separated string with no spaces between commas in the ``Value`` field." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "type", + "value" + ], + "createOnly": [ + "name" + ], + "writeOnly": [ + "allowedPattern", + "description", + "policies", + "tags", + "tier" + ], + "tagsProperty": "tags", + "tagsStyle": "stringMap" + }, + "aws-native:ssm:PatchBaseline": { + "cf": "AWS::SSM::PatchBaseline", + "inputs": { + "approvalRules": { + "$ref": "#/types/aws-native:ssm:PatchBaselineRuleGroup", + "description": "A set of rules used to include patches in the baseline." + }, + "approvedPatches": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of explicitly approved patches for the baseline." + }, + "approvedPatchesComplianceLevel": { + "$ref": "#/types/aws-native:ssm:PatchBaselineApprovedPatchesComplianceLevel", + "description": "Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. The default value is UNSPECIFIED." + }, + "approvedPatchesEnableNonSecurity": { + "type": "boolean", + "description": "Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only." + }, + "defaultBaseline": { + "type": "boolean", + "description": "Set the baseline as default baseline. Only registering to default patch baseline is allowed." + }, + "description": { + "type": "string", + "description": "The description of the patch baseline." + }, + "globalFilters": { + "$ref": "#/types/aws-native:ssm:PatchBaselinePatchFilterGroup", + "description": "A set of global filters used to include patches in the baseline." + }, + "name": { + "type": "string", + "description": "The name of the patch baseline." + }, + "operatingSystem": { + "$ref": "#/types/aws-native:ssm:PatchBaselineOperatingSystem", + "description": "Defines the operating system the patch baseline applies to. The Default value is WINDOWS." + }, + "patchGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "PatchGroups is used to associate instances with a specific patch baseline" + }, + "rejectedPatches": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of explicitly rejected patches for the baseline." + }, + "rejectedPatchesAction": { + "$ref": "#/types/aws-native:ssm:PatchBaselineRejectedPatchesAction", + "description": "The action for Patch Manager to take on patches included in the RejectedPackages list." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssm:PatchBaselinePatchSource" + }, + "description": "Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways." + } + }, + "outputs": { + "approvalRules": { + "$ref": "#/types/aws-native:ssm:PatchBaselineRuleGroup", + "description": "A set of rules used to include patches in the baseline." + }, + "approvedPatches": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of explicitly approved patches for the baseline." + }, + "approvedPatchesComplianceLevel": { + "$ref": "#/types/aws-native:ssm:PatchBaselineApprovedPatchesComplianceLevel", + "description": "Defines the compliance level for approved patches. This means that if an approved patch is reported as missing, this is the severity of the compliance violation. The default value is UNSPECIFIED." + }, + "approvedPatchesEnableNonSecurity": { + "type": "boolean", + "description": "Indicates whether the list of approved patches includes non-security updates that should be applied to the instances. The default value is 'false'. Applies to Linux instances only." + }, + "awsId": { + "type": "string", + "description": "The ID of the patch baseline." + }, + "defaultBaseline": { + "type": "boolean", + "description": "Set the baseline as default baseline. Only registering to default patch baseline is allowed." + }, + "description": { + "type": "string", + "description": "The description of the patch baseline." + }, + "globalFilters": { + "$ref": "#/types/aws-native:ssm:PatchBaselinePatchFilterGroup", + "description": "A set of global filters used to include patches in the baseline." + }, + "name": { + "type": "string", + "description": "The name of the patch baseline." + }, + "operatingSystem": { + "$ref": "#/types/aws-native:ssm:PatchBaselineOperatingSystem", + "description": "Defines the operating system the patch baseline applies to. The Default value is WINDOWS.", + "replaceOnChanges": true + }, + "patchGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "PatchGroups is used to associate instances with a specific patch baseline" + }, + "rejectedPatches": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of explicitly rejected patches for the baseline." + }, + "rejectedPatchesAction": { + "$ref": "#/types/aws-native:ssm:PatchBaselineRejectedPatchesAction", + "description": "The action for Patch Manager to take on patches included in the RejectedPackages list." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssm:PatchBaselinePatchSource" + }, + "description": "Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 128 + }, + "createOnly": [ + "operatingSystem" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ssm:ResourceDataSync": { + "cf": "AWS::SSM::ResourceDataSync", + "inputs": { + "bucketName": { + "type": "string", + "description": "The name of the S3 bucket where the aggregated data is stored." + }, + "bucketPrefix": { + "type": "string", + "description": "An Amazon S3 prefix for the bucket." + }, + "bucketRegion": { + "type": "string", + "description": "The AWS Region with the S3 bucket targeted by the resource data sync." + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an encryption key for a destination in Amazon S3 . You can use a KMS key to encrypt inventory data in Amazon S3 . You must specify a key that exist in the same AWS Region as the destination Amazon S3 bucket." + }, + "s3Destination": { + "$ref": "#/types/aws-native:ssm:ResourceDataSyncS3Destination", + "description": "Configuration information for the target S3 bucket." + }, + "syncFormat": { + "type": "string", + "description": "A supported sync format. The following format is currently supported: JsonSerDe" + }, + "syncName": { + "type": "string", + "description": "A name for the resource data sync." + }, + "syncSource": { + "$ref": "#/types/aws-native:ssm:ResourceDataSyncSyncSource", + "description": "Information about the source where the data was synchronized." + }, + "syncType": { + "type": "string", + "description": "The type of resource data sync. If `SyncType` is `SyncToDestination` , then the resource data sync synchronizes data to an S3 bucket. If the `SyncType` is `SyncFromSource` then the resource data sync synchronizes data from AWS Organizations or from multiple AWS Regions ." + } + }, + "outputs": { + "bucketName": { + "type": "string", + "description": "The name of the S3 bucket where the aggregated data is stored.", + "replaceOnChanges": true + }, + "bucketPrefix": { + "type": "string", + "description": "An Amazon S3 prefix for the bucket.", + "replaceOnChanges": true + }, + "bucketRegion": { + "type": "string", + "description": "The AWS Region with the S3 bucket targeted by the resource data sync.", + "replaceOnChanges": true + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an encryption key for a destination in Amazon S3 . You can use a KMS key to encrypt inventory data in Amazon S3 . You must specify a key that exist in the same AWS Region as the destination Amazon S3 bucket.", + "replaceOnChanges": true + }, + "s3Destination": { + "$ref": "#/types/aws-native:ssm:ResourceDataSyncS3Destination", + "description": "Configuration information for the target S3 bucket.", + "replaceOnChanges": true + }, + "syncFormat": { + "type": "string", + "description": "A supported sync format. The following format is currently supported: JsonSerDe", + "replaceOnChanges": true + }, + "syncName": { + "type": "string", + "description": "A name for the resource data sync.", + "replaceOnChanges": true + }, + "syncSource": { + "$ref": "#/types/aws-native:ssm:ResourceDataSyncSyncSource", + "description": "Information about the source where the data was synchronized." + }, + "syncType": { + "type": "string", + "description": "The type of resource data sync. If `SyncType` is `SyncToDestination` , then the resource data sync synchronizes data to an S3 bucket. If the `SyncType` is `SyncFromSource` then the resource data sync synchronizes data from AWS Organizations or from multiple AWS Regions .", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "syncName", + "minLength": 1, + "maxLength": 64 + }, + "createOnly": [ + "bucketName", + "bucketPrefix", + "bucketRegion", + "kmsKeyArn", + "s3Destination", + "syncFormat", + "syncName", + "syncType" + ], + "irreversibleNames": { + "kmsKeyArn": "KMSKeyArn", + "s3Destination": "S3Destination" + } + }, + "aws-native:ssm:ResourcePolicy": { + "cf": "AWS::SSM::ResourcePolicy", + "inputs": { + "policy": { + "$ref": "pulumi.json#/Any", + "description": "Actual policy statement.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SSM::ResourcePolicy` for more information about the expected schema for this property." + }, + "resourceArn": { + "type": "string", + "description": "Arn of OpsItemGroup etc." + } + }, + "outputs": { + "policy": { + "$ref": "pulumi.json#/Any", + "description": "Actual policy statement.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SSM::ResourcePolicy` for more information about the expected schema for this property." + }, + "policyHash": { + "type": "string", + "description": "A snapshot identifier for the policy over time." + }, + "policyId": { + "type": "string", + "description": "An unique identifier within the policies of a resource. " + }, + "resourceArn": { + "type": "string", + "description": "Arn of OpsItemGroup etc.", + "replaceOnChanges": true + } + }, + "required": [ + "policy", + "resourceArn" + ], + "createOnly": [ + "resourceArn" + ] + }, + "aws-native:ssmcontacts:Contact": { + "cf": "AWS::SSMContacts::Contact", + "inputs": { + "alias": { + "type": "string", + "description": "Alias of the contact. String value with 20 to 256 characters. Only alphabetical, numeric characters, dash, or underscore allowed." + }, + "displayName": { + "type": "string", + "description": "Name of the contact. String value with 3 to 256 characters. Only alphabetical, space, numeric characters, dash, or underscore allowed." + }, + "plan": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmcontacts:ContactStage" + }, + "description": "The stages that an escalation plan or engagement plan engages contacts and contact methods in." + }, + "type": { + "$ref": "#/types/aws-native:ssmcontacts:ContactType", + "description": "Contact type, which specify type of contact. Currently supported values: \"PERSONAL\", \"SHARED\", \"OTHER\"." + } + }, + "outputs": { + "alias": { + "type": "string", + "description": "Alias of the contact. String value with 20 to 256 characters. Only alphabetical, numeric characters, dash, or underscore allowed.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the contact." + }, + "displayName": { + "type": "string", + "description": "Name of the contact. String value with 3 to 256 characters. Only alphabetical, space, numeric characters, dash, or underscore allowed." + }, + "plan": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmcontacts:ContactStage" + }, + "description": "The stages that an escalation plan or engagement plan engages contacts and contact methods in." + }, + "type": { + "$ref": "#/types/aws-native:ssmcontacts:ContactType", + "description": "Contact type, which specify type of contact. Currently supported values: \"PERSONAL\", \"SHARED\", \"OTHER\".", + "replaceOnChanges": true + } + }, + "required": [ + "alias", + "displayName", + "type" + ], + "createOnly": [ + "alias", + "type" + ], + "writeOnly": [ + "plan" + ] + }, + "aws-native:ssmcontacts:ContactChannel": { + "cf": "AWS::SSMContacts::ContactChannel", + "inputs": { + "channelAddress": { + "type": "string", + "description": "The details that SSM Incident Manager uses when trying to engage the contact channel." + }, + "channelName": { + "type": "string", + "description": "The device name. String of 6 to 50 alphabetical, numeric, dash, and underscore characters." + }, + "channelType": { + "$ref": "#/types/aws-native:ssmcontacts:ContactChannelChannelType", + "description": "Device type, which specify notification channel. Currently supported values: \"SMS\", \"VOICE\", \"EMAIL\", \"CHATBOT." + }, + "contactId": { + "type": "string", + "description": "ARN of the contact resource" + }, + "deferActivation": { + "type": "boolean", + "description": "If you want to activate the channel at a later time, you can choose to defer activation. SSM Incident Manager can't engage your contact channel until it has been activated." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the engagement to a contact channel." + }, + "channelAddress": { + "type": "string", + "description": "The details that SSM Incident Manager uses when trying to engage the contact channel." + }, + "channelName": { + "type": "string", + "description": "The device name. String of 6 to 50 alphabetical, numeric, dash, and underscore characters." + }, + "channelType": { + "$ref": "#/types/aws-native:ssmcontacts:ContactChannelChannelType", + "description": "Device type, which specify notification channel. Currently supported values: \"SMS\", \"VOICE\", \"EMAIL\", \"CHATBOT.", + "replaceOnChanges": true + }, + "contactId": { + "type": "string", + "description": "ARN of the contact resource", + "replaceOnChanges": true + }, + "deferActivation": { + "type": "boolean", + "description": "If you want to activate the channel at a later time, you can choose to defer activation. SSM Incident Manager can't engage your contact channel until it has been activated." + } + }, + "autoNamingSpec": { + "sdkName": "channelName", + "minLength": 1, + "maxLength": 255 + }, + "createOnly": [ + "channelType", + "contactId" + ], + "writeOnly": [ + "deferActivation" + ] + }, + "aws-native:ssmcontacts:Plan": { + "cf": "AWS::SSMContacts::Plan", + "inputs": { + "contactId": { + "type": "string", + "description": "Contact ID for the AWS SSM Incident Manager Contact to associate the plan." + }, + "rotationIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Rotation Ids to associate with Oncall Contact for engagement." + }, + "stages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmcontacts:PlanStage" + }, + "description": "The stages that an escalation plan or engagement plan engages contacts and contact methods in." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the contact." + }, + "contactId": { + "type": "string", + "description": "Contact ID for the AWS SSM Incident Manager Contact to associate the plan.", + "replaceOnChanges": true + }, + "rotationIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Rotation Ids to associate with Oncall Contact for engagement." + }, + "stages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmcontacts:PlanStage" + }, + "description": "The stages that an escalation plan or engagement plan engages contacts and contact methods in." + } + }, + "createOnly": [ + "contactId" + ], + "writeOnly": [ + "rotationIds" + ] + }, + "aws-native:ssmcontacts:Rotation": { + "cf": "AWS::SSMContacts::Rotation", + "inputs": { + "contactIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Members of the rotation" + }, + "name": { + "type": "string", + "description": "Name of the Rotation" + }, + "recurrence": { + "$ref": "#/types/aws-native:ssmcontacts:RotationRecurrenceSettings", + "description": "Information about the rule that specifies when shift team members rotate." + }, + "startTime": { + "type": "string", + "description": "Start time of the first shift of Oncall Schedule" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Optional metadata to assign to the rotation. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For more information, see [Tagging Incident Manager resources](https://docs.aws.amazon.com/incident-manager/latest/userguide/tagging.html) in the *Incident Manager User Guide* ." + }, + "timeZoneId": { + "type": "string", + "description": "TimeZone Identifier for the Oncall Schedule" + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the rotation." + }, + "contactIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Members of the rotation" + }, + "name": { + "type": "string", + "description": "Name of the Rotation" + }, + "recurrence": { + "$ref": "#/types/aws-native:ssmcontacts:RotationRecurrenceSettings", + "description": "Information about the rule that specifies when shift team members rotate." + }, + "startTime": { + "type": "string", + "description": "Start time of the first shift of Oncall Schedule" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Optional metadata to assign to the rotation. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For more information, see [Tagging Incident Manager resources](https://docs.aws.amazon.com/incident-manager/latest/userguide/tagging.html) in the *Incident Manager User Guide* ." + }, + "timeZoneId": { + "type": "string", + "description": "TimeZone Identifier for the Oncall Schedule" + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "contactIds", + "recurrence", + "startTime", + "timeZoneId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ssmincidents:ReplicationSet": { + "cf": "AWS::SSMIncidents::ReplicationSet", + "inputs": { + "deletionProtected": { + "type": "boolean", + "description": "Determines if the replication set deletion protection is enabled or not. If deletion protection is enabled, you can't delete the last Region in the replication set." + }, + "regions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmincidents:ReplicationSetReplicationRegion" + }, + "description": "The ReplicationSet configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to apply to the replication set." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the ReplicationSet." + }, + "deletionProtected": { + "type": "boolean", + "description": "Determines if the replication set deletion protection is enabled or not. If deletion protection is enabled, you can't delete the last Region in the replication set." + }, + "regions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmincidents:ReplicationSetReplicationRegion" + }, + "description": "The ReplicationSet configuration." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to apply to the replication set." + } + }, + "required": [ + "regions" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:ssmincidents:ResponsePlan": { + "cf": "AWS::SSMIncidents::ResponsePlan", + "inputs": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanAction" + }, + "description": "The list of actions." + }, + "chatChannel": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanChatChannel", + "description": "The AWS Chatbot chat channel used for collaboration during an incident." + }, + "displayName": { + "type": "string", + "description": "The display name of the response plan." + }, + "engagements": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of engagements to use." + }, + "incidentTemplate": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanIncidentTemplate", + "description": "Details used to create an incident when using this response plan." + }, + "integrations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanIntegration" + }, + "description": "The list of integrations." + }, + "name": { + "type": "string", + "description": "The name of the response plan." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to apply to the response plan." + } + }, + "outputs": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanAction" + }, + "description": "The list of actions." + }, + "arn": { + "type": "string", + "description": "The ARN of the response plan." + }, + "chatChannel": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanChatChannel", + "description": "The AWS Chatbot chat channel used for collaboration during an incident." + }, + "displayName": { + "type": "string", + "description": "The display name of the response plan." + }, + "engagements": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of engagements to use." + }, + "incidentTemplate": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanIncidentTemplate", + "description": "Details used to create an incident when using this response plan." + }, + "integrations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanIntegration" + }, + "description": "The list of integrations." + }, + "name": { + "type": "string", + "description": "The name of the response plan.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to apply to the response plan." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 200 + }, + "required": [ + "incidentTemplate" + ], + "createOnly": [ + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sso:Application": { + "cf": "AWS::SSO::Application", + "inputs": { + "applicationProviderArn": { + "type": "string", + "description": "The ARN of the application provider under which the operation will run" + }, + "description": { + "type": "string", + "description": "The description information for the Identity Center (SSO) Application" + }, + "instanceArn": { + "type": "string", + "description": "The ARN of the instance of IAM Identity Center under which the operation will run" + }, + "name": { + "type": "string", + "description": "The name you want to assign to this Identity Center (SSO) Application" + }, + "portalOptions": { + "$ref": "#/types/aws-native:sso:ApplicationPortalOptionsConfiguration", + "description": "A structure that describes the options for the portal associated with an application" + }, + "status": { + "$ref": "#/types/aws-native:sso:ApplicationStatus", + "description": "Specifies whether the application is enabled or disabled" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies tags to be attached to the application" + } + }, + "outputs": { + "applicationArn": { + "type": "string", + "description": "The Application ARN that is returned upon creation of the Identity Center (SSO) Application" + }, + "applicationProviderArn": { + "type": "string", + "description": "The ARN of the application provider under which the operation will run", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description information for the Identity Center (SSO) Application" + }, + "instanceArn": { + "type": "string", + "description": "The ARN of the instance of IAM Identity Center under which the operation will run", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name you want to assign to this Identity Center (SSO) Application" + }, + "portalOptions": { + "$ref": "#/types/aws-native:sso:ApplicationPortalOptionsConfiguration", + "description": "A structure that describes the options for the portal associated with an application" + }, + "status": { + "$ref": "#/types/aws-native:sso:ApplicationStatus", + "description": "Specifies whether the application is enabled or disabled" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies tags to be attached to the application" + } + }, + "autoNamingSpec": { + "sdkName": "name", + "maxLength": 255 + }, + "required": [ + "applicationProviderArn", + "instanceArn" + ], + "createOnly": [ + "applicationProviderArn", + "instanceArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sso:ApplicationAssignment": { + "cf": "AWS::SSO::ApplicationAssignment", + "inputs": { + "applicationArn": { + "type": "string", + "description": "The ARN of the application." + }, + "principalId": { + "type": "string", + "description": "An identifier for an object in IAM Identity Center, such as a user or group" + }, + "principalType": { + "$ref": "#/types/aws-native:sso:ApplicationAssignmentPrincipalType", + "description": "The entity type for which the assignment will be created." + } + }, + "outputs": { + "applicationArn": { + "type": "string", + "description": "The ARN of the application.", + "replaceOnChanges": true + }, + "principalId": { + "type": "string", + "description": "An identifier for an object in IAM Identity Center, such as a user or group", + "replaceOnChanges": true + }, + "principalType": { + "$ref": "#/types/aws-native:sso:ApplicationAssignmentPrincipalType", + "description": "The entity type for which the assignment will be created.", + "replaceOnChanges": true + } + }, + "required": [ + "applicationArn", + "principalId", + "principalType" + ], + "createOnly": [ + "applicationArn", + "principalId", + "principalType" + ] + }, + "aws-native:sso:Assignment": { + "cf": "AWS::SSO::Assignment", + "inputs": { + "instanceArn": { + "type": "string", + "description": "The sso instance that the permission set is owned." + }, + "permissionSetArn": { + "type": "string", + "description": "The permission set that the assignemt will be assigned" + }, + "principalId": { + "type": "string", + "description": "The assignee's identifier, user id/group id" + }, + "principalType": { + "$ref": "#/types/aws-native:sso:AssignmentPrincipalType", + "description": "The assignee's type, user/group" + }, + "targetId": { + "type": "string", + "description": "The account id to be provisioned." + }, + "targetType": { + "$ref": "#/types/aws-native:sso:AssignmentTargetType", + "description": "The type of resource to be provsioned to, only aws account now" + } + }, + "outputs": { + "instanceArn": { + "type": "string", + "description": "The sso instance that the permission set is owned.", + "replaceOnChanges": true + }, + "permissionSetArn": { + "type": "string", + "description": "The permission set that the assignemt will be assigned", + "replaceOnChanges": true + }, + "principalId": { + "type": "string", + "description": "The assignee's identifier, user id/group id", + "replaceOnChanges": true + }, + "principalType": { + "$ref": "#/types/aws-native:sso:AssignmentPrincipalType", + "description": "The assignee's type, user/group", + "replaceOnChanges": true + }, + "targetId": { + "type": "string", + "description": "The account id to be provisioned.", + "replaceOnChanges": true + }, + "targetType": { + "$ref": "#/types/aws-native:sso:AssignmentTargetType", + "description": "The type of resource to be provsioned to, only aws account now", + "replaceOnChanges": true + } + }, + "required": [ + "instanceArn", + "permissionSetArn", + "principalId", + "principalType", + "targetId", + "targetType" + ], + "createOnly": [ + "instanceArn", + "permissionSetArn", + "principalId", + "principalType", + "targetId", + "targetType" + ] + }, + "aws-native:sso:Instance": { + "cf": "AWS::SSO::Instance", + "inputs": { + "name": { + "type": "string", + "description": "The name you want to assign to this Identity Center (SSO) Instance" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies tags to be attached to the instance of IAM Identity Center." + } + }, + "outputs": { + "identityStoreId": { + "type": "string", + "description": "The ID of the identity store associated with the created Identity Center (SSO) Instance" + }, + "instanceArn": { + "type": "string", + "description": "The SSO Instance ARN that is returned upon creation of the Identity Center (SSO) Instance" + }, + "name": { + "type": "string", + "description": "The name you want to assign to this Identity Center (SSO) Instance" + }, + "ownerAccountId": { + "type": "string", + "description": "The AWS accountId of the owner of the Identity Center (SSO) Instance" + }, + "status": { + "$ref": "#/types/aws-native:sso:InstanceStatus", + "description": "The status of the Identity Center (SSO) Instance, create_in_progress/delete_in_progress/active" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Specifies tags to be attached to the instance of IAM Identity Center." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 32 + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:sso:InstanceAccessControlAttributeConfiguration": { + "cf": "AWS::SSO::InstanceAccessControlAttributeConfiguration", + "inputs": { + "accessControlAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sso:InstanceAccessControlAttributeConfigurationAccessControlAttribute" + }, + "description": "Lists the attributes that are configured for ABAC in the specified IAM Identity Center instance." + }, + "instanceAccessControlAttributeConfiguration": { + "$ref": "#/types/aws-native:sso:InstanceAccessControlAttributeConfigurationProperties", + "description": "The InstanceAccessControlAttributeConfiguration property has been deprecated but is still supported for backwards compatibility purposes. We recomend that you use AccessControlAttributes property instead.", + "language": { + "csharp": { + "name": "InstanceAccessControlAttributeConfigurationValue" + } + } + }, + "instanceArn": { + "type": "string", + "description": "The ARN of the AWS SSO instance under which the operation will be executed." + } + }, + "outputs": { + "accessControlAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sso:InstanceAccessControlAttributeConfigurationAccessControlAttribute" + }, + "description": "Lists the attributes that are configured for ABAC in the specified IAM Identity Center instance." + }, + "instanceAccessControlAttributeConfiguration": { + "$ref": "#/types/aws-native:sso:InstanceAccessControlAttributeConfigurationProperties", + "description": "The InstanceAccessControlAttributeConfiguration property has been deprecated but is still supported for backwards compatibility purposes. We recomend that you use AccessControlAttributes property instead.", + "language": { + "csharp": { + "name": "InstanceAccessControlAttributeConfigurationValue" + } + } + }, + "instanceArn": { + "type": "string", + "description": "The ARN of the AWS SSO instance under which the operation will be executed.", + "replaceOnChanges": true + } + }, + "required": [ + "instanceArn" + ], + "createOnly": [ + "instanceArn" + ] + }, + "aws-native:sso:PermissionSet": { + "cf": "AWS::SSO::PermissionSet", + "inputs": { + "customerManagedPolicyReferences": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sso:PermissionSetCustomerManagedPolicyReference" + }, + "description": "Specifies the names and paths of the customer managed policies that you have attached to your permission set." + }, + "description": { + "type": "string", + "description": "The permission set description." + }, + "inlinePolicy": { + "$ref": "pulumi.json#/Any", + "description": "The inline policy to put in permission set.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SSO::PermissionSet` for more information about the expected schema for this property." + }, + "instanceArn": { + "type": "string", + "description": "The sso instance arn that the permission set is owned." + }, + "managedPolicies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A structure that stores the details of the AWS managed policy." + }, + "name": { + "type": "string", + "description": "The name you want to assign to this permission set." + }, + "permissionsBoundary": { + "$ref": "#/types/aws-native:sso:PermissionSetPermissionsBoundary", + "description": "Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either `CustomerManagedPolicyReference` to use the name and path of a customer managed policy, or `ManagedPolicyArn` to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\n\u003e Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide* ." + }, + "relayStateType": { + "type": "string", + "description": "The relay state URL that redirect links to any service in the AWS Management Console." + }, + "sessionDuration": { + "type": "string", + "description": "The length of time that a user can be signed in to an AWS account." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to attach to the new `PermissionSet` ." + } + }, + "outputs": { + "customerManagedPolicyReferences": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sso:PermissionSetCustomerManagedPolicyReference" + }, + "description": "Specifies the names and paths of the customer managed policies that you have attached to your permission set." + }, + "description": { + "type": "string", + "description": "The permission set description." + }, + "inlinePolicy": { + "$ref": "pulumi.json#/Any", + "description": "The inline policy to put in permission set.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::SSO::PermissionSet` for more information about the expected schema for this property." + }, + "instanceArn": { + "type": "string", + "description": "The sso instance arn that the permission set is owned.", + "replaceOnChanges": true + }, + "managedPolicies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A structure that stores the details of the AWS managed policy." + }, + "name": { + "type": "string", + "description": "The name you want to assign to this permission set.", + "replaceOnChanges": true + }, + "permissionSetArn": { + "type": "string", + "description": "The permission set that the policy will be attached to" + }, + "permissionsBoundary": { + "$ref": "#/types/aws-native:sso:PermissionSetPermissionsBoundary", + "description": "Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either `CustomerManagedPolicyReference` to use the name and path of a customer managed policy, or `ManagedPolicyArn` to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\n\u003e Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide* ." + }, + "relayStateType": { + "type": "string", + "description": "The relay state URL that redirect links to any service in the AWS Management Console." + }, + "sessionDuration": { + "type": "string", + "description": "The length of time that a user can be signed in to an AWS account." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to attach to the new `PermissionSet` ." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 32 + }, + "required": [ + "instanceArn" + ], + "createOnly": [ + "instanceArn", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:stepfunctions:Activity": { + "cf": "AWS::StepFunctions::Activity", + "inputs": { + "encryptionConfiguration": { + "$ref": "#/types/aws-native:stepfunctions:ActivityEncryptionConfiguration", + "description": "Encryption configuration for the activity.\n\nActivity configuration is immutable, and resource names must be unique. To set customer managed keys for encryption, you must create a *new Activity* . If you attempt to change the configuration in your CFN template for an existing activity, you will receive an `ActivityAlreadyExists` exception.\n\nTo update your activity to include customer managed keys, set a new activity name within your AWS CloudFormation template." + }, + "name": { + "type": "string", + "description": "The name of the activity.\n\nA name must *not* contain:\n\n- white space\n- brackets `\u003c \u003e { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ \u0026 , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the ARN of the resource." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:stepfunctions:ActivityEncryptionConfiguration", + "description": "Encryption configuration for the activity.\n\nActivity configuration is immutable, and resource names must be unique. To set customer managed keys for encryption, you must create a *new Activity* . If you attempt to change the configuration in your CFN template for an existing activity, you will receive an `ActivityAlreadyExists` exception.\n\nTo update your activity to include customer managed keys, set a new activity name within your AWS CloudFormation template.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the activity.\n\nA name must *not* contain:\n\n- white space\n- brackets `\u003c \u003e { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ \u0026 , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` ." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 80 + }, + "createOnly": [ + "encryptionConfiguration", + "name" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:stepfunctions:StateMachine": { + "cf": "AWS::StepFunctions::StateMachine", + "inputs": { + "definition": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineDefinition", + "description": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON or YAML, and the format of the object must match the format of your CloudFormation template file. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) ." + }, + "definitionS3Location": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineS3Location", + "description": "The name of the S3 bucket where the state machine definition is stored. The state machine definition must be a JSON or YAML file." + }, + "definitionString": { + "type": "string", + "description": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) ." + }, + "definitionSubstitutions": { + "type": "object", + "additionalProperties": { + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "boolean" + } + ] + }, + "description": "A map (string to string) that specifies the mappings for placeholder variables in the state machine definition. This enables the customer to inject values obtained at runtime, for example from intrinsic functions, in the state machine definition. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` ." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineEncryptionConfiguration", + "description": "Encryption configuration for the state machine." + }, + "loggingConfiguration": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineLoggingConfiguration", + "description": "Defines what execution history events are logged and where they are logged.\n\n\u003e By default, the `level` is set to `OFF` . For more information see [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine." + }, + "stateMachineName": { + "type": "string", + "description": "The name of the state machine.\n\nA name must *not* contain:\n\n- white space\n- brackets `\u003c \u003e { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ \u0026 , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\n\u003e If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name." + }, + "stateMachineType": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineType", + "description": "Determines whether a `STANDARD` or `EXPRESS` state machine is created. The default is `STANDARD` . You cannot update the `type` of a state machine once it has been created. For more information on `STANDARD` and `EXPRESS` workflows, see [Standard Versus Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html) in the AWS Step Functions Developer Guide." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` ." + }, + "tracingConfiguration": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineTracingConfiguration", + "description": "Selects whether or not the state machine's AWS X-Ray tracing is enabled." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the ARN of the resource." + }, + "definition": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineDefinition", + "description": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON or YAML, and the format of the object must match the format of your CloudFormation template file. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) ." + }, + "definitionS3Location": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineS3Location", + "description": "The name of the S3 bucket where the state machine definition is stored. The state machine definition must be a JSON or YAML file." + }, + "definitionString": { + "type": "string", + "description": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) ." + }, + "definitionSubstitutions": { + "type": "object", + "additionalProperties": { + "oneOf": [ + { + "type": "string" + }, + { + "type": "integer" + }, + { + "type": "boolean" + } + ] + }, + "description": "A map (string to string) that specifies the mappings for placeholder variables in the state machine definition. This enables the customer to inject values obtained at runtime, for example from intrinsic functions, in the state machine definition. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` ." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineEncryptionConfiguration", + "description": "Encryption configuration for the state machine." + }, + "loggingConfiguration": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineLoggingConfiguration", + "description": "Defines what execution history events are logged and where they are logged.\n\n\u003e By default, the `level` is set to `OFF` . For more information see [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide." + }, + "name": { + "type": "string", + "description": "Returns the name of the state machine. For example:\n\n`{ \"Fn::GetAtt\": [\"MyStateMachine\", \"Name\"] }`\n\nReturns the name of your state machine:\n\n`HelloWorld-StateMachine`\n\nIf you did not specify the name it will be similar to the following:\n\n`MyStateMachine-1234abcdefgh`\n\nFor more information about using `Fn::GetAtt` , see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) ." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine." + }, + "stateMachineName": { + "type": "string", + "description": "The name of the state machine.\n\nA name must *not* contain:\n\n- white space\n- brackets `\u003c \u003e { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ \u0026 , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\n\u003e If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", + "replaceOnChanges": true + }, + "stateMachineRevisionId": { + "type": "string", + "description": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine’s definition and configuration." + }, + "stateMachineType": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineType", + "description": "Determines whether a `STANDARD` or `EXPRESS` state machine is created. The default is `STANDARD` . You cannot update the `type` of a state machine once it has been created. For more information on `STANDARD` and `EXPRESS` workflows, see [Standard Versus Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html) in the AWS Step Functions Developer Guide.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` ." + }, + "tracingConfiguration": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineTracingConfiguration", + "description": "Selects whether or not the state machine's AWS X-Ray tracing is enabled." + } + }, + "autoNamingSpec": { + "sdkName": "stateMachineName", + "minLength": 1, + "maxLength": 80 + }, + "required": [ + "roleArn" + ], + "createOnly": [ + "stateMachineName", + "stateMachineType" + ], + "writeOnly": [ + "definition", + "definitionS3Location", + "definitionSubstitutions" + ], + "irreversibleNames": { + "definitionS3Location": "DefinitionS3Location" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:stepfunctions:StateMachineAlias": { + "cf": "AWS::StepFunctions::StateMachineAlias", + "inputs": { + "deploymentPreference": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineAliasDeploymentPreference", + "description": "The settings that enable gradual state machine deployments. These settings include [Alarms](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-alarms) , [Interval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-interval) , [Percentage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-percentage) , [StateMachineVersionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-statemachineversionarn) , and [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-type) .\n\nCloudFormation automatically shifts traffic from the version an alias currently points to, to a new state machine version that you specify.\n\n\u003e `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties. \n\nBased on the type of deployment you want to perform, you can specify one of the following settings:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any Amazon CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval." + }, + "description": { + "type": "string", + "description": "An optional description of the alias." + }, + "name": { + "type": "string", + "description": "The alias name." + }, + "routingConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineAliasRoutingConfigurationVersion" + }, + "description": "The routing configuration of an alias. Routing configuration splits [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) requests between one or two versions of the same state machine.\n\nUse `RoutingConfiguration` if you want to explicitly set the alias [weights](https://docs.aws.amazon.com/step-functions/latest/apireference/API_RoutingConfigurationListItem.html#StepFunctions-Type-RoutingConfigurationListItem-weight) . Weight is the percentage of traffic you want to route to a state machine version.\n\n\u003e `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The ARN of the alias." + }, + "deploymentPreference": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineAliasDeploymentPreference", + "description": "The settings that enable gradual state machine deployments. These settings include [Alarms](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-alarms) , [Interval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-interval) , [Percentage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-percentage) , [StateMachineVersionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-statemachineversionarn) , and [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-type) .\n\nCloudFormation automatically shifts traffic from the version an alias currently points to, to a new state machine version that you specify.\n\n\u003e `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties. \n\nBased on the type of deployment you want to perform, you can specify one of the following settings:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any Amazon CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval." + }, + "description": { + "type": "string", + "description": "An optional description of the alias." + }, + "name": { + "type": "string", + "description": "The alias name.", + "replaceOnChanges": true + }, + "routingConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineAliasRoutingConfigurationVersion" + }, + "description": "The routing configuration of an alias. Routing configuration splits [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) requests between one or two versions of the same state machine.\n\nUse `RoutingConfiguration` if you want to explicitly set the alias [weights](https://docs.aws.amazon.com/step-functions/latest/apireference/API_RoutingConfigurationListItem.html#StepFunctions-Type-RoutingConfigurationListItem-weight) . Weight is the percentage of traffic you want to route to a state machine version.\n\n\u003e `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 80 + }, + "createOnly": [ + "name" + ], + "writeOnly": [ + "deploymentPreference" + ] + }, + "aws-native:stepfunctions:StateMachineVersion": { + "cf": "AWS::StepFunctions::StateMachineVersion", + "inputs": { + "description": { + "type": "string", + "description": "An optional description of the state machine version." + }, + "stateMachineArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the state machine." + }, + "stateMachineRevisionId": { + "type": "string", + "description": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine’s definition and configuration.\n\nOnly publish the state machine version if the current state machine's revision ID matches the specified ID. Use this option to avoid publishing a version if the state machine has changed since you last updated it.\n\nTo specify the initial state machine revision, set the value as `INITIAL` ." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Returns the ARN of the state machine version. For example, `arn:aws:states:us-east-1:123456789012:stateMachine:myStateMachine:1` ." + }, + "description": { + "type": "string", + "description": "An optional description of the state machine version." + }, + "stateMachineArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the state machine.", + "replaceOnChanges": true + }, + "stateMachineRevisionId": { + "type": "string", + "description": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine’s definition and configuration.\n\nOnly publish the state machine version if the current state machine's revision ID matches the specified ID. Use this option to avoid publishing a version if the state machine has changed since you last updated it.\n\nTo specify the initial state machine revision, set the value as `INITIAL` .", + "replaceOnChanges": true + } + }, + "required": [ + "stateMachineArn" + ], + "createOnly": [ + "stateMachineArn", + "stateMachineRevisionId" + ], + "writeOnly": [ + "stateMachineArn" + ] + }, + "aws-native:supportapp:AccountAlias": { + "cf": "AWS::SupportApp::AccountAlias", + "inputs": { + "accountAlias": { + "type": "string", + "description": "An account alias associated with a customer's account.", + "language": { + "csharp": { + "name": "AccountAliasValue" + } + } + } + }, + "outputs": { + "accountAlias": { + "type": "string", + "description": "An account alias associated with a customer's account.", + "language": { + "csharp": { + "name": "AccountAliasValue" + } + } + }, + "accountAliasResourceId": { + "type": "string", + "description": "Unique identifier representing an alias tied to an account" + } + }, + "required": [ + "accountAlias" + ] + }, + "aws-native:supportapp:SlackChannelConfiguration": { + "cf": "AWS::SupportApp::SlackChannelConfiguration", + "inputs": { + "channelId": { + "type": "string", + "description": "The channel ID in Slack, which identifies a channel within a workspace." + }, + "channelName": { + "type": "string", + "description": "The channel name in Slack." + }, + "channelRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that grants the AWS Support App access to perform operations for AWS services." + }, + "notifyOnAddCorrespondenceToCase": { + "type": "boolean", + "description": "Whether to notify when a correspondence is added to a case." + }, + "notifyOnCaseSeverity": { + "$ref": "#/types/aws-native:supportapp:SlackChannelConfigurationNotifyOnCaseSeverity", + "description": "The severity level of a support case that a customer wants to get notified for." + }, + "notifyOnCreateOrReopenCase": { + "type": "boolean", + "description": "Whether to notify when a case is created or reopened." + }, + "notifyOnResolveCase": { + "type": "boolean", + "description": "Whether to notify when a case is resolved." + }, + "teamId": { + "type": "string", + "description": "The team ID in Slack, which uniquely identifies a workspace." + } + }, + "outputs": { + "channelId": { + "type": "string", + "description": "The channel ID in Slack, which identifies a channel within a workspace.", + "replaceOnChanges": true + }, + "channelName": { + "type": "string", + "description": "The channel name in Slack." + }, + "channelRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that grants the AWS Support App access to perform operations for AWS services." + }, + "notifyOnAddCorrespondenceToCase": { + "type": "boolean", + "description": "Whether to notify when a correspondence is added to a case." + }, + "notifyOnCaseSeverity": { + "$ref": "#/types/aws-native:supportapp:SlackChannelConfigurationNotifyOnCaseSeverity", + "description": "The severity level of a support case that a customer wants to get notified for." + }, + "notifyOnCreateOrReopenCase": { + "type": "boolean", + "description": "Whether to notify when a case is created or reopened." + }, + "notifyOnResolveCase": { + "type": "boolean", + "description": "Whether to notify when a case is resolved." + }, + "teamId": { + "type": "string", + "description": "The team ID in Slack, which uniquely identifies a workspace.", + "replaceOnChanges": true + } + }, + "required": [ + "channelId", + "channelRoleArn", + "notifyOnCaseSeverity", + "teamId" + ], + "createOnly": [ + "channelId", + "teamId" + ] + }, + "aws-native:supportapp:SlackWorkspaceConfiguration": { + "cf": "AWS::SupportApp::SlackWorkspaceConfiguration", + "inputs": { + "teamId": { + "type": "string", + "description": "The team ID in Slack, which uniquely identifies a workspace." + }, + "versionId": { + "type": "string", + "description": "An identifier used to update an existing Slack workspace configuration in AWS CloudFormation." + } + }, + "outputs": { + "teamId": { + "type": "string", + "description": "The team ID in Slack, which uniquely identifies a workspace.", + "replaceOnChanges": true + }, + "versionId": { + "type": "string", + "description": "An identifier used to update an existing Slack workspace configuration in AWS CloudFormation." + } + }, + "required": [ + "teamId" + ], + "createOnly": [ + "teamId" + ], + "writeOnly": [ + "versionId" + ] + }, + "aws-native:synthetics:Canary": { + "cf": "AWS::Synthetics::Canary", + "inputs": { + "artifactConfig": { + "$ref": "#/types/aws-native:synthetics:CanaryArtifactConfig", + "description": "Provide artifact configuration" + }, + "artifactS3Location": { + "type": "string", + "description": "Provide the s3 bucket output location for test results" + }, + "code": { + "$ref": "#/types/aws-native:synthetics:CanaryCode", + "description": "Provide the canary script source" + }, + "deleteLambdaResourcesOnCanaryDeletion": { + "type": "boolean", + "description": "Deletes associated lambda resources created by Synthetics if set to True. Default is False" + }, + "executionRoleArn": { + "type": "string", + "description": "Lambda Execution role used to run your canaries" + }, + "failureRetentionPeriod": { + "type": "integer", + "description": "Retention period of failed canary runs represented in number of days" + }, + "name": { + "type": "string", + "description": "Name of the canary." + }, + "runConfig": { + "$ref": "#/types/aws-native:synthetics:CanaryRunConfig", + "description": "Provide canary run configuration" + }, + "runtimeVersion": { + "type": "string", + "description": "Runtime version of Synthetics Library" + }, + "schedule": { + "$ref": "#/types/aws-native:synthetics:CanarySchedule", + "description": "Frequency to run your canaries" + }, + "startCanaryAfterCreation": { + "type": "boolean", + "description": "Runs canary if set to True. Default is False" + }, + "successRetentionPeriod": { + "type": "integer", + "description": "Retention period of successful canary runs represented in number of days" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of key-value pairs that are associated with the canary." + }, + "visualReference": { + "$ref": "#/types/aws-native:synthetics:CanaryVisualReference", + "description": "Visual reference configuration for visual testing" + }, + "vpcConfig": { + "$ref": "#/types/aws-native:synthetics:CanaryVpcConfig", + "description": "Provide VPC Configuration if enabled." + } + }, + "outputs": { + "artifactConfig": { + "$ref": "#/types/aws-native:synthetics:CanaryArtifactConfig", + "description": "Provide artifact configuration" + }, + "artifactS3Location": { + "type": "string", + "description": "Provide the s3 bucket output location for test results" + }, + "awsId": { + "type": "string", + "description": "Id of the canary" + }, + "code": { + "$ref": "#/types/aws-native:synthetics:CanaryCode", + "description": "Provide the canary script source" + }, + "deleteLambdaResourcesOnCanaryDeletion": { + "type": "boolean", + "description": "Deletes associated lambda resources created by Synthetics if set to True. Default is False" + }, + "executionRoleArn": { + "type": "string", + "description": "Lambda Execution role used to run your canaries" + }, + "failureRetentionPeriod": { + "type": "integer", + "description": "Retention period of failed canary runs represented in number of days" + }, + "name": { + "type": "string", + "description": "Name of the canary.", + "replaceOnChanges": true + }, + "runConfig": { + "$ref": "#/types/aws-native:synthetics:CanaryRunConfig", + "description": "Provide canary run configuration" + }, + "runtimeVersion": { + "type": "string", + "description": "Runtime version of Synthetics Library" + }, + "schedule": { + "$ref": "#/types/aws-native:synthetics:CanarySchedule", + "description": "Frequency to run your canaries" + }, + "startCanaryAfterCreation": { + "type": "boolean", + "description": "Runs canary if set to True. Default is False" + }, + "state": { + "type": "string", + "description": "State of the canary" + }, + "successRetentionPeriod": { + "type": "integer", + "description": "Retention period of successful canary runs represented in number of days" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of key-value pairs that are associated with the canary." + }, + "visualReference": { + "$ref": "#/types/aws-native:synthetics:CanaryVisualReference", + "description": "Visual reference configuration for visual testing" + }, + "vpcConfig": { + "$ref": "#/types/aws-native:synthetics:CanaryVpcConfig", + "description": "Provide VPC Configuration if enabled." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "artifactS3Location", + "code", + "executionRoleArn", + "runtimeVersion", + "schedule" + ], + "createOnly": [ + "name" + ], + "writeOnly": [ + "code/S3Bucket", + "code/S3Key", + "code/S3ObjectVersion", + "code/Script", + "deleteLambdaResourcesOnCanaryDeletion", + "runConfig/EnvironmentVariables", + "startCanaryAfterCreation", + "visualReference" + ], + "irreversibleNames": { + "artifactS3Location": "ArtifactS3Location", + "awsId": "Id", + "vpcConfig": "VPCConfig" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:synthetics:Group": { + "cf": "AWS::Synthetics::Group", + "inputs": { + "name": { + "type": "string", + "description": "Name of the group." + }, + "resourceArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the canaries that you want to associate with this group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of key-value pairs that are associated with the group." + } + }, + "outputs": { + "awsId": { + "type": "string", + "description": "Id of the group." + }, + "name": { + "type": "string", + "description": "Name of the group.", + "replaceOnChanges": true + }, + "resourceArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the canaries that you want to associate with this group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The list of key-value pairs that are associated with the group." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "createOnly": [ + "name" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:systemsmanagersap:Application": { + "cf": "AWS::SystemsManagerSAP::Application", + "inputs": { + "applicationId": { + "type": "string", + "description": "The ID of the application." + }, + "applicationType": { + "$ref": "#/types/aws-native:systemsmanagersap:ApplicationType", + "description": "The type of the application." + }, + "credentials": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:systemsmanagersap:ApplicationCredential" + }, + "description": "The credentials of the SAP application." + }, + "instances": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon EC2 instances on which your SAP application is running." + }, + "sapInstanceNumber": { + "type": "string", + "description": "The SAP instance number of the application." + }, + "sid": { + "type": "string", + "description": "The System ID of the application." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of a SystemsManagerSAP application." + } + }, + "outputs": { + "applicationId": { + "type": "string", + "description": "The ID of the application." + }, + "applicationType": { + "$ref": "#/types/aws-native:systemsmanagersap:ApplicationType", + "description": "The type of the application." + }, + "arn": { + "type": "string", + "description": "The ARN of the Helix application" + }, + "credentials": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:systemsmanagersap:ApplicationCredential" + }, + "description": "The credentials of the SAP application.", + "replaceOnChanges": true + }, + "instances": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon EC2 instances on which your SAP application is running.", + "replaceOnChanges": true + }, + "sapInstanceNumber": { + "type": "string", + "description": "The SAP instance number of the application.", + "replaceOnChanges": true + }, + "sid": { + "type": "string", + "description": "The System ID of the application.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags of a SystemsManagerSAP application." + } + }, + "required": [ + "applicationId", + "applicationType" + ], + "createOnly": [ + "credentials", + "instances", + "sapInstanceNumber", + "sid" + ], + "writeOnly": [ + "credentials", + "instances", + "sapInstanceNumber", + "sid" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:timestream:Database": { + "cf": "AWS::Timestream::Database", + "inputs": { + "databaseName": { + "type": "string", + "description": "The name for the database. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the database name." + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key for the database. If the KMS key is not specified, the database will be encrypted with a Timestream managed KMS key located in your account." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The `arn` of the database." + }, + "databaseName": { + "type": "string", + "description": "The name for the database. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the database name.", + "replaceOnChanges": true + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key for the database. If the KMS key is not specified, the database will be encrypted with a Timestream managed KMS key located in your account." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "databaseName" + }, + "createOnly": [ + "databaseName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:timestream:InfluxDbInstance": { + "cf": "AWS::Timestream::InfluxDBInstance", + "inputs": { + "allocatedStorage": { + "type": "integer", + "description": "The allocated storage for the InfluxDB instance." + }, + "bucket": { + "type": "string", + "description": "The bucket for the InfluxDB instance." + }, + "dbInstanceType": { + "$ref": "#/types/aws-native:timestream:InfluxDbInstanceDbInstanceType", + "description": "The compute instance of the InfluxDB instance." + }, + "dbParameterGroupIdentifier": { + "type": "string", + "description": "The name of an existing InfluxDB parameter group." + }, + "dbStorageType": { + "$ref": "#/types/aws-native:timestream:InfluxDbInstanceDbStorageType", + "description": "The storage type of the InfluxDB instance." + }, + "deploymentType": { + "$ref": "#/types/aws-native:timestream:InfluxDbInstanceDeploymentType", + "description": "Deployment type of the InfluxDB Instance." + }, + "logDeliveryConfiguration": { + "$ref": "#/types/aws-native:timestream:LogDeliveryConfigurationProperties", + "description": "Configuration for sending logs to customer account from the InfluxDB instance." + }, + "name": { + "type": "string", + "description": "The unique name that is associated with the InfluxDB instance." + }, + "organization": { + "type": "string", + "description": "The organization for the InfluxDB instance." + }, + "password": { + "type": "string", + "description": "The password for the InfluxDB instance." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "Attach a public IP to the customer ENI." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this DB instance." + }, + "username": { + "type": "string", + "description": "The username for the InfluxDB instance." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Amazon EC2 VPC security groups to associate with this InfluxDB instance." + }, + "vpcSubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of EC2 subnet IDs for this InfluxDB instance." + } + }, + "outputs": { + "allocatedStorage": { + "type": "integer", + "description": "The allocated storage for the InfluxDB instance.", + "replaceOnChanges": true + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that is associated with the InfluxDB instance." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone (AZ) where the InfluxDB instance is created." + }, + "awsId": { + "type": "string", + "description": "The service generated unique identifier for InfluxDB instance." + }, + "bucket": { + "type": "string", + "description": "The bucket for the InfluxDB instance.", + "replaceOnChanges": true + }, + "dbInstanceType": { + "$ref": "#/types/aws-native:timestream:InfluxDbInstanceDbInstanceType", + "description": "The compute instance of the InfluxDB instance.", + "replaceOnChanges": true + }, + "dbParameterGroupIdentifier": { + "type": "string", + "description": "The name of an existing InfluxDB parameter group." + }, + "dbStorageType": { + "$ref": "#/types/aws-native:timestream:InfluxDbInstanceDbStorageType", + "description": "The storage type of the InfluxDB instance.", + "replaceOnChanges": true + }, + "deploymentType": { + "$ref": "#/types/aws-native:timestream:InfluxDbInstanceDeploymentType", + "description": "Deployment type of the InfluxDB Instance.", + "replaceOnChanges": true + }, + "endpoint": { + "type": "string", + "description": "The connection endpoint for the InfluxDB instance." + }, + "influxAuthParametersSecretArn": { + "type": "string", + "description": "The Auth parameters secret Amazon Resource name (ARN) that is associated with the InfluxDB instance." + }, + "logDeliveryConfiguration": { + "$ref": "#/types/aws-native:timestream:LogDeliveryConfigurationProperties", + "description": "Configuration for sending logs to customer account from the InfluxDB instance." + }, + "name": { + "type": "string", + "description": "The unique name that is associated with the InfluxDB instance.", + "replaceOnChanges": true + }, + "organization": { + "type": "string", + "description": "The organization for the InfluxDB instance.", + "replaceOnChanges": true + }, + "password": { + "type": "string", + "description": "The password for the InfluxDB instance.", + "replaceOnChanges": true + }, + "publiclyAccessible": { + "type": "boolean", + "description": "Attach a public IP to the customer ENI.", + "replaceOnChanges": true + }, + "secondaryAvailabilityZone": { + "type": "string", + "description": "The Secondary Availability Zone (AZ) where the InfluxDB instance is created, if DeploymentType is set as WITH_MULTIAZ_STANDBY." + }, + "status": { + "$ref": "#/types/aws-native:timestream:InfluxDbInstanceStatus", + "description": "Status of the InfluxDB Instance." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An arbitrary set of tags (key-value pairs) for this DB instance." + }, + "username": { + "type": "string", + "description": "The username for the InfluxDB instance.", + "replaceOnChanges": true + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Amazon EC2 VPC security groups to associate with this InfluxDB instance.", + "replaceOnChanges": true + }, + "vpcSubnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of EC2 subnet IDs for this InfluxDB instance.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 40 + }, + "createOnly": [ + "allocatedStorage", + "bucket", + "dbInstanceType", + "dbStorageType", + "deploymentType", + "name", + "organization", + "password", + "publiclyAccessible", + "username", + "vpcSecurityGroupIds", + "vpcSubnetIds" + ], + "writeOnly": [ + "bucket", + "organization", + "password", + "username" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:timestream:ScheduledQuery": { + "cf": "AWS::Timestream::ScheduledQuery", + "inputs": { + "clientToken": { + "type": "string", + "description": "Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request.\n\n- If CreateScheduledQuery is called without a `ClientToken` , the Query SDK generates a `ClientToken` on your behalf.\n- After 8 hours, any request with the same `ClientToken` is treated as a new request." + }, + "errorReportConfiguration": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryErrorReportConfiguration", + "description": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results." + }, + "kmsKeyId": { + "type": "string", + "description": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with *alias/*\n\nIf ErrorReportConfiguration uses `SSE_KMS` as encryption type, the same KmsKeyId is used to encrypt the error report at rest." + }, + "notificationConfiguration": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryNotificationConfiguration", + "description": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it." + }, + "queryString": { + "type": "string", + "description": "The query string to run. Parameter names can be specified in the query string `@` character followed by an identifier. The named Parameter `@scheduled_runtime` is reserved and can be used in the query to get the time at which the query is scheduled to run.\n\nThe timestamp calculated according to the ScheduleConfiguration parameter, will be the value of `@scheduled_runtime` paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the `@scheduled_runtime` parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query." + }, + "scheduleConfiguration": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryScheduleConfiguration", + "description": "Schedule configuration." + }, + "scheduledQueryExecutionRoleArn": { + "type": "string", + "description": "The ARN for the IAM role that Timestream will assume when running the scheduled query." + }, + "scheduledQueryName": { + "type": "string", + "description": "A name for the query. Scheduled query names must be unique within each Region." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs to label the scheduled query." + }, + "targetConfiguration": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryTargetConfiguration", + "description": "Scheduled query target store configuration." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The `ARN` of the scheduled query." + }, + "clientToken": { + "type": "string", + "description": "Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request.\n\n- If CreateScheduledQuery is called without a `ClientToken` , the Query SDK generates a `ClientToken` on your behalf.\n- After 8 hours, any request with the same `ClientToken` is treated as a new request.", + "replaceOnChanges": true + }, + "errorReportConfiguration": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryErrorReportConfiguration", + "description": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results.", + "replaceOnChanges": true + }, + "kmsKeyId": { + "type": "string", + "description": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with *alias/*\n\nIf ErrorReportConfiguration uses `SSE_KMS` as encryption type, the same KmsKeyId is used to encrypt the error report at rest.", + "replaceOnChanges": true + }, + "notificationConfiguration": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryNotificationConfiguration", + "description": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it.", + "replaceOnChanges": true + }, + "queryString": { + "type": "string", + "description": "The query string to run. Parameter names can be specified in the query string `@` character followed by an identifier. The named Parameter `@scheduled_runtime` is reserved and can be used in the query to get the time at which the query is scheduled to run.\n\nThe timestamp calculated according to the ScheduleConfiguration parameter, will be the value of `@scheduled_runtime` paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the `@scheduled_runtime` parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query.", + "replaceOnChanges": true + }, + "scheduleConfiguration": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryScheduleConfiguration", + "description": "Schedule configuration.", + "replaceOnChanges": true + }, + "scheduledQueryExecutionRoleArn": { + "type": "string", + "description": "The ARN for the IAM role that Timestream will assume when running the scheduled query.", + "replaceOnChanges": true + }, + "scheduledQueryName": { + "type": "string", + "description": "A name for the query. Scheduled query names must be unique within each Region.", + "replaceOnChanges": true + }, + "sqErrorReportConfiguration": { + "type": "string", + "description": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results." + }, + "sqKmsKeyId": { + "type": "string", + "description": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with alias/. If ErrorReportConfiguration uses SSE_KMS as encryption type, the same KmsKeyId is used to encrypt the error report at rest." + }, + "sqName": { + "type": "string", + "description": "The name of the scheduled query. Scheduled query names must be unique within each Region." + }, + "sqNotificationConfiguration": { + "type": "string", + "description": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it." + }, + "sqQueryString": { + "type": "string", + "description": "The query string to run. Parameter names can be specified in the query string @ character followed by an identifier. The named Parameter @scheduled_runtime is reserved and can be used in the query to get the time at which the query is scheduled to run. The timestamp calculated according to the ScheduleConfiguration parameter, will be the value of @scheduled_runtime paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the @scheduled_runtime parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query." + }, + "sqScheduleConfiguration": { + "type": "string", + "description": "Configuration for when the scheduled query is executed." + }, + "sqScheduledQueryExecutionRoleArn": { + "type": "string", + "description": "The ARN for the IAM role that Timestream will assume when running the scheduled query." + }, + "sqTargetConfiguration": { + "type": "string", + "description": "Configuration of target store where scheduled query results are written to." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "A list of key-value pairs to label the scheduled query." + }, + "targetConfiguration": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryTargetConfiguration", + "description": "Scheduled query target store configuration.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "scheduledQueryName" + }, + "required": [ + "errorReportConfiguration", + "notificationConfiguration", + "queryString", + "scheduleConfiguration", + "scheduledQueryExecutionRoleArn" + ], + "createOnly": [ + "clientToken", + "errorReportConfiguration", + "kmsKeyId", + "notificationConfiguration", + "queryString", + "scheduleConfiguration", + "scheduledQueryExecutionRoleArn", + "scheduledQueryName", + "targetConfiguration" + ], + "irreversibleNames": { + "sqErrorReportConfiguration": "SQErrorReportConfiguration", + "sqKmsKeyId": "SQKmsKeyId", + "sqName": "SQName", + "sqNotificationConfiguration": "SQNotificationConfiguration", + "sqQueryString": "SQQueryString", + "sqScheduleConfiguration": "SQScheduleConfiguration", + "sqScheduledQueryExecutionRoleArn": "SQScheduledQueryExecutionRoleArn", + "sqTargetConfiguration": "SQTargetConfiguration" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:timestream:Table": { + "cf": "AWS::Timestream::Table", + "inputs": { + "databaseName": { + "type": "string", + "description": "The name for the database which the table to be created belongs to." + }, + "magneticStoreWriteProperties": { + "$ref": "#/types/aws-native:timestream:MagneticStoreWritePropertiesProperties", + "description": "The properties that determine whether magnetic store writes are enabled." + }, + "retentionProperties": { + "$ref": "#/types/aws-native:timestream:RetentionPropertiesProperties", + "description": "The retention duration of the memory store and the magnetic store." + }, + "schema": { + "$ref": "#/types/aws-native:timestream:SchemaProperties", + "description": "A Schema specifies the expected data model of the table." + }, + "tableName": { + "type": "string", + "description": "The name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The `arn` of the table." + }, + "databaseName": { + "type": "string", + "description": "The name for the database which the table to be created belongs to.", + "replaceOnChanges": true + }, + "magneticStoreWriteProperties": { + "$ref": "#/types/aws-native:timestream:MagneticStoreWritePropertiesProperties", + "description": "The properties that determine whether magnetic store writes are enabled." + }, + "name": { + "type": "string", + "description": "The table name exposed as a read-only attribute." + }, + "retentionProperties": { + "$ref": "#/types/aws-native:timestream:RetentionPropertiesProperties", + "description": "The retention duration of the memory store and the magnetic store." + }, + "schema": { + "$ref": "#/types/aws-native:timestream:SchemaProperties", + "description": "A Schema specifies the expected data model of the table." + }, + "tableName": { + "type": "string", + "description": "The name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "tableName" + }, + "required": [ + "databaseName" + ], + "createOnly": [ + "databaseName", + "tableName" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:transfer:Agreement": { + "cf": "AWS::Transfer::Agreement", + "inputs": { + "accessRole": { + "type": "string", + "description": "Specifies the access role for the agreement." + }, + "baseDirectory": { + "type": "string", + "description": "Specifies the base directory for the agreement." + }, + "description": { + "type": "string", + "description": "A textual description for the agreement." + }, + "localProfileId": { + "type": "string", + "description": "A unique identifier for the local profile." + }, + "partnerProfileId": { + "type": "string", + "description": "A unique identifier for the partner profile." + }, + "serverId": { + "type": "string", + "description": "A unique identifier for the server." + }, + "status": { + "$ref": "#/types/aws-native:transfer:AgreementStatus", + "description": "Specifies the status of the agreement." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for agreements. Tags are metadata attached to agreements for any purpose." + } + }, + "outputs": { + "accessRole": { + "type": "string", + "description": "Specifies the access role for the agreement." + }, + "agreementId": { + "type": "string", + "description": "A unique identifier for the agreement." + }, + "arn": { + "type": "string", + "description": "Specifies the unique Amazon Resource Name (ARN) for the agreement." + }, + "baseDirectory": { + "type": "string", + "description": "Specifies the base directory for the agreement." + }, + "description": { + "type": "string", + "description": "A textual description for the agreement." + }, + "localProfileId": { + "type": "string", + "description": "A unique identifier for the local profile." + }, + "partnerProfileId": { + "type": "string", + "description": "A unique identifier for the partner profile." + }, + "serverId": { + "type": "string", + "description": "A unique identifier for the server.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:transfer:AgreementStatus", + "description": "Specifies the status of the agreement." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for agreements. Tags are metadata attached to agreements for any purpose." + } + }, + "required": [ + "accessRole", + "baseDirectory", + "localProfileId", + "partnerProfileId", + "serverId" + ], + "createOnly": [ + "serverId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:transfer:Certificate": { + "cf": "AWS::Transfer::Certificate", + "inputs": { + "activeDate": { + "type": "string", + "description": "Specifies the active date for the certificate." + }, + "certificate": { + "type": "string", + "description": "Specifies the certificate body to be imported.", + "language": { + "csharp": { + "name": "CertificateValue" + } + } + }, + "certificateChain": { + "type": "string", + "description": "Specifies the certificate chain to be imported." + }, + "description": { + "type": "string", + "description": "A textual description for the certificate." + }, + "inactiveDate": { + "type": "string", + "description": "Specifies the inactive date for the certificate." + }, + "privateKey": { + "type": "string", + "description": "Specifies the private key for the certificate." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for certificates. Tags are metadata attached to certificates for any purpose." + }, + "usage": { + "$ref": "#/types/aws-native:transfer:CertificateUsage", + "description": "Specifies the usage type for the certificate." + } + }, + "outputs": { + "activeDate": { + "type": "string", + "description": "Specifies the active date for the certificate." + }, + "arn": { + "type": "string", + "description": "Specifies the unique Amazon Resource Name (ARN) for the agreement." + }, + "certificate": { + "type": "string", + "description": "Specifies the certificate body to be imported.", + "language": { + "csharp": { + "name": "CertificateValue" + } + }, + "replaceOnChanges": true + }, + "certificateChain": { + "type": "string", + "description": "Specifies the certificate chain to be imported.", + "replaceOnChanges": true + }, + "certificateId": { + "type": "string", + "description": "A unique identifier for the certificate." + }, + "description": { + "type": "string", + "description": "A textual description for the certificate." + }, + "inactiveDate": { + "type": "string", + "description": "Specifies the inactive date for the certificate." + }, + "notAfterDate": { + "type": "string", + "description": "Specifies the not after date for the certificate." + }, + "notBeforeDate": { + "type": "string", + "description": "Specifies the not before date for the certificate." + }, + "privateKey": { + "type": "string", + "description": "Specifies the private key for the certificate.", + "replaceOnChanges": true + }, + "serial": { + "type": "string", + "description": "Specifies Certificate's serial." + }, + "status": { + "$ref": "#/types/aws-native:transfer:CertificateStatus", + "description": "A status description for the certificate." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for certificates. Tags are metadata attached to certificates for any purpose." + }, + "type": { + "$ref": "#/types/aws-native:transfer:CertificateType", + "description": "Describing the type of certificate. With or without a private key." + }, + "usage": { + "$ref": "#/types/aws-native:transfer:CertificateUsage", + "description": "Specifies the usage type for the certificate." + } + }, + "required": [ + "certificate", + "usage" + ], + "createOnly": [ + "certificate", + "certificateChain", + "privateKey" + ], + "writeOnly": [ + "privateKey" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:transfer:Connector": { + "cf": "AWS::Transfer::Connector", + "inputs": { + "accessRole": { + "type": "string", + "description": "Specifies the access role for the connector." + }, + "as2Config": { + "$ref": "#/types/aws-native:transfer:As2ConfigProperties", + "description": "Configuration for an AS2 connector." + }, + "loggingRole": { + "type": "string", + "description": "Specifies the logging role for the connector." + }, + "securityPolicyName": { + "type": "string", + "description": "Security policy for SFTP Connector" + }, + "sftpConfig": { + "$ref": "#/types/aws-native:transfer:SftpConfigProperties", + "description": "Configuration for an SFTP connector." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for connectors. Tags are metadata attached to connectors for any purpose." + }, + "url": { + "type": "string", + "description": "URL for Connector" + } + }, + "outputs": { + "accessRole": { + "type": "string", + "description": "Specifies the access role for the connector." + }, + "arn": { + "type": "string", + "description": "Specifies the unique Amazon Resource Name (ARN) for the connector." + }, + "as2Config": { + "$ref": "#/types/aws-native:transfer:As2ConfigProperties", + "description": "Configuration for an AS2 connector." + }, + "connectorId": { + "type": "string", + "description": "A unique identifier for the connector." + }, + "loggingRole": { + "type": "string", + "description": "Specifies the logging role for the connector." + }, + "securityPolicyName": { + "type": "string", + "description": "Security policy for SFTP Connector" + }, + "serviceManagedEgressIpAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of egress IP addresses of this connector. These IP addresses are assigned automatically when you create the connector." + }, + "sftpConfig": { + "$ref": "#/types/aws-native:transfer:SftpConfigProperties", + "description": "Configuration for an SFTP connector." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for connectors. Tags are metadata attached to connectors for any purpose." + }, + "url": { + "type": "string", + "description": "URL for Connector" + } + }, + "required": [ + "accessRole", + "url" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:transfer:Profile": { + "cf": "AWS::Transfer::Profile", + "inputs": { + "as2Id": { + "type": "string", + "description": "AS2 identifier agreed with a trading partner." + }, + "certificateIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of the certificate IDs associated with this profile to be used for encryption and signing of AS2 messages." + }, + "profileType": { + "$ref": "#/types/aws-native:transfer:ProfileType", + "description": "Enum specifying whether the profile is local or associated with a trading partner." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Specifies the unique Amazon Resource Name (ARN) for the profile." + }, + "as2Id": { + "type": "string", + "description": "AS2 identifier agreed with a trading partner." + }, + "certificateIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of the certificate IDs associated with this profile to be used for encryption and signing of AS2 messages." + }, + "profileId": { + "type": "string", + "description": "A unique identifier for the profile" + }, + "profileType": { + "$ref": "#/types/aws-native:transfer:ProfileType", + "description": "Enum specifying whether the profile is local or associated with a trading partner.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "required": [ + "as2Id", + "profileType" + ], + "createOnly": [ + "profileType" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:transfer:Workflow": { + "cf": "AWS::Transfer::Workflow", + "inputs": { + "description": { + "type": "string", + "description": "A textual description for the workflow." + }, + "onExceptionSteps": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:transfer:WorkflowStep" + }, + "description": "Specifies the steps (actions) to take if any errors are encountered during execution of the workflow." + }, + "steps": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:transfer:WorkflowStep" + }, + "description": "Specifies the details for the steps that are in the specified workflow." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "Specifies the unique Amazon Resource Name (ARN) for the workflow." + }, + "description": { + "type": "string", + "description": "A textual description for the workflow.", + "replaceOnChanges": true + }, + "onExceptionSteps": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:transfer:WorkflowStep" + }, + "description": "Specifies the steps (actions) to take if any errors are encountered during execution of the workflow.", + "replaceOnChanges": true + }, + "steps": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:transfer:WorkflowStep" + }, + "description": "Specifies the details for the steps that are in the specified workflow.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose." + }, + "workflowId": { + "type": "string", + "description": "A unique identifier for the workflow." + } + }, + "required": [ + "steps" + ], + "createOnly": [ + "description", + "onExceptionSteps", + "steps" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:verifiedpermissions:IdentitySource": { + "cf": "AWS::VerifiedPermissions::IdentitySource", + "inputs": { + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceConfiguration1Properties" + } + ], + "description": "Contains configuration information used when creating a new identity source." + }, + "policyStoreId": { + "type": "string", + "description": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source." + }, + "principalEntityType": { + "type": "string", + "description": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source." + } + }, + "outputs": { + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceConfiguration1Properties" + } + ], + "description": "Contains configuration information used when creating a new identity source." + }, + "details": { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceDetails" + }, + "identitySourceId": { + "type": "string", + "description": "The unique ID of the new or updated identity store." + }, + "policyStoreId": { + "type": "string", + "description": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.", + "replaceOnChanges": true + }, + "principalEntityType": { + "type": "string", + "description": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source." + } + }, + "required": [ + "configuration", + "policyStoreId" + ], + "createOnly": [ + "policyStoreId" + ] + }, + "aws-native:verifiedpermissions:Policy": { + "cf": "AWS::VerifiedPermissions::Policy", + "inputs": { + "definition": { + "oneOf": [ + { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyDefinition0Properties" + }, + { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyDefinition1Properties" + } + ], + "description": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element." + }, + "policyStoreId": { + "type": "string", + "description": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in." + } + }, + "outputs": { + "definition": { + "oneOf": [ + { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyDefinition0Properties" + }, + { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyDefinition1Properties" + } + ], + "description": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element." + }, + "policyId": { + "type": "string", + "description": "The unique ID of the new or updated policy." + }, + "policyStoreId": { + "type": "string", + "description": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in.", + "replaceOnChanges": true + }, + "policyType": { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyType", + "description": "The type of the policy. This is one of the following values:\n\n- Static\n- TemplateLinked" + } + }, + "required": [ + "definition", + "policyStoreId" + ], + "createOnly": [ + "policyStoreId" + ] + }, + "aws-native:verifiedpermissions:PolicyStore": { + "cf": "AWS::VerifiedPermissions::PolicyStore", + "inputs": { + "description": { + "type": "string", + "description": "Descriptive text that you can provide to help with identification of the current policy store." + }, + "schema": { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyStoreSchemaDefinition", + "description": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time." + }, + "validationSettings": { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyStoreValidationSettings", + "description": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n\u003e We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the new or updated policy store." + }, + "description": { + "type": "string", + "description": "Descriptive text that you can provide to help with identification of the current policy store." + }, + "policyStoreId": { + "type": "string", + "description": "The unique ID of the new or updated policy store." + }, + "schema": { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyStoreSchemaDefinition", + "description": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time." + }, + "validationSettings": { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyStoreValidationSettings", + "description": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n\u003e We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on." + } + }, + "required": [ + "validationSettings" + ] + }, + "aws-native:verifiedpermissions:PolicyTemplate": { + "cf": "AWS::VerifiedPermissions::PolicyTemplate", + "inputs": { + "description": { + "type": "string", + "description": "The description to attach to the new or updated policy template." + }, + "policyStoreId": { + "type": "string", + "description": "The unique identifier of the policy store that contains the template." + }, + "statement": { + "type": "string", + "description": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description to attach to the new or updated policy template." + }, + "policyStoreId": { + "type": "string", + "description": "The unique identifier of the policy store that contains the template.", + "replaceOnChanges": true + }, + "policyTemplateId": { + "type": "string", + "description": "The unique identifier of the new or modified policy template." + }, + "statement": { + "type": "string", + "description": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language." + } + }, + "required": [ + "policyStoreId", + "statement" + ], + "createOnly": [ + "policyStoreId" + ] + }, + "aws-native:voiceid:Domain": { + "cf": "AWS::VoiceID::Domain", + "inputs": { + "description": { + "type": "string", + "description": "The description of the domain." + }, + "name": { + "type": "string", + "description": "The name for the domain." + }, + "serverSideEncryptionConfiguration": { + "$ref": "#/types/aws-native:voiceid:DomainServerSideEncryptionConfiguration", + "description": "The server-side encryption configuration containing the KMS key identifier you want Voice ID to use to encrypt your data." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description of the domain." + }, + "domainId": { + "type": "string", + "description": "The identifier of the domain." + }, + "name": { + "type": "string", + "description": "The name for the domain." + }, + "serverSideEncryptionConfiguration": { + "$ref": "#/types/aws-native:voiceid:DomainServerSideEncryptionConfiguration", + "description": "The server-side encryption configuration containing the KMS key identifier you want Voice ID to use to encrypt your data." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags used to organize, track, or control access for this resource." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 256 + }, + "required": [ + "serverSideEncryptionConfiguration" + ], + "writeOnly": [ + "description", + "name", + "serverSideEncryptionConfiguration" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:vpclattice:AccessLogSubscription": { + "cf": "AWS::VpcLattice::AccessLogSubscription", + "inputs": { + "destinationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets." + }, + "resourceIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service network or service." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the access log subscription." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the access log subscription." + }, + "awsId": { + "type": "string", + "description": "The ID of the access log subscription." + }, + "destinationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets." + }, + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the access log subscription." + }, + "resourceId": { + "type": "string", + "description": "The ID of the service network or service." + }, + "resourceIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service network or service.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the access log subscription." + } + }, + "required": [ + "destinationArn" + ], + "createOnly": [ + "resourceIdentifier" + ], + "writeOnly": [ + "resourceIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:vpclattice:AuthPolicy": { + "cf": "AWS::VpcLattice::AuthPolicy", + "inputs": { + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The auth policy.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::VpcLattice::AuthPolicy` for more information about the expected schema for this property." + }, + "resourceIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created." + } + }, + "outputs": { + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The auth policy.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::VpcLattice::AuthPolicy` for more information about the expected schema for this property." + }, + "resourceIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.", + "replaceOnChanges": true + }, + "state": { + "$ref": "#/types/aws-native:vpclattice:AuthPolicyState", + "description": "The state of the auth policy. The auth policy is only active when the auth type is set to `AWS _IAM` . If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the auth type is `NONE` , then any auth policy you provide will remain inactive." + } + }, + "required": [ + "policy", + "resourceIdentifier" + ], + "createOnly": [ + "resourceIdentifier" + ] + }, + "aws-native:vpclattice:Listener": { + "cf": "AWS::VpcLattice::Listener", + "inputs": { + "defaultAction": { + "$ref": "#/types/aws-native:vpclattice:ListenerDefaultAction", + "description": "The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match." + }, + "name": { + "type": "string", + "description": "The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name." + }, + "port": { + "type": "integer", + "description": "The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443." + }, + "protocol": { + "$ref": "#/types/aws-native:vpclattice:ListenerProtocol", + "description": "The listener protocol." + }, + "serviceIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the listener." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the listener." + }, + "awsId": { + "type": "string", + "description": "The ID of the listener." + }, + "defaultAction": { + "$ref": "#/types/aws-native:vpclattice:ListenerDefaultAction", + "description": "The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match." + }, + "name": { + "type": "string", + "description": "The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "replaceOnChanges": true + }, + "port": { + "type": "integer", + "description": "The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.", + "replaceOnChanges": true + }, + "protocol": { + "$ref": "#/types/aws-native:vpclattice:ListenerProtocol", + "description": "The listener protocol.", + "replaceOnChanges": true + }, + "serviceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service." + }, + "serviceId": { + "type": "string", + "description": "The ID of the service." + }, + "serviceIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the listener." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 63 + }, + "required": [ + "defaultAction", + "protocol" + ], + "createOnly": [ + "name", + "port", + "protocol", + "serviceIdentifier" + ], + "writeOnly": [ + "serviceIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:vpclattice:ResourcePolicy": { + "cf": "AWS::VpcLattice::ResourcePolicy", + "inputs": { + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The Amazon Resource Name (ARN) of the service network or service.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::VpcLattice::ResourcePolicy` for more information about the expected schema for this property." + }, + "resourceArn": { + "type": "string", + "description": "An IAM policy." + } + }, + "outputs": { + "policy": { + "$ref": "pulumi.json#/Any", + "description": "The Amazon Resource Name (ARN) of the service network or service.\n\nSearch the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::VpcLattice::ResourcePolicy` for more information about the expected schema for this property." + }, + "resourceArn": { + "type": "string", + "description": "An IAM policy.", + "replaceOnChanges": true + } + }, + "required": [ + "policy", + "resourceArn" + ], + "createOnly": [ + "resourceArn" + ] + }, + "aws-native:vpclattice:Rule": { + "cf": "AWS::VpcLattice::Rule", + "inputs": { + "action": { + "$ref": "#/types/aws-native:vpclattice:RuleAction", + "description": "Describes the action for a rule." + }, + "listenerIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the listener." + }, + "match": { + "$ref": "#/types/aws-native:vpclattice:RuleMatch", + "description": "The rule match." + }, + "name": { + "type": "string", + "description": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name." + }, + "priority": { + "type": "integer", + "description": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority." + }, + "serviceIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the rule." + } + }, + "outputs": { + "action": { + "$ref": "#/types/aws-native:vpclattice:RuleAction", + "description": "Describes the action for a rule." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the rule." + }, + "awsId": { + "type": "string", + "description": "The ID of the listener." + }, + "listenerIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the listener.", + "replaceOnChanges": true + }, + "match": { + "$ref": "#/types/aws-native:vpclattice:RuleMatch", + "description": "The rule match." + }, + "name": { + "type": "string", + "description": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "replaceOnChanges": true + }, + "priority": { + "type": "integer", + "description": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority." + }, + "serviceIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the rule." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 63 + }, + "required": [ + "action", + "match", + "priority" + ], + "createOnly": [ + "listenerIdentifier", + "name", + "serviceIdentifier" + ], + "writeOnly": [ + "listenerIdentifier", + "serviceIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:vpclattice:Service": { + "cf": "AWS::VpcLattice::Service", + "inputs": { + "authType": { + "$ref": "#/types/aws-native:vpclattice:ServiceAuthType", + "description": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required." + }, + "certificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the certificate." + }, + "customDomainName": { + "type": "string", + "description": "The custom domain name of the service." + }, + "dnsEntry": { + "$ref": "#/types/aws-native:vpclattice:ServiceDnsEntry", + "description": "The DNS information of the service." + }, + "name": { + "type": "string", + "description": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the service." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service." + }, + "authType": { + "$ref": "#/types/aws-native:vpclattice:ServiceAuthType", + "description": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required." + }, + "awsId": { + "type": "string", + "description": "The ID of the service." + }, + "certificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the certificate." + }, + "createdAt": { + "type": "string", + "description": "The date and time that the service was created, specified in ISO-8601 format." + }, + "customDomainName": { + "type": "string", + "description": "The custom domain name of the service.", + "replaceOnChanges": true + }, + "dnsEntry": { + "$ref": "#/types/aws-native:vpclattice:ServiceDnsEntry", + "description": "The DNS information of the service." + }, + "lastUpdatedAt": { + "type": "string", + "description": "The date and time that the service was last updated, specified in ISO-8601 format." + }, + "name": { + "type": "string", + "description": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:vpclattice:ServiceStatus", + "description": "The status of the service." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the service." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 40 + }, + "createOnly": [ + "customDomainName", + "name" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:vpclattice:ServiceNetwork": { + "cf": "AWS::VpcLattice::ServiceNetwork", + "inputs": { + "authType": { + "$ref": "#/types/aws-native:vpclattice:ServiceNetworkAuthType", + "description": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required." + }, + "name": { + "type": "string", + "description": "The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the service network." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service network." + }, + "authType": { + "$ref": "#/types/aws-native:vpclattice:ServiceNetworkAuthType", + "description": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required." + }, + "awsId": { + "type": "string", + "description": "The ID of the service network." + }, + "createdAt": { + "type": "string", + "description": "The date and time that the service network was created, specified in ISO-8601 format." + }, + "lastUpdatedAt": { + "type": "string", + "description": "The date and time of the last update, specified in ISO-8601 format." + }, + "name": { + "type": "string", + "description": "The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the service network." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 63 + }, + "createOnly": [ + "name" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:vpclattice:ServiceNetworkServiceAssociation": { + "cf": "AWS::VpcLattice::ServiceNetworkServiceAssociation", + "inputs": { + "dnsEntry": { + "$ref": "#/types/aws-native:vpclattice:ServiceNetworkServiceAssociationDnsEntry", + "description": "The DNS information of the service." + }, + "serviceIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service." + }, + "serviceNetworkIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service network. You must use the ARN if the resources specified in the operation are in different accounts." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the association." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the association between the service network and the service." + }, + "awsId": { + "type": "string", + "description": "The ID of the of the association between the service network and the service." + }, + "createdAt": { + "type": "string", + "description": "The date and time that the association was created, specified in ISO-8601 format." + }, + "dnsEntry": { + "$ref": "#/types/aws-native:vpclattice:ServiceNetworkServiceAssociationDnsEntry", + "description": "The DNS information of the service." + }, + "serviceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service." + }, + "serviceId": { + "type": "string", + "description": "The ID of the service." + }, + "serviceIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service.", + "replaceOnChanges": true + }, + "serviceName": { + "type": "string", + "description": "The name of the service." + }, + "serviceNetworkArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service network" + }, + "serviceNetworkId": { + "type": "string", + "description": "The ID of the service network." + }, + "serviceNetworkIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service network. You must use the ARN if the resources specified in the operation are in different accounts.", + "replaceOnChanges": true + }, + "serviceNetworkName": { + "type": "string", + "description": "The name of the service network." + }, + "status": { + "$ref": "#/types/aws-native:vpclattice:ServiceNetworkServiceAssociationStatus", + "description": "The status of the association between the service network and the service." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the association." + } + }, + "createOnly": [ + "serviceIdentifier", + "serviceNetworkIdentifier" + ], + "writeOnly": [ + "serviceIdentifier", + "serviceNetworkIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:vpclattice:ServiceNetworkVpcAssociation": { + "cf": "AWS::VpcLattice::ServiceNetworkVpcAssociation", + "inputs": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com//vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* ." + }, + "serviceNetworkIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service network. You must use the ARN when the resources specified in the operation are in different accounts." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the association." + }, + "vpcIdentifier": { + "type": "string", + "description": "The ID of the VPC." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the association between the service network and the VPC." + }, + "awsId": { + "type": "string", + "description": "The ID of the specified association between the service network and the VPC." + }, + "createdAt": { + "type": "string", + "description": "The date and time that the association was created, specified in ISO-8601 format." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com//vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* ." + }, + "serviceNetworkArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service network." + }, + "serviceNetworkId": { + "type": "string", + "description": "The ID of the service network." + }, + "serviceNetworkIdentifier": { + "type": "string", + "description": "The ID or Amazon Resource Name (ARN) of the service network. You must use the ARN when the resources specified in the operation are in different accounts.", + "replaceOnChanges": true + }, + "serviceNetworkName": { + "type": "string", + "description": "The name of the service network." + }, + "status": { + "$ref": "#/types/aws-native:vpclattice:ServiceNetworkVpcAssociationStatus", + "description": "The status of the association." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the association." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + }, + "vpcIdentifier": { + "type": "string", + "description": "The ID of the VPC.", + "replaceOnChanges": true + } + }, + "createOnly": [ + "serviceNetworkIdentifier", + "vpcIdentifier" + ], + "writeOnly": [ + "serviceNetworkIdentifier", + "vpcIdentifier" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:vpclattice:TargetGroup": { + "cf": "AWS::VpcLattice::TargetGroup", + "inputs": { + "config": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupConfig", + "description": "The target group configuration." + }, + "name": { + "type": "string", + "description": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the target group." + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupTarget" + }, + "description": "Describes a target." + }, + "type": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupType", + "description": "The type of target group." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target group." + }, + "awsId": { + "type": "string", + "description": "The ID of the target group." + }, + "config": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupConfig", + "description": "The target group configuration." + }, + "createdAt": { + "type": "string", + "description": "The date and time that the target group was created, specified in ISO-8601 format." + }, + "lastUpdatedAt": { + "type": "string", + "description": "The date and time that the target group was last updated, specified in ISO-8601 format." + }, + "name": { + "type": "string", + "description": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", + "replaceOnChanges": true + }, + "status": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupStatus", + "description": "The operation's status. You can retry the operation if the status is `CREATE_FAILED` . However, if you retry it while the status is `CREATE_IN_PROGRESS` , there is no change in the status." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the target group." + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupTarget" + }, + "description": "Describes a target." + }, + "type": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupType", + "description": "The type of target group.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 3, + "maxLength": 128 + }, + "required": [ + "type" + ], + "createOnly": [ + "config/IpAddressType", + "config/LambdaEventStructureVersion", + "config/Port", + "config/Protocol", + "config/ProtocolVersion", + "config/VpcIdentifier", + "name", + "type" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:wafv2:IpSet": { + "cf": "AWS::WAFv2::IPSet", + "inputs": { + "addresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of IPAddresses." + }, + "description": { + "type": "string", + "description": "A description of the IP set that helps with identification." + }, + "ipAddressVersion": { + "$ref": "#/types/aws-native:wafv2:IpSetIpAddressVersion", + "description": "The version of the IP addresses, either `IPV4` or `IPV6` ." + }, + "name": { + "type": "string", + "description": "The name of the IP set. You cannot change the name of an `IPSet` after you create it." + }, + "scope": { + "$ref": "#/types/aws-native:wafv2:IpSetScope", + "description": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n\u003e For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n\u003e To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation." + } + }, + "outputs": { + "addresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of IPAddresses." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IP set." + }, + "awsId": { + "type": "string", + "description": "The ID of the IP set." + }, + "description": { + "type": "string", + "description": "A description of the IP set that helps with identification." + }, + "ipAddressVersion": { + "$ref": "#/types/aws-native:wafv2:IpSetIpAddressVersion", + "description": "The version of the IP addresses, either `IPV4` or `IPV6` ." + }, + "name": { + "type": "string", + "description": "The name of the IP set. You cannot change the name of an `IPSet` after you create it.", + "replaceOnChanges": true + }, + "scope": { + "$ref": "#/types/aws-native:wafv2:IpSetScope", + "description": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n\u003e For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n\u003e To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "addresses", + "ipAddressVersion", + "scope" + ], + "createOnly": [ + "name", + "scope" + ], + "irreversibleNames": { + "awsId": "Id", + "ipAddressVersion": "IPAddressVersion" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:wafv2:LoggingConfiguration": { + "cf": "AWS::WAFv2::LoggingConfiguration", + "inputs": { + "logDestinationConfigs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the logging destinations that you want to associate with the web ACL." + }, + "loggingFilter": { + "$ref": "#/types/aws-native:wafv2:LoggingFilterProperties", + "description": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation." + }, + "redactedFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:LoggingConfigurationFieldToMatch" + }, + "description": "The parts of the request that you want to keep out of the logs. For example, if you redact the HEADER field, the HEADER field in the firehose will be xxx." + }, + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs." + } + }, + "outputs": { + "logDestinationConfigs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the logging destinations that you want to associate with the web ACL." + }, + "loggingFilter": { + "$ref": "#/types/aws-native:wafv2:LoggingFilterProperties", + "description": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation." + }, + "managedByFirewallManager": { + "type": "boolean", + "description": "Indicates whether the logging configuration was created by AWS Firewall Manager, as part of an AWS WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration." + }, + "redactedFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:LoggingConfigurationFieldToMatch" + }, + "description": "The parts of the request that you want to keep out of the logs. For example, if you redact the HEADER field, the HEADER field in the firehose will be xxx." + }, + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.", + "replaceOnChanges": true + } + }, + "required": [ + "logDestinationConfigs", + "resourceArn" + ], + "createOnly": [ + "resourceArn" + ] + }, + "aws-native:wafv2:RegexPatternSet": { + "cf": "AWS::WAFv2::RegexPatternSet", + "inputs": { + "description": { + "type": "string", + "description": "Description of the entity." + }, + "name": { + "type": "string", + "description": "Name of the RegexPatternSet." + }, + "regularExpressionList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The regular expression patterns in the set." + }, + "scope": { + "$ref": "#/types/aws-native:wafv2:RegexPatternSetScope", + "description": "Use CLOUDFRONT for CloudFront RegexPatternSet, use REGIONAL for Application Load Balancer and API Gateway." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n\u003e To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "ARN of the WAF entity." + }, + "awsId": { + "type": "string", + "description": "Id of the RegexPatternSet" + }, + "description": { + "type": "string", + "description": "Description of the entity." + }, + "name": { + "type": "string", + "description": "Name of the RegexPatternSet.", + "replaceOnChanges": true + }, + "regularExpressionList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The regular expression patterns in the set." + }, + "scope": { + "$ref": "#/types/aws-native:wafv2:RegexPatternSetScope", + "description": "Use CLOUDFRONT for CloudFront RegexPatternSet, use REGIONAL for Application Load Balancer and API Gateway.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n\u003e To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "regularExpressionList", + "scope" + ], + "createOnly": [ + "name", + "scope" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:wafv2:RuleGroup": { + "cf": "AWS::WAFv2::RuleGroup", + "inputs": { + "availableLabels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupLabelSummary" + }, + "description": "Collection of Available Labels." + }, + "capacity": { + "type": "integer", + "description": "The web ACL capacity units (WCUs) required for this rule group.\n\nWhen you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, AWS WAF enforces this limit.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500." + }, + "consumedLabels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupLabelSummary" + }, + "description": "Collection of Consumed Labels." + }, + "customResponseBodies": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCustomResponseBody" + }, + "description": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* ." + }, + "description": { + "type": "string", + "description": "A description of the rule group that helps with identification." + }, + "name": { + "type": "string", + "description": "The name of the rule group. You cannot change the name of a rule group after you create it." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRule" + }, + "description": "Collection of Rules." + }, + "scope": { + "$ref": "#/types/aws-native:wafv2:RuleGroupScope", + "description": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n\u003e For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n\u003e To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation." + }, + "visibilityConfig": { + "$ref": "#/types/aws-native:wafv2:RuleGroupVisibilityConfig", + "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the rule group." + }, + "availableLabels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupLabelSummary" + }, + "description": "Collection of Available Labels." + }, + "awsId": { + "type": "string", + "description": "The ID of the rule group." + }, + "capacity": { + "type": "integer", + "description": "The web ACL capacity units (WCUs) required for this rule group.\n\nWhen you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, AWS WAF enforces this limit.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500." + }, + "consumedLabels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupLabelSummary" + }, + "description": "Collection of Consumed Labels." + }, + "customResponseBodies": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCustomResponseBody" + }, + "description": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* ." + }, + "description": { + "type": "string", + "description": "A description of the rule group that helps with identification." + }, + "labelNamespace": { + "type": "string", + "description": "The label namespace prefix for this rule group. All labels added by rules in this rule group have this prefix.\n\nThe syntax for the label namespace prefix for a rule group is the following: `awswaf:\u003caccount ID\u003e:rule group:\u003crule group name\u003e:`\n\nWhen a rule with a label matches a web request, AWS WAF adds the fully qualified label to the request. A fully qualified label is made up of the label namespace from the rule group or web ACL where the rule is defined and the label from the rule, separated by a colon." + }, + "name": { + "type": "string", + "description": "The name of the rule group. You cannot change the name of a rule group after you create it.", + "replaceOnChanges": true + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRule" + }, + "description": "Collection of Rules." + }, + "scope": { + "$ref": "#/types/aws-native:wafv2:RuleGroupScope", + "description": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n\u003e For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n\u003e To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation." + }, + "visibilityConfig": { + "$ref": "#/types/aws-native:wafv2:RuleGroupVisibilityConfig", + "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "capacity", + "scope", + "visibilityConfig" + ], + "createOnly": [ + "name", + "scope" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:wafv2:WebAcl": { + "cf": "AWS::WAFv2::WebACL", + "inputs": { + "associationConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclAssociationConfig", + "description": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).\n\n\u003e You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes)." + }, + "captchaConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclCaptchaConfig", + "description": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` ." + }, + "challengeConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclChallengeConfig", + "description": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` ." + }, + "customResponseBodies": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:wafv2:WebAclCustomResponseBody" + }, + "description": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* ." + }, + "defaultAction": { + "$ref": "#/types/aws-native:wafv2:WebAclDefaultAction", + "description": "The action to perform if none of the `Rules` contained in the `WebACL` match." + }, + "description": { + "type": "string", + "description": "A description of the web ACL that helps with identification." + }, + "name": { + "type": "string", + "description": "The name of the web ACL. You cannot change the name of a web ACL after you create it." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclRule" + }, + "description": "Collection of Rules." + }, + "scope": { + "$ref": "#/types/aws-native:wafv2:WebAclScope", + "description": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n\u003e For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n\u003e To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation." + }, + "tokenDomains": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains." + }, + "visibilityConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclVisibilityConfig", + "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection." + } + }, + "outputs": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the web ACL." + }, + "associationConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclAssociationConfig", + "description": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).\n\n\u003e You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes)." + }, + "awsId": { + "type": "string", + "description": "The ID of the web ACL." + }, + "capacity": { + "type": "integer", + "description": "The web ACL capacity units (WCUs) currently being used by this web ACL.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500." + }, + "captchaConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclCaptchaConfig", + "description": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` ." + }, + "challengeConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclChallengeConfig", + "description": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` ." + }, + "customResponseBodies": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:wafv2:WebAclCustomResponseBody" + }, + "description": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* ." + }, + "defaultAction": { + "$ref": "#/types/aws-native:wafv2:WebAclDefaultAction", + "description": "The action to perform if none of the `Rules` contained in the `WebACL` match." + }, + "description": { + "type": "string", + "description": "A description of the web ACL that helps with identification." + }, + "labelNamespace": { + "type": "string", + "description": "The label namespace prefix for this web ACL. All labels added by rules in this web ACL have this prefix.\n\nThe syntax for the label namespace prefix for a web ACL is the following: `awswaf:\u003caccount ID\u003e:webacl:\u003cweb ACL name\u003e:`\n\nWhen a rule with a label matches a web request, AWS WAF adds the fully qualified label to the request. A fully qualified label is made up of the label namespace from the rule group or web ACL where the rule is defined and the label from the rule, separated by a colon." + }, + "name": { + "type": "string", + "description": "The name of the web ACL. You cannot change the name of a web ACL after you create it.", + "replaceOnChanges": true + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclRule" + }, + "description": "Collection of Rules." + }, + "scope": { + "$ref": "#/types/aws-native:wafv2:WebAclScope", + "description": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n\u003e For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n\u003e To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation." + }, + "tokenDomains": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains." + }, + "visibilityConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclVisibilityConfig", + "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection." + } + }, + "autoNamingSpec": { + "sdkName": "name" + }, + "required": [ + "defaultAction", + "scope", + "visibilityConfig" + ], + "createOnly": [ + "name", + "scope" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:wafv2:WebAclAssociation": { + "cf": "AWS::WAFv2::WebACLAssociation", + "inputs": { + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`" + }, + "webAclArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource." + } + }, + "outputs": { + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`", + "replaceOnChanges": true + }, + "webAclArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.", + "replaceOnChanges": true + } + }, + "required": [ + "resourceArn", + "webAclArn" + ], + "createOnly": [ + "resourceArn", + "webAclArn" + ], + "irreversibleNames": { + "webAclArn": "WebACLArn" + } + }, + "aws-native:wisdom:Assistant": { + "cf": "AWS::Wisdom::Assistant", + "inputs": { + "description": { + "type": "string", + "description": "The description of the assistant." + }, + "name": { + "type": "string", + "description": "The name of the assistant." + }, + "serverSideEncryptionConfiguration": { + "$ref": "#/types/aws-native:wisdom:AssistantServerSideEncryptionConfiguration", + "description": "The configuration information for the customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags used to organize, track, or control access for this resource." + }, + "type": { + "$ref": "#/types/aws-native:wisdom:AssistantType", + "description": "The type of assistant." + } + }, + "outputs": { + "assistantArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the assistant." + }, + "assistantId": { + "type": "string", + "description": "The ID of the Wisdom assistant." + }, + "description": { + "type": "string", + "description": "The description of the assistant.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the assistant.", + "replaceOnChanges": true + }, + "serverSideEncryptionConfiguration": { + "$ref": "#/types/aws-native:wisdom:AssistantServerSideEncryptionConfiguration", + "description": "The configuration information for the customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) .", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags used to organize, track, or control access for this resource.", + "replaceOnChanges": true + }, + "type": { + "$ref": "#/types/aws-native:wisdom:AssistantType", + "description": "The type of assistant.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "type" + ], + "createOnly": [ + "description", + "name", + "serverSideEncryptionConfiguration", + "tags", + "type" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:wisdom:AssistantAssociation": { + "cf": "AWS::Wisdom::AssistantAssociation", + "inputs": { + "assistantId": { + "type": "string", + "description": "The identifier of the Wisdom assistant." + }, + "association": { + "$ref": "#/types/aws-native:wisdom:AssistantAssociationAssociationData", + "description": "The identifier of the associated resource." + }, + "associationType": { + "$ref": "#/types/aws-native:wisdom:AssistantAssociationAssociationType", + "description": "The type of association." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags used to organize, track, or control access for this resource." + } + }, + "outputs": { + "assistantArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Wisdom assistant." + }, + "assistantAssociationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the assistant association." + }, + "assistantAssociationId": { + "type": "string", + "description": "The ID of the association." + }, + "assistantId": { + "type": "string", + "description": "The identifier of the Wisdom assistant.", + "replaceOnChanges": true + }, + "association": { + "$ref": "#/types/aws-native:wisdom:AssistantAssociationAssociationData", + "description": "The identifier of the associated resource.", + "replaceOnChanges": true + }, + "associationType": { + "$ref": "#/types/aws-native:wisdom:AssistantAssociationAssociationType", + "description": "The type of association.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags used to organize, track, or control access for this resource.", + "replaceOnChanges": true + } + }, + "required": [ + "assistantId", + "association", + "associationType" + ], + "createOnly": [ + "assistantId", + "association", + "associationType", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:wisdom:KnowledgeBase": { + "cf": "AWS::Wisdom::KnowledgeBase", + "inputs": { + "description": { + "type": "string", + "description": "The description." + }, + "knowledgeBaseType": { + "$ref": "#/types/aws-native:wisdom:KnowledgeBaseType", + "description": "The type of knowledge base. Only CUSTOM knowledge bases allow you to upload your own content. EXTERNAL knowledge bases support integrations with third-party systems whose content is synchronized automatically." + }, + "name": { + "type": "string", + "description": "The name of the knowledge base." + }, + "renderingConfiguration": { + "$ref": "#/types/aws-native:wisdom:KnowledgeBaseRenderingConfiguration", + "description": "Information about how to render the content." + }, + "serverSideEncryptionConfiguration": { + "$ref": "#/types/aws-native:wisdom:KnowledgeBaseServerSideEncryptionConfiguration", + "description": "This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* ." + }, + "sourceConfiguration": { + "$ref": "#/types/aws-native:wisdom:KnowledgeBaseSourceConfiguration", + "description": "The source of the knowledge base content. Only set this argument for EXTERNAL knowledge bases." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags used to organize, track, or control access for this resource." + } + }, + "outputs": { + "description": { + "type": "string", + "description": "The description.", + "replaceOnChanges": true + }, + "knowledgeBaseArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the knowledge base." + }, + "knowledgeBaseId": { + "type": "string", + "description": "The ID of the knowledge base." + }, + "knowledgeBaseType": { + "$ref": "#/types/aws-native:wisdom:KnowledgeBaseType", + "description": "The type of knowledge base. Only CUSTOM knowledge bases allow you to upload your own content. EXTERNAL knowledge bases support integrations with third-party systems whose content is synchronized automatically.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the knowledge base.", + "replaceOnChanges": true + }, + "renderingConfiguration": { + "$ref": "#/types/aws-native:wisdom:KnowledgeBaseRenderingConfiguration", + "description": "Information about how to render the content." + }, + "serverSideEncryptionConfiguration": { + "$ref": "#/types/aws-native:wisdom:KnowledgeBaseServerSideEncryptionConfiguration", + "description": "This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", + "replaceOnChanges": true + }, + "sourceConfiguration": { + "$ref": "#/types/aws-native:wisdom:KnowledgeBaseSourceConfiguration", + "description": "The source of the knowledge base content. Only set this argument for EXTERNAL knowledge bases.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags used to organize, track, or control access for this resource.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 255 + }, + "required": [ + "knowledgeBaseType" + ], + "createOnly": [ + "description", + "knowledgeBaseType", + "name", + "serverSideEncryptionConfiguration", + "sourceConfiguration", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:workspaces:ConnectionAlias": { + "cf": "AWS::WorkSpaces::ConnectionAlias", + "inputs": { + "connectionString": { + "type": "string", + "description": "The connection string specified for the connection alias. The connection string must be in the form of a fully qualified domain name (FQDN), such as `www.example.com` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags to associate with the connection alias." + } + }, + "outputs": { + "aliasId": { + "type": "string", + "description": "The identifier of the connection alias, returned as a string." + }, + "associations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:workspaces:ConnectionAliasAssociation" + }, + "description": "The association status of the connection alias." + }, + "connectionAliasState": { + "$ref": "#/types/aws-native:workspaces:ConnectionAliasState", + "description": "The current state of the connection alias, returned as a string." + }, + "connectionString": { + "type": "string", + "description": "The connection string specified for the connection alias. The connection string must be in the form of a fully qualified domain name (FQDN), such as `www.example.com` .", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:CreateOnlyTag" + }, + "description": "The tags to associate with the connection alias.", + "replaceOnChanges": true + } + }, + "required": [ + "connectionString" + ], + "createOnly": [ + "connectionString", + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArrayCreateOnly" + }, + "aws-native:workspaces:WorkspacesPool": { + "cf": "AWS::WorkSpaces::WorkspacesPool", + "inputs": { + "applicationSettings": { + "$ref": "#/types/aws-native:workspaces:WorkspacesPoolApplicationSettings", + "description": "The persistent application settings for users of the pool." + }, + "bundleId": { + "type": "string", + "description": "The identifier of the bundle used by the pool." + }, + "capacity": { + "$ref": "#/types/aws-native:workspaces:WorkspacesPoolCapacity", + "description": "Describes the user capacity for the pool." + }, + "description": { + "type": "string", + "description": "The description of the pool." + }, + "directoryId": { + "type": "string", + "description": "The identifier of the directory used by the pool." + }, + "poolName": { + "type": "string", + "description": "The name of the pool." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the pool." + }, + "timeoutSettings": { + "$ref": "#/types/aws-native:workspaces:WorkspacesPoolTimeoutSettings", + "description": "The amount of time that a pool session remains active after users disconnect. If they try to reconnect to the pool session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new pool instance." + } + }, + "outputs": { + "applicationSettings": { + "$ref": "#/types/aws-native:workspaces:WorkspacesPoolApplicationSettings", + "description": "The persistent application settings for users of the pool." + }, + "bundleId": { + "type": "string", + "description": "The identifier of the bundle used by the pool." + }, + "capacity": { + "$ref": "#/types/aws-native:workspaces:WorkspacesPoolCapacity", + "description": "Describes the user capacity for the pool." + }, + "createdAt": { + "type": "string", + "description": "The time the pool was created." + }, + "description": { + "type": "string", + "description": "The description of the pool." + }, + "directoryId": { + "type": "string", + "description": "The identifier of the directory used by the pool." + }, + "poolArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the pool." + }, + "poolId": { + "type": "string", + "description": "The identifier of the pool." + }, + "poolName": { + "type": "string", + "description": "The name of the pool.", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags for the pool." + }, + "timeoutSettings": { + "$ref": "#/types/aws-native:workspaces:WorkspacesPoolTimeoutSettings", + "description": "The amount of time that a pool session remains active after users disconnect. If they try to reconnect to the pool session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new pool instance." + } + }, + "autoNamingSpec": { + "sdkName": "poolName" + }, + "required": [ + "bundleId", + "capacity", + "directoryId" + ], + "createOnly": [ + "poolName" + ], + "writeOnly": [ + "tags" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:workspacesthinclient:Environment": { + "cf": "AWS::WorkSpacesThinClient::Environment", + "inputs": { + "desiredSoftwareSetId": { + "type": "string", + "description": "The ID of the software set to apply." + }, + "desktopArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the desktop to stream from Amazon WorkSpaces, WorkSpaces Web, or AppStream 2.0." + }, + "desktopEndpoint": { + "type": "string", + "description": "The URL for the identity provider login (only for environments that use AppStream 2.0)." + }, + "deviceCreationTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentTag" + }, + "description": "An array of key-value pairs to apply to the newly created devices for this environment." + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Key Management Service key used to encrypt the environment." + }, + "maintenanceWindow": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentMaintenanceWindow", + "description": "A specification for a time window to apply software updates." + }, + "name": { + "type": "string", + "description": "The name of the environment." + }, + "softwareSetUpdateMode": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentSoftwareSetUpdateMode", + "description": "An option to define which software updates to apply." + }, + "softwareSetUpdateSchedule": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentSoftwareSetUpdateSchedule", + "description": "An option to define if software updates should be applied within a maintenance window." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "activationCode": { + "type": "string", + "description": "Activation code for devices associated with environment." + }, + "arn": { + "type": "string", + "description": "The environment ARN." + }, + "awsId": { + "type": "string", + "description": "Unique identifier of the environment." + }, + "createdAt": { + "type": "string", + "description": "The timestamp in unix epoch format when environment was created." + }, + "desiredSoftwareSetId": { + "type": "string", + "description": "The ID of the software set to apply." + }, + "desktopArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the desktop to stream from Amazon WorkSpaces, WorkSpaces Web, or AppStream 2.0.", + "replaceOnChanges": true + }, + "desktopEndpoint": { + "type": "string", + "description": "The URL for the identity provider login (only for environments that use AppStream 2.0)." + }, + "desktopType": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentDesktopType", + "description": "The type of VDI." + }, + "deviceCreationTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentTag" + }, + "description": "An array of key-value pairs to apply to the newly created devices for this environment." + }, + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Key Management Service key used to encrypt the environment.", + "replaceOnChanges": true + }, + "maintenanceWindow": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentMaintenanceWindow", + "description": "A specification for a time window to apply software updates." + }, + "name": { + "type": "string", + "description": "The name of the environment." + }, + "pendingSoftwareSetId": { + "type": "string", + "description": "The ID of the software set that is pending to be installed." + }, + "pendingSoftwareSetVersion": { + "type": "string", + "description": "The version of the software set that is pending to be installed." + }, + "registeredDevicesCount": { + "type": "integer", + "description": "Number of devices registered to the environment." + }, + "softwareSetComplianceStatus": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentSoftwareSetComplianceStatus", + "description": "Describes if the software currently installed on all devices in the environment is a supported version." + }, + "softwareSetUpdateMode": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentSoftwareSetUpdateMode", + "description": "An option to define which software updates to apply." + }, + "softwareSetUpdateSchedule": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentSoftwareSetUpdateSchedule", + "description": "An option to define if software updates should be applied within a maintenance window." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + }, + "updatedAt": { + "type": "string", + "description": "The timestamp in unix epoch format when environment was last updated." + } + }, + "autoNamingSpec": { + "sdkName": "name", + "minLength": 1, + "maxLength": 64 + }, + "required": [ + "desktopArn" + ], + "createOnly": [ + "desktopArn", + "kmsKeyArn" + ], + "irreversibleNames": { + "awsId": "Id" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:workspacesweb:BrowserSettings": { + "cf": "AWS::WorkSpacesWeb::BrowserSettings", + "inputs": { + "additionalEncryptionContext": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Additional encryption context of the browser settings." + }, + "browserPolicy": { + "type": "string", + "description": "A JSON string containing Chrome Enterprise policies that will be applied to all streaming sessions." + }, + "customerManagedKey": { + "type": "string", + "description": "The custom managed key of the browser settings.\n\n*Pattern* : `^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the browser settings resource. A tag is a key-value pair." + } + }, + "outputs": { + "additionalEncryptionContext": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Additional encryption context of the browser settings.", + "replaceOnChanges": true + }, + "associatedPortalArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of web portal ARNs that the browser settings resource is associated with." + }, + "browserPolicy": { + "type": "string", + "description": "A JSON string containing Chrome Enterprise policies that will be applied to all streaming sessions." + }, + "browserSettingsArn": { + "type": "string", + "description": "The ARN of the browser settings." + }, + "customerManagedKey": { + "type": "string", + "description": "The custom managed key of the browser settings.\n\n*Pattern* : `^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$`", + "replaceOnChanges": true + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the browser settings resource. A tag is a key-value pair." + } + }, + "createOnly": [ + "additionalEncryptionContext", + "customerManagedKey" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:workspacesweb:IdentityProvider": { + "cf": "AWS::WorkSpacesWeb::IdentityProvider", + "inputs": { + "identityProviderDetails": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The identity provider details. The following list describes the provider detail keys for each identity provider type.\n\n- For Google and Login with Amazon:\n\n- `client_id`\n- `client_secret`\n- `authorize_scopes`\n- For Facebook:\n\n- `client_id`\n- `client_secret`\n- `authorize_scopes`\n- `api_version`\n- For Sign in with Apple:\n\n- `client_id`\n- `team_id`\n- `key_id`\n- `private_key`\n- `authorize_scopes`\n- For OIDC providers:\n\n- `client_id`\n- `client_secret`\n- `attributes_request_method`\n- `oidc_issuer`\n- `authorize_scopes`\n- `authorize_url` *if not available from discovery URL specified by oidc_issuer key*\n- `token_url` *if not available from discovery URL specified by oidc_issuer key*\n- `attributes_url` *if not available from discovery URL specified by oidc_issuer key*\n- `jwks_uri` *if not available from discovery URL specified by oidc_issuer key*\n- For SAML providers:\n\n- `MetadataFile` OR `MetadataURL`\n- `IDPSignout` (boolean) *optional*\n- `IDPInit` (boolean) *optional*\n- `RequestSigningAlgorithm` (string) *optional* - Only accepts `rsa-sha256`\n- `EncryptedResponses` (boolean) *optional*" + }, + "identityProviderName": { + "type": "string", + "description": "The identity provider name." + }, + "identityProviderType": { + "$ref": "#/types/aws-native:workspacesweb:IdentityProviderType", + "description": "The identity provider type." + }, + "portalArn": { + "type": "string", + "description": "The ARN of the identity provider." + } + }, + "outputs": { + "identityProviderArn": { + "type": "string", + "description": "The ARN of the identity provider." + }, + "identityProviderDetails": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The identity provider details. The following list describes the provider detail keys for each identity provider type.\n\n- For Google and Login with Amazon:\n\n- `client_id`\n- `client_secret`\n- `authorize_scopes`\n- For Facebook:\n\n- `client_id`\n- `client_secret`\n- `authorize_scopes`\n- `api_version`\n- For Sign in with Apple:\n\n- `client_id`\n- `team_id`\n- `key_id`\n- `private_key`\n- `authorize_scopes`\n- For OIDC providers:\n\n- `client_id`\n- `client_secret`\n- `attributes_request_method`\n- `oidc_issuer`\n- `authorize_scopes`\n- `authorize_url` *if not available from discovery URL specified by oidc_issuer key*\n- `token_url` *if not available from discovery URL specified by oidc_issuer key*\n- `attributes_url` *if not available from discovery URL specified by oidc_issuer key*\n- `jwks_uri` *if not available from discovery URL specified by oidc_issuer key*\n- For SAML providers:\n\n- `MetadataFile` OR `MetadataURL`\n- `IDPSignout` (boolean) *optional*\n- `IDPInit` (boolean) *optional*\n- `RequestSigningAlgorithm` (string) *optional* - Only accepts `rsa-sha256`\n- `EncryptedResponses` (boolean) *optional*" + }, + "identityProviderName": { + "type": "string", + "description": "The identity provider name." + }, + "identityProviderType": { + "$ref": "#/types/aws-native:workspacesweb:IdentityProviderType", + "description": "The identity provider type." + }, + "portalArn": { + "type": "string", + "description": "The ARN of the identity provider.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "identityProviderName", + "minLength": 1, + "maxLength": 32 + }, + "required": [ + "identityProviderDetails", + "identityProviderType" + ], + "createOnly": [ + "portalArn" + ], + "writeOnly": [ + "portalArn" + ] + }, + "aws-native:workspacesweb:IpAccessSettings": { + "cf": "AWS::WorkSpacesWeb::IpAccessSettings", + "inputs": { + "additionalEncryptionContext": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Additional encryption context of the IP access settings." + }, + "customerManagedKey": { + "type": "string", + "description": "The custom managed key of the IP access settings.\n\n*Pattern* : `^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$`" + }, + "description": { + "type": "string", + "description": "The description of the IP access settings." + }, + "displayName": { + "type": "string", + "description": "The display name of the IP access settings." + }, + "ipRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:workspacesweb:IpAccessSettingsIpRule" + }, + "description": "The IP rules of the IP access settings." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the IP access settings resource. A tag is a key-value pair." + } + }, + "outputs": { + "additionalEncryptionContext": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Additional encryption context of the IP access settings.", + "replaceOnChanges": true + }, + "associatedPortalArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of web portal ARNs that this IP access settings resource is associated with." + }, + "creationDate": { + "type": "string", + "description": "The creation date timestamp of the IP access settings." + }, + "customerManagedKey": { + "type": "string", + "description": "The custom managed key of the IP access settings.\n\n*Pattern* : `^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$`", + "replaceOnChanges": true + }, + "description": { + "type": "string", + "description": "The description of the IP access settings." + }, + "displayName": { + "type": "string", + "description": "The display name of the IP access settings." + }, + "ipAccessSettingsArn": { + "type": "string", + "description": "The ARN of the IP access settings resource." + }, + "ipRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:workspacesweb:IpAccessSettingsIpRule" + }, + "description": "The IP rules of the IP access settings." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the IP access settings resource. A tag is a key-value pair." + } + }, + "required": [ + "ipRules" + ], + "createOnly": [ + "additionalEncryptionContext", + "customerManagedKey" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:workspacesweb:NetworkSettings": { + "cf": "AWS::WorkSpacesWeb::NetworkSettings", + "inputs": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more security groups used to control access from streaming instances to your VPC.\n\n*Pattern* : `^[\\w+\\-]+$`" + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The subnets in which network interfaces are created to connect streaming instances to your VPC. At least two of these subnets must be in different availability zones.\n\n*Pattern* : `^subnet-([0-9a-f]{8}|[0-9a-f]{17})$`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the network settings resource. A tag is a key-value pair." + }, + "vpcId": { + "type": "string", + "description": "The VPC that streaming instances will connect to.\n\n*Pattern* : `^vpc-[0-9a-z]*$`" + } + }, + "outputs": { + "associatedPortalArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of web portal ARNs that this network settings is associated with." + }, + "networkSettingsArn": { + "type": "string", + "description": "The ARN of the network settings." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more security groups used to control access from streaming instances to your VPC.\n\n*Pattern* : `^[\\w+\\-]+$`" + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The subnets in which network interfaces are created to connect streaming instances to your VPC. At least two of these subnets must be in different availability zones.\n\n*Pattern* : `^subnet-([0-9a-f]{8}|[0-9a-f]{17})$`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the network settings resource. A tag is a key-value pair." + }, + "vpcId": { + "type": "string", + "description": "The VPC that streaming instances will connect to.\n\n*Pattern* : `^vpc-[0-9a-z]*$`" + } + }, + "required": [ + "securityGroupIds", + "subnetIds", + "vpcId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:workspacesweb:Portal": { + "cf": "AWS::WorkSpacesWeb::Portal", + "inputs": { + "additionalEncryptionContext": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The additional encryption context of the portal." + }, + "authenticationType": { + "$ref": "#/types/aws-native:workspacesweb:PortalAuthenticationType", + "description": "The type of authentication integration points used when signing into the web portal. Defaults to `Standard` .\n\n`Standard` web portals are authenticated directly through your identity provider (IdP). User and group access to your web portal is controlled through your IdP. You need to include an IdP resource in your template to integrate your IdP with your web portal. Completing the configuration for your IdP requires exchanging WorkSpaces Secure Browser’s SP metadata with your IdP’s IdP metadata. If your IdP requires the SP metadata first before returning the IdP metadata, you should follow these steps:\n\n1. Create and deploy a CloudFormation template with a `Standard` portal with no `IdentityProvider` resource.\n\n2. Retrieve the SP metadata using `Fn:GetAtt` , the WorkSpaces Secure Browser console, or by the calling the `GetPortalServiceProviderMetadata` API.\n\n3. Submit the data to your IdP.\n\n4. Add an `IdentityProvider` resource to your CloudFormation template.\n\n`IAM Identity Center` web portals are authenticated through AWS IAM Identity Center . They provide additional features, such as IdP-initiated authentication. Identity sources (including external identity provider integration) and other identity provider information must be configured in IAM Identity Center . User and group assignment must be done through the WorkSpaces Secure Browser console. These cannot be configured in CloudFormation." + }, + "browserSettingsArn": { + "type": "string", + "description": "The ARN of the browser settings that is associated with this web portal." + }, + "customerManagedKey": { + "type": "string", + "description": "The customer managed key of the web portal.\n\n*Pattern* : `^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$`" + }, + "displayName": { + "type": "string", + "description": "The name of the web portal." + }, + "instanceType": { + "$ref": "#/types/aws-native:workspacesweb:PortalInstanceType", + "description": "The type and resources of the underlying instance." + }, + "ipAccessSettingsArn": { + "type": "string", + "description": "The ARN of the IP access settings that is associated with the web portal." + }, + "maxConcurrentSessions": { + "type": "number", + "description": "The maximum number of concurrent sessions for the portal." + }, + "networkSettingsArn": { + "type": "string", + "description": "The ARN of the network settings that is associated with the web portal." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the web portal. A tag is a key-value pair." + }, + "trustStoreArn": { + "type": "string", + "description": "The ARN of the trust store that is associated with the web portal." + }, + "userAccessLoggingSettingsArn": { + "type": "string", + "description": "The ARN of the user access logging settings that is associated with the web portal." + }, + "userSettingsArn": { + "type": "string", + "description": "The ARN of the user settings that is associated with the web portal." + } + }, + "outputs": { + "additionalEncryptionContext": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The additional encryption context of the portal.", + "replaceOnChanges": true + }, + "authenticationType": { + "$ref": "#/types/aws-native:workspacesweb:PortalAuthenticationType", + "description": "The type of authentication integration points used when signing into the web portal. Defaults to `Standard` .\n\n`Standard` web portals are authenticated directly through your identity provider (IdP). User and group access to your web portal is controlled through your IdP. You need to include an IdP resource in your template to integrate your IdP with your web portal. Completing the configuration for your IdP requires exchanging WorkSpaces Secure Browser’s SP metadata with your IdP’s IdP metadata. If your IdP requires the SP metadata first before returning the IdP metadata, you should follow these steps:\n\n1. Create and deploy a CloudFormation template with a `Standard` portal with no `IdentityProvider` resource.\n\n2. Retrieve the SP metadata using `Fn:GetAtt` , the WorkSpaces Secure Browser console, or by the calling the `GetPortalServiceProviderMetadata` API.\n\n3. Submit the data to your IdP.\n\n4. Add an `IdentityProvider` resource to your CloudFormation template.\n\n`IAM Identity Center` web portals are authenticated through AWS IAM Identity Center . They provide additional features, such as IdP-initiated authentication. Identity sources (including external identity provider integration) and other identity provider information must be configured in IAM Identity Center . User and group assignment must be done through the WorkSpaces Secure Browser console. These cannot be configured in CloudFormation." + }, + "browserSettingsArn": { + "type": "string", + "description": "The ARN of the browser settings that is associated with this web portal." + }, + "browserType": { + "$ref": "#/types/aws-native:workspacesweb:PortalBrowserType", + "description": "The browser that users see when using a streaming session." + }, + "creationDate": { + "type": "string", + "description": "The creation date of the web portal." + }, + "customerManagedKey": { + "type": "string", + "description": "The customer managed key of the web portal.\n\n*Pattern* : `^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$`", + "replaceOnChanges": true + }, + "displayName": { + "type": "string", + "description": "The name of the web portal." + }, + "instanceType": { + "$ref": "#/types/aws-native:workspacesweb:PortalInstanceType", + "description": "The type and resources of the underlying instance." + }, + "ipAccessSettingsArn": { + "type": "string", + "description": "The ARN of the IP access settings that is associated with the web portal." + }, + "maxConcurrentSessions": { + "type": "number", + "description": "The maximum number of concurrent sessions for the portal." + }, + "networkSettingsArn": { + "type": "string", + "description": "The ARN of the network settings that is associated with the web portal." + }, + "portalArn": { + "type": "string", + "description": "The ARN of the web portal." + }, + "portalEndpoint": { + "type": "string", + "description": "The endpoint URL of the web portal that users access in order to start streaming sessions." + }, + "portalStatus": { + "$ref": "#/types/aws-native:workspacesweb:PortalStatus", + "description": "The status of the web portal." + }, + "rendererType": { + "$ref": "#/types/aws-native:workspacesweb:PortalRendererType", + "description": "The renderer that is used in streaming sessions." + }, + "serviceProviderSamlMetadata": { + "type": "string", + "description": "The SAML metadata of the service provider." + }, + "statusReason": { + "type": "string", + "description": "A message that explains why the web portal is in its current status." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the web portal. A tag is a key-value pair." + }, + "trustStoreArn": { + "type": "string", + "description": "The ARN of the trust store that is associated with the web portal." + }, + "userAccessLoggingSettingsArn": { + "type": "string", + "description": "The ARN of the user access logging settings that is associated with the web portal." + }, + "userSettingsArn": { + "type": "string", + "description": "The ARN of the user settings that is associated with the web portal." + } + }, + "createOnly": [ + "additionalEncryptionContext", + "customerManagedKey" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:workspacesweb:TrustStore": { + "cf": "AWS::WorkSpacesWeb::TrustStore", + "inputs": { + "certificateList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of CA certificates to be added to the trust store." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the trust store. A tag is a key-value pair." + } + }, + "outputs": { + "associatedPortalArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of web portal ARNs that this trust store is associated with." + }, + "certificateList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of CA certificates to be added to the trust store." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the trust store. A tag is a key-value pair." + }, + "trustStoreArn": { + "type": "string", + "description": "The ARN of the trust store." + } + }, + "required": [ + "certificateList" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:workspacesweb:UserAccessLoggingSettings": { + "cf": "AWS::WorkSpacesWeb::UserAccessLoggingSettings", + "inputs": { + "kinesisStreamArn": { + "type": "string", + "description": "Kinesis stream ARN to which log events are published." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the user access logging settings resource. A tag is a key-value pair." + } + }, + "outputs": { + "associatedPortalArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of web portal ARNs that this user access logging settings is associated with." + }, + "kinesisStreamArn": { + "type": "string", + "description": "Kinesis stream ARN to which log events are published." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the user access logging settings resource. A tag is a key-value pair." + }, + "userAccessLoggingSettingsArn": { + "type": "string", + "description": "The ARN of the user access logging settings." + } + }, + "required": [ + "kinesisStreamArn" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:workspacesweb:UserSettings": { + "cf": "AWS::WorkSpacesWeb::UserSettings", + "inputs": { + "additionalEncryptionContext": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The additional encryption context of the user settings." + }, + "cookieSynchronizationConfiguration": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsCookieSynchronizationConfiguration", + "description": "The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser." + }, + "copyAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can copy text from the streaming session to the local device." + }, + "customerManagedKey": { + "type": "string", + "description": "The customer managed key used to encrypt sensitive information in the user settings." + }, + "deepLinkAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can use deep links that open automatically when connecting to a session." + }, + "disconnectTimeoutInMinutes": { + "type": "number", + "description": "The amount of time that a streaming session remains active after users disconnect." + }, + "downloadAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can download files from the streaming session to the local device." + }, + "idleDisconnectTimeoutInMinutes": { + "type": "number", + "description": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins." + }, + "pasteAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can paste text from the local device to the streaming session." + }, + "printAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can print to the local device." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the user settings resource. A tag is a key-value pair." + }, + "uploadAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can upload files from the local device to the streaming session." + } + }, + "outputs": { + "additionalEncryptionContext": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The additional encryption context of the user settings.", + "replaceOnChanges": true + }, + "associatedPortalArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of web portal ARNs that this user settings resource is associated with." + }, + "cookieSynchronizationConfiguration": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsCookieSynchronizationConfiguration", + "description": "The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser." + }, + "copyAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can copy text from the streaming session to the local device." + }, + "customerManagedKey": { + "type": "string", + "description": "The customer managed key used to encrypt sensitive information in the user settings.", + "replaceOnChanges": true + }, + "deepLinkAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can use deep links that open automatically when connecting to a session." + }, + "disconnectTimeoutInMinutes": { + "type": "number", + "description": "The amount of time that a streaming session remains active after users disconnect." + }, + "downloadAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can download files from the streaming session to the local device." + }, + "idleDisconnectTimeoutInMinutes": { + "type": "number", + "description": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins." + }, + "pasteAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can paste text from the local device to the streaming session." + }, + "printAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can print to the local device." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "The tags to add to the user settings resource. A tag is a key-value pair." + }, + "uploadAllowed": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsEnabledType", + "description": "Specifies whether the user can upload files from the local device to the streaming session." + }, + "userSettingsArn": { + "type": "string", + "description": "The ARN of the user settings." + } + }, + "required": [ + "copyAllowed", + "downloadAllowed", + "pasteAllowed", + "printAllowed", + "uploadAllowed" + ], + "createOnly": [ + "additionalEncryptionContext", + "customerManagedKey" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:xray:Group": { + "cf": "AWS::XRay::Group", + "inputs": { + "filterExpression": { + "type": "string", + "description": "The filter expression defining criteria by which to group traces." + }, + "groupName": { + "type": "string", + "description": "The case-sensitive name of the new group. Names must be unique." + }, + "insightsConfiguration": { + "$ref": "#/types/aws-native:xray:GroupInsightsConfiguration", + "description": "The structure containing configurations related to insights.\n\n- The InsightsEnabled boolean can be set to true to enable insights for the group or false to disable insights for the group.\n- The NotificationsEnabled boolean can be set to true to enable insights notifications through Amazon EventBridge for the group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "filterExpression": { + "type": "string", + "description": "The filter expression defining criteria by which to group traces." + }, + "groupArn": { + "type": "string", + "description": "The ARN of the group that was generated on creation." + }, + "groupName": { + "type": "string", + "description": "The case-sensitive name of the new group. Names must be unique." + }, + "insightsConfiguration": { + "$ref": "#/types/aws-native:xray:GroupInsightsConfiguration", + "description": "The structure containing configurations related to insights.\n\n- The InsightsEnabled boolean can be set to true to enable insights for the group or false to disable insights for the group.\n- The NotificationsEnabled boolean can be set to true to enable insights notifications through Amazon EventBridge for the group." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "groupName", + "minLength": 1, + "maxLength": 32 + }, + "irreversibleNames": { + "groupArn": "GroupARN" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + }, + "aws-native:xray:ResourcePolicy": { + "cf": "AWS::XRay::ResourcePolicy", + "inputs": { + "bypassPolicyLockoutCheck": { + "type": "boolean", + "description": "A flag to indicate whether to bypass the resource policy lockout safety check" + }, + "policyDocument": { + "type": "string", + "description": "The resource policy document, which can be up to 5kb in size." + }, + "policyName": { + "type": "string", + "description": "The name of the resource policy. Must be unique within a specific AWS account." + } + }, + "outputs": { + "bypassPolicyLockoutCheck": { + "type": "boolean", + "description": "A flag to indicate whether to bypass the resource policy lockout safety check" + }, + "policyDocument": { + "type": "string", + "description": "The resource policy document, which can be up to 5kb in size." + }, + "policyName": { + "type": "string", + "description": "The name of the resource policy. Must be unique within a specific AWS account.", + "replaceOnChanges": true + } + }, + "autoNamingSpec": { + "sdkName": "policyName", + "minLength": 1, + "maxLength": 128 + }, + "required": [ + "policyDocument" + ], + "createOnly": [ + "policyName" + ], + "writeOnly": [ + "bypassPolicyLockoutCheck" + ] + }, + "aws-native:xray:SamplingRule": { + "cf": "AWS::XRay::SamplingRule", + "inputs": { + "ruleName": { + "type": "string" + }, + "samplingRule": { + "$ref": "#/types/aws-native:xray:SamplingRule", + "description": "The sampling rule to be created or updated.", + "language": { + "csharp": { + "name": "SamplingRuleValue" + } + } + }, + "samplingRuleRecord": { + "$ref": "#/types/aws-native:xray:SamplingRuleRecord" + }, + "samplingRuleUpdate": { + "$ref": "#/types/aws-native:xray:SamplingRuleUpdate" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "outputs": { + "ruleArn": { + "type": "string", + "description": "The sampling rule ARN that was created or updated." + }, + "ruleName": { + "type": "string" + }, + "samplingRule": { + "$ref": "#/types/aws-native:xray:SamplingRule", + "description": "The sampling rule to be created or updated.", + "language": { + "csharp": { + "name": "SamplingRuleValue" + } + } + }, + "samplingRuleRecord": { + "$ref": "#/types/aws-native:xray:SamplingRuleRecord" + }, + "samplingRuleUpdate": { + "$ref": "#/types/aws-native:xray:SamplingRuleUpdate" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "An array of key-value pairs to apply to this resource." + } + }, + "autoNamingSpec": { + "sdkName": "ruleName" + }, + "createOnly": [ + "samplingRule/Version" + ], + "irreversibleNames": { + "ruleArn": "RuleARN" + }, + "tagsProperty": "tags", + "tagsStyle": "keyValueArray" + } + }, + "types": { + "aws-native:accessanalyzer:AnalyzerArchiveRule": { + "type": "object", + "properties": { + "filter": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:accessanalyzer:AnalyzerFilter" + }, + "description": "The criteria for the rule." + }, + "ruleName": { + "type": "string", + "description": "The archive rule name" + } + } + }, + "aws-native:accessanalyzer:AnalyzerConfigurationProperties": { + "type": "object", + "properties": { + "unusedAccessConfiguration": { + "$ref": "#/types/aws-native:accessanalyzer:AnalyzerUnusedAccessConfiguration", + "description": "Specifies the configuration of an unused access analyzer for an AWS organization or account. External access analyzers do not support any configuration." + } + } + }, + "aws-native:accessanalyzer:AnalyzerFilter": { + "type": "object", + "properties": { + "contains": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A \"contains\" condition to match for the rule." + }, + "eq": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An \"equals\" condition to match for the rule." + }, + "exists": { + "type": "boolean", + "description": "An \"exists\" condition to match for the rule." + }, + "neq": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A \"not equal\" condition to match for the rule." + }, + "property": { + "type": "string", + "description": "The property used to define the criteria in the filter for the rule." + } + } + }, + "aws-native:accessanalyzer:AnalyzerTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:accessanalyzer:AnalyzerUnusedAccessConfiguration": { + "type": "object", + "properties": { + "unusedAccessAge": { + "type": "integer", + "description": "The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 180 days." + } + } + }, + "aws-native:acmpca:CertificateApiPassthrough": { + "type": "object", + "properties": { + "extensions": { + "$ref": "#/types/aws-native:acmpca:CertificateExtensions", + "description": "Specifies X.509 extension information for a certificate." + }, + "subject": { + "$ref": "#/types/aws-native:acmpca:CertificateSubject", + "description": "Contains information about the certificate subject. The Subject field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The Subject must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate." + } + } + }, + "aws-native:acmpca:CertificateAuthorityAccessDescription": { + "type": "object", + "properties": { + "accessLocation": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityGeneralName" + }, + "accessMethod": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityAccessMethod" + } + } + }, + "aws-native:acmpca:CertificateAuthorityAccessMethod": { + "type": "object", + "properties": { + "accessMethodType": { + "type": "string" + }, + "customObjectIdentifier": { + "type": "string" + } + } + }, + "aws-native:acmpca:CertificateAuthorityCrlConfiguration": { + "type": "object", + "properties": { + "crlDistributionPointExtensionConfiguration": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityCrlDistributionPointExtensionConfiguration", + "description": "Configures the default behavior of the CRL Distribution Point extension for certificates issued by your CA. If this field is not provided, then the CRL Distribution Point extension will be present and contain the default CRL URL." + }, + "customCname": { + "type": "string", + "description": "Name inserted into the certificate *CRL Distribution Points* extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.\n\n\u003e The content of a Canonical Name (CNAME) record must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as \"http://\" or \"https://\"." + }, + "customPath": { + "type": "string" + }, + "enabled": { + "type": "boolean", + "description": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the `CreateCertificateAuthority` operation or for an existing CA when you call the `UpdateCertificateAuthority` operation." + }, + "expirationInDays": { + "type": "integer", + "description": "Validity period of the CRL in days." + }, + "partitioningEnabled": { + "type": "boolean" + }, + "retainExpiredCertificates": { + "type": "boolean" + }, + "s3BucketName": { + "type": "string", + "description": "Name of the S3 bucket that contains the CRL. If you do not provide a value for the *CustomCname* argument, the name of your S3 bucket is placed into the *CRL Distribution Points* extension of the issued certificate. You can change the name of your bucket by calling the [UpdateCertificateAuthority](https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html) operation. You must specify a [bucket policy](https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-policies) that allows AWS Private CA to write the CRL to your bucket.\n\n\u003e The `S3BucketName` parameter must conform to the [S3 bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) ." + }, + "s3ObjectAcl": { + "type": "string", + "description": "Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. If you choose PUBLIC_READ, the CRL will be accessible over the public internet. If you choose BUCKET_OWNER_FULL_CONTROL, only the owner of the CRL S3 bucket can access the CRL, and your PKI clients may need an alternative method of access.\n\nIf no value is specified, the default is PUBLIC_READ.\n\n*Note:* This default can cause CA creation to fail in some circumstances. If you have have enabled the Block Public Access (BPA) feature in your S3 account, then you must specify the value of this parameter as `BUCKET_OWNER_FULL_CONTROL` , and not doing so results in an error. If you have disabled BPA in S3, then you can specify either `BUCKET_OWNER_FULL_CONTROL` or `PUBLIC_READ` as the value.\n\nFor more information, see [Blocking public access to the S3 bucket](https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-bpa) ." + } + }, + "irreversibleNames": { + "s3BucketName": "S3BucketName", + "s3ObjectAcl": "S3ObjectAcl" + } + }, + "aws-native:acmpca:CertificateAuthorityCrlDistributionPointExtensionConfiguration": { + "type": "object", + "properties": { + "omitExtension": { + "type": "boolean", + "description": "Configures whether the CRL Distribution Point extension should be populated with the default URL to the CRL. If set to `true` , then the CDP extension will not be present in any certificates issued by that CA unless otherwise specified through CSR or API passthrough.\n\n\u003e Only set this if you have another way to distribute the CRL Distribution Points for certificates issued by your CA, such as the Matter Distributed Compliance Ledger.\n\u003e \n\u003e This configuration cannot be enabled with a custom CNAME set." + } + } + }, + "aws-native:acmpca:CertificateAuthorityCsrExtensions": { + "type": "object", + "properties": { + "keyUsage": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityKeyUsage", + "description": "Indicates the purpose of the certificate and of the key contained in the certificate." + }, + "subjectInformationAccess": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityAccessDescription" + }, + "description": "For CA certificates, provides a path to additional information pertaining to the CA, such as revocation and policy. For more information, see [Subject Information Access](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.2.2) in RFC 5280." + } + } + }, + "aws-native:acmpca:CertificateAuthorityCustomAttribute": { + "type": "object", + "properties": { + "objectIdentifier": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:acmpca:CertificateAuthorityEdiPartyName": { + "type": "object", + "properties": { + "nameAssigner": { + "type": "string" + }, + "partyName": { + "type": "string" + } + } + }, + "aws-native:acmpca:CertificateAuthorityGeneralName": { + "type": "object", + "properties": { + "directoryName": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthoritySubject" + }, + "dnsName": { + "type": "string" + }, + "ediPartyName": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityEdiPartyName" + }, + "ipAddress": { + "type": "string" + }, + "otherName": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityOtherName" + }, + "registeredId": { + "type": "string" + }, + "rfc822Name": { + "type": "string" + }, + "uniformResourceIdentifier": { + "type": "string" + } + }, + "irreversibleNames": { + "rfc822Name": "Rfc822Name" + } + }, + "aws-native:acmpca:CertificateAuthorityKeyUsage": { + "type": "object", + "properties": { + "crlSign": { + "type": "boolean", + "description": "Key can be used to sign CRLs." + }, + "dataEncipherment": { + "type": "boolean", + "description": "Key can be used to decipher data." + }, + "decipherOnly": { + "type": "boolean", + "description": "Key can be used only to decipher data." + }, + "digitalSignature": { + "type": "boolean", + "description": "Key can be used for digital signing." + }, + "encipherOnly": { + "type": "boolean", + "description": "Key can be used only to encipher data." + }, + "keyAgreement": { + "type": "boolean", + "description": "Key can be used in a key-agreement protocol." + }, + "keyCertSign": { + "type": "boolean", + "description": "Key can be used to sign certificates." + }, + "keyEncipherment": { + "type": "boolean", + "description": "Key can be used to encipher data." + }, + "nonRepudiation": { + "type": "boolean", + "description": "Key can be used for non-repudiation." + } + }, + "irreversibleNames": { + "crlSign": "CRLSign" + } + }, + "aws-native:acmpca:CertificateAuthorityOcspConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status." + }, + "ocspCustomCname": { + "type": "string", + "description": "By default, AWS Private CA injects an Amazon domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.\n\n\u003e The content of a Canonical Name (CNAME) record must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as \"http://\" or \"https://\"." + } + } + }, + "aws-native:acmpca:CertificateAuthorityOtherName": { + "type": "object", + "properties": { + "typeId": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:acmpca:CertificateAuthorityRevocationConfiguration": { + "type": "object", + "properties": { + "crlConfiguration": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityCrlConfiguration", + "description": "Configuration of the certificate revocation list (CRL), if any, maintained by your private CA." + }, + "ocspConfiguration": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityOcspConfiguration", + "description": "Configuration of Online Certificate Status Protocol (OCSP) support, if any, maintained by your private CA." + } + } + }, + "aws-native:acmpca:CertificateAuthoritySubject": { + "type": "object", + "properties": { + "commonName": { + "type": "string" + }, + "country": { + "type": "string" + }, + "customAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:acmpca:CertificateAuthorityCustomAttribute" + } + }, + "distinguishedNameQualifier": { + "type": "string" + }, + "generationQualifier": { + "type": "string" + }, + "givenName": { + "type": "string" + }, + "initials": { + "type": "string" + }, + "locality": { + "type": "string" + }, + "organization": { + "type": "string" + }, + "organizationalUnit": { + "type": "string" + }, + "pseudonym": { + "type": "string" + }, + "serialNumber": { + "type": "string" + }, + "state": { + "type": "string" + }, + "surname": { + "type": "string" + }, + "title": { + "type": "string" + } + } + }, + "aws-native:acmpca:CertificateAuthorityTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Key (name) of the tag." + }, + "value": { + "type": "string", + "description": "Value of the tag." + } + } + }, + "aws-native:acmpca:CertificateCustomAttribute": { + "type": "object", + "properties": { + "objectIdentifier": { + "type": "string", + "description": "Specifies the object identifier (OID) of the attribute type of the relative distinguished name (RDN)." + }, + "value": { + "type": "string", + "description": "Specifies the attribute value of relative distinguished name (RDN)." + } + } + }, + "aws-native:acmpca:CertificateCustomExtension": { + "type": "object", + "properties": { + "critical": { + "type": "boolean", + "description": "Specifies the critical flag of the X.509 extension." + }, + "objectIdentifier": { + "type": "string", + "description": "Specifies the object identifier (OID) of the X.509 extension. For more information, see the [Global OID reference database.](https://docs.aws.amazon.com/https://oidref.com/2.5.29)" + }, + "value": { + "type": "string", + "description": "Specifies the base64-encoded value of the X.509 extension." + } + } + }, + "aws-native:acmpca:CertificateEdiPartyName": { + "type": "object", + "properties": { + "nameAssigner": { + "type": "string", + "description": "Specifies the name assigner." + }, + "partyName": { + "type": "string", + "description": "Specifies the party name." + } + } + }, + "aws-native:acmpca:CertificateExtendedKeyUsage": { + "type": "object", + "properties": { + "extendedKeyUsageObjectIdentifier": { + "type": "string", + "description": "Specifies a custom ``ExtendedKeyUsage`` with an object identifier (OID)." + }, + "extendedKeyUsageType": { + "type": "string", + "description": "Specifies a standard ``ExtendedKeyUsage`` as defined as in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12)." + } + } + }, + "aws-native:acmpca:CertificateExtensions": { + "type": "object", + "properties": { + "certificatePolicies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:acmpca:CertificatePolicyInformation" + }, + "description": "Contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. For more information, see NIST's definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier).\n In an end-entity certificate, these terms indicate the policy under which the certificate was issued and the purposes for which it may be used. In a CA certificate, these terms limit the set of policies for certification paths that include this certificate." + }, + "customExtensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:acmpca:CertificateCustomExtension" + }, + "description": "Contains a sequence of one or more X.509 extensions, each of which consists of an object identifier (OID), a base64-encoded value, and the critical flag. For more information, see the [Global OID reference database.](https://docs.aws.amazon.com/https://oidref.com/2.5.29)" + }, + "extendedKeyUsage": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:acmpca:CertificateExtendedKeyUsage" + }, + "description": "Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the ``KeyUsage`` extension." + }, + "keyUsage": { + "$ref": "#/types/aws-native:acmpca:CertificateKeyUsage", + "description": "Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false." + }, + "subjectAlternativeNames": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:acmpca:CertificateGeneralName" + }, + "description": "The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate." + } + } + }, + "aws-native:acmpca:CertificateGeneralName": { + "type": "object", + "properties": { + "directoryName": { + "$ref": "#/types/aws-native:acmpca:CertificateSubject", + "description": "Contains information about the certificate subject. The certificate can be one issued by your private certificate authority (CA) or it can be your private CA certificate. The Subject field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The Subject must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate. The DN must be unique for each entity, but your private CA can issue more than one certificate with the same DN to the same entity." + }, + "dnsName": { + "type": "string", + "description": "Represents ``GeneralName`` as a DNS name." + }, + "ediPartyName": { + "$ref": "#/types/aws-native:acmpca:CertificateEdiPartyName", + "description": "Represents ``GeneralName`` as an ``EdiPartyName`` object." + }, + "ipAddress": { + "type": "string", + "description": "Represents ``GeneralName`` as an IPv4 or IPv6 address." + }, + "otherName": { + "$ref": "#/types/aws-native:acmpca:CertificateOtherName", + "description": "Represents ``GeneralName`` using an ``OtherName`` object." + }, + "registeredId": { + "type": "string", + "description": "Represents ``GeneralName`` as an object identifier (OID)." + }, + "rfc822Name": { + "type": "string", + "description": "Represents ``GeneralName`` as an [RFC 822](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc822) email address." + }, + "uniformResourceIdentifier": { + "type": "string", + "description": "Represents ``GeneralName`` as a URI." + } + }, + "irreversibleNames": { + "rfc822Name": "Rfc822Name" + } + }, + "aws-native:acmpca:CertificateKeyUsage": { + "type": "object", + "properties": { + "crlSign": { + "type": "boolean", + "description": "Key can be used to sign CRLs." + }, + "dataEncipherment": { + "type": "boolean", + "description": "Key can be used to decipher data." + }, + "decipherOnly": { + "type": "boolean", + "description": "Key can be used only to decipher data." + }, + "digitalSignature": { + "type": "boolean", + "description": "Key can be used for digital signing." + }, + "encipherOnly": { + "type": "boolean", + "description": "Key can be used only to encipher data." + }, + "keyAgreement": { + "type": "boolean", + "description": "Key can be used in a key-agreement protocol." + }, + "keyCertSign": { + "type": "boolean", + "description": "Key can be used to sign certificates." + }, + "keyEncipherment": { + "type": "boolean", + "description": "Key can be used to encipher data." + }, + "nonRepudiation": { + "type": "boolean", + "description": "Key can be used for non-repudiation." + } + }, + "irreversibleNames": { + "crlSign": "CRLSign" + } + }, + "aws-native:acmpca:CertificateOtherName": { + "type": "object", + "properties": { + "typeId": { + "type": "string", + "description": "Specifies an OID." + }, + "value": { + "type": "string", + "description": "Specifies an OID value." + } + } + }, + "aws-native:acmpca:CertificatePolicyInformation": { + "type": "object", + "properties": { + "certPolicyId": { + "type": "string", + "description": "Specifies the object identifier (OID) of the certificate policy under which the certificate was issued. For more information, see NIST's definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier)." + }, + "policyQualifiers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:acmpca:CertificatePolicyQualifierInfo" + }, + "description": "Modifies the given ``CertPolicyId`` with a qualifier. AWS Private CA supports the certification practice statement (CPS) qualifier." + } + } + }, + "aws-native:acmpca:CertificatePolicyQualifierInfo": { + "type": "object", + "properties": { + "policyQualifierId": { + "type": "string", + "description": "Identifies the qualifier modifying a ``CertPolicyId``." + }, + "qualifier": { + "$ref": "#/types/aws-native:acmpca:CertificateQualifier", + "description": "Defines the qualifier type. AWS Private CA supports the use of a URI for a CPS qualifier in this field." + } + } + }, + "aws-native:acmpca:CertificateQualifier": { + "type": "object", + "properties": { + "cpsUri": { + "type": "string", + "description": "Contains a pointer to a certification practice statement (CPS) published by the CA." + } + } + }, + "aws-native:acmpca:CertificateSubject": { + "type": "object", + "properties": { + "commonName": { + "type": "string", + "description": "For CA and end-entity certificates in a private PKI, the common name (CN) can be any string within the length limit.\n Note: In publicly trusted certificates, the common name must be a fully qualified domain name (FQDN) associated with the certificate subject." + }, + "country": { + "type": "string", + "description": "Two-digit code that specifies the country in which the certificate subject located." + }, + "customAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:acmpca:CertificateCustomAttribute" + }, + "description": "Contains a sequence of one or more X.500 relative distinguished names (RDNs), each of which consists of an object identifier (OID) and a value. For more information, see NIST’s definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier).\n Custom attributes cannot be used in combination with standard attributes." + }, + "distinguishedNameQualifier": { + "type": "string", + "description": "Disambiguating information for the certificate subject." + }, + "generationQualifier": { + "type": "string", + "description": "Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third." + }, + "givenName": { + "type": "string", + "description": "First name." + }, + "initials": { + "type": "string", + "description": "Concatenation that typically contains the first letter of the *GivenName*, the first letter of the middle name if one exists, and the first letter of the *Surname*." + }, + "locality": { + "type": "string", + "description": "The locality (such as a city or town) in which the certificate subject is located." + }, + "organization": { + "type": "string", + "description": "Legal name of the organization with which the certificate subject is affiliated." + }, + "organizationalUnit": { + "type": "string", + "description": "A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated." + }, + "pseudonym": { + "type": "string", + "description": "Typically a shortened version of a longer *GivenName*. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza." + }, + "serialNumber": { + "type": "string", + "description": "The certificate serial number." + }, + "state": { + "type": "string", + "description": "State in which the subject of the certificate is located." + }, + "surname": { + "type": "string", + "description": "Family name. In the US and the UK, for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first." + }, + "title": { + "type": "string", + "description": "A title such as Mr. or Ms., which is pre-pended to the name to refer formally to the certificate subject." + } + } + }, + "aws-native:acmpca:CertificateValidity": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Specifies whether the ``Value`` parameter represents days, months, or years." + }, + "value": { + "type": "number", + "description": "A long integer interpreted according to the value of ``Type``, below." + } + } + }, + "aws-native:amplify:AppAutoBranchCreationConfig": { + "type": "object", + "properties": { + "autoBranchCreationPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Automated branch creation glob patterns for the Amplify app." + }, + "basicAuthConfig": { + "$ref": "#/types/aws-native:amplify:AppBasicAuthConfig", + "description": "Sets password protection for your auto created branch." + }, + "buildSpec": { + "type": "string", + "description": "The build specification (build spec) for the autocreated branch." + }, + "enableAutoBranchCreation": { + "type": "boolean", + "description": "Enables automated branch creation for the Amplify app." + }, + "enableAutoBuild": { + "type": "boolean", + "description": "Enables auto building for the auto created branch." + }, + "enablePerformanceMode": { + "type": "boolean", + "description": "Enables performance mode for the branch.\n\nPerformance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out." + }, + "enablePullRequestPreview": { + "type": "boolean", + "description": "Sets whether pull request previews are enabled for each branch that Amplify Hosting automatically creates for your app. Amplify creates previews by deploying your app to a unique URL whenever a pull request is opened for the branch. Development and QA teams can use this preview to test the pull request before it's merged into a production or integration branch.\n\nTo provide backend support for your preview, Amplify Hosting automatically provisions a temporary backend environment that it deletes when the pull request is closed. If you want to specify a dedicated backend environment for your previews, use the `PullRequestEnvironmentName` property.\n\nFor more information, see [Web Previews](https://docs.aws.amazon.com/amplify/latest/userguide/pr-previews.html) in the *AWS Amplify Hosting User Guide* ." + }, + "environmentVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplify:AppEnvironmentVariable" + }, + "description": "The environment variables for the autocreated branch." + }, + "framework": { + "type": "string", + "description": "The framework for the autocreated branch." + }, + "pullRequestEnvironmentName": { + "type": "string", + "description": "If pull request previews are enabled, you can use this property to specify a dedicated backend environment for your previews. For example, you could specify an environment named `prod` , `test` , or `dev` that you initialized with the Amplify CLI.\n\nTo enable pull request previews, set the `EnablePullRequestPreview` property to `true` .\n\nIf you don't specify an environment, Amplify Hosting provides backend support for each preview by automatically provisioning a temporary backend environment. Amplify deletes this environment when the pull request is closed.\n\nFor more information about creating backend environments, see [Feature Branch Deployments and Team Workflows](https://docs.aws.amazon.com/amplify/latest/userguide/multi-environments.html) in the *AWS Amplify Hosting User Guide* ." + }, + "stage": { + "$ref": "#/types/aws-native:amplify:AppAutoBranchCreationConfigStage", + "description": "Stage for the auto created branch." + } + } + }, + "aws-native:amplify:AppAutoBranchCreationConfigStage": { + "type": "string" + }, + "aws-native:amplify:AppBasicAuthConfig": { + "type": "object", + "properties": { + "enableBasicAuth": { + "type": "boolean", + "description": "Enables basic authorization for the Amplify app's branches." + }, + "password": { + "type": "string", + "description": "The password for basic authorization." + }, + "username": { + "type": "string", + "description": "The user name for basic authorization." + } + } + }, + "aws-native:amplify:AppCustomRule": { + "type": "object", + "properties": { + "condition": { + "type": "string", + "description": "The condition for a URL rewrite or redirect rule, such as a country code." + }, + "source": { + "type": "string", + "description": "The source pattern for a URL rewrite or redirect rule." + }, + "status": { + "type": "string", + "description": "The status code for a URL rewrite or redirect rule.\n\n- **200** - Represents a 200 rewrite rule.\n- **301** - Represents a 301 (moved pemanently) redirect rule. This and all future requests should be directed to the target URL.\n- **302** - Represents a 302 temporary redirect rule.\n- **404** - Represents a 404 redirect rule.\n- **404-200** - Represents a 404 rewrite rule." + }, + "target": { + "type": "string", + "description": "The target pattern for a URL rewrite or redirect rule." + } + } + }, + "aws-native:amplify:AppEnvironmentVariable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The environment variable name." + }, + "value": { + "type": "string", + "description": "The environment variable value." + } + } + }, + "aws-native:amplify:AppPlatform": { + "type": "string" + }, + "aws-native:amplify:AppTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Specifies the key for the tag." + }, + "value": { + "type": "string", + "description": "Specifies the value for the tag." + } + } + }, + "aws-native:amplify:BranchBackend": { + "type": "object", + "properties": { + "stackArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the AWS CloudFormation stack." + } + } + }, + "aws-native:amplify:BranchBasicAuthConfig": { + "type": "object", + "properties": { + "enableBasicAuth": { + "type": "boolean", + "description": "Enables basic authorization for the branch." + }, + "password": { + "type": "string", + "description": "The password for basic authorization." + }, + "username": { + "type": "string" + } + } + }, + "aws-native:amplify:BranchEnvironmentVariable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The environment variable name." + }, + "value": { + "type": "string", + "description": "The environment variable value." + } + } + }, + "aws-native:amplify:BranchStage": { + "type": "string" + }, + "aws-native:amplify:BranchTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Specifies the key for the tag." + }, + "value": { + "type": "string", + "description": "Specifies the value for the tag." + } + } + }, + "aws-native:amplify:DomainCertificate": { + "type": "object", + "properties": { + "certificateArn": { + "type": "string", + "description": "The Amazon resource name (ARN) for a custom certificate that you have already added to AWS Certificate Manager in your AWS account .\n\nThis field is required only when the certificate type is `CUSTOM` ." + }, + "certificateType": { + "$ref": "#/types/aws-native:amplify:DomainCertificateCertificateType", + "description": "The type of SSL/TLS certificate that you want to use.\n\nSpecify `AMPLIFY_MANAGED` to use the default certificate that Amplify provisions for you.\n\nSpecify `CUSTOM` to use your own certificate that you have already added to AWS Certificate Manager in your AWS account . Make sure you request (or import) the certificate in the US East (N. Virginia) Region (us-east-1). For more information about using ACM, see [Importing certificates into AWS Certificate Manager](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *ACM User guide* ." + }, + "certificateVerificationDnsRecord": { + "type": "string", + "description": "The DNS record for certificate verification." + } + }, + "irreversibleNames": { + "certificateVerificationDnsRecord": "CertificateVerificationDNSRecord" + } + }, + "aws-native:amplify:DomainCertificateCertificateType": { + "type": "string" + }, + "aws-native:amplify:DomainCertificateSettings": { + "type": "object", + "properties": { + "certificateType": { + "$ref": "#/types/aws-native:amplify:DomainCertificateSettingsCertificateType", + "description": "The certificate type.\n\nSpecify `AMPLIFY_MANAGED` to use the default certificate that Amplify provisions for you.\n\nSpecify `CUSTOM` to use your own certificate that you have already added to AWS Certificate Manager in your AWS account . Make sure you request (or import) the certificate in the US East (N. Virginia) Region (us-east-1). For more information about using ACM, see [Importing certificates into AWS Certificate Manager](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *ACM User guide* ." + }, + "customCertificateArn": { + "type": "string", + "description": "The Amazon resource name (ARN) for the custom certificate that you have already added to AWS Certificate Manager in your AWS account .\n\nThis field is required only when the certificate type is `CUSTOM` ." + } + } + }, + "aws-native:amplify:DomainCertificateSettingsCertificateType": { + "type": "string" + }, + "aws-native:amplify:DomainSubDomainSetting": { + "type": "object", + "properties": { + "branchName": { + "type": "string", + "description": "The branch name setting for the subdomain.\n\n*Length Constraints:* Minimum length of 1. Maximum length of 255.\n\n*Pattern:* (?s).+" + }, + "prefix": { + "type": "string", + "description": "The prefix setting for the subdomain." + } + } + }, + "aws-native:amplifyuibuilder:ComponentActionParameters": { + "type": "object", + "properties": { + "anchor": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty", + "description": "The HTML anchor link to the location to open. Specify this value for a navigation action." + }, + "fields": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty" + }, + "description": "A dictionary of key-value pairs mapping Amplify Studio properties to fields in a data model. Use when the action performs an operation on an Amplify DataStore model." + }, + "global": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty", + "description": "Specifies whether the user should be signed out globally. Specify this value for an auth sign out action." + }, + "id": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty", + "description": "The unique ID of the component that the `ActionParameters` apply to." + }, + "model": { + "type": "string", + "description": "The name of the data model. Use when the action performs an operation on an Amplify DataStore model." + }, + "state": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentMutationActionSetStateParameter", + "description": "A key-value pair that specifies the state property name and its initial value." + }, + "target": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty", + "description": "The element within the same component to modify when the action occurs." + }, + "type": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty", + "description": "The type of navigation action. Valid values are `url` and `anchor` . This value is required for a navigation action." + }, + "url": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty", + "description": "The URL to the location to open. Specify this value for a navigation action." + } + } + }, + "aws-native:amplifyuibuilder:ComponentBindingPropertiesValue": { + "type": "object", + "properties": { + "bindingProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentBindingPropertiesValueProperties", + "description": "Describes the properties to customize with data at runtime." + }, + "defaultValue": { + "type": "string", + "description": "The default value of the property." + }, + "type": { + "type": "string", + "description": "The property type." + } + } + }, + "aws-native:amplifyuibuilder:ComponentBindingPropertiesValueProperties": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "An Amazon S3 bucket." + }, + "defaultValue": { + "type": "string", + "description": "The default value to assign to the property." + }, + "field": { + "type": "string", + "description": "The field to bind the data to." + }, + "key": { + "type": "string", + "description": "The storage key for an Amazon S3 bucket." + }, + "model": { + "type": "string", + "description": "An Amplify DataStore model." + }, + "predicates": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentPredicate" + }, + "description": "A list of predicates for binding a component's properties to data." + }, + "slotName": { + "type": "string", + "description": "The name of a component slot." + }, + "userAttribute": { + "type": "string", + "description": "An authenticated user attribute." + } + } + }, + "aws-native:amplifyuibuilder:ComponentChild": { + "type": "object", + "properties": { + "children": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentChild" + }, + "description": "The list of `ComponentChild` instances for this component." + }, + "componentType": { + "type": "string", + "description": "The type of the child component." + }, + "events": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentEvent" + }, + "description": "Describes the events that can be raised on the child component. Use for the workflow feature in Amplify Studio that allows you to bind events and actions to components." + }, + "name": { + "type": "string", + "description": "The name of the child component." + }, + "properties": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty" + }, + "description": "Describes the properties of the child component. You can't specify `tags` as a valid property for `properties` ." + }, + "sourceId": { + "type": "string", + "description": "The unique ID of the child component in its original source system, such as Figma." + } + } + }, + "aws-native:amplifyuibuilder:ComponentConditionProperty": { + "type": "object", + "properties": { + "else": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty", + "description": "The value to assign to the property if the condition is not met." + }, + "field": { + "type": "string", + "description": "The name of a field. Specify this when the property is a data model." + }, + "operand": { + "type": "string", + "description": "The value of the property to evaluate." + }, + "operandType": { + "type": "string", + "description": "The type of the property to evaluate." + }, + "operator": { + "type": "string", + "description": "The operator to use to perform the evaluation, such as `eq` to represent equals." + }, + "property": { + "type": "string", + "description": "The name of the conditional property." + }, + "then": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty", + "description": "The value to assign to the property if the condition is met." + } + } + }, + "aws-native:amplifyuibuilder:ComponentDataConfiguration": { + "type": "object", + "properties": { + "identifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IDs to use to bind data to a component. Use this property to bind specifically chosen data, rather than data retrieved from a query." + }, + "model": { + "type": "string", + "description": "The name of the data model to use to bind data to a component." + }, + "predicate": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentPredicate", + "description": "Represents the conditional logic to use when binding data to a component. Use this property to retrieve only a subset of the data in a collection." + }, + "sort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentSortProperty" + }, + "description": "Describes how to sort the component's properties." + } + } + }, + "aws-native:amplifyuibuilder:ComponentEvent": { + "type": "object", + "properties": { + "action": { + "type": "string", + "description": "The action to perform when a specific event is raised." + }, + "bindingEvent": { + "type": "string", + "description": "Binds an event to an action on a component. When you specify a `bindingEvent` , the event is called when the action is performed." + }, + "parameters": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentActionParameters", + "description": "Describes information about the action." + } + } + }, + "aws-native:amplifyuibuilder:ComponentFormBindingElement": { + "type": "object", + "properties": { + "element": { + "type": "string", + "description": "The name of the component to retrieve a value from." + }, + "property": { + "type": "string", + "description": "The property to retrieve a value from." + } + } + }, + "aws-native:amplifyuibuilder:ComponentMutationActionSetStateParameter": { + "type": "object", + "properties": { + "componentName": { + "type": "string", + "description": "The name of the component that is being modified." + }, + "property": { + "type": "string", + "description": "The name of the component property to apply the state configuration to." + }, + "set": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty", + "description": "The state configuration to assign to the property." + } + } + }, + "aws-native:amplifyuibuilder:ComponentPredicate": { + "type": "object", + "properties": { + "and": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentPredicate" + }, + "description": "A list of predicates to combine logically." + }, + "field": { + "type": "string", + "description": "The field to query." + }, + "operand": { + "type": "string", + "description": "The value to use when performing the evaluation." + }, + "operandType": { + "type": "string", + "description": "The type of value to use when performing the evaluation." + }, + "operator": { + "type": "string", + "description": "The operator to use to perform the evaluation." + }, + "or": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentPredicate" + }, + "description": "A list of predicates to combine logically." + } + } + }, + "aws-native:amplifyuibuilder:ComponentProperty": { + "type": "object", + "properties": { + "bindingProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentPropertyBindingProperties", + "description": "The information to bind the component property to data at runtime." + }, + "bindings": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentFormBindingElement" + }, + "description": "The information to bind the component property to form data." + }, + "collectionBindingProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentPropertyBindingProperties", + "description": "The information to bind the component property to data at runtime. Use this for collection components." + }, + "componentName": { + "type": "string", + "description": "The name of the component that is affected by an event." + }, + "concat": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentProperty" + }, + "description": "A list of component properties to concatenate to create the value to assign to this component property." + }, + "condition": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentConditionProperty", + "description": "The conditional expression to use to assign a value to the component property." + }, + "configured": { + "type": "boolean", + "description": "Specifies whether the user configured the property in Amplify Studio after importing it." + }, + "defaultValue": { + "type": "string", + "description": "The default value to assign to the component property." + }, + "event": { + "type": "string", + "description": "An event that occurs in your app. Use this for workflow data binding." + }, + "importedValue": { + "type": "string", + "description": "The default value assigned to the property when the component is imported into an app." + }, + "model": { + "type": "string", + "description": "The data model to use to assign a value to the component property." + }, + "property": { + "type": "string", + "description": "The name of the component's property that is affected by an event." + }, + "type": { + "type": "string", + "description": "The component type." + }, + "userAttribute": { + "type": "string", + "description": "An authenticated user attribute to use to assign a value to the component property." + }, + "value": { + "type": "string", + "description": "The value to assign to the component property." + } + } + }, + "aws-native:amplifyuibuilder:ComponentPropertyBindingProperties": { + "type": "object", + "properties": { + "field": { + "type": "string", + "description": "The data field to bind the property to." + }, + "property": { + "type": "string", + "description": "The component property to bind to the data field." + } + } + }, + "aws-native:amplifyuibuilder:ComponentSortDirection": { + "type": "string" + }, + "aws-native:amplifyuibuilder:ComponentSortProperty": { + "type": "object", + "properties": { + "direction": { + "$ref": "#/types/aws-native:amplifyuibuilder:ComponentSortDirection", + "description": "The direction of the sort, either ascending or descending." + }, + "field": { + "type": "string", + "description": "The field to perform the sort on." + } + } + }, + "aws-native:amplifyuibuilder:ComponentVariant": { + "type": "object", + "properties": { + "overrides": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + }, + "description": "The properties of the component variant that can be overriden when customizing an instance of the component. You can't specify `tags` as a valid property for `overrides` ." + }, + "variantValues": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of variants that comprise this variant." + } + } + }, + "aws-native:amplifyuibuilder:FormActionType": { + "type": "string" + }, + "aws-native:amplifyuibuilder:FormButton": { + "type": "object", + "properties": { + "children": { + "type": "string", + "description": "Describes the button's properties." + }, + "excluded": { + "type": "boolean", + "description": "Specifies whether the button is visible on the form." + }, + "position": { + "oneOf": [ + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldPosition0Properties" + }, + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldPosition1Properties" + }, + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldPosition2Properties" + } + ], + "description": "The position of the button." + } + } + }, + "aws-native:amplifyuibuilder:FormButtonsPosition": { + "type": "string" + }, + "aws-native:amplifyuibuilder:FormCta": { + "type": "object", + "properties": { + "cancel": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormButton", + "description": "Displays a cancel button." + }, + "clear": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormButton", + "description": "Displays a clear button." + }, + "position": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormButtonsPosition", + "description": "The position of the button." + }, + "submit": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormButton", + "description": "Displays a submit button." + } + } + }, + "aws-native:amplifyuibuilder:FormDataSourceType": { + "type": "string" + }, + "aws-native:amplifyuibuilder:FormDataTypeConfig": { + "type": "object", + "properties": { + "dataSourceType": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormDataSourceType", + "description": "The data source type, either an Amplify DataStore model or a custom data type." + }, + "dataTypeName": { + "type": "string", + "description": "The unique name of the data type you are using as the data source for the form." + } + } + }, + "aws-native:amplifyuibuilder:FormFieldConfig": { + "type": "object", + "properties": { + "excluded": { + "type": "boolean", + "description": "Specifies whether to hide a field." + }, + "inputType": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldInputConfig", + "description": "Describes the configuration for the default input value to display for a field." + }, + "label": { + "type": "string", + "description": "The label for the field." + }, + "position": { + "oneOf": [ + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldPosition0Properties" + }, + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldPosition1Properties" + }, + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldPosition2Properties" + } + ], + "description": "Specifies the field position." + }, + "validations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldValidationConfiguration" + }, + "description": "The validations to perform on the value in the field." + } + } + }, + "aws-native:amplifyuibuilder:FormFieldInputConfig": { + "type": "object", + "properties": { + "defaultChecked": { + "type": "boolean", + "description": "Specifies whether a field has a default value." + }, + "defaultCountryCode": { + "type": "string", + "description": "The default country code for a phone number." + }, + "defaultValue": { + "type": "string", + "description": "The default value for the field." + }, + "descriptiveText": { + "type": "string", + "description": "The text to display to describe the field." + }, + "fileUploaderConfig": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFileUploaderFieldConfig", + "description": "The configuration for the file uploader field." + }, + "isArray": { + "type": "boolean", + "description": "Specifies whether to render the field as an array. This property is ignored if the `dataSourceType` for the form is a Data Store." + }, + "maxValue": { + "type": "number", + "description": "The maximum value to display for the field." + }, + "minValue": { + "type": "number", + "description": "The minimum value to display for the field." + }, + "name": { + "type": "string", + "description": "The name of the field." + }, + "placeholder": { + "type": "string", + "description": "The text to display as a placeholder for the field." + }, + "readOnly": { + "type": "boolean", + "description": "Specifies a read only field." + }, + "required": { + "type": "boolean", + "description": "Specifies a field that requires input." + }, + "step": { + "type": "number", + "description": "The stepping increment for a numeric value in a field." + }, + "type": { + "type": "string", + "description": "The input type for the field." + }, + "value": { + "type": "string", + "description": "The value for the field." + }, + "valueMappings": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormValueMappings", + "description": "The information to use to customize the input fields with data at runtime." + } + } + }, + "aws-native:amplifyuibuilder:FormFieldPosition0Properties": { + "type": "object", + "properties": { + "fixed": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFixedPosition" + } + } + }, + "aws-native:amplifyuibuilder:FormFieldPosition1Properties": { + "type": "object", + "properties": { + "rightOf": { + "type": "string" + } + } + }, + "aws-native:amplifyuibuilder:FormFieldPosition2Properties": { + "type": "object", + "properties": { + "below": { + "type": "string" + } + } + }, + "aws-native:amplifyuibuilder:FormFieldValidationConfiguration": { + "type": "object", + "properties": { + "numValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "The validation to perform on a number value." + }, + "strValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The validation to perform on a string value." + }, + "type": { + "type": "string", + "description": "The validation to perform on an object type. ``" + }, + "validationMessage": { + "type": "string", + "description": "The validation message to display." + } + } + }, + "aws-native:amplifyuibuilder:FormFileUploaderFieldConfig": { + "type": "object", + "properties": { + "acceptedFileTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The file types that are allowed to be uploaded by the file uploader. Provide this information in an array of strings specifying the valid file extensions." + }, + "accessLevel": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormStorageAccessLevel", + "description": "The access level to assign to the uploaded files in the Amazon S3 bucket where they are stored. The valid values for this property are `private` , `protected` , or `public` . For detailed information about the permissions associated with each access level, see [File access levels](https://docs.aws.amazon.com/https://docs.amplify.aws/lib/storage/configureaccess/q/platform/js/) in the *Amplify documentation* ." + }, + "isResumable": { + "type": "boolean", + "description": "Allows the file upload operation to be paused and resumed. The default value is `false` .\n\nWhen `isResumable` is set to `true` , the file uploader uses a multipart upload to break the files into chunks before upload. The progress of the upload isn't continuous, because the file uploader uploads a chunk at a time." + }, + "maxFileCount": { + "type": "number", + "description": "Specifies the maximum number of files that can be selected to upload. The default value is an unlimited number of files." + }, + "maxSize": { + "type": "number", + "description": "The maximum file size in bytes that the file uploader will accept. The default value is an unlimited file size." + }, + "showThumbnails": { + "type": "boolean", + "description": "Specifies whether to display or hide the image preview after selecting a file for upload. The default value is `true` to display the image preview." + } + } + }, + "aws-native:amplifyuibuilder:FormFixedPosition": { + "type": "string" + }, + "aws-native:amplifyuibuilder:FormInputBindingPropertiesValue": { + "type": "object", + "properties": { + "bindingProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormInputBindingPropertiesValueProperties", + "description": "Describes the properties to customize with data at runtime." + }, + "type": { + "type": "string", + "description": "The property type." + } + } + }, + "aws-native:amplifyuibuilder:FormInputBindingPropertiesValueProperties": { + "type": "object", + "properties": { + "model": { + "type": "string", + "description": "An Amplify DataStore model." + } + } + }, + "aws-native:amplifyuibuilder:FormInputValueProperty": { + "type": "object", + "properties": { + "bindingProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormInputValuePropertyBindingProperties", + "description": "The information to bind fields to data at runtime." + }, + "concat": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormInputValueProperty" + }, + "description": "A list of form properties to concatenate to create the value to assign to this field property." + }, + "value": { + "type": "string", + "description": "The value to assign to the input field." + } + } + }, + "aws-native:amplifyuibuilder:FormInputValuePropertyBindingProperties": { + "type": "object", + "properties": { + "field": { + "type": "string", + "description": "The data field to bind the property to." + }, + "property": { + "type": "string", + "description": "The form property to bind to the data field." + } + } + }, + "aws-native:amplifyuibuilder:FormLabelDecorator": { + "type": "string" + }, + "aws-native:amplifyuibuilder:FormSectionalElement": { + "type": "object", + "properties": { + "excluded": { + "type": "boolean", + "description": "Excludes a sectional element that was generated by default for a specified data model." + }, + "level": { + "type": "number", + "description": "Specifies the size of the font for a `Heading` sectional element. Valid values are `1 | 2 | 3 | 4 | 5 | 6` ." + }, + "orientation": { + "type": "string", + "description": "Specifies the orientation for a `Divider` sectional element. Valid values are `horizontal` or `vertical` ." + }, + "position": { + "oneOf": [ + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldPosition0Properties" + }, + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldPosition1Properties" + }, + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormFieldPosition2Properties" + } + ], + "description": "Specifies the position of the text in a field for a `Text` sectional element." + }, + "text": { + "type": "string", + "description": "The text for a `Text` sectional element." + }, + "type": { + "type": "string", + "description": "The type of sectional element. Valid values are `Heading` , `Text` , and `Divider` ." + } + } + }, + "aws-native:amplifyuibuilder:FormStorageAccessLevel": { + "type": "string" + }, + "aws-native:amplifyuibuilder:FormStyle": { + "type": "object", + "properties": { + "horizontalGap": { + "oneOf": [ + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormStyleConfig0Properties" + }, + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormStyleConfig1Properties" + } + ], + "description": "The spacing for the horizontal gap." + }, + "outerPadding": { + "oneOf": [ + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormStyleConfig0Properties" + }, + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormStyleConfig1Properties" + } + ], + "description": "The size of the outer padding for the form." + }, + "verticalGap": { + "oneOf": [ + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormStyleConfig0Properties" + }, + { + "$ref": "#/types/aws-native:amplifyuibuilder:FormStyleConfig1Properties" + } + ], + "description": "The spacing for the vertical gap." + } + } + }, + "aws-native:amplifyuibuilder:FormStyleConfig0Properties": { + "type": "object", + "properties": { + "tokenReference": { + "type": "string" + } + } + }, + "aws-native:amplifyuibuilder:FormStyleConfig1Properties": { + "type": "object", + "properties": { + "value": { + "type": "string" + } + } + }, + "aws-native:amplifyuibuilder:FormValueMapping": { + "type": "object", + "properties": { + "displayValue": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormInputValueProperty", + "description": "The value to display for the complex object." + }, + "value": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormInputValueProperty", + "description": "The complex object." + } + } + }, + "aws-native:amplifyuibuilder:FormValueMappings": { + "type": "object", + "properties": { + "bindingProperties": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormInputBindingPropertiesValue" + }, + "description": "The information to bind fields to data at runtime." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:FormValueMapping" + }, + "description": "The value and display value pairs." + } + } + }, + "aws-native:amplifyuibuilder:ThemeValue": { + "type": "object", + "properties": { + "children": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:amplifyuibuilder:ThemeValues" + }, + "description": "A list of key-value pairs that define the theme's properties." + }, + "value": { + "type": "string", + "description": "The value of a theme property." + } + } + }, + "aws-native:amplifyuibuilder:ThemeValues": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name of the property." + }, + "value": { + "$ref": "#/types/aws-native:amplifyuibuilder:ThemeValue", + "description": "The value of the property." + } + } + }, + "aws-native:apigateway:ApiKeyStageKey": { + "type": "object", + "properties": { + "restApiId": { + "type": "string", + "description": "The string identifier of the associated RestApi." + }, + "stageName": { + "type": "string", + "description": "The stage name associated with the stage key." + } + } + }, + "aws-native:apigateway:ApiKeyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:apigateway:ClientCertificateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources." + }, + "value": { + "type": "string", + "description": "The value for the specified tag key." + } + } + }, + "aws-native:apigateway:DeploymentAccessLogSetting": { + "type": "object", + "properties": { + "destinationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with ``amazon-apigateway-``." + }, + "format": { + "type": "string", + "description": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least ``$context.requestId``." + } + } + }, + "aws-native:apigateway:DeploymentCanarySetting": { + "type": "object", + "properties": { + "percentTraffic": { + "type": "number", + "description": "The percent (0-100) of traffic diverted to a canary deployment." + }, + "stageVariableOverrides": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Stage variables overridden for a canary release deployment, including new stage variables introduced in the canary. These stage variables are represented as a string-to-string map between stage variable names and their values." + }, + "useStageCache": { + "type": "boolean", + "description": "A Boolean flag to indicate whether the canary deployment uses the stage cache or not." + } + } + }, + "aws-native:apigateway:DeploymentCanarySettings": { + "type": "object", + "properties": { + "percentTraffic": { + "type": "number", + "description": "The percentage (0.0-100.0) of traffic routed to the canary deployment." + }, + "stageVariableOverrides": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A stage variable overrides used for the canary release deployment. They can override existing stage variables or add new stage variables for the canary release deployment. These stage variables are represented as a string-to-string map between stage variable names and their values." + }, + "useStageCache": { + "type": "boolean", + "description": "A Boolean flag to indicate whether the canary release deployment uses the stage cache or not." + } + } + }, + "aws-native:apigateway:DeploymentMethodSetting": { + "type": "object", + "properties": { + "cacheDataEncrypted": { + "type": "boolean", + "description": "Specifies whether the cached responses are encrypted." + }, + "cacheTtlInSeconds": { + "type": "integer", + "description": "Specifies the time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached." + }, + "cachingEnabled": { + "type": "boolean", + "description": "Specifies whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached." + }, + "dataTraceEnabled": { + "type": "boolean", + "description": "Specifies whether data trace logging is enabled for this method, which affects the log entries pushed to Amazon CloudWatch Logs. This can be useful to troubleshoot APIs, but can result in logging sensitive data. We recommend that you don't enable this option for production APIs." + }, + "httpMethod": { + "type": "string", + "description": "The HTTP method." + }, + "loggingLevel": { + "type": "string", + "description": "Specifies the logging level for this method, which affects the log entries pushed to Amazon CloudWatch Logs. Valid values are ``OFF``, ``ERROR``, and ``INFO``. Choose ``ERROR`` to write only error-level entries to CloudWatch Logs, or choose ``INFO`` to include all ``ERROR`` events as well as extra informational events." + }, + "metricsEnabled": { + "type": "boolean", + "description": "Specifies whether Amazon CloudWatch metrics are enabled for this method." + }, + "resourcePath": { + "type": "string", + "description": "The resource path for this method. Forward slashes (``/``) are encoded as ``~1`` and the initial slash must include a forward slash. For example, the path value ``/resource/subresource`` must be encoded as ``/~1resource~1subresource``. To specify the root path, use only a slash (``/``)." + }, + "throttlingBurstLimit": { + "type": "integer", + "description": "Specifies the throttling burst limit." + }, + "throttlingRateLimit": { + "type": "number", + "description": "Specifies the throttling rate limit." + } + } + }, + "aws-native:apigateway:DeploymentStageDescription": { + "type": "object", + "properties": { + "accessLogSetting": { + "$ref": "#/types/aws-native:apigateway:DeploymentAccessLogSetting", + "description": "Specifies settings for logging access in this stage." + }, + "cacheClusterEnabled": { + "type": "boolean", + "description": "Specifies whether a cache cluster is enabled for the stage." + }, + "cacheClusterSize": { + "type": "string", + "description": "The size of the stage's cache cluster. For more information, see [cacheClusterSize](https://docs.aws.amazon.com/apigateway/latest/api/API_CreateStage.html#apigw-CreateStage-request-cacheClusterSize) in the *API Gateway API Reference*." + }, + "cacheDataEncrypted": { + "type": "boolean", + "description": "Indicates whether the cached responses are encrypted." + }, + "cacheTtlInSeconds": { + "type": "integer", + "description": "The time-to-live (TTL) period, in seconds, that specifies how long API Gateway caches responses." + }, + "cachingEnabled": { + "type": "boolean", + "description": "Indicates whether responses are cached and returned for requests. You must enable a cache cluster on the stage to cache responses. For more information, see [Enable API Gateway Caching in a Stage to Enhance API Performance](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html) in the *API Gateway Developer Guide*." + }, + "canarySetting": { + "$ref": "#/types/aws-native:apigateway:DeploymentCanarySetting", + "description": "Specifies settings for the canary deployment in this stage." + }, + "clientCertificateId": { + "type": "string", + "description": "The identifier of the client certificate that API Gateway uses to call your integration endpoints in the stage." + }, + "dataTraceEnabled": { + "type": "boolean", + "description": "Indicates whether data trace logging is enabled for methods in the stage. API Gateway pushes these logs to Amazon CloudWatch Logs." + }, + "description": { + "type": "string", + "description": "A description of the purpose of the stage." + }, + "documentationVersion": { + "type": "string", + "description": "The version identifier of the API documentation snapshot." + }, + "loggingLevel": { + "type": "string", + "description": "The logging level for this method. For valid values, see the ``loggingLevel`` property of the [MethodSetting](https://docs.aws.amazon.com/apigateway/latest/api/API_MethodSetting.html) resource in the *Amazon API Gateway API Reference*." + }, + "methodSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigateway:DeploymentMethodSetting" + }, + "description": "Configures settings for all of the stage's methods." + }, + "metricsEnabled": { + "type": "boolean", + "description": "Indicates whether Amazon CloudWatch metrics are enabled for methods in the stage." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigateway:DeploymentTag" + }, + "description": "An array of arbitrary tags (key-value pairs) to associate with the stage." + }, + "throttlingBurstLimit": { + "type": "integer", + "description": "The target request burst rate limit. This allows more requests through for a period of time than the target rate limit. For more information, see [Manage API Request Throttling](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html) in the *API Gateway Developer Guide*." + }, + "throttlingRateLimit": { + "type": "number", + "description": "The target request steady-state rate limit. For more information, see [Manage API Request Throttling](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html) in the *API Gateway Developer Guide*." + }, + "tracingEnabled": { + "type": "boolean", + "description": "Specifies whether active tracing with X-ray is enabled for this stage.\n For more information, see [Trace API Gateway API Execution with X-Ray](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-xray.html) in the *API Gateway Developer Guide*." + }, + "variables": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map that defines the stage variables. Variable names must consist of alphanumeric characters, and the values must match the following regular expression: ``[A-Za-z0-9-._~:/?#\u0026=,]+``." + } + } + }, + "aws-native:apigateway:DeploymentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag" + }, + "value": { + "type": "string", + "description": "The value for the tag" + } + } + }, + "aws-native:apigateway:DocumentationPartLocation": { + "type": "object", + "properties": { + "method": { + "type": "string", + "description": "The HTTP verb of a method. It is a valid field for the API entity types of ``METHOD``, ``PATH_PARAMETER``, ``QUERY_PARAMETER``, ``REQUEST_HEADER``, ``REQUEST_BODY``, ``RESPONSE``, ``RESPONSE_HEADER``, and ``RESPONSE_BODY``. The default value is ``*`` for any method. When an applicable child entity inherits the content of an entity of the same type with more general specifications of the other ``location`` attributes, the child entity's ``method`` attribute must match that of the parent entity exactly." + }, + "name": { + "type": "string", + "description": "The name of the targeted API entity. It is a valid and required field for the API entity types of ``AUTHORIZER``, ``MODEL``, ``PATH_PARAMETER``, ``QUERY_PARAMETER``, ``REQUEST_HEADER``, ``REQUEST_BODY`` and ``RESPONSE_HEADER``. It is an invalid field for any other entity type." + }, + "path": { + "type": "string", + "description": "The URL path of the target. It is a valid field for the API entity types of ``RESOURCE``, ``METHOD``, ``PATH_PARAMETER``, ``QUERY_PARAMETER``, ``REQUEST_HEADER``, ``REQUEST_BODY``, ``RESPONSE``, ``RESPONSE_HEADER``, and ``RESPONSE_BODY``. The default value is ``/`` for the root resource. When an applicable child entity inherits the content of another entity of the same type with more general specifications of the other ``location`` attributes, the child entity's ``path`` attribute must match that of the parent entity as a prefix." + }, + "statusCode": { + "type": "string", + "description": "The HTTP status code of a response. It is a valid field for the API entity types of ``RESPONSE``, ``RESPONSE_HEADER``, and ``RESPONSE_BODY``. The default value is ``*`` for any status code. When an applicable child entity inherits the content of an entity of the same type with more general specifications of the other ``location`` attributes, the child entity's ``statusCode`` attribute must match that of the parent entity exactly." + }, + "type": { + "$ref": "#/types/aws-native:apigateway:DocumentationPartLocationType", + "description": "The type of API entity to which the documentation content applies. Valid values are ``API``, ``AUTHORIZER``, ``MODEL``, ``RESOURCE``, ``METHOD``, ``PATH_PARAMETER``, ``QUERY_PARAMETER``, ``REQUEST_HEADER``, ``REQUEST_BODY``, ``RESPONSE``, ``RESPONSE_HEADER``, and ``RESPONSE_BODY``. Content inheritance does not apply to any entity of the ``API``, ``AUTHORIZER``, ``METHOD``, ``MODEL``, ``REQUEST_BODY``, or ``RESOURCE`` type." + } + } + }, + "aws-native:apigateway:DocumentationPartLocationType": { + "type": "string" + }, + "aws-native:apigateway:DomainNameEndpointConfiguration": { + "type": "object", + "properties": { + "types": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `\"EDGE\"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` ." + } + } + }, + "aws-native:apigateway:DomainNameMutualTlsAuthentication": { + "type": "object", + "properties": { + "truststoreUri": { + "type": "string", + "description": "An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example `s3://bucket-name/key-name` . The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. To update the truststore, you must have permissions to access the S3 object." + }, + "truststoreVersion": { + "type": "string", + "description": "The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket." + } + } + }, + "aws-native:apigateway:DomainNameTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources." + }, + "value": { + "type": "string", + "description": "The value for the specified tag key." + } + } + }, + "aws-native:apigateway:MethodIntegration": { + "type": "object", + "properties": { + "cacheKeyParameters": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of request parameters whose values API Gateway caches. To be valid values for ``cacheKeyParameters``, these parameters must also be specified for Method ``requestParameters``." + }, + "cacheNamespace": { + "type": "string", + "description": "Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the ``cacheNamespace``. You can specify the same ``cacheNamespace`` across resources to return the same cached data for requests to different resources." + }, + "connectionId": { + "type": "string", + "description": "The ID of the VpcLink used for the integration when ``connectionType=VPC_LINK`` and undefined, otherwise." + }, + "connectionType": { + "$ref": "#/types/aws-native:apigateway:MethodIntegrationConnectionType", + "description": "The type of the network connection to the integration endpoint. The valid value is ``INTERNET`` for connections through the public routable internet or ``VPC_LINK`` for private connections between API Gateway and a network load balancer in a VPC. The default value is ``INTERNET``." + }, + "contentHandling": { + "$ref": "#/types/aws-native:apigateway:MethodIntegrationContentHandling", + "description": "Specifies how to handle request payload content type conversions. Supported values are ``CONVERT_TO_BINARY`` and ``CONVERT_TO_TEXT``, with the following behaviors:\n If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the ``passthroughBehavior`` is configured to support payload pass-through." + }, + "credentials": { + "type": "string", + "description": "Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string ``arn:aws:iam::\\*:user/\\*``. To use resource-based permissions on supported AWS services, specify null." + }, + "integrationHttpMethod": { + "type": "string", + "description": "Specifies the integration's HTTP method type. For the Type property, if you specify ``MOCK``, this property is optional. For Lambda integrations, you must set the integration method to ``POST``. For all other types, you must specify this property." + }, + "integrationResponses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apigateway:MethodIntegrationResponse" + }, + "description": "Specifies the integration's responses." + }, + "passthroughBehavior": { + "$ref": "#/types/aws-native:apigateway:MethodIntegrationPassthroughBehavior", + "description": "Specifies how the method request body of an unmapped content type will be passed through the integration request to the back end without transformation. A content type is unmapped if no mapping template is defined in the integration or the content type does not match any of the mapped content types, as specified in ``requestTemplates``. The valid value is one of the following: ``WHEN_NO_MATCH``: passes the method request body through the integration request to the back end without transformation when the method request content type does not match any content type associated with the mapping templates defined in the integration request. ``WHEN_NO_TEMPLATES``: passes the method request body through the integration request to the back end without transformation when no mapping template is defined in the integration request. If a template is defined when this option is selected, the method request of an unmapped content-type will be rejected with an HTTP 415 Unsupported Media Type response. ``NEVER``: rejects the method request with an HTTP 415 Unsupported Media Type response when either the method request content type does not match any content type associated with the mapping templates defined in the integration request or no mapping template is defined in the integration request." + }, + "requestParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value map specifying request parameters that are passed from the method request to the back end. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request parameter value must match the pattern of ``method.request.{location}.{name}``, where ``location`` is ``querystring``, ``path``, or ``header`` and ``name`` must be a valid and unique method request parameter name." + }, + "requestTemplates": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value." + }, + "timeoutInMillis": { + "type": "integer", + "description": "Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds." + }, + "type": { + "$ref": "#/types/aws-native:apigateway:MethodIntegrationType", + "description": "Specifies an API method integration type. The valid value is one of the following:\n For the HTTP and HTTP proxy integrations, each integration can specify a protocol (``http/https``), port and path. Standard 80 and 443 ports are supported as well as custom ports above 1024. An HTTP or HTTP proxy integration with a ``connectionType`` of ``VPC_LINK`` is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC." + }, + "uri": { + "type": "string", + "description": "Specifies Uniform Resource Identifier (URI) of the integration endpoint.\n For ``HTTP`` or ``HTTP_PROXY`` integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification for standard integrations. If ``connectionType`` is ``VPC_LINK`` specify the Network Load Balancer DNS name. For ``AWS`` or ``AWS_PROXY`` integrations, the URI is of the form ``arn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api}``. Here, {Region} is the API Gateway region (e.g., us-east-1); {service} is the name of the integrated AWS service (e.g., s3); and {subdomain} is a designated subdomain supported by certain AWS service for fast host-name lookup. action can be used for an AWS service action-based API, using an Action={name}\u0026{p1}={v1}\u0026p2={v2}... query string. The ensuing {service_api} refers to a supported action {name} plus any required input parameters. Alternatively, path can be used for an AWS service path-based API. The ensuing service_api refers to the path to an AWS service resource, including the region of the integrated AWS service, if applicable. For example, for integration with the S3 API of GetObject, the uri can be either ``arn:aws:apigateway:us-west-2:s3:action/GetObject\u0026Bucket={bucket}\u0026Key={key}`` or ``arn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}``" + } + } + }, + "aws-native:apigateway:MethodIntegrationConnectionType": { + "type": "string" + }, + "aws-native:apigateway:MethodIntegrationContentHandling": { + "type": "string" + }, + "aws-native:apigateway:MethodIntegrationPassthroughBehavior": { + "type": "string" + }, + "aws-native:apigateway:MethodIntegrationResponse": { + "type": "object", + "properties": { + "contentHandling": { + "$ref": "#/types/aws-native:apigateway:MethodIntegrationResponseContentHandling", + "description": "Specifies how to handle response payload content type conversions. Supported values are ``CONVERT_TO_BINARY`` and ``CONVERT_TO_TEXT``, with the following behaviors:\n If this property is not defined, the response payload will be passed through from the integration response to the method response without modification." + }, + "responseParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value map specifying response parameters that are passed to the method response from the back end. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of ``method.response.header.{name}``, where ``name`` is a valid and unique header name. The mapped non-static value must match the pattern of ``integration.response.header.{name}`` or ``integration.response.body.{JSON-expression}``, where ``name`` is a valid and unique response header name and ``JSON-expression`` is a valid JSON expression without the ``$`` prefix." + }, + "responseTemplates": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Specifies the templates used to transform the integration response body. Response templates are represented as a key/value map, with a content-type as the key and a template as the value." + }, + "selectionPattern": { + "type": "string", + "description": "Specifies the regular expression (regex) pattern used to choose an integration response based on the response from the back end. For example, if the success response returns nothing and the error response returns some string, you could use the ``.+`` regex to match error response. However, make sure that the error response does not contain any newline (``\\n``) character in such cases. If the back end is an LAMlong function, the LAMlong function error header is matched. For all other HTTP and AWS back ends, the HTTP status code is matched." + }, + "statusCode": { + "type": "string", + "description": "Specifies the status code that is used to map the integration response to an existing MethodResponse." + } + } + }, + "aws-native:apigateway:MethodIntegrationResponseContentHandling": { + "type": "string" + }, + "aws-native:apigateway:MethodIntegrationType": { + "type": "string" + }, + "aws-native:apigateway:MethodResponse": { + "type": "object", + "properties": { + "responseModels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Specifies the Model resources used for the response's content-type. Response models are represented as a key/value map, with a content-type as the key and a Model name as the value." + }, + "responseParameters": { + "type": "object", + "additionalProperties": { + "oneOf": [ + { + "type": "boolean" + }, + { + "type": "string" + } + ] + }, + "description": "A key-value map specifying required or optional response parameters that API Gateway can send back to the caller. A key defines a method response header and the value specifies whether the associated method response header is required or not. The expression of the key must match the pattern ``method.response.header.{name}``, where ``name`` is a valid and unique header name. API Gateway passes certain integration response data to the method response headers specified here according to the mapping you prescribe in the API's IntegrationResponse. The integration response data that can be mapped include an integration response header expressed in ``integration.response.header.{name}``, a static value enclosed within a pair of single quotes (e.g., ``'application/json'``), or a JSON expression from the back-end response payload in the form of ``integration.response.body.{JSON-expression}``, where ``JSON-expression`` is a valid JSON expression without the ``$`` prefix.)" + }, + "statusCode": { + "type": "string", + "description": "The method response's status code." + } + } + }, + "aws-native:apigateway:RestApiEndpointConfiguration": { + "type": "object", + "properties": { + "types": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is ``\"EDGE\"``. For a regional API and its custom domain name, the endpoint type is ``REGIONAL``. For a private API, the endpoint type is ``PRIVATE``." + }, + "vpcEndpointIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of VpcEndpointIds of an API (RestApi) against which to create Route53 ALIASes. It is only supported for ``PRIVATE`` endpoint type." + } + } + }, + "aws-native:apigateway:RestApiS3Location": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the S3 bucket where the OpenAPI file is stored." + }, + "eTag": { + "type": "string", + "description": "The Amazon S3 ETag (a file checksum) of the OpenAPI file. If you don't specify a value, API Gateway skips ETag validation of your OpenAPI file." + }, + "key": { + "type": "string", + "description": "The file name of the OpenAPI file (Amazon S3 object name)." + }, + "version": { + "type": "string", + "description": "For versioning-enabled buckets, a specific version of the OpenAPI file." + } + } + }, + "aws-native:apigateway:RestApiTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources." + }, + "value": { + "type": "string", + "description": "The value for the specified tag key." + } + } + }, + "aws-native:apigateway:StageAccessLogSetting": { + "type": "object", + "properties": { + "destinationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with ``amazon-apigateway-``. This parameter is required to enable access logging." + }, + "format": { + "type": "string", + "description": "A single line format of the access logs of data, as specified by selected [$context variables](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html#context-variable-reference). The format must include at least ``$context.requestId``. This parameter is required to enable access logging." + } + } + }, + "aws-native:apigateway:StageCanarySetting": { + "type": "object", + "properties": { + "deploymentId": { + "type": "string", + "description": "The ID of the canary deployment." + }, + "percentTraffic": { + "type": "number", + "description": "The percent (0-100) of traffic diverted to a canary deployment." + }, + "stageVariableOverrides": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Stage variables overridden for a canary release deployment, including new stage variables introduced in the canary. These stage variables are represented as a string-to-string map between stage variable names and their values." + }, + "useStageCache": { + "type": "boolean", + "description": "A Boolean flag to indicate whether the canary deployment uses the stage cache or not." + } + } + }, + "aws-native:apigateway:StageMethodSetting": { + "type": "object", + "properties": { + "cacheDataEncrypted": { + "type": "boolean", + "description": "Specifies whether the cached responses are encrypted." + }, + "cacheTtlInSeconds": { + "type": "integer", + "description": "Specifies the time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached." + }, + "cachingEnabled": { + "type": "boolean", + "description": "Specifies whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached." + }, + "dataTraceEnabled": { + "type": "boolean", + "description": "Specifies whether data trace logging is enabled for this method, which affects the log entries pushed to Amazon CloudWatch Logs. This can be useful to troubleshoot APIs, but can result in logging sensitive data. We recommend that you don't enable this option for production APIs." + }, + "httpMethod": { + "type": "string", + "description": "The HTTP method. To apply settings to multiple resources and methods, specify an asterisk (``*``) for the ``HttpMethod`` and ``/*`` for the ``ResourcePath``. This parameter is required when you specify a ``MethodSetting``." + }, + "loggingLevel": { + "type": "string", + "description": "Specifies the logging level for this method, which affects the log entries pushed to Amazon CloudWatch Logs. Valid values are ``OFF``, ``ERROR``, and ``INFO``. Choose ``ERROR`` to write only error-level entries to CloudWatch Logs, or choose ``INFO`` to include all ``ERROR`` events as well as extra informational events." + }, + "metricsEnabled": { + "type": "boolean", + "description": "Specifies whether Amazon CloudWatch metrics are enabled for this method." + }, + "resourcePath": { + "type": "string", + "description": "The resource path for this method. Forward slashes (``/``) are encoded as ``~1`` and the initial slash must include a forward slash. For example, the path value ``/resource/subresource`` must be encoded as ``/~1resource~1subresource``. To specify the root path, use only a slash (``/``). To apply settings to multiple resources and methods, specify an asterisk (``*``) for the ``HttpMethod`` and ``/*`` for the ``ResourcePath``. This parameter is required when you specify a ``MethodSetting``." + }, + "throttlingBurstLimit": { + "type": "integer", + "description": "Specifies the throttling burst limit." + }, + "throttlingRateLimit": { + "type": "number", + "description": "Specifies the throttling rate limit." + } + } + }, + "aws-native:apigateway:StageTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:." + } + } + }, + "aws-native:apigateway:UsagePlanApiStage": { + "type": "object", + "properties": { + "apiId": { + "type": "string", + "description": "API Id of the associated API stage in a usage plan." + }, + "stage": { + "type": "string", + "description": "API stage name of the associated API stage in a usage plan." + }, + "throttle": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:apigateway:UsagePlanThrottleSettings" + }, + "description": "Map containing method level throttling information for API stage in a usage plan." + } + } + }, + "aws-native:apigateway:UsagePlanKeyKeyType": { + "type": "string" + }, + "aws-native:apigateway:UsagePlanQuotaSettings": { + "type": "object", + "properties": { + "limit": { + "type": "integer", + "description": "The target maximum number of requests that can be made in a given time period." + }, + "offset": { + "type": "integer", + "description": "The number of requests subtracted from the given limit in the initial time period." + }, + "period": { + "type": "string", + "description": "The time period in which the limit applies. Valid values are \"DAY\", \"WEEK\" or \"MONTH\"." + } + } + }, + "aws-native:apigateway:UsagePlanTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:apigateway:UsagePlanThrottleSettings": { + "type": "object", + "properties": { + "burstLimit": { + "type": "integer", + "description": "The API target request burst rate limit. This allows more requests through for a period of time than the target rate limit." + }, + "rateLimit": { + "type": "number", + "description": "The API target request rate limit." + } + } + }, + "aws-native:apigateway:VpcLinkTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources." + }, + "value": { + "type": "string", + "description": "The value for the specified tag key." + } + } + }, + "aws-native:apigatewayv2:ApiBodyS3Location": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The S3 bucket that contains the OpenAPI definition to import. Required if you specify a ``BodyS3Location`` for an API." + }, + "etag": { + "type": "string", + "description": "The Etag of the S3 object." + }, + "key": { + "type": "string", + "description": "The key of the S3 object. Required if you specify a ``BodyS3Location`` for an API." + }, + "version": { + "type": "string", + "description": "The version of the S3 object." + } + } + }, + "aws-native:apigatewayv2:ApiCors": { + "type": "object", + "properties": { + "allowCredentials": { + "type": "boolean", + "description": "Specifies whether credentials are included in the CORS request. Supported only for HTTP APIs." + }, + "allowHeaders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Represents a collection of allowed headers. Supported only for HTTP APIs." + }, + "allowMethods": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Represents a collection of allowed HTTP methods. Supported only for HTTP APIs." + }, + "allowOrigins": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Represents a collection of allowed origins. Supported only for HTTP APIs." + }, + "exposeHeaders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Represents a collection of exposed headers. Supported only for HTTP APIs." + }, + "maxAge": { + "type": "integer", + "description": "The number of seconds that the browser should cache preflight request results. Supported only for HTTP APIs." + } + } + }, + "aws-native:apigatewayv2:AuthorizerJwtConfiguration": { + "type": "object", + "properties": { + "audience": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the intended recipients of the JWT. A valid JWT must provide an ``aud`` that matches at least one entry in this list. See [RFC 7519](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc7519#section-4.1.3). Required for the ``JWT`` authorizer type. Supported only for HTTP APIs." + }, + "issuer": { + "type": "string", + "description": "The base domain of the identity provider that issues JSON Web Tokens. For example, an Amazon Cognito user pool has the following format: ``https://cognito-idp.{region}.amazonaws.com/{userPoolId}``. Required for the ``JWT`` authorizer type. Supported only for HTTP APIs." + } + } + }, + "aws-native:apigatewayv2:DomainNameConfiguration": { + "type": "object", + "properties": { + "certificateArn": { + "type": "string", + "description": "An AWS-managed certificate that will be used by the edge-optimized endpoint for this domain name. AWS Certificate Manager is the only supported source." + }, + "certificateName": { + "type": "string", + "description": "The user-friendly name of the certificate that will be used by the edge-optimized endpoint for this domain name." + }, + "endpointType": { + "type": "string", + "description": "The endpoint type." + }, + "ownershipVerificationCertificateArn": { + "type": "string", + "description": "The Amazon resource name (ARN) for the public certificate issued by ACMlong. This ARN is used to validate custom domain ownership. It's required only if you configure mutual TLS and use either an ACM-imported or a private CA certificate ARN as the regionalCertificateArn." + }, + "securityPolicy": { + "type": "string", + "description": "The Transport Layer Security (TLS) version of the security policy for this domain name. The valid values are ``TLS_1_0`` and ``TLS_1_2``." + } + } + }, + "aws-native:apigatewayv2:DomainNameMutualTlsAuthentication": { + "type": "object", + "properties": { + "truststoreUri": { + "type": "string", + "description": "An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, ``s3://bucket-name/key-name``. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. To update the truststore, you must have permissions to access the S3 object." + }, + "truststoreVersion": { + "type": "string", + "description": "The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket." + } + } + }, + "aws-native:apigatewayv2:IntegrationTlsConfig": { + "type": "object", + "properties": { + "serverNameToVerify": { + "type": "string", + "description": "If you specify a server name, API Gateway uses it to verify the hostname on the integration's certificate. The server name is also included in the TLS handshake to support Server Name Indication (SNI) or virtual hosting." + } + } + }, + "aws-native:apigatewayv2:RouteParameterConstraints": { + "type": "object", + "properties": { + "required": { + "type": "boolean" + } + } + }, + "aws-native:apigatewayv2:RouteResponseParameterConstraints": { + "type": "object", + "properties": { + "required": { + "type": "boolean", + "description": "Specifies whether the parameter is required." + } + } + }, + "aws-native:appconfig:ApplicationTags": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key-value string map. The valid character set is [a-zA-Z1-9 +-=._:/-]. The tag key can be up to 128 characters and must not start with aws:." + }, + "value": { + "type": "string", + "description": "The tag value can be up to 256 characters." + } + } + }, + "aws-native:appconfig:ConfigurationProfileTags": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key-value string map. The tag key can be up to 128 characters and must not start with aws:." + }, + "value": { + "type": "string", + "description": "The tag value can be up to 256 characters." + } + } + }, + "aws-native:appconfig:ConfigurationProfileValidators": { + "type": "object", + "properties": { + "content": { + "type": "string", + "description": "Either the JSON Schema content or the Amazon Resource Name (ARN) of an Lambda function." + }, + "type": { + "type": "string", + "description": "AWS AppConfig supports validators of type JSON_SCHEMA and LAMBDA." + } + } + }, + "aws-native:appconfig:EnvironmentMonitor": { + "type": "object", + "properties": { + "alarmArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the Amazon CloudWatch alarm." + }, + "alarmRoleArn": { + "type": "string", + "description": "ARN of an AWS Identity and Access Management (IAM) role for AWS AppConfig to monitor AlarmArn." + } + } + }, + "aws-native:appconfig:EnvironmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key-value string map. The valid character set is [a-zA-Z1-9+-=._:/]. The tag key can be up to 128 characters and must not start with aws:." + }, + "value": { + "type": "string", + "description": "The tag value can be up to 256 characters." + } + } + }, + "aws-native:appconfig:ExtensionAction": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The description of the extension Action." + }, + "name": { + "type": "string", + "description": "The name of the extension action." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role for invoking the extension action." + }, + "uri": { + "type": "string", + "description": "The URI of the extension action." + } + } + }, + "aws-native:appconfig:ExtensionAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:appconfig:ExtensionParameter": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The description of the extension Parameter." + }, + "dynamic": { + "type": "boolean" + }, + "required": { + "type": "boolean" + } + } + }, + "aws-native:appconfig:ExtensionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:appflow:ConnectorLambdaConnectorProvisioningConfig": { + "type": "object", + "properties": { + "lambdaArn": { + "type": "string", + "description": "Lambda ARN of the connector being registered." + } + } + }, + "aws-native:appflow:ConnectorProfileAmplitudeConnectorProfileCredentials": { + "type": "object", + "properties": { + "apiKey": { + "type": "string", + "description": "A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API." + }, + "secretKey": { + "type": "string", + "description": "The Secret Access Key portion of the credentials." + } + } + }, + "aws-native:appflow:ConnectorProfileApiKeyCredentials": { + "type": "object", + "properties": { + "apiKey": { + "type": "string", + "description": "The API key required for API key authentication." + }, + "apiSecretKey": { + "type": "string", + "description": "The API secret key required for API key authentication." + } + } + }, + "aws-native:appflow:ConnectorProfileAuthenticationType": { + "type": "string" + }, + "aws-native:appflow:ConnectorProfileBasicAuthCredentials": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "The password to use to connect to a resource." + }, + "username": { + "type": "string", + "description": "The username to use to connect to a resource." + } + } + }, + "aws-native:appflow:ConnectorProfileConfig": { + "type": "object", + "properties": { + "connectorProfileCredentials": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileCredentials", + "description": "The connector-specific credentials required by each connector." + }, + "connectorProfileProperties": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileProperties", + "description": "The connector-specific properties of the profile configuration." + } + } + }, + "aws-native:appflow:ConnectorProfileConnectionMode": { + "type": "string" + }, + "aws-native:appflow:ConnectorProfileConnectorOAuthRequest": { + "type": "object", + "properties": { + "authCode": { + "type": "string", + "description": "The code provided by the connector when it has been authenticated via the connected app." + }, + "redirectUri": { + "type": "string", + "description": "The URL to which the authentication server redirects the browser after authorization has been\ngranted." + } + } + }, + "aws-native:appflow:ConnectorProfileConnectorType": { + "type": "string" + }, + "aws-native:appflow:ConnectorProfileCredentials": { + "type": "object", + "properties": { + "amplitude": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileAmplitudeConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Amplitude." + }, + "customConnector": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileCustomConnectorProfileCredentials", + "description": "The connector-specific profile credentials that are required when using the custom connector." + }, + "datadog": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileDatadogConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Datadog." + }, + "dynatrace": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileDynatraceConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Dynatrace." + }, + "googleAnalytics": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileGoogleAnalyticsConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Google Analytics." + }, + "inforNexus": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileInforNexusConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Infor Nexus." + }, + "marketo": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileMarketoConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Marketo." + }, + "pardot": { + "$ref": "#/types/aws-native:appflow:ConnectorProfilePardotConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Salesforce Pardot." + }, + "redshift": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileRedshiftConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Amazon Redshift." + }, + "salesforce": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileSalesforceConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Salesforce." + }, + "sapoData": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileSapoDataConnectorProfileCredentials", + "description": "The connector-specific profile credentials required when using SAPOData." + }, + "serviceNow": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileServiceNowConnectorProfileCredentials", + "description": "The connector-specific credentials required when using ServiceNow." + }, + "singular": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileSingularConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Singular." + }, + "slack": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileSlackConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Slack." + }, + "snowflake": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileSnowflakeConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Snowflake." + }, + "trendmicro": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileTrendmicroConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Trend Micro." + }, + "veeva": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileVeevaConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Veeva." + }, + "zendesk": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileZendeskConnectorProfileCredentials", + "description": "The connector-specific credentials required when using Zendesk." + } + }, + "irreversibleNames": { + "sapoData": "SAPOData" + } + }, + "aws-native:appflow:ConnectorProfileCustomAuthCredentials": { + "type": "object", + "properties": { + "credentialsMap": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map that holds custom authentication credentials." + }, + "customAuthenticationType": { + "type": "string", + "description": "The custom authentication type that the connector uses." + } + } + }, + "aws-native:appflow:ConnectorProfileCustomConnectorProfileCredentials": { + "type": "object", + "properties": { + "apiKey": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileApiKeyCredentials", + "description": "The API keys required for the authentication of the user." + }, + "authenticationType": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileAuthenticationType", + "description": "The authentication type that the custom connector uses for authenticating while creating a connector profile." + }, + "basic": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileBasicAuthCredentials", + "description": "The basic credentials that are required for the authentication of the user." + }, + "custom": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileCustomAuthCredentials", + "description": "If the connector uses the custom authentication mechanism, this holds the required credentials." + }, + "oauth2": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileOAuth2Credentials", + "description": "The OAuth 2.0 credentials required for the authentication of the user." + } + } + }, + "aws-native:appflow:ConnectorProfileCustomConnectorProfileProperties": { + "type": "object", + "properties": { + "oAuth2Properties": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileOAuth2Properties", + "description": "The OAuth 2.0 properties required for OAuth 2.0 authentication." + }, + "profileProperties": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of properties that are required to create a profile for the custom connector." + } + } + }, + "aws-native:appflow:ConnectorProfileDatadogConnectorProfileCredentials": { + "type": "object", + "properties": { + "apiKey": { + "type": "string", + "description": "A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API." + }, + "applicationKey": { + "type": "string", + "description": "Application keys, in conjunction with your API key, give you full access to Datadog’s programmatic API. Application keys are associated with the user account that created them. The application key is used to log all requests made to the API." + } + } + }, + "aws-native:appflow:ConnectorProfileDatadogConnectorProfileProperties": { + "type": "object", + "properties": { + "instanceUrl": { + "type": "string", + "description": "The location of the Datadog resource" + } + } + }, + "aws-native:appflow:ConnectorProfileDynatraceConnectorProfileCredentials": { + "type": "object", + "properties": { + "apiToken": { + "type": "string", + "description": "The API tokens used by Dynatrace API to authenticate various API calls." + } + } + }, + "aws-native:appflow:ConnectorProfileDynatraceConnectorProfileProperties": { + "type": "object", + "properties": { + "instanceUrl": { + "type": "string", + "description": "The location of the Dynatrace resource" + } + } + }, + "aws-native:appflow:ConnectorProfileGoogleAnalyticsConnectorProfileCredentials": { + "type": "object", + "properties": { + "accessToken": { + "type": "string", + "description": "The credentials used to access protected resources." + }, + "clientId": { + "type": "string", + "description": "The identifier for the desired client." + }, + "clientSecret": { + "type": "string", + "description": "The client secret used by the oauth client to authenticate to the authorization server." + }, + "connectorOAuthRequest": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectorOAuthRequest", + "description": "The oauth needed to request security tokens from the connector endpoint." + }, + "refreshToken": { + "type": "string", + "description": "The credentials used to acquire new access tokens." + } + } + }, + "aws-native:appflow:ConnectorProfileInforNexusConnectorProfileCredentials": { + "type": "object", + "properties": { + "accessKeyId": { + "type": "string", + "description": "The Access Key portion of the credentials." + }, + "datakey": { + "type": "string", + "description": "The encryption keys used to encrypt data." + }, + "secretAccessKey": { + "type": "string", + "description": "The secret key used to sign requests." + }, + "userId": { + "type": "string", + "description": "The identifier for the user." + } + } + }, + "aws-native:appflow:ConnectorProfileInforNexusConnectorProfileProperties": { + "type": "object", + "properties": { + "instanceUrl": { + "type": "string", + "description": "The location of the InforNexus resource" + } + } + }, + "aws-native:appflow:ConnectorProfileMarketoConnectorProfileCredentials": { + "type": "object", + "properties": { + "accessToken": { + "type": "string", + "description": "The credentials used to access protected resources." + }, + "clientId": { + "type": "string", + "description": "The identifier for the desired client." + }, + "clientSecret": { + "type": "string", + "description": "The client secret used by the oauth client to authenticate to the authorization server." + }, + "connectorOAuthRequest": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectorOAuthRequest", + "description": "The oauth needed to request security tokens from the connector endpoint." + } + } + }, + "aws-native:appflow:ConnectorProfileMarketoConnectorProfileProperties": { + "type": "object", + "properties": { + "instanceUrl": { + "type": "string", + "description": "The location of the Marketo resource" + } + } + }, + "aws-native:appflow:ConnectorProfileOAuth2Credentials": { + "type": "object", + "properties": { + "accessToken": { + "type": "string", + "description": "The access token used to access the connector on your behalf." + }, + "clientId": { + "type": "string", + "description": "The identifier for the desired client." + }, + "clientSecret": { + "type": "string", + "description": "The client secret used by the OAuth client to authenticate to the authorization server." + }, + "oAuthRequest": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectorOAuthRequest" + }, + "refreshToken": { + "type": "string", + "description": "The refresh token used to refresh an expired access token." + } + } + }, + "aws-native:appflow:ConnectorProfileOAuth2GrantType": { + "type": "string" + }, + "aws-native:appflow:ConnectorProfileOAuth2Properties": { + "type": "object", + "properties": { + "oAuth2GrantType": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileOAuth2GrantType", + "description": "The OAuth 2.0 grant type used by connector for OAuth 2.0 authentication." + }, + "tokenUrl": { + "type": "string", + "description": "The token URL required for OAuth 2.0 authentication." + }, + "tokenUrlCustomProperties": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Associates your token URL with a map of properties that you define. Use this parameter to provide any additional details that the connector requires to authenticate your request." + } + } + }, + "aws-native:appflow:ConnectorProfileOAuthProperties": { + "type": "object", + "properties": { + "authCodeUrl": { + "type": "string", + "description": "The authorization code url required to redirect to SAP Login Page to fetch authorization code for OAuth type authentication." + }, + "oAuthScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The OAuth scopes required for OAuth type authentication." + }, + "tokenUrl": { + "type": "string", + "description": "The token url required to fetch access/refresh tokens using authorization code and also to refresh expired access token using refresh token." + } + } + }, + "aws-native:appflow:ConnectorProfilePardotConnectorProfileCredentials": { + "type": "object", + "properties": { + "accessToken": { + "type": "string", + "description": "The credentials used to access protected resources." + }, + "clientCredentialsArn": { + "type": "string", + "description": "The client credentials to fetch access token and refresh token." + }, + "connectorOAuthRequest": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectorOAuthRequest", + "description": "The oauth needed to request security tokens from the connector endpoint." + }, + "refreshToken": { + "type": "string", + "description": "The credentials used to acquire new access tokens." + } + } + }, + "aws-native:appflow:ConnectorProfilePardotConnectorProfileProperties": { + "type": "object", + "properties": { + "businessUnitId": { + "type": "string", + "description": "The Business unit id of Salesforce Pardot instance to be connected" + }, + "instanceUrl": { + "type": "string", + "description": "The location of the Salesforce Pardot resource" + }, + "isSandboxEnvironment": { + "type": "boolean", + "description": "Indicates whether the connector profile applies to a demo or production environment" + } + } + }, + "aws-native:appflow:ConnectorProfileProperties": { + "type": "object", + "properties": { + "customConnector": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileCustomConnectorProfileProperties", + "description": "The properties required by the custom connector." + }, + "datadog": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileDatadogConnectorProfileProperties", + "description": "The connector-specific properties required by Datadog." + }, + "dynatrace": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileDynatraceConnectorProfileProperties", + "description": "The connector-specific properties required by Dynatrace." + }, + "inforNexus": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileInforNexusConnectorProfileProperties", + "description": "The connector-specific properties required by Infor Nexus." + }, + "marketo": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileMarketoConnectorProfileProperties", + "description": "The connector-specific properties required by Marketo." + }, + "pardot": { + "$ref": "#/types/aws-native:appflow:ConnectorProfilePardotConnectorProfileProperties", + "description": "The connector-specific properties required by Salesforce Pardot." + }, + "redshift": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileRedshiftConnectorProfileProperties", + "description": "The connector-specific properties required by Amazon Redshift." + }, + "salesforce": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileSalesforceConnectorProfileProperties", + "description": "The connector-specific properties required by Salesforce." + }, + "sapoData": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileSapoDataConnectorProfileProperties", + "description": "The connector-specific profile properties required when using SAPOData." + }, + "serviceNow": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileServiceNowConnectorProfileProperties", + "description": "The connector-specific properties required by serviceNow." + }, + "slack": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileSlackConnectorProfileProperties", + "description": "The connector-specific properties required by Slack." + }, + "snowflake": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileSnowflakeConnectorProfileProperties", + "description": "The connector-specific properties required by Snowflake." + }, + "veeva": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileVeevaConnectorProfileProperties", + "description": "The connector-specific properties required by Veeva." + }, + "zendesk": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileZendeskConnectorProfileProperties", + "description": "The connector-specific properties required by Zendesk." + } + }, + "irreversibleNames": { + "sapoData": "SAPOData" + } + }, + "aws-native:appflow:ConnectorProfileRedshiftConnectorProfileCredentials": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "The password that corresponds to the username." + }, + "username": { + "type": "string", + "description": "The name of the user." + } + } + }, + "aws-native:appflow:ConnectorProfileRedshiftConnectorProfileProperties": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The name of the Amazon S3 bucket associated with Redshift." + }, + "bucketPrefix": { + "type": "string", + "description": "The object key for the destination bucket in which Amazon AppFlow will place the files." + }, + "clusterIdentifier": { + "type": "string", + "description": "The unique identifier of the Amazon Redshift cluster." + }, + "dataApiRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon AppFlow access to the data through the Amazon Redshift Data API." + }, + "databaseName": { + "type": "string", + "description": "The name of the Amazon Redshift database that will store the transferred data." + }, + "databaseUrl": { + "type": "string", + "description": "The JDBC URL of the Amazon Redshift cluster." + }, + "isRedshiftServerless": { + "type": "boolean", + "description": "If Amazon AppFlow will connect to Amazon Redshift Serverless or Amazon Redshift cluster." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role." + }, + "workgroupName": { + "type": "string", + "description": "The name of the Amazon Redshift serverless workgroup" + } + } + }, + "aws-native:appflow:ConnectorProfileSalesforceConnectorProfileCredentials": { + "type": "object", + "properties": { + "accessToken": { + "type": "string", + "description": "The credentials used to access protected resources." + }, + "clientCredentialsArn": { + "type": "string", + "description": "The client credentials to fetch access token and refresh token." + }, + "connectorOAuthRequest": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectorOAuthRequest", + "description": "The oauth needed to request security tokens from the connector endpoint." + }, + "jwtToken": { + "type": "string", + "description": "The credentials used to access your Salesforce records" + }, + "oAuth2GrantType": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileOAuth2GrantType", + "description": "The grant types to fetch an access token" + }, + "refreshToken": { + "type": "string", + "description": "The credentials used to acquire new access tokens." + } + } + }, + "aws-native:appflow:ConnectorProfileSalesforceConnectorProfileProperties": { + "type": "object", + "properties": { + "instanceUrl": { + "type": "string", + "description": "The location of the Salesforce resource" + }, + "isSandboxEnvironment": { + "type": "boolean", + "description": "Indicates whether the connector profile applies to a sandbox or production environment" + }, + "usePrivateLinkForMetadataAndAuthorization": { + "type": "boolean", + "description": "Indicates whether to make Metadata And Authorization calls over Pivate Network" + } + } + }, + "aws-native:appflow:ConnectorProfileSapoDataConnectorProfileCredentials": { + "type": "object", + "properties": { + "basicAuthCredentials": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileBasicAuthCredentials", + "description": "The SAPOData basic authentication credentials." + }, + "oAuthCredentials": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileSapoDataConnectorProfileCredentialsOAuthCredentialsProperties", + "description": "The SAPOData OAuth type authentication credentials." + } + } + }, + "aws-native:appflow:ConnectorProfileSapoDataConnectorProfileCredentialsOAuthCredentialsProperties": { + "type": "object", + "properties": { + "accessToken": { + "type": "string" + }, + "clientId": { + "type": "string" + }, + "clientSecret": { + "type": "string" + }, + "connectorOAuthRequest": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectorOAuthRequest" + }, + "refreshToken": { + "type": "string" + } + } + }, + "aws-native:appflow:ConnectorProfileSapoDataConnectorProfileProperties": { + "type": "object", + "properties": { + "applicationHostUrl": { + "type": "string", + "description": "The location of the SAPOData resource." + }, + "applicationServicePath": { + "type": "string", + "description": "The application path to catalog service." + }, + "clientNumber": { + "type": "string", + "description": "The client number for the client creating the connection." + }, + "disableSso": { + "type": "boolean", + "description": "If you set this parameter to true, Amazon AppFlow bypasses the single sign-on (SSO) settings in your SAP account when it accesses your SAP OData instance." + }, + "logonLanguage": { + "type": "string", + "description": "The logon language of SAPOData instance." + }, + "oAuthProperties": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileOAuthProperties", + "description": "The SAPOData OAuth properties required for OAuth type authentication." + }, + "portNumber": { + "type": "integer", + "description": "The port number of the SAPOData instance." + }, + "privateLinkServiceName": { + "type": "string", + "description": "The SAPOData Private Link service name to be used for private data transfers." + } + }, + "irreversibleNames": { + "disableSso": "DisableSSO" + } + }, + "aws-native:appflow:ConnectorProfileServiceNowConnectorProfileCredentials": { + "type": "object", + "properties": { + "oAuth2Credentials": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileOAuth2Credentials", + "description": "The OAuth 2.0 credentials required to authenticate the user." + }, + "password": { + "type": "string", + "description": "The password that corresponds to the username." + }, + "username": { + "type": "string", + "description": "The name of the user." + } + } + }, + "aws-native:appflow:ConnectorProfileServiceNowConnectorProfileProperties": { + "type": "object", + "properties": { + "instanceUrl": { + "type": "string", + "description": "The location of the ServiceNow resource" + } + } + }, + "aws-native:appflow:ConnectorProfileSingularConnectorProfileCredentials": { + "type": "object", + "properties": { + "apiKey": { + "type": "string", + "description": "A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API." + } + } + }, + "aws-native:appflow:ConnectorProfileSlackConnectorProfileCredentials": { + "type": "object", + "properties": { + "accessToken": { + "type": "string", + "description": "The credentials used to access protected resources." + }, + "clientId": { + "type": "string", + "description": "The identifier for the desired client." + }, + "clientSecret": { + "type": "string", + "description": "The client secret used by the oauth client to authenticate to the authorization server." + }, + "connectorOAuthRequest": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectorOAuthRequest", + "description": "The oauth needed to request security tokens from the connector endpoint." + } + } + }, + "aws-native:appflow:ConnectorProfileSlackConnectorProfileProperties": { + "type": "object", + "properties": { + "instanceUrl": { + "type": "string", + "description": "The location of the Slack resource" + } + } + }, + "aws-native:appflow:ConnectorProfileSnowflakeConnectorProfileCredentials": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "The password that corresponds to the username." + }, + "username": { + "type": "string", + "description": "The name of the user." + } + } + }, + "aws-native:appflow:ConnectorProfileSnowflakeConnectorProfileProperties": { + "type": "object", + "properties": { + "accountName": { + "type": "string", + "description": "The name of the account." + }, + "bucketName": { + "type": "string", + "description": "The name of the Amazon S3 bucket associated with Snowflake." + }, + "bucketPrefix": { + "type": "string", + "description": "The bucket prefix that refers to the Amazon S3 bucket associated with Snowflake." + }, + "privateLinkServiceName": { + "type": "string", + "description": "The Snowflake Private Link service name to be used for private data transfers." + }, + "region": { + "type": "string", + "description": "The region of the Snowflake account." + }, + "stage": { + "type": "string", + "description": "The name of the Amazon S3 stage that was created while setting up an Amazon S3 stage in the\nSnowflake account. This is written in the following format: \u003c Database\u003e\u003c Schema\u003e\u003cStage Name\u003e." + }, + "warehouse": { + "type": "string", + "description": "The name of the Snowflake warehouse." + } + } + }, + "aws-native:appflow:ConnectorProfileTrendmicroConnectorProfileCredentials": { + "type": "object", + "properties": { + "apiSecretKey": { + "type": "string", + "description": "The Secret Access Key portion of the credentials." + } + } + }, + "aws-native:appflow:ConnectorProfileVeevaConnectorProfileCredentials": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "The password that corresponds to the username." + }, + "username": { + "type": "string", + "description": "The name of the user." + } + } + }, + "aws-native:appflow:ConnectorProfileVeevaConnectorProfileProperties": { + "type": "object", + "properties": { + "instanceUrl": { + "type": "string", + "description": "The location of the Veeva resource" + } + } + }, + "aws-native:appflow:ConnectorProfileZendeskConnectorProfileCredentials": { + "type": "object", + "properties": { + "accessToken": { + "type": "string", + "description": "The credentials used to access protected resources." + }, + "clientId": { + "type": "string", + "description": "The identifier for the desired client." + }, + "clientSecret": { + "type": "string", + "description": "The client secret used by the oauth client to authenticate to the authorization server." + }, + "connectorOAuthRequest": { + "$ref": "#/types/aws-native:appflow:ConnectorProfileConnectorOAuthRequest", + "description": "The oauth needed to request security tokens from the connector endpoint." + } + } + }, + "aws-native:appflow:ConnectorProfileZendeskConnectorProfileProperties": { + "type": "object", + "properties": { + "instanceUrl": { + "type": "string", + "description": "The location of the Zendesk resource" + } + } + }, + "aws-native:appflow:ConnectorProvisioningConfig": { + "type": "object", + "properties": { + "lambda": { + "$ref": "#/types/aws-native:appflow:ConnectorLambdaConnectorProvisioningConfig", + "description": "Contains information about the configuration of the lambda which is being registered as the connector." + } + } + }, + "aws-native:appflow:FlowAggregationConfig": { + "type": "object", + "properties": { + "aggregationType": { + "$ref": "#/types/aws-native:appflow:FlowAggregationType", + "description": "Specifies whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated." + }, + "targetFileSize": { + "type": "integer", + "description": "The desired file size, in MB, for each output file that Amazon AppFlow writes to the flow destination. For each file, Amazon AppFlow attempts to achieve the size that you specify. The actual file sizes might differ from this target based on the number and size of the records that each file contains." + } + } + }, + "aws-native:appflow:FlowAggregationType": { + "type": "string" + }, + "aws-native:appflow:FlowAmplitudeConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowAmplitudeSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Amplitude flow source." + } + } + }, + "aws-native:appflow:FlowConnectorOperator": { + "type": "object", + "properties": { + "amplitude": { + "$ref": "#/types/aws-native:appflow:FlowAmplitudeConnectorOperator", + "description": "The operation to be performed on the provided Amplitude source fields." + }, + "customConnector": { + "$ref": "#/types/aws-native:appflow:FlowOperator", + "description": "Operators supported by the custom connector." + }, + "datadog": { + "$ref": "#/types/aws-native:appflow:FlowDatadogConnectorOperator", + "description": "The operation to be performed on the provided Datadog source fields." + }, + "dynatrace": { + "$ref": "#/types/aws-native:appflow:FlowDynatraceConnectorOperator", + "description": "The operation to be performed on the provided Dynatrace source fields." + }, + "googleAnalytics": { + "$ref": "#/types/aws-native:appflow:FlowGoogleAnalyticsConnectorOperator", + "description": "The operation to be performed on the provided Google Analytics source fields." + }, + "inforNexus": { + "$ref": "#/types/aws-native:appflow:FlowInforNexusConnectorOperator", + "description": "The operation to be performed on the provided Infor Nexus source fields." + }, + "marketo": { + "$ref": "#/types/aws-native:appflow:FlowMarketoConnectorOperator", + "description": "The operation to be performed on the provided Marketo source fields." + }, + "pardot": { + "$ref": "#/types/aws-native:appflow:FlowPardotConnectorOperator", + "description": "The operation to be performed on the provided Salesforce Pardot source fields." + }, + "s3": { + "$ref": "#/types/aws-native:appflow:FlowS3ConnectorOperator", + "description": "The operation to be performed on the provided Amazon S3 source fields." + }, + "salesforce": { + "$ref": "#/types/aws-native:appflow:FlowSalesforceConnectorOperator", + "description": "The operation to be performed on the provided Salesforce source fields." + }, + "sapoData": { + "$ref": "#/types/aws-native:appflow:FlowSapoDataConnectorOperator", + "description": "The operation to be performed on the provided SAPOData source fields." + }, + "serviceNow": { + "$ref": "#/types/aws-native:appflow:FlowServiceNowConnectorOperator", + "description": "The operation to be performed on the provided ServiceNow source fields." + }, + "singular": { + "$ref": "#/types/aws-native:appflow:FlowSingularConnectorOperator", + "description": "The operation to be performed on the provided Singular source fields." + }, + "slack": { + "$ref": "#/types/aws-native:appflow:FlowSlackConnectorOperator", + "description": "The operation to be performed on the provided Slack source fields." + }, + "trendmicro": { + "$ref": "#/types/aws-native:appflow:FlowTrendmicroConnectorOperator", + "description": "The operation to be performed on the provided Trend Micro source fields." + }, + "veeva": { + "$ref": "#/types/aws-native:appflow:FlowVeevaConnectorOperator", + "description": "The operation to be performed on the provided Veeva source fields." + }, + "zendesk": { + "$ref": "#/types/aws-native:appflow:FlowZendeskConnectorOperator", + "description": "The operation to be performed on the provided Zendesk source fields." + } + }, + "irreversibleNames": { + "s3": "S3", + "sapoData": "SAPOData" + } + }, + "aws-native:appflow:FlowConnectorType": { + "type": "string" + }, + "aws-native:appflow:FlowCustomConnectorDestinationProperties": { + "type": "object", + "properties": { + "customProperties": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The custom properties that are specific to the connector when it's used as a destination in the flow." + }, + "entityName": { + "type": "string", + "description": "The entity specified in the custom connector as a destination in the flow." + }, + "errorHandlingConfig": { + "$ref": "#/types/aws-native:appflow:FlowErrorHandlingConfig", + "description": "The settings that determine how Amazon AppFlow handles an error when placing data in the custom connector as destination." + }, + "idFieldNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of fields used as ID when performing a write operation." + }, + "writeOperationType": { + "$ref": "#/types/aws-native:appflow:FlowWriteOperationType", + "description": "Specifies the type of write operation to be performed in the custom connector when it's used as destination." + } + } + }, + "aws-native:appflow:FlowCustomConnectorSourceProperties": { + "type": "object", + "properties": { + "customProperties": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Custom properties that are required to use the custom connector as a source." + }, + "dataTransferApi": { + "$ref": "#/types/aws-native:appflow:FlowCustomConnectorSourcePropertiesDataTransferApiProperties", + "description": "The API of the connector application that Amazon AppFlow uses to transfer your data." + }, + "entityName": { + "type": "string", + "description": "The entity specified in the custom connector as a source in the flow." + } + } + }, + "aws-native:appflow:FlowCustomConnectorSourcePropertiesDataTransferApiProperties": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "type": { + "$ref": "#/types/aws-native:appflow:FlowCustomConnectorSourcePropertiesDataTransferApiPropertiesType" + } + } + }, + "aws-native:appflow:FlowCustomConnectorSourcePropertiesDataTransferApiPropertiesType": { + "type": "string" + }, + "aws-native:appflow:FlowDataTransferApi": { + "type": "string" + }, + "aws-native:appflow:FlowDatadogConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowDatadogSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Datadog flow source." + } + } + }, + "aws-native:appflow:FlowDestinationConnectorProperties": { + "type": "object", + "properties": { + "customConnector": { + "$ref": "#/types/aws-native:appflow:FlowCustomConnectorDestinationProperties", + "description": "The properties that are required to query the custom Connector." + }, + "eventBridge": { + "$ref": "#/types/aws-native:appflow:FlowEventBridgeDestinationProperties", + "description": "The properties required to query Amazon EventBridge." + }, + "lookoutMetrics": { + "$ref": "#/types/aws-native:appflow:FlowLookoutMetricsDestinationProperties", + "description": "The properties required to query Amazon Lookout for Metrics." + }, + "marketo": { + "$ref": "#/types/aws-native:appflow:FlowMarketoDestinationProperties", + "description": "The properties required to query Marketo." + }, + "redshift": { + "$ref": "#/types/aws-native:appflow:FlowRedshiftDestinationProperties", + "description": "The properties required to query Amazon Redshift." + }, + "s3": { + "$ref": "#/types/aws-native:appflow:FlowS3DestinationProperties", + "description": "The properties required to query Amazon S3." + }, + "salesforce": { + "$ref": "#/types/aws-native:appflow:FlowSalesforceDestinationProperties", + "description": "The properties required to query Salesforce." + }, + "sapoData": { + "$ref": "#/types/aws-native:appflow:FlowSapoDataDestinationProperties", + "description": "The properties required to query SAPOData." + }, + "snowflake": { + "$ref": "#/types/aws-native:appflow:FlowSnowflakeDestinationProperties", + "description": "The properties required to query Snowflake." + }, + "upsolver": { + "$ref": "#/types/aws-native:appflow:FlowUpsolverDestinationProperties", + "description": "The properties required to query Upsolver." + }, + "zendesk": { + "$ref": "#/types/aws-native:appflow:FlowZendeskDestinationProperties", + "description": "The properties required to query Zendesk." + } + }, + "irreversibleNames": { + "s3": "S3", + "sapoData": "SAPOData" + } + }, + "aws-native:appflow:FlowDestinationFlowConfig": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "description": "The API version that the destination connector uses." + }, + "connectorProfileName": { + "type": "string", + "description": "Name of destination connector profile" + }, + "connectorType": { + "$ref": "#/types/aws-native:appflow:FlowConnectorType", + "description": "Destination connector type" + }, + "destinationConnectorProperties": { + "$ref": "#/types/aws-native:appflow:FlowDestinationConnectorProperties", + "description": "Destination connector details" + } + } + }, + "aws-native:appflow:FlowDynatraceConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowDynatraceSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Dynatrace flow source." + } + } + }, + "aws-native:appflow:FlowErrorHandlingConfig": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "Specifies the name of the Amazon S3 bucket." + }, + "bucketPrefix": { + "type": "string", + "description": "Specifies the Amazon S3 bucket prefix." + }, + "failOnFirstError": { + "type": "boolean", + "description": "Specifies if the flow should fail after the first instance of a failure when attempting to place data in the destination." + } + } + }, + "aws-native:appflow:FlowEventBridgeDestinationProperties": { + "type": "object", + "properties": { + "errorHandlingConfig": { + "$ref": "#/types/aws-native:appflow:FlowErrorHandlingConfig", + "description": "The object specified in the Amplitude flow source." + }, + "object": { + "type": "string", + "description": "The object specified in the Amazon EventBridge flow destination." + } + } + }, + "aws-native:appflow:FlowFileType": { + "type": "string" + }, + "aws-native:appflow:FlowGlueDataCatalog": { + "type": "object", + "properties": { + "databaseName": { + "type": "string", + "description": "A string containing the value for the tag" + }, + "roleArn": { + "type": "string", + "description": "A string containing the value for the tag" + }, + "tablePrefix": { + "type": "string", + "description": "A string containing the value for the tag" + } + } + }, + "aws-native:appflow:FlowGoogleAnalyticsConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowGoogleAnalyticsSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Google Analytics flow source." + } + } + }, + "aws-native:appflow:FlowIncrementalPullConfig": { + "type": "object", + "properties": { + "datetimeTypeFieldName": { + "type": "string", + "description": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source." + } + } + }, + "aws-native:appflow:FlowInforNexusConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowInforNexusSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Infor Nexus flow source." + } + } + }, + "aws-native:appflow:FlowLookoutMetricsDestinationProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Amazon Lookout for Metrics flow destination." + } + } + }, + "aws-native:appflow:FlowMarketoConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowMarketoDestinationProperties": { + "type": "object", + "properties": { + "errorHandlingConfig": { + "$ref": "#/types/aws-native:appflow:FlowErrorHandlingConfig", + "description": "The settings that determine how Amazon AppFlow handles an error when placing data in the destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details." + }, + "object": { + "type": "string", + "description": "The object specified in the Marketo flow destination." + } + } + }, + "aws-native:appflow:FlowMarketoSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Marketo flow source." + } + } + }, + "aws-native:appflow:FlowMetadataCatalogConfig": { + "type": "object", + "properties": { + "glueDataCatalog": { + "$ref": "#/types/aws-native:appflow:FlowGlueDataCatalog", + "description": "Configurations of glue data catalog of the flow." + } + } + }, + "aws-native:appflow:FlowOperator": { + "type": "string" + }, + "aws-native:appflow:FlowOperatorPropertiesKeys": { + "type": "string" + }, + "aws-native:appflow:FlowPardotConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowPardotSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Salesforce Pardot flow source." + } + } + }, + "aws-native:appflow:FlowPathPrefix": { + "type": "string" + }, + "aws-native:appflow:FlowPrefixConfig": { + "type": "object", + "properties": { + "pathPrefixHierarchy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appflow:FlowPathPrefix" + }, + "description": "Specifies whether the destination file path includes either or both of the following elements:\n\n- **EXECUTION_ID** - The ID that Amazon AppFlow assigns to the flow run.\n- **SCHEMA_VERSION** - The version number of your data schema. Amazon AppFlow assigns this version number. The version number increases by one when you change any of the following settings in your flow configuration:\n\n- Source-to-destination field mappings\n- Field data types\n- Partition keys" + }, + "prefixFormat": { + "$ref": "#/types/aws-native:appflow:FlowPrefixFormat", + "description": "Determines the level of granularity for the date and time that's included in the prefix." + }, + "prefixType": { + "$ref": "#/types/aws-native:appflow:FlowPrefixType", + "description": "Determines the format of the prefix, and whether it applies to the file name, file path, or both." + } + } + }, + "aws-native:appflow:FlowPrefixFormat": { + "type": "string" + }, + "aws-native:appflow:FlowPrefixType": { + "type": "string" + }, + "aws-native:appflow:FlowRedshiftDestinationProperties": { + "type": "object", + "properties": { + "bucketPrefix": { + "type": "string", + "description": "The object key for the bucket in which Amazon AppFlow places the destination files." + }, + "errorHandlingConfig": { + "$ref": "#/types/aws-native:appflow:FlowErrorHandlingConfig", + "description": "The settings that determine how Amazon AppFlow handles an error when placing data in the Amazon Redshift destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details." + }, + "intermediateBucketName": { + "type": "string", + "description": "The intermediate bucket that Amazon AppFlow uses when moving data into Amazon Redshift." + }, + "object": { + "type": "string", + "description": "The object specified in the Amazon Redshift flow destination." + } + } + }, + "aws-native:appflow:FlowS3ConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowS3DestinationProperties": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The Amazon S3 bucket name in which Amazon AppFlow places the transferred data." + }, + "bucketPrefix": { + "type": "string", + "description": "The object key for the destination bucket in which Amazon AppFlow places the files." + }, + "s3OutputFormatConfig": { + "$ref": "#/types/aws-native:appflow:FlowS3OutputFormatConfig", + "description": "The configuration that determines how Amazon AppFlow should format the flow output data when Amazon S3 is used as the destination." + } + }, + "irreversibleNames": { + "s3OutputFormatConfig": "S3OutputFormatConfig" + } + }, + "aws-native:appflow:FlowS3InputFormatConfig": { + "type": "object", + "properties": { + "s3InputFileType": { + "$ref": "#/types/aws-native:appflow:FlowS3InputFormatConfigS3InputFileType", + "description": "The file type that Amazon AppFlow gets from your Amazon S3 bucket." + } + }, + "irreversibleNames": { + "s3InputFileType": "S3InputFileType" + } + }, + "aws-native:appflow:FlowS3InputFormatConfigS3InputFileType": { + "type": "string" + }, + "aws-native:appflow:FlowS3OutputFormatConfig": { + "type": "object", + "properties": { + "aggregationConfig": { + "$ref": "#/types/aws-native:appflow:FlowAggregationConfig", + "description": "The aggregation settings that you can use to customize the output format of your flow data." + }, + "fileType": { + "$ref": "#/types/aws-native:appflow:FlowFileType", + "description": "Indicates the file type that Amazon AppFlow places in the Amazon S3 bucket." + }, + "prefixConfig": { + "$ref": "#/types/aws-native:appflow:FlowPrefixConfig", + "description": "Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date." + }, + "preserveSourceDataTyping": { + "type": "boolean", + "description": "If your file output format is Parquet, use this parameter to set whether Amazon AppFlow preserves the data types in your source data when it writes the output to Amazon S3.\n\n- `true` : Amazon AppFlow preserves the data types when it writes to Amazon S3. For example, an integer or `1` in your source data is still an integer in your output.\n- `false` : Amazon AppFlow converts all of the source data into strings when it writes to Amazon S3. For example, an integer of `1` in your source data becomes the string `\"1\"` in the output." + } + } + }, + "aws-native:appflow:FlowS3SourceProperties": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The Amazon S3 bucket name where the source files are stored." + }, + "bucketPrefix": { + "type": "string", + "description": "The object key for the Amazon S3 bucket in which the source files are stored." + }, + "s3InputFormatConfig": { + "$ref": "#/types/aws-native:appflow:FlowS3InputFormatConfig", + "description": "When you use Amazon S3 as the source, the configuration format that you provide the flow input data." + } + }, + "irreversibleNames": { + "s3InputFormatConfig": "S3InputFormatConfig" + } + }, + "aws-native:appflow:FlowSalesforceConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowSalesforceDestinationProperties": { + "type": "object", + "properties": { + "dataTransferApi": { + "$ref": "#/types/aws-native:appflow:FlowDataTransferApi", + "description": "Specifies which Salesforce API is used by Amazon AppFlow when your flow transfers data to Salesforce.\n\n- **AUTOMATIC** - The default. Amazon AppFlow selects which API to use based on the number of records that your flow transfers to Salesforce. If your flow transfers fewer than 1,000 records, Amazon AppFlow uses Salesforce REST API. If your flow transfers 1,000 records or more, Amazon AppFlow uses Salesforce Bulk API 2.0.\n\nEach of these Salesforce APIs structures data differently. If Amazon AppFlow selects the API automatically, be aware that, for recurring flows, the data output might vary from one flow run to the next. For example, if a flow runs daily, it might use REST API on one day to transfer 900 records, and it might use Bulk API 2.0 on the next day to transfer 1,100 records. For each of these flow runs, the respective Salesforce API formats the data differently. Some of the differences include how dates are formatted and null values are represented. Also, Bulk API 2.0 doesn't transfer Salesforce compound fields.\n\nBy choosing this option, you optimize flow performance for both small and large data transfers, but the tradeoff is inconsistent formatting in the output.\n- **BULKV2** - Amazon AppFlow uses only Salesforce Bulk API 2.0. This API runs asynchronous data transfers, and it's optimal for large sets of data. By choosing this option, you ensure that your flow writes consistent output, but you optimize performance only for large data transfers.\n\nNote that Bulk API 2.0 does not transfer Salesforce compound fields.\n- **REST_SYNC** - Amazon AppFlow uses only Salesforce REST API. By choosing this option, you ensure that your flow writes consistent output, but you decrease performance for large data transfers that are better suited for Bulk API 2.0. In some cases, if your flow attempts to transfer a vary large set of data, it might fail with a timed out error." + }, + "errorHandlingConfig": { + "$ref": "#/types/aws-native:appflow:FlowErrorHandlingConfig", + "description": "The settings that determine how Amazon AppFlow handles an error when placing data in the Salesforce destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details." + }, + "idFieldNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of fields used as ID when performing a write operation." + }, + "object": { + "type": "string", + "description": "The object specified in the Salesforce flow destination." + }, + "writeOperationType": { + "$ref": "#/types/aws-native:appflow:FlowWriteOperationType", + "description": "This specifies the type of write operation to be performed in Salesforce. When the value is `UPSERT` , then `idFieldNames` is required." + } + } + }, + "aws-native:appflow:FlowSalesforceSourceProperties": { + "type": "object", + "properties": { + "dataTransferApi": { + "$ref": "#/types/aws-native:appflow:FlowDataTransferApi", + "description": "Specifies which Salesforce API is used by Amazon AppFlow when your flow transfers data from Salesforce.\n\n- **AUTOMATIC** - The default. Amazon AppFlow selects which API to use based on the number of records that your flow transfers from Salesforce. If your flow transfers fewer than 1,000,000 records, Amazon AppFlow uses Salesforce REST API. If your flow transfers 1,000,000 records or more, Amazon AppFlow uses Salesforce Bulk API 2.0.\n\nEach of these Salesforce APIs structures data differently. If Amazon AppFlow selects the API automatically, be aware that, for recurring flows, the data output might vary from one flow run to the next. For example, if a flow runs daily, it might use REST API on one day to transfer 900,000 records, and it might use Bulk API 2.0 on the next day to transfer 1,100,000 records. For each of these flow runs, the respective Salesforce API formats the data differently. Some of the differences include how dates are formatted and null values are represented. Also, Bulk API 2.0 doesn't transfer Salesforce compound fields.\n\nBy choosing this option, you optimize flow performance for both small and large data transfers, but the tradeoff is inconsistent formatting in the output.\n- **BULKV2** - Amazon AppFlow uses only Salesforce Bulk API 2.0. This API runs asynchronous data transfers, and it's optimal for large sets of data. By choosing this option, you ensure that your flow writes consistent output, but you optimize performance only for large data transfers.\n\nNote that Bulk API 2.0 does not transfer Salesforce compound fields.\n- **REST_SYNC** - Amazon AppFlow uses only Salesforce REST API. By choosing this option, you ensure that your flow writes consistent output, but you decrease performance for large data transfers that are better suited for Bulk API 2.0. In some cases, if your flow attempts to transfer a vary large set of data, it might fail wituh a timed out error." + }, + "enableDynamicFieldUpdate": { + "type": "boolean", + "description": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow." + }, + "includeDeletedRecords": { + "type": "boolean", + "description": "Indicates whether Amazon AppFlow includes deleted files in the flow run." + }, + "object": { + "type": "string", + "description": "The object specified in the Salesforce flow source." + } + } + }, + "aws-native:appflow:FlowSapoDataConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowSapoDataDestinationProperties": { + "type": "object", + "properties": { + "errorHandlingConfig": { + "$ref": "#/types/aws-native:appflow:FlowErrorHandlingConfig", + "description": "The settings that determine how Amazon AppFlow handles an error when placing data in the destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details." + }, + "idFieldNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of fields used as ID when performing a write operation." + }, + "objectPath": { + "type": "string", + "description": "The object path specified in the SAPOData flow destination." + }, + "successResponseHandlingConfig": { + "$ref": "#/types/aws-native:appflow:FlowSuccessResponseHandlingConfig", + "description": "Determines how Amazon AppFlow handles the success response that it gets from the connector after placing data.\n\nFor example, this setting would determine where to write the response from a destination connector upon a successful insert operation." + }, + "writeOperationType": { + "$ref": "#/types/aws-native:appflow:FlowWriteOperationType", + "description": "The possible write operations in the destination connector. When this value is not provided, this defaults to the `INSERT` operation." + } + } + }, + "aws-native:appflow:FlowSapoDataPaginationConfig": { + "type": "object", + "properties": { + "maxPageSize": { + "type": "integer" + } + } + }, + "aws-native:appflow:FlowSapoDataParallelismConfig": { + "type": "object", + "properties": { + "maxParallelism": { + "type": "integer" + } + } + }, + "aws-native:appflow:FlowSapoDataSourceProperties": { + "type": "object", + "properties": { + "objectPath": { + "type": "string", + "description": "The object path specified in the SAPOData flow source." + }, + "paginationConfig": { + "$ref": "#/types/aws-native:appflow:FlowSapoDataPaginationConfig" + }, + "parallelismConfig": { + "$ref": "#/types/aws-native:appflow:FlowSapoDataParallelismConfig" + } + } + }, + "aws-native:appflow:FlowScheduledTriggerProperties": { + "type": "object", + "properties": { + "dataPullMode": { + "$ref": "#/types/aws-native:appflow:FlowScheduledTriggerPropertiesDataPullMode", + "description": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run." + }, + "firstExecutionFrom": { + "type": "number", + "description": "Specifies the date range for the records to import from the connector in the first flow run." + }, + "flowErrorDeactivationThreshold": { + "type": "integer", + "description": "Defines how many times a scheduled flow fails consecutively before Amazon AppFlow deactivates it." + }, + "scheduleEndTime": { + "type": "number", + "description": "The time at which the scheduled flow ends. The time is formatted as a timestamp that follows the ISO 8601 standard, such as `2022-04-27T13:00:00-07:00` ." + }, + "scheduleExpression": { + "type": "string", + "description": "The scheduling expression that determines the rate at which the schedule will run, for example `rate(5minutes)` ." + }, + "scheduleOffset": { + "type": "number", + "description": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow." + }, + "scheduleStartTime": { + "type": "number", + "description": "The time at which the scheduled flow starts. The time is formatted as a timestamp that follows the ISO 8601 standard, such as `2022-04-26T13:00:00-07:00` ." + }, + "timeZone": { + "type": "string", + "description": "Specifies the time zone used when referring to the dates and times of a scheduled flow, such as `America/New_York` . This time zone is only a descriptive label. It doesn't affect how Amazon AppFlow interprets the timestamps that you specify to schedule the flow.\n\nIf you want to schedule a flow by using times in a particular time zone, indicate the time zone as a UTC offset in your timestamps. For example, the UTC offsets for the `America/New_York` timezone are `-04:00` EDT and `-05:00 EST` ." + } + } + }, + "aws-native:appflow:FlowScheduledTriggerPropertiesDataPullMode": { + "type": "string" + }, + "aws-native:appflow:FlowServiceNowConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowServiceNowSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the ServiceNow flow source." + } + } + }, + "aws-native:appflow:FlowSingularConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowSingularSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Singular flow source." + } + } + }, + "aws-native:appflow:FlowSlackConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowSlackSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Slack flow source." + } + } + }, + "aws-native:appflow:FlowSnowflakeDestinationProperties": { + "type": "object", + "properties": { + "bucketPrefix": { + "type": "string", + "description": "The object key for the destination bucket in which Amazon AppFlow places the files." + }, + "errorHandlingConfig": { + "$ref": "#/types/aws-native:appflow:FlowErrorHandlingConfig", + "description": "The settings that determine how Amazon AppFlow handles an error when placing data in the Snowflake destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details." + }, + "intermediateBucketName": { + "type": "string", + "description": "The intermediate bucket that Amazon AppFlow uses when moving data into Snowflake." + }, + "object": { + "type": "string", + "description": "The object specified in the Snowflake flow destination." + } + } + }, + "aws-native:appflow:FlowSourceConnectorProperties": { + "type": "object", + "properties": { + "amplitude": { + "$ref": "#/types/aws-native:appflow:FlowAmplitudeSourceProperties", + "description": "Specifies the information that is required for querying Amplitude." + }, + "customConnector": { + "$ref": "#/types/aws-native:appflow:FlowCustomConnectorSourceProperties", + "description": "The properties that are applied when the custom connector is being used as a source." + }, + "datadog": { + "$ref": "#/types/aws-native:appflow:FlowDatadogSourceProperties", + "description": "Specifies the information that is required for querying Datadog." + }, + "dynatrace": { + "$ref": "#/types/aws-native:appflow:FlowDynatraceSourceProperties", + "description": "Specifies the information that is required for querying Dynatrace." + }, + "googleAnalytics": { + "$ref": "#/types/aws-native:appflow:FlowGoogleAnalyticsSourceProperties", + "description": "Specifies the information that is required for querying Google Analytics." + }, + "inforNexus": { + "$ref": "#/types/aws-native:appflow:FlowInforNexusSourceProperties", + "description": "Specifies the information that is required for querying Infor Nexus." + }, + "marketo": { + "$ref": "#/types/aws-native:appflow:FlowMarketoSourceProperties", + "description": "Specifies the information that is required for querying Marketo." + }, + "pardot": { + "$ref": "#/types/aws-native:appflow:FlowPardotSourceProperties", + "description": "Specifies the information that is required for querying Salesforce Pardot." + }, + "s3": { + "$ref": "#/types/aws-native:appflow:FlowS3SourceProperties", + "description": "Specifies the information that is required for querying Amazon S3." + }, + "salesforce": { + "$ref": "#/types/aws-native:appflow:FlowSalesforceSourceProperties", + "description": "Specifies the information that is required for querying Salesforce." + }, + "sapoData": { + "$ref": "#/types/aws-native:appflow:FlowSapoDataSourceProperties", + "description": "The properties that are applied when using SAPOData as a flow source." + }, + "serviceNow": { + "$ref": "#/types/aws-native:appflow:FlowServiceNowSourceProperties", + "description": "Specifies the information that is required for querying ServiceNow." + }, + "singular": { + "$ref": "#/types/aws-native:appflow:FlowSingularSourceProperties", + "description": "Specifies the information that is required for querying Singular." + }, + "slack": { + "$ref": "#/types/aws-native:appflow:FlowSlackSourceProperties", + "description": "Specifies the information that is required for querying Slack." + }, + "trendmicro": { + "$ref": "#/types/aws-native:appflow:FlowTrendmicroSourceProperties", + "description": "Specifies the information that is required for querying Trend Micro." + }, + "veeva": { + "$ref": "#/types/aws-native:appflow:FlowVeevaSourceProperties", + "description": "Specifies the information that is required for querying Veeva." + }, + "zendesk": { + "$ref": "#/types/aws-native:appflow:FlowZendeskSourceProperties", + "description": "Specifies the information that is required for querying Zendesk." + } + }, + "irreversibleNames": { + "s3": "S3", + "sapoData": "SAPOData" + } + }, + "aws-native:appflow:FlowSourceFlowConfig": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "description": "The API version that the destination connector uses." + }, + "connectorProfileName": { + "type": "string", + "description": "Name of source connector profile" + }, + "connectorType": { + "$ref": "#/types/aws-native:appflow:FlowConnectorType", + "description": "Type of source connector" + }, + "incrementalPullConfig": { + "$ref": "#/types/aws-native:appflow:FlowIncrementalPullConfig", + "description": "Configuration for scheduled incremental data pull" + }, + "sourceConnectorProperties": { + "$ref": "#/types/aws-native:appflow:FlowSourceConnectorProperties", + "description": "Source connector details required to query a connector" + } + } + }, + "aws-native:appflow:FlowStatus": { + "type": "string" + }, + "aws-native:appflow:FlowSuccessResponseHandlingConfig": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The name of the Amazon S3 bucket." + }, + "bucketPrefix": { + "type": "string", + "description": "The Amazon S3 bucket prefix." + } + } + }, + "aws-native:appflow:FlowTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag" + }, + "value": { + "type": "string", + "description": "A string containing the value for the tag" + } + } + }, + "aws-native:appflow:FlowTask": { + "type": "object", + "properties": { + "connectorOperator": { + "$ref": "#/types/aws-native:appflow:FlowConnectorOperator", + "description": "Operation to be performed on provided source fields" + }, + "destinationField": { + "type": "string", + "description": "A field value on which source field should be validated" + }, + "sourceFields": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Source fields on which particular task will be applied" + }, + "taskProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:appflow:FlowTaskPropertiesObject" + }, + "description": "A Map used to store task related info" + }, + "taskType": { + "$ref": "#/types/aws-native:appflow:FlowTaskType", + "description": "Type of task" + } + } + }, + "aws-native:appflow:FlowTaskPropertiesObject": { + "type": "object", + "properties": { + "key": { + "$ref": "#/types/aws-native:appflow:FlowOperatorPropertiesKeys", + "description": "The task property key." + }, + "value": { + "type": "string", + "description": "The task property value." + } + } + }, + "aws-native:appflow:FlowTaskType": { + "type": "string" + }, + "aws-native:appflow:FlowTrendmicroConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowTrendmicroSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Trend Micro flow source." + } + } + }, + "aws-native:appflow:FlowTriggerConfig": { + "type": "object", + "properties": { + "triggerProperties": { + "$ref": "#/types/aws-native:appflow:FlowScheduledTriggerProperties", + "description": "Details required based on the type of trigger" + }, + "triggerType": { + "$ref": "#/types/aws-native:appflow:FlowTriggerType", + "description": "Trigger type of the flow" + } + } + }, + "aws-native:appflow:FlowTriggerType": { + "type": "string" + }, + "aws-native:appflow:FlowUpsolverDestinationProperties": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The Upsolver Amazon S3 bucket name in which Amazon AppFlow places the transferred data." + }, + "bucketPrefix": { + "type": "string", + "description": "The object key for the destination Upsolver Amazon S3 bucket in which Amazon AppFlow places the files." + }, + "s3OutputFormatConfig": { + "$ref": "#/types/aws-native:appflow:FlowUpsolverS3OutputFormatConfig", + "description": "The configuration that determines how data is formatted when Upsolver is used as the flow destination." + } + }, + "irreversibleNames": { + "s3OutputFormatConfig": "S3OutputFormatConfig" + } + }, + "aws-native:appflow:FlowUpsolverS3OutputFormatConfig": { + "type": "object", + "properties": { + "aggregationConfig": { + "$ref": "#/types/aws-native:appflow:FlowAggregationConfig", + "description": "The aggregation settings that you can use to customize the output format of your flow data." + }, + "fileType": { + "$ref": "#/types/aws-native:appflow:FlowFileType", + "description": "Indicates the file type that Amazon AppFlow places in the Upsolver Amazon S3 bucket." + }, + "prefixConfig": { + "$ref": "#/types/aws-native:appflow:FlowPrefixConfig", + "description": "Specifies elements that Amazon AppFlow includes in the file and folder names in the flow destination." + } + } + }, + "aws-native:appflow:FlowVeevaConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowVeevaSourceProperties": { + "type": "object", + "properties": { + "documentType": { + "type": "string", + "description": "The document type specified in the Veeva document extract flow." + }, + "includeAllVersions": { + "type": "boolean", + "description": "Boolean value to include All Versions of files in Veeva document extract flow." + }, + "includeRenditions": { + "type": "boolean", + "description": "Boolean value to include file renditions in Veeva document extract flow." + }, + "includeSourceFiles": { + "type": "boolean", + "description": "Boolean value to include source files in Veeva document extract flow." + }, + "object": { + "type": "string", + "description": "The object specified in the Veeva flow source." + } + } + }, + "aws-native:appflow:FlowWriteOperationType": { + "type": "string" + }, + "aws-native:appflow:FlowZendeskConnectorOperator": { + "type": "string" + }, + "aws-native:appflow:FlowZendeskDestinationProperties": { + "type": "object", + "properties": { + "errorHandlingConfig": { + "$ref": "#/types/aws-native:appflow:FlowErrorHandlingConfig", + "description": "The settings that determine how Amazon AppFlow handles an error when placing data in the destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details." + }, + "idFieldNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of fields used as ID when performing a write operation." + }, + "object": { + "type": "string", + "description": "The object specified in the Zendesk flow destination." + }, + "writeOperationType": { + "$ref": "#/types/aws-native:appflow:FlowWriteOperationType", + "description": "The possible write operations in the destination connector. When this value is not provided, this defaults to the `INSERT` operation." + } + } + }, + "aws-native:appflow:FlowZendeskSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Zendesk flow source." + } + } + }, + "aws-native:appintegrations:ApplicationExternalUrlConfig": { + "type": "object", + "properties": { + "accessUrl": { + "type": "string", + "description": "The URL to access the application." + }, + "approvedOrigins": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Additional URLs to allow list if different than the access URL." + } + } + }, + "aws-native:appintegrations:ApplicationSourceConfigProperties": { + "type": "object", + "properties": { + "externalUrlConfig": { + "$ref": "#/types/aws-native:appintegrations:ApplicationExternalUrlConfig", + "description": "The external URL source for the application." + } + } + }, + "aws-native:appintegrations:ApplicationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key to identify the tag." + }, + "value": { + "type": "string", + "description": "Corresponding tag value for the key." + } + } + }, + "aws-native:appintegrations:DataIntegrationFileConfiguration": { + "type": "object", + "properties": { + "filters": { + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "string" + } + }, + "description": "Restrictions for what files should be pulled from the source." + }, + "folders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identifiers for the source folders to pull all files from recursively." + } + } + }, + "aws-native:appintegrations:DataIntegrationScheduleConfig": { + "type": "object", + "properties": { + "firstExecutionFrom": { + "type": "string", + "description": "The start date for objects to import in the first flow run. Epoch or ISO timestamp format is supported." + }, + "object": { + "type": "string", + "description": "The name of the object to pull from the data source." + }, + "scheduleExpression": { + "type": "string", + "description": "How often the data should be pulled from data source." + } + } + }, + "aws-native:appintegrations:DataIntegrationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key to identify the tag." + }, + "value": { + "type": "string", + "description": "Corresponding tag value for the key." + } + } + }, + "aws-native:appintegrations:EventIntegrationEventFilter": { + "type": "object", + "properties": { + "source": { + "type": "string", + "description": "The source of the events." + } + } + }, + "aws-native:appintegrations:EventIntegrationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key to identify the tag." + }, + "value": { + "type": "string", + "description": "Corresponding tag value for the key." + } + } + }, + "aws-native:applicationautoscaling:ScalableTargetAction": { + "type": "object", + "properties": { + "maxCapacity": { + "type": "integer", + "description": "The maximum capacity." + }, + "minCapacity": { + "type": "integer", + "description": "The minimum capacity." + } + } + }, + "aws-native:applicationautoscaling:ScalableTargetScheduledAction": { + "type": "object", + "properties": { + "endTime": { + "type": "string", + "description": "The date and time that the action is scheduled to end, in UTC." + }, + "scalableTargetAction": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalableTargetAction", + "description": "The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity." + }, + "schedule": { + "type": "string", + "description": "The schedule for this action. The following formats are supported:\n + At expressions - \"``at(yyyy-mm-ddThh:mm:ss)``\"\n + Rate expressions - \"``rate(value unit)``\"\n + Cron expressions - \"``cron(fields)``\"\n \n At expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.\n At and cron expressions use Universal Coordinated Time (UTC) by default.\n The cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].\n For rate expressions, *value* is a positive integer and *unit* is ``minute`` | ``minutes`` | ``hour`` | ``hours`` | ``day`` | ``days``." + }, + "scheduledActionName": { + "type": "string", + "description": "The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target." + }, + "startTime": { + "type": "string", + "description": "The date and time that the action is scheduled to begin, in UTC." + }, + "timezone": { + "type": "string", + "description": "The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression." + } + } + }, + "aws-native:applicationautoscaling:ScalableTargetSuspendedState": { + "type": "object", + "properties": { + "dynamicScalingInSuspended": { + "type": "boolean", + "description": "Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to ``true`` if you don't want Application Auto Scaling to remove capacity when a scaling policy is triggered. The default is ``false``." + }, + "dynamicScalingOutSuspended": { + "type": "boolean", + "description": "Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to ``true`` if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered. The default is ``false``." + }, + "scheduledScalingSuspended": { + "type": "boolean", + "description": "Whether scheduled scaling is suspended. Set the value to ``true`` if you don't want Application Auto Scaling to add or remove capacity by initiating scheduled actions. The default is ``false``." + } + } + }, + "aws-native:applicationautoscaling:ScalingPolicyCustomizedMetricSpecification": { + "type": "object", + "properties": { + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyMetricDimension" + }, + "description": "The dimensions of the metric. \n Conditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy." + }, + "metricName": { + "type": "string", + "description": "The name of the metric. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that's returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html)." + }, + "metrics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyTargetTrackingMetricDataQuery" + }, + "description": "The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions." + }, + "namespace": { + "type": "string", + "description": "The namespace of the metric." + }, + "statistic": { + "type": "string", + "description": "The statistic of the metric." + }, + "unit": { + "type": "string", + "description": "The unit of the metric. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference*." + } + } + }, + "aws-native:applicationautoscaling:ScalingPolicyMetricDimension": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the dimension." + }, + "value": { + "type": "string", + "description": "The value of the dimension." + } + } + }, + "aws-native:applicationautoscaling:ScalingPolicyPredefinedMetricSpecification": { + "type": "object", + "properties": { + "predefinedMetricType": { + "type": "string", + "description": "The metric type. The ``ALBRequestCountPerTarget`` metric type applies only to Spot fleet requests and ECS services." + }, + "resourceLabel": { + "type": "string", + "description": "Identifies the resource associated with the metric type. You can't specify a resource label unless the metric type is ``ALBRequestCountPerTarget`` and there is a target group attached to the Spot Fleet or ECS service.\n You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is:\n ``app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff``.\n Where:\n + app/\u003cload-balancer-name\u003e/\u003cload-balancer-id\u003e is the final portion of the load balancer ARN\n + targetgroup/\u003ctarget-group-name\u003e/\u003ctarget-group-id\u003e is the final portion of the target group ARN.\n \n To find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation." + } + } + }, + "aws-native:applicationautoscaling:ScalingPolicyStepAdjustment": { + "type": "object", + "properties": { + "metricIntervalLowerBound": { + "type": "number", + "description": "The lower bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the lower bound is inclusive (the metric must be greater than or equal to the threshold plus the lower bound). Otherwise, it is exclusive (the metric must be greater than the threshold plus the lower bound). A null value indicates negative infinity.\n You must specify at least one upper or lower bound." + }, + "metricIntervalUpperBound": { + "type": "number", + "description": "The upper bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the upper bound is exclusive (the metric must be less than the threshold plus the upper bound). Otherwise, it is inclusive (the metric must be less than or equal to the threshold plus the upper bound). A null value indicates positive infinity.\n You must specify at least one upper or lower bound." + }, + "scalingAdjustment": { + "type": "integer", + "description": "The amount by which to scale. The adjustment is based on the value that you specified in the ``AdjustmentType`` property (either an absolute number or a percentage). A positive value adds to the current capacity and a negative number subtracts from the current capacity." + } + } + }, + "aws-native:applicationautoscaling:ScalingPolicyStepScalingPolicyConfiguration": { + "type": "object", + "properties": { + "adjustmentType": { + "type": "string", + "description": "Specifies whether the ``ScalingAdjustment`` value in the ``StepAdjustment`` property is an absolute number or a percentage of the current capacity." + }, + "cooldown": { + "type": "integer", + "description": "The amount of time, in seconds, to wait for a previous scaling activity to take effect. If not specified, the default value is 300. For more information, see [Cooldown period](https://docs.aws.amazon.com/autoscaling/application/userguide/step-scaling-policy-overview.html#step-scaling-cooldown) in the *Application Auto Scaling User Guide*." + }, + "metricAggregationType": { + "type": "string", + "description": "The aggregation type for the CloudWatch metrics. Valid values are ``Minimum``, ``Maximum``, and ``Average``. If the aggregation type is null, the value is treated as ``Average``." + }, + "minAdjustmentMagnitude": { + "type": "integer", + "description": "The minimum value to scale by when the adjustment type is ``PercentChangeInCapacity``. For example, suppose that you create a step scaling policy to scale out an Amazon ECS service by 25 percent and you specify a ``MinAdjustmentMagnitude`` of 2. If the service has 4 tasks and the scaling policy is performed, 25 percent of 4 is 1. However, because you specified a ``MinAdjustmentMagnitude`` of 2, Application Auto Scaling scales out the service by 2 tasks." + }, + "stepAdjustments": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyStepAdjustment" + }, + "description": "A set of adjustments that enable you to scale based on the size of the alarm breach.\n At least one step adjustment is required if you are adding a new step scaling policy configuration." + } + } + }, + "aws-native:applicationautoscaling:ScalingPolicyTargetTrackingMetric": { + "type": "object", + "properties": { + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyTargetTrackingMetricDimension" + }, + "description": "The dimensions for the metric. For the list of available dimensions, see the AWS documentation available from the table in [services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide*. \n Conditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy." + }, + "metricName": { + "type": "string", + "description": "The name of the metric." + }, + "namespace": { + "type": "string", + "description": "The namespace of the metric. For more information, see the table in [services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide*." + } + } + }, + "aws-native:applicationautoscaling:ScalingPolicyTargetTrackingMetricDataQuery": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the ``Id`` of the other metrics to refer to those metrics, and can also use the ``Id`` of other expressions to use the result of those expressions. \n Conditional: Within each ``TargetTrackingMetricDataQuery`` object, you must specify either ``Expression`` or ``MetricStat``, but not both." + }, + "id": { + "type": "string", + "description": "A short name that identifies the object's results in the response. This name must be unique among all ``MetricDataQuery`` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter." + }, + "label": { + "type": "string", + "description": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents." + }, + "metricStat": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyTargetTrackingMetricStat", + "description": "Information about the metric data to return.\n Conditional: Within each ``MetricDataQuery`` object, you must specify either ``Expression`` or ``MetricStat``, but not both." + }, + "returnData": { + "type": "boolean", + "description": "Indicates whether to return the timestamps and raw data values of this metric. \n If you use any math expressions, specify ``true`` for this value for only the final math expression that the metric specification is based on. You must specify ``false`` for ``ReturnData`` for all the other metrics and expressions used in the metric specification.\n If you are only retrieving metrics and not performing any math expressions, do not specify anything for ``ReturnData``. This sets it to its default (``true``)." + } + } + }, + "aws-native:applicationautoscaling:ScalingPolicyTargetTrackingMetricDimension": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the dimension." + }, + "value": { + "type": "string", + "description": "The value of the dimension." + } + } + }, + "aws-native:applicationautoscaling:ScalingPolicyTargetTrackingMetricStat": { + "type": "object", + "properties": { + "metric": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyTargetTrackingMetric", + "description": "The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html)." + }, + "stat": { + "type": "string", + "description": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide*.\n The most commonly used metric for scaling is ``Average``." + }, + "unit": { + "type": "string", + "description": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference*." + } + } + }, + "aws-native:applicationautoscaling:ScalingPolicyTargetTrackingScalingPolicyConfiguration": { + "type": "object", + "properties": { + "customizedMetricSpecification": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyCustomizedMetricSpecification", + "description": "A customized metric. You can specify either a predefined metric or a customized metric." + }, + "disableScaleIn": { + "type": "boolean", + "description": "Indicates whether scale in by the target tracking scaling policy is disabled. If the value is ``true``, scale in is disabled and the target tracking scaling policy won't remove capacity from the scalable target. Otherwise, scale in is enabled and the target tracking scaling policy can remove capacity from the scalable target. The default value is ``false``." + }, + "predefinedMetricSpecification": { + "$ref": "#/types/aws-native:applicationautoscaling:ScalingPolicyPredefinedMetricSpecification", + "description": "A predefined metric. You can specify either a predefined metric or a customized metric." + }, + "scaleInCooldown": { + "type": "integer", + "description": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start. For more information and for default values, see [Define cooldown periods](https://docs.aws.amazon.com/autoscaling/application/userguide/target-tracking-scaling-policy-overview.html#target-tracking-cooldown) in the *Application Auto Scaling User Guide*." + }, + "scaleOutCooldown": { + "type": "integer", + "description": "The amount of time, in seconds, to wait for a previous scale-out activity to take effect. For more information and for default values, see [Define cooldown periods](https://docs.aws.amazon.com/autoscaling/application/userguide/target-tracking-scaling-policy-overview.html#target-tracking-cooldown) in the *Application Auto Scaling User Guide*." + }, + "targetValue": { + "type": "number", + "description": "The target value for the metric. Although this property accepts numbers of type Double, it won't accept values that are either too small or too large. Values must be in the range of -2^360 to 2^360. The value must be a valid number based on the choice of metric. For example, if the metric is CPU utilization, then the target value is a percent value that represents how much of the CPU can be used before scaling out." + } + } + }, + "aws-native:applicationinsights:ApplicationAlarm": { + "type": "object", + "properties": { + "alarmName": { + "type": "string", + "description": "The name of the CloudWatch alarm to be monitored for the component." + }, + "severity": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationAlarmSeverity", + "description": "Indicates the degree of outage when the alarm goes off." + } + } + }, + "aws-native:applicationinsights:ApplicationAlarmMetric": { + "type": "object", + "properties": { + "alarmMetricName": { + "type": "string", + "description": "The name of the metric to be monitored for the component." + } + } + }, + "aws-native:applicationinsights:ApplicationAlarmSeverity": { + "type": "string" + }, + "aws-native:applicationinsights:ApplicationComponentConfiguration": { + "type": "object", + "properties": { + "configurationDetails": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationConfigurationDetails", + "description": "The configuration settings" + }, + "subComponentTypeConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationSubComponentTypeConfiguration" + }, + "description": "Sub component configurations of the component." + } + } + }, + "aws-native:applicationinsights:ApplicationComponentMonitoringSetting": { + "type": "object", + "properties": { + "componentArn": { + "type": "string", + "description": "The ARN of the compnonent." + }, + "componentConfigurationMode": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationComponentMonitoringSettingComponentConfigurationMode", + "description": "The component monitoring configuration mode." + }, + "componentName": { + "type": "string", + "description": "The name of the component." + }, + "customComponentConfiguration": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationComponentConfiguration", + "description": "The monitoring configuration of the component." + }, + "defaultOverwriteComponentConfiguration": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationComponentConfiguration", + "description": "The overwritten settings on default component monitoring configuration." + }, + "tier": { + "type": "string", + "description": "The tier of the application component." + } + }, + "irreversibleNames": { + "componentArn": "ComponentARN" + } + }, + "aws-native:applicationinsights:ApplicationComponentMonitoringSettingComponentConfigurationMode": { + "type": "string" + }, + "aws-native:applicationinsights:ApplicationConfigurationDetails": { + "type": "object", + "properties": { + "alarmMetrics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationAlarmMetric" + }, + "description": "A list of metrics to monitor for the component." + }, + "alarms": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationAlarm" + }, + "description": "A list of alarms to monitor for the component." + }, + "haClusterPrometheusExporter": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationHaClusterPrometheusExporter", + "description": "The HA cluster Prometheus Exporter settings." + }, + "hanaPrometheusExporter": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationHanaPrometheusExporter", + "description": "The HANA DB Prometheus Exporter settings." + }, + "jmxPrometheusExporter": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationJmxPrometheusExporter", + "description": "The JMX Prometheus Exporter settings." + }, + "logs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationLog" + }, + "description": "A list of logs to monitor for the component." + }, + "netWeaverPrometheusExporter": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationNetWeaverPrometheusExporter", + "description": "The NetWeaver Prometheus Exporter settings." + }, + "processes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationProcess" + }, + "description": "A list of processes to monitor for the component. Only Windows EC2 instances can have a processes section." + }, + "sqlServerPrometheusExporter": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationSqlServerPrometheusExporter", + "description": "The SQL Prometheus Exporter settings." + }, + "windowsEvents": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationWindowsEvent" + }, + "description": "A list of Windows Events to log." + } + }, + "irreversibleNames": { + "haClusterPrometheusExporter": "HAClusterPrometheusExporter", + "hanaPrometheusExporter": "HANAPrometheusExporter", + "jmxPrometheusExporter": "JMXPrometheusExporter", + "sqlServerPrometheusExporter": "SQLServerPrometheusExporter" + } + }, + "aws-native:applicationinsights:ApplicationCustomComponent": { + "type": "object", + "properties": { + "componentName": { + "type": "string", + "description": "The name of the component." + }, + "resourceList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of resource ARNs that belong to the component." + } + } + }, + "aws-native:applicationinsights:ApplicationEventLevel": { + "type": "string" + }, + "aws-native:applicationinsights:ApplicationGroupingType": { + "type": "string" + }, + "aws-native:applicationinsights:ApplicationHaClusterPrometheusExporter": { + "type": "object", + "properties": { + "prometheusPort": { + "type": "string", + "description": "Prometheus exporter port." + } + } + }, + "aws-native:applicationinsights:ApplicationHanaPrometheusExporter": { + "type": "object", + "properties": { + "agreeToInstallHanadbClient": { + "type": "boolean", + "description": "A flag which indicates agreeing to install SAP HANA DB client." + }, + "hanaPort": { + "type": "string", + "description": "The HANA DB port." + }, + "hanaSecretName": { + "type": "string", + "description": "The secret name which manages the HANA DB credentials e.g. {\n \"username\": \"\u003c\u003e\",\n \"password\": \"\u003c\u003e\"\n}." + }, + "hanasid": { + "type": "string", + "description": "HANA DB SID." + }, + "prometheusPort": { + "type": "string", + "description": "Prometheus exporter port." + } + }, + "irreversibleNames": { + "agreeToInstallHanadbClient": "AgreeToInstallHANADBClient", + "hanaPort": "HANAPort", + "hanaSecretName": "HANASecretName", + "hanasid": "HANASID" + } + }, + "aws-native:applicationinsights:ApplicationJmxPrometheusExporter": { + "type": "object", + "properties": { + "hostPort": { + "type": "string", + "description": "Java agent host port" + }, + "jmxurl": { + "type": "string", + "description": "JMX service URL." + }, + "prometheusPort": { + "type": "string", + "description": "Prometheus exporter port." + } + }, + "irreversibleNames": { + "jmxurl": "JMXURL" + } + }, + "aws-native:applicationinsights:ApplicationLog": { + "type": "object", + "properties": { + "encoding": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationLogEncoding", + "description": "The type of encoding of the logs to be monitored." + }, + "logGroupName": { + "type": "string", + "description": "The CloudWatch log group name to be associated to the monitored log." + }, + "logPath": { + "type": "string", + "description": "The path of the logs to be monitored." + }, + "logType": { + "type": "string", + "description": "The log type decides the log patterns against which Application Insights analyzes the log." + }, + "patternSet": { + "type": "string", + "description": "The name of the log pattern set." + } + } + }, + "aws-native:applicationinsights:ApplicationLogEncoding": { + "type": "string" + }, + "aws-native:applicationinsights:ApplicationLogPattern": { + "type": "object", + "properties": { + "pattern": { + "type": "string", + "description": "The log pattern." + }, + "patternName": { + "type": "string", + "description": "The name of the log pattern." + }, + "rank": { + "type": "integer", + "description": "Rank of the log pattern." + } + } + }, + "aws-native:applicationinsights:ApplicationLogPatternSet": { + "type": "object", + "properties": { + "logPatterns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationLogPattern" + }, + "description": "The log patterns of a set." + }, + "patternSetName": { + "type": "string", + "description": "The name of the log pattern set." + } + } + }, + "aws-native:applicationinsights:ApplicationNetWeaverPrometheusExporter": { + "type": "object", + "properties": { + "instanceNumbers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "SAP instance numbers for ASCS, ERS, and App Servers." + }, + "prometheusPort": { + "type": "string", + "description": "Prometheus exporter port." + }, + "sapsid": { + "type": "string", + "description": "SAP NetWeaver SID." + } + }, + "irreversibleNames": { + "sapsid": "SAPSID" + } + }, + "aws-native:applicationinsights:ApplicationProcess": { + "type": "object", + "properties": { + "alarmMetrics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationAlarmMetric" + }, + "description": "A list of metrics to monitor for the component." + }, + "processName": { + "type": "string", + "description": "The name of the process to be monitored for the component." + } + } + }, + "aws-native:applicationinsights:ApplicationSqlServerPrometheusExporter": { + "type": "object", + "properties": { + "prometheusPort": { + "type": "string", + "description": "Prometheus exporter port." + }, + "sqlSecretName": { + "type": "string", + "description": "Secret name which managers SQL exporter connection. e.g. {\"data_source_name\": \"sqlserver://\u003cUSERNAME\u003e:\u003cPASSWORD\u003e@localhost:1433\"}" + } + }, + "irreversibleNames": { + "sqlSecretName": "SQLSecretName" + } + }, + "aws-native:applicationinsights:ApplicationSubComponentConfigurationDetails": { + "type": "object", + "properties": { + "alarmMetrics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationAlarmMetric" + }, + "description": "A list of metrics to monitor for the component." + }, + "logs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationLog" + }, + "description": "A list of logs to monitor for the component." + }, + "processes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationProcess" + }, + "description": "A list of processes to monitor for the component. Only Windows EC2 instances can have a processes section." + }, + "windowsEvents": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationWindowsEvent" + }, + "description": "A list of Windows Events to log." + } + } + }, + "aws-native:applicationinsights:ApplicationSubComponentTypeConfiguration": { + "type": "object", + "properties": { + "subComponentConfigurationDetails": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationSubComponentConfigurationDetails", + "description": "The configuration settings of sub components." + }, + "subComponentType": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationSubComponentTypeConfigurationSubComponentType", + "description": "The sub component type." + } + } + }, + "aws-native:applicationinsights:ApplicationSubComponentTypeConfigurationSubComponentType": { + "type": "string" + }, + "aws-native:applicationinsights:ApplicationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:applicationinsights:ApplicationWindowsEvent": { + "type": "object", + "properties": { + "eventLevels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationinsights:ApplicationEventLevel" + }, + "description": "The levels of event to log. " + }, + "eventName": { + "type": "string", + "description": "The type of Windows Events to log." + }, + "logGroupName": { + "type": "string", + "description": "The CloudWatch log group name to be associated to the monitored log." + }, + "patternSet": { + "type": "string", + "description": "The name of the log pattern set." + } + } + }, + "aws-native:applicationsignals:ServiceLevelObjectiveCalendarInterval": { + "type": "object", + "properties": { + "duration": { + "type": "integer", + "description": "Specifies the duration of each calendar interval. For example, if `Duration` is `1` and `DurationUnit` is `MONTH` , each interval is one month, aligned with the calendar." + }, + "durationUnit": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveDurationUnit", + "description": "Specifies the calendar interval unit." + }, + "startTime": { + "type": "integer", + "description": "Epoch time in seconds you want the first interval to start. Be sure to choose a time that configures the intervals the way that you want. For example, if you want weekly intervals starting on Mondays at 6 a.m., be sure to specify a start time that is a Monday at 6 a.m.\nAs soon as one calendar interval ends, another automatically begins." + } + } + }, + "aws-native:applicationsignals:ServiceLevelObjectiveDimension": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:). ASCII control characters are not supported as part of dimension names." + }, + "value": { + "type": "string", + "description": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values" + } + } + }, + "aws-native:applicationsignals:ServiceLevelObjectiveDurationUnit": { + "type": "string" + }, + "aws-native:applicationsignals:ServiceLevelObjectiveGoal": { + "type": "object", + "properties": { + "attainmentGoal": { + "type": "number", + "description": "The threshold that determines if the goal is being met. An attainment goal is the ratio of good periods that meet the threshold requirements to the total periods within the interval. For example, an attainment goal of 99.9% means that within your interval, you are targeting 99.9% of the periods to be in healthy state.\nIf you omit this parameter, 99 is used to represent 99% as the attainment goal." + }, + "interval": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveInterval", + "description": "The time period used to evaluate the SLO. It can be either a calendar interval or rolling interval.\n\nIf you omit this parameter, a rolling interval of 7 days is used." + }, + "warningThreshold": { + "type": "number", + "description": "The percentage of remaining budget over total budget that you want to get warnings for. If you omit this parameter, the default of 50.0 is used." + } + } + }, + "aws-native:applicationsignals:ServiceLevelObjectiveInterval": { + "type": "object", + "properties": { + "calendarInterval": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveCalendarInterval", + "description": "If the interval is a calendar interval, this structure contains the interval specifications." + }, + "rollingInterval": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveRollingInterval", + "description": "If the interval is a rolling interval, this structure contains the interval specifications." + } + } + }, + "aws-native:applicationsignals:ServiceLevelObjectiveMetric": { + "type": "object", + "properties": { + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveDimension" + }, + "description": "An array of one or more dimensions to use to define the metric that you want to use." + }, + "metricName": { + "type": "string", + "description": "The name of the metric to use." + }, + "namespace": { + "type": "string", + "description": "The namespace of the metric." + } + } + }, + "aws-native:applicationsignals:ServiceLevelObjectiveMetricDataQuery": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "The ID of the account where the metrics are located, if this is a cross-account alarm." + }, + "expression": { + "type": "string", + "description": "The math expression to be performed on the returned data." + }, + "id": { + "type": "string", + "description": "A short name used to tie this object to the results in the response." + }, + "metricStat": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveMetricStat", + "description": "A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO. Within one MetricDataQuery, you must specify either Expression or MetricStat but not both." + }, + "returnData": { + "type": "boolean", + "description": "This option indicates whether to return the timestamps and raw data values of this metric." + } + } + }, + "aws-native:applicationsignals:ServiceLevelObjectiveMetricStat": { + "type": "object", + "properties": { + "metric": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveMetric" + }, + "period": { + "type": "integer", + "description": "The granularity, in seconds, to be used for the metric." + }, + "stat": { + "type": "string", + "description": "The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic." + }, + "unit": { + "type": "string", + "description": "If you omit Unit then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions." + } + } + }, + "aws-native:applicationsignals:ServiceLevelObjectiveRollingInterval": { + "type": "object", + "properties": { + "duration": { + "type": "integer", + "description": "Specifies the duration of each rolling interval. For example, if `Duration` is `7` and `DurationUnit` is `DAY` , each rolling interval is seven days." + }, + "durationUnit": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveDurationUnit", + "description": "Specifies the rolling interval unit." + } + } + }, + "aws-native:applicationsignals:ServiceLevelObjectiveSli": { + "type": "object", + "properties": { + "comparisonOperator": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveSliComparisonOperator", + "description": "The arithmetic operation used when comparing the specified metric to the threshold." + }, + "metricThreshold": { + "type": "number", + "description": "The value that the SLI metric is compared to." + }, + "sliMetric": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveSliMetric", + "description": "Use this structure to specify the metric to be used for the SLO." + } + } + }, + "aws-native:applicationsignals:ServiceLevelObjectiveSliComparisonOperator": { + "type": "string" + }, + "aws-native:applicationsignals:ServiceLevelObjectiveSliMetric": { + "type": "object", + "properties": { + "keyAttributes": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "If this SLO is related to a metric collected by Application Signals, you must use this field to specify which service the SLO metric is related to. To do so, you must specify at least the `Type` , `Name` , and `Environment` attributes.\n\nThis is a string-to-string map. It can include the following fields.\n\n- `Type` designates the type of object this is.\n- `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` .\n- `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` .\n- `Environment` specifies the location where this object is hosted, or what it belongs to." + }, + "metricDataQueries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveMetricDataQuery" + }, + "description": "If this SLO monitors a CloudWatch metric or the result of a CloudWatch metric math expression, use this structure to specify that metric or expression." + }, + "metricType": { + "$ref": "#/types/aws-native:applicationsignals:ServiceLevelObjectiveSliMetricMetricType", + "description": "If the SLO monitors either the LATENCY or AVAILABILITY metric that Application Signals collects, this field displays which of those metrics is used." + }, + "operationName": { + "type": "string", + "description": "If the SLO monitors a specific operation of the service, this field displays that operation name." + }, + "periodSeconds": { + "type": "integer", + "description": "The number of seconds to use as the period for SLO evaluation. Your application's performance is compared to the SLI during each period. For each period, the application is determined to have either achieved or not achieved the necessary performance." + }, + "statistic": { + "type": "string", + "description": "The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic" + } + } + }, + "aws-native:applicationsignals:ServiceLevelObjectiveSliMetricMetricType": { + "type": "string" + }, + "aws-native:applicationsignals:ServiceLevelObjectiveTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string that you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources." + }, + "value": { + "type": "string", + "description": "The value for the specified tag key." + } + } + }, + "aws-native:apprunner:AutoScalingConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag assigned to the `AutoScalingConfiguration` resource of the App Runner service." + }, + "value": { + "type": "string", + "description": "The value of the tag assigned to the `AutoScalingConfiguration` resource of the App Runner service." + } + } + }, + "aws-native:apprunner:ObservabilityConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:apprunner:ObservabilityConfigurationTraceConfiguration": { + "type": "object", + "properties": { + "vendor": { + "$ref": "#/types/aws-native:apprunner:ObservabilityConfigurationTraceConfigurationVendor", + "description": "The implementation provider chosen for tracing App Runner services." + } + } + }, + "aws-native:apprunner:ObservabilityConfigurationTraceConfigurationVendor": { + "type": "string" + }, + "aws-native:apprunner:ServiceAuthenticationConfiguration": { + "type": "object", + "properties": { + "accessRoleArn": { + "type": "string", + "description": "Access Role Arn" + }, + "connectionArn": { + "type": "string", + "description": "Connection Arn" + } + } + }, + "aws-native:apprunner:ServiceCodeConfiguration": { + "type": "object", + "properties": { + "codeConfigurationValues": { + "$ref": "#/types/aws-native:apprunner:ServiceCodeConfigurationValues", + "description": "The basic configuration for building and running the App Runner service. Use it to quickly launch an App Runner service without providing a `apprunner.yaml` file in the source code repository (or ignoring the file if it exists)." + }, + "configurationSource": { + "$ref": "#/types/aws-native:apprunner:ServiceCodeConfigurationConfigurationSource", + "description": "Configuration Source" + } + } + }, + "aws-native:apprunner:ServiceCodeConfigurationConfigurationSource": { + "type": "string" + }, + "aws-native:apprunner:ServiceCodeConfigurationValues": { + "type": "object", + "properties": { + "buildCommand": { + "type": "string", + "description": "Build Command" + }, + "port": { + "type": "string", + "description": "Port" + }, + "runtime": { + "$ref": "#/types/aws-native:apprunner:ServiceCodeConfigurationValuesRuntime", + "description": "Runtime" + }, + "runtimeEnvironmentSecrets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apprunner:ServiceKeyValuePair" + }, + "description": "The secrets and parameters that get referenced by your service as environment variables" + }, + "runtimeEnvironmentVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apprunner:ServiceKeyValuePair" + }, + "description": "The environment variables that are available to your running AWS App Runner service. An array of key-value pairs." + }, + "startCommand": { + "type": "string", + "description": "Start Command" + } + } + }, + "aws-native:apprunner:ServiceCodeConfigurationValuesRuntime": { + "type": "string" + }, + "aws-native:apprunner:ServiceCodeRepository": { + "type": "object", + "properties": { + "codeConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceCodeConfiguration", + "description": "Configuration for building and running the service from a source code repository.\n\n\u003e `CodeConfiguration` is required only for `CreateService` request." + }, + "repositoryUrl": { + "type": "string", + "description": "Repository Url" + }, + "sourceCodeVersion": { + "$ref": "#/types/aws-native:apprunner:ServiceSourceCodeVersion", + "description": "The version that should be used within the source code repository." + }, + "sourceDirectory": { + "type": "string", + "description": "Source Directory" + } + } + }, + "aws-native:apprunner:ServiceEgressConfiguration": { + "type": "object", + "properties": { + "egressType": { + "$ref": "#/types/aws-native:apprunner:ServiceEgressConfigurationEgressType", + "description": "Network egress type." + }, + "vpcConnectorArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the App Runner VpcConnector." + } + } + }, + "aws-native:apprunner:ServiceEgressConfigurationEgressType": { + "type": "string" + }, + "aws-native:apprunner:ServiceEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsKey": { + "type": "string", + "description": "The KMS Key" + } + } + }, + "aws-native:apprunner:ServiceHealthCheckConfiguration": { + "type": "object", + "properties": { + "healthyThreshold": { + "type": "integer", + "description": "Health check Healthy Threshold" + }, + "interval": { + "type": "integer", + "description": "Health check Interval" + }, + "path": { + "type": "string", + "description": "Health check Path" + }, + "protocol": { + "$ref": "#/types/aws-native:apprunner:ServiceHealthCheckConfigurationProtocol", + "description": "Health Check Protocol" + }, + "timeout": { + "type": "integer", + "description": "Health check Timeout" + }, + "unhealthyThreshold": { + "type": "integer", + "description": "Health check Unhealthy Threshold" + } + } + }, + "aws-native:apprunner:ServiceHealthCheckConfigurationProtocol": { + "type": "string" + }, + "aws-native:apprunner:ServiceImageConfiguration": { + "type": "object", + "properties": { + "port": { + "type": "string", + "description": "Port" + }, + "runtimeEnvironmentSecrets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apprunner:ServiceKeyValuePair" + }, + "description": "The secrets and parameters that get referenced by your service as environment variables" + }, + "runtimeEnvironmentVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:apprunner:ServiceKeyValuePair" + }, + "description": "Environment variables that are available to your running App Runner service. An array of key-value pairs." + }, + "startCommand": { + "type": "string", + "description": "Start Command" + } + } + }, + "aws-native:apprunner:ServiceImageRepository": { + "type": "object", + "properties": { + "imageConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceImageConfiguration", + "description": "Configuration for running the identified image." + }, + "imageIdentifier": { + "type": "string", + "description": "Image Identifier" + }, + "imageRepositoryType": { + "$ref": "#/types/aws-native:apprunner:ServiceImageRepositoryImageRepositoryType", + "description": "Image Repository Type" + } + } + }, + "aws-native:apprunner:ServiceImageRepositoryImageRepositoryType": { + "type": "string" + }, + "aws-native:apprunner:ServiceIngressConfiguration": { + "type": "object", + "properties": { + "isPubliclyAccessible": { + "type": "boolean", + "description": "It's set to true if the Apprunner service is publicly accessible. It's set to false otherwise." + } + } + }, + "aws-native:apprunner:ServiceInstanceConfiguration": { + "type": "object", + "properties": { + "cpu": { + "type": "string", + "description": "CPU" + }, + "instanceRoleArn": { + "type": "string", + "description": "Instance Role Arn" + }, + "memory": { + "type": "string", + "description": "Memory" + } + } + }, + "aws-native:apprunner:ServiceKeyValuePair": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The key name string to map to a value." + }, + "value": { + "type": "string", + "description": "The value string to which the key name is mapped." + } + } + }, + "aws-native:apprunner:ServiceNetworkConfiguration": { + "type": "object", + "properties": { + "egressConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceEgressConfiguration", + "description": "Network configuration settings for outbound message traffic." + }, + "ingressConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceIngressConfiguration", + "description": "Network configuration settings for inbound message traffic." + }, + "ipAddressType": { + "$ref": "#/types/aws-native:apprunner:ServiceNetworkConfigurationIpAddressType", + "description": "App Runner service endpoint IP address type" + } + } + }, + "aws-native:apprunner:ServiceNetworkConfigurationIpAddressType": { + "type": "string" + }, + "aws-native:apprunner:ServiceObservabilityConfiguration": { + "type": "object", + "properties": { + "observabilityConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the App Runner ObservabilityConfiguration." + }, + "observabilityEnabled": { + "type": "boolean", + "description": "Observability enabled" + } + } + }, + "aws-native:apprunner:ServiceSourceCodeVersion": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:apprunner:ServiceSourceCodeVersionType", + "description": "Source Code Version Type" + }, + "value": { + "type": "string", + "description": "Source Code Version Value" + } + } + }, + "aws-native:apprunner:ServiceSourceCodeVersionType": { + "type": "string" + }, + "aws-native:apprunner:ServiceSourceConfiguration": { + "type": "object", + "properties": { + "authenticationConfiguration": { + "$ref": "#/types/aws-native:apprunner:ServiceAuthenticationConfiguration", + "description": "Describes the resources that are needed to authenticate access to some source repositories." + }, + "autoDeploymentsEnabled": { + "type": "boolean", + "description": "Auto Deployment enabled" + }, + "codeRepository": { + "$ref": "#/types/aws-native:apprunner:ServiceCodeRepository", + "description": "The description of a source code repository.\n\nYou must provide either this member or `ImageRepository` (but not both)." + }, + "imageRepository": { + "$ref": "#/types/aws-native:apprunner:ServiceImageRepository", + "description": "The description of a source image repository.\n\nYou must provide either this member or `CodeRepository` (but not both)." + } + } + }, + "aws-native:apprunner:ServiceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag assigned to an App Runner service." + }, + "value": { + "type": "string", + "description": "The value of the tag assigned to an App Runner service." + } + } + }, + "aws-native:apprunner:VpcConnectorTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag assigned to the `VpcConnector` resource of the App Runner service." + }, + "value": { + "type": "string", + "description": "The value of the tag assigned to the `VpcConnector` resource of the App Runner service." + } + } + }, + "aws-native:apprunner:VpcIngressConnectionIngressVpcConfiguration": { + "type": "object", + "properties": { + "vpcEndpointId": { + "type": "string", + "description": "The ID of the VPC endpoint that your App Runner service connects to." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC that the VPC endpoint is used in." + } + } + }, + "aws-native:apprunner:VpcIngressConnectionStatus": { + "type": "string" + }, + "aws-native:apprunner:VpcIngressConnectionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag assigned to `VpcIngressConnection` resource of the App Runner service." + } + } + }, + "aws-native:appstream:AppBlockBuilderAccessEndpoint": { + "type": "object", + "properties": { + "endpointType": { + "type": "string", + "description": "The type of interface endpoint." + }, + "vpceId": { + "type": "string", + "description": "The identifier (ID) of the VPC in which the interface endpoint is used." + } + } + }, + "aws-native:appstream:AppBlockBuilderTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:appstream:AppBlockBuilderVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The identifiers of the security groups for the fleet or image builder." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The identifiers of the subnets to which a network interface is attached from the fleet instance or image builder instance. Fleet instances use one or more subnets. Image builder instances use one subnet." + } + } + }, + "aws-native:appstream:AppBlockS3Location": { + "type": "object", + "properties": { + "s3Bucket": { + "type": "string", + "description": "The S3 bucket of the app block." + }, + "s3Key": { + "type": "string", + "description": "The S3 key of the S3 object of the virtual hard disk.\n\nThis is required when it's used by `SetupScriptDetails` and `PostSetupScriptDetails` ." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3Key": "S3Key" + } + }, + "aws-native:appstream:AppBlockScriptDetails": { + "type": "object", + "properties": { + "executableParameters": { + "type": "string", + "description": "The parameters used in the run path for the script." + }, + "executablePath": { + "type": "string", + "description": "The run path for the script." + }, + "scriptS3Location": { + "$ref": "#/types/aws-native:appstream:AppBlockS3Location", + "description": "The S3 object location of the script." + }, + "timeoutInSeconds": { + "type": "integer", + "description": "The run timeout, in seconds, for the script." + } + }, + "irreversibleNames": { + "scriptS3Location": "ScriptS3Location" + } + }, + "aws-native:appstream:AppBlockTag0Properties": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:appstream:AppBlockTag1Properties": { + "type": "object", + "properties": { + "tagKey": { + "type": "string" + }, + "tagValue": { + "type": "string" + } + } + }, + "aws-native:appstream:ApplicationS3Location": { + "type": "object", + "properties": { + "s3Bucket": { + "type": "string", + "description": "The S3 bucket of the S3 object." + }, + "s3Key": { + "type": "string", + "description": "The S3 key of the S3 object." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3Key": "S3Key" + } + }, + "aws-native:appstream:ApplicationTag0Properties": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:appstream:ApplicationTag1Properties": { + "type": "object", + "properties": { + "tagKey": { + "type": "string" + }, + "tagValue": { + "type": "string" + } + } + }, + "aws-native:appstream:DirectoryConfigCertificateBasedAuthProperties": { + "type": "object", + "properties": { + "certificateAuthorityArn": { + "type": "string", + "description": "The ARN of the AWS Certificate Manager Private CA resource." + }, + "status": { + "type": "string", + "description": "The status of the certificate-based authentication properties. Fallback is turned on by default when certificate-based authentication is *Enabled* . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. *Enabled_no_directory_login_fallback* enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates." + } + } + }, + "aws-native:appstream:DirectoryConfigServiceAccountCredentials": { + "type": "object", + "properties": { + "accountName": { + "type": "string", + "description": "The user name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified." + }, + "accountPassword": { + "type": "string", + "description": "The password for the account." + } + } + }, + "aws-native:appstream:EntitlementAttribute": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "A supported AWS IAM SAML PrincipalTag attribute that is matched to a value when a user identity federates to an AppStream 2.0 SAML application.\n\nThe following are supported values:\n\n- roles\n- department\n- organization\n- groups\n- title\n- costCenter\n- userType" + }, + "value": { + "type": "string", + "description": "A value that is matched to a supported SAML attribute name when a user identity federates to an AppStream 2.0 SAML application." + } + } + }, + "aws-native:appstream:ImageBuilderAccessEndpoint": { + "type": "object", + "properties": { + "endpointType": { + "type": "string", + "description": "The type of interface endpoint." + }, + "vpceId": { + "type": "string", + "description": "The identifier (ID) of the VPC in which the interface endpoint is used." + } + } + }, + "aws-native:appstream:ImageBuilderDomainJoinInfo": { + "type": "object", + "properties": { + "directoryName": { + "type": "string", + "description": "The fully qualified name of the directory (for example, corp.example.com)." + }, + "organizationalUnitDistinguishedName": { + "type": "string", + "description": "The distinguished name of the organizational unit for computer accounts." + } + } + }, + "aws-native:appstream:ImageBuilderTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:appstream:ImageBuilderVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The identifiers of the security groups for the image builder." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The identifier of the subnet to which a network interface is attached from the image builder instance. An image builder instance can use one subnet." + } + } + }, + "aws-native:appsync:FunctionConfigurationAppSyncRuntime": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the runtime to use. Currently, the only allowed value is APPSYNC_JS." + }, + "runtimeVersion": { + "type": "string", + "description": "The version of the runtime to use. Currently, the only allowed version is 1.0.0." + } + } + }, + "aws-native:appsync:FunctionConfigurationLambdaConflictHandlerConfig": { + "type": "object", + "properties": { + "lambdaConflictHandlerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler." + } + } + }, + "aws-native:appsync:FunctionConfigurationSyncConfig": { + "type": "object", + "properties": { + "conflictDetection": { + "type": "string", + "description": "The Conflict Detection strategy to use." + }, + "conflictHandler": { + "type": "string", + "description": "The Conflict Resolution strategy to perform in the event of a conflict." + }, + "lambdaConflictHandlerConfig": { + "$ref": "#/types/aws-native:appsync:FunctionConfigurationLambdaConflictHandlerConfig", + "description": "The `LambdaConflictHandlerConfig` when configuring `LAMBDA` as the Conflict Handler." + } + } + }, + "aws-native:appsync:ResolverAppSyncRuntime": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The ``name`` of the runtime to use. Currently, the only allowed value is ``APPSYNC_JS``." + }, + "runtimeVersion": { + "type": "string", + "description": "The ``version`` of the runtime to use. Currently, the only allowed version is ``1.0.0``." + } + } + }, + "aws-native:appsync:ResolverCachingConfig": { + "type": "object", + "properties": { + "cachingKeys": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The caching keys for a resolver that has caching activated.\n Valid values are entries from the ``$context.arguments``, ``$context.source``, and ``$context.identity`` maps." + }, + "ttl": { + "type": "number", + "description": "The TTL in seconds for a resolver that has caching activated.\n Valid values are 1–3,600 seconds." + } + } + }, + "aws-native:appsync:ResolverLambdaConflictHandlerConfig": { + "type": "object", + "properties": { + "lambdaConflictHandlerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler." + } + } + }, + "aws-native:appsync:ResolverMetricsConfig": { + "type": "string" + }, + "aws-native:appsync:ResolverPipelineConfig": { + "type": "object", + "properties": { + "functions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of ``Function`` objects." + } + } + }, + "aws-native:appsync:ResolverSyncConfig": { + "type": "object", + "properties": { + "conflictDetection": { + "type": "string", + "description": "The Conflict Detection strategy to use.\n + *VERSION*: Detect conflicts based on object versions for this resolver.\n + *NONE*: Do not detect conflicts when invoking this resolver." + }, + "conflictHandler": { + "type": "string", + "description": "The Conflict Resolution strategy to perform in the event of a conflict.\n + *OPTIMISTIC_CONCURRENCY*: Resolve conflicts by rejecting mutations when versions don't match the latest version at the server.\n + *AUTOMERGE*: Resolve conflicts with the Automerge conflict resolution strategy.\n + *LAMBDA*: Resolve conflicts with an LAMlong function supplied in the ``LambdaConflictHandlerConfig``." + }, + "lambdaConflictHandlerConfig": { + "$ref": "#/types/aws-native:appsync:ResolverLambdaConflictHandlerConfig", + "description": "The ``LambdaConflictHandlerConfig`` when configuring ``LAMBDA`` as the Conflict Handler." + } + } + }, + "aws-native:appsync:SourceApiAssociationConfig": { + "type": "object", + "properties": { + "mergeType": { + "$ref": "#/types/aws-native:appsync:SourceApiAssociationConfigMergeType", + "description": "Configuration of the merged behavior for the association. For example when it could be auto or has to be manual." + } + } + }, + "aws-native:appsync:SourceApiAssociationConfigMergeType": { + "type": "string" + }, + "aws-native:appsync:SourceApiAssociationStatus": { + "type": "string" + }, + "aws-native:aps:RuleGroupsNamespaceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:aps:ScraperDestination": { + "type": "object", + "properties": { + "ampConfiguration": { + "$ref": "#/types/aws-native:aps:ScraperDestinationAmpConfigurationProperties", + "description": "Configuration for Amazon Managed Prometheus metrics destination" + } + } + }, + "aws-native:aps:ScraperDestinationAmpConfigurationProperties": { + "type": "object", + "properties": { + "workspaceArn": { + "type": "string", + "description": "ARN of an Amazon Managed Prometheus workspace" + } + } + }, + "aws-native:aps:ScraperScrapeConfiguration": { + "type": "object", + "properties": { + "configurationBlob": { + "type": "string", + "description": "Prometheus compatible scrape configuration in base64 encoded blob format" + } + } + }, + "aws-native:aps:ScraperSource": { + "type": "object", + "properties": { + "eksConfiguration": { + "$ref": "#/types/aws-native:aps:ScraperSourceEksConfigurationProperties", + "description": "Configuration for EKS metrics source" + } + } + }, + "aws-native:aps:ScraperSourceEksConfigurationProperties": { + "type": "object", + "properties": { + "clusterArn": { + "type": "string", + "description": "ARN of an EKS cluster" + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of security group IDs" + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of subnet IDs" + } + } + }, + "aws-native:aps:ScraperTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:aps:WorkspaceLoggingConfiguration": { + "type": "object", + "properties": { + "logGroupArn": { + "type": "string", + "description": "CloudWatch log group ARN" + } + } + }, + "aws-native:aps:WorkspaceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:arczonalshift:AutoshiftObserverNotificationStatusEnum": { + "type": "string" + }, + "aws-native:arczonalshift:ZonalAutoshiftConfigurationControlCondition": { + "type": "object", + "properties": { + "alarmIdentifier": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for an Amazon CloudWatch alarm that you specify as a control condition for a practice run." + }, + "type": { + "type": "string", + "description": "The type of alarm specified for a practice run. You can only specify Amazon CloudWatch alarms for practice runs, so the only valid value is `CLOUDWATCH` ." + } + } + }, + "aws-native:arczonalshift:ZonalAutoshiftConfigurationPracticeRunConfiguration": { + "type": "object", + "properties": { + "blockedDates": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of one or more dates that you can specify when AWS does not start practice runs for a resource. Dates are in UTC.\n\nSpecify blocked dates in the format `YYYY-MM-DD` , separated by spaces." + }, + "blockedWindows": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of one or more days and times that you can specify when Route 53 ARC does not start practice runs for a resource. Days and times are in UTC.\n\nSpecify blocked windows in the format `DAY:HH:MM-DAY:HH:MM` , separated by spaces. For example, `MON:18:30-MON:19:30 TUE:18:30-TUE:19:30` ." + }, + "blockingAlarms": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:arczonalshift:ZonalAutoshiftConfigurationControlCondition" + }, + "description": "An optional alarm that you can specify that blocks practice runs when the alarm is in an `ALARM` state. When a blocking alarm goes into an `ALARM` state, it prevents practice runs from being started, and ends practice runs that are in progress." + }, + "outcomeAlarms": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:arczonalshift:ZonalAutoshiftConfigurationControlCondition" + }, + "description": "The alarm that you specify to monitor the health of your application during practice runs. When the outcome alarm goes into an `ALARM` state, the practice run is ended and the outcome is set to `FAILED` ." + } + } + }, + "aws-native:arczonalshift:ZonalAutoshiftConfigurationZonalAutoshiftStatus": { + "type": "string" + }, + "aws-native:athena:CapacityReservationCapacityAssignment": { + "type": "object", + "properties": { + "workgroupNames": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:athena:CapacityReservationCapacityAssignmentConfiguration": { + "type": "object", + "properties": { + "capacityAssignments": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:athena:CapacityReservationCapacityAssignment" + }, + "description": "The list of assignments that make up the capacity assignment configuration." + } + } + }, + "aws-native:athena:CapacityReservationStatus": { + "type": "string" + }, + "aws-native:athena:CapacityReservationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A tag key. The tag key length is from 1 to 128 Unicode characters in UTF-8. You can use letters and numbers representable in UTF-8, and the following characters: + - = . _ : / @. Tag keys are case-sensitive and must be unique per resource." + }, + "value": { + "type": "string", + "description": "A tag value. The tag value length is from 0 to 256 Unicode characters in UTF-8. You can use letters and numbers representable in UTF-8, and the following characters: + - = . _ : / @. Tag values are case-sensitive." + } + } + }, + "aws-native:athena:DataCatalogTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:athena:DataCatalogType": { + "type": "string" + }, + "aws-native:athena:WorkGroupAclConfiguration": { + "type": "object", + "properties": { + "s3AclOption": { + "$ref": "#/types/aws-native:athena:WorkGroupS3AclOption", + "description": "The Amazon S3 canned ACL that Athena should specify when storing query results. Currently the only supported canned ACL is `BUCKET_OWNER_FULL_CONTROL` . If a query runs in a workgroup and the workgroup overrides client-side settings, then the Amazon S3 canned ACL specified in the workgroup's settings is used for all queries that run in the workgroup. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* ." + } + }, + "irreversibleNames": { + "s3AclOption": "S3AclOption" + } + }, + "aws-native:athena:WorkGroupConfiguration": { + "type": "object", + "properties": { + "additionalConfiguration": { + "type": "string", + "description": "Specifies a user defined JSON string that is passed to the session engine." + }, + "bytesScannedCutoffPerQuery": { + "type": "integer", + "description": "The upper limit (cutoff) for the amount of bytes a single query in a workgroup is allowed to scan. No default is defined.\n\n\u003e This property currently supports integer types. Support for long values is planned." + }, + "customerContentEncryptionConfiguration": { + "$ref": "#/types/aws-native:athena:WorkGroupCustomerContentEncryptionConfiguration", + "description": "Specifies the KMS key that is used to encrypt the user's data stores in Athena. This setting does not apply to Athena SQL workgroups." + }, + "enforceWorkGroupConfiguration": { + "type": "boolean", + "description": "If set to \"true\", the settings for the workgroup override client-side settings. If set to \"false\", client-side settings are used. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) ." + }, + "engineVersion": { + "$ref": "#/types/aws-native:athena:WorkGroupEngineVersion", + "description": "The engine version that all queries running on the workgroup use." + }, + "executionRole": { + "type": "string", + "description": "Role used to access user resources in an Athena for Apache Spark session. This property applies only to Spark-enabled workgroups in Athena." + }, + "publishCloudWatchMetricsEnabled": { + "type": "boolean", + "description": "Indicates that the Amazon CloudWatch metrics are enabled for the workgroup." + }, + "requesterPaysEnabled": { + "type": "boolean", + "description": "If set to `true` , allows members assigned to a workgroup to reference Amazon S3 Requester Pays buckets in queries. If set to `false` , workgroup members cannot query data from Requester Pays buckets, and queries that retrieve data from Requester Pays buckets cause an error. The default is `false` . For more information about Requester Pays buckets, see [Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service Developer Guide* ." + }, + "resultConfiguration": { + "$ref": "#/types/aws-native:athena:WorkGroupResultConfiguration", + "description": "Specifies the location in Amazon S3 where query results are stored and the encryption option, if any, used for query results. For more information, see [Working with Query Results, Output Files, and Query History](https://docs.aws.amazon.com/athena/latest/ug/querying.html) ." + } + } + }, + "aws-native:athena:WorkGroupConfigurationUpdates": { + "type": "object", + "properties": { + "additionalConfiguration": { + "type": "string" + }, + "bytesScannedCutoffPerQuery": { + "type": "integer" + }, + "customerContentEncryptionConfiguration": { + "$ref": "#/types/aws-native:athena:WorkGroupCustomerContentEncryptionConfiguration" + }, + "enforceWorkGroupConfiguration": { + "type": "boolean" + }, + "engineVersion": { + "$ref": "#/types/aws-native:athena:WorkGroupEngineVersion" + }, + "executionRole": { + "type": "string" + }, + "publishCloudWatchMetricsEnabled": { + "type": "boolean" + }, + "removeBytesScannedCutoffPerQuery": { + "type": "boolean" + }, + "removeCustomerContentEncryptionConfiguration": { + "type": "boolean" + }, + "requesterPaysEnabled": { + "type": "boolean" + }, + "resultConfigurationUpdates": { + "$ref": "#/types/aws-native:athena:WorkGroupResultConfigurationUpdates" + } + } + }, + "aws-native:athena:WorkGroupCustomerContentEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsKey": { + "type": "string", + "description": "The customer managed KMS key that is used to encrypt the user's data stores in Athena." + } + } + }, + "aws-native:athena:WorkGroupEncryptionConfiguration": { + "type": "object", + "properties": { + "encryptionOption": { + "$ref": "#/types/aws-native:athena:WorkGroupEncryptionOption", + "description": "Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys ( `SSE_S3` ), server-side encryption with KMS-managed keys ( `SSE_KMS` ), or client-side encryption with KMS-managed keys ( `CSE_KMS` ) is used.\n\nIf a query runs in a workgroup and the workgroup overrides client-side settings, then the workgroup's setting for encryption is used. It specifies whether query results must be encrypted, for all queries that run in this workgroup." + }, + "kmsKey": { + "type": "string", + "description": "For `SSE_KMS` and `CSE_KMS` , this is the KMS key ARN or ID." + } + } + }, + "aws-native:athena:WorkGroupEncryptionOption": { + "type": "string" + }, + "aws-native:athena:WorkGroupEngineVersion": { + "type": "object", + "properties": { + "effectiveEngineVersion": { + "type": "string", + "description": "Read only. The engine version on which the query runs. If the user requests a valid engine version other than Auto, the effective engine version is the same as the engine version that the user requested. If the user requests Auto, the effective engine version is chosen by Athena. When a request to update the engine version is made by a `CreateWorkGroup` or `UpdateWorkGroup` operation, the `EffectiveEngineVersion` field is ignored." + }, + "selectedEngineVersion": { + "type": "string", + "description": "The engine version requested by the user. Possible values are determined by the output of `ListEngineVersions` , including AUTO. The default is AUTO." + } + } + }, + "aws-native:athena:WorkGroupResultConfiguration": { + "type": "object", + "properties": { + "aclConfiguration": { + "$ref": "#/types/aws-native:athena:WorkGroupAclConfiguration", + "description": "Indicates that an Amazon S3 canned ACL should be set to control ownership of stored query results. Currently the only supported canned ACL is `BUCKET_OWNER_FULL_CONTROL` . This is a client-side setting. If workgroup settings override client-side settings, then the query uses the ACL configuration that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `EnforceWorkGroupConfiguration` ." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:athena:WorkGroupEncryptionConfiguration", + "description": "If query results are encrypted in Amazon S3, indicates the encryption option used (for example, `SSE_KMS` or `CSE_KMS` ) and key information. This is a client-side setting. If workgroup settings override client-side settings, then the query uses the encryption configuration that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `EnforceWorkGroupConfiguration` and [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) ." + }, + "expectedBucketOwner": { + "type": "string", + "description": "The account ID that you expect to be the owner of the Amazon S3 bucket specified by `ResultConfiguration:OutputLocation` . If set, Athena uses the value for `ExpectedBucketOwner` when it makes Amazon S3 calls to your specified output location. If the `ExpectedBucketOwner` account ID does not match the actual owner of the Amazon S3 bucket, the call fails with a permissions error.\n\nThis is a client-side setting. If workgroup settings override client-side settings, then the query uses the `ExpectedBucketOwner` setting that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `EnforceWorkGroupConfiguration` ." + }, + "outputLocation": { + "type": "string", + "description": "The location in Amazon S3 where your query results are stored, such as `s3://path/to/query/bucket/` . To run a query, you must specify the query results location using either a client-side setting for individual queries or a location specified by the workgroup. If workgroup settings override client-side settings, then the query uses the location specified for the workgroup. If no query location is set, Athena issues an error. For more information, see [Working with Query Results, Output Files, and Query History](https://docs.aws.amazon.com/athena/latest/ug/querying.html) and `EnforceWorkGroupConfiguration` ." + } + } + }, + "aws-native:athena:WorkGroupResultConfigurationUpdates": { + "type": "object", + "properties": { + "aclConfiguration": { + "$ref": "#/types/aws-native:athena:WorkGroupAclConfiguration", + "description": "The ACL configuration for the query results." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:athena:WorkGroupEncryptionConfiguration", + "description": "The encryption configuration for the query results." + }, + "expectedBucketOwner": { + "type": "string", + "description": "The AWS account ID that you expect to be the owner of the Amazon S3 bucket specified by `ResultConfiguration$OutputLocation` . If set, Athena uses the value for `ExpectedBucketOwner` when it makes Amazon S3 calls to your specified output location. If the `ExpectedBucketOwner` AWS account ID does not match the actual owner of the Amazon S3 bucket, the call fails with a permissions error.\n\nIf workgroup settings override client-side settings, then the query uses the `ExpectedBucketOwner` setting that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `WorkGroupConfiguration$EnforceWorkGroupConfiguration` and [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) ." + }, + "outputLocation": { + "type": "string", + "description": "The location in Amazon S3 where your query results are stored, such as `s3://path/to/query/bucket/` . For more information, see [Query Results](https://docs.aws.amazon.com/athena/latest/ug/querying.html) If workgroup settings override client-side settings, then the query uses the location for the query results and the encryption configuration that are specified for the workgroup. The \"workgroup settings override\" is specified in EnforceWorkGroupConfiguration (true/false) in the WorkGroupConfiguration. See `EnforceWorkGroupConfiguration` ." + }, + "removeAclConfiguration": { + "type": "boolean", + "description": "If set to `true` , indicates that the previously-specified ACL configuration for queries in this workgroup should be ignored and set to null. If set to `false` or not set, and a value is present in the `AclConfiguration` of `ResultConfigurationUpdates` , the `AclConfiguration` in the workgroup's `ResultConfiguration` is updated with the new value. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) ." + }, + "removeEncryptionConfiguration": { + "type": "boolean", + "description": "If set to \"true\", indicates that the previously-specified encryption configuration (also known as the client-side setting) for queries in this workgroup should be ignored and set to null. If set to \"false\" or not set, and a value is present in the EncryptionConfiguration in ResultConfigurationUpdates (the client-side setting), the EncryptionConfiguration in the workgroup's ResultConfiguration will be updated with the new value. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) ." + }, + "removeExpectedBucketOwner": { + "type": "boolean", + "description": "If set to \"true\", removes the AWS account ID previously specified for `ResultConfiguration$ExpectedBucketOwner` . If set to \"false\" or not set, and a value is present in the `ExpectedBucketOwner` in `ResultConfigurationUpdates` (the client-side setting), the `ExpectedBucketOwner` in the workgroup's `ResultConfiguration` is updated with the new value. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) ." + }, + "removeOutputLocation": { + "type": "boolean", + "description": "If set to \"true\", indicates that the previously-specified query results location (also known as a client-side setting) for queries in this workgroup should be ignored and set to null. If set to \"false\" or not set, and a value is present in the OutputLocation in ResultConfigurationUpdates (the client-side setting), the OutputLocation in the workgroup's ResultConfiguration will be updated with the new value. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) ." + } + } + }, + "aws-native:athena:WorkGroupS3AclOption": { + "type": "string" + }, + "aws-native:athena:WorkGroupState": { + "type": "string" + }, + "aws-native:athena:WorkGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:auditmanager:AssessmentAwsAccount": { + "type": "object", + "properties": { + "emailAddress": { + "type": "string", + "description": "The email address that's associated with the AWS account ." + }, + "id": { + "type": "string", + "description": "The identifier for the AWS account ." + }, + "name": { + "type": "string", + "description": "The name of the AWS account ." + } + } + }, + "aws-native:auditmanager:AssessmentAwsService": { + "type": "object", + "properties": { + "serviceName": { + "type": "string", + "description": "The name of the AWS-service ." + } + } + }, + "aws-native:auditmanager:AssessmentDelegation": { + "type": "object", + "properties": { + "assessmentId": { + "type": "string", + "description": "The identifier for the assessment that's associated with the delegation." + }, + "assessmentName": { + "type": "string", + "description": "The name of the assessment that's associated with the delegation." + }, + "comment": { + "type": "string", + "description": "The comment that's related to the delegation." + }, + "controlSetId": { + "type": "string", + "description": "The identifier for the control set that's associated with the delegation." + }, + "createdBy": { + "type": "string", + "description": "The user or role that created the delegation.\n\n*Minimum* : `1`\n\n*Maximum* : `100`\n\n*Pattern* : `^[a-zA-Z0-9-_()\\\\[\\\\]\\\\s]+$`" + }, + "creationTime": { + "type": "number", + "description": "Specifies when the delegation was created." + }, + "id": { + "type": "string", + "description": "The unique identifier for the delegation." + }, + "lastUpdated": { + "type": "number", + "description": "Specifies when the delegation was last updated." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role." + }, + "roleType": { + "$ref": "#/types/aws-native:auditmanager:AssessmentRoleType", + "description": "The type of customer persona.\n\n\u003e In `CreateAssessment` , `roleType` can only be `PROCESS_OWNER` .\n\u003e \n\u003e In `UpdateSettings` , `roleType` can only be `PROCESS_OWNER` .\n\u003e \n\u003e In `BatchCreateDelegationByAssessment` , `roleType` can only be `RESOURCE_OWNER` ." + }, + "status": { + "$ref": "#/types/aws-native:auditmanager:AssessmentDelegationStatus", + "description": "The status of the delegation." + } + } + }, + "aws-native:auditmanager:AssessmentDelegationStatus": { + "type": "string" + }, + "aws-native:auditmanager:AssessmentReportDestinationType": { + "type": "string" + }, + "aws-native:auditmanager:AssessmentReportsDestination": { + "type": "object", + "properties": { + "destination": { + "type": "string", + "description": "The destination bucket where Audit Manager stores assessment reports." + }, + "destinationType": { + "$ref": "#/types/aws-native:auditmanager:AssessmentReportDestinationType", + "description": "The destination type, such as Amazon S3." + } + } + }, + "aws-native:auditmanager:AssessmentRole": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role." + }, + "roleType": { + "$ref": "#/types/aws-native:auditmanager:AssessmentRoleType", + "description": "The type of customer persona.\n\n\u003e In `CreateAssessment` , `roleType` can only be `PROCESS_OWNER` .\n\u003e \n\u003e In `UpdateSettings` , `roleType` can only be `PROCESS_OWNER` .\n\u003e \n\u003e In `BatchCreateDelegationByAssessment` , `roleType` can only be `RESOURCE_OWNER` ." + } + } + }, + "aws-native:auditmanager:AssessmentRoleType": { + "type": "string" + }, + "aws-native:auditmanager:AssessmentScope": { + "type": "object", + "properties": { + "awsAccounts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:auditmanager:AssessmentAwsAccount" + }, + "description": "The AWS accounts included in scope." + }, + "awsServices": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:auditmanager:AssessmentAwsService" + }, + "description": "The AWS services included in scope." + } + } + }, + "aws-native:auditmanager:AssessmentStatus": { + "type": "string" + }, + "aws-native:auditmanager:AssessmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:autoscaling:AutoScalingGroupAcceleratorCountRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum value." + }, + "min": { + "type": "integer", + "description": "The minimum value." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupAcceleratorTotalMemoryMiBRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The memory maximum in MiB." + }, + "min": { + "type": "integer", + "description": "The memory minimum in MiB." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupBaselineEbsBandwidthMbpsRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum value in Mbps." + }, + "min": { + "type": "integer", + "description": "The minimum value in Mbps." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupInstanceMaintenancePolicy": { + "type": "object", + "properties": { + "maxHealthyPercentage": { + "type": "integer", + "description": "Specifies the upper threshold as a percentage of the desired capacity of the Auto Scaling group. It represents the maximum percentage of the group that can be in service and healthy, or pending, to support your workload when replacing instances. Value range is 100 to 200. To clear a previously set value, specify a value of ``-1``.\n Both ``MinHealthyPercentage`` and ``MaxHealthyPercentage`` must be specified, and the difference between them cannot be greater than 100. A large range increases the number of instances that can be replaced at the same time." + }, + "minHealthyPercentage": { + "type": "integer", + "description": "Specifies the lower threshold as a percentage of the desired capacity of the Auto Scaling group. It represents the minimum percentage of the group to keep in service, healthy, and ready to use to support your workload when replacing instances. Value range is 0 to 100. To clear a previously set value, specify a value of ``-1``." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupInstanceRequirements": { + "type": "object", + "properties": { + "acceleratorCount": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupAcceleratorCountRequest", + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) for an instance type.\n To exclude accelerator-enabled instance types, set ``Max`` to ``0``.\n Default: No minimum or maximum limits" + }, + "acceleratorManufacturers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Indicates whether instance types must have accelerators by specific manufacturers.\n + For instance types with NVIDIA devices, specify ``nvidia``.\n + For instance types with AMD devices, specify ``amd``.\n + For instance types with AWS devices, specify ``amazon-web-services``.\n + For instance types with Xilinx devices, specify ``xilinx``.\n \n Default: Any manufacturer" + }, + "acceleratorNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Lists the accelerators that must be on an instance type.\n + For instance types with NVIDIA A100 GPUs, specify ``a100``.\n + For instance types with NVIDIA V100 GPUs, specify ``v100``.\n + For instance types with NVIDIA K80 GPUs, specify ``k80``.\n + For instance types with NVIDIA T4 GPUs, specify ``t4``.\n + For instance types with NVIDIA M60 GPUs, specify ``m60``.\n + For instance types with AMD Radeon Pro V520 GPUs, specify ``radeon-pro-v520``.\n + For instance types with Xilinx VU9P FPGAs, specify ``vu9p``.\n \n Default: Any accelerator" + }, + "acceleratorTotalMemoryMiB": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupAcceleratorTotalMemoryMiBRequest", + "description": "The minimum and maximum total memory size for the accelerators on an instance type, in MiB.\n Default: No minimum or maximum limits" + }, + "acceleratorTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Lists the accelerator types that must be on an instance type.\n + For instance types with GPU accelerators, specify ``gpu``.\n + For instance types with FPGA accelerators, specify ``fpga``.\n + For instance types with inference accelerators, specify ``inference``.\n \n Default: Any accelerator type" + }, + "allowedInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n You can use strings with one or more wild cards, represented by an asterisk (``*``), to allow an instance type, size, or generation. The following are examples: ``m5.8xlarge``, ``c5*.*``, ``m5a.*``, ``r*``, ``*3*``.\n For example, if you specify ``c5*``, Amazon EC2 Auto Scaling will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify ``m5a.*``, Amazon EC2 Auto Scaling will allow all the M5a instance types, but not the M5n instance types.\n If you specify ``AllowedInstanceTypes``, you can't specify ``ExcludedInstanceTypes``.\n Default: All instance types" + }, + "bareMetal": { + "type": "string", + "description": "Indicates whether bare metal instance types are included, excluded, or required.\n Default: ``excluded``" + }, + "baselineEbsBandwidthMbps": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupBaselineEbsBandwidthMbpsRequest", + "description": "The minimum and maximum baseline bandwidth performance for an instance type, in Mbps. For more information, see [Amazon EBS–optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide for Linux Instances*.\n Default: No minimum or maximum limits" + }, + "burstablePerformance": { + "type": "string", + "description": "Indicates whether burstable performance instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide for Linux Instances*.\n Default: ``excluded``" + }, + "cpuManufacturers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Lists which specific CPU manufacturers to include.\n + For instance types with Intel CPUs, specify ``intel``.\n + For instance types with AMD CPUs, specify ``amd``.\n + For instance types with AWS CPUs, specify ``amazon-web-services``.\n \n Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n Default: Any manufacturer" + }, + "excludedInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (``*``), to exclude an instance family, type, size, or generation. The following are examples: ``m5.8xlarge``, ``c5*.*``, ``m5a.*``, ``r*``, ``*3*``. \n For example, if you specify ``c5*``, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify ``m5a.*``, Amazon EC2 Auto Scaling will exclude all the M5a instance types, but not the M5n instance types.\n If you specify ``ExcludedInstanceTypes``, you can't specify ``AllowedInstanceTypes``.\n Default: No excluded instance types" + }, + "instanceGenerations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Indicates whether current or previous generation instance types are included.\n + For current generation instance types, specify ``current``. The current generation includes EC2 instance types currently recommended for use. This typically includes the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide for Linux Instances*.\n + For previous generation instance types, specify ``previous``.\n \n Default: Any current or previous generation" + }, + "localStorage": { + "type": "string", + "description": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, see [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide for Linux Instances*.\n Default: ``included``" + }, + "localStorageTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Indicates the type of local storage that is required.\n + For instance types with hard disk drive (HDD) storage, specify ``hdd``.\n + For instance types with solid state drive (SSD) storage, specify ``ssd``.\n \n Default: Any local storage type" + }, + "maxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from either the lowest priced current generation instance types or, failing that, the lowest priced previous generation instance types that match your attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price exceeds your specified threshold.\n The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage.\n If you set ``DesiredCapacityType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is based on the per-vCPU or per-memory price instead of the per instance price. \n Only one of ``SpotMaxPricePercentageOverLowestPrice`` or ``MaxSpotPriceAsPercentageOfOptimalOnDemandPrice`` can be specified. If you don't specify either, Amazon EC2 Auto Scaling will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as ``999999``." + }, + "memoryGiBPerVCpu": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupMemoryGiBPerVCpuRequest", + "description": "The minimum and maximum amount of memory per vCPU for an instance type, in GiB.\n Default: No minimum or maximum limits" + }, + "memoryMiB": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupMemoryMiBRequest", + "description": "The minimum and maximum instance memory size for an instance type, in MiB." + }, + "networkBandwidthGbps": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupNetworkBandwidthGbpsRequest", + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n Default: No minimum or maximum limits" + }, + "networkInterfaceCount": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupNetworkInterfaceCountRequest", + "description": "The minimum and maximum number of network interfaces for an instance type.\n Default: No minimum or maximum limits" + }, + "onDemandMaxPricePercentageOverLowestPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from either the lowest priced current generation instance types or, failing that, the lowest priced previous generation instance types that match your attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price exceeds your specified threshold. \n The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage.\n To turn off price protection, specify a high value, such as ``999999``. \n If you set ``DesiredCapacityType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per instance price. \n Default: ``20``" + }, + "requireHibernateSupport": { + "type": "boolean", + "description": "Indicates whether instance types must provide On-Demand Instance hibernation support.\n Default: ``false``" + }, + "spotMaxPricePercentageOverLowestPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from either the lowest priced current generation instance types or, failing that, the lowest priced previous generation instance types that match your attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price exceeds your specified threshold.\n The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. \n If you set ``DesiredCapacityType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is based on the per-vCPU or per-memory price instead of the per instance price. \n Only one of ``SpotMaxPricePercentageOverLowestPrice`` or ``MaxSpotPriceAsPercentageOfOptimalOnDemandPrice`` can be specified. If you don't specify either, Amazon EC2 Auto Scaling will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as ``999999``." + }, + "totalLocalStorageGb": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupTotalLocalStorageGbRequest", + "description": "The minimum and maximum total local storage size for an instance type, in GB.\n Default: No minimum or maximum limits" + }, + "vCpuCount": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupVCpuCountRequest", + "description": "The minimum and maximum number of vCPUs for an instance type." + } + }, + "irreversibleNames": { + "totalLocalStorageGb": "TotalLocalStorageGB" + } + }, + "aws-native:autoscaling:AutoScalingGroupInstancesDistribution": { + "type": "object", + "properties": { + "onDemandAllocationStrategy": { + "type": "string", + "description": "The allocation strategy to apply to your On-Demand Instances when they are launched. Possible instance types are determined by the launch template overrides that you specify.\n The following lists the valid values:\n + lowest-price Uses price to determine which instance types are the highest priority, launching the lowest priced instance types within an Availability Zone first. This is the default value for Auto Scaling groups that specify InstanceRequirements. + prioritized You set the order of instance types for the launch template overrides from highest to lowest priority (from first to last in the list). Amazon EC2 Auto Scaling launches your highest priority instance types first. If all your On-Demand capacity cannot be fulfilled using your highest priority instance type, then Amazon EC2 Auto Scaling launches the remaining capacity using the second priority instance type, and so on. This is the default value for Auto Scaling groups that don't specify InstanceRequirements and cannot be used for groups that do." + }, + "onDemandBaseCapacity": { + "type": "integer", + "description": "The minimum amount of the Auto Scaling group's capacity that must be fulfilled by On-Demand Instances. This base portion is launched first as your group scales.\n This number has the same unit of measurement as the group's desired capacity. If you change the default unit of measurement (number of instances) by specifying weighted capacity values in your launch template overrides list, or by changing the default desired capacity type setting of the group, you must specify this number using the same unit of measurement.\n Default: 0\n An update to this setting means a gradual replacement of instances to adjust the current On-Demand Instance levels. When replacing instances, Amazon EC2 Auto Scaling launches new instances before terminating the previous ones." + }, + "onDemandPercentageAboveBaseCapacity": { + "type": "integer", + "description": "Controls the percentages of On-Demand Instances and Spot Instances for your additional capacity beyond ``OnDemandBaseCapacity``. Expressed as a number (for example, 20 specifies 20% On-Demand Instances, 80% Spot Instances). If set to 100, only On-Demand Instances are used.\n Default: 100\n An update to this setting means a gradual replacement of instances to adjust the current On-Demand and Spot Instance levels for your additional capacity higher than the base capacity. When replacing instances, Amazon EC2 Auto Scaling launches new instances before terminating the previous ones." + }, + "spotAllocationStrategy": { + "type": "string", + "description": "The allocation strategy to apply to your Spot Instances when they are launched. Possible instance types are determined by the launch template overrides that you specify.\n The following lists the valid values:\n + capacity-optimized Requests Spot Instances using pools that are optimally chosen based on the available Spot capacity. This strategy has the lowest risk of interruption. To give certain instance types a higher chance of launching first, use capacity-optimized-prioritized. + capacity-optimized-prioritized You set the order of instance types for the launch template overrides from highest to lowest priority (from first to last in the list). Amazon EC2 Auto Scaling honors the instance type priorities on a best effort basis but optimizes for capacity first. Note that if the On-Demand allocation strategy is set to prioritized, the same priority is applied when fulfilling On-Demand capacity. This is not a valid value for Auto Scaling groups that specify InstanceRequirements. + lowest-price Requests Spot Instances using the lowest priced pools within an Availability Zone, across the number of Spot pools that you specify for the SpotInstancePools property. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. This is the default value, but it might lead to high interruption rates because this strategy only considers instance price and not available capacity. + price-capacity-optimized (recommended) The price and capacity optimized allocation strategy looks at both price and capacity to select the Spot Instance pools that are the least likely to be interrupted and have the lowest possible price." + }, + "spotInstancePools": { + "type": "integer", + "description": "The number of Spot Instance pools across which to allocate your Spot Instances. The Spot pools are determined from the different instance types in the overrides. Valid only when the ``SpotAllocationStrategy`` is ``lowest-price``. Value must be in the range of 1–20.\n Default: 2" + }, + "spotMaxPrice": { + "type": "string", + "description": "The maximum price per unit hour that you are willing to pay for a Spot Instance. If your maximum price is lower than the Spot price for the instance types that you selected, your Spot Instances are not launched. We do not recommend specifying a maximum price because it can lead to increased interruptions. When Spot Instances launch, you pay the current Spot price. To remove a maximum price that you previously set, include the property but specify an empty string (\"\") for the value.\n If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify one.\n Valid Range: Minimum value of 0.001" + } + } + }, + "aws-native:autoscaling:AutoScalingGroupLaunchTemplate": { + "type": "object", + "properties": { + "launchTemplateSpecification": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupLaunchTemplateSpecification", + "description": "The launch template." + }, + "overrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupLaunchTemplateOverrides" + }, + "description": "Any properties that you specify override the same properties in the launch template." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupLaunchTemplateOverrides": { + "type": "object", + "properties": { + "instanceRequirements": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupInstanceRequirements", + "description": "The instance requirements. Amazon EC2 Auto Scaling uses your specified requirements to identify instance types. Then, it uses your On-Demand and Spot allocation strategies to launch instances from these instance types.\n You can specify up to four separate sets of instance requirements per Auto Scaling group. This is useful for provisioning instances from different Amazon Machine Images (AMIs) in the same Auto Scaling group. To do this, create the AMIs and create a new launch template for each AMI. Then, create a compatible set of instance requirements for each launch template. \n If you specify ``InstanceRequirements``, you can't specify ``InstanceType``." + }, + "instanceType": { + "type": "string", + "description": "The instance type, such as ``m3.xlarge``. You must specify an instance type that is supported in your requested Region and Availability Zones. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide for Linux Instances*.\n You can specify up to 40 instance types per Auto Scaling group." + }, + "launchTemplateSpecification": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupLaunchTemplateSpecification", + "description": "Provides a launch template for the specified instance type or set of instance requirements. For example, some instance types might require a launch template with a different AMI. If not provided, Amazon EC2 Auto Scaling uses the launch template that's specified in the ``LaunchTemplate`` definition. For more information, see [Specifying a different launch template for an instance type](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-mixed-instances-groups-launch-template-overrides.html) in the *Amazon EC2 Auto Scaling User Guide*. \n You can specify up to 20 launch templates per Auto Scaling group. The launch templates specified in the overrides and in the ``LaunchTemplate`` definition count towards this limit." + }, + "weightedCapacity": { + "type": "string", + "description": "If you provide a list of instance types to use, you can specify the number of capacity units provided by each instance type in terms of virtual CPUs, memory, storage, throughput, or other relative performance characteristic. When a Spot or On-Demand Instance is launched, the capacity units count toward the desired capacity. Amazon EC2 Auto Scaling launches instances until the desired capacity is totally fulfilled, even if this results in an overage. For example, if there are two units remaining to fulfill capacity, and Amazon EC2 Auto Scaling can only launch an instance with a ``WeightedCapacity`` of five units, the instance is launched, and the desired capacity is exceeded by three units. For more information, see [Configure instance weighting for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-mixed-instances-groups-instance-weighting.html) in the *Amazon EC2 Auto Scaling User Guide*. Value must be in the range of 1-999. \n If you specify a value for ``WeightedCapacity`` for one instance type, you must specify a value for ``WeightedCapacity`` for all of them.\n Every Auto Scaling group has three size parameters (``DesiredCapacity``, ``MaxSize``, and ``MinSize``). Usually, you set these sizes based on a specific number of instances. However, if you configure a mixed instances policy that defines weights for the instance types, you must specify these sizes with the same units that you use for weighting instances." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupLaunchTemplateSpecification": { + "type": "object", + "properties": { + "launchTemplateId": { + "type": "string", + "description": "The ID of the launch template.\n You must specify the ``LaunchTemplateID`` or the ``LaunchTemplateName``, but not both." + }, + "launchTemplateName": { + "type": "string", + "description": "The name of the launch template.\n You must specify the ``LaunchTemplateName`` or the ``LaunchTemplateID``, but not both." + }, + "version": { + "type": "string", + "description": "The version number of the launch template.\n Specifying ``$Latest`` or ``$Default`` for the template version number is not supported. However, you can specify ``LatestVersionNumber`` or ``DefaultVersionNumber`` using the ``Fn::GetAtt`` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html).\n For an example of using the ``Fn::GetAtt`` function, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html#aws-resource-autoscaling-autoscalinggroup--examples) section of the ``AWS::AutoScaling::AutoScalingGroup`` resource." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupLifecycleHookSpecification": { + "type": "object", + "properties": { + "defaultResult": { + "type": "string", + "description": "The action the Auto Scaling group takes when the lifecycle hook timeout elapses or if an unexpected failure occurs. The default value is ``ABANDON``.\n Valid values: ``CONTINUE`` | ``ABANDON``" + }, + "heartbeatTimeout": { + "type": "integer", + "description": "The maximum time, in seconds, that can elapse before the lifecycle hook times out. The range is from ``30`` to ``7200`` seconds. The default value is ``3600`` seconds (1 hour)." + }, + "lifecycleHookName": { + "type": "string", + "description": "The name of the lifecycle hook." + }, + "lifecycleTransition": { + "type": "string", + "description": "The lifecycle transition. For Auto Scaling groups, there are two major lifecycle transitions.\n + To create a lifecycle hook for scale-out events, specify ``autoscaling:EC2_INSTANCE_LAUNCHING``.\n + To create a lifecycle hook for scale-in events, specify ``autoscaling:EC2_INSTANCE_TERMINATING``." + }, + "notificationMetadata": { + "type": "string", + "description": "Additional information that you want to include any time Amazon EC2 Auto Scaling sends a message to the notification target." + }, + "notificationTargetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the notification target that Amazon EC2 Auto Scaling sends notifications to when an instance is in a wait state for the lifecycle hook. You can specify an Amazon SNS topic or an Amazon SQS queue." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target. For information about creating this role, see [Prepare to add a lifecycle hook to your Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/prepare-for-lifecycle-notifications.html) in the *Amazon EC2 Auto Scaling User Guide*.\n Valid only if the notification target is an Amazon SNS topic or an Amazon SQS queue." + } + }, + "irreversibleNames": { + "notificationTargetArn": "NotificationTargetARN", + "roleArn": "RoleARN" + } + }, + "aws-native:autoscaling:AutoScalingGroupMemoryGiBPerVCpuRequest": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The memory maximum in GiB." + }, + "min": { + "type": "number", + "description": "The memory minimum in GiB." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupMemoryMiBRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The memory maximum in MiB." + }, + "min": { + "type": "integer", + "description": "The memory minimum in MiB." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupMetricsCollection": { + "type": "object", + "properties": { + "granularity": { + "type": "string", + "description": "The frequency at which Amazon EC2 Auto Scaling sends aggregated data to CloudWatch. The only valid value is ``1Minute``." + }, + "metrics": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identifies the metrics to enable.\n You can specify one or more of the following metrics:\n + ``GroupMinSize`` \n + ``GroupMaxSize`` \n + ``GroupDesiredCapacity`` \n + ``GroupInServiceInstances`` \n + ``GroupPendingInstances`` \n + ``GroupStandbyInstances`` \n + ``GroupTerminatingInstances`` \n + ``GroupTotalInstances`` \n + ``GroupInServiceCapacity`` \n + ``GroupPendingCapacity`` \n + ``GroupStandbyCapacity`` \n + ``GroupTerminatingCapacity`` \n + ``GroupTotalCapacity`` \n + ``WarmPoolDesiredCapacity`` \n + ``WarmPoolWarmedCapacity`` \n + ``WarmPoolPendingCapacity`` \n + ``WarmPoolTerminatingCapacity`` \n + ``WarmPoolTotalCapacity`` \n + ``GroupAndWarmPoolDesiredCapacity`` \n + ``GroupAndWarmPoolTotalCapacity`` \n \n If you specify ``Granularity`` and don't specify any metrics, all metrics are enabled.\n For more information, see [Amazon CloudWatch metrics for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-metrics.html) in the *Amazon EC2 Auto Scaling User Guide*." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupMixedInstancesPolicy": { + "type": "object", + "properties": { + "instancesDistribution": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupInstancesDistribution", + "description": "The instances distribution." + }, + "launchTemplate": { + "$ref": "#/types/aws-native:autoscaling:AutoScalingGroupLaunchTemplate", + "description": "One or more launch templates and the instance types (overrides) that are used to launch EC2 instances to fulfill On-Demand and Spot capacities." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupNetworkBandwidthGbpsRequest": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum amount of network bandwidth, in gigabits per second (Gbps)." + }, + "min": { + "type": "number", + "description": "The minimum amount of network bandwidth, in gigabits per second (Gbps)." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupNetworkInterfaceCountRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum number of network interfaces." + }, + "min": { + "type": "integer", + "description": "The minimum number of network interfaces." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupNotificationConfiguration": { + "type": "object", + "properties": { + "notificationTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of event types that send a notification. Event types can include any of the following types. \n *Allowed values*:\n + ``autoscaling:EC2_INSTANCE_LAUNCH`` \n + ``autoscaling:EC2_INSTANCE_LAUNCH_ERROR`` \n + ``autoscaling:EC2_INSTANCE_TERMINATE`` \n + ``autoscaling:EC2_INSTANCE_TERMINATE_ERROR`` \n + ``autoscaling:TEST_NOTIFICATION``" + }, + "topicArn": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic." + } + }, + "irreversibleNames": { + "topicArn": "TopicARN" + } + }, + "aws-native:autoscaling:AutoScalingGroupTagProperty": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "propagateAtLaunch": { + "type": "boolean", + "description": "Set to ``true`` if you want CloudFormation to copy the tag to EC2 instances that are launched as part of the Auto Scaling group. Set to ``false`` if you want the tag attached only to the Auto Scaling group and not copied to any instances launched as part of the Auto Scaling group." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupTotalLocalStorageGbRequest": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The storage maximum in GB." + }, + "min": { + "type": "number", + "description": "The storage minimum in GB." + } + } + }, + "aws-native:autoscaling:AutoScalingGroupVCpuCountRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum number of vCPUs." + }, + "min": { + "type": "integer", + "description": "The minimum number of vCPUs." + } + } + }, + "aws-native:autoscaling:LaunchConfigurationBlockDevice": { + "type": "object", + "properties": { + "deleteOnTermination": { + "type": "boolean", + "description": "Indicates whether the volume is deleted on instance termination. " + }, + "encrypted": { + "type": "boolean", + "description": "Specifies whether the volume should be encrypted. " + }, + "iops": { + "type": "integer", + "description": "The number of input/output (I/O) operations per second (IOPS) to provision for the volume. " + }, + "snapshotId": { + "type": "string", + "description": "The snapshot ID of the volume to use." + }, + "throughput": { + "type": "integer", + "description": "The throughput (MiBps) to provision for a gp3 volume." + }, + "volumeSize": { + "type": "integer", + "description": "The volume size, in GiBs." + }, + "volumeType": { + "type": "string", + "description": "The volume type." + } + } + }, + "aws-native:autoscaling:LaunchConfigurationBlockDeviceMapping": { + "type": "object", + "properties": { + "deviceName": { + "type": "string", + "description": "The device name exposed to the EC2 instance (for example, /dev/sdh or xvdh). " + }, + "ebs": { + "$ref": "#/types/aws-native:autoscaling:LaunchConfigurationBlockDevice", + "description": "Parameters used to automatically set up EBS volumes when an instance is launched." + }, + "noDevice": { + "type": "boolean", + "description": "Setting this value to true suppresses the specified device included in the block device mapping of the AMI." + }, + "virtualName": { + "type": "string", + "description": "The name of the virtual device." + } + } + }, + "aws-native:autoscaling:LaunchConfigurationMetadataOptions": { + "type": "object", + "properties": { + "httpEndpoint": { + "type": "string", + "description": "This parameter enables or disables the HTTP metadata endpoint on your instances." + }, + "httpPutResponseHopLimit": { + "type": "integer", + "description": "The desired HTTP PUT response hop limit for instance metadata requests." + }, + "httpTokens": { + "type": "string", + "description": "The state of token usage for your instance metadata requests." + } + } + }, + "aws-native:autoscaling:ScalingPolicyCustomizedMetricSpecification": { + "type": "object", + "properties": { + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyMetricDimension" + }, + "description": "The dimensions of the metric.\n\nConditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy." + }, + "metricName": { + "type": "string", + "description": "The name of the metric. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) ." + }, + "metrics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyTargetTrackingMetricDataQuery" + }, + "description": "The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions." + }, + "namespace": { + "type": "string", + "description": "The namespace of the metric." + }, + "statistic": { + "type": "string", + "description": "The statistic of the metric." + }, + "unit": { + "type": "string", + "description": "The unit of the metric. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* ." + } + } + }, + "aws-native:autoscaling:ScalingPolicyMetric": { + "type": "object", + "properties": { + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyMetricDimension" + }, + "description": "The dimensions for the metric. For the list of available dimensions, see the AWS documentation available from the table in [AWS services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide* .\n\nConditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy." + }, + "metricName": { + "type": "string", + "description": "The name of the metric." + }, + "namespace": { + "type": "string", + "description": "The namespace of the metric. For more information, see the table in [AWS services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide* ." + } + } + }, + "aws-native:autoscaling:ScalingPolicyMetricDataQuery": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both." + }, + "id": { + "type": "string", + "description": "A short name that identifies the object's results in the response. This name must be unique among all `MetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter." + }, + "label": { + "type": "string", + "description": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents." + }, + "metricStat": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyMetricStat", + "description": "Information about the metric data to return.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both." + }, + "returnData": { + "type": "boolean", + "description": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` )." + } + } + }, + "aws-native:autoscaling:ScalingPolicyMetricDimension": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the dimension." + }, + "value": { + "type": "string", + "description": "The value of the dimension." + } + } + }, + "aws-native:autoscaling:ScalingPolicyMetricStat": { + "type": "object", + "properties": { + "metric": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyMetric", + "description": "The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) ." + }, + "stat": { + "type": "string", + "description": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metrics for predictive scaling are `Average` and `Sum` ." + }, + "unit": { + "type": "string", + "description": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* ." + } + } + }, + "aws-native:autoscaling:ScalingPolicyPredefinedMetricSpecification": { + "type": "object", + "properties": { + "predefinedMetricType": { + "type": "string", + "description": "The metric type. The following predefined metrics are available:\n\n- `ASGAverageCPUUtilization` - Average CPU utilization of the Auto Scaling group.\n- `ASGAverageNetworkIn` - Average number of bytes received on all network interfaces by the Auto Scaling group.\n- `ASGAverageNetworkOut` - Average number of bytes sent out on all network interfaces by the Auto Scaling group.\n- `ALBRequestCountPerTarget` - Average Application Load Balancer request count per target for your Auto Scaling group." + }, + "resourceLabel": { + "type": "string", + "description": "A label that uniquely identifies a specific Application Load Balancer target group from which to determine the average request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group.\n\nYou create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is:\n\n`app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` .\n\nWhere:\n\n- app/\u003cload-balancer-name\u003e/\u003cload-balancer-id\u003e is the final portion of the load balancer ARN\n- targetgroup/\u003ctarget-group-name\u003e/\u003ctarget-group-id\u003e is the final portion of the target group ARN.\n\nTo find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation." + } + } + }, + "aws-native:autoscaling:ScalingPolicyPredictiveScalingConfiguration": { + "type": "object", + "properties": { + "maxCapacityBreachBehavior": { + "type": "string", + "description": "Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity of the Auto Scaling group. Defaults to `HonorMaxCapacity` if not specified.\n\nThe following are possible values:\n\n- `HonorMaxCapacity` - Amazon EC2 Auto Scaling can't increase the maximum capacity of the group when the forecast capacity is close to or exceeds the maximum capacity.\n- `IncreaseMaxCapacity` - Amazon EC2 Auto Scaling can increase the maximum capacity of the group when the forecast capacity is close to or exceeds the maximum capacity. The upper limit is determined by the forecasted capacity and the value for `MaxCapacityBuffer` .\n\n\u003e Use caution when allowing the maximum capacity to be automatically increased. This can lead to more instances being launched than intended if the increased maximum capacity is not monitored and managed. The increased maximum capacity then becomes the new normal maximum capacity for the Auto Scaling group until you manually update it. The maximum capacity does not automatically decrease back to the original maximum." + }, + "maxCapacityBuffer": { + "type": "integer", + "description": "The size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. The value is specified as a percentage relative to the forecast capacity. For example, if the buffer is 10, this means a 10 percent buffer, such that if the forecast capacity is 50, and the maximum capacity is 40, then the effective maximum capacity is 55.\n\nIf set to 0, Amazon EC2 Auto Scaling may scale capacity higher than the maximum capacity to equal but not exceed forecast capacity.\n\nRequired if the `MaxCapacityBreachBehavior` property is set to `IncreaseMaxCapacity` , and cannot be used otherwise." + }, + "metricSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyPredictiveScalingMetricSpecification" + }, + "description": "This structure includes the metrics and target utilization to use for predictive scaling.\n\nThis is an array, but we currently only support a single metric specification. That is, you can specify a target value and a single metric pair, or a target value and one scaling metric and one load metric." + }, + "mode": { + "type": "string", + "description": "The predictive scaling mode. Defaults to `ForecastOnly` if not specified." + }, + "schedulingBufferTime": { + "type": "integer", + "description": "The amount of time, in seconds, by which the instance launch time can be advanced. For example, the forecast says to add capacity at 10:00 AM, and you choose to pre-launch instances by 5 minutes. In that case, the instances will be launched at 9:55 AM. The intention is to give resources time to be provisioned. It can take a few minutes to launch an EC2 instance. The actual amount of time required depends on several factors, such as the size of the instance and whether there are startup scripts to complete.\n\nThe value must be less than the forecast interval duration of 3600 seconds (60 minutes). Defaults to 300 seconds if not specified." + } + } + }, + "aws-native:autoscaling:ScalingPolicyPredictiveScalingCustomizedCapacityMetric": { + "type": "object", + "properties": { + "metricDataQueries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyMetricDataQuery" + }, + "description": "One or more metric data queries to provide the data points for a capacity metric. Use multiple metric data queries only if you are performing a math expression on returned data." + } + } + }, + "aws-native:autoscaling:ScalingPolicyPredictiveScalingCustomizedLoadMetric": { + "type": "object", + "properties": { + "metricDataQueries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyMetricDataQuery" + }, + "description": "One or more metric data queries to provide the data points for a load metric. Use multiple metric data queries only if you are performing a math expression on returned data." + } + } + }, + "aws-native:autoscaling:ScalingPolicyPredictiveScalingCustomizedScalingMetric": { + "type": "object", + "properties": { + "metricDataQueries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyMetricDataQuery" + }, + "description": "One or more metric data queries to provide the data points for a scaling metric. Use multiple metric data queries only if you are performing a math expression on returned data." + } + } + }, + "aws-native:autoscaling:ScalingPolicyPredictiveScalingMetricSpecification": { + "type": "object", + "properties": { + "customizedCapacityMetricSpecification": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyPredictiveScalingCustomizedCapacityMetric", + "description": "The customized capacity metric specification." + }, + "customizedLoadMetricSpecification": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyPredictiveScalingCustomizedLoadMetric", + "description": "The customized load metric specification." + }, + "customizedScalingMetricSpecification": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyPredictiveScalingCustomizedScalingMetric", + "description": "The customized scaling metric specification." + }, + "predefinedLoadMetricSpecification": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyPredictiveScalingPredefinedLoadMetric", + "description": "The predefined load metric specification." + }, + "predefinedMetricPairSpecification": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyPredictiveScalingPredefinedMetricPair", + "description": "The predefined metric pair specification from which Amazon EC2 Auto Scaling determines the appropriate scaling metric and load metric to use." + }, + "predefinedScalingMetricSpecification": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyPredictiveScalingPredefinedScalingMetric", + "description": "The predefined scaling metric specification." + }, + "targetValue": { + "type": "number", + "description": "Specifies the target utilization.\n\n\u003e Some metrics are based on a count instead of a percentage, such as the request count for an Application Load Balancer or the number of messages in an SQS queue. If the scaling policy specifies one of these metrics, specify the target utilization as the optimal average request or message count per instance during any one-minute interval." + } + } + }, + "aws-native:autoscaling:ScalingPolicyPredictiveScalingPredefinedLoadMetric": { + "type": "object", + "properties": { + "predefinedMetricType": { + "type": "string", + "description": "The metric type." + }, + "resourceLabel": { + "type": "string", + "description": "A label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group.\n\nYou create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is:\n\n`app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` .\n\nWhere:\n\n- app/\u003cload-balancer-name\u003e/\u003cload-balancer-id\u003e is the final portion of the load balancer ARN\n- targetgroup/\u003ctarget-group-name\u003e/\u003ctarget-group-id\u003e is the final portion of the target group ARN.\n\nTo find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation." + } + } + }, + "aws-native:autoscaling:ScalingPolicyPredictiveScalingPredefinedMetricPair": { + "type": "object", + "properties": { + "predefinedMetricType": { + "type": "string", + "description": "Indicates which metrics to use. There are two different types of metrics for each metric type: one is a load metric and one is a scaling metric. For example, if the metric type is `ASGCPUUtilization` , the Auto Scaling group's total CPU metric is used as the load metric, and the average CPU metric is used for the scaling metric." + }, + "resourceLabel": { + "type": "string", + "description": "A label that uniquely identifies a specific Application Load Balancer target group from which to determine the total and average request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group.\n\nYou create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is:\n\n`app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` .\n\nWhere:\n\n- app/\u003cload-balancer-name\u003e/\u003cload-balancer-id\u003e is the final portion of the load balancer ARN\n- targetgroup/\u003ctarget-group-name\u003e/\u003ctarget-group-id\u003e is the final portion of the target group ARN.\n\nTo find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation." + } + } + }, + "aws-native:autoscaling:ScalingPolicyPredictiveScalingPredefinedScalingMetric": { + "type": "object", + "properties": { + "predefinedMetricType": { + "type": "string", + "description": "The metric type." + }, + "resourceLabel": { + "type": "string", + "description": "A label that uniquely identifies a specific Application Load Balancer target group from which to determine the average request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group.\n\nYou create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is:\n\n`app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` .\n\nWhere:\n\n- app/\u003cload-balancer-name\u003e/\u003cload-balancer-id\u003e is the final portion of the load balancer ARN\n- targetgroup/\u003ctarget-group-name\u003e/\u003ctarget-group-id\u003e is the final portion of the target group ARN.\n\nTo find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation." + } + } + }, + "aws-native:autoscaling:ScalingPolicyStepAdjustment": { + "type": "object", + "properties": { + "metricIntervalLowerBound": { + "type": "number", + "description": "The lower bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the lower bound is inclusive (the metric must be greater than or equal to the threshold plus the lower bound). Otherwise, it is exclusive (the metric must be greater than the threshold plus the lower bound). A null value indicates negative infinity." + }, + "metricIntervalUpperBound": { + "type": "number", + "description": "The upper bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the upper bound is exclusive (the metric must be less than the threshold plus the upper bound). Otherwise, it is inclusive (the metric must be less than or equal to the threshold plus the upper bound). A null value indicates positive infinity.\n\nThe upper bound must be greater than the lower bound." + }, + "scalingAdjustment": { + "type": "integer", + "description": "The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity. For exact capacity, you must specify a non-negative value." + } + } + }, + "aws-native:autoscaling:ScalingPolicyTargetTrackingConfiguration": { + "type": "object", + "properties": { + "customizedMetricSpecification": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyCustomizedMetricSpecification", + "description": "A customized metric. You must specify either a predefined metric or a customized metric." + }, + "disableScaleIn": { + "type": "boolean", + "description": "Indicates whether scaling in by the target tracking scaling policy is disabled. If scaling in is disabled, the target tracking scaling policy doesn't remove instances from the Auto Scaling group. Otherwise, the target tracking scaling policy can remove instances from the Auto Scaling group. The default is `false` ." + }, + "predefinedMetricSpecification": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyPredefinedMetricSpecification", + "description": "A predefined metric. You must specify either a predefined metric or a customized metric." + }, + "targetValue": { + "type": "number", + "description": "The target value for the metric.\n\n\u003e Some metrics are based on a count instead of a percentage, such as the request count for an Application Load Balancer or the number of messages in an SQS queue. If the scaling policy specifies one of these metrics, specify the target utilization as the optimal average request or message count per instance during any one-minute interval." + } + } + }, + "aws-native:autoscaling:ScalingPolicyTargetTrackingMetricDataQuery": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both." + }, + "id": { + "type": "string", + "description": "A short name that identifies the object's results in the response. This name must be unique among all `TargetTrackingMetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter." + }, + "label": { + "type": "string", + "description": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents." + }, + "metricStat": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyTargetTrackingMetricStat", + "description": "Information about the metric data to return.\n\nConditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both." + }, + "returnData": { + "type": "boolean", + "description": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` )." + } + } + }, + "aws-native:autoscaling:ScalingPolicyTargetTrackingMetricStat": { + "type": "object", + "properties": { + "metric": { + "$ref": "#/types/aws-native:autoscaling:ScalingPolicyMetric", + "description": "The metric to use." + }, + "stat": { + "type": "string", + "description": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metric for scaling is `Average` ." + }, + "unit": { + "type": "string", + "description": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* ." + } + } + }, + "aws-native:autoscaling:WarmPoolInstanceReusePolicy": { + "type": "object", + "properties": { + "reuseOnScaleIn": { + "type": "boolean", + "description": "Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in." + } + } + }, + "aws-native:b2bi:CapabilityConfiguration0Properties": { + "type": "object", + "properties": { + "edi": { + "$ref": "#/types/aws-native:b2bi:CapabilityEdiConfiguration" + } + } + }, + "aws-native:b2bi:CapabilityConfigurationProperties": { + "type": "object", + "properties": { + "edi": { + "$ref": "#/types/aws-native:b2bi:CapabilityEdiConfiguration" + } + } + }, + "aws-native:b2bi:CapabilityEdiConfiguration": { + "type": "object", + "properties": { + "inputLocation": { + "$ref": "#/types/aws-native:b2bi:CapabilityS3Location" + }, + "outputLocation": { + "$ref": "#/types/aws-native:b2bi:CapabilityS3Location" + }, + "transformerId": { + "type": "string" + }, + "type": { + "$ref": "#/types/aws-native:b2bi:CapabilityEdiTypeProperties" + } + } + }, + "aws-native:b2bi:CapabilityEdiType0Properties": { + "type": "object", + "properties": { + "x12Details": { + "$ref": "#/types/aws-native:b2bi:CapabilityX12Details" + } + }, + "irreversibleNames": { + "x12Details": "X12Details" + } + }, + "aws-native:b2bi:CapabilityEdiTypeProperties": { + "type": "object", + "properties": { + "x12Details": { + "$ref": "#/types/aws-native:b2bi:CapabilityX12Details" + } + }, + "irreversibleNames": { + "x12Details": "X12Details" + } + }, + "aws-native:b2bi:CapabilityS3Location": { + "type": "object", + "properties": { + "bucketName": { + "type": "string" + }, + "key": { + "type": "string" + } + } + }, + "aws-native:b2bi:CapabilityTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Specifies the name assigned to the tag that you create." + }, + "value": { + "type": "string", + "description": "Contains one or more values that you assigned to the key name that you create." + } + } + }, + "aws-native:b2bi:CapabilityType": { + "type": "string" + }, + "aws-native:b2bi:CapabilityX12Details": { + "type": "object", + "properties": { + "transactionSet": { + "$ref": "#/types/aws-native:b2bi:CapabilityX12TransactionSet" + }, + "version": { + "$ref": "#/types/aws-native:b2bi:CapabilityX12Version" + } + } + }, + "aws-native:b2bi:CapabilityX12TransactionSet": { + "type": "string" + }, + "aws-native:b2bi:CapabilityX12Version": { + "type": "string" + }, + "aws-native:b2bi:PartnershipTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Specifies the name assigned to the tag that you create." + }, + "value": { + "type": "string", + "description": "Contains one or more values that you assigned to the key name that you create." + } + } + }, + "aws-native:b2bi:ProfileLogging": { + "type": "string" + }, + "aws-native:b2bi:ProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Specifies the name assigned to the tag that you create." + }, + "value": { + "type": "string", + "description": "Contains one or more values that you assigned to the key name that you create." + } + } + }, + "aws-native:b2bi:TransformerEdiType0Properties": { + "type": "object", + "properties": { + "x12Details": { + "$ref": "#/types/aws-native:b2bi:TransformerX12Details" + } + }, + "irreversibleNames": { + "x12Details": "X12Details" + } + }, + "aws-native:b2bi:TransformerEdiTypeProperties": { + "type": "object", + "properties": { + "x12Details": { + "$ref": "#/types/aws-native:b2bi:TransformerX12Details" + } + }, + "irreversibleNames": { + "x12Details": "X12Details" + } + }, + "aws-native:b2bi:TransformerFileFormat": { + "type": "string" + }, + "aws-native:b2bi:TransformerStatus": { + "type": "string" + }, + "aws-native:b2bi:TransformerTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Specifies the name assigned to the tag that you create." + }, + "value": { + "type": "string", + "description": "Contains one or more values that you assigned to the key name that you create." + } + } + }, + "aws-native:b2bi:TransformerX12Details": { + "type": "object", + "properties": { + "transactionSet": { + "$ref": "#/types/aws-native:b2bi:TransformerX12TransactionSet" + }, + "version": { + "$ref": "#/types/aws-native:b2bi:TransformerX12Version" + } + } + }, + "aws-native:b2bi:TransformerX12TransactionSet": { + "type": "string" + }, + "aws-native:b2bi:TransformerX12Version": { + "type": "string" + }, + "aws-native:backup:BackupPlanAdvancedBackupSettingResourceType": { + "type": "object", + "properties": { + "backupOptions": { + "$ref": "pulumi.json#/Any", + "description": "The backup option for the resource. Each option is a key-value pair. This option is only available for Windows VSS backup jobs.\n\nValid values:\n\nSet to `\"WindowsVSS\":\"enabled\"` to enable the `WindowsVSS` backup option and create a Windows VSS backup.\n\nSet to `\"WindowsVSS\":\"disabled\"` to create a regular backup. The `WindowsVSS` option is not enabled by default.\n\nIf you specify an invalid option, you get an `InvalidParameterValueException` exception.\n\nFor more information about Windows VSS backups, see [Creating a VSS-Enabled Windows Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/windows-backups.html) ." + }, + "resourceType": { + "type": "string", + "description": "The name of a resource type. The only supported resource type is EC2." + } + } + }, + "aws-native:backup:BackupPlanBackupRuleResourceType": { + "type": "object", + "properties": { + "completionWindowMinutes": { + "type": "number", + "description": "A value in minutes after a backup job is successfully started before it must be completed or it is canceled by AWS Backup ." + }, + "copyActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:BackupPlanCopyActionResourceType" + }, + "description": "An array of CopyAction objects, which contains the details of the copy operation." + }, + "enableContinuousBackup": { + "type": "boolean", + "description": "Enables continuous backup and point-in-time restores (PITR)." + }, + "lifecycle": { + "$ref": "#/types/aws-native:backup:BackupPlanLifecycleResourceType", + "description": "The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. AWS Backup transitions and expires backups automatically according to the lifecycle that you define." + }, + "recoveryPointTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags to assign to the resources." + }, + "ruleName": { + "type": "string", + "description": "A display name for a backup rule." + }, + "scheduleExpression": { + "type": "string", + "description": "A CRON expression specifying when AWS Backup initiates a backup job." + }, + "scheduleExpressionTimezone": { + "type": "string", + "description": "This is the timezone in which the schedule expression is set. By default, ScheduleExpressions are in UTC. You can modify this to a specified timezone." + }, + "startWindowMinutes": { + "type": "number", + "description": "An optional value that specifies a period of time in minutes after a backup is scheduled before a job is canceled if it doesn't start successfully.\n\nIf this value is included, it must be at least 60 minutes to avoid errors." + }, + "targetBackupVault": { + "type": "string", + "description": "The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created. They consist of letters, numbers, and hyphens." + } + } + }, + "aws-native:backup:BackupPlanCopyActionResourceType": { + "type": "object", + "properties": { + "destinationBackupVaultArn": { + "type": "string", + "description": "An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup. For example, `arn:aws:backup:us-east-1:123456789012:vault:aBackupVault.`" + }, + "lifecycle": { + "$ref": "#/types/aws-native:backup:BackupPlanLifecycleResourceType", + "description": "Defines when a protected resource is transitioned to cold storage and when it expires. AWS Backup transitions and expires backups automatically according to the lifecycle that you define. If you do not specify a lifecycle, AWS Backup applies the lifecycle policy of the source backup to the destination backup.\n\nBackups transitioned to cold storage must be stored in cold storage for a minimum of 90 days." + } + } + }, + "aws-native:backup:BackupPlanLifecycleResourceType": { + "type": "object", + "properties": { + "deleteAfterDays": { + "type": "number", + "description": "Specifies the number of days after creation that a recovery point is deleted. Must be greater than `MoveToColdStorageAfterDays` ." + }, + "moveToColdStorageAfterDays": { + "type": "number", + "description": "Specifies the number of days after creation that a recovery point is moved to cold storage." + }, + "optInToArchiveForSupportedResources": { + "type": "boolean", + "description": "If the value is true, your backup plan transitions supported resources to archive (cold) storage tier in accordance with your lifecycle settings." + } + } + }, + "aws-native:backup:BackupPlanResourceType": { + "type": "object", + "properties": { + "advancedBackupSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:BackupPlanAdvancedBackupSettingResourceType" + }, + "description": "A list of backup options for each resource type." + }, + "backupPlanName": { + "type": "string", + "description": "The display name of a backup plan." + }, + "backupPlanRule": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:BackupPlanBackupRuleResourceType" + }, + "description": "An array of `BackupRule` objects, each of which specifies a scheduled task that is used to back up a selection of resources." + } + } + }, + "aws-native:backup:BackupSelectionConditionParameter": { + "type": "object", + "properties": { + "conditionKey": { + "type": "string", + "description": "The key in a key-value pair. For example, in the tag `Department: Accounting` , `Department` is the key." + }, + "conditionValue": { + "type": "string", + "description": "The value in a key-value pair. For example, in the tag `Department: Accounting` , `Accounting` is the value." + } + } + }, + "aws-native:backup:BackupSelectionConditionResourceType": { + "type": "object", + "properties": { + "conditionKey": { + "type": "string", + "description": "The key in a key-value pair. For example, in `\"Department\": \"accounting\"` , `\"Department\"` is the key." + }, + "conditionType": { + "type": "string", + "description": "An operation, such as `STRINGEQUALS` , that is applied to a key-value pair used to filter resources in a selection." + }, + "conditionValue": { + "type": "string", + "description": "The value in a key-value pair. For example, in `\"Department\": \"accounting\"` , `\"accounting\"` is the value." + } + } + }, + "aws-native:backup:BackupSelectionResourceType": { + "type": "object", + "properties": { + "conditions": { + "$ref": "#/types/aws-native:backup:BackupSelectionResourceTypeConditionsProperties", + "description": "A list of conditions that you define to assign resources to your backup plans using tags. For example, `\"StringEquals\": { \"ConditionKey\": \"aws:ResourceTag/CreatedByCryo\", \"ConditionValue\": \"true\" },` . Condition operators are case sensitive.\n\n`Conditions` differs from `ListOfTags` as follows:\n\n- When you specify more than one condition, you only assign the resources that match ALL conditions (using AND logic).\n- `Conditions` supports `StringEquals` , `StringLike` , `StringNotEquals` , and `StringNotLike` . `ListOfTags` only supports `StringEquals` ." + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the IAM role that AWS Backup uses to authenticate when backing up the target resource; for example, `arn:aws:iam::123456789012:role/S3Access` ." + }, + "listOfTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:BackupSelectionConditionResourceType" + }, + "description": "A list of conditions that you define to assign resources to your backup plans using tags. For example, `\"StringEquals\": { \"ConditionKey\": \"aws:ResourceTag/CreatedByCryo\", \"ConditionValue\": \"true\" },` . Condition operators are case sensitive.\n\n`ListOfTags` differs from `Conditions` as follows:\n\n- When you specify more than one condition, you assign all resources that match AT LEAST ONE condition (using OR logic).\n- `ListOfTags` only supports `StringEquals` . `Conditions` supports `StringEquals` , `StringLike` , `StringNotEquals` , and `StringNotLike` ." + }, + "notResources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of Amazon Resource Names (ARNs) to exclude from a backup plan. The maximum number of ARNs is 500 without wildcards, or 30 ARNs with wildcards.\n\nIf you need to exclude many resources from a backup plan, consider a different resource selection strategy, such as assigning only one or a few resource types or refining your resource selection using tags." + }, + "resources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of strings that contain Amazon Resource Names (ARNs) of resources to assign to a backup plan." + }, + "selectionName": { + "type": "string", + "description": "The display name of a resource selection document." + } + } + }, + "aws-native:backup:BackupSelectionResourceTypeConditionsProperties": { + "type": "object", + "properties": { + "stringEquals": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:BackupSelectionConditionParameter" + } + }, + "stringLike": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:BackupSelectionConditionParameter" + } + }, + "stringNotEquals": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:BackupSelectionConditionParameter" + } + }, + "stringNotLike": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:BackupSelectionConditionParameter" + } + } + } + }, + "aws-native:backup:BackupVaultLockConfigurationType": { + "type": "object", + "properties": { + "changeableForDays": { + "type": "integer", + "description": "The AWS Backup Vault Lock configuration that specifies the number of days before the lock date. For example, setting `ChangeableForDays` to 30 on Jan. 1, 2022 at 8pm UTC will set the lock date to Jan. 31, 2022 at 8pm UTC.\n\nAWS Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set `ChangeableForDays` to 3 or greater.\n\nBefore the lock date, you can delete Vault Lock from the vault using `DeleteBackupVaultLockConfiguration` or change the Vault Lock configuration using `PutBackupVaultLockConfiguration` . On and after the lock date, the Vault Lock becomes immutable and cannot be changed or deleted.\n\nIf this parameter is not specified, you can delete Vault Lock from the vault using `DeleteBackupVaultLockConfiguration` or change the Vault Lock configuration using `PutBackupVaultLockConfiguration` at any time." + }, + "maxRetentionDays": { + "type": "integer", + "description": "The AWS Backup Vault Lock configuration that specifies the maximum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to destroy certain data after retaining it for four years (1460 days).\n\nIf this parameter is not included, Vault Lock does not enforce a maximum retention period on the recovery points in the vault. If this parameter is included without a value, Vault Lock will not enforce a maximum retention period.\n\nIf this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or shorter than the maximum retention period. If the job's retention period is longer than that maximum retention period, then the vault fails the backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected." + }, + "minRetentionDays": { + "type": "integer", + "description": "The AWS Backup Vault Lock configuration that specifies the minimum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to retain certain data for at least seven years (2555 days).\n\nIf this parameter is not specified, Vault Lock will not enforce a minimum retention period.\n\nIf this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or longer than the minimum retention period. If the job's retention period is shorter than that minimum retention period, then the vault fails that backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected." + } + } + }, + "aws-native:backup:BackupVaultNotificationObjectType": { + "type": "object", + "properties": { + "backupVaultEvents": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of events that indicate the status of jobs to back up resources to the backup vault. For valid events, see [BackupVaultEvents](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultNotifications.html#API_PutBackupVaultNotifications_RequestSyntax) in the *AWS Backup API Guide* ." + }, + "snsTopicArn": { + "type": "string", + "description": "An ARN that uniquely identifies an Amazon Simple Notification Service (Amazon SNS) topic; for example, `arn:aws:sns:us-west-2:111122223333:MyTopic` ." + } + }, + "irreversibleNames": { + "snsTopicArn": "SNSTopicArn" + } + }, + "aws-native:backup:FrameworkControl": { + "type": "object", + "properties": { + "controlInputParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:FrameworkControlInputParameter" + }, + "description": "A list of ParameterName and ParameterValue pairs." + }, + "controlName": { + "type": "string", + "description": "The name of a control. This name is between 1 and 256 characters." + }, + "controlScope": { + "$ref": "#/types/aws-native:backup:FrameworkControlControlScopeProperties", + "description": "The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans." + } + } + }, + "aws-native:backup:FrameworkControlControlScopeProperties": { + "type": "object", + "properties": { + "complianceResourceIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of the only AWS resource that you want your control scope to contain." + }, + "complianceResourceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Describes whether the control scope includes one or more types of resources, such as `EFS` or `RDS`." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:FrameworkTag" + }, + "description": "Describes whether the control scope includes resources with one or more tags. Each tag is a key-value pair." + } + } + }, + "aws-native:backup:FrameworkControlInputParameter": { + "type": "object", + "properties": { + "parameterName": { + "type": "string", + "description": "The name of a parameter, for example, `BackupPlanFrequency` ." + }, + "parameterValue": { + "type": "string", + "description": "The value of parameter, for example, `hourly` ." + } + } + }, + "aws-native:backup:FrameworkTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:backup:ReportDeliveryChannelProperties": { + "type": "object", + "properties": { + "formats": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the format of your reports: CSV, JSON, or both. If not specified, the default format is CSV." + }, + "s3BucketName": { + "type": "string", + "description": "The unique name of the S3 bucket that receives your reports." + }, + "s3KeyPrefix": { + "type": "string", + "description": "The prefix for where AWS Backup Audit Manager delivers your reports to Amazon S3. The prefix is this part of the following path: s3://your-bucket-name/prefix/Backup/us-west-2/year/month/day/report-name. If not specified, there is no prefix." + } + }, + "irreversibleNames": { + "s3BucketName": "S3BucketName", + "s3KeyPrefix": "S3KeyPrefix" + } + }, + "aws-native:backup:ReportPlanTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:backup:ReportSettingProperties": { + "type": "object", + "properties": { + "accounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of AWS accounts that a report covers." + }, + "frameworkArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the frameworks a report covers." + }, + "organizationUnits": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of AWS organization units that a report covers." + }, + "regions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of AWS regions that a report covers." + }, + "reportTemplate": { + "type": "string", + "description": "Identifies the report template for the report. Reports are built using a report template. The report templates are: `BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT`" + } + } + }, + "aws-native:backup:RestoreTestingPlanRestoreTestingRecoveryPointSelection": { + "type": "object", + "properties": { + "algorithm": { + "$ref": "#/types/aws-native:backup:RestoreTestingPlanRestoreTestingRecoveryPointSelectionAlgorithm", + "description": "Acceptable values include \"LATEST_WITHIN_WINDOW\" or \"RANDOM_WITHIN_WINDOW\"" + }, + "excludeVaults": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Accepted values include specific ARNs or list of selectors. Defaults to empty list if not listed." + }, + "includeVaults": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Accepted values include wildcard [\"*\"] or by specific ARNs or ARN wilcard replacement [\"arn:aws:backup:us-west-2:123456789012:backup-vault:asdf\", ...] [\"arn:aws:backup:*:*:backup-vault:asdf-*\", ...]" + }, + "recoveryPointTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:RestoreTestingPlanRestoreTestingRecoveryPointType" + }, + "description": "These are the types of recovery points.\n\nInclude `SNAPSHOT` to restore only snapshot recovery points; include `CONTINUOUS` to restore continuous recovery points (point in time restore / PITR); use both to restore either a snapshot or a continuous recovery point. The recovery point will be determined by the value for `Algorithm` ." + }, + "selectionWindowDays": { + "type": "integer", + "description": "Accepted values are integers from 1 to 365." + } + } + }, + "aws-native:backup:RestoreTestingPlanRestoreTestingRecoveryPointSelectionAlgorithm": { + "type": "string" + }, + "aws-native:backup:RestoreTestingPlanRestoreTestingRecoveryPointType": { + "type": "string" + }, + "aws-native:backup:RestoreTestingPlanTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:backup:RestoreTestingSelectionKeyValue": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:backup:RestoreTestingSelectionProtectedResourceConditions": { + "type": "object", + "properties": { + "stringEquals": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:RestoreTestingSelectionKeyValue" + }, + "description": "Filters the values of your tagged resources for only those resources that you tagged with the same value. Also called \"exact matching.\"" + }, + "stringNotEquals": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:backup:RestoreTestingSelectionKeyValue" + }, + "description": "Filters the values of your tagged resources for only those resources that you tagged that do not have the same value. Also called \"negated matching.\"" + } + } + }, + "aws-native:backupgateway:HypervisorTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key part of a tag's key-value pair. The key can't start with `aws:` ." + }, + "value": { + "type": "string", + "description": "The value part of a tag's key-value pair." + } + } + }, + "aws-native:batch:ComputeEnvironmentComputeResources": { + "type": "object", + "properties": { + "allocationStrategy": { + "type": "string", + "description": "The allocation strategy to use for the compute resource if not enough instances of the best fitting instance type can be allocated. This might be because of availability of the instance type in the Region or [Amazon EC2 service limits](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html) . For more information, see [Allocation strategies](https://docs.aws.amazon.com/batch/latest/userguide/allocation-strategies.html) in the *AWS Batch User Guide* .\n\nWhen updating a compute environment, changing the allocation strategy requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . `BEST_FIT` is not supported when updating a compute environment.\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources, and shouldn't be specified. \n\n- **BEST_FIT (default)** - AWS Batch selects an instance type that best fits the needs of the jobs with a preference for the lowest-cost instance type. If additional instances of the selected instance type aren't available, AWS Batch waits for the additional instances to be available. If there aren't enough instances available, or if the user is reaching [Amazon EC2 service limits](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html) then additional jobs aren't run until the currently running jobs have completed. This allocation strategy keeps costs lower but can limit scaling. If you are using Spot Fleets with `BEST_FIT` then the Spot Fleet IAM role must be specified.\n- **BEST_FIT_PROGRESSIVE** - AWS Batch will select additional instance types that are large enough to meet the requirements of the jobs in the queue, with a preference for instance types with a lower cost per unit vCPU. If additional instances of the previously selected instance types aren't available, AWS Batch will select new instance types.\n- **SPOT_CAPACITY_OPTIMIZED** - AWS Batch will select one or more instance types that are large enough to meet the requirements of the jobs in the queue, with a preference for instance types that are less likely to be interrupted. This allocation strategy is only available for Spot Instance compute resources.\n- **SPOT_PRICE_CAPACITY_OPTIMIZED** - The price and capacity optimized allocation strategy looks at both price and capacity to select the Spot Instance pools that are the least likely to be interrupted and have the lowest possible price. This allocation strategy is only available for Spot Instance compute resources.\n\n\u003e We recommend that you use `SPOT_PRICE_CAPACITY_OPTIMIZED` rather than `SPOT_CAPACITY_OPTIMIZED` in most instances.\n\nWith `BEST_FIT_PROGRESSIVE` , `SPOT_CAPACITY_OPTIMIZED` , and `SPOT_PRICE_CAPACITY_OPTIMIZED` allocation strategies using On-Demand or Spot Instances, and the `BEST_FIT` strategy using Spot Instances, AWS Batch might need to go above `maxvCpus` to meet your capacity requirements. In this event, AWS Batch never exceeds `maxvCpus` by more than a single instance." + }, + "bidPercentage": { + "type": "integer", + "description": "The maximum percentage that a Spot Instance price can be when compared with the On-Demand price for that instance type before instances are launched. For example, if your maximum percentage is 20%, the Spot price must be less than 20% of the current On-Demand price for that Amazon EC2 instance. You always pay the lowest (market) price and never more than your maximum percentage. For most use cases, we recommend leaving this field empty.\n\nWhen updating a compute environment, changing the bid percentage requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it." + }, + "desiredvCpus": { + "type": "integer", + "description": "The desired number of vCPUS in the compute environment. AWS Batch modifies this value between the minimum and maximum values based on job queue demand.\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. \u003e AWS Batch doesn't support changing the desired number of vCPUs of an existing compute environment. Don't specify this parameter for compute environments using Amazon EKS clusters. \u003e When you update the `desiredvCpus` setting, the value must be between the `minvCpus` and `maxvCpus` values.\n\u003e \n\u003e Additionally, the updated `desiredvCpus` value must be greater than or equal to the current `desiredvCpus` value. For more information, see [Troubleshooting AWS Batch](https://docs.aws.amazon.com/batch/latest/userguide/troubleshooting.html#error-desired-vcpus-update) in the *AWS Batch User Guide* ." + }, + "ec2Configuration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:ComputeEnvironmentEc2ConfigurationObject" + }, + "description": "Provides information used to select Amazon Machine Images (AMIs) for Amazon EC2 instances in the compute environment. If `Ec2Configuration` isn't specified, the default is `ECS_AL2` .\n\nWhen updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . To remove the Amazon EC2 configuration and any custom AMI ID specified in `imageIdOverride` , set this value to an empty string.\n\nOne or two values can be provided.\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it." + }, + "ec2KeyPair": { + "type": "string", + "description": "The Amazon EC2 key pair that's used for instances launched in the compute environment. You can use this key pair to log in to your instances with SSH. To remove the Amazon EC2 key pair, set this value to an empty string.\n\nWhen updating a compute environment, changing the Amazon EC2 key pair requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it." + }, + "imageId": { + "type": "string", + "description": "The Amazon Machine Image (AMI) ID used for instances launched in the compute environment. This parameter is overridden by the `imageIdOverride` member of the `Ec2Configuration` structure. To remove the custom AMI ID and use the default AMI ID, set this value to an empty string.\n\nWhen updating a compute environment, changing the AMI ID requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. \u003e The AMI that you choose for a compute environment must match the architecture of the instance types that you intend to use for that compute environment. For example, if your compute environment uses A1 instance types, the compute resource AMI that you choose must support ARM instances. Amazon ECS vends both x86 and ARM versions of the Amazon ECS-optimized Amazon Linux 2 AMI. For more information, see [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#ecs-optimized-ami-linux-variants.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "instanceRole": { + "type": "string", + "description": "The Amazon ECS instance profile applied to Amazon EC2 instances in a compute environment. Required for Amazon EC2 instances. You can specify the short name or full Amazon Resource Name (ARN) of an instance profile. For example, `*ecsInstanceRole*` or `arn:aws:iam:: *\u003caws_account_id\u003e* :instance-profile/ *ecsInstanceRole*` . For more information, see [Amazon ECS instance role](https://docs.aws.amazon.com/batch/latest/userguide/instance_IAM_role.html) in the *AWS Batch User Guide* .\n\nWhen updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it." + }, + "instanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instances types that can be launched. You can specify instance families to launch any instance type within those families (for example, `c5` or `p3` ), or you can specify specific sizes within a family (such as `c5.8xlarge` ). You can also choose `optimal` to select instance types (from the C4, M4, and R4 instance families) that match the demand of your job queues.\n\nWhen updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. \u003e When you create a compute environment, the instance types that you select for the compute environment must share the same architecture. For example, you can't mix x86 and ARM instances in the same compute environment. \u003e Currently, `optimal` uses instance types from the C4, M4, and R4 instance families. In Regions that don't have instance types from those instance families, instance types from the C5, M5, and R5 instance families are used." + }, + "launchTemplate": { + "$ref": "#/types/aws-native:batch:ComputeEnvironmentLaunchTemplateSpecification", + "description": "The launch template to use for your compute resources. Any other compute resource parameters that you specify in a [CreateComputeEnvironment](https://docs.aws.amazon.com/batch/latest/APIReference/API_CreateComputeEnvironment.html) API operation override the same parameters in the launch template. You must specify either the launch template ID or launch template name in the request, but not both. For more information, see [Launch Template Support](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html) in the ** . Removing the launch template from a compute environment will not remove the AMI specified in the launch template. In order to update the AMI specified in a launch template, the `updateToLatestImageVersion` parameter must be set to `true` .\n\nWhen updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the ** .\n\n\u003e This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified." + }, + "maxvCpus": { + "type": "integer", + "description": "The maximum number of Amazon EC2 vCPUs that an environment can reach.\n\n\u003e With `BEST_FIT_PROGRESSIVE` , `SPOT_CAPACITY_OPTIMIZED` and `SPOT_PRICE_CAPACITY_OPTIMIZED` (recommended) strategies using On-Demand or Spot Instances, and the `BEST_FIT` strategy using Spot Instances, AWS Batch might need to exceed `maxvCpus` to meet your capacity requirements. In this event, AWS Batch never exceeds `maxvCpus` by more than a single instance." + }, + "minvCpus": { + "type": "integer", + "description": "The minimum number of vCPUs that an environment should maintain (even if the compute environment is `DISABLED` ).\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it." + }, + "placementGroup": { + "type": "string", + "description": "The Amazon EC2 placement group to associate with your compute resources. If you intend to submit multi-node parallel jobs to your compute environment, you should consider creating a cluster placement group and associate it with your compute resources. This keeps your multi-node parallel job on a logical grouping of instances within a single Availability Zone with high network flow potential. For more information, see [Placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\nWhen updating a compute environment, changing the placement group requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon EC2 security groups that are associated with instances launched in the compute environment. This parameter is required for Fargate compute resources, where it can contain up to 5 security groups. For Fargate compute resources, providing an empty list is handled as if this parameter wasn't specified and no change is made. For Amazon EC2 compute resources, providing an empty list removes the security groups from the compute resource.\n\nWhen updating a compute environment, changing the Amazon EC2 security groups requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* ." + }, + "spotIamFleetRole": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a `SPOT` compute environment. This role is required if the allocation strategy set to `BEST_FIT` or if the allocation strategy isn't specified. For more information, see [Amazon EC2 spot fleet role](https://docs.aws.amazon.com/batch/latest/userguide/spot_fleet_IAM_role.html) in the *AWS Batch User Guide* .\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. \u003e To tag your Spot Instances on creation, the Spot Fleet IAM role specified here must use the newer *AmazonEC2SpotFleetTaggingRole* managed policy. The previously recommended *AmazonEC2SpotFleetRole* managed policy doesn't have the required permissions to tag Spot Instances. For more information, see [Spot instances not tagged on creation](https://docs.aws.amazon.com/batch/latest/userguide/troubleshooting.html#spot-instance-no-tag) in the *AWS Batch User Guide* .", + "replaceOnChanges": true + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The VPC subnets where the compute resources are launched. Fargate compute resources can contain up to 16 subnets. For Fargate compute resources, providing an empty list will be handled as if this parameter wasn't specified and no change is made. For Amazon EC2 compute resources, providing an empty list removes the VPC subnets from the compute resource. For more information, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nWhen updating a compute environment, changing the VPC subnets requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n\u003e AWS Batch on Amazon EC2 and AWS Batch on Amazon EKS support Local Zones. For more information, see [Local Zones](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-local-zones) in the *Amazon EC2 User Guide for Linux Instances* , [Amazon EKS and AWS Local Zones](https://docs.aws.amazon.com/eks/latest/userguide/local-zones.html) in the *Amazon EKS User Guide* and [Amazon ECS clusters in Local Zones, Wavelength Zones, and AWS Outposts](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-regions-zones.html#clusters-local-zones) in the *Amazon ECS Developer Guide* .\n\u003e \n\u003e AWS Batch on Fargate doesn't currently support Local Zones." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to associate with a resource." + }, + "type": { + "type": "string", + "description": "The type of compute environment: `EC2` , `SPOT` , `FARGATE` , or `FARGATE_SPOT` . For more information, see [Compute environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the *AWS Batch User Guide* .\n\nIf you choose `SPOT` , you must also specify an Amazon EC2 Spot Fleet role with the `spotIamFleetRole` parameter. For more information, see [Amazon EC2 spot fleet role](https://docs.aws.amazon.com/batch/latest/userguide/spot_fleet_IAM_role.html) in the *AWS Batch User Guide* .\n\nWhen updating compute environment, changing the type of a compute environment requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\nWhen updating the type of a compute environment, changing between `EC2` and `SPOT` or between `FARGATE` and `FARGATE_SPOT` will initiate an infrastructure update, but if you switch between `EC2` and `FARGATE` , AWS CloudFormation will create a new compute environment." + }, + "updateToLatestImageVersion": { + "type": "boolean", + "description": "Specifies whether the AMI ID is updated to the latest one that's supported by AWS Batch when the compute environment has an infrastructure update. The default value is `false` .\n\n\u003e An AMI ID can either be specified in the `imageId` or `imageIdOverride` parameters or be determined by the launch template that's specified in the `launchTemplate` parameter. If an AMI ID is specified any of these ways, this parameter is ignored. For more information about to update AMI IDs during an infrastructure update, see [Updating the AMI ID](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html#updating-compute-environments-ami) in the *AWS Batch User Guide* . \n\nWhen updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* ." + } + } + }, + "aws-native:batch:ComputeEnvironmentEc2ConfigurationObject": { + "type": "object", + "properties": { + "imageIdOverride": { + "type": "string", + "description": "The AMI ID used for instances launched in the compute environment that match the image type. This setting overrides the `imageId` set in the `computeResource` object.\n\n\u003e The AMI that you choose for a compute environment must match the architecture of the instance types that you intend to use for that compute environment. For example, if your compute environment uses A1 instance types, the compute resource AMI that you choose must support ARM instances. Amazon ECS vends both x86 and ARM versions of the Amazon ECS-optimized Amazon Linux 2 AMI. For more information, see [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#ecs-optimized-ami-linux-variants.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "imageKubernetesVersion": { + "type": "string", + "description": "The Kubernetes version for the compute environment. If you don't specify a value, the latest version that AWS Batch supports is used." + }, + "imageType": { + "type": "string", + "description": "The image type to match with the instance type to select an AMI. The supported values are different for `ECS` and `EKS` resources.\n\n- **ECS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) ( `ECS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon ECS optimized AMI for that image type that's supported by AWS Batch is used.\n\n- **ECS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) : Default for all non-GPU instance families.\n- **ECS_AL2_NVIDIA** - [Amazon Linux 2 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : Default for all GPU instance families (for example `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.\n- **ECS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) : AWS Batch supports Amazon Linux 2023.\n\n\u003e Amazon Linux 2023 does not support `A1` instances.\n- **ECS_AL1** - [Amazon Linux](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#alami) . Amazon Linux has reached the end-of-life of standard support. For more information, see [Amazon Linux AMI](https://docs.aws.amazon.com/amazon-linux-ami/) .\n- **EKS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon EKS-optimized Amazon Linux AMI](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) ( `EKS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon EKS optimized AMI for that image type that AWS Batch supports is used.\n\n- **EKS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all non-GPU instance families.\n- **EKS_AL2_NVIDIA** - [Amazon Linux 2 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all GPU instance families (for example, `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types." + } + } + }, + "aws-native:batch:ComputeEnvironmentEksConfiguration": { + "type": "object", + "properties": { + "eksClusterArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon EKS cluster. An example is `arn: *aws* :eks: *us-east-1* : *123456789012* :cluster/ *ClusterForBatch*` ." + }, + "kubernetesNamespace": { + "type": "string", + "description": "The namespace of the Amazon EKS cluster. AWS Batch manages pods in this namespace. The value can't left empty or null. It must be fewer than 64 characters long, can't be set to `default` , can't start with \" `kube-` ,\" and must match this regular expression: `^[a-z0-9]([-a-z0-9]*[a-z0-9])?$` . For more information, see [Namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) in the Kubernetes documentation." + } + } + }, + "aws-native:batch:ComputeEnvironmentLaunchTemplateSpecification": { + "type": "object", + "properties": { + "launchTemplateId": { + "type": "string", + "description": "The ID of the launch template." + }, + "launchTemplateName": { + "type": "string", + "description": "The name of the launch template." + }, + "version": { + "type": "string", + "description": "The version number of the launch template, `$Latest` , or `$Default` .\n\nIf the value is `$Latest` , the latest version of the launch template is used. If the value is `$Default` , the default version of the launch template is used.\n\n\u003e If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Latest` or `$Default` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default` ." + } + } + }, + "aws-native:batch:ComputeEnvironmentUpdatePolicy": { + "type": "object", + "properties": { + "jobExecutionTimeoutMinutes": { + "type": "integer", + "description": "Specifies the job timeout (in minutes) when the compute environment infrastructure is updated. The default value is 30." + }, + "terminateJobsOnUpdate": { + "type": "boolean", + "description": "Specifies whether jobs are automatically terminated when the computer environment infrastructure is updated. The default value is `false` ." + } + } + }, + "aws-native:batch:JobDefinitionAuthorizationConfig": { + "type": "object", + "properties": { + "accessPointId": { + "type": "string", + "description": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which enforces the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* ." + }, + "iam": { + "type": "string", + "description": "Whether or not to use the AWS Batch job IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/batch/latest/userguide/efs-volumes.html#efs-volume-accesspoints) in the *AWS Batch User Guide* . EFS IAM authorization requires that `TransitEncryption` be `ENABLED` and that a `JobRoleArn` is specified." + } + } + }, + "aws-native:batch:JobDefinitionContainerProperties": { + "type": "object", + "properties": { + "command": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . For more information, see [https://docs.docker.com/engine/reference/builder/#cmd](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) ." + }, + "environment": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionEnvironment" + }, + "description": "The environment variables to pass to a container. This parameter maps to `Env` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--env` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n\u003e We don't recommend using plaintext environment variables for sensitive information, such as credential data. \u003e Environment variables cannot start with \" `AWS_BATCH` \". This naming convention is reserved for variables that AWS Batch sets." + }, + "ephemeralStorage": { + "$ref": "#/types/aws-native:batch:JobDefinitionEphemeralStorage", + "description": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate ." + }, + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* ." + }, + "fargatePlatformConfiguration": { + "$ref": "#/types/aws-native:batch:JobDefinitionFargatePlatformConfiguration", + "description": "The platform configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter." + }, + "image": { + "type": "string", + "description": "Required. The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `*repository-url* / *image* : *tag*` . It can be 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `IMAGE` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n\u003e Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources. \n\n- Images in Amazon ECR Public repositories use the full `registry/repository[:tag]` or `registry/repository[@digest]` naming conventions. For example, `public.ecr.aws/ *registry_alias* / *my-web-app* : *latest*` .\n- Images in Amazon ECR repositories use the full registry and repository URI (for example, `123456789012.dkr.ecr.\u003cregion-name\u003e.amazonaws.com/\u003crepository-name\u003e` ).\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` )." + }, + "instanceType": { + "type": "string", + "description": "The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type.\n\n\u003e This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided." + }, + "jobRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "linuxParameters": { + "$ref": "#/types/aws-native:batch:JobDefinitionLinuxParameters", + "description": "Linux-specific modifications that are applied to the container, such as details for device mappings." + }, + "logConfiguration": { + "$ref": "#/types/aws-native:batch:JobDefinitionLogConfiguration", + "description": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n\u003e AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-containerproperties-logconfiguration.html) data type). \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`\n\n\u003e The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "memory": { + "type": "integer", + "description": "This parameter is deprecated, use `resourceRequirements` to specify the memory requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs that run on Amazon EC2 resources, it specifies the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it's terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once." + }, + "mountPoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionMountPoints" + }, + "description": "The mount points for data volumes in your container. This parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--volume` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) ." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:batch:JobDefinitionNetworkConfiguration", + "description": "The network configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter." + }, + "privileged": { + "type": "boolean", + "description": "When this parameter is true, the container is given elevated permissions on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The default value is false.\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided, or specified as false." + }, + "readonlyRootFilesystem": { + "type": "boolean", + "description": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--read-only` option to `docker run` ." + }, + "repositoryCredentials": { + "$ref": "#/types/aws-native:batch:JobDefinitionRepositoryCredentials", + "description": "The private repository authentication credentials to use." + }, + "resourceRequirements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionResourceRequirement" + }, + "description": "The type and amount of resources to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` ." + }, + "runtimePlatform": { + "$ref": "#/types/aws-native:batch:JobDefinitionRuntimePlatform", + "description": "An object that represents the compute environment architecture for AWS Batch jobs on Fargate." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionSecret" + }, + "description": "The secrets for the container. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the *AWS Batch User Guide* ." + }, + "ulimits": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionUlimit" + }, + "description": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided." + }, + "user": { + "type": "string", + "description": "The user name to use inside the container. This parameter maps to `User` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--user` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) ." + }, + "vcpus": { + "type": "integer", + "description": "This parameter is deprecated, use `resourceRequirements` to specify the vCPU requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs running on Amazon EC2 resources, it specifies the number of vCPUs reserved for the job.\n\nEach vCPU is equivalent to 1,024 CPU shares. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The number of vCPUs must be specified but can be specified in several places. You must specify it at least once for each node." + }, + "volumes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionVolumes" + }, + "description": "A list of data volumes used in a job." + } + } + }, + "aws-native:batch:JobDefinitionDevice": { + "type": "object", + "properties": { + "containerPath": { + "type": "string", + "description": "The path inside the container that's used to expose the host device. By default, the `hostPath` value is used." + }, + "hostPath": { + "type": "string", + "description": "The path for the device on the host container instance." + }, + "permissions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device." + } + } + }, + "aws-native:batch:JobDefinitionEcsProperties": { + "type": "object", + "properties": { + "taskProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionEcsTaskProperties" + }, + "description": "An object that contains the properties for the Amazon ECS task definition of a job.\n\n\u003e This object is currently limited to one element." + } + } + }, + "aws-native:batch:JobDefinitionEcsTaskProperties": { + "type": "object", + "properties": { + "containers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionTaskContainerProperties" + }, + "description": "This object is a list of containers." + }, + "ephemeralStorage": { + "$ref": "#/types/aws-native:batch:JobDefinitionEphemeralStorage", + "description": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate ." + }, + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* ." + }, + "ipcMode": { + "type": "string", + "description": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` .\n\nIf `host` is specified, all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified `task` share the same IPC resources.\n\nIf `none` is specified, the IPC resources within the containers of a task are private, and are not shared with other containers in a task or on the container instance.\n\nIf no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the Docker run reference." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:batch:JobDefinitionNetworkConfiguration", + "description": "The network configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter." + }, + "pidMode": { + "type": "string", + "description": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the Docker run reference." + }, + "platformVersion": { + "type": "string", + "description": "The Fargate platform version where the jobs are running. A platform version is specified only for jobs that are running on Fargate resources. If one isn't specified, the `LATEST` platform version is used by default. This uses a recent, approved version of the Fargate platform for compute resources. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "runtimePlatform": { + "$ref": "#/types/aws-native:batch:JobDefinitionRuntimePlatform", + "description": "An object that represents the compute environment architecture for AWS Batch jobs on Fargate." + }, + "taskRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that's associated with the Amazon ECS task.\n\n\u003e This is object is comparable to [ContainerProperties:jobRoleArn](https://docs.aws.amazon.com/batch/latest/APIReference/API_ContainerProperties.html) ." + }, + "volumes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionVolumes" + }, + "description": "A list of volumes that are associated with the job." + } + } + }, + "aws-native:batch:JobDefinitionEfsVolumeConfiguration": { + "type": "object", + "properties": { + "authorizationConfig": { + "$ref": "#/types/aws-native:batch:JobDefinitionAuthorizationConfig", + "description": "The authorization configuration details for the Amazon EFS file system." + }, + "fileSystemId": { + "type": "string", + "description": "The Amazon EFS file system ID to use." + }, + "rootDirectory": { + "type": "string", + "description": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume is used instead. Specifying `/` has the same effect as omitting this parameter. The maximum length is 4,096 characters.\n\n\u003e If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` , which enforces the path set on the Amazon EFS access point." + }, + "transitEncryption": { + "type": "string", + "description": "Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* ." + }, + "transitEncryptionPort": { + "type": "integer", + "description": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you don't specify a transit encryption port, it uses the port selection strategy that the Amazon EFS mount helper uses. The value must be between 0 and 65,535. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* ." + } + } + }, + "aws-native:batch:JobDefinitionEksContainer": { + "type": "object", + "properties": { + "args": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of arguments to the entrypoint. If this isn't specified, the `CMD` of the container image is used. This corresponds to the `args` member in the [Entrypoint](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#entrypoint) portion of the [Pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/) in Kubernetes. Environment variable references are expanded using the container's environment.\n\nIf the referenced environment variable doesn't exist, the reference in the command isn't changed. For example, if the reference is to \" `$(NAME1)` \" and the `NAME1` environment variable doesn't exist, the command string will remain \" `$(NAME1)` .\" `$$` is replaced with `$` , and the resulting string isn't expanded. For example, `$$(VAR_NAME)` is passed as `$(VAR_NAME)` whether or not the `VAR_NAME` environment variable exists. For more information, see [Dockerfile reference: CMD](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) and [Define a command and arguments for a pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/) in the *Kubernetes documentation* ." + }, + "command": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The entrypoint for the container. This isn't run within a shell. If this isn't specified, the `ENTRYPOINT` of the container image is used. Environment variable references are expanded using the container's environment.\n\nIf the referenced environment variable doesn't exist, the reference in the command isn't changed. For example, if the reference is to \" `$(NAME1)` \" and the `NAME1` environment variable doesn't exist, the command string will remain \" `$(NAME1)` .\" `$$` is replaced with `$` and the resulting string isn't expanded. For example, `$$(VAR_NAME)` will be passed as `$(VAR_NAME)` whether or not the `VAR_NAME` environment variable exists. The entrypoint can't be updated. For more information, see [ENTRYPOINT](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#entrypoint) in the *Dockerfile reference* and [Define a command and arguments for a container](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/) and [Entrypoint](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#entrypoint) in the *Kubernetes documentation* ." + }, + "env": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksContainerEnvironmentVariable" + }, + "description": "The environment variables to pass to a container.\n\n\u003e Environment variables cannot start with \" `AWS_BATCH` \". This naming convention is reserved for variables that AWS Batch sets." + }, + "image": { + "type": "string", + "description": "The Docker image used to start the container." + }, + "imagePullPolicy": { + "type": "string", + "description": "The image pull policy for the container. Supported values are `Always` , `IfNotPresent` , and `Never` . This parameter defaults to `IfNotPresent` . However, if the `:latest` tag is specified, it defaults to `Always` . For more information, see [Updating images](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/containers/images/#updating-images) in the *Kubernetes documentation* ." + }, + "name": { + "type": "string", + "description": "The name of the container. If the name isn't specified, the default name \" `Default` \" is used. Each container in a pod must have a unique name." + }, + "resources": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksContainerResourceRequirements", + "description": "The type and amount of resources to assign to a container. The supported resources include `memory` , `cpu` , and `nvidia.com/gpu` . For more information, see [Resource management for pods and containers](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) in the *Kubernetes documentation* ." + }, + "securityContext": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksContainerSecurityContext", + "description": "The security context for a job. For more information, see [Configure a security context for a pod or container](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) in the *Kubernetes documentation* ." + }, + "volumeMounts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksContainerVolumeMount" + }, + "description": "The volume mounts for the container. AWS Batch supports `emptyDir` , `hostPath` , and `secret` volume types. For more information about volumes and volume mounts in Kubernetes, see [Volumes](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/) in the *Kubernetes documentation* ." + } + } + }, + "aws-native:batch:JobDefinitionEksContainerEnvironmentVariable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the environment variable." + }, + "value": { + "type": "string", + "description": "The value of the environment variable." + } + } + }, + "aws-native:batch:JobDefinitionEksContainerResourceRequirements": { + "type": "object", + "properties": { + "limits": { + "$ref": "pulumi.json#/Any", + "description": "The type and quantity of the resources to reserve for the container. The values vary based on the `name` that's specified. Resources can be requested using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n\u003e To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using. To learn how, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that's reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both places, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that's reserved for the container. Values must be a whole integer. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` ." + }, + "requests": { + "$ref": "pulumi.json#/Any", + "description": "The type and quantity of the resources to request for the container. The values vary based on the `name` that's specified. Resources can be requested by using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n\u003e If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that are reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that are reserved for the container. Values must be a whole integer. `nvidia.com/gpu` can be specified in `limits` , `requests` , or both. If `nvidia.com/gpu` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` ." + } + } + }, + "aws-native:batch:JobDefinitionEksContainerSecurityContext": { + "type": "object", + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean", + "description": "Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is `false` ." + }, + "privileged": { + "type": "boolean", + "description": "When this parameter is `true` , the container is given elevated permissions on the host container instance. The level of permissions are similar to the `root` user permissions. The default value is `false` . This parameter maps to `privileged` policy in the [Privileged pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#privileged) in the *Kubernetes documentation* ." + }, + "readOnlyRootFilesystem": { + "type": "boolean", + "description": "When this parameter is `true` , the container is given read-only access to its root file system. The default value is `false` . This parameter maps to `ReadOnlyRootFilesystem` policy in the [Volumes and file systems pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#volumes-and-file-systems) in the *Kubernetes documentation* ." + }, + "runAsGroup": { + "type": "integer", + "description": "When this parameter is specified, the container is run as the specified group ID ( `gid` ). If this parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps to `RunAsGroup` and `MustRunAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* ." + }, + "runAsNonRoot": { + "type": "boolean", + "description": "When this parameter is specified, the container is run as a user with a `uid` other than 0. If this parameter isn't specified, so such rule is enforced. This parameter maps to `RunAsUser` and `MustRunAsNonRoot` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* ." + }, + "runAsUser": { + "type": "integer", + "description": "When this parameter is specified, the container is run as the specified user ID ( `uid` ). If this parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps to `RunAsUser` and `MustRanAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* ." + } + } + }, + "aws-native:batch:JobDefinitionEksContainerVolumeMount": { + "type": "object", + "properties": { + "mountPath": { + "type": "string", + "description": "The path on the container where the volume is mounted." + }, + "name": { + "type": "string", + "description": "The name the volume mount. This must match the name of one of the volumes in the pod." + }, + "readOnly": { + "type": "boolean", + "description": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` ." + } + } + }, + "aws-native:batch:JobDefinitionEksEmptyDir": { + "type": "object", + "properties": { + "medium": { + "type": "string", + "description": "The medium to store the volume. The default value is an empty string, which uses the storage of the node.\n\n- **\"\"** - *(Default)* Use the disk storage of the node.\n- **\"Memory\"** - Use the `tmpfs` volume that's backed by the RAM of the node. Contents of the volume are lost when the node reboots, and any storage on the volume counts against the container's memory limit." + }, + "sizeLimit": { + "type": "string", + "description": "The maximum size of the volume. By default, there's no maximum size defined." + } + } + }, + "aws-native:batch:JobDefinitionEksHostPath": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "The path of the file or directory on the host to mount into containers on the pod." + } + } + }, + "aws-native:batch:JobDefinitionEksProperties": { + "type": "object", + "properties": { + "podProperties": { + "$ref": "#/types/aws-native:batch:JobDefinitionPodProperties", + "description": "The properties for the Kubernetes pod resources of a job." + } + } + }, + "aws-native:batch:JobDefinitionEksSecret": { + "type": "object", + "properties": { + "optional": { + "type": "boolean", + "description": "Specifies whether the secret or the secret's keys must be defined." + }, + "secretName": { + "type": "string", + "description": "The name of the secret. The name must be allowed as a DNS subdomain name. For more information, see [DNS subdomain names](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) in the *Kubernetes documentation* ." + } + } + }, + "aws-native:batch:JobDefinitionEksVolume": { + "type": "object", + "properties": { + "emptyDir": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksEmptyDir", + "description": "Specifies the configuration of a Kubernetes `emptyDir` volume. For more information, see [emptyDir](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) in the *Kubernetes documentation* ." + }, + "hostPath": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksHostPath", + "description": "Specifies the configuration of a Kubernetes `hostPath` volume. For more information, see [hostPath](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) in the *Kubernetes documentation* ." + }, + "name": { + "type": "string", + "description": "The name of the volume. The name must be allowed as a DNS subdomain name. For more information, see [DNS subdomain names](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) in the *Kubernetes documentation* ." + }, + "secret": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksSecret", + "description": "Specifies the configuration of a Kubernetes `secret` volume. For more information, see [secret](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#secret) in the *Kubernetes documentation* ." + } + } + }, + "aws-native:batch:JobDefinitionEnvironment": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the environment variable." + }, + "value": { + "type": "string", + "description": "The value of the environment variable." + } + } + }, + "aws-native:batch:JobDefinitionEphemeralStorage": { + "type": "object", + "properties": { + "sizeInGiB": { + "type": "integer", + "description": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB." + } + } + }, + "aws-native:batch:JobDefinitionEvaluateOnExit": { + "type": "object", + "properties": { + "action": { + "type": "string", + "description": "Specifies the action to take if all of the specified conditions ( `onStatusReason` , `onReason` , and `onExitCode` ) are met. The values aren't case sensitive." + }, + "onExitCode": { + "type": "string", + "description": "Contains a glob pattern to match against the decimal representation of the `ExitCode` returned for a job. The pattern can be up to 512 characters long. It can contain only numbers, and can end with an asterisk (*) so that only the start of the string needs to be an exact match.\n\nThe string can contain up to 512 characters." + }, + "onReason": { + "type": "string", + "description": "Contains a glob pattern to match against the `Reason` returned for a job. The pattern can contain up to 512 characters. It can contain letters, numbers, periods (.), colons (:), and white space (including spaces and tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match." + }, + "onStatusReason": { + "type": "string", + "description": "Contains a glob pattern to match against the `StatusReason` returned for a job. The pattern can contain up to 512 characters. It can contain letters, numbers, periods (.), colons (:), and white spaces (including spaces or tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match." + } + } + }, + "aws-native:batch:JobDefinitionFargatePlatformConfiguration": { + "type": "object", + "properties": { + "platformVersion": { + "type": "string", + "description": "The AWS Fargate platform version where the jobs are running. A platform version is specified only for jobs that are running on Fargate resources. If one isn't specified, the `LATEST` platform version is used by default. This uses a recent, approved version of the AWS Fargate platform for compute resources. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* ." + } + } + }, + "aws-native:batch:JobDefinitionImagePullSecret": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Provides a unique identifier for the `ImagePullSecret` . This object is required when `EksPodProperties$imagePullSecrets` is used." + } + } + }, + "aws-native:batch:JobDefinitionLinuxParameters": { + "type": "object", + "properties": { + "devices": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionDevice" + }, + "description": "Any of the host devices to expose to the container. This parameter maps to `Devices` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--device` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs." + }, + "initProcessEnabled": { + "type": "boolean", + "description": "If true, run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`" + }, + "maxSwap": { + "type": "integer", + "description": "The total amount of swap memory (in MiB) a container can use. This parameter is translated to the `--memory-swap` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) where the value is the sum of the container memory plus the `maxSwap` value. For more information, see [`--memory-swap` details](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/resource_constraints/#--memory-swap-details) in the Docker documentation.\n\nIf a `maxSwap` value of `0` is specified, the container doesn't use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container doesn't use the swap configuration for the container instance that it's running on. A `maxSwap` value must be set for the `swappiness` parameter to be used.\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs." + }, + "sharedMemorySize": { + "type": "integer", + "description": "The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs." + }, + "swappiness": { + "type": "integer", + "description": "You can use this parameter to tune a container's memory swappiness behavior. A `swappiness` value of `0` causes swapping to not occur unless absolutely necessary. A `swappiness` value of `100` causes pages to be swapped aggressively. Valid values are whole numbers between `0` and `100` . If the `swappiness` parameter isn't specified, a default value of `60` is used. If a value isn't specified for `maxSwap` , then this parameter is ignored. If `maxSwap` is set to 0, the container doesn't use swap. This parameter maps to the `--memory-swappiness` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\nConsider the following when you use a per-container swap configuration.\n\n- Swap space must be enabled and allocated on the container instance for the containers to use.\n\n\u003e By default, the Amazon ECS optimized AMIs don't have swap enabled. You must enable swap on the instance to use this feature. For more information, see [Instance store swap volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-store-swap-volumes.html) in the *Amazon EC2 User Guide for Linux Instances* or [How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?](https://docs.aws.amazon.com/premiumsupport/knowledge-center/ec2-memory-swap-file/)\n- The swap space parameters are only supported for job definitions using EC2 resources.\n- If the `maxSwap` and `swappiness` parameters are omitted from a job definition, each container has a default `swappiness` value of 60. Moreover, the total swap usage is limited to two times the memory reservation of the container.\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs." + }, + "tmpfs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionTmpfs" + }, + "description": "The container path, mount options, and size (in MiB) of the `tmpfs` mount. This parameter maps to the `--tmpfs` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide this parameter for this resource type." + } + } + }, + "aws-native:batch:JobDefinitionLogConfiguration": { + "type": "object", + "properties": { + "logDriver": { + "type": "string", + "description": "The log driver to use for the container. The valid values that are listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default.\n\nThe supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `logentries` , `syslog` , and `splunk` .\n\n\u003e Jobs that are running on Fargate resources are restricted to the `awslogs` and `splunk` log drivers. \n\n- **awslogs** - Specifies the Amazon CloudWatch Logs logging driver. For more information, see [Using the awslogs log driver](https://docs.aws.amazon.com/batch/latest/userguide/using_awslogs.html) in the *AWS Batch User Guide* and [Amazon CloudWatch Logs logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/) in the Docker documentation.\n- **fluentd** - Specifies the Fluentd logging driver. For more information including usage and options, see [Fluentd logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/fluentd/) in the *Docker documentation* .\n- **gelf** - Specifies the Graylog Extended Format (GELF) logging driver. For more information including usage and options, see [Graylog Extended Format logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/gelf/) in the *Docker documentation* .\n- **journald** - Specifies the journald logging driver. For more information including usage and options, see [Journald logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/journald/) in the *Docker documentation* .\n- **json-file** - Specifies the JSON file logging driver. For more information including usage and options, see [JSON File logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/json-file/) in the *Docker documentation* .\n- **splunk** - Specifies the Splunk logging driver. For more information including usage and options, see [Splunk logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/splunk/) in the *Docker documentation* .\n- **syslog** - Specifies the syslog logging driver. For more information including usage and options, see [Syslog logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/syslog/) in the *Docker documentation* .\n\n\u003e If you have a custom driver that's not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn't currently support running modified copies of this software. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`" + }, + "options": { + "$ref": "pulumi.json#/Any", + "description": "The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`" + }, + "secretOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionSecret" + }, + "description": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the *AWS Batch User Guide* ." + } + } + }, + "aws-native:batch:JobDefinitionMetadata": { + "type": "object", + "properties": { + "labels": { + "$ref": "pulumi.json#/Any", + "description": "Key-value pairs used to identify, sort, and organize cube resources. Can contain up to 63 uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be added or modified at any time. Each resource can have multiple labels, but each key must be unique for a given object." + } + } + }, + "aws-native:batch:JobDefinitionMountPoints": { + "type": "object", + "properties": { + "containerPath": { + "type": "string", + "description": "The path on the container where the host volume is mounted." + }, + "readOnly": { + "type": "boolean", + "description": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` ." + }, + "sourceVolume": { + "type": "string", + "description": "The name of the volume to mount." + } + } + }, + "aws-native:batch:JobDefinitionNetworkConfiguration": { + "type": "object", + "properties": { + "assignPublicIp": { + "type": "string", + "description": "Indicates whether the job has a public IP address. For a job that's running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see [Amazon ECS task networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* . The default value is \" `DISABLED` \"." + } + } + }, + "aws-native:batch:JobDefinitionNodeProperties": { + "type": "object", + "properties": { + "mainNode": { + "type": "integer", + "description": "Specifies the node index for the main node of a multi-node parallel job. This node index value must be fewer than the number of nodes." + }, + "nodeRangeProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionNodeRangeProperty" + }, + "description": "A list of node ranges and their properties that are associated with a multi-node parallel job." + }, + "numNodes": { + "type": "integer", + "description": "The number of nodes that are associated with a multi-node parallel job." + } + } + }, + "aws-native:batch:JobDefinitionNodeRangeProperty": { + "type": "object", + "properties": { + "container": { + "$ref": "#/types/aws-native:batch:JobDefinitionContainerProperties", + "description": "The container details for the node range." + }, + "ecsProperties": { + "$ref": "#/types/aws-native:batch:JobDefinitionEcsProperties", + "description": "This is an object that represents the properties of the node range for a multi-node parallel job." + }, + "eksProperties": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksProperties", + "description": "This is an object that represents the properties of the node range for a multi-node parallel job." + }, + "instanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance types of the underlying host infrastructure of a multi-node parallel job.\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources.\n\u003e \n\u003e In addition, this list object is currently limited to one element." + }, + "targetNodes": { + "type": "string", + "description": "The range of nodes, using node index values. A range of `0:3` indicates nodes with index values of `0` through `3` . If the starting range value is omitted ( `:n` ), then `0` is used to start the range. If the ending range value is omitted ( `n:` ), then the highest possible node index is used to end the range. Your accumulative node ranges must account for all nodes ( `0:n` ). You can nest node ranges (for example, `0:10` and `4:5` ). In this case, the `4:5` range properties override the `0:10` properties." + } + } + }, + "aws-native:batch:JobDefinitionPodProperties": { + "type": "object", + "properties": { + "containers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksContainer" + }, + "description": "The properties of the container that's used on the Amazon EKS pod." + }, + "dnsPolicy": { + "type": "string", + "description": "The DNS policy for the pod. The default value is `ClusterFirst` . If the `hostNetwork` parameter is not specified, the default is `ClusterFirstWithHostNet` . `ClusterFirst` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see [Pod's DNS policy](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) in the *Kubernetes documentation* .\n\nValid values: `Default` | `ClusterFirst` | `ClusterFirstWithHostNet`" + }, + "hostNetwork": { + "type": "boolean", + "description": "Indicates if the pod uses the hosts' network IP address. The default value is `true` . Setting this to `false` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections. For more information, see [Host namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#host-namespaces) and [Pod networking](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/#pod-networking) in the *Kubernetes documentation* ." + }, + "imagePullSecrets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionImagePullSecret" + } + }, + "initContainers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksContainer" + }, + "description": "These containers run before application containers, always runs to completion, and must complete successfully before the next container starts. These containers are registered with the Amazon EKS Connector agent and persists the registration information in the Kubernetes backend data store. For more information, see [Init Containers](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) in the *Kubernetes documentation* .\n\n\u003e This object is limited to 10 elements" + }, + "metadata": { + "$ref": "#/types/aws-native:batch:JobDefinitionMetadata", + "description": "Metadata about the Kubernetes pod. For more information, see [Understanding Kubernetes Objects](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) in the *Kubernetes documentation* ." + }, + "serviceAccountName": { + "type": "string", + "description": "The name of the service account that's used to run the pod. For more information, see [Kubernetes service accounts](https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html) and [Configure a Kubernetes service account to assume an IAM role](https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html) in the *Amazon EKS User Guide* and [Configure service accounts for pods](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) in the *Kubernetes documentation* ." + }, + "shareProcessNamespace": { + "type": "boolean", + "description": "Indicates if the processes in a container are shared, or visible, to other containers in the same pod. For more information, see [Share Process Namespace between Containers in a Pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) ." + }, + "volumes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionEksVolume" + }, + "description": "Specifies the volumes for a job definition that uses Amazon EKS resources." + } + } + }, + "aws-native:batch:JobDefinitionRepositoryCredentials": { + "type": "object", + "properties": { + "credentialsParameter": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials." + } + } + }, + "aws-native:batch:JobDefinitionResourceRequirement": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` ." + }, + "value": { + "type": "string", + "description": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n\u003e GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on Amazon EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n\u003e If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, or 4\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For Amazon EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880" + } + } + }, + "aws-native:batch:JobDefinitionRetryStrategy": { + "type": "object", + "properties": { + "attempts": { + "type": "integer", + "description": "The number of times to move a job to the `RUNNABLE` status. You can specify between 1 and 10 attempts. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value." + }, + "evaluateOnExit": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionEvaluateOnExit" + }, + "description": "Array of up to 5 objects that specify the conditions where jobs are retried or failed. If this parameter is specified, then the `attempts` parameter must also be specified. If none of the listed conditions match, then the job is retried." + } + } + }, + "aws-native:batch:JobDefinitionRuntimePlatform": { + "type": "object", + "properties": { + "cpuArchitecture": { + "type": "string", + "description": "The vCPU architecture. The default value is `X86_64` . Valid values are `X86_64` and `ARM64` .\n\n\u003e This parameter must be set to `X86_64` for Windows containers. \u003e Fargate Spot is not supported for `ARM64` and Windows-based containers on Fargate. A job queue will be blocked if a Fargate `ARM64` or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both `FARGATE` and `FARGATE_SPOT` compute environments to the same job queue." + }, + "operatingSystemFamily": { + "type": "string", + "description": "The operating system for the compute environment. Valid values are: `LINUX` (default), `WINDOWS_SERVER_2019_CORE` , `WINDOWS_SERVER_2019_FULL` , `WINDOWS_SERVER_2022_CORE` , and `WINDOWS_SERVER_2022_FULL` .\n\n\u003e The following parameters can’t be set for Windows containers: `linuxParameters` , `privileged` , `user` , `ulimits` , `readonlyRootFilesystem` , and `efsVolumeConfiguration` . \u003e The AWS Batch Scheduler checks the compute environments that are attached to the job queue before registering a task definition with Fargate. In this scenario, the job queue is where the job is submitted. If the job requires a Windows container and the first compute environment is `LINUX` , the compute environment is skipped and the next compute environment is checked until a Windows-based compute environment is found. \u003e Fargate Spot is not supported for `ARM64` and Windows-based containers on Fargate. A job queue will be blocked if a Fargate `ARM64` or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both `FARGATE` and `FARGATE_SPOT` compute environments to the same job queue." + } + } + }, + "aws-native:batch:JobDefinitionSecret": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the secret." + }, + "valueFrom": { + "type": "string", + "description": "The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.\n\n\u003e If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified." + } + } + }, + "aws-native:batch:JobDefinitionTaskContainerDependency": { + "type": "object", + "properties": { + "condition": { + "type": "string", + "description": "The dependency condition of the container. The following are the available conditions and their behavior:\n\n- `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n- `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n- `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a zero status. This condition can't be set on an essential container." + }, + "containerName": { + "type": "string", + "description": "A unique identifier for the container." + } + } + }, + "aws-native:batch:JobDefinitionTaskContainerProperties": { + "type": "object", + "properties": { + "command": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . For more information, see [Dockerfile reference: CMD](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) ." + }, + "dependsOn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionTaskContainerDependency" + }, + "description": "A list of containers that this container depends on." + }, + "environment": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionEnvironment" + }, + "description": "The environment variables to pass to a container. This parameter maps to Env inthe [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--env` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n\u003e We don't recommend using plaintext environment variables for sensitive information, such as credential data. \u003e Environment variables cannot start with `AWS_BATCH` . This naming convention is reserved for variables that AWS Batch sets." + }, + "essential": { + "type": "boolean", + "description": "If the essential parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as false, its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n\nAll jobs must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "image": { + "type": "string", + "description": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `repository-url/image:tag` or `repository-url/image@digest` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `IMAGE` parameter of the [*docker run*](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) ." + }, + "linuxParameters": { + "$ref": "#/types/aws-native:batch:JobDefinitionLinuxParameters", + "description": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information, see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) ." + }, + "logConfiguration": { + "$ref": "#/types/aws-native:batch:JobDefinitionLogConfiguration", + "description": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nBy default, containers use the same logging driver that the Docker daemon uses. However the container can use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information about the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the *Docker documentation* .\n\n\u003e Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the `LogConfiguration` data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version `--format '{{.Server.APIVersion}}'`\n\n\u003e The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "mountPoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionMountPoints" + }, + "description": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives." + }, + "name": { + "type": "string", + "description": "The name of a container. The name can be used as a unique identifier to target your `dependsOn` and `Overrides` objects." + }, + "privileged": { + "type": "boolean", + "description": "When this parameter is `true` , the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n\u003e This parameter is not supported for Windows containers or tasks run on Fargate." + }, + "readonlyRootFilesystem": { + "type": "boolean", + "description": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--read-only` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n\u003e This parameter is not supported for Windows containers." + }, + "repositoryCredentials": { + "$ref": "#/types/aws-native:batch:JobDefinitionRepositoryCredentials", + "description": "The private repository authentication credentials to use." + }, + "resourceRequirements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionResourceRequirement" + }, + "description": "The type and amount of a resource to assign to a container. The only supported resource is a GPU." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionSecret" + }, + "description": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the Amazon Elastic Container Service Developer Guide." + }, + "ulimits": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:JobDefinitionUlimit" + }, + "description": "A list of `ulimits` to set in the container. If a `ulimit` value is specified in a task definition, it overrides the default values set by Docker. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nAmazon ECS tasks hosted on Fargate use the default resource limit values set by the operating system with the exception of the nofile resource limit parameter which Fargate overrides. The `nofile` resource limit sets a restriction on the number of open files that a container can use. The default `nofile` soft limit is `1024` and the default hard limit is `65535` .\n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version `--format '{{.Server.APIVersion}}'`\n\n\u003e This parameter is not supported for Windows containers." + }, + "user": { + "type": "string", + "description": "The user to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run.\n\n\u003e When running tasks using the `host` network mode, don't run containers using the `root user (UID 0)` . We recommend using a non-root user for better security. \n\nYou can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n\n- `user`\n- `user:group`\n- `uid`\n- `uid:gid`\n- `user:gi`\n- `uid:group`\n\n\u003e This parameter is not supported for Windows containers." + } + } + }, + "aws-native:batch:JobDefinitionTimeout": { + "type": "object", + "properties": { + "attemptDurationSeconds": { + "type": "integer", + "description": "The job timeout time (in seconds) that's measured from the job attempt's `startedAt` timestamp. After this time passes, AWS Batch terminates your jobs if they aren't finished. The minimum value for the timeout is 60 seconds.\n\nFor array jobs, the timeout applies to the child jobs, not to the parent array job.\n\nFor multi-node parallel (MNP) jobs, the timeout applies to the whole job, not to the individual nodes." + } + } + }, + "aws-native:batch:JobDefinitionTmpfs": { + "type": "object", + "properties": { + "containerPath": { + "type": "string", + "description": "The absolute file path in the container where the `tmpfs` volume is mounted." + }, + "mountOptions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of `tmpfs` volume mount options.\n\nValid values: \" `defaults` \" | \" `ro` \" | \" `rw` \" | \" `suid` \" | \" `nosuid` \" | \" `dev` \" | \" `nodev` \" | \" `exec` \" | \" `noexec` \" | \" `sync` \" | \" `async` \" | \" `dirsync` \" | \" `remount` \" | \" `mand` \" | \" `nomand` \" | \" `atime` \" | \" `noatime` \" | \" `diratime` \" | \" `nodiratime` \" | \" `bind` \" | \" `rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime` \" | \" `norelatime` \" | \" `strictatime` \" | \" `nostrictatime` \" | \" `mode` \" | \" `uid` \" | \" `gid` \" | \" `nr_inodes` \" | \" `nr_blocks` \" | \" `mpol` \"" + }, + "size": { + "type": "integer", + "description": "The size (in MiB) of the `tmpfs` volume." + } + } + }, + "aws-native:batch:JobDefinitionUlimit": { + "type": "object", + "properties": { + "hardLimit": { + "type": "integer", + "description": "The hard limit for the `ulimit` type." + }, + "name": { + "type": "string", + "description": "The `type` of the `ulimit` . Valid values are: `core` | `cpu` | `data` | `fsize` | `locks` | `memlock` | `msgqueue` | `nice` | `nofile` | `nproc` | `rss` | `rtprio` | `rttime` | `sigpending` | `stack` ." + }, + "softLimit": { + "type": "integer", + "description": "The soft limit for the `ulimit` type." + } + } + }, + "aws-native:batch:JobDefinitionVolumes": { + "type": "object", + "properties": { + "efsVolumeConfiguration": { + "$ref": "#/types/aws-native:batch:JobDefinitionEfsVolumeConfiguration", + "description": "This is used when you're using an Amazon Elastic File System file system for job storage. For more information, see [Amazon EFS Volumes](https://docs.aws.amazon.com/batch/latest/userguide/efs-volumes.html) in the *AWS Batch User Guide* ." + }, + "host": { + "$ref": "#/types/aws-native:batch:JobDefinitionVolumesHost", + "description": "The contents of the `host` parameter determine whether your data volume persists on the host container instance and where it's stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\n\u003e This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided." + }, + "name": { + "type": "string", + "description": "The name of the volume. It can be up to 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). This name is referenced in the `sourceVolume` parameter of container definition `mountPoints` ." + } + } + }, + "aws-native:batch:JobDefinitionVolumesHost": { + "type": "object", + "properties": { + "sourcePath": { + "type": "string", + "description": "The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\n\u003e This parameter isn't applicable to jobs that run on Fargate resources. Don't provide this for these jobs." + } + } + }, + "aws-native:batch:JobQueueComputeEnvironmentOrder": { + "type": "object", + "properties": { + "computeEnvironment": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the compute environment." + }, + "order": { + "type": "integer", + "description": "The order of the compute environment. Compute environments are tried in ascending order. For example, if two compute environments are associated with a job queue, the compute environment with a lower `order` integer value is tried for job placement first." + } + } + }, + "aws-native:batch:JobQueueJobStateTimeLimitAction": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:batch:JobQueueJobStateTimeLimitActionAction", + "description": "The action to take when a job is at the head of the job queue in the specified state for the specified period of time. The only supported value is `CANCEL` , which will cancel the job." + }, + "maxTimeSeconds": { + "type": "integer", + "description": "The approximate amount of time, in seconds, that must pass with the job in the specified state before the action is taken. The minimum value is 600 (10 minutes) and the maximum value is 86,400 (24 hours)." + }, + "reason": { + "type": "string", + "description": "The reason to log for the action being taken." + }, + "state": { + "$ref": "#/types/aws-native:batch:JobQueueJobStateTimeLimitActionState", + "description": "The state of the job needed to trigger the action. The only supported value is `RUNNABLE` ." + } + } + }, + "aws-native:batch:JobQueueJobStateTimeLimitActionAction": { + "type": "string" + }, + "aws-native:batch:JobQueueJobStateTimeLimitActionState": { + "type": "string" + }, + "aws-native:batch:JobQueueState": { + "type": "string" + }, + "aws-native:batch:SchedulingPolicyFairsharePolicy": { + "type": "object", + "properties": { + "computeReservation": { + "type": "number", + "description": "A value used to reserve some of the available maximum vCPU for fair share identifiers that aren't already used.\n\nThe reserved ratio is `( *computeReservation* /100)^ *ActiveFairShares*` where `*ActiveFairShares*` is the number of active fair share identifiers.\n\nFor example, a `computeReservation` value of 50 indicates that AWS Batch reserves 50% of the maximum available vCPU if there's only one fair share identifier. It reserves 25% if there are two fair share identifiers. It reserves 12.5% if there are three fair share identifiers. A `computeReservation` value of 25 indicates that AWS Batch should reserve 25% of the maximum available vCPU if there's only one fair share identifier, 6.25% if there are two fair share identifiers, and 1.56% if there are three fair share identifiers.\n\nThe minimum value is 0 and the maximum value is 99." + }, + "shareDecaySeconds": { + "type": "number", + "description": "The amount of time (in seconds) to use to calculate a fair share percentage for each fair share identifier in use. A value of zero (0) indicates that only current usage is measured. The decay allows for more recently run jobs to have more weight than jobs that ran earlier. The maximum supported value is 604800 (1 week)." + }, + "shareDistribution": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:batch:SchedulingPolicyShareAttributes" + }, + "description": "List of Share Attributes" + } + } + }, + "aws-native:batch:SchedulingPolicyShareAttributes": { + "type": "object", + "properties": { + "shareIdentifier": { + "type": "string", + "description": "A fair share identifier or fair share identifier prefix. If the string ends with an asterisk (*), this entry specifies the weight factor to use for fair share identifiers that start with that prefix. The list of fair share identifiers in a fair share policy can't overlap. For example, you can't have one that specifies a `shareIdentifier` of `UserA*` and another that specifies a `shareIdentifier` of `UserA-1` .\n\nThere can be no more than 500 fair share identifiers active in a job queue.\n\nThe string is limited to 255 alphanumeric characters, and can be followed by an asterisk (*)." + }, + "weightFactor": { + "type": "number", + "description": "The weight factor for the fair share identifier. The default value is 1.0. A lower value has a higher priority for compute resources. For example, jobs that use a share identifier with a weight factor of 0.125 (1/8) get 8 times the compute resources of jobs that use a share identifier with a weight factor of 1.\n\nThe smallest supported value is 0.0001, and the largest supported value is 999.9999." + } + } + }, + "aws-native:bedrock:AgentActionGroup": { + "type": "object", + "properties": { + "actionGroupExecutor": { + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:AgentActionGroupExecutor0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:AgentActionGroupExecutor1Properties" + } + ], + "description": "The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action or the custom control method for handling the information elicited from the user." + }, + "actionGroupName": { + "type": "string", + "description": "Name of the action group" + }, + "actionGroupState": { + "$ref": "#/types/aws-native:bedrock:AgentActionGroupState", + "description": "Specifies whether the action group is available for the agent to invoke or not when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request." + }, + "apiSchema": { + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:AgentApiSchema0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:AgentApiSchema1Properties" + } + ], + "description": "Contains either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema. For more information, see [Action group OpenAPI schemas](https://docs.aws.amazon.com/bedrock/latest/userguide/agents-api-schema.html) ." + }, + "description": { + "type": "string", + "description": "Description of action group" + }, + "functionSchema": { + "$ref": "#/types/aws-native:bedrock:AgentFunctionSchema", + "description": "Defines functions that each define parameters that the agent needs to invoke from the user. Each function represents an action in an action group." + }, + "parentActionGroupSignature": { + "$ref": "#/types/aws-native:bedrock:AgentActionGroupSignature", + "description": "If this field is set as `AMAZON.UserInput` , the agent can request the user for additional information when trying to complete a task. The `description` , `apiSchema` , and `actionGroupExecutor` fields must be blank for this action group.\n\nDuring orchestration, if the agent determines that it needs to invoke an API in an action group, but doesn't have enough information to complete the API request, it will invoke this action group instead and return an [Observation](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_Observation.html) reprompting the user for more information." + }, + "skipResourceInUseCheckOnDelete": { + "type": "boolean", + "description": "Specifies whether to allow deleting action group while it is in use." + } + } + }, + "aws-native:bedrock:AgentActionGroupExecutor0Properties": { + "type": "object", + "properties": { + "lambda": { + "type": "string", + "description": "ARN of a Lambda." + } + } + }, + "aws-native:bedrock:AgentActionGroupExecutor1Properties": { + "type": "object", + "properties": { + "customControl": { + "$ref": "#/types/aws-native:bedrock:AgentCustomControlMethod" + } + } + }, + "aws-native:bedrock:AgentActionGroupSignature": { + "type": "string" + }, + "aws-native:bedrock:AgentActionGroupState": { + "type": "string" + }, + "aws-native:bedrock:AgentAliasHistoryEvent": { + "type": "object", + "properties": { + "endDate": { + "type": "string", + "description": "Time Stamp." + }, + "routingConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:AgentAliasRoutingConfigurationListItem" + }, + "description": "Routing configuration for an Agent alias." + }, + "startDate": { + "type": "string", + "description": "Time Stamp." + } + } + }, + "aws-native:bedrock:AgentAliasRoutingConfigurationListItem": { + "type": "object", + "properties": { + "agentVersion": { + "type": "string", + "description": "Agent Version." + } + } + }, + "aws-native:bedrock:AgentAliasStatus": { + "type": "string" + }, + "aws-native:bedrock:AgentApiSchema0Properties": { + "type": "object", + "properties": { + "s3": { + "$ref": "#/types/aws-native:bedrock:AgentS3Identifier" + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:bedrock:AgentApiSchema1Properties": { + "type": "object", + "properties": { + "payload": { + "type": "string", + "description": "String OpenAPI Payload" + } + } + }, + "aws-native:bedrock:AgentCreationMode": { + "type": "string" + }, + "aws-native:bedrock:AgentCustomControlMethod": { + "type": "string" + }, + "aws-native:bedrock:AgentFunction": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Description of function" + }, + "name": { + "type": "string", + "description": "Name for a resource." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:bedrock:AgentParameterDetail" + }, + "description": "The parameters that the agent elicits from the user to fulfill the function." + } + } + }, + "aws-native:bedrock:AgentFunctionSchema": { + "type": "object", + "properties": { + "functions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:AgentFunction" + }, + "description": "List of Function definitions" + } + } + }, + "aws-native:bedrock:AgentGuardrailConfiguration": { + "type": "object", + "properties": { + "guardrailIdentifier": { + "type": "string", + "description": "Identifier for the guardrail, could be the id or the arn" + }, + "guardrailVersion": { + "type": "string", + "description": "Version of the guardrail" + } + } + }, + "aws-native:bedrock:AgentInferenceConfiguration": { + "type": "object", + "properties": { + "maximumLength": { + "type": "number", + "description": "Maximum length of output" + }, + "stopSequences": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of stop sequences" + }, + "temperature": { + "type": "number", + "description": "Controls randomness, higher values increase diversity" + }, + "topK": { + "type": "number", + "description": "Sample from the k most likely next tokens" + }, + "topP": { + "type": "number", + "description": "Cumulative probability cutoff for token selection" + } + } + }, + "aws-native:bedrock:AgentKnowledgeBase": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Description of the Resource." + }, + "knowledgeBaseId": { + "type": "string", + "description": "Identifier for a resource." + }, + "knowledgeBaseState": { + "$ref": "#/types/aws-native:bedrock:AgentKnowledgeBaseState", + "description": "Specifies whether to use the knowledge base or not when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request." + } + } + }, + "aws-native:bedrock:AgentKnowledgeBaseState": { + "type": "string" + }, + "aws-native:bedrock:AgentParameterDetail": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Description of function parameter." + }, + "required": { + "type": "boolean", + "description": "Information about if a parameter is required for function call. Default to false." + }, + "type": { + "$ref": "#/types/aws-native:bedrock:AgentType", + "description": "The data type of the parameter." + } + } + }, + "aws-native:bedrock:AgentPromptConfiguration": { + "type": "object", + "properties": { + "basePromptTemplate": { + "type": "string", + "description": "Base Prompt Template." + }, + "inferenceConfiguration": { + "$ref": "#/types/aws-native:bedrock:AgentInferenceConfiguration", + "description": "Contains inference parameters to use when the agent invokes a foundation model in the part of the agent sequence defined by the `promptType` . For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) ." + }, + "parserMode": { + "$ref": "#/types/aws-native:bedrock:AgentCreationMode", + "description": "Specifies whether to override the default parser Lambda function when parsing the raw foundation model output in the part of the agent sequence defined by the `promptType` . If you set the field as `OVERRIDEN` , the `overrideLambda` field in the [PromptOverrideConfiguration](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent_PromptOverrideConfiguration.html) must be specified with the ARN of a Lambda function." + }, + "promptCreationMode": { + "$ref": "#/types/aws-native:bedrock:AgentCreationMode", + "description": "Specifies whether to override the default prompt template for this `promptType` . Set this value to `OVERRIDDEN` to use the prompt that you provide in the `basePromptTemplate` . If you leave it as `DEFAULT` , the agent uses a default prompt template." + }, + "promptState": { + "$ref": "#/types/aws-native:bedrock:AgentPromptState", + "description": "Specifies whether to allow the agent to carry out the step specified in the `promptType` . If you set this value to `DISABLED` , the agent skips that step. The default state for each `promptType` is as follows.\n\n- `PRE_PROCESSING` – `ENABLED`\n- `ORCHESTRATION` – `ENABLED`\n- `KNOWLEDGE_BASE_RESPONSE_GENERATION` – `ENABLED`\n- `POST_PROCESSING` – `DISABLED`" + }, + "promptType": { + "$ref": "#/types/aws-native:bedrock:AgentPromptType", + "description": "The step in the agent sequence that this prompt configuration applies to." + } + } + }, + "aws-native:bedrock:AgentPromptOverrideConfiguration": { + "type": "object", + "properties": { + "overrideLambda": { + "type": "string", + "description": "ARN of a Lambda." + }, + "promptConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:AgentPromptConfiguration" + }, + "description": "List of BasePromptConfiguration" + } + } + }, + "aws-native:bedrock:AgentPromptState": { + "type": "string" + }, + "aws-native:bedrock:AgentPromptType": { + "type": "string" + }, + "aws-native:bedrock:AgentS3Identifier": { + "type": "object", + "properties": { + "s3BucketName": { + "type": "string", + "description": "A bucket in S3." + }, + "s3ObjectKey": { + "type": "string", + "description": "A object key in S3." + } + }, + "irreversibleNames": { + "s3BucketName": "S3BucketName", + "s3ObjectKey": "S3ObjectKey" + } + }, + "aws-native:bedrock:AgentStatus": { + "type": "string" + }, + "aws-native:bedrock:AgentType": { + "type": "string" + }, + "aws-native:bedrock:DataSourceChunkingConfiguration": { + "type": "object", + "properties": { + "chunkingStrategy": { + "$ref": "#/types/aws-native:bedrock:DataSourceChunkingStrategy", + "description": "Knowledge base can split your source data into chunks. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.\n\n- `FIXED_SIZE` – Amazon Bedrock splits your source data into chunks of the approximate size that you set in the `fixedSizeChunkingConfiguration` .\n- `HIERARCHICAL` – Split documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.\n- `SEMANTIC` – Split documents into chunks based on groups of similar content derived with natural language processing.\n- `NONE` – Amazon Bedrock treats each file as one chunk. If you choose this option, you may want to pre-process your documents by splitting them into separate files." + }, + "fixedSizeChunkingConfiguration": { + "$ref": "#/types/aws-native:bedrock:DataSourceFixedSizeChunkingConfiguration", + "description": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field." + } + } + }, + "aws-native:bedrock:DataSourceChunkingStrategy": { + "type": "string" + }, + "aws-native:bedrock:DataSourceConfiguration": { + "type": "object", + "properties": { + "s3Configuration": { + "$ref": "#/types/aws-native:bedrock:DataSourceS3DataSourceConfiguration", + "description": "The configuration information to connect to Amazon S3 as your data source." + }, + "type": { + "$ref": "#/types/aws-native:bedrock:DataSourceType", + "description": "The type of data source." + } + }, + "irreversibleNames": { + "s3Configuration": "S3Configuration" + } + }, + "aws-native:bedrock:DataSourceDataDeletionPolicy": { + "type": "string" + }, + "aws-native:bedrock:DataSourceFixedSizeChunkingConfiguration": { + "type": "object", + "properties": { + "maxTokens": { + "type": "integer", + "description": "The maximum number of tokens to include in a chunk." + }, + "overlapPercentage": { + "type": "integer", + "description": "The percentage of overlap between adjacent chunks of a data source." + } + } + }, + "aws-native:bedrock:DataSourceS3DataSourceConfiguration": { + "type": "object", + "properties": { + "bucketArn": { + "type": "string", + "description": "The ARN of the bucket that contains the data source." + }, + "bucketOwnerAccountId": { + "type": "string", + "description": "The account ID for the owner of the S3 bucket." + }, + "inclusionPrefixes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of S3 prefixes that define the object containing the data sources." + } + } + }, + "aws-native:bedrock:DataSourceServerSideEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsKeyArn": { + "type": "string", + "description": "The ARN of the AWS KMS key used to encrypt the resource." + } + } + }, + "aws-native:bedrock:DataSourceStatus": { + "type": "string" + }, + "aws-native:bedrock:DataSourceType": { + "type": "string" + }, + "aws-native:bedrock:DataSourceVectorIngestionConfiguration": { + "type": "object", + "properties": { + "chunkingConfiguration": { + "$ref": "#/types/aws-native:bedrock:DataSourceChunkingConfiguration", + "description": "Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried." + } + } + }, + "aws-native:bedrock:FlowAliasRoutingConfigurationListItem": { + "type": "object", + "properties": { + "flowVersion": { + "type": "string", + "description": "Version." + } + } + }, + "aws-native:bedrock:FlowCondition": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "Expression for a condition in a flow" + }, + "name": { + "type": "string", + "description": "Name of a condition in a flow" + } + } + }, + "aws-native:bedrock:FlowConditionFlowNodeConfiguration": { + "type": "object", + "properties": { + "conditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowCondition" + }, + "description": "List of conditions in a condition node" + } + } + }, + "aws-native:bedrock:FlowConditionalConnectionConfiguration": { + "type": "object", + "properties": { + "condition": { + "type": "string", + "description": "Name of a condition in a flow" + } + } + }, + "aws-native:bedrock:FlowConnection": { + "type": "object", + "properties": { + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:FlowConnectionConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowConnectionConfiguration1Properties" + } + ], + "description": "The configuration of the connection." + }, + "name": { + "type": "string", + "description": "Name of a connection in a flow" + }, + "source": { + "type": "string", + "description": "Name of a node in a flow" + }, + "target": { + "type": "string", + "description": "Name of a node in a flow" + }, + "type": { + "$ref": "#/types/aws-native:bedrock:FlowConnectionType", + "description": "Whether the source node that the connection begins from is a condition node ( `Conditional` ) or not ( `Data` )." + } + } + }, + "aws-native:bedrock:FlowConnectionConfiguration0Properties": { + "type": "object", + "properties": { + "data": { + "$ref": "#/types/aws-native:bedrock:FlowDataConnectionConfiguration" + } + } + }, + "aws-native:bedrock:FlowConnectionConfiguration1Properties": { + "type": "object", + "properties": { + "conditional": { + "$ref": "#/types/aws-native:bedrock:FlowConditionalConnectionConfiguration" + } + } + }, + "aws-native:bedrock:FlowConnectionType": { + "type": "string" + }, + "aws-native:bedrock:FlowDataConnectionConfiguration": { + "type": "object", + "properties": { + "sourceOutput": { + "type": "string", + "description": "Name of a node output in a flow" + }, + "targetInput": { + "type": "string", + "description": "Name of a node input in a flow" + } + } + }, + "aws-native:bedrock:FlowDefinition": { + "type": "object", + "properties": { + "connections": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowConnection" + }, + "description": "List of connections" + }, + "nodes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowNode" + }, + "description": "List of nodes in a flow" + } + } + }, + "aws-native:bedrock:FlowInputFlowNodeConfiguration": { + "type": "object" + }, + "aws-native:bedrock:FlowKnowledgeBaseFlowNodeConfiguration": { + "type": "object", + "properties": { + "knowledgeBaseId": { + "type": "string", + "description": "Identifier of the KnowledgeBase" + }, + "modelId": { + "type": "string", + "description": "ARN or name of a Bedrock model." + } + } + }, + "aws-native:bedrock:FlowLambdaFunctionFlowNodeConfiguration": { + "type": "object", + "properties": { + "lambdaArn": { + "type": "string", + "description": "ARN of a Lambda." + } + } + }, + "aws-native:bedrock:FlowLexFlowNodeConfiguration": { + "type": "object", + "properties": { + "botAliasArn": { + "type": "string", + "description": "ARN of a Lex bot alias" + }, + "localeId": { + "type": "string", + "description": "Lex bot locale id" + } + } + }, + "aws-native:bedrock:FlowNode": { + "type": "object", + "properties": { + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:FlowNodeConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowNodeConfiguration1Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowNodeConfiguration2Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowNodeConfiguration3Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowNodeConfiguration4Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowNodeConfiguration5Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowNodeConfiguration6Properties" + } + ], + "description": "Contains configurations for the node." + }, + "inputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowNodeInput" + }, + "description": "List of node inputs in a flow" + }, + "name": { + "type": "string", + "description": "Name of a node in a flow" + }, + "outputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowNodeOutput" + }, + "description": "List of node outputs in a flow" + }, + "type": { + "$ref": "#/types/aws-native:bedrock:FlowNodeType", + "description": "The type of node. This value must match the name of the key that you provide in the configuration you provide in the `FlowNodeConfiguration` field." + } + } + }, + "aws-native:bedrock:FlowNodeConfiguration0Properties": { + "type": "object", + "properties": { + "input": { + "$ref": "#/types/aws-native:bedrock:FlowInputFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowNodeConfiguration1Properties": { + "type": "object", + "properties": { + "output": { + "$ref": "#/types/aws-native:bedrock:FlowOutputFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowNodeConfiguration2Properties": { + "type": "object", + "properties": { + "knowledgeBase": { + "$ref": "#/types/aws-native:bedrock:FlowKnowledgeBaseFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowNodeConfiguration3Properties": { + "type": "object", + "properties": { + "condition": { + "$ref": "#/types/aws-native:bedrock:FlowConditionFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowNodeConfiguration4Properties": { + "type": "object", + "properties": { + "lex": { + "$ref": "#/types/aws-native:bedrock:FlowLexFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowNodeConfiguration5Properties": { + "type": "object", + "properties": { + "prompt": { + "$ref": "#/types/aws-native:bedrock:FlowPromptFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowNodeConfiguration6Properties": { + "type": "object", + "properties": { + "lambdaFunction": { + "$ref": "#/types/aws-native:bedrock:FlowLambdaFunctionFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowNodeInput": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "Expression for a node input in a flow" + }, + "name": { + "type": "string", + "description": "Name of a node input in a flow" + }, + "type": { + "$ref": "#/types/aws-native:bedrock:FlowNodeIoDataType", + "description": "The data type of the input. If the input doesn't match this type at runtime, a validation error will be thrown." + } + } + }, + "aws-native:bedrock:FlowNodeIoDataType": { + "type": "string" + }, + "aws-native:bedrock:FlowNodeOutput": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of a node output in a flow" + }, + "type": { + "$ref": "#/types/aws-native:bedrock:FlowNodeIoDataType", + "description": "The data type of the output. If the output doesn't match this type at runtime, a validation error will be thrown." + } + } + }, + "aws-native:bedrock:FlowNodeType": { + "type": "string" + }, + "aws-native:bedrock:FlowOutputFlowNodeConfiguration": { + "type": "object" + }, + "aws-native:bedrock:FlowPromptFlowNodeConfiguration": { + "type": "object", + "properties": { + "sourceConfiguration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:FlowPromptFlowNodeSourceConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowPromptFlowNodeSourceConfiguration1Properties" + } + ] + } + } + }, + "aws-native:bedrock:FlowPromptFlowNodeInlineConfiguration": { + "type": "object", + "properties": { + "inferenceConfiguration": { + "$ref": "#/types/aws-native:bedrock:FlowPromptInferenceConfigurationProperties" + }, + "modelId": { + "type": "string", + "description": "ARN or name of a Bedrock model." + }, + "templateConfiguration": { + "$ref": "#/types/aws-native:bedrock:FlowPromptTemplateConfigurationProperties" + }, + "templateType": { + "$ref": "#/types/aws-native:bedrock:FlowPromptTemplateType" + } + } + }, + "aws-native:bedrock:FlowPromptFlowNodeResourceConfiguration": { + "type": "object", + "properties": { + "promptArn": { + "type": "string", + "description": "ARN of a prompt resource possibly with a version" + } + } + }, + "aws-native:bedrock:FlowPromptFlowNodeSourceConfiguration0Properties": { + "type": "object", + "properties": { + "resource": { + "$ref": "#/types/aws-native:bedrock:FlowPromptFlowNodeResourceConfiguration" + } + } + }, + "aws-native:bedrock:FlowPromptFlowNodeSourceConfiguration1Properties": { + "type": "object", + "properties": { + "inline": { + "$ref": "#/types/aws-native:bedrock:FlowPromptFlowNodeInlineConfiguration" + } + } + }, + "aws-native:bedrock:FlowPromptInferenceConfiguration0Properties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:FlowPromptModelInferenceConfiguration" + } + } + }, + "aws-native:bedrock:FlowPromptInferenceConfigurationProperties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:FlowPromptModelInferenceConfiguration" + } + } + }, + "aws-native:bedrock:FlowPromptInputVariable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name for an input variable" + } + } + }, + "aws-native:bedrock:FlowPromptModelInferenceConfiguration": { + "type": "object", + "properties": { + "maxTokens": { + "type": "number", + "description": "Maximum length of output" + }, + "stopSequences": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of stop sequences" + }, + "temperature": { + "type": "number", + "description": "Controls randomness, higher values increase diversity" + }, + "topK": { + "type": "number", + "description": "Sample from the k most likely next tokens" + }, + "topP": { + "type": "number", + "description": "Cumulative probability cutoff for token selection" + } + } + }, + "aws-native:bedrock:FlowPromptTemplateConfiguration0Properties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:FlowTextPromptTemplateConfiguration" + } + } + }, + "aws-native:bedrock:FlowPromptTemplateConfigurationProperties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:FlowTextPromptTemplateConfiguration" + } + } + }, + "aws-native:bedrock:FlowPromptTemplateType": { + "type": "string" + }, + "aws-native:bedrock:FlowS3Location": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "A bucket in S3" + }, + "key": { + "type": "string", + "description": "A object key in S3" + }, + "version": { + "type": "string", + "description": "The version of the the S3 object to use" + } + } + }, + "aws-native:bedrock:FlowStatus": { + "type": "string" + }, + "aws-native:bedrock:FlowTextPromptTemplateConfiguration": { + "type": "object", + "properties": { + "inputVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowPromptInputVariable" + }, + "description": "List of input variables" + }, + "text": { + "type": "string", + "description": "Prompt content for String prompt template" + } + } + }, + "aws-native:bedrock:FlowVersionConditionFlowNodeConfiguration": { + "type": "object", + "properties": { + "conditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowCondition" + }, + "description": "List of conditions in a condition node" + } + } + }, + "aws-native:bedrock:FlowVersionFlowCondition": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "Expression for a condition in a flow" + }, + "name": { + "type": "string", + "description": "Name of a condition in a flow" + } + } + }, + "aws-native:bedrock:FlowVersionFlowConditionalConnectionConfiguration": { + "type": "object", + "properties": { + "condition": { + "type": "string", + "description": "Name of a condition in a flow" + } + } + }, + "aws-native:bedrock:FlowVersionFlowConnection": { + "type": "object", + "properties": { + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowConnectionConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowConnectionConfiguration1Properties" + } + ], + "description": "The configuration of the connection." + }, + "name": { + "type": "string", + "description": "Name of a connection in a flow" + }, + "source": { + "type": "string", + "description": "Name of a node in a flow" + }, + "target": { + "type": "string", + "description": "Name of a node in a flow" + }, + "type": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowConnectionType", + "description": "Whether the source node that the connection begins from is a condition node ( `Conditional` ) or not ( `Data` )." + } + } + }, + "aws-native:bedrock:FlowVersionFlowConnectionConfiguration0Properties": { + "type": "object", + "properties": { + "data": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowDataConnectionConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionFlowConnectionConfiguration1Properties": { + "type": "object", + "properties": { + "conditional": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowConditionalConnectionConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionFlowConnectionType": { + "type": "string" + }, + "aws-native:bedrock:FlowVersionFlowDataConnectionConfiguration": { + "type": "object", + "properties": { + "sourceOutput": { + "type": "string", + "description": "Name of a node output in a flow" + }, + "targetInput": { + "type": "string", + "description": "Name of a node input in a flow" + } + } + }, + "aws-native:bedrock:FlowVersionFlowDefinition": { + "type": "object", + "properties": { + "connections": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowConnection" + }, + "description": "List of connections" + }, + "nodes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNode" + }, + "description": "List of nodes in a flow" + } + } + }, + "aws-native:bedrock:FlowVersionFlowNode": { + "type": "object", + "properties": { + "configuration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeConfiguration1Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeConfiguration2Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeConfiguration3Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeConfiguration4Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeConfiguration5Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeConfiguration6Properties" + } + ], + "description": "Contains configurations for the node." + }, + "inputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeInput" + }, + "description": "List of node inputs in a flow" + }, + "name": { + "type": "string", + "description": "Name of a node in a flow" + }, + "outputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeOutput" + }, + "description": "List of node outputs in a flow" + }, + "type": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeType", + "description": "The type of node. This value must match the name of the key that you provide in the configuration you provide in the `FlowNodeConfiguration` field." + } + } + }, + "aws-native:bedrock:FlowVersionFlowNodeConfiguration0Properties": { + "type": "object", + "properties": { + "input": { + "$ref": "#/types/aws-native:bedrock:FlowVersionInputFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionFlowNodeConfiguration1Properties": { + "type": "object", + "properties": { + "output": { + "$ref": "#/types/aws-native:bedrock:FlowVersionOutputFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionFlowNodeConfiguration2Properties": { + "type": "object", + "properties": { + "knowledgeBase": { + "$ref": "#/types/aws-native:bedrock:FlowVersionKnowledgeBaseFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionFlowNodeConfiguration3Properties": { + "type": "object", + "properties": { + "condition": { + "$ref": "#/types/aws-native:bedrock:FlowVersionConditionFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionFlowNodeConfiguration4Properties": { + "type": "object", + "properties": { + "lex": { + "$ref": "#/types/aws-native:bedrock:FlowVersionLexFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionFlowNodeConfiguration5Properties": { + "type": "object", + "properties": { + "prompt": { + "$ref": "#/types/aws-native:bedrock:FlowVersionPromptFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionFlowNodeConfiguration6Properties": { + "type": "object", + "properties": { + "lambdaFunction": { + "$ref": "#/types/aws-native:bedrock:FlowVersionLambdaFunctionFlowNodeConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionFlowNodeInput": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "Expression for a node input in a flow" + }, + "name": { + "type": "string", + "description": "Name of a node input in a flow" + }, + "type": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeIoDataType", + "description": "The data type of the input. If the input doesn't match this type at runtime, a validation error will be thrown." + } + } + }, + "aws-native:bedrock:FlowVersionFlowNodeIoDataType": { + "type": "string" + }, + "aws-native:bedrock:FlowVersionFlowNodeOutput": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of a node output in a flow" + }, + "type": { + "$ref": "#/types/aws-native:bedrock:FlowVersionFlowNodeIoDataType", + "description": "The data type of the output. If the output doesn't match this type at runtime, a validation error will be thrown." + } + } + }, + "aws-native:bedrock:FlowVersionFlowNodeType": { + "type": "string" + }, + "aws-native:bedrock:FlowVersionFlowStatus": { + "type": "string" + }, + "aws-native:bedrock:FlowVersionInputFlowNodeConfiguration": { + "type": "object" + }, + "aws-native:bedrock:FlowVersionKnowledgeBaseFlowNodeConfiguration": { + "type": "object", + "properties": { + "knowledgeBaseId": { + "type": "string", + "description": "Identifier of the KnowledgeBase" + }, + "modelId": { + "type": "string", + "description": "ARN or name of a Bedrock model." + } + } + }, + "aws-native:bedrock:FlowVersionLambdaFunctionFlowNodeConfiguration": { + "type": "object", + "properties": { + "lambdaArn": { + "type": "string", + "description": "ARN of a Lambda." + } + } + }, + "aws-native:bedrock:FlowVersionLexFlowNodeConfiguration": { + "type": "object", + "properties": { + "botAliasArn": { + "type": "string", + "description": "ARN of a Lex bot alias" + }, + "localeId": { + "type": "string", + "description": "Lex bot locale id" + } + } + }, + "aws-native:bedrock:FlowVersionOutputFlowNodeConfiguration": { + "type": "object" + }, + "aws-native:bedrock:FlowVersionPromptFlowNodeConfiguration": { + "type": "object", + "properties": { + "sourceConfiguration": { + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:FlowVersionPromptFlowNodeSourceConfiguration0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:FlowVersionPromptFlowNodeSourceConfiguration1Properties" + } + ] + } + } + }, + "aws-native:bedrock:FlowVersionPromptFlowNodeInlineConfiguration": { + "type": "object", + "properties": { + "inferenceConfiguration": { + "$ref": "#/types/aws-native:bedrock:FlowVersionPromptInferenceConfigurationProperties" + }, + "modelId": { + "type": "string", + "description": "ARN or name of a Bedrock model." + }, + "templateConfiguration": { + "$ref": "#/types/aws-native:bedrock:FlowVersionPromptTemplateConfigurationProperties" + }, + "templateType": { + "$ref": "#/types/aws-native:bedrock:FlowVersionPromptTemplateType" + } + } + }, + "aws-native:bedrock:FlowVersionPromptFlowNodeResourceConfiguration": { + "type": "object", + "properties": { + "promptArn": { + "type": "string", + "description": "ARN of a prompt resource possibly with a version" + } + } + }, + "aws-native:bedrock:FlowVersionPromptFlowNodeSourceConfiguration0Properties": { + "type": "object", + "properties": { + "resource": { + "$ref": "#/types/aws-native:bedrock:FlowVersionPromptFlowNodeResourceConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionPromptFlowNodeSourceConfiguration1Properties": { + "type": "object", + "properties": { + "inline": { + "$ref": "#/types/aws-native:bedrock:FlowVersionPromptFlowNodeInlineConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionPromptInferenceConfiguration0Properties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:FlowVersionPromptModelInferenceConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionPromptInferenceConfigurationProperties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:FlowVersionPromptModelInferenceConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionPromptInputVariable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name for an input variable" + } + } + }, + "aws-native:bedrock:FlowVersionPromptModelInferenceConfiguration": { + "type": "object", + "properties": { + "maxTokens": { + "type": "number", + "description": "Maximum length of output" + }, + "stopSequences": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of stop sequences" + }, + "temperature": { + "type": "number", + "description": "Controls randomness, higher values increase diversity" + }, + "topK": { + "type": "number", + "description": "Sample from the k most likely next tokens" + }, + "topP": { + "type": "number", + "description": "Cumulative probability cutoff for token selection" + } + } + }, + "aws-native:bedrock:FlowVersionPromptTemplateConfiguration0Properties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:FlowVersionTextPromptTemplateConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionPromptTemplateConfigurationProperties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:FlowVersionTextPromptTemplateConfiguration" + } + } + }, + "aws-native:bedrock:FlowVersionPromptTemplateType": { + "type": "string" + }, + "aws-native:bedrock:FlowVersionTextPromptTemplateConfiguration": { + "type": "object", + "properties": { + "inputVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:FlowVersionPromptInputVariable" + }, + "description": "List of input variables" + }, + "text": { + "type": "string", + "description": "Prompt content for String prompt template" + } + } + }, + "aws-native:bedrock:GuardrailContentFilterConfig": { + "type": "object", + "properties": { + "inputStrength": { + "$ref": "#/types/aws-native:bedrock:GuardrailFilterStrength", + "description": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces." + }, + "outputStrength": { + "$ref": "#/types/aws-native:bedrock:GuardrailFilterStrength", + "description": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces." + }, + "type": { + "$ref": "#/types/aws-native:bedrock:GuardrailContentFilterType", + "description": "The harmful category that the content filter is applied to." + } + } + }, + "aws-native:bedrock:GuardrailContentFilterType": { + "type": "string" + }, + "aws-native:bedrock:GuardrailContentPolicyConfig": { + "type": "object", + "properties": { + "filtersConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:GuardrailContentFilterConfig" + }, + "description": "List of content filter configs in content policy." + } + } + }, + "aws-native:bedrock:GuardrailContextualGroundingFilterConfig": { + "type": "object", + "properties": { + "threshold": { + "type": "number", + "description": "The threshold for this filter." + }, + "type": { + "$ref": "#/types/aws-native:bedrock:GuardrailContextualGroundingFilterType" + } + } + }, + "aws-native:bedrock:GuardrailContextualGroundingFilterType": { + "type": "string" + }, + "aws-native:bedrock:GuardrailContextualGroundingPolicyConfig": { + "type": "object", + "properties": { + "filtersConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:GuardrailContextualGroundingFilterConfig" + }, + "description": "List of contextual grounding filter configs." + } + } + }, + "aws-native:bedrock:GuardrailFilterStrength": { + "type": "string" + }, + "aws-native:bedrock:GuardrailManagedWordsConfig": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:bedrock:GuardrailManagedWordsType", + "description": "The managed word type to configure for the guardrail." + } + } + }, + "aws-native:bedrock:GuardrailManagedWordsType": { + "type": "string" + }, + "aws-native:bedrock:GuardrailPiiEntityConfig": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:bedrock:GuardrailSensitiveInformationAction", + "description": "Configure guardrail action when the PII entity is detected." + }, + "type": { + "$ref": "#/types/aws-native:bedrock:GuardrailPiiEntityType", + "description": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guarrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *REDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc.." + } + } + }, + "aws-native:bedrock:GuardrailPiiEntityType": { + "type": "string" + }, + "aws-native:bedrock:GuardrailRegexConfig": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:bedrock:GuardrailSensitiveInformationAction", + "description": "The guardrail action to configure when matching regular expression is detected." + }, + "description": { + "type": "string", + "description": "The regex description." + }, + "name": { + "type": "string", + "description": "The regex name." + }, + "pattern": { + "type": "string", + "description": "The regex pattern." + } + } + }, + "aws-native:bedrock:GuardrailSensitiveInformationAction": { + "type": "string" + }, + "aws-native:bedrock:GuardrailSensitiveInformationPolicyConfig": { + "type": "object", + "properties": { + "piiEntitiesConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:GuardrailPiiEntityConfig" + }, + "description": "List of entities." + }, + "regexesConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:GuardrailRegexConfig" + }, + "description": "List of regex." + } + } + }, + "aws-native:bedrock:GuardrailStatus": { + "type": "string" + }, + "aws-native:bedrock:GuardrailTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Tag Key" + }, + "value": { + "type": "string", + "description": "Tag Value" + } + } + }, + "aws-native:bedrock:GuardrailTopicConfig": { + "type": "object", + "properties": { + "definition": { + "type": "string", + "description": "Definition of topic in topic policy" + }, + "examples": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of text examples" + }, + "name": { + "type": "string", + "description": "Name of topic in topic policy" + }, + "type": { + "$ref": "#/types/aws-native:bedrock:GuardrailTopicType", + "description": "Specifies to deny the topic." + } + } + }, + "aws-native:bedrock:GuardrailTopicPolicyConfig": { + "type": "object", + "properties": { + "topicsConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:GuardrailTopicConfig" + }, + "description": "List of topic configs in topic policy." + } + } + }, + "aws-native:bedrock:GuardrailTopicType": { + "type": "string" + }, + "aws-native:bedrock:GuardrailWordConfig": { + "type": "object", + "properties": { + "text": { + "type": "string", + "description": "The custom word text." + } + } + }, + "aws-native:bedrock:GuardrailWordPolicyConfig": { + "type": "object", + "properties": { + "managedWordListsConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:GuardrailManagedWordsConfig" + }, + "description": "A config for the list of managed words." + }, + "wordsConfig": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:GuardrailWordConfig" + }, + "description": "List of custom word configs." + } + } + }, + "aws-native:bedrock:KnowledgeBaseBedrockEmbeddingModelConfiguration": { + "type": "object", + "properties": { + "dimensions": { + "type": "integer", + "description": "The dimensions details for the vector configuration used on the Bedrock embeddings model." + } + } + }, + "aws-native:bedrock:KnowledgeBaseConfiguration": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseType", + "description": "The type of data that the data source is converted into for the knowledge base." + }, + "vectorKnowledgeBaseConfiguration": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseVectorKnowledgeBaseConfiguration", + "description": "Contains details about the embeddings model that'sused to convert the data source." + } + } + }, + "aws-native:bedrock:KnowledgeBaseEmbeddingModelConfiguration": { + "type": "object", + "properties": { + "bedrockEmbeddingModelConfiguration": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseBedrockEmbeddingModelConfiguration", + "description": "The vector configuration details on the Bedrock embeddings model." + } + } + }, + "aws-native:bedrock:KnowledgeBaseMongoDbAtlasConfiguration": { + "type": "object", + "properties": { + "collectionName": { + "type": "string", + "description": "Name of the collection within MongoDB Atlas." + }, + "credentialsSecretArn": { + "type": "string", + "description": "The ARN of the secret that you created in AWS Secrets Manager that is linked to your Amazon Mongo database." + }, + "databaseName": { + "type": "string", + "description": "Name of the database within MongoDB Atlas." + }, + "endpoint": { + "type": "string", + "description": "MongoDB Atlas endpoint." + }, + "endpointServiceName": { + "type": "string", + "description": "MongoDB Atlas endpoint service name." + }, + "fieldMapping": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseMongoDbAtlasFieldMapping", + "description": "Contains the names of the fields to which to map information about the vector store." + }, + "vectorIndexName": { + "type": "string", + "description": "Name of a MongoDB Atlas index." + } + } + }, + "aws-native:bedrock:KnowledgeBaseMongoDbAtlasFieldMapping": { + "type": "object", + "properties": { + "metadataField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores metadata about the vector store." + }, + "textField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose." + }, + "vectorField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources." + } + } + }, + "aws-native:bedrock:KnowledgeBaseOpenSearchServerlessConfiguration": { + "type": "object", + "properties": { + "collectionArn": { + "type": "string", + "description": "The ARN of the OpenSearch Service vector store." + }, + "fieldMapping": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseOpenSearchServerlessFieldMapping", + "description": "Contains the names of the fields to which to map information about the vector store." + }, + "vectorIndexName": { + "type": "string", + "description": "The name of the vector store." + } + } + }, + "aws-native:bedrock:KnowledgeBaseOpenSearchServerlessFieldMapping": { + "type": "object", + "properties": { + "metadataField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores metadata about the vector store." + }, + "textField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose." + }, + "vectorField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources." + } + } + }, + "aws-native:bedrock:KnowledgeBasePineconeConfiguration": { + "type": "object", + "properties": { + "connectionString": { + "type": "string", + "description": "The endpoint URL for your index management page." + }, + "credentialsSecretArn": { + "type": "string", + "description": "The ARN of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key." + }, + "fieldMapping": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBasePineconeFieldMapping", + "description": "Contains the names of the fields to which to map information about the vector store." + }, + "namespace": { + "type": "string", + "description": "The namespace to be used to write new data to your database." + } + } + }, + "aws-native:bedrock:KnowledgeBasePineconeFieldMapping": { + "type": "object", + "properties": { + "metadataField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores metadata about the vector store." + }, + "textField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose." + } + } + }, + "aws-native:bedrock:KnowledgeBaseRdsConfiguration": { + "type": "object", + "properties": { + "credentialsSecretArn": { + "type": "string", + "description": "The ARN of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database." + }, + "databaseName": { + "type": "string", + "description": "The name of your Amazon RDS database." + }, + "fieldMapping": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseRdsFieldMapping", + "description": "Contains the names of the fields to which to map information about the vector store." + }, + "resourceArn": { + "type": "string", + "description": "The ARN of the vector store." + }, + "tableName": { + "type": "string", + "description": "The name of the table in the database." + } + } + }, + "aws-native:bedrock:KnowledgeBaseRdsFieldMapping": { + "type": "object", + "properties": { + "metadataField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores metadata about the vector store." + }, + "primaryKeyField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores the ID for each entry." + }, + "textField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose." + }, + "vectorField": { + "type": "string", + "description": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources." + } + } + }, + "aws-native:bedrock:KnowledgeBaseStatus": { + "type": "string" + }, + "aws-native:bedrock:KnowledgeBaseStorageConfiguration": { + "type": "object", + "properties": { + "mongoDbAtlasConfiguration": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseMongoDbAtlasConfiguration", + "description": "Contains the storage configuration of the knowledge base in MongoDB Atlas." + }, + "opensearchServerlessConfiguration": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseOpenSearchServerlessConfiguration", + "description": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service." + }, + "pineconeConfiguration": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBasePineconeConfiguration", + "description": "Contains the storage configuration of the knowledge base in Pinecone." + }, + "rdsConfiguration": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseRdsConfiguration", + "description": "Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-rds.html) ." + }, + "type": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseStorageType", + "description": "The vector store service in which the knowledge base is stored." + } + } + }, + "aws-native:bedrock:KnowledgeBaseStorageType": { + "type": "string" + }, + "aws-native:bedrock:KnowledgeBaseType": { + "type": "string" + }, + "aws-native:bedrock:KnowledgeBaseVectorKnowledgeBaseConfiguration": { + "type": "object", + "properties": { + "embeddingModelArn": { + "type": "string", + "description": "The ARN of the model used to create vector embeddings for the knowledge base." + }, + "embeddingModelConfiguration": { + "$ref": "#/types/aws-native:bedrock:KnowledgeBaseEmbeddingModelConfiguration", + "description": "The embeddings model configuration details for the vector model used in Knowledge Base." + } + } + }, + "aws-native:bedrock:PromptInferenceConfiguration0Properties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:PromptModelInferenceConfiguration" + } + } + }, + "aws-native:bedrock:PromptInferenceConfigurationProperties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:PromptModelInferenceConfiguration" + } + } + }, + "aws-native:bedrock:PromptInputVariable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name for an input variable" + } + } + }, + "aws-native:bedrock:PromptModelInferenceConfiguration": { + "type": "object", + "properties": { + "maxTokens": { + "type": "number", + "description": "Maximum length of output" + }, + "stopSequences": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of stop sequences" + }, + "temperature": { + "type": "number", + "description": "Controls randomness, higher values increase diversity" + }, + "topK": { + "type": "number", + "description": "Sample from the k most likely next tokens" + }, + "topP": { + "type": "number", + "description": "Cumulative probability cutoff for token selection" + } + } + }, + "aws-native:bedrock:PromptTemplateConfiguration0Properties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:PromptTextPromptTemplateConfiguration" + } + } + }, + "aws-native:bedrock:PromptTemplateConfigurationProperties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:PromptTextPromptTemplateConfiguration" + } + } + }, + "aws-native:bedrock:PromptTemplateType": { + "type": "string" + }, + "aws-native:bedrock:PromptTextPromptTemplateConfiguration": { + "type": "object", + "properties": { + "inputVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:PromptInputVariable" + }, + "description": "List of input variables" + }, + "text": { + "type": "string", + "description": "Prompt content for String prompt template" + }, + "textS3Location": { + "$ref": "#/types/aws-native:bedrock:PromptTextS3Location" + } + }, + "irreversibleNames": { + "textS3Location": "TextS3Location" + } + }, + "aws-native:bedrock:PromptTextS3Location": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "A bucket in S3" + }, + "key": { + "type": "string", + "description": "A object key in S3" + }, + "version": { + "type": "string", + "description": "The version of the the S3 object to use" + } + } + }, + "aws-native:bedrock:PromptVariant": { + "type": "object", + "properties": { + "inferenceConfiguration": { + "$ref": "#/types/aws-native:bedrock:PromptInferenceConfigurationProperties", + "description": "Contains inference configurations for the prompt variant." + }, + "modelId": { + "type": "string", + "description": "ARN or name of a Bedrock model." + }, + "name": { + "type": "string", + "description": "Name for a variant." + }, + "templateConfiguration": { + "$ref": "#/types/aws-native:bedrock:PromptTemplateConfigurationProperties", + "description": "Contains configurations for the prompt template." + }, + "templateType": { + "$ref": "#/types/aws-native:bedrock:PromptTemplateType", + "description": "The type of prompt template to use." + } + } + }, + "aws-native:bedrock:PromptVersionPromptInferenceConfiguration0Properties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:PromptVersionPromptModelInferenceConfiguration" + } + } + }, + "aws-native:bedrock:PromptVersionPromptInferenceConfigurationProperties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:PromptVersionPromptModelInferenceConfiguration" + } + } + }, + "aws-native:bedrock:PromptVersionPromptInputVariable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name for an input variable" + } + } + }, + "aws-native:bedrock:PromptVersionPromptModelInferenceConfiguration": { + "type": "object", + "properties": { + "maxTokens": { + "type": "number", + "description": "Maximum length of output" + }, + "stopSequences": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of stop sequences" + }, + "temperature": { + "type": "number", + "description": "Controls randomness, higher values increase diversity" + }, + "topK": { + "type": "number", + "description": "Sample from the k most likely next tokens" + }, + "topP": { + "type": "number", + "description": "Cumulative probability cutoff for token selection" + } + } + }, + "aws-native:bedrock:PromptVersionPromptTemplateConfiguration0Properties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:PromptVersionTextPromptTemplateConfiguration" + } + } + }, + "aws-native:bedrock:PromptVersionPromptTemplateConfigurationProperties": { + "type": "object", + "properties": { + "text": { + "$ref": "#/types/aws-native:bedrock:PromptVersionTextPromptTemplateConfiguration" + } + } + }, + "aws-native:bedrock:PromptVersionPromptTemplateType": { + "type": "string" + }, + "aws-native:bedrock:PromptVersionPromptVariant": { + "type": "object", + "properties": { + "inferenceConfiguration": { + "$ref": "#/types/aws-native:bedrock:PromptVersionPromptInferenceConfigurationProperties", + "description": "Contains inference configurations for the prompt variant." + }, + "modelId": { + "type": "string", + "description": "ARN or name of a Bedrock model." + }, + "name": { + "type": "string", + "description": "Name for a variant." + }, + "templateConfiguration": { + "$ref": "#/types/aws-native:bedrock:PromptVersionPromptTemplateConfigurationProperties", + "description": "Contains configurations for the prompt template." + }, + "templateType": { + "$ref": "#/types/aws-native:bedrock:PromptVersionPromptTemplateType", + "description": "The type of prompt template to use." + } + } + }, + "aws-native:bedrock:PromptVersionTextPromptTemplateConfiguration": { + "type": "object", + "properties": { + "inputVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:bedrock:PromptVersionPromptInputVariable" + }, + "description": "List of input variables" + }, + "text": { + "type": "string", + "description": "Prompt content for String prompt template" + } + } + }, + "aws-native:budgets:BudgetsActionActionThreshold": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:budgets:BudgetsActionActionThresholdType", + "description": "The type of threshold for a notification." + }, + "value": { + "type": "number", + "description": "The threshold of a notification." + } + } + }, + "aws-native:budgets:BudgetsActionActionThresholdType": { + "type": "string" + }, + "aws-native:budgets:BudgetsActionActionType": { + "type": "string" + }, + "aws-native:budgets:BudgetsActionApprovalModel": { + "type": "string" + }, + "aws-native:budgets:BudgetsActionDefinition": { + "type": "object", + "properties": { + "iamActionDefinition": { + "$ref": "#/types/aws-native:budgets:BudgetsActionIamActionDefinition", + "description": "The AWS Identity and Access Management ( IAM ) action definition details." + }, + "scpActionDefinition": { + "$ref": "#/types/aws-native:budgets:BudgetsActionScpActionDefinition", + "description": "The service control policies (SCP) action definition details." + }, + "ssmActionDefinition": { + "$ref": "#/types/aws-native:budgets:BudgetsActionSsmActionDefinition", + "description": "The Amazon EC2 Systems Manager ( SSM ) action definition details." + } + } + }, + "aws-native:budgets:BudgetsActionIamActionDefinition": { + "type": "object", + "properties": { + "groups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of groups to be attached. There must be at least one group." + }, + "policyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the policy to be attached." + }, + "roles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of roles to be attached. There must be at least one role." + }, + "users": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of users to be attached. There must be at least one user." + } + } + }, + "aws-native:budgets:BudgetsActionNotificationType": { + "type": "string" + }, + "aws-native:budgets:BudgetsActionResourceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key that's associated with the tag." + }, + "value": { + "type": "string", + "description": "The value that's associated with the tag." + } + } + }, + "aws-native:budgets:BudgetsActionScpActionDefinition": { + "type": "object", + "properties": { + "policyId": { + "type": "string", + "description": "The policy ID attached." + }, + "targetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of target IDs." + } + } + }, + "aws-native:budgets:BudgetsActionSsmActionDefinition": { + "type": "object", + "properties": { + "instanceIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The EC2 and RDS instance IDs." + }, + "region": { + "type": "string", + "description": "The Region to run the ( SSM ) document." + }, + "subtype": { + "$ref": "#/types/aws-native:budgets:BudgetsActionSsmActionDefinitionSubtype", + "description": "The action subType." + } + } + }, + "aws-native:budgets:BudgetsActionSsmActionDefinitionSubtype": { + "type": "string" + }, + "aws-native:budgets:BudgetsActionSubscriber": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks." + }, + "type": { + "$ref": "#/types/aws-native:budgets:BudgetsActionSubscriberType", + "description": "The type of notification that AWS sends to a subscriber." + } + } + }, + "aws-native:budgets:BudgetsActionSubscriberType": { + "type": "string" + }, + "aws-native:cassandra:KeyspaceRegionListItem": { + "type": "string" + }, + "aws-native:cassandra:KeyspaceReplicationSpecification": { + "type": "object", + "properties": { + "regionList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cassandra:KeyspaceRegionListItem" + }, + "description": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two and up to six Regions, including the Region that the keyspace is being created in." + }, + "replicationStrategy": { + "$ref": "#/types/aws-native:cassandra:KeyspaceReplicationSpecificationReplicationStrategy", + "description": "The options are:\n\n- `SINGLE_REGION` (optional)\n- `MULTI_REGION`\n\nIf no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required." + } + } + }, + "aws-native:cassandra:KeyspaceReplicationSpecificationReplicationStrategy": { + "type": "string" + }, + "aws-native:cassandra:KeyspaceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag. Tag keys are case sensitive. Each Amazon Keyspaces resource can only have up to one tag with the same key. If you try to add an existing tag (same key), the existing tag value will be updated to the new value." + }, + "value": { + "type": "string", + "description": "The value of the tag. Tag values are case-sensitive and can be null." + } + } + }, + "aws-native:cassandra:TableAutoScalingSetting": { + "type": "object", + "properties": { + "autoScalingDisabled": { + "type": "boolean", + "description": "This optional parameter enables auto scaling for the table if set to `false` ." + }, + "maximumUnits": { + "type": "integer", + "description": "Manage costs by specifying the maximum amount of throughput to provision. The value must be between 1 and the max throughput per second quota for your account (40,000 by default)." + }, + "minimumUnits": { + "type": "integer", + "description": "The minimum level of throughput the table should always be ready to support. The value must be between 1 and the max throughput per second quota for your account (40,000 by default)." + }, + "scalingPolicy": { + "$ref": "#/types/aws-native:cassandra:TableScalingPolicy", + "description": "Amazon Keyspaces supports the `target tracking` auto scaling policy. With this policy, Amazon Keyspaces auto scaling ensures that the table's ratio of consumed to provisioned capacity stays at or near the target value that you specify. You define the target value as a percentage between 20 and 90." + } + } + }, + "aws-native:cassandra:TableAutoScalingSpecification": { + "type": "object", + "properties": { + "readCapacityAutoScaling": { + "$ref": "#/types/aws-native:cassandra:TableAutoScalingSetting", + "description": "The auto scaling settings for the table's read capacity." + }, + "writeCapacityAutoScaling": { + "$ref": "#/types/aws-native:cassandra:TableAutoScalingSetting", + "description": "The auto scaling settings for the table's write capacity." + } + } + }, + "aws-native:cassandra:TableBillingMode": { + "type": "object", + "properties": { + "mode": { + "$ref": "#/types/aws-native:cassandra:TableMode", + "description": "The billing mode for the table:\n\n- On-demand mode - `ON_DEMAND`\n- Provisioned mode - `PROVISIONED`\n\n\u003e If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table.\n\nValid values: `ON_DEMAND` | `PROVISIONED`" + }, + "provisionedThroughput": { + "$ref": "#/types/aws-native:cassandra:TableProvisionedThroughput", + "description": "The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* ." + } + } + }, + "aws-native:cassandra:TableClusteringKeyColumn": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:cassandra:TableColumn", + "description": "The name and data type of this clustering key column." + }, + "orderBy": { + "$ref": "#/types/aws-native:cassandra:TableClusteringKeyColumnOrderBy", + "description": "The order in which this column's data is stored:\n\n- `ASC` (default) - The column's data is stored in ascending order.\n- `DESC` - The column's data is stored in descending order." + } + } + }, + "aws-native:cassandra:TableClusteringKeyColumnOrderBy": { + "type": "string" + }, + "aws-native:cassandra:TableColumn": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "The name of the column. For more information, see [Identifiers](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.elements.identifier) in the *Amazon Keyspaces Developer Guide* ." + }, + "columnType": { + "type": "string", + "description": "The data type of the column. For more information, see [Data types](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) in the *Amazon Keyspaces Developer Guide* ." + } + } + }, + "aws-native:cassandra:TableEncryptionSpecification": { + "type": "object", + "properties": { + "encryptionType": { + "$ref": "#/types/aws-native:cassandra:TableEncryptionType", + "description": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - `AWS_OWNED_KMS_KEY`\n- *Customer managed key* - `CUSTOMER_MANAGED_KMS_KEY`\n\n\u003e If you choose `CUSTOMER_MANAGED_KMS_KEY` , a `kms_key_identifier` in the format of a key ARN is required.\n\nValid values: `CUSTOMER_MANAGED_KMS_KEY` | `AWS_OWNED_KMS_KEY` ." + }, + "kmsKeyIdentifier": { + "type": "string", + "description": "Requires a `kms_key_identifier` in the format of a key ARN." + } + } + }, + "aws-native:cassandra:TableEncryptionType": { + "type": "string" + }, + "aws-native:cassandra:TableMode": { + "type": "string" + }, + "aws-native:cassandra:TableProvisionedThroughput": { + "type": "object", + "properties": { + "readCapacityUnits": { + "type": "integer", + "description": "The amount of read capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* ." + }, + "writeCapacityUnits": { + "type": "integer", + "description": "The amount of write capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* ." + } + } + }, + "aws-native:cassandra:TableReplicaSpecification": { + "type": "object", + "properties": { + "readCapacityAutoScaling": { + "$ref": "#/types/aws-native:cassandra:TableAutoScalingSetting", + "description": "The read capacity auto scaling settings for the multi-Region table in the specified AWS Region." + }, + "readCapacityUnits": { + "type": "integer", + "description": "The provisioned read capacity units for the multi-Region table in the specified AWS Region." + }, + "region": { + "type": "string", + "description": "The AWS Region." + } + } + }, + "aws-native:cassandra:TableScalingPolicy": { + "type": "object", + "properties": { + "targetTrackingScalingPolicyConfiguration": { + "$ref": "#/types/aws-native:cassandra:TableTargetTrackingScalingPolicyConfiguration", + "description": "The auto scaling policy that scales a table based on the ratio of consumed to provisioned capacity." + } + } + }, + "aws-native:cassandra:TableTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag. Tag keys are case sensitive. Each Amazon Keyspaces resource can only have up to one tag with the same key. If you try to add an existing tag (same key), the existing tag value will be updated to the new value." + }, + "value": { + "type": "string", + "description": "The value of the tag. Tag values are case-sensitive and can be null." + } + } + }, + "aws-native:cassandra:TableTargetTrackingScalingPolicyConfiguration": { + "type": "object", + "properties": { + "disableScaleIn": { + "type": "boolean", + "description": "Specifies if `scale-in` is enabled.\n\nWhen auto scaling automatically decreases capacity for a table, the table *scales in* . When scaling policies are set, they can't scale in the table lower than its minimum capacity." + }, + "scaleInCooldown": { + "type": "integer", + "description": "Specifies a `scale-in` cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts." + }, + "scaleOutCooldown": { + "type": "integer", + "description": "Specifies a scale out cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts." + }, + "targetValue": { + "type": "integer", + "description": "Specifies the target value for the target tracking auto scaling policy.\n\nAmazon Keyspaces auto scaling scales up capacity automatically when traffic exceeds this target utilization rate, and then back down when it falls below the target. This ensures that the ratio of consumed capacity to provisioned capacity stays at or near this value. You define `targetValue` as a percentage. An `integer` between 20 and 90." + } + } + }, + "aws-native:ce:AnomalyMonitorMonitorDimension": { + "type": "string" + }, + "aws-native:ce:AnomalyMonitorMonitorType": { + "type": "string" + }, + "aws-native:ce:AnomalyMonitorResourceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name for the tag." + }, + "value": { + "type": "string", + "description": "The value for the tag." + } + } + }, + "aws-native:ce:AnomalySubscriptionFrequency": { + "type": "string" + }, + "aws-native:ce:AnomalySubscriptionResourceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name for the tag." + }, + "value": { + "type": "string", + "description": "The value for the tag." + } + } + }, + "aws-native:ce:AnomalySubscriptionSubscriber": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "The email address or SNS Topic Amazon Resource Name (ARN), depending on the `Type` ." + }, + "status": { + "$ref": "#/types/aws-native:ce:AnomalySubscriptionSubscriberStatus", + "description": "Indicates if the subscriber accepts the notifications." + }, + "type": { + "$ref": "#/types/aws-native:ce:AnomalySubscriptionSubscriberType", + "description": "The notification delivery channel." + } + } + }, + "aws-native:ce:AnomalySubscriptionSubscriberStatus": { + "type": "string" + }, + "aws-native:ce:AnomalySubscriptionSubscriberType": { + "type": "string" + }, + "aws-native:ce:CostCategoryRuleVersion": { + "type": "string" + }, + "aws-native:certificatemanager:AccountExpiryEventsConfiguration": { + "type": "object", + "properties": { + "daysBeforeExpiry": { + "type": "integer", + "description": "This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events. ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration." + } + } + }, + "aws-native:chatbot:MicrosoftTeamsChannelConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag. You can specify a maximum of 128 characters for a tag key. Tags owned by Amazon Web Services (AWS) have the reserved prefix: `aws:` ." + }, + "value": { + "type": "string", + "description": "A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value." + } + } + }, + "aws-native:chatbot:SlackChannelConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag. You can specify a maximum of 128 characters for a tag key. Tags owned by Amazon Web Services (AWS) have the reserved prefix: `aws:` ." + }, + "value": { + "type": "string", + "description": "A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value." + } + } + }, + "aws-native:cleanrooms:AnalysisTemplateAnalysisParameter": { + "type": "object", + "properties": { + "defaultValue": { + "type": "string", + "description": "Optional. The default value that is applied in the analysis template. The member who can query can override this value in the query editor.", + "replaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The name of the parameter. The name must use only alphanumeric, underscore (_), or hyphen (-) characters but cannot start or end with a hyphen.", + "replaceOnChanges": true + }, + "type": { + "$ref": "#/types/aws-native:cleanrooms:AnalysisTemplateAnalysisParameterType", + "description": "The type of parameter.", + "replaceOnChanges": true + } + } + }, + "aws-native:cleanrooms:AnalysisTemplateAnalysisParameterType": { + "type": "string" + }, + "aws-native:cleanrooms:AnalysisTemplateAnalysisSchema": { + "type": "object", + "properties": { + "referencedTables": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The tables referenced in the analysis schema." + } + } + }, + "aws-native:cleanrooms:AnalysisTemplateAnalysisSource": { + "type": "object", + "properties": { + "text": { + "type": "string", + "description": "The query text.", + "replaceOnChanges": true + } + } + }, + "aws-native:cleanrooms:AnalysisTemplateFormat": { + "type": "string" + }, + "aws-native:cleanrooms:AnalysisTemplateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:cleanrooms:CollaborationDataEncryptionMetadata": { + "type": "object", + "properties": { + "allowCleartext": { + "type": "boolean", + "description": "Indicates whether encrypted tables can contain cleartext data ( `TRUE` ) or are to cryptographically process every column ( `FALSE` )." + }, + "allowDuplicates": { + "type": "boolean", + "description": "Indicates whether Fingerprint columns can contain duplicate entries ( `TRUE` ) or are to contain only non-repeated values ( `FALSE` )." + }, + "allowJoinsOnColumnsWithDifferentNames": { + "type": "boolean", + "description": "Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name ( `TRUE` ) or can only be joined on Fingerprint columns of the same name ( `FALSE` )." + }, + "preserveNulls": { + "type": "boolean", + "description": "Indicates whether NULL values are to be copied as NULL to encrypted tables ( `TRUE` ) or cryptographically processed ( `FALSE` )." + } + } + }, + "aws-native:cleanrooms:CollaborationMemberAbility": { + "type": "string" + }, + "aws-native:cleanrooms:CollaborationMemberSpecification": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "The identifier used to reference members of the collaboration. Currently only supports AWS account ID." + }, + "displayName": { + "type": "string", + "description": "The member's display name." + }, + "memberAbilities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationMemberAbility" + }, + "description": "The abilities granted to the collaboration member.\n\n*Allowed Values* : `CAN_QUERY` | `CAN_RECEIVE_RESULTS`" + }, + "paymentConfiguration": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationPaymentConfiguration", + "description": "The collaboration member's payment responsibilities set by the collaboration creator.\n\nIf the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer." + } + } + }, + "aws-native:cleanrooms:CollaborationPaymentConfiguration": { + "type": "object", + "properties": { + "queryCompute": { + "$ref": "#/types/aws-native:cleanrooms:CollaborationQueryComputePaymentConfig", + "description": "The collaboration member's payment responsibilities set by the collaboration creator for query compute costs." + } + } + }, + "aws-native:cleanrooms:CollaborationQueryComputePaymentConfig": { + "type": "object", + "properties": { + "isResponsible": { + "type": "boolean", + "description": "Indicates whether the collaboration creator has configured the collaboration member to pay for query compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query." + } + } + }, + "aws-native:cleanrooms:CollaborationQueryLogStatus": { + "type": "string" + }, + "aws-native:cleanrooms:CollaborationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAdditionalAnalyses": { + "type": "string" + }, + "aws-native:cleanrooms:ConfiguredTableAggregateColumn": { + "type": "object", + "properties": { + "columnNames": { + "type": "array", + "items": { + "type": "string" + } + }, + "function": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAggregateFunctionName" + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAggregateFunctionName": { + "type": "string" + }, + "aws-native:cleanrooms:ConfiguredTableAggregationConstraint": { + "type": "object", + "properties": { + "columnName": { + "type": "string" + }, + "minimum": { + "type": "number" + }, + "type": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAggregationType" + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAggregationType": { + "type": "string" + }, + "aws-native:cleanrooms:ConfiguredTableAnalysisMethod": { + "type": "string" + }, + "aws-native:cleanrooms:ConfiguredTableAnalysisRule": { + "type": "object", + "properties": { + "policy": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisRulePolicy", + "description": "A policy that describes the associated data usage limitations." + }, + "type": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisRuleType", + "description": "The type of analysis rule." + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAnalysisRuleAggregation": { + "type": "object", + "properties": { + "additionalAnalyses": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAdditionalAnalyses" + }, + "aggregateColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAggregateColumn" + } + }, + "allowedJoinOperators": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableJoinOperator" + } + }, + "dimensionColumns": { + "type": "array", + "items": { + "type": "string" + } + }, + "joinColumns": { + "type": "array", + "items": { + "type": "string" + } + }, + "joinRequired": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableJoinRequiredOption" + }, + "outputConstraints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAggregationConstraint" + } + }, + "scalarFunctions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableScalarFunctions" + } + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAnalysisRuleCustom": { + "type": "object", + "properties": { + "additionalAnalyses": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAdditionalAnalyses" + }, + "allowedAnalyses": { + "type": "array", + "items": { + "type": "string" + } + }, + "allowedAnalysisProviders": { + "type": "array", + "items": { + "type": "string" + } + }, + "differentialPrivacy": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableDifferentialPrivacy" + }, + "disallowedOutputColumns": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAnalysisRuleList": { + "type": "object", + "properties": { + "additionalAnalyses": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAdditionalAnalyses" + }, + "allowedJoinOperators": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableJoinOperator" + } + }, + "joinColumns": { + "type": "array", + "items": { + "type": "string" + } + }, + "listColumns": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAnalysisRulePolicy": { + "type": "object", + "properties": { + "v1": { + "oneOf": [ + { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisRulePolicyV10Properties" + }, + { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisRulePolicyV11Properties" + }, + { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisRulePolicyV12Properties" + } + ], + "description": "Controls on the query specifications that can be run on a configured table." + } + }, + "irreversibleNames": { + "v1": "V1" + } + }, + "aws-native:cleanrooms:ConfiguredTableAnalysisRulePolicyV10Properties": { + "type": "object", + "properties": { + "list": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisRuleList" + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAnalysisRulePolicyV11Properties": { + "type": "object", + "properties": { + "aggregation": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisRuleAggregation" + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAnalysisRulePolicyV12Properties": { + "type": "object", + "properties": { + "custom": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAnalysisRuleCustom" + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAnalysisRuleType": { + "type": "string" + }, + "aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRule": { + "type": "object", + "properties": { + "policy": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRulePolicy", + "description": "The policy of the configured table association analysis rule." + }, + "type": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRuleType", + "description": "The type of the configured table association analysis rule." + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRuleAggregation": { + "type": "object", + "properties": { + "allowedAdditionalAnalyses": { + "type": "array", + "items": { + "type": "string" + } + }, + "allowedResultReceivers": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRuleCustom": { + "type": "object", + "properties": { + "allowedAdditionalAnalyses": { + "type": "array", + "items": { + "type": "string" + } + }, + "allowedResultReceivers": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRuleList": { + "type": "object", + "properties": { + "allowedAdditionalAnalyses": { + "type": "array", + "items": { + "type": "string" + } + }, + "allowedResultReceivers": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRulePolicy": { + "type": "object", + "properties": { + "v1": { + "oneOf": [ + { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRulePolicyV10Properties" + }, + { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRulePolicyV11Properties" + }, + { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRulePolicyV12Properties" + } + ], + "description": "The policy for the configured table association analysis rule." + } + }, + "irreversibleNames": { + "v1": "V1" + } + }, + "aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRulePolicyV10Properties": { + "type": "object", + "properties": { + "list": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRuleList" + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRulePolicyV11Properties": { + "type": "object", + "properties": { + "aggregation": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRuleAggregation" + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRulePolicyV12Properties": { + "type": "object", + "properties": { + "custom": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRuleCustom" + } + } + }, + "aws-native:cleanrooms:ConfiguredTableAssociationAnalysisRuleType": { + "type": "string" + }, + "aws-native:cleanrooms:ConfiguredTableAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:cleanrooms:ConfiguredTableDifferentialPrivacy": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableDifferentialPrivacyColumn" + } + } + } + }, + "aws-native:cleanrooms:ConfiguredTableDifferentialPrivacyColumn": { + "type": "object", + "properties": { + "name": { + "type": "string" + } + } + }, + "aws-native:cleanrooms:ConfiguredTableGlueTableReference": { + "type": "object", + "properties": { + "databaseName": { + "type": "string", + "description": "The name of the database the AWS Glue table belongs to." + }, + "tableName": { + "type": "string", + "description": "The name of the AWS Glue table." + } + } + }, + "aws-native:cleanrooms:ConfiguredTableJoinOperator": { + "type": "string" + }, + "aws-native:cleanrooms:ConfiguredTableJoinRequiredOption": { + "type": "string" + }, + "aws-native:cleanrooms:ConfiguredTableScalarFunctions": { + "type": "string" + }, + "aws-native:cleanrooms:ConfiguredTableTableReference": { + "type": "object", + "properties": { + "glue": { + "$ref": "#/types/aws-native:cleanrooms:ConfiguredTableGlueTableReference", + "description": "If present, a reference to the AWS Glue table referred to by this table reference." + } + } + }, + "aws-native:cleanrooms:ConfiguredTableTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:cleanrooms:IdMappingTableInputReferenceConfig": { + "type": "object", + "properties": { + "inputReferenceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the referenced resource in AWS Entity Resolution . Valid values are ID mapping workflow ARNs." + }, + "manageResourcePolicies": { + "type": "boolean", + "description": "When `TRUE` , AWS Clean Rooms manages permissions for the ID mapping table resource.\n\nWhen `FALSE` , the resource owner manages permissions for the ID mapping table resource." + } + } + }, + "aws-native:cleanrooms:IdMappingTableInputReferenceProperties": { + "type": "object", + "properties": { + "idMappingTableInputSource": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:IdMappingTableInputSource" + }, + "description": "The input source of the ID mapping table." + } + } + }, + "aws-native:cleanrooms:IdMappingTableInputSource": { + "type": "object", + "properties": { + "idNamespaceAssociationId": { + "type": "string", + "description": "The unique identifier of the ID namespace association." + }, + "type": { + "$ref": "#/types/aws-native:cleanrooms:IdMappingTableInputSourceType", + "description": "The type of the input source of the ID mapping table." + } + } + }, + "aws-native:cleanrooms:IdMappingTableInputSourceType": { + "type": "string" + }, + "aws-native:cleanrooms:IdMappingTableTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:cleanrooms:IdNamespaceAssociationDocument": { + "type": "object" + }, + "aws-native:cleanrooms:IdNamespaceAssociationIdMappingConfig": { + "type": "object", + "properties": { + "allowUseAsDimensionColumn": { + "type": "boolean", + "description": "An indicator as to whether you can use your column as a dimension column in the ID mapping table ( `TRUE` ) or not ( `FALSE` ).\n\nDefault is `FALSE` ." + } + } + }, + "aws-native:cleanrooms:IdNamespaceAssociationInputReferenceConfig": { + "type": "object", + "properties": { + "inputReferenceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Entity Resolution resource that is being associated to the collaboration. Valid resource ARNs are from the ID namespaces that you own." + }, + "manageResourcePolicies": { + "type": "boolean", + "description": "When `TRUE` , AWS Clean Rooms manages permissions for the ID namespace association resource.\n\nWhen `FALSE` , the resource owner manages permissions for the ID namespace association resource." + } + } + }, + "aws-native:cleanrooms:IdNamespaceAssociationInputReferenceProperties": { + "type": "object", + "properties": { + "idMappingWorkflowsSupported": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanrooms:IdNamespaceAssociationDocument" + }, + "description": "Defines how ID mapping workflows are supported for this ID namespace association." + }, + "idNamespaceType": { + "$ref": "#/types/aws-native:cleanrooms:IdNamespaceAssociationInputReferencePropertiesIdNamespaceType", + "description": "The ID namespace type for this ID namespace association." + } + } + }, + "aws-native:cleanrooms:IdNamespaceAssociationInputReferencePropertiesIdNamespaceType": { + "type": "string" + }, + "aws-native:cleanrooms:IdNamespaceAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:cleanrooms:MembershipPaymentConfiguration": { + "type": "object", + "properties": { + "queryCompute": { + "$ref": "#/types/aws-native:cleanrooms:MembershipQueryComputePaymentConfig", + "description": "The payment responsibilities accepted by the collaboration member for query compute costs." + } + } + }, + "aws-native:cleanrooms:MembershipProtectedQueryOutputConfiguration": { + "type": "object", + "properties": { + "s3": { + "$ref": "#/types/aws-native:cleanrooms:MembershipProtectedQueryS3OutputConfiguration", + "description": "Required configuration for a protected query with an `s3` output type." + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:cleanrooms:MembershipProtectedQueryResultConfiguration": { + "type": "object", + "properties": { + "outputConfiguration": { + "$ref": "#/types/aws-native:cleanrooms:MembershipProtectedQueryOutputConfiguration", + "description": "Configuration for protected query results." + }, + "roleArn": { + "type": "string", + "description": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected query results to the result location, given by the member who can receive results." + } + } + }, + "aws-native:cleanrooms:MembershipProtectedQueryS3OutputConfiguration": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The S3 bucket to unload the protected query results." + }, + "keyPrefix": { + "type": "string", + "description": "The S3 prefix to unload the protected query results." + }, + "resultFormat": { + "$ref": "#/types/aws-native:cleanrooms:MembershipResultFormat", + "description": "Intended file format of the result." + } + } + }, + "aws-native:cleanrooms:MembershipQueryComputePaymentConfig": { + "type": "object", + "properties": { + "isResponsible": { + "type": "boolean", + "description": "Indicates whether the collaboration member has accepted to pay for query compute costs ( `TRUE` ) or has not accepted to pay for query compute costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for query compute costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query compute costs." + } + } + }, + "aws-native:cleanrooms:MembershipQueryLogStatus": { + "type": "string" + }, + "aws-native:cleanrooms:MembershipResultFormat": { + "type": "string" + }, + "aws-native:cleanrooms:MembershipTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:cleanrooms:ParametersProperties": { + "type": "object", + "properties": { + "epsilon": { + "type": "integer", + "description": "The epsilon value that you want to use." + }, + "usersNoisePerQuery": { + "type": "integer", + "description": "Noise added per query is measured in terms of the number of users whose contributions you want to obscure. This value governs the rate at which the privacy budget is depleted." + } + } + }, + "aws-native:cleanrooms:PrivacyBudgetTemplateAutoRefresh": { + "type": "string" + }, + "aws-native:cleanrooms:PrivacyBudgetTemplatePrivacyBudgetType": { + "type": "string" + }, + "aws-native:cleanrooms:PrivacyBudgetTemplateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with `aws:` . digits, whitespace, `_` , `.` , `:` , `/` , `=` , `+` , `@` , `-` , and `\"` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)" + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + } + }, + "aws-native:cleanroomsml:TrainingDatasetColumnSchema": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "The name of a column." + }, + "columnTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanroomsml:TrainingDatasetColumnType" + }, + "description": "The data type of column." + } + } + }, + "aws-native:cleanroomsml:TrainingDatasetColumnType": { + "type": "string" + }, + "aws-native:cleanroomsml:TrainingDatasetDataSource": { + "type": "object", + "properties": { + "glueDataSource": { + "$ref": "#/types/aws-native:cleanroomsml:TrainingDatasetGlueDataSource", + "description": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data." + } + } + }, + "aws-native:cleanroomsml:TrainingDatasetDataset": { + "type": "object", + "properties": { + "inputConfig": { + "$ref": "#/types/aws-native:cleanroomsml:TrainingDatasetDatasetInputConfig", + "description": "A DatasetInputConfig object that defines the data source and schema mapping." + }, + "type": { + "$ref": "#/types/aws-native:cleanroomsml:TrainingDatasetDatasetType", + "description": "What type of information is found in the dataset." + } + } + }, + "aws-native:cleanroomsml:TrainingDatasetDatasetInputConfig": { + "type": "object", + "properties": { + "dataSource": { + "$ref": "#/types/aws-native:cleanroomsml:TrainingDatasetDataSource", + "description": "A DataSource object that specifies the Glue data source for the training data." + }, + "schema": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cleanroomsml:TrainingDatasetColumnSchema" + }, + "description": "The schema information for the training data." + } + } + }, + "aws-native:cleanroomsml:TrainingDatasetDatasetType": { + "type": "string" + }, + "aws-native:cleanroomsml:TrainingDatasetGlueDataSource": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "The Glue catalog that contains the training data." + }, + "databaseName": { + "type": "string", + "description": "The Glue database that contains the training data." + }, + "tableName": { + "type": "string", + "description": "The Glue table that contains the training data." + } + } + }, + "aws-native:cleanroomsml:TrainingDatasetStatus": { + "type": "string" + }, + "aws-native:cleanroomsml:TrainingDatasetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with `aws:` . digits, whitespace, `_` , `.` , `:` , `/` , `=` , `+` , `@` , `-` , and `\"` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)" + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + } + }, + "aws-native:cloudformation:HookTypeConfigConfigurationAlias": { + "type": "string" + }, + "aws-native:cloudformation:HookVersionLoggingConfig": { + "type": "object", + "properties": { + "logGroupName": { + "type": "string", + "description": "The Amazon CloudWatch log group to which CloudFormation sends error logging information when invoking the type's handlers." + }, + "logRoleArn": { + "type": "string", + "description": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs." + } + } + }, + "aws-native:cloudformation:HookVersionVisibility": { + "type": "string" + }, + "aws-native:cloudformation:ManagedExecutionProperties": { + "type": "object", + "properties": { + "active": { + "type": "boolean", + "description": "When `true` , StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n\u003e If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n\u003e \n\u003e You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. \n\nWhen `false` (default), StackSets performs one operation at a time in request order." + } + } + }, + "aws-native:cloudformation:ModuleVersionVisibility": { + "type": "string" + }, + "aws-native:cloudformation:PublicTypeVersionType": { + "type": "string" + }, + "aws-native:cloudformation:PublisherIdentityProvider": { + "type": "string" + }, + "aws-native:cloudformation:PublisherStatus": { + "type": "string" + }, + "aws-native:cloudformation:ResourceVersionLoggingConfig": { + "type": "object", + "properties": { + "logGroupName": { + "type": "string", + "description": "The Amazon CloudWatch log group to which CloudFormation sends error logging information when invoking the type's handlers." + }, + "logRoleArn": { + "type": "string", + "description": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs." + } + } + }, + "aws-native:cloudformation:ResourceVersionProvisioningType": { + "type": "string" + }, + "aws-native:cloudformation:ResourceVersionVisibility": { + "type": "string" + }, + "aws-native:cloudformation:StackCapabilitiesItem": { + "type": "string" + }, + "aws-native:cloudformation:StackOutput": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "User defined description associated with the output." + }, + "exportName": { + "type": "string", + "description": "The name of the export associated with the output." + }, + "outputKey": { + "type": "string", + "description": "The key associated with the output." + }, + "outputValue": { + "type": "string", + "description": "The value associated with the output." + } + } + }, + "aws-native:cloudformation:StackSetAutoDeployment": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "If set to true, StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions." + }, + "retainStacksOnAccountRemoval": { + "type": "boolean", + "description": "If set to true, stack resources are retained when an account is removed from a target organization or OU. If set to false, stack resources are deleted. Specify only if Enabled is set to True." + } + } + }, + "aws-native:cloudformation:StackSetCallAs": { + "type": "string" + }, + "aws-native:cloudformation:StackSetCapability": { + "type": "string" + }, + "aws-native:cloudformation:StackSetConcurrencyMode": { + "type": "string" + }, + "aws-native:cloudformation:StackSetDeploymentTargets": { + "type": "object", + "properties": { + "accountFilterType": { + "$ref": "#/types/aws-native:cloudformation:StackSetDeploymentTargetsAccountFilterType", + "description": "The filter type you want to apply on organizational units and accounts." + }, + "accounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "AWS accounts that you want to create stack instances in the specified Region(s) for." + }, + "accountsUrl": { + "type": "string", + "description": "Returns the value of the AccountsUrl property." + }, + "organizationalUnitIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The organization root ID or organizational unit (OU) IDs to which StackSets deploys." + } + } + }, + "aws-native:cloudformation:StackSetDeploymentTargetsAccountFilterType": { + "type": "string" + }, + "aws-native:cloudformation:StackSetOperationPreferences": { + "type": "object", + "properties": { + "concurrencyMode": { + "$ref": "#/types/aws-native:cloudformation:StackSetConcurrencyMode", + "description": "Specifies how the concurrency level behaves during the operation execution.\n\n- `STRICT_FAILURE_TOLERANCE` : This option dynamically lowers the concurrency level to ensure the number of failed accounts never exceeds the value of `FailureToleranceCount` +1. The initial actual concurrency is set to the lower of either the value of the `MaxConcurrentCount` , or the value of `FailureToleranceCount` +1. The actual concurrency is then reduced proportionally by the number of failures. This is the default behavior.\n\nIf failure tolerance or Maximum concurrent accounts are set to percentages, the behavior is similar.\n- `SOFT_FAILURE_TOLERANCE` : This option decouples `FailureToleranceCount` from the actual concurrency. This allows stack set operations to run at the concurrency level set by the `MaxConcurrentCount` value, or `MaxConcurrentPercentage` , regardless of the number of failures." + }, + "failureToleranceCount": { + "type": "integer", + "description": "The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region. If the operation is stopped in a Region, AWS CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both)." + }, + "failureTolerancePercentage": { + "type": "integer", + "description": "The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region. If the operation is stopped in a Region, AWS CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, AWS CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both." + }, + "maxConcurrentCount": { + "type": "integer", + "description": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` .\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both." + }, + "maxConcurrentPercentage": { + "type": "integer", + "description": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, AWS CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both." + }, + "regionConcurrencyType": { + "$ref": "#/types/aws-native:cloudformation:StackSetRegionConcurrencyType", + "description": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time." + }, + "regionOrder": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The order of the Regions where you want to perform the stack operation.\n\n\u003e `RegionOrder` isn't followed if `AutoDeployment` is enabled." + } + } + }, + "aws-native:cloudformation:StackSetParameter": { + "type": "object", + "properties": { + "parameterKey": { + "type": "string", + "description": "The key associated with the parameter. If you don't specify a key and value for a particular parameter, AWS CloudFormation uses the default value that is specified in your template." + }, + "parameterValue": { + "type": "string", + "description": "The input value associated with the parameter." + } + } + }, + "aws-native:cloudformation:StackSetPermissionModel": { + "type": "string" + }, + "aws-native:cloudformation:StackSetRegionConcurrencyType": { + "type": "string" + }, + "aws-native:cloudformation:StackSetStackInstances": { + "type": "object", + "properties": { + "deploymentTargets": { + "$ref": "#/types/aws-native:cloudformation:StackSetDeploymentTargets", + "description": "The AWS `OrganizationalUnitIds` or `Accounts` for which to create stack instances in the specified Regions." + }, + "parameterOverrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudformation:StackSetParameter" + }, + "description": "A list of stack set parameters whose values you want to override in the selected stack instances." + }, + "regions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The names of one or more Regions where you want to create stack instances using the specified AWS account(s)." + } + } + }, + "aws-native:cloudformation:StackSetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag. You can specify a maximum of 127 characters for a tag key." + }, + "value": { + "type": "string", + "description": "A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value." + } + } + }, + "aws-native:cloudformation:StackStatus": { + "type": "string" + }, + "aws-native:cloudformation:StackTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "*Required* . A string used to identify this tag. You can specify a maximum of 128 characters for a tag key. Tags owned by Amazon Web Services ( AWS ) have the reserved prefix: `aws:` ." + }, + "value": { + "type": "string", + "description": "*Required* . A string containing the value for this tag. You can specify a maximum of 256 characters for a tag value." + } + } + }, + "aws-native:cloudformation:TypeActivationLoggingConfig": { + "type": "object", + "properties": { + "logGroupName": { + "type": "string", + "description": "The Amazon CloudWatch log group to which CloudFormation sends error logging information when invoking the type's handlers." + }, + "logRoleArn": { + "type": "string", + "description": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs." + } + } + }, + "aws-native:cloudformation:TypeActivationType": { + "type": "string" + }, + "aws-native:cloudformation:TypeActivationVersionBump": { + "type": "string" + }, + "aws-native:cloudfront:CachePolicyConfig": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "A comment to describe the cache policy. The comment cannot be longer than 128 characters." + }, + "defaultTtl": { + "type": "number", + "description": "The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object's time to live (TTL) only when the origin does *not* send `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 86400 seconds (one day). If the value of `MinTTL` is more than 86400 seconds, then the default value for this field is the same as the value of `MinTTL` ." + }, + "maxTtl": { + "type": "number", + "description": "The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 31536000 seconds (one year). If the value of `MinTTL` or `DefaultTTL` is more than 31536000 seconds, then the default value for this field is the same as the value of `DefaultTTL` ." + }, + "minTtl": { + "type": "number", + "description": "The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* ." + }, + "name": { + "type": "string", + "description": "A unique name to identify the cache policy." + }, + "parametersInCacheKeyAndForwardedToOrigin": { + "$ref": "#/types/aws-native:cloudfront:CachePolicyParametersInCacheKeyAndForwardedToOrigin", + "description": "The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin." + } + }, + "irreversibleNames": { + "defaultTtl": "DefaultTTL", + "maxTtl": "MaxTTL", + "minTtl": "MinTTL" + } + }, + "aws-native:cloudfront:CachePolicyCookiesConfig": { + "type": "object", + "properties": { + "cookieBehavior": { + "type": "string", + "description": "Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` – No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` – Only the cookies in viewer requests that are listed in the `CookieNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` – All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** for those that are listed in the `CookieNames` type, which are not included.\n- `all` – All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin." + }, + "cookies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Contains a list of cookie names." + } + } + }, + "aws-native:cloudfront:CachePolicyHeadersConfig": { + "type": "object", + "properties": { + "headerBehavior": { + "type": "string", + "description": "Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` – No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` – Only the HTTP headers that are listed in the `Headers` type are included in the cache key and in requests that CloudFront sends to the origin." + }, + "headers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Contains a list of HTTP header names." + } + } + }, + "aws-native:cloudfront:CachePolicyParametersInCacheKeyAndForwardedToOrigin": { + "type": "object", + "properties": { + "cookiesConfig": { + "$ref": "#/types/aws-native:cloudfront:CachePolicyCookiesConfig", + "description": "An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin." + }, + "enableAcceptEncodingBrotli": { + "type": "boolean", + "description": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingGzip` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header." + }, + "enableAcceptEncodingGzip": { + "type": "boolean", + "description": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingBrotli` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header." + }, + "headersConfig": { + "$ref": "#/types/aws-native:cloudfront:CachePolicyHeadersConfig", + "description": "An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin." + }, + "queryStringsConfig": { + "$ref": "#/types/aws-native:cloudfront:CachePolicyQueryStringsConfig", + "description": "An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin." + } + } + }, + "aws-native:cloudfront:CachePolicyQueryStringsConfig": { + "type": "object", + "properties": { + "queryStringBehavior": { + "type": "string", + "description": "Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` – No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` – Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` – All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** those that are listed in the `QueryStringNames` type, which are not included.\n- `all` – All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin." + }, + "queryStrings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Contains a list of query string names." + } + } + }, + "aws-native:cloudfront:CloudFrontOriginAccessIdentityConfig": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "A comment to describe the origin access identity. The comment cannot be longer than 128 characters." + } + } + }, + "aws-native:cloudfront:ContinuousDeploymentPolicyConfig": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "A Boolean that indicates whether this continuous deployment policy is enabled (in effect). When this value is `true` , this policy is enabled and in effect. When this value is `false` , this policy is not enabled and has no effect." + }, + "singleHeaderPolicyConfig": { + "$ref": "#/types/aws-native:cloudfront:ContinuousDeploymentPolicyConfigSingleHeaderPolicyConfigProperties", + "description": "This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution." + }, + "singleWeightPolicyConfig": { + "$ref": "#/types/aws-native:cloudfront:ContinuousDeploymentPolicyConfigSingleWeightPolicyConfigProperties", + "description": "This configuration determines the percentage of HTTP requests that are sent to the staging distribution." + }, + "stagingDistributionDnsNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The CloudFront domain name of the staging distribution. For example: `d111111abcdef8.cloudfront.net` ." + }, + "trafficConfig": { + "$ref": "#/types/aws-native:cloudfront:ContinuousDeploymentPolicyTrafficConfig", + "description": "Contains the parameters for routing production traffic from your primary to staging distributions." + }, + "type": { + "$ref": "#/types/aws-native:cloudfront:ContinuousDeploymentPolicyConfigType", + "description": "The type of traffic configuration." + } + } + }, + "aws-native:cloudfront:ContinuousDeploymentPolicyConfigSingleHeaderPolicyConfigProperties": { + "type": "object", + "properties": { + "header": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:cloudfront:ContinuousDeploymentPolicyConfigSingleWeightPolicyConfigProperties": { + "type": "object", + "properties": { + "sessionStickinessConfig": { + "$ref": "#/types/aws-native:cloudfront:ContinuousDeploymentPolicySessionStickinessConfig" + }, + "weight": { + "type": "number" + } + } + }, + "aws-native:cloudfront:ContinuousDeploymentPolicyConfigType": { + "type": "string" + }, + "aws-native:cloudfront:ContinuousDeploymentPolicySessionStickinessConfig": { + "type": "object", + "properties": { + "idleTtl": { + "type": "integer", + "description": "The amount of time after which you want sessions to cease if no requests are received. Allowed values are 300–3600 seconds (5–60 minutes)." + }, + "maximumTtl": { + "type": "integer", + "description": "The maximum amount of time to consider requests from the viewer as being part of the same session. Allowed values are 300–3600 seconds (5–60 minutes)." + } + }, + "irreversibleNames": { + "idleTtl": "IdleTTL", + "maximumTtl": "MaximumTTL" + } + }, + "aws-native:cloudfront:ContinuousDeploymentPolicySingleHeaderConfig": { + "type": "object", + "properties": { + "header": { + "type": "string", + "description": "The request header name that you want CloudFront to send to your staging distribution. The header must contain the prefix `aws-cf-cd-` ." + }, + "value": { + "type": "string", + "description": "The request header value." + } + } + }, + "aws-native:cloudfront:ContinuousDeploymentPolicySingleWeightConfig": { + "type": "object", + "properties": { + "sessionStickinessConfig": { + "$ref": "#/types/aws-native:cloudfront:ContinuousDeploymentPolicySessionStickinessConfig", + "description": "Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values." + }, + "weight": { + "type": "number", + "description": "The percentage of traffic to send to a staging distribution, expressed as a decimal number between 0 and 0.15. For example, a value of 0.10 means 10% of traffic is sent to the staging distribution." + } + } + }, + "aws-native:cloudfront:ContinuousDeploymentPolicyTrafficConfig": { + "type": "object", + "properties": { + "singleHeaderConfig": { + "$ref": "#/types/aws-native:cloudfront:ContinuousDeploymentPolicySingleHeaderConfig", + "description": "Determines which HTTP requests are sent to the staging distribution." + }, + "singleWeightConfig": { + "$ref": "#/types/aws-native:cloudfront:ContinuousDeploymentPolicySingleWeightConfig", + "description": "Contains the percentage of traffic to send to the staging distribution." + }, + "type": { + "$ref": "#/types/aws-native:cloudfront:ContinuousDeploymentPolicyTrafficConfigType", + "description": "The type of traffic configuration." + } + } + }, + "aws-native:cloudfront:ContinuousDeploymentPolicyTrafficConfigType": { + "type": "string" + }, + "aws-native:cloudfront:DistributionCacheBehavior": { + "type": "object", + "properties": { + "allowedMethods": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n + CloudFront forwards only ``GET`` and ``HEAD`` requests.\n + CloudFront forwards only ``GET``, ``HEAD``, and ``OPTIONS`` requests.\n + CloudFront forwards ``GET, HEAD, OPTIONS, PUT, PATCH, POST``, and ``DELETE`` requests.\n \n If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin." + }, + "cachePolicyId": { + "type": "string", + "description": "The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*.\n A ``CacheBehavior`` must include either a ``CachePolicyId`` or ``ForwardedValues``. We recommend that you use a ``CachePolicyId``." + }, + "cachedMethods": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n + CloudFront caches responses to ``GET`` and ``HEAD`` requests.\n + CloudFront caches responses to ``GET``, ``HEAD``, and ``OPTIONS`` requests.\n \n If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly." + }, + "compress": { + "type": "boolean", + "description": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide*." + }, + "defaultTtl": { + "type": "number", + "description": "This field is deprecated. We recommend that you use the ``DefaultTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*.\n The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*." + }, + "fieldLevelEncryptionId": { + "type": "string", + "description": "The value of ``ID`` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior." + }, + "forwardedValues": { + "$ref": "#/types/aws-native:cloudfront:DistributionForwardedValues", + "description": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide*.\n If you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*.\n If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide*.\n A ``CacheBehavior`` must include either a ``CachePolicyId`` or ``ForwardedValues``. We recommend that you use a ``CachePolicyId``.\n A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers." + }, + "functionAssociations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:DistributionFunctionAssociation" + }, + "description": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the ``LIVE`` stage to associate them with a cache behavior." + }, + "lambdaFunctionAssociations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:DistributionLambdaFunctionAssociation" + }, + "description": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior." + }, + "maxTtl": { + "type": "number", + "description": "This field is deprecated. We recommend that you use the ``MaxTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*.\n The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*." + }, + "minTtl": { + "type": "number", + "description": "This field is deprecated. We recommend that you use the ``MinTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*.\n The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*.\n You must specify ``0`` for ``MinTTL`` if you configure CloudFront to forward all headers to your origin (under ``Headers``, if you specify ``1`` for ``Quantity`` and ``*`` for ``Name``)." + }, + "originRequestPolicyId": { + "type": "string", + "description": "The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide*." + }, + "pathPattern": { + "type": "string", + "description": "The pattern (for example, ``images/*.jpg``) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.\n You can optionally include a slash (``/``) at the beginning of the path pattern. For example, ``/images/*.jpg``. CloudFront behavior is the same with or without the leading ``/``.\n The path pattern for the default cache behavior is ``*`` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.\n For more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide*." + }, + "realtimeLogConfigArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide*." + }, + "responseHeadersPolicyId": { + "type": "string", + "description": "The identifier for a response headers policy." + }, + "smoothStreaming": { + "type": "boolean", + "description": "Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify ``true``; if not, specify ``false``. If you specify ``true`` for ``SmoothStreaming``, you can still distribute other content using this cache behavior if the content matches the value of ``PathPattern``." + }, + "targetOriginId": { + "type": "string", + "description": "The value of ``ID`` for the origin that you want CloudFront to route requests to when they match this cache behavior." + }, + "trustedKeyGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n When a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*." + }, + "trustedSigners": { + "type": "array", + "items": { + "type": "string" + }, + "description": "We recommend using ``TrustedKeyGroups`` instead of ``TrustedSigners``.\n A list of AWS-account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n When a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS-account. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*." + }, + "viewerProtocolPolicy": { + "type": "string", + "description": "The protocol that viewers can use to access the files in the origin specified by ``TargetOriginId`` when a request matches the path pattern in ``PathPattern``. You can specify the following options:\n + ``allow-all``: Viewers can use HTTP or HTTPS.\n + ``redirect-to-https``: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n + ``https-only``: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n \n For more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide*.\n The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*." + } + }, + "irreversibleNames": { + "defaultTtl": "DefaultTTL", + "maxTtl": "MaxTTL", + "minTtl": "MinTTL" + } + }, + "aws-native:cloudfront:DistributionConfig": { + "type": "object", + "properties": { + "aliases": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution." + }, + "cacheBehaviors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:DistributionCacheBehavior" + }, + "description": "A complex type that contains zero or more ``CacheBehavior`` elements." + }, + "cnames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An alias for the CloudFront distribution's domain name.\n\n\u003e This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead." + }, + "comment": { + "type": "string", + "description": "A comment to describe the distribution. The comment cannot be longer than 128 characters." + }, + "continuousDeploymentPolicyId": { + "type": "string", + "description": "The identifier of a continuous deployment policy. For more information, see ``CreateContinuousDeploymentPolicy``." + }, + "customErrorResponses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:DistributionCustomErrorResponse" + }, + "description": "A complex type that controls the following:\n + Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n + How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n \n For more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide*." + }, + "customOrigin": { + "$ref": "#/types/aws-native:cloudfront:DistributionLegacyCustomOrigin", + "description": "The user-defined HTTP server that serves as the origin for content that CloudFront distributes.\n\n\u003e This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead." + }, + "defaultCacheBehavior": { + "$ref": "#/types/aws-native:cloudfront:DistributionDefaultCacheBehavior", + "description": "A complex type that describes the default cache behavior if you don't specify a ``CacheBehavior`` element or if files don't match any of the values of ``PathPattern`` in ``CacheBehavior`` elements. You must create exactly one default cache behavior." + }, + "defaultRootObject": { + "type": "string", + "description": "The object that you want CloudFront to request from your origin (for example, ``index.html``) when a viewer requests the root URL for your distribution (``https://www.example.com``) instead of an object in your distribution (``https://www.example.com/product-description.html``). Specifying a default root object avoids exposing the contents of your distribution.\n Specify only the object name, for example, ``index.html``. Don't add a ``/`` before the object name.\n If you don't want to specify a default root object when you create a distribution, include an empty ``DefaultRootObject`` element.\n To delete the default root object from an existing distribution, update the distribution configuration and include an empty ``DefaultRootObject`` element.\n To replace the default root object, update the distribution configuration and specify the new object.\n For more information about the default root object, see [Creating a Default Root Object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide*." + }, + "enabled": { + "type": "boolean", + "description": "From this field, you can enable or disable the selected distribution." + }, + "httpVersion": { + "type": "string", + "description": "(Optional) Specify the maximum HTTP version(s) that you want viewers to use to communicate with CF. The default value for new distributions is ``http1.1``.\n For viewers and CF to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).\n For viewers and CF to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CF supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html)." + }, + "ipv6Enabled": { + "type": "boolean", + "description": "If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify ``true``. If you specify ``false``, CloudFront responds to IPv6 DNS requests with the DNS response code ``NOERROR`` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n In general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the ``IpAddress`` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide*.\n If you're using an R53AWSIntlong alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n + You enable IPv6 for the distribution\n + You're using alternate domain names in the URLs for your objects\n \n For more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Developer Guide*.\n If you created a CNAME resource record set, either with R53AWSIntlong or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request." + }, + "logging": { + "$ref": "#/types/aws-native:cloudfront:DistributionLogging", + "description": "A complex type that controls whether access logs are written for the distribution.\n For more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide*." + }, + "originGroups": { + "$ref": "#/types/aws-native:cloudfront:DistributionOriginGroups", + "description": "A complex type that contains information about origin groups for this distribution." + }, + "origins": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:DistributionOrigin" + }, + "description": "A complex type that contains information about origins for this distribution." + }, + "priceClass": { + "type": "string", + "description": "The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify ``PriceClass_All``, CloudFront responds to requests for your objects from all CloudFront edge locations.\n If you specify a price class other than ``PriceClass_All``, CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n For more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide*. For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/)." + }, + "restrictions": { + "$ref": "#/types/aws-native:cloudfront:DistributionRestrictions", + "description": "A complex type that identifies ways in which you want to restrict distribution of your content." + }, + "s3Origin": { + "$ref": "#/types/aws-native:cloudfront:DistributionLegacyS3Origin", + "description": "The origin as an Amazon S3 bucket.\n\n\u003e This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead." + }, + "staging": { + "type": "boolean", + "description": "A Boolean that indicates whether this is a staging distribution. When this value is ``true``, this is a staging distribution. When this value is ``false``, this is not a staging distribution." + }, + "viewerCertificate": { + "$ref": "#/types/aws-native:cloudfront:DistributionViewerCertificate", + "description": "A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers." + }, + "webAclId": { + "type": "string", + "description": "A unique identifier that specifies the WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of WAF, use the ACL ARN, for example ``arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a``. To specify a web ACL created using WAF Classic, use the ACL ID, for example ``473e64fd-f30b-4765-81a0-62ad96dd167a``.\n WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about WAF, see the [Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html)." + } + }, + "irreversibleNames": { + "cnames": "CNAMEs", + "ipv6Enabled": "IPV6Enabled", + "s3Origin": "S3Origin", + "webAclId": "WebACLId" + } + }, + "aws-native:cloudfront:DistributionCookies": { + "type": "object", + "properties": { + "forward": { + "type": "string", + "description": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*.\n If you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*.\n Specifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the ``WhitelistedNames`` complex type.\n Amazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the ``Forward`` element." + }, + "whitelistedNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*.\n If you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*.\n Required if you specify ``whitelist`` for the value of ``Forward``. A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.\n If you specify ``all`` or ``none`` for the value of ``Forward``, omit ``WhitelistedNames``. If you change the value of ``Forward`` from ``whitelist`` to ``all`` or ``none`` and you don't delete the ``WhitelistedNames`` element and its child elements, CloudFront deletes them automatically.\n For the current limit on the number of cookie names that you can whitelist for each cache behavior, see [CloudFront Limits](https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront) in the *General Reference*." + } + } + }, + "aws-native:cloudfront:DistributionCustomErrorResponse": { + "type": "object", + "properties": { + "errorCachingMinTtl": { + "type": "number", + "description": "The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in ``ErrorCode``. When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.\n For more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide*." + }, + "errorCode": { + "type": "integer", + "description": "The HTTP status code for which you want to specify a custom error page and/or a caching duration." + }, + "responseCode": { + "type": "integer", + "description": "The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:\n + Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute ``200``, the response typically won't be intercepted.\n + If you don't care about distinguishing among different client errors or server errors, you can specify ``400`` or ``500`` as the ``ResponseCode`` for all 4xx or 5xx errors.\n + You might want to return a ``200`` status code (OK) and static website so your customers don't know that your website is down.\n \n If you specify a value for ``ResponseCode``, you must also specify a value for ``ResponsePagePath``." + }, + "responsePagePath": { + "type": "string", + "description": "The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by ``ErrorCode``, for example, ``/4xx-errors/403-forbidden.html``. If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:\n + The value of ``PathPattern`` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named ``/4xx-errors``. Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, ``/4xx-errors/*``.\n + The value of ``TargetOriginId`` specifies the value of the ``ID`` element for the origin that contains your custom error pages.\n \n If you specify a value for ``ResponsePagePath``, you must also specify a value for ``ResponseCode``.\n We recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable." + } + }, + "irreversibleNames": { + "errorCachingMinTtl": "ErrorCachingMinTTL" + } + }, + "aws-native:cloudfront:DistributionCustomOriginConfig": { + "type": "object", + "properties": { + "httpPort": { + "type": "integer", + "description": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on." + }, + "httpsPort": { + "type": "integer", + "description": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on." + }, + "originKeepaliveTimeout": { + "type": "integer", + "description": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n For more information, see [Origin Keep-alive Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide*." + }, + "originProtocolPolicy": { + "type": "string", + "description": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are:\n + ``http-only`` – CloudFront always uses HTTP to connect to the origin.\n + ``match-viewer`` – CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront.\n + ``https-only`` – CloudFront always uses HTTPS to connect to the origin." + }, + "originReadTimeout": { + "type": "integer", + "description": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout*. The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n For more information, see [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide*." + }, + "originSslProtocols": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include ``SSLv3``, ``TLSv1``, ``TLSv1.1``, and ``TLSv1.2``.\n For more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide*." + } + }, + "irreversibleNames": { + "httpPort": "HTTPPort", + "httpsPort": "HTTPSPort", + "originSslProtocols": "OriginSSLProtocols" + } + }, + "aws-native:cloudfront:DistributionDefaultCacheBehavior": { + "type": "object", + "properties": { + "allowedMethods": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n + CloudFront forwards only ``GET`` and ``HEAD`` requests.\n + CloudFront forwards only ``GET``, ``HEAD``, and ``OPTIONS`` requests.\n + CloudFront forwards ``GET, HEAD, OPTIONS, PUT, PATCH, POST``, and ``DELETE`` requests.\n \n If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin." + }, + "cachePolicyId": { + "type": "string", + "description": "The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*.\n A ``DefaultCacheBehavior`` must include either a ``CachePolicyId`` or ``ForwardedValues``. We recommend that you use a ``CachePolicyId``." + }, + "cachedMethods": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n + CloudFront caches responses to ``GET`` and ``HEAD`` requests.\n + CloudFront caches responses to ``GET``, ``HEAD``, and ``OPTIONS`` requests.\n \n If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly." + }, + "compress": { + "type": "boolean", + "description": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify ``true``; if not, specify ``false``. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide*." + }, + "defaultTtl": { + "type": "number", + "description": "This field is deprecated. We recommend that you use the ``DefaultTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*.\n The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*." + }, + "fieldLevelEncryptionId": { + "type": "string", + "description": "The value of ``ID`` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior." + }, + "forwardedValues": { + "$ref": "#/types/aws-native:cloudfront:DistributionForwardedValues", + "description": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide*.\n If you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*.\n If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide*.\n A ``DefaultCacheBehavior`` must include either a ``CachePolicyId`` or ``ForwardedValues``. We recommend that you use a ``CachePolicyId``.\n A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers." + }, + "functionAssociations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:DistributionFunctionAssociation" + }, + "description": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the ``LIVE`` stage to associate them with a cache behavior." + }, + "lambdaFunctionAssociations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:DistributionLambdaFunctionAssociation" + }, + "description": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior." + }, + "maxTtl": { + "type": "number", + "description": "This field is deprecated. We recommend that you use the ``MaxTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*.\n The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*." + }, + "minTtl": { + "type": "number", + "description": "This field is deprecated. We recommend that you use the ``MinTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*.\n The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*.\n You must specify ``0`` for ``MinTTL`` if you configure CloudFront to forward all headers to your origin (under ``Headers``, if you specify ``1`` for ``Quantity`` and ``*`` for ``Name``)." + }, + "originRequestPolicyId": { + "type": "string", + "description": "The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide*." + }, + "realtimeLogConfigArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide*." + }, + "responseHeadersPolicyId": { + "type": "string", + "description": "The identifier for a response headers policy." + }, + "smoothStreaming": { + "type": "boolean", + "description": "Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify ``true``; if not, specify ``false``. If you specify ``true`` for ``SmoothStreaming``, you can still distribute other content using this cache behavior if the content matches the value of ``PathPattern``." + }, + "targetOriginId": { + "type": "string", + "description": "The value of ``ID`` for the origin that you want CloudFront to route requests to when they use the default cache behavior." + }, + "trustedKeyGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n When a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*." + }, + "trustedSigners": { + "type": "array", + "items": { + "type": "string" + }, + "description": "We recommend using ``TrustedKeyGroups`` instead of ``TrustedSigners``.\n A list of AWS-account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n When a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS-account. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*." + }, + "viewerProtocolPolicy": { + "type": "string", + "description": "The protocol that viewers can use to access the files in the origin specified by ``TargetOriginId`` when a request matches the path pattern in ``PathPattern``. You can specify the following options:\n + ``allow-all``: Viewers can use HTTP or HTTPS.\n + ``redirect-to-https``: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n + ``https-only``: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n \n For more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide*.\n The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*." + } + }, + "irreversibleNames": { + "defaultTtl": "DefaultTTL", + "maxTtl": "MaxTTL", + "minTtl": "MinTTL" + } + }, + "aws-native:cloudfront:DistributionForwardedValues": { + "type": "object", + "properties": { + "cookies": { + "$ref": "#/types/aws-native:cloudfront:DistributionCookies", + "description": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*.\n If you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*.\n A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide*." + }, + "headers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n If you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*.\n If you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*.\n A complex type that specifies the ``Headers``, if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests.\n For more information, see [Caching Content Based on Request Headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html) in the *Amazon CloudFront Developer Guide*." + }, + "queryString": { + "type": "boolean", + "description": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n If you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*.\n If you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*.\n Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of ``QueryString`` and on the values that you specify for ``QueryStringCacheKeys``, if any:\n If you specify true for ``QueryString`` and you don't specify any values for ``QueryStringCacheKeys``, CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.\n If you specify true for ``QueryString`` and you specify one or more values for ``QueryStringCacheKeys``, CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.\n If you specify false for ``QueryString``, CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.\n For more information, see [Configuring CloudFront to Cache Based on Query String Parameters](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html) in the *Amazon CloudFront Developer Guide*." + }, + "queryStringCacheKeys": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n If you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*.\n If you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*.\n A complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior." + } + } + }, + "aws-native:cloudfront:DistributionFunctionAssociation": { + "type": "object", + "properties": { + "eventType": { + "type": "string", + "description": "The event type of the function, either ``viewer-request`` or ``viewer-response``. You cannot use origin-facing event types (``origin-request`` and ``origin-response``) with a CloudFront function." + }, + "functionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the function." + } + }, + "irreversibleNames": { + "functionArn": "FunctionARN" + } + }, + "aws-native:cloudfront:DistributionGeoRestriction": { + "type": "object", + "properties": { + "locations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A complex type that contains a ``Location`` element for each country in which you want CloudFront either to distribute your content (``whitelist``) or not distribute your content (``blacklist``).\n The ``Location`` element is a two-letter, uppercase country code for a country that you want to include in your ``blacklist`` or ``whitelist``. Include one ``Location`` element for each country.\n CloudFront and ``MaxMind`` both use ``ISO 3166`` country codes. For the current list of countries and the corresponding codes, see ``ISO 3166-1-alpha-2`` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes." + }, + "restrictionType": { + "type": "string", + "description": "The method that you want to use to restrict distribution of your content by country:\n + ``none``: No geo restriction is enabled, meaning access to content is not restricted by client geo location.\n + ``blacklist``: The ``Location`` elements specify the countries in which you don't want CloudFront to distribute your content.\n + ``whitelist``: The ``Location`` elements specify the countries in which you want CloudFront to distribute your content." + } + } + }, + "aws-native:cloudfront:DistributionLambdaFunctionAssociation": { + "type": "object", + "properties": { + "eventType": { + "type": "string", + "description": "Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values:\n + ``viewer-request``: The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache.\n + ``origin-request``: The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute.\n + ``origin-response``: The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute.\n + ``viewer-response``: The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache.\n If the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute." + }, + "includeBody": { + "type": "boolean", + "description": "A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide." + }, + "lambdaFunctionArn": { + "type": "string", + "description": "The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST." + } + }, + "irreversibleNames": { + "lambdaFunctionArn": "LambdaFunctionARN" + } + }, + "aws-native:cloudfront:DistributionLegacyCustomOrigin": { + "type": "object", + "properties": { + "dnsName": { + "type": "string", + "description": "The domain name assigned to your CloudFront distribution." + }, + "httpPort": { + "type": "integer", + "description": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on." + }, + "httpsPort": { + "type": "integer", + "description": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on." + }, + "originProtocolPolicy": { + "type": "string", + "description": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin." + }, + "originSslProtocols": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The minimum SSL/TLS protocol version that CloudFront uses when communicating with your origin server over HTTPs.\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* ." + } + }, + "irreversibleNames": { + "dnsName": "DNSName", + "httpPort": "HTTPPort", + "httpsPort": "HTTPSPort", + "originSslProtocols": "OriginSSLProtocols" + } + }, + "aws-native:cloudfront:DistributionLegacyS3Origin": { + "type": "object", + "properties": { + "dnsName": { + "type": "string", + "description": "The domain name assigned to your CloudFront distribution." + }, + "originAccessIdentity": { + "type": "string", + "description": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 through CloudFront .\n\n\u003e This property is legacy. We recommend that you use [OriginAccessControl](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html) instead." + } + }, + "irreversibleNames": { + "dnsName": "DNSName" + } + }, + "aws-native:cloudfront:DistributionLogging": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The Amazon S3 bucket to store the access logs in, for example, ``myawslogbucket.s3.amazonaws.com``." + }, + "includeCookies": { + "type": "boolean", + "description": "Specifies whether you want CloudFront to include cookies in access logs, specify ``true`` for ``IncludeCookies``. If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify ``false`` for ``IncludeCookies``." + }, + "prefix": { + "type": "string", + "description": "An optional string that you want CloudFront to prefix to the access log ``filenames`` for this distribution, for example, ``myprefix/``. If you want to enable logging, but you don't want to specify a prefix, you still must include an empty ``Prefix`` element in the ``Logging`` element." + } + } + }, + "aws-native:cloudfront:DistributionOrigin": { + "type": "object", + "properties": { + "connectionAttempts": { + "type": "integer", + "description": "The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3.\n For a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout).\n For more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide*." + }, + "connectionTimeout": { + "type": "integer", + "description": "The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds.\n For more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide*." + }, + "customOriginConfig": { + "$ref": "#/types/aws-native:cloudfront:DistributionCustomOriginConfig", + "description": "Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the ``S3OriginConfig`` type instead." + }, + "domainName": { + "type": "string", + "description": "The domain name for the origin.\n For more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide*." + }, + "id": { + "type": "string", + "description": "A unique identifier for the origin. This value must be unique within the distribution.\n Use this value to specify the ``TargetOriginId`` in a ``CacheBehavior`` or ``DefaultCacheBehavior``." + }, + "originAccessControlId": { + "type": "string", + "description": "The unique identifier of an origin access control for this origin.\n For more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide*." + }, + "originCustomHeaders": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:DistributionOriginCustomHeader" + }, + "description": "A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin.\n For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide*." + }, + "originPath": { + "type": "string", + "description": "An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.\n For more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide*." + }, + "originShield": { + "$ref": "#/types/aws-native:cloudfront:DistributionOriginShield", + "description": "CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin.\n For more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide*." + }, + "s3OriginConfig": { + "$ref": "#/types/aws-native:cloudfront:DistributionS3OriginConfig", + "description": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the ``CustomOriginConfig`` type instead." + } + }, + "irreversibleNames": { + "s3OriginConfig": "S3OriginConfig" + } + }, + "aws-native:cloudfront:DistributionOriginCustomHeader": { + "type": "object", + "properties": { + "headerName": { + "type": "string", + "description": "The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide*." + }, + "headerValue": { + "type": "string", + "description": "The value for the header that you specified in the ``HeaderName`` field." + } + } + }, + "aws-native:cloudfront:DistributionOriginGroup": { + "type": "object", + "properties": { + "failoverCriteria": { + "$ref": "#/types/aws-native:cloudfront:DistributionOriginGroupFailoverCriteria", + "description": "A complex type that contains information about the failover criteria for an origin group." + }, + "id": { + "type": "string", + "description": "The origin group's ID." + }, + "members": { + "$ref": "#/types/aws-native:cloudfront:DistributionOriginGroupMembers", + "description": "A complex type that contains information about the origins in an origin group." + } + } + }, + "aws-native:cloudfront:DistributionOriginGroupFailoverCriteria": { + "type": "object", + "properties": { + "statusCodes": { + "$ref": "#/types/aws-native:cloudfront:DistributionStatusCodes", + "description": "The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin." + } + } + }, + "aws-native:cloudfront:DistributionOriginGroupMember": { + "type": "object", + "properties": { + "originId": { + "type": "string", + "description": "The ID for an origin in an origin group." + } + } + }, + "aws-native:cloudfront:DistributionOriginGroupMembers": { + "type": "object", + "properties": { + "items": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:DistributionOriginGroupMember" + }, + "description": "Items (origins) in an origin group." + }, + "quantity": { + "type": "integer", + "description": "The number of origins in an origin group." + } + } + }, + "aws-native:cloudfront:DistributionOriginGroups": { + "type": "object", + "properties": { + "items": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:DistributionOriginGroup" + }, + "description": "The items (origin groups) in a distribution." + }, + "quantity": { + "type": "integer", + "description": "The number of origin groups." + } + } + }, + "aws-native:cloudfront:DistributionOriginShield": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "A flag that specifies whether Origin Shield is enabled.\n When it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches." + }, + "originShieldRegion": { + "type": "string", + "description": "The AWS-Region for Origin Shield.\n Specify the AWS-Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as ``us-east-2``.\n When you enable CloudFront Origin Shield, you must specify the AWS-Region for Origin Shield. For the list of AWS-Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide*." + } + } + }, + "aws-native:cloudfront:DistributionRestrictions": { + "type": "object", + "properties": { + "geoRestriction": { + "$ref": "#/types/aws-native:cloudfront:DistributionGeoRestriction", + "description": "A complex type that controls the countries in which your content is distributed. CF determines the location of your users using ``MaxMind`` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template." + } + } + }, + "aws-native:cloudfront:DistributionS3OriginConfig": { + "type": "object", + "properties": { + "originAccessIdentity": { + "type": "string", + "description": "The CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n origin-access-identity/cloudfront/*ID-of-origin-access-identity* \n where ``ID-of-origin-access-identity`` is the value that CloudFront returned in the ``ID`` element when you created the origin access identity.\n If you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty ``OriginAccessIdentity`` element.\n To delete the origin access identity from an existing distribution, update the distribution configuration and include an empty ``OriginAccessIdentity`` element.\n To replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n For more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*." + } + } + }, + "aws-native:cloudfront:DistributionStatusCodes": { + "type": "object", + "properties": { + "items": { + "type": "array", + "items": { + "type": "integer" + }, + "description": "The items (status codes) for an origin group." + }, + "quantity": { + "type": "integer", + "description": "The number of status codes." + } + } + }, + "aws-native:cloudfront:DistributionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string that contains ``Tag`` key.\n The string length should be between 1 and 128 characters. Valid characters include ``a-z``, ``A-Z``, ``0-9``, space, and the special characters ``_ - . : / = + @``." + }, + "value": { + "type": "string", + "description": "A string that contains an optional ``Tag`` value.\n The string length should be between 0 and 256 characters. Valid characters include ``a-z``, ``A-Z``, ``0-9``, space, and the special characters ``_ - . : / = + @``." + } + } + }, + "aws-native:cloudfront:DistributionViewerCertificate": { + "type": "object", + "properties": { + "acmCertificateArn": { + "type": "string", + "description": "In CloudFormation, this field name is ``AcmCertificateArn``. Note the different capitalization.\n If the distribution uses ``Aliases`` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [(ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html), provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region (``us-east-1``).\n If you specify an ACM certificate ARN, you must also specify values for ``MinimumProtocolVersion`` and ``SSLSupportMethod``. (In CloudFormation, the field name is ``SslSupportMethod``. Note the different capitalization.)" + }, + "cloudFrontDefaultCertificate": { + "type": "boolean", + "description": "If the distribution uses the CloudFront domain name such as ``d111111abcdef8.cloudfront.net``, set this field to ``true``.\n If the distribution uses ``Aliases`` (alternate domain names or CNAMEs), omit this field and specify values for the following fields:\n + ``AcmCertificateArn`` or ``IamCertificateId`` (specify a value for one, not both) \n + ``MinimumProtocolVersion`` \n + ``SslSupportMethod``" + }, + "iamCertificateId": { + "type": "string", + "description": "In CloudFormation, this field name is ``IamCertificateId``. Note the different capitalization.\n If the distribution uses ``Aliases`` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [(IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html), provide the ID of the IAM certificate.\n If you specify an IAM certificate ID, you must also specify values for ``MinimumProtocolVersion`` and ``SSLSupportMethod``. (In CloudFormation, the field name is ``SslSupportMethod``. Note the different capitalization.)" + }, + "minimumProtocolVersion": { + "type": "string", + "description": "If the distribution uses ``Aliases`` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:\n + The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.\n + The ciphers that CloudFront can use to encrypt the content that it returns to viewers.\n \n For more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide*.\n On the CloudFront console, this setting is called *Security Policy*.\n When you're using SNI only (you set ``SSLSupportMethod`` to ``sni-only``), you must specify ``TLSv1`` or higher. (In CloudFormation, the field name is ``SslSupportMethod``. Note the different capitalization.)\n If the distribution uses the CloudFront domain name such as ``d111111abcdef8.cloudfront.net`` (you set ``CloudFrontDefaultCertificate`` to ``true``), CloudFront automatically sets the security policy to ``TLSv1`` regardless of the value that you set here." + }, + "sslSupportMethod": { + "type": "string", + "description": "In CloudFormation, this field name is ``SslSupportMethod``. Note the different capitalization.\n If the distribution uses ``Aliases`` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.\n + ``sni-only`` – The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication). This is recommended. Most browsers and clients support SNI.\n + ``vip`` – The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.\n + ``static-ip`` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Center](https://docs.aws.amazon.com/support/home).\n \n If the distribution uses the CloudFront domain name such as ``d111111abcdef8.cloudfront.net``, don't set a value for this field." + } + } + }, + "aws-native:cloudfront:FunctionConfig": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "A comment to describe the function." + }, + "keyValueStoreAssociations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:FunctionKeyValueStoreAssociation" + }, + "description": "The configuration for the key value store associations." + }, + "runtime": { + "type": "string", + "description": "The function's runtime environment version." + } + } + }, + "aws-native:cloudfront:FunctionKeyValueStoreAssociation": { + "type": "object", + "properties": { + "keyValueStoreArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the key value store association." + } + }, + "irreversibleNames": { + "keyValueStoreArn": "KeyValueStoreARN" + } + }, + "aws-native:cloudfront:FunctionMetadata": { + "type": "object", + "properties": { + "functionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function." + } + }, + "irreversibleNames": { + "functionArn": "FunctionARN" + } + }, + "aws-native:cloudfront:KeyGroupConfig": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "A comment to describe the key group. The comment cannot be longer than 128 characters." + }, + "items": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the identifiers of the public keys in the key group." + }, + "name": { + "type": "string", + "description": "A name to identify the key group." + } + } + }, + "aws-native:cloudfront:KeyValueStoreImportSource": { + "type": "object", + "properties": { + "sourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the import source for the key value store." + }, + "sourceType": { + "type": "string", + "description": "The source type of the import source for the key value store." + } + } + }, + "aws-native:cloudfront:MonitoringSubscription": { + "type": "object", + "properties": { + "realtimeMetricsSubscriptionConfig": { + "$ref": "#/types/aws-native:cloudfront:MonitoringSubscriptionRealtimeMetricsSubscriptionConfig", + "description": "A subscription configuration for additional CloudWatch metrics." + } + } + }, + "aws-native:cloudfront:MonitoringSubscriptionRealtimeMetricsSubscriptionConfig": { + "type": "object", + "properties": { + "realtimeMetricsSubscriptionStatus": { + "$ref": "#/types/aws-native:cloudfront:MonitoringSubscriptionRealtimeMetricsSubscriptionConfigRealtimeMetricsSubscriptionStatus", + "description": "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution." + } + } + }, + "aws-native:cloudfront:MonitoringSubscriptionRealtimeMetricsSubscriptionConfigRealtimeMetricsSubscriptionStatus": { + "type": "string" + }, + "aws-native:cloudfront:OriginAccessControlConfig": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "A description of the origin access control." + }, + "name": { + "type": "string", + "description": "A name to identify the origin access control. You can specify up to 64 characters." + }, + "originAccessControlOriginType": { + "type": "string", + "description": "The type of origin that this origin access control is for." + }, + "signingBehavior": { + "type": "string", + "description": "Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .\n\nThis field can have one of the following values:\n\n- `always` – CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.\n- `never` – CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.\n- `no-override` – If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*" + }, + "signingProtocol": { + "type": "string", + "description": "The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` ." + } + } + }, + "aws-native:cloudfront:OriginRequestPolicyConfig": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "A comment to describe the origin request policy. The comment cannot be longer than 128 characters." + }, + "cookiesConfig": { + "$ref": "#/types/aws-native:cloudfront:OriginRequestPolicyCookiesConfig", + "description": "The cookies from viewer requests to include in origin requests." + }, + "headersConfig": { + "$ref": "#/types/aws-native:cloudfront:OriginRequestPolicyHeadersConfig", + "description": "The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront." + }, + "name": { + "type": "string", + "description": "A unique name to identify the origin request policy." + }, + "queryStringsConfig": { + "$ref": "#/types/aws-native:cloudfront:OriginRequestPolicyQueryStringsConfig", + "description": "The URL query strings from viewer requests to include in origin requests." + } + } + }, + "aws-native:cloudfront:OriginRequestPolicyCookiesConfig": { + "type": "object", + "properties": { + "cookieBehavior": { + "type": "string", + "description": "Determines whether cookies in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` – No cookies in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` – Only the cookies in viewer requests that are listed in the `CookieNames` type are included in requests that CloudFront sends to the origin.\n- `all` – All cookies in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` – All cookies in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `CookieNames` type, which are not included." + }, + "cookies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Contains a list of cookie names." + } + } + }, + "aws-native:cloudfront:OriginRequestPolicyHeadersConfig": { + "type": "object", + "properties": { + "headerBehavior": { + "type": "string", + "description": "Determines whether any HTTP headers are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` – No HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` – Only the HTTP headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin.\n- `allViewer` – All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin.\n- `allViewerAndWhitelistCloudFront` – All HTTP headers in viewer requests and the additional CloudFront headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin. The additional headers are added by CloudFront.\n- `allExcept` – All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `Headers` type, which are not included." + }, + "headers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Contains a list of HTTP header names." + } + } + }, + "aws-native:cloudfront:OriginRequestPolicyQueryStringsConfig": { + "type": "object", + "properties": { + "queryStringBehavior": { + "type": "string", + "description": "Determines whether any URL query strings in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` – No query strings in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` – Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in requests that CloudFront sends to the origin.\n- `all` – All query strings in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` – All query strings in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `QueryStringNames` type, which are not included." + }, + "queryStrings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Contains a list of query string names." + } + } + }, + "aws-native:cloudfront:PublicKeyConfig": { + "type": "object", + "properties": { + "callerReference": { + "type": "string", + "description": "A string included in the request to help make sure that the request can't be replayed." + }, + "comment": { + "type": "string", + "description": "A comment to describe the public key. The comment cannot be longer than 128 characters." + }, + "encodedKey": { + "type": "string", + "description": "The public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) ." + }, + "name": { + "type": "string", + "description": "A name to help identify the public key." + } + } + }, + "aws-native:cloudfront:RealtimeLogConfigEndPoint": { + "type": "object", + "properties": { + "kinesisStreamConfig": { + "$ref": "#/types/aws-native:cloudfront:RealtimeLogConfigKinesisStreamConfig", + "description": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data." + }, + "streamType": { + "type": "string", + "description": "The type of data stream where you are sending real-time log data. The only valid value is `Kinesis` ." + } + } + }, + "aws-native:cloudfront:RealtimeLogConfigKinesisStreamConfig": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that CloudFront can use to send real-time log data to your Kinesis data stream.\n\nFor more information the IAM role, see [Real-time log configuration IAM role](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) in the *Amazon CloudFront Developer Guide* ." + }, + "streamArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time log data." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyAccessControlAllowHeaders": { + "type": "object", + "properties": { + "items": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of HTTP header names. You can specify `*` to allow all headers." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyAccessControlAllowMethods": { + "type": "object", + "properties": { + "items": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of HTTP methods. Valid values are:\n\n- `GET`\n- `DELETE`\n- `HEAD`\n- `OPTIONS`\n- `PATCH`\n- `POST`\n- `PUT`\n- `ALL`\n\n`ALL` is a special value that includes all of the listed HTTP methods." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyAccessControlAllowOrigins": { + "type": "object", + "properties": { + "items": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of origins (domain names). You can specify `*` to allow all origins." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyAccessControlExposeHeaders": { + "type": "object", + "properties": { + "items": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of HTTP headers. You can specify `*` to expose all headers." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyConfig": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "A comment to describe the response headers policy.\n\nThe comment cannot be longer than 128 characters." + }, + "corsConfig": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyCorsConfig", + "description": "A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS)." + }, + "customHeadersConfig": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyCustomHeadersConfig", + "description": "A configuration for a set of custom HTTP response headers." + }, + "name": { + "type": "string", + "description": "A name to identify the response headers policy.\n\nThe name must be unique for response headers policies in this AWS account ." + }, + "removeHeadersConfig": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyRemoveHeadersConfig", + "description": "A configuration for a set of HTTP headers to remove from the HTTP response." + }, + "securityHeadersConfig": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicySecurityHeadersConfig", + "description": "A configuration for a set of security-related HTTP response headers." + }, + "serverTimingHeadersConfig": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyServerTimingHeadersConfig", + "description": "A configuration for enabling the `Server-Timing` header in HTTP responses sent from CloudFront." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyContentSecurityPolicy": { + "type": "object", + "properties": { + "contentSecurityPolicy": { + "type": "string", + "description": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header." + }, + "override": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyContentTypeOptions": { + "type": "object", + "properties": { + "override": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyCorsConfig": { + "type": "object", + "properties": { + "accessControlAllowCredentials": { + "type": "boolean", + "description": "A Boolean that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Credentials` HTTP response header, see [Access-Control-Allow-Credentials](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) in the MDN Web Docs." + }, + "accessControlAllowHeaders": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyAccessControlAllowHeaders", + "description": "A list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Headers` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs." + }, + "accessControlAllowMethods": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyAccessControlAllowMethods", + "description": "A list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Methods` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs." + }, + "accessControlAllowOrigins": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyAccessControlAllowOrigins", + "description": "A list of origins (domain names) that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Origin` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs." + }, + "accessControlExposeHeaders": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyAccessControlExposeHeaders", + "description": "A list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Expose-Headers` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs." + }, + "accessControlMaxAgeSec": { + "type": "integer", + "description": "A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header.\n\nFor more information about the `Access-Control-Max-Age` HTTP response header, see [Access-Control-Max-Age](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) in the MDN Web Docs." + }, + "originOverride": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyCustomHeader": { + "type": "object", + "properties": { + "header": { + "type": "string", + "description": "The HTTP response header name." + }, + "override": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here." + }, + "value": { + "type": "string", + "description": "The value for the HTTP response header." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyCustomHeadersConfig": { + "type": "object", + "properties": { + "items": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyCustomHeader" + }, + "description": "The list of HTTP response headers and their values." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyFrameOptions": { + "type": "object", + "properties": { + "frameOption": { + "type": "string", + "description": "The value of the `X-Frame-Options` HTTP response header. Valid values are `DENY` and `SAMEORIGIN` .\n\nFor more information about these values, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs." + }, + "override": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyReferrerPolicy": { + "type": "object", + "properties": { + "override": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy." + }, + "referrerPolicy": { + "type": "string", + "description": "The value of the `Referrer-Policy` HTTP response header. Valid values are:\n\n- `no-referrer`\n- `no-referrer-when-downgrade`\n- `origin`\n- `origin-when-cross-origin`\n- `same-origin`\n- `strict-origin`\n- `strict-origin-when-cross-origin`\n- `unsafe-url`\n\nFor more information about these values, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyRemoveHeader": { + "type": "object", + "properties": { + "header": { + "type": "string", + "description": "The HTTP header name." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyRemoveHeadersConfig": { + "type": "object", + "properties": { + "items": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyRemoveHeader" + }, + "description": "The list of HTTP header names." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicySecurityHeadersConfig": { + "type": "object", + "properties": { + "contentSecurityPolicy": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyContentSecurityPolicy", + "description": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.\n\nFor more information about the `Content-Security-Policy` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs." + }, + "contentTypeOptions": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyContentTypeOptions", + "description": "Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff` .\n\nFor more information about the `X-Content-Type-Options` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs." + }, + "frameOptions": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyFrameOptions", + "description": "Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header's value.\n\nFor more information about the `X-Frame-Options` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs." + }, + "referrerPolicy": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyReferrerPolicy", + "description": "Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header's value.\n\nFor more information about the `Referrer-Policy` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs." + }, + "strictTransportSecurity": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyStrictTransportSecurity", + "description": "Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header's value.\n\nFor more information about the `Strict-Transport-Security` HTTP response header, see [Security headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/understanding-response-headers-policies.html#understanding-response-headers-policies-security) in the *Amazon CloudFront Developer Guide* and [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs." + }, + "xssProtection": { + "$ref": "#/types/aws-native:cloudfront:ResponseHeadersPolicyXssProtection", + "description": "Determines whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header's value.\n\nFor more information about the `X-XSS-Protection` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs." + } + }, + "irreversibleNames": { + "xssProtection": "XSSProtection" + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyServerTimingHeadersConfig": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy." + }, + "samplingRate": { + "type": "number", + "description": "A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the `Server-Timing` header to. When you set the sampling rate to 100, CloudFront adds the `Server-Timing` header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0–100 with up to four decimal places." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyStrictTransportSecurity": { + "type": "object", + "properties": { + "accessControlMaxAgeSec": { + "type": "integer", + "description": "A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header." + }, + "includeSubdomains": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header." + }, + "override": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy." + }, + "preload": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header." + } + } + }, + "aws-native:cloudfront:ResponseHeadersPolicyXssProtection": { + "type": "object", + "properties": { + "modeBlock": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.\n\nFor more information about this directive, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs." + }, + "override": { + "type": "boolean", + "description": "A Boolean that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy." + }, + "protection": { + "type": "boolean", + "description": "A Boolean that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true` , the value of the `X-XSS-Protection` header is `1` . When this setting is `false` , the value of the `X-XSS-Protection` header is `0` .\n\nFor more information about these settings, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs." + }, + "reportUri": { + "type": "string", + "description": "A reporting URI, which CloudFront uses as the value of the `report` directive in the `X-XSS-Protection` header.\n\nYou cannot specify a `ReportUri` when `ModeBlock` is `true` .\n\nFor more information about using a reporting URL, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs." + } + } + }, + "aws-native:cloudtrail:ChannelDestination": { + "type": "object", + "properties": { + "location": { + "type": "string", + "description": "The ARN of a resource that receives events from a channel." + }, + "type": { + "$ref": "#/types/aws-native:cloudtrail:ChannelDestinationType", + "description": "The type of destination for events arriving from a channel." + } + } + }, + "aws-native:cloudtrail:ChannelDestinationType": { + "type": "string" + }, + "aws-native:cloudtrail:ChannelTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:cloudtrail:EventDataStoreAdvancedEventSelector": { + "type": "object", + "properties": { + "fieldSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:EventDataStoreAdvancedFieldSelector" + }, + "description": "Contains all selector statements in an advanced event selector." + }, + "name": { + "type": "string", + "description": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\"." + } + } + }, + "aws-native:cloudtrail:EventDataStoreAdvancedFieldSelector": { + "type": "object", + "properties": { + "endsWith": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that includes events that match the last few characters of the event record field specified as the value of Field." + }, + "equals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields." + }, + "field": { + "type": "string", + "description": "A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN." + }, + "notEndsWith": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that excludes events that match the last few characters of the event record field specified as the value of Field." + }, + "notEquals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that excludes events that match the exact value of the event record field specified as the value of Field." + }, + "notStartsWith": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that excludes events that match the first few characters of the event record field specified as the value of Field." + }, + "startsWith": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that includes events that match the first few characters of the event record field specified as the value of Field." + } + } + }, + "aws-native:cloudtrail:EventDataStoreInsightSelector": { + "type": "object", + "properties": { + "insightType": { + "type": "string", + "description": "The type of Insights to log on an event data store." + } + } + }, + "aws-native:cloudtrail:EventDataStoreTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:cloudtrail:TrailAdvancedEventSelector": { + "type": "object", + "properties": { + "fieldSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:TrailAdvancedFieldSelector" + }, + "description": "Contains all selector statements in an advanced event selector." + }, + "name": { + "type": "string", + "description": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\"." + } + } + }, + "aws-native:cloudtrail:TrailAdvancedFieldSelector": { + "type": "object", + "properties": { + "endsWith": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that includes events that match the last few characters of the event record field specified as the value of Field." + }, + "equals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields." + }, + "field": { + "type": "string", + "description": "A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN." + }, + "notEndsWith": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that excludes events that match the last few characters of the event record field specified as the value of Field." + }, + "notEquals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that excludes events that match the exact value of the event record field specified as the value of Field." + }, + "notStartsWith": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that excludes events that match the first few characters of the event record field specified as the value of Field." + }, + "startsWith": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An operator that includes events that match the first few characters of the event record field specified as the value of Field." + } + } + }, + "aws-native:cloudtrail:TrailDataResource": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The resource type in which you want to log data events. You can specify AWS::S3::Object or AWS::Lambda::Function resources." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects." + } + } + }, + "aws-native:cloudtrail:TrailEventSelector": { + "type": "object", + "properties": { + "dataResources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudtrail:TrailDataResource" + }, + "description": "CloudTrail supports data event logging for Amazon S3 objects in standard S3 buckets, AWS Lambda functions, and Amazon DynamoDB tables with basic event selectors. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events.\n\nFor more information, see [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Limits in AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) in the *AWS CloudTrail User Guide* .\n\n\u003e To log data events for all other resource types including objects stored in [directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) , you must use [AdvancedEventSelectors](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) . You must also use `AdvancedEventSelectors` if you want to filter on the `eventName` field." + }, + "excludeManagementEventSources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service events by containing \"kms.amazonaws.com\". By default, ExcludeManagementEventSources is empty, and AWS KMS events are included in events that are logged to your trail." + }, + "includeManagementEvents": { + "type": "boolean", + "description": "Specify if you want your event selector to include management events for your trail." + }, + "readWriteType": { + "$ref": "#/types/aws-native:cloudtrail:TrailEventSelectorReadWriteType", + "description": "Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 GetConsoleOutput is a read-only API operation and RunInstances is a write-only API operation." + } + } + }, + "aws-native:cloudtrail:TrailEventSelectorReadWriteType": { + "type": "string" + }, + "aws-native:cloudtrail:TrailInsightSelector": { + "type": "object", + "properties": { + "insightType": { + "type": "string", + "description": "The type of insight to log on a trail." + } + } + }, + "aws-native:cloudtrail:TrailTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:cloudwatch:AlarmDimension": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the dimension, from 1–255 characters in length. This dimension name must have been included when the metric was published." + }, + "value": { + "type": "string", + "description": "The value for the dimension, from 1–255 characters in length." + } + } + }, + "aws-native:cloudwatch:AlarmMetric": { + "type": "object", + "properties": { + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:AlarmDimension" + }, + "description": "The metric dimensions that you want to be used for the metric that the alarm will watch." + }, + "metricName": { + "type": "string", + "description": "The name of the metric that you want the alarm to watch. This is a required field." + }, + "namespace": { + "type": "string", + "description": "The namespace of the metric that the alarm will watch." + } + } + }, + "aws-native:cloudwatch:AlarmMetricDataQuery": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "The ID of the account where the metrics are located, if this is a cross-account alarm." + }, + "expression": { + "type": "string", + "description": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the ``Id`` of the other metrics to refer to those metrics, and can also use the ``Id`` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *User Guide*.\n Within each MetricDataQuery object, you must specify either ``Expression`` or ``MetricStat`` but not both." + }, + "id": { + "type": "string", + "description": "A short name used to tie this object to the results in the response. This name must be unique within a single call to ``GetMetricData``. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter." + }, + "label": { + "type": "string", + "description": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CW dashboard widget, the label is shown. If ``Label`` is omitted, CW generates a default." + }, + "metricStat": { + "$ref": "#/types/aws-native:cloudwatch:AlarmMetricStat", + "description": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n Within one MetricDataQuery object, you must specify either ``Expression`` or ``MetricStat`` but not both." + }, + "period": { + "type": "integer", + "description": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a ``PutMetricData`` operation that includes a ``StorageResolution of 1 second``." + }, + "returnData": { + "type": "boolean", + "description": "This option indicates whether to return the timestamps and raw data values of this metric.\n When you create an alarm based on a metric math expression, specify ``True`` for this value for only the one math expression that the alarm is based on. You must specify ``False`` for ``ReturnData`` for all the other metrics and expressions used in the alarm.\n This field is required." + } + } + }, + "aws-native:cloudwatch:AlarmMetricStat": { + "type": "object", + "properties": { + "metric": { + "$ref": "#/types/aws-native:cloudwatch:AlarmMetric", + "description": "The metric to return, including the metric name, namespace, and dimensions." + }, + "period": { + "type": "integer", + "description": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a ``PutMetricData`` call that includes a ``StorageResolution`` of 1 second.\n If the ``StartTime`` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n + Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n + Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n + Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour)." + }, + "stat": { + "type": "string", + "description": "The statistic to return. It can include any CW statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *User Guide*." + }, + "unit": { + "type": "string", + "description": "The unit to use for the returned data points. \n Valid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None." + } + } + }, + "aws-native:cloudwatch:AlarmTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A unique identifier for the tag. The combination of tag keys and values can help you organize and categorize your resources." + }, + "value": { + "type": "string", + "description": "The value for the specified tag key." + } + } + }, + "aws-native:cloudwatch:CompositeAlarmTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A unique identifier for the tag. The combination of tag keys and values can help you organize and categorize your resources." + }, + "value": { + "type": "string", + "description": "The value for the specified tag key." + } + } + }, + "aws-native:cloudwatch:MetricStreamFilter": { + "type": "object", + "properties": { + "metricNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Only metrics with MetricNames matching these values will be streamed. Must be set together with Namespace." + }, + "namespace": { + "type": "string", + "description": "Only metrics with Namespace matching this value will be streamed." + } + } + }, + "aws-native:cloudwatch:MetricStreamStatisticsConfiguration": { + "type": "object", + "properties": { + "additionalStatistics": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The additional statistics to stream for the metrics listed in IncludeMetrics." + }, + "includeMetrics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cloudwatch:MetricStreamStatisticsMetric" + }, + "description": "An array that defines the metrics that are to have additional statistics streamed." + } + } + }, + "aws-native:cloudwatch:MetricStreamStatisticsMetric": { + "type": "object", + "properties": { + "metricName": { + "type": "string", + "description": "The name of the metric." + }, + "namespace": { + "type": "string", + "description": "The namespace of the metric." + } + } + }, + "aws-native:cloudwatch:MetricStreamTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A unique identifier for the tag." + }, + "value": { + "type": "string", + "description": "String which you can use to describe or define the tag." + } + } + }, + "aws-native:codeartifact:DomainTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:codeartifact:PackageGroupOriginConfiguration": { + "type": "object", + "properties": { + "restrictions": { + "$ref": "#/types/aws-native:codeartifact:PackageGroupRestrictions", + "description": "The origin configuration that is applied to the package group." + } + } + }, + "aws-native:codeartifact:PackageGroupRestrictionType": { + "type": "object", + "properties": { + "repositories": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The repositories to add to the allowed repositories list. The allowed repositories list is used when the `RestrictionMode` is set to `ALLOW_SPECIFIC_REPOSITORIES` ." + }, + "restrictionMode": { + "$ref": "#/types/aws-native:codeartifact:PackageGroupRestrictionTypeRestrictionMode", + "description": "The package group origin restriction setting. When the value is `INHERIT` , the value is set to the value of the first parent package group which does not have a value of `INHERIT` ." + } + } + }, + "aws-native:codeartifact:PackageGroupRestrictionTypeRestrictionMode": { + "type": "string" + }, + "aws-native:codeartifact:PackageGroupRestrictions": { + "type": "object", + "properties": { + "externalUpstream": { + "$ref": "#/types/aws-native:codeartifact:PackageGroupRestrictionType", + "description": "The external upstream restriction determines if new package versions can be ingested or retained from external connections." + }, + "internalUpstream": { + "$ref": "#/types/aws-native:codeartifact:PackageGroupRestrictionType", + "description": "The internal upstream restriction determines if new package versions can be ingested or retained from upstream repositories." + }, + "publish": { + "$ref": "#/types/aws-native:codeartifact:PackageGroupRestrictionType", + "description": "The publish restriction determines if new package versions can be published." + } + } + }, + "aws-native:codeartifact:PackageGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:codeartifact:RepositoryTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:codebuild:FleetComputeType": { + "type": "string" + }, + "aws-native:codebuild:FleetEnvironmentType": { + "type": "string" + }, + "aws-native:codebuild:FleetOverflowBehavior": { + "type": "string" + }, + "aws-native:codebuild:FleetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:codebuild:FleetVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of one or more security groups IDs in your Amazon VPC." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of one or more subnet IDs in your Amazon VPC." + }, + "vpcId": { + "type": "string", + "description": "The ID of the Amazon VPC." + } + } + }, + "aws-native:codeconnections:ConnectionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:codedeploy:ApplicationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:codedeploy:DeploymentConfigMinimumHealthyHosts": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The minimum healthy instance type:\n\n- HOST_COUNT: The minimum number of healthy instance as an absolute value.\n- FLEET_PERCENT: The minimum number of healthy instance as a percentage of the total number of instance in the deployment.\n\nIn an example of nine instance, if a HOST_COUNT of six is specified, deploy to up to three instances at a time. The deployment is successful if six or more instances are deployed to successfully. Otherwise, the deployment fails. If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a time. The deployment is successful if four or more instance are deployed to successfully. Otherwise, the deployment fails.\n\n\u003e In a call to `GetDeploymentConfig` , CodeDeployDefault.OneAtATime returns a minimum healthy instance type of MOST_CONCURRENCY and a value of 1. This means a deployment to only one instance at a time. (You cannot set the type to MOST_CONCURRENCY, only to HOST_COUNT or FLEET_PERCENT.) In addition, with CodeDeployDefault.OneAtATime, AWS CodeDeploy attempts to ensure that all instances but one are kept in a healthy state during the deployment. Although this allows one instance at a time to be taken offline for a new deployment, it also means that if the deployment to the last instance fails, the overall deployment is still successful. \n\nFor more information, see [AWS CodeDeploy Instance Health](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html) in the *AWS CodeDeploy User Guide* ." + }, + "value": { + "type": "integer", + "description": "The minimum healthy instance value." + } + } + }, + "aws-native:codedeploy:DeploymentConfigMinimumHealthyHostsPerZone": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The `type` associated with the `MinimumHealthyHostsPerZone` option." + }, + "value": { + "type": "integer", + "description": "The `value` associated with the `MinimumHealthyHostsPerZone` option." + } + } + }, + "aws-native:codedeploy:DeploymentConfigTimeBasedCanary": { + "type": "object", + "properties": { + "canaryInterval": { + "type": "integer", + "description": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment." + }, + "canaryPercentage": { + "type": "integer", + "description": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment." + } + } + }, + "aws-native:codedeploy:DeploymentConfigTimeBasedLinear": { + "type": "object", + "properties": { + "linearInterval": { + "type": "integer", + "description": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment." + }, + "linearPercentage": { + "type": "integer", + "description": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment." + } + } + }, + "aws-native:codedeploy:DeploymentConfigTrafficRoutingConfig": { + "type": "object", + "properties": { + "timeBasedCanary": { + "$ref": "#/types/aws-native:codedeploy:DeploymentConfigTimeBasedCanary", + "description": "A configuration that shifts traffic from one version of a Lambda function or ECS task set to another in two increments. The original and target Lambda function versions or ECS task sets are specified in the deployment's AppSpec file." + }, + "timeBasedLinear": { + "$ref": "#/types/aws-native:codedeploy:DeploymentConfigTimeBasedLinear", + "description": "A configuration that shifts traffic from one version of a Lambda function or Amazon ECS task set to another in equal increments, with an equal number of minutes between each increment. The original and target Lambda function versions or Amazon ECS task sets are specified in the deployment's AppSpec file." + }, + "type": { + "type": "string", + "description": "The type of traffic shifting ( `TimeBasedCanary` or `TimeBasedLinear` ) used by a deployment configuration." + } + } + }, + "aws-native:codedeploy:DeploymentConfigZonalConfig": { + "type": "object", + "properties": { + "firstZoneMonitorDurationInSeconds": { + "type": "integer", + "description": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the *first* Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. You might set this option if you want to allow extra bake time for the first Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds` , then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* ." + }, + "minimumHealthyHostsPerZone": { + "$ref": "#/types/aws-native:codedeploy:DeploymentConfigMinimumHealthyHostsPerZone", + "description": "The number or percentage of instances that must remain available per Availability Zone during a deployment. This option works in conjunction with the `MinimumHealthyHosts` option. For more information, see [About the minimum number of healthy hosts per Availability Zone](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html#minimum-healthy-hosts-az) in the *CodeDeploy User Guide* .\n\nIf you don't specify the `minimumHealthyHostsPerZone` option, then CodeDeploy uses a default value of `0` percent.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* ." + }, + "monitorDurationInSeconds": { + "type": "integer", + "description": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. Consider adding a monitor duration to give the deployment some time to prove itself (or 'bake') in one Availability Zone before it is released in the next zone. If you don't specify a `monitorDurationInSeconds` , CodeDeploy starts deploying to the next Availability Zone immediately.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* ." + } + } + }, + "aws-native:codeguruprofiler:AgentPermissionsProperties": { + "type": "object", + "properties": { + "principals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The principals for the agent permissions." + } + } + }, + "aws-native:codeguruprofiler:ProfilingGroupChannel": { + "type": "object", + "properties": { + "channelId": { + "type": "string", + "description": "The channel ID." + }, + "channelUri": { + "type": "string", + "description": "The channel URI." + } + } + }, + "aws-native:codeguruprofiler:ProfilingGroupComputePlatform": { + "type": "string" + }, + "aws-native:codeguruprofiler:ProfilingGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. The allowed characters across services are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. The allowed characters across services are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @." + } + } + }, + "aws-native:codegurureviewer:RepositoryAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. The allowed characters across services are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. The allowed characters across services are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @." + } + } + }, + "aws-native:codegurureviewer:RepositoryAssociationType": { + "type": "string" + }, + "aws-native:codepipeline:CustomActionTypeArtifactDetails": { + "type": "object", + "properties": { + "maximumCount": { + "type": "integer", + "description": "The maximum number of artifacts allowed for the action type." + }, + "minimumCount": { + "type": "integer", + "description": "The minimum number of artifacts allowed for the action type." + } + } + }, + "aws-native:codepipeline:CustomActionTypeConfigurationProperties": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The description of the action configuration property that is displayed to users. " + }, + "key": { + "type": "boolean", + "description": "Whether the configuration property is a key." + }, + "name": { + "type": "string", + "description": "The name of the action configuration property." + }, + "queryable": { + "type": "boolean", + "description": "Indicates that the property is used with PollForJobs. When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.If you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric characters, underscores, and hyphens. " + }, + "required": { + "type": "boolean", + "description": "Whether the configuration property is a required value." + }, + "secret": { + "type": "boolean", + "description": "Whether the configuration property is secret. Secrets are hidden from all calls except for GetJobDetails, GetThirdPartyJobDetails, PollForJobs, and PollForThirdPartyJobs." + }, + "type": { + "type": "string", + "description": "The type of the configuration property." + } + } + }, + "aws-native:codepipeline:CustomActionTypeSettings": { + "type": "object", + "properties": { + "entityUrlTemplate": { + "type": "string", + "description": "The URL returned to the AWS CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for an AWS CodeDeploy deployment group. This link is provided as part of the action display in the pipeline. " + }, + "executionUrlTemplate": { + "type": "string", + "description": "The URL returned to the AWS CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for AWS CodeDeploy. This link is shown on the pipeline view page in the AWS CodePipeline console and provides a link to the execution entity of the external action. " + }, + "revisionUrlTemplate": { + "type": "string", + "description": "The URL returned to the AWS CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action. " + }, + "thirdPartyConfigurationUrl": { + "type": "string", + "description": "The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service." + } + } + }, + "aws-native:codepipeline:CustomActionTypeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:codepipeline:PipelineActionDeclaration": { + "type": "object", + "properties": { + "actionTypeId": { + "$ref": "#/types/aws-native:codepipeline:PipelineActionTypeId", + "description": "Specifies the action type and the provider of the action." + }, + "configuration": { + "$ref": "pulumi.json#/Any", + "description": "The action's configuration. These are key-value pairs that specify input values for an action." + }, + "inputArtifacts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineInputArtifact" + }, + "description": "The name or ID of the artifact consumed by the action, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of input artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .\n\n\u003e For a CodeBuild action with multiple input artifacts, one of your input sources must be designated the PrimarySource. For more information, see the [CodeBuild action reference page](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeBuild.html) in the *AWS CodePipeline User Guide* ." + }, + "name": { + "type": "string", + "description": "The action declaration's name." + }, + "namespace": { + "type": "string", + "description": "The variable namespace associated with the action. All variables produced as output by this action fall under this namespace." + }, + "outputArtifacts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineOutputArtifact" + }, + "description": "The name or ID of the result of the action declaration, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of output artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* ." + }, + "region": { + "type": "string", + "description": "The action declaration's AWS Region, such as us-east-1." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM service role that performs the declared action. This is assumed through the roleArn for the pipeline." + }, + "runOrder": { + "type": "integer", + "description": "The order in which actions are run." + }, + "timeoutInMinutes": { + "type": "integer", + "description": "A timeout duration in minutes that can be applied against the ActionType’s default timeout value specified in Quotas for AWS CodePipeline. This attribute is available only to the manual approval ActionType." + } + } + }, + "aws-native:codepipeline:PipelineActionTypeId": { + "type": "object", + "properties": { + "category": { + "$ref": "#/types/aws-native:codepipeline:PipelineActionTypeIdCategory", + "description": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Valid categories are limited to one of the values below." + }, + "owner": { + "type": "string", + "description": "The creator of the action being called. There are three valid values for the Owner field in the action category section within your pipeline structure: AWS, ThirdParty, and Custom." + }, + "provider": { + "type": "string", + "description": "The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of CodeDeploy, which would be specified as CodeDeploy." + }, + "version": { + "type": "string", + "description": "A string that describes the action version." + } + } + }, + "aws-native:codepipeline:PipelineActionTypeIdCategory": { + "type": "string" + }, + "aws-native:codepipeline:PipelineArtifactStore": { + "type": "object", + "properties": { + "encryptionKey": { + "$ref": "#/types/aws-native:codepipeline:PipelineEncryptionKey", + "description": "The encryption key used to encrypt the data in the artifact store, such as an AWS Key Management Service ( AWS KMS) key. If this is undefined, the default key for Amazon S3 is used. To see an example artifact store encryption key field, see the example structure here: [AWS::CodePipeline::Pipeline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html) ." + }, + "location": { + "type": "string", + "description": "The S3 bucket used for storing the artifacts for a pipeline. You can specify the name of an S3 bucket but not a folder in the bucket. A folder to contain the pipeline artifacts is created for you based on the name of the pipeline. You can use any S3 bucket in the same AWS Region as the pipeline to store your pipeline artifacts." + }, + "type": { + "$ref": "#/types/aws-native:codepipeline:PipelineArtifactStoreType", + "description": "The type of the artifact store, such as S3." + } + } + }, + "aws-native:codepipeline:PipelineArtifactStoreMap": { + "type": "object", + "properties": { + "artifactStore": { + "$ref": "#/types/aws-native:codepipeline:PipelineArtifactStore", + "description": "Represents information about the S3 bucket where artifacts are stored for the pipeline.\n\n\u003e You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` ." + }, + "region": { + "type": "string", + "description": "The action declaration's AWS Region, such as us-east-1." + } + } + }, + "aws-native:codepipeline:PipelineArtifactStoreType": { + "type": "string" + }, + "aws-native:codepipeline:PipelineBeforeEntryConditions": { + "type": "object", + "properties": { + "conditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineCondition" + }, + "description": "The conditions that are configured as entry conditions." + } + } + }, + "aws-native:codepipeline:PipelineBlockerDeclaration": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Reserved for future use." + }, + "type": { + "$ref": "#/types/aws-native:codepipeline:PipelineBlockerDeclarationType", + "description": "Reserved for future use." + } + } + }, + "aws-native:codepipeline:PipelineBlockerDeclarationType": { + "type": "string" + }, + "aws-native:codepipeline:PipelineCondition": { + "type": "object", + "properties": { + "result": { + "type": "string", + "description": "The specified result for when the failure conditions are met, such as rolling back the stage" + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineRuleDeclaration" + }, + "description": "The rules that make up the condition." + } + } + }, + "aws-native:codepipeline:PipelineEncryptionKey": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID used to identify the key. For an AWS KMS key, you can use the key ID, the key ARN, or the alias ARN." + }, + "type": { + "type": "string", + "description": "The type of encryption key, such as an AWS KMS key. When creating or updating a pipeline, the value must be set to 'KMS'." + } + } + }, + "aws-native:codepipeline:PipelineExecutionMode": { + "type": "string" + }, + "aws-native:codepipeline:PipelineFailureConditions": { + "type": "object", + "properties": { + "conditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineCondition" + }, + "description": "The conditions that are configured as failure conditions." + }, + "result": { + "$ref": "#/types/aws-native:codepipeline:PipelineFailureConditionsResult", + "description": "The specified result for when the failure conditions are met, such as rolling back the stage" + } + } + }, + "aws-native:codepipeline:PipelineFailureConditionsResult": { + "type": "string" + }, + "aws-native:codepipeline:PipelineGitBranchFilterCriteria": { + "type": "object", + "properties": { + "excludes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline." + }, + "includes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline." + } + } + }, + "aws-native:codepipeline:PipelineGitConfiguration": { + "type": "object", + "properties": { + "pullRequest": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineGitPullRequestFilter" + }, + "description": "The field where the repository event that will start the pipeline is specified as pull requests." + }, + "push": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineGitPushFilter" + }, + "description": "The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details." + }, + "sourceActionName": { + "type": "string", + "description": "The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only." + } + } + }, + "aws-native:codepipeline:PipelineGitFilePathFilterCriteria": { + "type": "object", + "properties": { + "excludes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline." + }, + "includes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline." + } + } + }, + "aws-native:codepipeline:PipelineGitPullRequestFilter": { + "type": "object", + "properties": { + "branches": { + "$ref": "#/types/aws-native:codepipeline:PipelineGitBranchFilterCriteria", + "description": "The field that specifies to filter on branches for the pull request trigger configuration." + }, + "events": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The field that specifies which pull request events to filter on (opened, updated, closed) for the trigger configuration." + }, + "filePaths": { + "$ref": "#/types/aws-native:codepipeline:PipelineGitFilePathFilterCriteria", + "description": "The field that specifies to filter on file paths for the pull request trigger configuration." + } + } + }, + "aws-native:codepipeline:PipelineGitPushFilter": { + "type": "object", + "properties": { + "branches": { + "$ref": "#/types/aws-native:codepipeline:PipelineGitBranchFilterCriteria", + "description": "The field that specifies to filter on branches for the push trigger configuration." + }, + "filePaths": { + "$ref": "#/types/aws-native:codepipeline:PipelineGitFilePathFilterCriteria", + "description": "The field that specifies to filter on file paths for the push trigger configuration." + }, + "tags": { + "$ref": "#/types/aws-native:codepipeline:PipelineGitTagFilterCriteria", + "description": "The field that contains the details for the Git tags trigger configuration." + } + } + }, + "aws-native:codepipeline:PipelineGitTagFilterCriteria": { + "type": "object", + "properties": { + "excludes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline." + }, + "includes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline." + } + } + }, + "aws-native:codepipeline:PipelineInputArtifact": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the artifact to be worked on (for example, \"My App\")." + } + } + }, + "aws-native:codepipeline:PipelineOutputArtifact": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the output of an artifact, such as \"My App\"." + } + } + }, + "aws-native:codepipeline:PipelineRuleDeclaration": { + "type": "object", + "properties": { + "configuration": { + "$ref": "pulumi.json#/Any", + "description": "The rule's configuration. These are key-value pairs that specify input values for a rule." + }, + "inputArtifacts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineInputArtifact" + }, + "description": "The input artifacts fields for the rule, such as specifying an input file for the rule." + }, + "name": { + "type": "string", + "description": "The rule declaration's name." + }, + "region": { + "type": "string", + "description": "The rule declaration's AWS Region, such as us-east-1." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM service role that performs the declared rule. This is assumed through the roleArn for the pipeline." + }, + "ruleTypeId": { + "$ref": "#/types/aws-native:codepipeline:PipelineRuleTypeId", + "description": "The ID for the rule type, which is made up of the combined values for category, owner, provider, and version." + } + } + }, + "aws-native:codepipeline:PipelineRuleTypeId": { + "type": "object", + "properties": { + "category": { + "type": "string", + "description": "A category for the provider type for the rule." + }, + "owner": { + "type": "string", + "description": "The creator of the rule being called. Only AWS is supported." + }, + "provider": { + "type": "string", + "description": "The provider of the service being called by the rule." + }, + "version": { + "type": "string", + "description": "A string that describes the rule version." + } + } + }, + "aws-native:codepipeline:PipelineStageDeclaration": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineActionDeclaration" + }, + "description": "The actions included in a stage." + }, + "beforeEntry": { + "$ref": "#/types/aws-native:codepipeline:PipelineBeforeEntryConditions", + "description": "The method to use before stage runs." + }, + "blockers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineBlockerDeclaration" + }, + "description": "Reserved for future use." + }, + "name": { + "type": "string", + "description": "The name of the stage." + }, + "onFailure": { + "$ref": "#/types/aws-native:codepipeline:PipelineFailureConditions", + "description": "The method to use when a stage has not completed successfully" + }, + "onSuccess": { + "$ref": "#/types/aws-native:codepipeline:PipelineSuccessConditions", + "description": "The method to use when a stage has completed successfully" + } + } + }, + "aws-native:codepipeline:PipelineStageTransition": { + "type": "object", + "properties": { + "reason": { + "type": "string", + "description": "The reason given to the user that a stage is disabled, such as waiting for manual approval or manual tests. This message is displayed in the pipeline console UI." + }, + "stageName": { + "type": "string", + "description": "The name of the stage where you want to disable the inbound or outbound transition of artifacts." + } + } + }, + "aws-native:codepipeline:PipelineSuccessConditions": { + "type": "object", + "properties": { + "conditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:codepipeline:PipelineCondition" + }, + "description": "The conditions that are success conditions." + } + } + }, + "aws-native:codepipeline:PipelineTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:codepipeline:PipelineTriggerDeclaration": { + "type": "object", + "properties": { + "gitConfiguration": { + "$ref": "#/types/aws-native:codepipeline:PipelineGitConfiguration", + "description": "Provides the filter criteria and the source stage for the repository event that starts the pipeline, such as Git tags." + }, + "providerType": { + "$ref": "#/types/aws-native:codepipeline:PipelineTriggerDeclarationProviderType", + "description": "The source provider for the event, such as connections configured for a repository with Git tags, for the specified trigger configuration." + } + } + }, + "aws-native:codepipeline:PipelineTriggerDeclarationProviderType": { + "type": "string" + }, + "aws-native:codepipeline:PipelineType": { + "type": "string" + }, + "aws-native:codepipeline:PipelineVariableDeclaration": { + "type": "object", + "properties": { + "defaultValue": { + "type": "string", + "description": "The value of a pipeline-level variable." + }, + "description": { + "type": "string", + "description": "The description of a pipeline-level variable. It's used to add additional context about the variable, and not being used at time when pipeline executes." + }, + "name": { + "type": "string", + "description": "The name of a pipeline-level variable." + } + } + }, + "aws-native:codestarconnections:ConnectionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:codestarconnections:RepositoryLinkProviderType": { + "type": "string" + }, + "aws-native:codestarconnections:RepositoryLinkTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, , ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, , ., /, =, +, and -. " + } + } + }, + "aws-native:codestarconnections:SyncConfigurationProviderType": { + "type": "string" + }, + "aws-native:codestarconnections:SyncConfigurationPublishDeploymentStatus": { + "type": "string" + }, + "aws-native:codestarconnections:SyncConfigurationTriggerResourceUpdateOn": { + "type": "string" + }, + "aws-native:codestarnotifications:NotificationRuleDetailType": { + "type": "string" + }, + "aws-native:codestarnotifications:NotificationRuleStatus": { + "type": "string" + }, + "aws-native:codestarnotifications:NotificationRuleTarget": { + "type": "object", + "properties": { + "targetAddress": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Chatbot topic or AWS Chatbot client." + }, + "targetType": { + "type": "string", + "description": "The target type. Can be an Amazon Simple Notification Service topic or AWS Chatbot client.\n\n- Amazon Simple Notification Service topics are specified as `SNS` .\n- AWS Chatbot clients are specified as `AWSChatbotSlack` .\n- AWS Chatbot clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` ." + } + } + }, + "aws-native:cognito:IdentityPoolCognitoIdentityProvider": { + "type": "object", + "properties": { + "clientId": { + "type": "string", + "description": "The client ID for the Amazon Cognito user pool." + }, + "providerName": { + "type": "string", + "description": "The provider name for an Amazon Cognito user pool. For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` ." + }, + "serverSideTokenCheck": { + "type": "boolean", + "description": "TRUE if server-side token validation is enabled for the identity provider’s token.\n\nAfter you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.\n\nIf the user is signed out or deleted, the identity pool returns a 400 Not Authorized error." + } + } + }, + "aws-native:cognito:IdentityPoolCognitoStreams": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream." + }, + "streamName": { + "type": "string", + "description": "The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool." + }, + "streamingStatus": { + "type": "string", + "description": "Status of the Amazon Cognito streams. Valid values are: `ENABLED` or `DISABLED` ." + } + } + }, + "aws-native:cognito:IdentityPoolPushSync": { + "type": "object", + "properties": { + "applicationArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARNs of the Amazon SNS platform applications that could be used by clients." + }, + "roleArn": { + "type": "string", + "description": "An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer." + } + } + }, + "aws-native:cognito:IdentityPoolRoleAttachmentMappingRule": { + "type": "object", + "properties": { + "claim": { + "type": "string" + }, + "matchType": { + "type": "string" + }, + "roleArn": { + "type": "string" + }, + "value": { + "type": "string" + } + }, + "irreversibleNames": { + "roleArn": "RoleARN" + } + }, + "aws-native:cognito:IdentityPoolRoleAttachmentRoleMapping": { + "type": "object", + "properties": { + "ambiguousRoleResolution": { + "type": "string" + }, + "identityProvider": { + "type": "string" + }, + "rulesConfiguration": { + "$ref": "#/types/aws-native:cognito:IdentityPoolRoleAttachmentRulesConfigurationType" + }, + "type": { + "type": "string" + } + } + }, + "aws-native:cognito:IdentityPoolRoleAttachmentRulesConfigurationType": { + "type": "object", + "properties": { + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:IdentityPoolRoleAttachmentMappingRule" + } + } + } + }, + "aws-native:cognito:IdentityPoolTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:cognito:LogDeliveryConfigurationCloudWatchLogsConfiguration": { + "type": "object", + "properties": { + "logGroupArn": { + "type": "string" + } + } + }, + "aws-native:cognito:LogDeliveryConfigurationFirehoseConfiguration": { + "type": "object", + "properties": { + "streamArn": { + "type": "string" + } + } + }, + "aws-native:cognito:LogDeliveryConfigurationLogConfiguration": { + "type": "object", + "properties": { + "cloudWatchLogsConfiguration": { + "$ref": "#/types/aws-native:cognito:LogDeliveryConfigurationCloudWatchLogsConfiguration" + }, + "eventSource": { + "type": "string" + }, + "firehoseConfiguration": { + "$ref": "#/types/aws-native:cognito:LogDeliveryConfigurationFirehoseConfiguration" + }, + "logLevel": { + "type": "string" + }, + "s3Configuration": { + "$ref": "#/types/aws-native:cognito:LogDeliveryConfigurationS3Configuration" + } + }, + "irreversibleNames": { + "s3Configuration": "S3Configuration" + } + }, + "aws-native:cognito:LogDeliveryConfigurationS3Configuration": { + "type": "object", + "properties": { + "bucketArn": { + "type": "string" + } + } + }, + "aws-native:cognito:UserPoolAccountRecoverySetting": { + "type": "object", + "properties": { + "recoveryMechanisms": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:cognito:UserPoolRecoveryOption" + }, + "description": "The list of `RecoveryOptionTypes` ." + } + } + }, + "aws-native:cognito:UserPoolAddOns": { + "type": "object", + "properties": { + "advancedSecurityAdditionalFlows": { + "$ref": "#/types/aws-native:cognito:UserPoolAdvancedSecurityAdditionalFlows" + }, + "advancedSecurityMode": { + "type": "string", + "description": "The operating mode of advanced security features in your user pool." + } + } + }, + "aws-native:cognito:UserPoolAdminCreateUserConfig": { + "type": "object", + "properties": { + "allowAdminCreateUserOnly": { + "type": "boolean", + "description": "Set to `True` if only the administrator is allowed to create user profiles. Set to `False` if users can sign themselves up via an app." + }, + "inviteMessageTemplate": { + "$ref": "#/types/aws-native:cognito:UserPoolInviteMessageTemplate", + "description": "The message template to be used for the welcome message to new users.\n\nSee also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) ." + }, + "unusedAccountValidityDays": { + "type": "integer", + "description": "The user account expiration limit, in days, after which a new account that hasn't signed in is no longer usable. To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `\"RESEND\"` for the `MessageAction` parameter. The default value for this parameter is 7.\n\n\u003e If you set a value for `TemporaryPasswordValidityDays` in `PasswordPolicy` , that value will be used, and `UnusedAccountValidityDays` will be no longer be an available parameter for that user pool." + } + } + }, + "aws-native:cognito:UserPoolAdvancedSecurityAdditionalFlows": { + "type": "object", + "properties": { + "customAuthMode": { + "type": "string" + } + } + }, + "aws-native:cognito:UserPoolClientAnalyticsConfiguration": { + "type": "object", + "properties": { + "applicationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project. You can use the Amazon Pinpoint project for integration with the chosen user pool client. Amazon Cognito publishes events to the Amazon Pinpoint project that the app ARN declares." + }, + "applicationId": { + "type": "string", + "description": "The application ID for an Amazon Pinpoint application." + }, + "externalId": { + "type": "string", + "description": "The external ID." + }, + "roleArn": { + "type": "string", + "description": "The ARN of an AWS Identity and Access Management role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics." + }, + "userDataShared": { + "type": "boolean", + "description": "If `UserDataShared` is `true` , Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics." + } + } + }, + "aws-native:cognito:UserPoolClientTokenValidityUnits": { + "type": "object", + "properties": { + "accessToken": { + "type": "string", + "description": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is hours. `AccessTokenValidity` duration can range from five minutes to one day." + }, + "idToken": { + "type": "string", + "description": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is hours. `IdTokenValidity` duration can range from five minutes to one day." + }, + "refreshToken": { + "type": "string", + "description": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is days. `RefreshTokenValidity` duration can range from 60 minutes to 10 years." + } + } + }, + "aws-native:cognito:UserPoolCustomEmailSender": { + "type": "object", + "properties": { + "lambdaArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon Cognito triggers to send email notifications to users." + }, + "lambdaVersion": { + "type": "string", + "description": "The Lambda version represents the signature of the \"request\" attribute in the \"event\" information that Amazon Cognito passes to your custom email sender AWS Lambda function. The only supported value is `V1_0` ." + } + } + }, + "aws-native:cognito:UserPoolCustomSmsSender": { + "type": "object", + "properties": { + "lambdaArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon Cognito triggers to send SMS notifications to users." + }, + "lambdaVersion": { + "type": "string", + "description": "The Lambda version represents the signature of the \"request\" attribute in the \"event\" information Amazon Cognito passes to your custom SMS sender Lambda function. The only supported value is `V1_0` ." + } + } + }, + "aws-native:cognito:UserPoolDeviceConfiguration": { + "type": "object", + "properties": { + "challengeRequiredOnNewDevice": { + "type": "boolean", + "description": "When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).\n\n\u003e Whether or not `ChallengeRequiredOnNewDevice` is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA." + }, + "deviceOnlyRememberedOnUserPrompt": { + "type": "boolean", + "description": "When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a [ConfirmDevice](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html) API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an [UpdateDeviceStatus](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html) API request.\n\nWhen `DeviceOnlyRememberedOnUserPrompt` is `false` , Amazon Cognito immediately remembers devices that you register in a `ConfirmDevice` API request." + } + } + }, + "aws-native:cognito:UserPoolDomainCustomDomainConfigType": { + "type": "object", + "properties": { + "certificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain." + } + } + }, + "aws-native:cognito:UserPoolEmailConfiguration": { + "type": "object", + "properties": { + "configurationSet": { + "type": "string", + "description": "The set of configuration rules that can be applied to emails sent using Amazon SES. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:\n\n- Event publishing – Amazon SES can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as SNS and CloudWatch.\n- IP pool management – When leasing dedicated IP addresses with Amazon SES, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets." + }, + "emailSendingAccount": { + "type": "string", + "description": "Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:\n\n- **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.\n\nTo look up the email delivery limit for the default option, see [Limits](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Amazon Cognito Developer Guide* .\n\nThe default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter.\n- **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account .\n\nIf you use this option, provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter.\n\nBefore Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role in your AWS account . This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* ." + }, + "from": { + "type": "string", + "description": "Identifies either the sender's email address or the sender's name with their email address. For example, `testuser@example.com` or `Test User \u003ctestuser@example.com\u003e` . This address appears before the body of the email." + }, + "replyToEmailAddress": { + "type": "string", + "description": "The destination to which the receiver of the email should reply." + }, + "sourceArn": { + "type": "string", + "description": "The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a `SourceArn` email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter:\n\n- If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.\n- If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.\n\nThe Region value of the `SourceArn` parameter must indicate a supported AWS Region of your user pool. Typically, the Region in the `SourceArn` and the user pool Region are the same. For more information, see [Amazon SES email configuration regions](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping) in the [Amazon Cognito Developer Guide](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) ." + } + } + }, + "aws-native:cognito:UserPoolInviteMessageTemplate": { + "type": "object", + "properties": { + "emailMessage": { + "type": "string", + "description": "The message template for email messages. EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER." + }, + "emailSubject": { + "type": "string", + "description": "The subject line for email messages. EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER." + }, + "smsMessage": { + "type": "string", + "description": "The message template for SMS messages." + } + }, + "irreversibleNames": { + "smsMessage": "SMSMessage" + } + }, + "aws-native:cognito:UserPoolLambdaConfig": { + "type": "object", + "properties": { + "createAuthChallenge": { + "type": "string", + "description": "Creates an authentication challenge." + }, + "customEmailSender": { + "$ref": "#/types/aws-native:cognito:UserPoolCustomEmailSender", + "description": "A custom email sender AWS Lambda trigger." + }, + "customMessage": { + "type": "string", + "description": "A custom Message AWS Lambda trigger." + }, + "customSmsSender": { + "$ref": "#/types/aws-native:cognito:UserPoolCustomSmsSender", + "description": "A custom SMS sender AWS Lambda trigger." + }, + "defineAuthChallenge": { + "type": "string", + "description": "Defines the authentication challenge." + }, + "kmsKeyId": { + "type": "string", + "description": "The Amazon Resource Name of a AWS Key Management Service ( AWS KMS ) key. Amazon Cognito uses the key to encrypt codes and temporary passwords sent to `CustomEmailSender` and `CustomSMSSender` ." + }, + "postAuthentication": { + "type": "string", + "description": "A post-authentication AWS Lambda trigger." + }, + "postConfirmation": { + "type": "string", + "description": "A post-confirmation AWS Lambda trigger." + }, + "preAuthentication": { + "type": "string", + "description": "A pre-authentication AWS Lambda trigger." + }, + "preSignUp": { + "type": "string", + "description": "A pre-registration AWS Lambda trigger." + }, + "preTokenGeneration": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nSet this parameter for legacy purposes. If you also set an ARN in `PreTokenGenerationConfig` , its value must be identical to `PreTokenGeneration` . For new instances of pre token generation triggers, set the `LambdaArn` of `PreTokenGenerationConfig` .\n\nYou can set ``" + }, + "preTokenGenerationConfig": { + "$ref": "#/types/aws-native:cognito:UserPoolPreTokenGenerationConfig", + "description": "The detailed configuration of a pre token generation trigger. If you also set an ARN in `PreTokenGeneration` , its value must be identical to `PreTokenGenerationConfig` ." + }, + "userMigration": { + "type": "string", + "description": "The user migration Lambda config type." + }, + "verifyAuthChallengeResponse": { + "type": "string", + "description": "Verifies the authentication challenge response." + } + }, + "irreversibleNames": { + "customSmsSender": "CustomSMSSender", + "kmsKeyId": "KMSKeyID" + } + }, + "aws-native:cognito:UserPoolNumberAttributeConstraints": { + "type": "object", + "properties": { + "maxValue": { + "type": "string", + "description": "The maximum length of a number attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer." + }, + "minValue": { + "type": "string", + "description": "The minimum value of an attribute that is of the number data type." + } + } + }, + "aws-native:cognito:UserPoolPasswordPolicy": { + "type": "object", + "properties": { + "minimumLength": { + "type": "integer", + "description": "The minimum length of the password in the policy that you have set. This value can't be less than 6." + }, + "passwordHistorySize": { + "type": "integer" + }, + "requireLowercase": { + "type": "boolean", + "description": "In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password." + }, + "requireNumbers": { + "type": "boolean", + "description": "In the password policy that you have set, refers to whether you have required users to use at least one number in their password." + }, + "requireSymbols": { + "type": "boolean", + "description": "In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password." + }, + "requireUppercase": { + "type": "boolean", + "description": "In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password." + }, + "temporaryPasswordValidityDays": { + "type": "integer", + "description": "The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to `7` . If you submit a value of `0` , Amazon Cognito treats it as a null value and sets `TemporaryPasswordValidityDays` to its default value.\n\n\u003e When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set a value for the legacy `UnusedAccountValidityDays` parameter in that user pool." + } + } + }, + "aws-native:cognito:UserPoolPolicies": { + "type": "object", + "properties": { + "passwordPolicy": { + "$ref": "#/types/aws-native:cognito:UserPoolPasswordPolicy", + "description": "The password policy." + } + } + }, + "aws-native:cognito:UserPoolPreTokenGenerationConfig": { + "type": "object", + "properties": { + "lambdaArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nThis parameter and the `PreTokenGeneration` property of `LambdaConfig` have the same value. For new instances of pre token generation triggers, set `LambdaArn` ." + }, + "lambdaVersion": { + "type": "string", + "description": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features." + } + } + }, + "aws-native:cognito:UserPoolRecoveryOption": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Specifies the recovery method for a user." + }, + "priority": { + "type": "integer", + "description": "A positive integer specifying priority of a method with 1 being the highest priority." + } + } + }, + "aws-native:cognito:UserPoolResourceServerResourceServerScopeType": { + "type": "object", + "properties": { + "scopeDescription": { + "type": "string", + "description": "A description of the scope." + }, + "scopeName": { + "type": "string", + "description": "The name of the scope." + } + } + }, + "aws-native:cognito:UserPoolRiskConfigurationAttachmentAccountTakeoverActionType": { + "type": "object", + "properties": { + "eventAction": { + "type": "string", + "description": "The action to take in response to the account takeover action. Valid values are as follows:\n\n- `BLOCK` Choosing this action will block the request.\n- `MFA_IF_CONFIGURED` Present an MFA challenge if user has configured it, else allow the request.\n- `MFA_REQUIRED` Present an MFA challenge if user has configured it, else block the request.\n- `NO_ACTION` Allow the user to sign in." + }, + "notify": { + "type": "boolean", + "description": "Flag specifying whether to send a notification." + } + } + }, + "aws-native:cognito:UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType": { + "type": "object", + "properties": { + "highAction": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentAccountTakeoverActionType", + "description": "Action to take for a high risk." + }, + "lowAction": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentAccountTakeoverActionType", + "description": "Action to take for a low risk." + }, + "mediumAction": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentAccountTakeoverActionType", + "description": "Action to take for a medium risk." + } + } + }, + "aws-native:cognito:UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType": { + "type": "object", + "properties": { + "actions": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType", + "description": "Account takeover risk configuration actions." + }, + "notifyConfiguration": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentNotifyConfigurationType", + "description": "The notify configuration used to construct email notifications." + } + } + }, + "aws-native:cognito:UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType": { + "type": "object", + "properties": { + "eventAction": { + "type": "string", + "description": "The event action." + } + } + }, + "aws-native:cognito:UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType": { + "type": "object", + "properties": { + "actions": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType", + "description": "The compromised credentials risk configuration actions." + }, + "eventFilter": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Perform the action for these events. The default is to perform all events if no event filter is specified." + } + } + }, + "aws-native:cognito:UserPoolRiskConfigurationAttachmentNotifyConfigurationType": { + "type": "object", + "properties": { + "blockEmail": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentNotifyEmailType", + "description": "Email template used when a detected risk event is blocked." + }, + "from": { + "type": "string", + "description": "The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES." + }, + "mfaEmail": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentNotifyEmailType", + "description": "The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk." + }, + "noActionEmail": { + "$ref": "#/types/aws-native:cognito:UserPoolRiskConfigurationAttachmentNotifyEmailType", + "description": "The email template used when a detected risk event is allowed." + }, + "replyTo": { + "type": "string", + "description": "The destination to which the receiver of an email should reply to." + }, + "sourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the `From` parameter." + } + } + }, + "aws-native:cognito:UserPoolRiskConfigurationAttachmentNotifyEmailType": { + "type": "object", + "properties": { + "htmlBody": { + "type": "string", + "description": "The email HTML body." + }, + "subject": { + "type": "string", + "description": "The email subject." + }, + "textBody": { + "type": "string", + "description": "The email text body." + } + } + }, + "aws-native:cognito:UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType": { + "type": "object", + "properties": { + "blockedIpRangeList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix." + }, + "skippedIpRangeList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Risk detection isn't performed on the IP addresses in this range list. The IP range is in CIDR notation." + } + }, + "irreversibleNames": { + "blockedIpRangeList": "BlockedIPRangeList", + "skippedIpRangeList": "SkippedIPRangeList" + } + }, + "aws-native:cognito:UserPoolSchemaAttribute": { + "type": "object", + "properties": { + "attributeDataType": { + "type": "string", + "description": "The data format of the values for your attribute. When you choose an `AttributeDataType` , Amazon Cognito validates the input against the data type. A custom attribute value in your user's ID token is always a string, for example `\"custom:isMember\" : \"true\"` or `\"custom:YearsAsMember\" : \"12\"` ." + }, + "developerOnlyAttribute": { + "type": "boolean", + "description": "\u003e We recommend that you use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` . \n\nSpecifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users will not be able to modify this attribute using their access token." + }, + "mutable": { + "type": "boolean", + "description": "Specifies whether the value of the attribute can be changed.\n\nAny user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) ." + }, + "name": { + "type": "string", + "description": "The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a `Name` value of `MyAttribute` , Amazon Cognito creates the custom attribute `custom:MyAttribute` . When `DeveloperOnlyAttribute` is `true` , Amazon Cognito creates your attribute as `dev:MyAttribute` . In an operation that describes a user pool, Amazon Cognito returns this value as `value` for standard attributes, `custom:value` for custom attributes, and `dev:value` for developer-only attributes.." + }, + "numberAttributeConstraints": { + "$ref": "#/types/aws-native:cognito:UserPoolNumberAttributeConstraints", + "description": "Specifies the constraints for an attribute of the number type." + }, + "required": { + "type": "boolean", + "description": "Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail." + }, + "stringAttributeConstraints": { + "$ref": "#/types/aws-native:cognito:UserPoolStringAttributeConstraints", + "description": "Specifies the constraints for an attribute of the string type." + } + } + }, + "aws-native:cognito:UserPoolSmsConfiguration": { + "type": "object", + "properties": { + "externalId": { + "type": "string", + "description": "The external ID is a value. We recommend you use `ExternalId` to add security to your IAM role, which is used to call Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , the Cognito User Pool uses it when attempting to assume your IAM role. You can also set your roles trust policy to require the `ExternalID` . If you use the Cognito Management Console to create a role for SMS MFA, Cognito creates a role with the required permissions and a trust policy that uses `ExternalId` ." + }, + "snsCallerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) ." + }, + "snsRegion": { + "type": "string", + "description": "The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported *Legacy Amazon SNS alternate Region* .\n\nAmazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) ." + } + } + }, + "aws-native:cognito:UserPoolStringAttributeConstraints": { + "type": "object", + "properties": { + "maxLength": { + "type": "string", + "description": "The maximum length of a string attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer." + }, + "minLength": { + "type": "string", + "description": "The minimum length." + } + } + }, + "aws-native:cognito:UserPoolUserAttributeType": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the attribute." + }, + "value": { + "type": "string", + "description": "The value of the attribute." + } + } + }, + "aws-native:cognito:UserPoolUserAttributeUpdateSettings": { + "type": "object", + "properties": { + "attributesRequireVerificationBeforeUpdate": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn’t change the value of the attribute until your user responds to the verification message and confirms the new value.\n\nYou can verify an updated email address or phone number with a [VerifyUserAttribute](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifyUserAttribute.html) API request. You can also call the [AdminUpdateUserAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html) API and set `email_verified` or `phone_number_verified` to true.\n\nWhen `AttributesRequireVerificationBeforeUpdate` is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where `AttributesRequireVerificationBeforeUpdate` is false, API operations that change attribute values can immediately update a user’s `email` or `phone_number` attribute." + } + } + }, + "aws-native:cognito:UserPoolUsernameConfiguration": { + "type": "object", + "properties": { + "caseSensitive": { + "type": "boolean", + "description": "Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.\n\nValid values include:\n\n- **True** - Enables case sensitivity for all username input. When this option is set to `True` , users must sign in using the exact capitalization of their given username, such as \"UserName\". This is the default value.\n- **False** - Enables case insensitivity for all username input. For example, when this option is set to `False` , users can sign in using `username` , `USERNAME` , or `UserName` . This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute." + } + } + }, + "aws-native:cognito:UserPoolVerificationMessageTemplate": { + "type": "object", + "properties": { + "defaultEmailOption": { + "type": "string", + "description": "The default email option." + }, + "emailMessage": { + "type": "string", + "description": "The template for email messages that Amazon Cognito sends to your users. You can set an `EmailMessage` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration." + }, + "emailMessageByLink": { + "type": "string", + "description": "The email message template for sending a confirmation link to the user. You can set an `EmailMessageByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration." + }, + "emailSubject": { + "type": "string", + "description": "The subject line for the email message template. You can set an `EmailSubject` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration." + }, + "emailSubjectByLink": { + "type": "string", + "description": "The subject line for the email message template for sending a confirmation link to the user. You can set an `EmailSubjectByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration." + }, + "smsMessage": { + "type": "string", + "description": "The template for SMS messages that Amazon Cognito sends to your users." + } + } + }, + "aws-native:comprehend:DocumentClassifierAugmentedManifestsListItem": { + "type": "object", + "properties": { + "attributeNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The JSON attribute that contains the annotations for your training documents. The number of attribute names that you specify depends on whether your augmented manifest file is the output of a single labeling job or a chained labeling job.\n\nIf your file is the output of a single labeling job, specify the LabelAttributeName key that was used when the job was created in Ground Truth.\n\nIf your file is the output of a chained labeling job, specify the LabelAttributeName key for one or more jobs in the chain. Each LabelAttributeName key provides the annotations from an individual job." + }, + "s3Uri": { + "type": "string", + "description": "The Amazon S3 location of the augmented manifest file." + }, + "split": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierAugmentedManifestsListItemSplit", + "description": "The purpose of the data you've provided in the augmented manifest. You can either train or test this data. If you don't specify, the default is train.\n\nTRAIN - all of the documents in the manifest will be used for training. If no test documents are provided, Amazon Comprehend will automatically reserve a portion of the training documents for testing.\n\nTEST - all of the documents in the manifest will be used for testing." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:comprehend:DocumentClassifierAugmentedManifestsListItemSplit": { + "type": "string" + }, + "aws-native:comprehend:DocumentClassifierDocumentReaderConfig": { + "type": "object", + "properties": { + "documentReadAction": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierDocumentReaderConfigDocumentReadAction", + "description": "This field defines the Amazon Textract API operation that Amazon Comprehend uses to extract text from PDF files and image files. Enter one of the following values:\n\n- `TEXTRACT_DETECT_DOCUMENT_TEXT` - The Amazon Comprehend service uses the `DetectDocumentText` API operation.\n- `TEXTRACT_ANALYZE_DOCUMENT` - The Amazon Comprehend service uses the `AnalyzeDocument` API operation." + }, + "documentReadMode": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierDocumentReaderConfigDocumentReadMode", + "description": "Determines the text extraction actions for PDF files. Enter one of the following values:\n\n- `SERVICE_DEFAULT` - use the Amazon Comprehend service defaults for PDF files.\n- `FORCE_DOCUMENT_READ_ACTION` - Amazon Comprehend uses the Textract API specified by DocumentReadAction for all PDF files, including digital PDF files." + }, + "featureTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierDocumentReaderConfigFeatureTypesItem" + }, + "description": "Specifies the type of Amazon Textract features to apply. If you chose `TEXTRACT_ANALYZE_DOCUMENT` as the read action, you must specify one or both of the following values:\n\n- `TABLES` - Returns additional information about any tables that are detected in the input document.\n- `FORMS` - Returns additional information about any forms that are detected in the input document." + } + } + }, + "aws-native:comprehend:DocumentClassifierDocumentReaderConfigDocumentReadAction": { + "type": "string" + }, + "aws-native:comprehend:DocumentClassifierDocumentReaderConfigDocumentReadMode": { + "type": "string" + }, + "aws-native:comprehend:DocumentClassifierDocumentReaderConfigFeatureTypesItem": { + "type": "string" + }, + "aws-native:comprehend:DocumentClassifierDocuments": { + "type": "object", + "properties": { + "s3Uri": { + "type": "string", + "description": "The S3 URI location of the training documents specified in the S3Uri CSV file." + }, + "testS3Uri": { + "type": "string", + "description": "The S3 URI location of the test documents included in the TestS3Uri CSV file. This field is not required if you do not specify a test CSV file." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri", + "testS3Uri": "TestS3Uri" + } + }, + "aws-native:comprehend:DocumentClassifierInputDataConfig": { + "type": "object", + "properties": { + "augmentedManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierAugmentedManifestsListItem" + }, + "description": "A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth.\n\nThis parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` ." + }, + "dataFormat": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierInputDataConfigDataFormat", + "description": "The format of your training data:\n\n- `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request.\n- `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels.\n\nIf you use this value, you must provide the `AugmentedManifests` parameter in your request.\n\nIf you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default." + }, + "documentReaderConfig": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierDocumentReaderConfig" + }, + "documentType": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierInputDataConfigDocumentType", + "description": "The type of input documents for training the model. Provide plain-text documents to create a plain-text model, and provide semi-structured documents to create a native document model." + }, + "documents": { + "$ref": "#/types/aws-native:comprehend:DocumentClassifierDocuments", + "description": "The S3 location of the training documents. This parameter is required in a request to create a native document model." + }, + "labelDelimiter": { + "type": "string", + "description": "Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL." + }, + "s3Uri": { + "type": "string", + "description": "The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files.\n\nFor example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input.\n\nThis parameter is required if you set `DataFormat` to `COMPREHEND_CSV` ." + }, + "testS3Uri": { + "type": "string", + "description": "This specifies the Amazon S3 location that contains the test annotations for the document classifier. The URI must be in the same AWS Region as the API endpoint that you are calling." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri", + "testS3Uri": "TestS3Uri" + } + }, + "aws-native:comprehend:DocumentClassifierInputDataConfigDataFormat": { + "type": "string" + }, + "aws-native:comprehend:DocumentClassifierInputDataConfigDocumentType": { + "type": "string" + }, + "aws-native:comprehend:DocumentClassifierLanguageCode": { + "type": "string" + }, + "aws-native:comprehend:DocumentClassifierMode": { + "type": "string" + }, + "aws-native:comprehend:DocumentClassifierOutputDataConfig": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt the output results from an analysis job. The KmsKeyId can be one of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- KMS Key Alias: `\"alias/ExampleAlias\"`\n- ARN of a KMS Key Alias: `\"arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\"`" + }, + "s3Uri": { + "type": "string", + "description": "When you use the `OutputDataConfig` object while creating a custom classifier, you specify the Amazon S3 location where you want to write the confusion matrix and other output files. The URI must be in the same Region as the API endpoint that you are calling. The location is used as the prefix for the actual location of this output file.\n\nWhen the custom classifier job is finished, the service creates the output file in a directory specific to the job. The `S3Uri` field contains the location of the output file, called `output.tar.gz` . It is a compressed archive that contains the confusion matrix." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:comprehend:DocumentClassifierTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The initial part of a key-value pair that forms a tag associated with a given resource. For instance, if you want to show which resources are used by which departments, you might use \"Department\" as the key portion of the pair, with multiple possible values such as \"sales,\" \"legal,\" and \"administration.\"" + }, + "value": { + "type": "string", + "description": "The second part of a key-value pair that forms a tag associated with a given resource. For instance, if you want to show which resources are used by which departments, you might use \"Department\" as the initial (key) portion of the pair, with a value of \"sales\" to indicate the sales department." + } + } + }, + "aws-native:comprehend:DocumentClassifierVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you’ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) ." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC’s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) ." + } + } + }, + "aws-native:comprehend:FlywheelDataSecurityConfig": { + "type": "object", + "properties": { + "dataLakeKmsKeyId": { + "type": "string", + "description": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the data in the data lake." + }, + "modelKmsKeyId": { + "type": "string", + "description": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`" + }, + "volumeKmsKeyId": { + "type": "string", + "description": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the volume." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:comprehend:FlywheelVpcConfig", + "description": "Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) ." + } + } + }, + "aws-native:comprehend:FlywheelDocumentClassificationConfig": { + "type": "object", + "properties": { + "labels": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more labels to associate with the custom classifier." + }, + "mode": { + "$ref": "#/types/aws-native:comprehend:FlywheelDocumentClassificationConfigMode", + "description": "Classification mode indicates whether the documents are `MULTI_CLASS` or `MULTI_LABEL` ." + } + } + }, + "aws-native:comprehend:FlywheelDocumentClassificationConfigMode": { + "type": "string" + }, + "aws-native:comprehend:FlywheelEntityRecognitionConfig": { + "type": "object", + "properties": { + "entityTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:comprehend:FlywheelEntityTypesListItem" + }, + "description": "Up to 25 entity types that the model is trained to recognize." + } + } + }, + "aws-native:comprehend:FlywheelEntityTypesListItem": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "An entity type within a labeled training dataset that Amazon Comprehend uses to train a custom entity recognizer.\n\nEntity types must not contain the following invalid characters: \\n (line break), \\\\n (escaped line break, \\r (carriage return), \\\\r (escaped carriage return), \\t (tab), \\\\t (escaped tab), and , (comma)." + } + } + }, + "aws-native:comprehend:FlywheelModelType": { + "type": "string" + }, + "aws-native:comprehend:FlywheelTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The initial part of a key-value pair that forms a tag associated with a given resource. For instance, if you want to show which resources are used by which departments, you might use \"Department\" as the key portion of the pair, with multiple possible values such as \"sales,\" \"legal,\" and \"administration.\"" + }, + "value": { + "type": "string", + "description": "The second part of a key-value pair that forms a tag associated with a given resource. For instance, if you want to show which resources are used by which departments, you might use \"Department\" as the initial (key) portion of the pair, with a value of \"sales\" to indicate the sales department." + } + } + }, + "aws-native:comprehend:FlywheelTaskConfig": { + "type": "object", + "properties": { + "documentClassificationConfig": { + "$ref": "#/types/aws-native:comprehend:FlywheelDocumentClassificationConfig", + "description": "Configuration required for a document classification model." + }, + "entityRecognitionConfig": { + "$ref": "#/types/aws-native:comprehend:FlywheelEntityRecognitionConfig", + "description": "Configuration required for an entity recognition model." + }, + "languageCode": { + "$ref": "#/types/aws-native:comprehend:FlywheelTaskConfigLanguageCode", + "description": "Language code for the language that the model supports." + } + } + }, + "aws-native:comprehend:FlywheelTaskConfigLanguageCode": { + "type": "string" + }, + "aws-native:comprehend:FlywheelVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you’ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) ." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC’s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) ." + } + } + }, + "aws-native:configuration:AggregationAuthorizationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:configuration:ComplianceProperties": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Compliance type determined by the Config rule" + } + } + }, + "aws-native:configuration:ConfigRuleCustomPolicyDetails": { + "type": "object", + "properties": { + "enableDebugLogDelivery": { + "type": "boolean", + "description": "The boolean expression for enabling debug logging for your CC Custom Policy rule. The default value is ``false``." + }, + "policyRuntime": { + "type": "string", + "description": "The runtime system for your CC Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by CC Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard)." + }, + "policyText": { + "type": "string", + "description": "The policy definition containing the logic for your CC Custom Policy rule." + } + } + }, + "aws-native:configuration:ConfigRuleEvaluationModeConfiguration": { + "type": "object", + "properties": { + "mode": { + "type": "string", + "description": "The mode of an evaluation. The valid values are Detective or Proactive." + } + } + }, + "aws-native:configuration:ConfigRuleScope": { + "type": "object", + "properties": { + "complianceResourceId": { + "type": "string", + "description": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for ``ComplianceResourceTypes``." + }, + "complianceResourceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for ``ComplianceResourceId``." + }, + "tagKey": { + "type": "string", + "description": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule." + }, + "tagValue": { + "type": "string", + "description": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for ``TagValue``, you must also specify a value for ``TagKey``." + } + } + }, + "aws-native:configuration:ConfigRuleSource": { + "type": "object", + "properties": { + "customPolicyDetails": { + "$ref": "#/types/aws-native:configuration:ConfigRuleCustomPolicyDetails", + "description": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to ``CUSTOM_POLICY``." + }, + "owner": { + "type": "string", + "description": "Indicates whether AWS or the customer owns and manages the CC rule.\n CC Managed Rules are predefined rules owned by AWS. For more information, see [Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *developer guide*.\n CC Custom Rules are rules that you can develop either with Guard (``CUSTOM_POLICY``) or LAMlong (``CUSTOM_LAMBDA``). For more information, see [Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *developer guide*." + }, + "sourceDetails": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:configuration:ConfigRuleSourceDetail" + }, + "description": "Provides the source and the message types that cause CC to evaluate your AWS resources against a rule. It also provides the frequency with which you want CC to run evaluations for the rule if the trigger type is periodic.\n If the owner is set to ``CUSTOM_POLICY``, the only acceptable values for the CC rule trigger message type are ``ConfigurationItemChangeNotification`` and ``OversizedConfigurationItemChangeNotification``." + }, + "sourceIdentifier": { + "type": "string", + "description": "For CC Managed rules, a predefined identifier from a list. For example, ``IAM_PASSWORD_POLICY`` is a managed rule. To reference a managed rule, see [List of Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html).\n For CC Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's LAMlong function, such as ``arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name``.\n For CC Custom Policy rules, this field will be ignored." + } + } + }, + "aws-native:configuration:ConfigRuleSourceDetail": { + "type": "object", + "properties": { + "eventSource": { + "type": "string", + "description": "The source of the event, such as an AWS service, that triggers CC to evaluate your AWS resources." + }, + "maximumExecutionFrequency": { + "type": "string", + "description": "The frequency at which you want CC to run evaluations for a custom rule with a periodic trigger. If you specify a value for ``MaximumExecutionFrequency``, then ``MessageType`` must use the ``ScheduledNotification`` value.\n By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the ``MaximumExecutionFrequency`` parameter.\n Based on the valid value you choose, CC runs evaluations once for each valid value. For example, if you choose ``Three_Hours``, CC runs evaluations once every three hours. In this case, ``Three_Hours`` is the frequency of this rule." + }, + "messageType": { + "type": "string", + "description": "The type of notification that triggers CC to run an evaluation for a rule. You can specify the following notification types:\n + ``ConfigurationItemChangeNotification`` - Triggers an evaluation when CC delivers a configuration item as a result of a resource change.\n + ``OversizedConfigurationItemChangeNotification`` - Triggers an evaluation when CC delivers an oversized configuration item. CC may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n + ``ScheduledNotification`` - Triggers a periodic evaluation at the frequency specified for ``MaximumExecutionFrequency``.\n + ``ConfigurationSnapshotDeliveryCompleted`` - Triggers a periodic evaluation when CC delivers a configuration snapshot.\n \n If you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for ``ConfigurationItemChangeNotification`` and one for ``OversizedConfigurationItemChangeNotification``." + } + } + }, + "aws-native:configuration:ConfigurationAggregatorAccountAggregationSource": { + "type": "object", + "properties": { + "accountIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The 12-digit account ID of the account being aggregated." + }, + "allAwsRegions": { + "type": "boolean", + "description": "If true, aggregate existing AWS Config regions and future regions." + }, + "awsRegions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The source regions being aggregated." + } + } + }, + "aws-native:configuration:ConfigurationAggregatorOrganizationAggregationSource": { + "type": "object", + "properties": { + "allAwsRegions": { + "type": "boolean", + "description": "If true, aggregate existing AWS Config regions and future regions." + }, + "awsRegions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The source regions being aggregated." + }, + "roleArn": { + "type": "string", + "description": "ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account." + } + } + }, + "aws-native:configuration:ConfigurationAggregatorTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:configuration:ConformancePackInputParameter": { + "type": "object", + "properties": { + "parameterName": { + "type": "string", + "description": "One part of a key-value pair." + }, + "parameterValue": { + "type": "string", + "description": "Another part of the key-value pair." + } + } + }, + "aws-native:configuration:OrganizationConformancePackConformancePackInputParameter": { + "type": "object", + "properties": { + "parameterName": { + "type": "string", + "description": "One part of a key-value pair." + }, + "parameterValue": { + "type": "string", + "description": "One part of a key-value pair." + } + } + }, + "aws-native:configuration:StoredQueryTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:configuration:TemplateSsmDocumentDetailsProperties": { + "type": "object", + "properties": { + "documentName": { + "type": "string", + "description": "The name or Amazon Resource Name (ARN) of the SSM document to use to create a conformance pack. If you use the document name, AWS Config checks only your account and AWS Region for the SSM document." + }, + "documentVersion": { + "type": "string", + "description": "The version of the SSM document to use to create a conformance pack. By default, AWS Config uses the latest version.\n\n\u003e This field is optional." + } + } + }, + "aws-native:connect:ConstraintsProperties": { + "type": "object", + "properties": { + "invisibleFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:TaskTemplateInvisibleFieldInfo" + }, + "description": "Lists the fields that are invisible to agents." + }, + "readOnlyFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:TaskTemplateReadOnlyFieldInfo" + }, + "description": "Lists the fields that are read-only to agents, and cannot be edited." + }, + "requiredFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:TaskTemplateRequiredFieldInfo" + }, + "description": "Lists the fields that are required to be filled by agents." + } + } + }, + "aws-native:connect:ContactFlowModuleTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is maximum of 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:connect:ContactFlowState": { + "type": "string" + }, + "aws-native:connect:ContactFlowTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. . You can specify a value that is maximum of 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:connect:ContactFlowType": { + "type": "string" + }, + "aws-native:connect:EvaluationFormBaseItem": { + "type": "object", + "properties": { + "section": { + "$ref": "#/types/aws-native:connect:EvaluationFormSection", + "description": "A subsection or inner section of an item." + } + } + }, + "aws-native:connect:EvaluationFormItem": { + "type": "object", + "properties": { + "question": { + "$ref": "#/types/aws-native:connect:EvaluationFormQuestion", + "description": "The information of the question." + }, + "section": { + "$ref": "#/types/aws-native:connect:EvaluationFormSection", + "description": "The information of the section." + } + } + }, + "aws-native:connect:EvaluationFormNumericQuestionAutomation": { + "type": "object", + "properties": { + "propertyValue": { + "$ref": "#/types/aws-native:connect:EvaluationFormNumericQuestionPropertyValueAutomation", + "description": "The property value of the automation." + } + } + }, + "aws-native:connect:EvaluationFormNumericQuestionOption": { + "type": "object", + "properties": { + "automaticFail": { + "type": "boolean", + "description": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0." + }, + "maxValue": { + "type": "integer", + "description": "The maximum answer value of the range option." + }, + "minValue": { + "type": "integer", + "description": "The minimum answer value of the range option." + }, + "score": { + "type": "integer", + "description": "The score assigned to answer values within the range option.\n *Minimum*: 0\n *Maximum*: 10" + } + } + }, + "aws-native:connect:EvaluationFormNumericQuestionProperties": { + "type": "object", + "properties": { + "automation": { + "$ref": "#/types/aws-native:connect:EvaluationFormNumericQuestionAutomation", + "description": "The automation properties of the numeric question." + }, + "maxValue": { + "type": "integer", + "description": "The maximum answer value." + }, + "minValue": { + "type": "integer", + "description": "The minimum answer value." + }, + "options": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:EvaluationFormNumericQuestionOption" + }, + "description": "The scoring options of the numeric question." + } + } + }, + "aws-native:connect:EvaluationFormNumericQuestionPropertyValueAutomation": { + "type": "object", + "properties": { + "label": { + "$ref": "#/types/aws-native:connect:EvaluationFormNumericQuestionPropertyValueAutomationLabel", + "description": "The property label of the automation." + } + } + }, + "aws-native:connect:EvaluationFormNumericQuestionPropertyValueAutomationLabel": { + "type": "string" + }, + "aws-native:connect:EvaluationFormQuestion": { + "type": "object", + "properties": { + "instructions": { + "type": "string", + "description": "The instructions of the section.\n *Length Constraints*: Minimum length of 0. Maximum length of 1024." + }, + "notApplicableEnabled": { + "type": "boolean", + "description": "The flag to enable not applicable answers to the question." + }, + "questionType": { + "$ref": "#/types/aws-native:connect:EvaluationFormQuestionQuestionType", + "description": "The type of the question.\n *Allowed values*: ``NUMERIC`` | ``SINGLESELECT`` | ``TEXT``" + }, + "questionTypeProperties": { + "$ref": "#/types/aws-native:connect:EvaluationFormQuestionTypeProperties", + "description": "The properties of the type of question. Text questions do not have to define question type properties." + }, + "refId": { + "type": "string", + "description": "The identifier of the question. An identifier must be unique within the evaluation form.\n *Length Constraints*: Minimum length of 1. Maximum length of 40." + }, + "title": { + "type": "string", + "description": "The title of the question.\n *Length Constraints*: Minimum length of 1. Maximum length of 350." + }, + "weight": { + "type": "number", + "description": "The scoring weight of the section.\n *Minimum*: 0\n *Maximum*: 100" + } + } + }, + "aws-native:connect:EvaluationFormQuestionQuestionType": { + "type": "string" + }, + "aws-native:connect:EvaluationFormQuestionTypeProperties": { + "type": "object", + "properties": { + "numeric": { + "$ref": "#/types/aws-native:connect:EvaluationFormNumericQuestionProperties", + "description": "The properties of the numeric question." + }, + "singleSelect": { + "$ref": "#/types/aws-native:connect:EvaluationFormSingleSelectQuestionProperties", + "description": "The properties of the numeric question." + } + } + }, + "aws-native:connect:EvaluationFormScoringStrategy": { + "type": "object", + "properties": { + "mode": { + "$ref": "#/types/aws-native:connect:EvaluationFormScoringStrategyMode", + "description": "The scoring mode of the evaluation form.\n *Allowed values*: ``QUESTION_ONLY`` | ``SECTION_ONLY``" + }, + "status": { + "$ref": "#/types/aws-native:connect:EvaluationFormScoringStrategyStatus", + "description": "The scoring status of the evaluation form.\n *Allowed values*: ``ENABLED`` | ``DISABLED``" + } + } + }, + "aws-native:connect:EvaluationFormScoringStrategyMode": { + "type": "string" + }, + "aws-native:connect:EvaluationFormScoringStrategyStatus": { + "type": "string" + }, + "aws-native:connect:EvaluationFormSection": { + "type": "object", + "properties": { + "instructions": { + "type": "string", + "description": "The instructions of the section." + }, + "items": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:EvaluationFormItem" + }, + "description": "The items of the section.\n *Minimum*: 1" + }, + "refId": { + "type": "string", + "description": "The identifier of the section. An identifier must be unique within the evaluation form.\n *Length Constraints*: Minimum length of 1. Maximum length of 40." + }, + "title": { + "type": "string", + "description": "The title of the section.\n *Length Constraints*: Minimum length of 1. Maximum length of 128." + }, + "weight": { + "type": "number", + "description": "The scoring weight of the section.\n *Minimum*: 0 \n *Maximum*: 100" + } + } + }, + "aws-native:connect:EvaluationFormSingleSelectQuestionAutomation": { + "type": "object", + "properties": { + "defaultOptionRefId": { + "type": "string", + "description": "The identifier of the default answer option, when none of the automation options match the criteria.\n *Length Constraints*: Minimum length of 1. Maximum length of 40." + }, + "options": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:EvaluationFormSingleSelectQuestionAutomationOption" + }, + "description": "The automation options of the single select question.\n *Minimum*: 1\n *Maximum*: 20" + } + } + }, + "aws-native:connect:EvaluationFormSingleSelectQuestionAutomationOption": { + "type": "object", + "properties": { + "ruleCategory": { + "$ref": "#/types/aws-native:connect:EvaluationFormSingleSelectQuestionRuleCategoryAutomation", + "description": "The automation option based on a rule category for the single select question." + } + } + }, + "aws-native:connect:EvaluationFormSingleSelectQuestionOption": { + "type": "object", + "properties": { + "automaticFail": { + "type": "boolean", + "description": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0." + }, + "refId": { + "type": "string", + "description": "The identifier of the answer option. An identifier must be unique within the question.\n *Length Constraints*: Minimum length of 1. Maximum length of 40." + }, + "score": { + "type": "integer", + "description": "The score assigned to the answer option.\n *Minimum*: 0\n *Maximum*: 10" + }, + "text": { + "type": "string", + "description": "The title of the answer option.\n *Length Constraints*: Minimum length of 1. Maximum length of 128." + } + } + }, + "aws-native:connect:EvaluationFormSingleSelectQuestionProperties": { + "type": "object", + "properties": { + "automation": { + "$ref": "#/types/aws-native:connect:EvaluationFormSingleSelectQuestionAutomation", + "description": "The display mode of the single select question." + }, + "displayAs": { + "$ref": "#/types/aws-native:connect:EvaluationFormSingleSelectQuestionPropertiesDisplayAs", + "description": "The display mode of the single select question.\n *Allowed values*: ``DROPDOWN`` | ``RADIO``" + }, + "options": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:EvaluationFormSingleSelectQuestionOption" + }, + "description": "The answer options of the single select question.\n *Minimum*: 2\n *Maximum*: 256" + } + } + }, + "aws-native:connect:EvaluationFormSingleSelectQuestionPropertiesDisplayAs": { + "type": "string" + }, + "aws-native:connect:EvaluationFormSingleSelectQuestionRuleCategoryAutomation": { + "type": "object", + "properties": { + "category": { + "type": "string", + "description": "The category name, as defined in Rules.\n *Minimum*: 1\n *Maximum*: 50" + }, + "condition": { + "$ref": "#/types/aws-native:connect:EvaluationFormSingleSelectQuestionRuleCategoryAutomationCondition", + "description": "The condition to apply for the automation option. If the condition is PRESENT, then the option is applied when the contact data includes the category. Similarly, if the condition is NOT_PRESENT, then the option is applied when the contact data does not include the category.\n *Allowed values*: ``PRESENT`` | ``NOT_PRESENT`` \n *Maximum*: 50" + }, + "optionRefId": { + "type": "string", + "description": "The identifier of the answer option. An identifier must be unique within the question.\n *Length Constraints*: Minimum length of 1. Maximum length of 40." + } + } + }, + "aws-native:connect:EvaluationFormSingleSelectQuestionRuleCategoryAutomationCondition": { + "type": "string" + }, + "aws-native:connect:EvaluationFormStatus": { + "type": "string" + }, + "aws-native:connect:EvaluationFormTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -" + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -" + } + } + }, + "aws-native:connect:HoursOfOperationConfig": { + "type": "object", + "properties": { + "day": { + "$ref": "#/types/aws-native:connect:HoursOfOperationConfigDay", + "description": "The day that the hours of operation applies to." + }, + "endTime": { + "$ref": "#/types/aws-native:connect:HoursOfOperationTimeSlice", + "description": "The end time that your contact center closes." + }, + "startTime": { + "$ref": "#/types/aws-native:connect:HoursOfOperationTimeSlice", + "description": "The start time that your contact center opens." + } + } + }, + "aws-native:connect:HoursOfOperationConfigDay": { + "type": "string" + }, + "aws-native:connect:HoursOfOperationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is maximum of 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:connect:HoursOfOperationTimeSlice": { + "type": "object", + "properties": { + "hours": { + "type": "integer", + "description": "The hours." + }, + "minutes": { + "type": "integer", + "description": "The minutes." + } + } + }, + "aws-native:connect:InstanceAttributes": { + "type": "object", + "properties": { + "autoResolveBestVoices": { + "type": "boolean" + }, + "contactLens": { + "type": "boolean" + }, + "contactflowLogs": { + "type": "boolean" + }, + "earlyMedia": { + "type": "boolean" + }, + "inboundCalls": { + "type": "boolean" + }, + "outboundCalls": { + "type": "boolean" + }, + "useCustomTtsVoices": { + "type": "boolean" + } + }, + "irreversibleNames": { + "useCustomTtsVoices": "UseCustomTTSVoices" + } + }, + "aws-native:connect:InstanceIdentityManagementType": { + "type": "string" + }, + "aws-native:connect:InstanceStatus": { + "type": "string" + }, + "aws-native:connect:InstanceStorageConfigEncryptionConfig": { + "type": "object", + "properties": { + "encryptionType": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigEncryptionType", + "description": "The type of encryption." + }, + "keyId": { + "type": "string", + "description": "The full ARN of the encryption key.\n\n\u003e Be sure to provide the full ARN of the encryption key, not just the ID.\n\u003e \n\u003e Amazon Connect supports only KMS keys with the default key spec of [`SYMMETRIC_DEFAULT`](https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default) ." + } + } + }, + "aws-native:connect:InstanceStorageConfigEncryptionType": { + "type": "string" + }, + "aws-native:connect:InstanceStorageConfigInstanceStorageResourceType": { + "type": "string" + }, + "aws-native:connect:InstanceStorageConfigKinesisFirehoseConfig": { + "type": "object", + "properties": { + "firehoseArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the delivery stream." + } + } + }, + "aws-native:connect:InstanceStorageConfigKinesisStreamConfig": { + "type": "object", + "properties": { + "streamArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the data stream." + } + } + }, + "aws-native:connect:InstanceStorageConfigKinesisVideoStreamConfig": { + "type": "object", + "properties": { + "encryptionConfig": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigEncryptionConfig", + "description": "The encryption configuration." + }, + "prefix": { + "type": "string", + "description": "The prefix of the video stream." + }, + "retentionPeriodHours": { + "type": "number", + "description": "The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream.\n\nThe default value is 0, indicating that the stream does not persist data." + } + } + }, + "aws-native:connect:InstanceStorageConfigS3Config": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The S3 bucket name." + }, + "bucketPrefix": { + "type": "string", + "description": "The S3 bucket prefix." + }, + "encryptionConfig": { + "$ref": "#/types/aws-native:connect:InstanceStorageConfigEncryptionConfig", + "description": "The Amazon S3 encryption configuration." + } + } + }, + "aws-native:connect:InstanceStorageConfigStorageType": { + "type": "string" + }, + "aws-native:connect:InstanceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:connect:IntegrationAssociationIntegrationType": { + "type": "string" + }, + "aws-native:connect:PhoneNumberTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:connect:PromptTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:connect:QueueOutboundCallerConfig": { + "type": "object", + "properties": { + "outboundCallerIdName": { + "type": "string", + "description": "The caller ID name." + }, + "outboundCallerIdNumberArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the outbound caller ID number.\n\n\u003e Only use the phone number ARN format that doesn't contain `instance` in the path, for example, `arn:aws:connect:us-east-1:1234567890:phone-number/uuid` . This is the same ARN format that is returned when you create a phone number using CloudFormation , or when you call the [ListPhoneNumbersV2](https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html) API." + }, + "outboundFlowArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the outbound flow." + } + } + }, + "aws-native:connect:QueueStatus": { + "type": "string" + }, + "aws-native:connect:QueueTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -" + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -" + } + } + }, + "aws-native:connect:QueueType": { + "type": "string" + }, + "aws-native:connect:QuickConnectConfig": { + "type": "object", + "properties": { + "phoneConfig": { + "$ref": "#/types/aws-native:connect:QuickConnectPhoneNumberQuickConnectConfig", + "description": "The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER." + }, + "queueConfig": { + "$ref": "#/types/aws-native:connect:QuickConnectQueueQuickConnectConfig", + "description": "The queue configuration. This is required only if QuickConnectType is QUEUE." + }, + "quickConnectType": { + "$ref": "#/types/aws-native:connect:QuickConnectType", + "description": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE)." + }, + "userConfig": { + "$ref": "#/types/aws-native:connect:QuickConnectUserQuickConnectConfig", + "description": "The user configuration. This is required only if QuickConnectType is USER." + } + } + }, + "aws-native:connect:QuickConnectPhoneNumberQuickConnectConfig": { + "type": "object", + "properties": { + "phoneNumber": { + "type": "string", + "description": "The phone number in E.164 format." + } + } + }, + "aws-native:connect:QuickConnectQueueQuickConnectConfig": { + "type": "object", + "properties": { + "contactFlowArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the flow." + }, + "queueArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the queue." + } + } + }, + "aws-native:connect:QuickConnectTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is maximum of 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:connect:QuickConnectType": { + "type": "string" + }, + "aws-native:connect:QuickConnectUserQuickConnectConfig": { + "type": "object", + "properties": { + "contactFlowArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the flow." + }, + "userArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the user." + } + } + }, + "aws-native:connect:RoutingProfileAgentAvailabilityTimer": { + "type": "string" + }, + "aws-native:connect:RoutingProfileBehaviorType": { + "type": "string" + }, + "aws-native:connect:RoutingProfileChannel": { + "type": "string" + }, + "aws-native:connect:RoutingProfileCrossChannelBehavior": { + "type": "object", + "properties": { + "behaviorType": { + "$ref": "#/types/aws-native:connect:RoutingProfileBehaviorType", + "description": "Specifies the other channels that can be routed to an agent handling their current channel." + } + } + }, + "aws-native:connect:RoutingProfileMediaConcurrency": { + "type": "object", + "properties": { + "channel": { + "$ref": "#/types/aws-native:connect:RoutingProfileChannel", + "description": "The channels that agents can handle in the Contact Control Panel (CCP)." + }, + "concurrency": { + "type": "integer", + "description": "The number of contacts an agent can have on a channel simultaneously.\n\nValid Range for `VOICE` : Minimum value of 1. Maximum value of 1.\n\nValid Range for `CHAT` : Minimum value of 1. Maximum value of 10.\n\nValid Range for `TASK` : Minimum value of 1. Maximum value of 10." + }, + "crossChannelBehavior": { + "$ref": "#/types/aws-native:connect:RoutingProfileCrossChannelBehavior", + "description": "Defines the cross-channel routing behavior for each channel that is enabled for this Routing Profile. For example, this allows you to offer an agent a different contact from another channel when they are currently working with a contact from a Voice channel." + } + } + }, + "aws-native:connect:RoutingProfileQueueConfig": { + "type": "object", + "properties": { + "delay": { + "type": "integer", + "description": "The delay, in seconds, a contact should be in the queue before they are routed to an available agent. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) in the *Amazon Connect Administrator Guide* ." + }, + "priority": { + "type": "integer", + "description": "The order in which contacts are to be handled for the queue. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) ." + }, + "queueReference": { + "$ref": "#/types/aws-native:connect:RoutingProfileQueueReference", + "description": "Contains information about a queue resource." + } + } + }, + "aws-native:connect:RoutingProfileQueueReference": { + "type": "object", + "properties": { + "channel": { + "$ref": "#/types/aws-native:connect:RoutingProfileChannel", + "description": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile." + }, + "queueArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the queue." + } + } + }, + "aws-native:connect:RoutingProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:connect:RuleActions": { + "type": "object", + "properties": { + "assignContactCategoryActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RuleAssignContactCategoryAction" + }, + "description": "Information about the contact category action. The syntax can be empty, for example, `{}` ." + }, + "createCaseActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RuleCreateCaseAction" + } + }, + "endAssociatedTasksActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RuleEndAssociatedTasksAction" + } + }, + "eventBridgeActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RuleEventBridgeAction" + }, + "description": "Information about the EventBridge action." + }, + "sendNotificationActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RuleSendNotificationAction" + }, + "description": "Information about the send notification action." + }, + "submitAutoEvaluationActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RuleSubmitAutoEvaluationAction" + } + }, + "taskActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RuleTaskAction" + }, + "description": "Information about the task action. This field is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`" + }, + "updateCaseActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RuleUpdateCaseAction" + } + } + } + }, + "aws-native:connect:RuleAssignContactCategoryAction": { + "type": "object" + }, + "aws-native:connect:RuleCreateCaseAction": { + "type": "object", + "properties": { + "fields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RuleField" + } + }, + "templateId": { + "type": "string", + "description": "The Id of template." + } + } + }, + "aws-native:connect:RuleEndAssociatedTasksAction": { + "type": "object" + }, + "aws-native:connect:RuleEventBridgeAction": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the event bridge action." + } + } + }, + "aws-native:connect:RuleField": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The Id of the field" + }, + "value": { + "$ref": "#/types/aws-native:connect:RuleFieldValue" + } + } + }, + "aws-native:connect:RuleFieldValue": { + "type": "object", + "properties": { + "booleanValue": { + "type": "boolean" + }, + "doubleValue": { + "type": "number" + }, + "emptyValue": { + "$ref": "pulumi.json#/Any" + }, + "stringValue": { + "type": "string" + } + } + }, + "aws-native:connect:RuleNotificationRecipientType": { + "type": "object", + "properties": { + "userArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of recipients by user arns." + }, + "userTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The collection of recipients who are identified by user tags" + } + } + }, + "aws-native:connect:RulePublishStatus": { + "type": "string" + }, + "aws-native:connect:RuleReference": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:connect:RuleReferenceType" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:connect:RuleReferenceType": { + "type": "string" + }, + "aws-native:connect:RuleSendNotificationAction": { + "type": "object", + "properties": { + "content": { + "type": "string", + "description": "The content of notification." + }, + "contentType": { + "$ref": "#/types/aws-native:connect:RuleSendNotificationActionContentType", + "description": "The type of content." + }, + "deliveryMethod": { + "$ref": "#/types/aws-native:connect:RuleSendNotificationActionDeliveryMethod", + "description": "The means of delivery." + }, + "recipient": { + "$ref": "#/types/aws-native:connect:RuleNotificationRecipientType" + }, + "subject": { + "type": "string", + "description": "The subject of notification." + } + } + }, + "aws-native:connect:RuleSendNotificationActionContentType": { + "type": "string" + }, + "aws-native:connect:RuleSendNotificationActionDeliveryMethod": { + "type": "string" + }, + "aws-native:connect:RuleSubmitAutoEvaluationAction": { + "type": "object", + "properties": { + "evaluationFormArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the evaluation form." + } + } + }, + "aws-native:connect:RuleTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that's 1 to 256 characters in length." + } + } + }, + "aws-native:connect:RuleTaskAction": { + "type": "object", + "properties": { + "contactFlowArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the contact flow." + }, + "description": { + "type": "string", + "description": "The description which appears in the agent's Contact Control Panel (CCP)." + }, + "name": { + "type": "string", + "description": "The name which appears in the agent's Contact Control Panel (CCP)." + }, + "references": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:connect:RuleReference" + }, + "description": "A formatted URL that is shown to an agent in the Contact Control Panel (CCP)." + } + } + }, + "aws-native:connect:RuleTriggerEventSource": { + "type": "object", + "properties": { + "eventSourceName": { + "$ref": "#/types/aws-native:connect:RuleTriggerEventSourceEventSourceName", + "description": "The name of event source." + }, + "integrationAssociationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the AppIntegration association." + } + } + }, + "aws-native:connect:RuleTriggerEventSourceEventSourceName": { + "type": "string" + }, + "aws-native:connect:RuleUpdateCaseAction": { + "type": "object", + "properties": { + "fields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:connect:RuleField" + } + } + } + }, + "aws-native:connect:SecurityProfileApplication": { + "type": "object", + "properties": { + "applicationPermissions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The permissions that the agent is granted on the application" + }, + "namespace": { + "type": "string", + "description": "Namespace of the application that you want to give access to." + } + } + }, + "aws-native:connect:SecurityProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:connect:TaskTemplateDefaultFieldValue": { + "type": "object", + "properties": { + "defaultValue": { + "type": "string", + "description": "Default value for the field." + }, + "id": { + "$ref": "#/types/aws-native:connect:TaskTemplateFieldIdentifier", + "description": "Identifier of a field." + } + } + }, + "aws-native:connect:TaskTemplateField": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The description of the task template's field" + }, + "id": { + "$ref": "#/types/aws-native:connect:TaskTemplateFieldIdentifier", + "description": "The unique identifier for the field." + }, + "singleSelectOptions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "list of field options to be used with single select" + }, + "type": { + "$ref": "#/types/aws-native:connect:TaskTemplateFieldType", + "description": "Indicates the type of field. Following are the valid field types: `NAME` `DESCRIPTION` | `SCHEDULED_TIME` | `QUICK_CONNECT` | `URL` | `NUMBER` | `TEXT` | `TEXT_AREA` | `DATE_TIME` | `BOOLEAN` | `SINGLE_SELECT` | `EMAIL`" + } + } + }, + "aws-native:connect:TaskTemplateFieldIdentifier": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the task template field" + } + } + }, + "aws-native:connect:TaskTemplateFieldType": { + "type": "string" + }, + "aws-native:connect:TaskTemplateInvisibleFieldInfo": { + "type": "object", + "properties": { + "id": { + "$ref": "#/types/aws-native:connect:TaskTemplateFieldIdentifier" + } + } + }, + "aws-native:connect:TaskTemplateReadOnlyFieldInfo": { + "type": "object", + "properties": { + "id": { + "$ref": "#/types/aws-native:connect:TaskTemplateFieldIdentifier" + } + } + }, + "aws-native:connect:TaskTemplateRequiredFieldInfo": { + "type": "object", + "properties": { + "id": { + "$ref": "#/types/aws-native:connect:TaskTemplateFieldIdentifier" + } + } + }, + "aws-native:connect:TaskTemplateStatus": { + "type": "string" + }, + "aws-native:connect:TaskTemplateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. . You can specify a value that is maximum of 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:connect:TrafficDistributionGroupStatus": { + "type": "string" + }, + "aws-native:connect:TrafficDistributionGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:connect:UserHierarchyGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is maximum of 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:connect:UserIdentityInfo": { + "type": "object", + "properties": { + "email": { + "type": "string", + "description": "The email address. If you are using SAML for identity management and include this parameter, an error is returned." + }, + "firstName": { + "type": "string", + "description": "The first name. This is required if you are using Amazon Connect or SAML for identity management." + }, + "lastName": { + "type": "string", + "description": "The last name. This is required if you are using Amazon Connect or SAML for identity management." + }, + "mobile": { + "type": "string", + "description": "The user's mobile number." + }, + "secondaryEmail": { + "type": "string", + "description": "The user's secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address.\n\n*Pattern* : `(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,63}`" + } + } + }, + "aws-native:connect:UserPhoneConfig": { + "type": "object", + "properties": { + "afterContactWorkTimeLimit": { + "type": "integer", + "description": "The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW.\n\n\u003e When returned by a `SearchUsers` call, `AfterContactWorkTimeLimit` is returned in milliseconds." + }, + "autoAccept": { + "type": "boolean", + "description": "The Auto accept setting." + }, + "deskPhoneNumber": { + "type": "string", + "description": "The phone number for the user's desk phone." + }, + "phoneType": { + "$ref": "#/types/aws-native:connect:UserPhoneType", + "description": "The phone type." + } + } + }, + "aws-native:connect:UserPhoneType": { + "type": "string" + }, + "aws-native:connect:UserProficiency": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "The name of user’s proficiency. You must use a predefined attribute name that is present in the Amazon Connect instance." + }, + "attributeValue": { + "type": "string", + "description": "The value of user’s proficiency. You must use a predefined attribute value that is present in the Amazon Connect instance." + }, + "level": { + "type": "number", + "description": "The level of the proficiency. The valid values are 1, 2, 3, 4 and 5." + } + } + }, + "aws-native:connect:UserTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is maximum of 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:connect:ValuesProperties": { + "type": "object", + "properties": { + "stringList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Predefined attribute values of type string list." + } + } + }, + "aws-native:connect:ViewTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters" + }, + "value": { + "type": "string", + "description": "The value for the tag. . You can specify a value that is maximum of 256 Unicode characters" + } + } + }, + "aws-native:connectcampaigns:CampaignAgentlessDialerConfig": { + "type": "object", + "properties": { + "dialingCapacity": { + "type": "number", + "description": "Allocates dialing capacity for this campaign between multiple active campaigns." + } + } + }, + "aws-native:connectcampaigns:CampaignAnswerMachineDetectionConfig": { + "type": "object", + "properties": { + "awaitAnswerMachinePrompt": { + "type": "boolean", + "description": "Enables detection of prompts (e.g., beep after after a voicemail greeting)" + }, + "enableAnswerMachineDetection": { + "type": "boolean", + "description": "Flag to decided whether outbound calls should have answering machine detection enabled or not" + } + } + }, + "aws-native:connectcampaigns:CampaignDialerConfig": { + "type": "object", + "properties": { + "agentlessDialerConfig": { + "$ref": "#/types/aws-native:connectcampaigns:CampaignAgentlessDialerConfig", + "description": "The configuration of the agentless dialer." + }, + "predictiveDialerConfig": { + "$ref": "#/types/aws-native:connectcampaigns:CampaignPredictiveDialerConfig", + "description": "The configuration of the predictive dialer." + }, + "progressiveDialerConfig": { + "$ref": "#/types/aws-native:connectcampaigns:CampaignProgressiveDialerConfig", + "description": "The configuration of the progressive dialer." + } + } + }, + "aws-native:connectcampaigns:CampaignOutboundCallConfig": { + "type": "object", + "properties": { + "answerMachineDetectionConfig": { + "$ref": "#/types/aws-native:connectcampaigns:CampaignAnswerMachineDetectionConfig", + "description": "Whether answering machine detection has been enabled." + }, + "connectContactFlowArn": { + "type": "string", + "description": "The identifier of the contact flow for the outbound call." + }, + "connectQueueArn": { + "type": "string", + "description": "The queue for the call. If you specify a queue, the phone displayed for caller ID is the phone number specified in the queue. If you do not specify a queue, the queue defined in the contact flow is used. If you do not specify a queue, you must specify a source phone number." + }, + "connectSourcePhoneNumber": { + "type": "string", + "description": "The phone number associated with the Amazon Connect instance, in E.164 format. If you do not specify a source phone number, you must specify a queue." + } + } + }, + "aws-native:connectcampaigns:CampaignPredictiveDialerConfig": { + "type": "object", + "properties": { + "bandwidthAllocation": { + "type": "number", + "description": "The bandwidth allocation of a queue resource." + }, + "dialingCapacity": { + "type": "number", + "description": "Allocates dialing capacity for this campaign between multiple active campaigns." + } + } + }, + "aws-native:connectcampaigns:CampaignProgressiveDialerConfig": { + "type": "object", + "properties": { + "bandwidthAllocation": { + "type": "number", + "description": "The bandwidth allocation of a queue resource." + }, + "dialingCapacity": { + "type": "number", + "description": "Allocates dialing capacity for this campaign between multiple active campaigns." + } + } + }, + "aws-native:connectcampaigns:CampaignTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that's 1 to 256 characters in length." + } + } + }, + "aws-native:controltower:EnabledBaselineParameter": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string denoting the parameter key." + }, + "value": { + "oneOf": [ + { + "type": "string" + }, + { + "$ref": "pulumi.json#/Any" + }, + { + "type": "number" + }, + { + "type": "array", + "items": { + "oneOf": [ + { + "type": "boolean" + }, + { + "type": "number" + }, + { + "$ref": "pulumi.json#/Any" + }, + { + "type": "string" + } + ] + } + }, + { + "type": "boolean" + } + ], + "description": "A low-level `Document` object of any type (for example, a Java Object)." + } + } + }, + "aws-native:controltower:EnabledBaselineTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string that identifies a key-value pair." + }, + "value": { + "type": "string", + "description": "A string parameter that describes an `EnabledBaseline` resource." + } + } + }, + "aws-native:controltower:EnabledControlParameter": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of a key/value pair. It is of type `string` ." + }, + "value": { + "oneOf": [ + { + "type": "array", + "items": { + "oneOf": [ + { + "type": "string" + }, + { + "type": "number" + }, + { + "$ref": "pulumi.json#/Any" + }, + { + "type": "boolean" + } + ] + } + }, + { + "type": "string" + }, + { + "type": "number" + }, + { + "$ref": "pulumi.json#/Any" + }, + { + "type": "boolean" + } + ], + "description": "The value of a key/value pair. It can be of type `array` , `string` , `number` , `object` , or `boolean` . [Note: The *Type* field that follows may show a single type such as Number, which is only one possible type.]" + } + } + }, + "aws-native:controltower:EnabledControlTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:." + } + } + }, + "aws-native:controltower:LandingZoneDriftStatus": { + "type": "string" + }, + "aws-native:controltower:LandingZoneStatus": { + "type": "string" + }, + "aws-native:controltower:LandingZoneTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with `aws:` . digits, whitespace, `_` , `.` , `:` , `/` , `=` , `+` , `@` , `-` , and `\"` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_` , `.` , `/` , `=` , `+` , and `-` .\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + } + }, + "aws-native:customerprofiles:CalculatedAttributeDefinitionAttributeDetails": { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:CalculatedAttributeDefinitionAttributeItem" + }, + "description": "Mathematical expression and a list of attribute items specified in that expression." + }, + "expression": { + "type": "string", + "description": "Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of \\\"{ObjectTypeName.AttributeName}\\\"." + } + } + }, + "aws-native:customerprofiles:CalculatedAttributeDefinitionAttributeItem": { + "type": "object", + "properties": { + "name": { + "type": "string" + } + } + }, + "aws-native:customerprofiles:CalculatedAttributeDefinitionConditions": { + "type": "object", + "properties": { + "objectCount": { + "type": "integer", + "description": "The number of profile objects used for the calculated attribute." + }, + "range": { + "$ref": "#/types/aws-native:customerprofiles:CalculatedAttributeDefinitionRange", + "description": "The relative time period over which data is included in the aggregation." + }, + "threshold": { + "$ref": "#/types/aws-native:customerprofiles:CalculatedAttributeDefinitionThreshold", + "description": "The threshold for the calculated attribute." + } + } + }, + "aws-native:customerprofiles:CalculatedAttributeDefinitionRange": { + "type": "object", + "properties": { + "unit": { + "$ref": "#/types/aws-native:customerprofiles:CalculatedAttributeDefinitionRangeUnit", + "description": "The unit of time." + }, + "value": { + "type": "integer", + "description": "The amount of time of the specified unit." + } + } + }, + "aws-native:customerprofiles:CalculatedAttributeDefinitionRangeUnit": { + "type": "string" + }, + "aws-native:customerprofiles:CalculatedAttributeDefinitionStatistic": { + "type": "string" + }, + "aws-native:customerprofiles:CalculatedAttributeDefinitionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:customerprofiles:CalculatedAttributeDefinitionThreshold": { + "type": "object", + "properties": { + "operator": { + "$ref": "#/types/aws-native:customerprofiles:CalculatedAttributeDefinitionThresholdOperator", + "description": "The operator of the threshold." + }, + "value": { + "type": "string", + "description": "The value of the threshold." + } + } + }, + "aws-native:customerprofiles:CalculatedAttributeDefinitionThresholdOperator": { + "type": "string" + }, + "aws-native:customerprofiles:DestinationDetailsProperties": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:customerprofiles:EventStreamStatus", + "description": "The status of enabling the Kinesis stream as a destination for export." + }, + "uri": { + "type": "string", + "description": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name." + } + } + }, + "aws-native:customerprofiles:DomainAttributeTypesSelector": { + "type": "object", + "properties": { + "address": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Address type. You can choose from Address, BusinessAddress, MaillingAddress, and ShippingAddress. You only can use the Address type in the MatchingRule. For example, if you want to match profile based on BusinessAddress.City or MaillingAddress.City, you need to choose the BusinessAddress and the MaillingAddress to represent the Address type and specify the Address.City on the matching rule." + }, + "attributeMatchingModel": { + "$ref": "#/types/aws-native:customerprofiles:DomainAttributeTypesSelectorAttributeMatchingModel", + "description": "Configures the AttributeMatchingModel, you can either choose ONE_TO_ONE or MANY_TO_MANY." + }, + "emailAddress": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Email type. You can choose from EmailAddress, BusinessEmailAddress and PersonalEmailAddress. You only can use the EmailAddress type in the MatchingRule. For example, if you want to match profile based on PersonalEmailAddress or BusinessEmailAddress, you need to choose the PersonalEmailAddress and the BusinessEmailAddress to represent the EmailAddress type and only specify the EmailAddress on the matching rule." + }, + "phoneNumber": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The PhoneNumber type. You can choose from PhoneNumber, HomePhoneNumber, and MobilePhoneNumber. You only can use the PhoneNumber type in the MatchingRule. For example, if you want to match a profile based on Phone or HomePhone, you need to choose the Phone and the HomePhone to represent the PhoneNumber type and only specify the PhoneNumber on the matching rule." + } + } + }, + "aws-native:customerprofiles:DomainAttributeTypesSelectorAttributeMatchingModel": { + "type": "string" + }, + "aws-native:customerprofiles:DomainAutoMerging": { + "type": "object", + "properties": { + "conflictResolution": { + "$ref": "#/types/aws-native:customerprofiles:DomainConflictResolution", + "description": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used." + }, + "consolidation": { + "$ref": "#/types/aws-native:customerprofiles:DomainConsolidation", + "description": "A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged." + }, + "enabled": { + "type": "boolean", + "description": "The flag that enables the auto-merging of duplicate profiles." + }, + "minAllowedConfidenceScoreForMerging": { + "type": "number", + "description": "A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means higher similarity required to merge profiles." + } + } + }, + "aws-native:customerprofiles:DomainConflictResolution": { + "type": "object", + "properties": { + "conflictResolvingModel": { + "$ref": "#/types/aws-native:customerprofiles:DomainConflictResolutionConflictResolvingModel", + "description": "How the auto-merging process should resolve conflicts between different profiles." + }, + "sourceName": { + "type": "string", + "description": "The ObjectType name that is used to resolve profile merging conflicts when choosing SOURCE as the ConflictResolvingModel." + } + } + }, + "aws-native:customerprofiles:DomainConflictResolutionConflictResolvingModel": { + "type": "string" + }, + "aws-native:customerprofiles:DomainConsolidation": { + "type": "object", + "properties": { + "matchingAttributesList": { + "type": "array", + "items": { + "type": "array", + "items": { + "type": "string" + } + }, + "description": "A list of matching criteria." + } + } + }, + "aws-native:customerprofiles:DomainExportingConfig": { + "type": "object", + "properties": { + "s3Exporting": { + "$ref": "#/types/aws-native:customerprofiles:DomainS3ExportingConfig" + } + }, + "irreversibleNames": { + "s3Exporting": "S3Exporting" + } + }, + "aws-native:customerprofiles:DomainJobSchedule": { + "type": "object", + "properties": { + "dayOfTheWeek": { + "$ref": "#/types/aws-native:customerprofiles:DomainJobScheduleDayOfTheWeek", + "description": "The day when the Identity Resolution Job should run every week." + }, + "time": { + "type": "string", + "description": "The time when the Identity Resolution Job should run every week." + } + } + }, + "aws-native:customerprofiles:DomainJobScheduleDayOfTheWeek": { + "type": "string" + }, + "aws-native:customerprofiles:DomainMatching": { + "type": "object", + "properties": { + "autoMerging": { + "$ref": "#/types/aws-native:customerprofiles:DomainAutoMerging", + "description": "Configuration information about the auto-merging process." + }, + "enabled": { + "type": "boolean", + "description": "The flag that enables the matching process of duplicate profiles." + }, + "exportingConfig": { + "$ref": "#/types/aws-native:customerprofiles:DomainExportingConfig", + "description": "The S3 location where Identity Resolution Jobs write result files." + }, + "jobSchedule": { + "$ref": "#/types/aws-native:customerprofiles:DomainJobSchedule", + "description": "The day and time when do you want to start the Identity Resolution Job every week." + } + } + }, + "aws-native:customerprofiles:DomainMatchingRule": { + "type": "object", + "properties": { + "rule": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A single rule level of the `MatchRules` . Configures how the rule-based matching process should match profiles." + } + } + }, + "aws-native:customerprofiles:DomainRuleBasedMatching": { + "type": "object", + "properties": { + "attributeTypesSelector": { + "$ref": "#/types/aws-native:customerprofiles:DomainAttributeTypesSelector", + "description": "Configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles." + }, + "conflictResolution": { + "$ref": "#/types/aws-native:customerprofiles:DomainConflictResolution", + "description": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used." + }, + "enabled": { + "type": "boolean", + "description": "The flag that enables the rule-based matching process of duplicate profiles." + }, + "exportingConfig": { + "$ref": "#/types/aws-native:customerprofiles:DomainExportingConfig", + "description": "The S3 location where Identity Resolution Jobs write result files." + }, + "matchingRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:DomainMatchingRule" + }, + "description": "Configures how the rule-based matching process should match profiles. You can have up to 15 MatchingRule in the MatchingRules." + }, + "maxAllowedRuleLevelForMatching": { + "type": "integer", + "description": "Indicates the maximum allowed rule level for matching." + }, + "maxAllowedRuleLevelForMerging": { + "type": "integer", + "description": "Indicates the maximum allowed rule level for merging." + }, + "status": { + "$ref": "#/types/aws-native:customerprofiles:DomainRuleBasedMatchingStatus", + "description": "The status of rule-based matching rule." + } + } + }, + "aws-native:customerprofiles:DomainRuleBasedMatchingStatus": { + "type": "string" + }, + "aws-native:customerprofiles:DomainS3ExportingConfig": { + "type": "object", + "properties": { + "s3BucketName": { + "type": "string", + "description": "The name of the S3 bucket where Identity Resolution Jobs write result files." + }, + "s3KeyName": { + "type": "string", + "description": "The S3 key name of the location where Identity Resolution Jobs write result files." + } + }, + "irreversibleNames": { + "s3BucketName": "S3BucketName", + "s3KeyName": "S3KeyName" + } + }, + "aws-native:customerprofiles:DomainStats": { + "type": "object", + "properties": { + "meteringProfileCount": { + "type": "number", + "description": "The number of profiles that you are currently paying for in the domain. If you have more than 100 objects associated with a single profile, that profile counts as two profiles. If you have more than 200 objects, that profile counts as three, and so on." + }, + "objectCount": { + "type": "number", + "description": "The total number of objects in domain." + }, + "profileCount": { + "type": "number", + "description": "The total number of profiles currently in the domain." + }, + "totalSize": { + "type": "number", + "description": "The total size, in bytes, of all objects in the domain." + } + } + }, + "aws-native:customerprofiles:DomainTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources." + }, + "value": { + "type": "string", + "description": "The value for the specified tag key." + } + } + }, + "aws-native:customerprofiles:EventStreamState": { + "type": "string" + }, + "aws-native:customerprofiles:EventStreamStatus": { + "type": "string" + }, + "aws-native:customerprofiles:EventStreamTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:customerprofiles:IntegrationConnectorOperator": { + "type": "object", + "properties": { + "marketo": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationMarketoConnectorOperator", + "description": "The operation to be performed on the provided Marketo source fields." + }, + "s3": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationS3ConnectorOperator", + "description": "The operation to be performed on the provided Amazon S3 source fields." + }, + "salesforce": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationSalesforceConnectorOperator", + "description": "The operation to be performed on the provided Salesforce source fields." + }, + "serviceNow": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationServiceNowConnectorOperator", + "description": "The operation to be performed on the provided ServiceNow source fields." + }, + "zendesk": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationZendeskConnectorOperator", + "description": "The operation to be performed on the provided Zendesk source fields." + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:customerprofiles:IntegrationConnectorType": { + "type": "string" + }, + "aws-native:customerprofiles:IntegrationFlowDefinition": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "A description of the flow you want to create." + }, + "flowName": { + "type": "string", + "description": "The specified name of the flow. Use underscores (_) or hyphens (-) only. Spaces are not allowed." + }, + "kmsArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key you provide for encryption." + }, + "sourceFlowConfig": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationSourceFlowConfig", + "description": "The configuration that controls how Customer Profiles retrieves data from the source." + }, + "tasks": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationTask" + }, + "description": "A list of tasks that Customer Profiles performs while transferring the data in the flow run." + }, + "triggerConfig": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationTriggerConfig", + "description": "The trigger settings that determine how and when the flow runs." + } + } + }, + "aws-native:customerprofiles:IntegrationIncrementalPullConfig": { + "type": "object", + "properties": { + "datetimeTypeFieldName": { + "type": "string", + "description": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source." + } + } + }, + "aws-native:customerprofiles:IntegrationMarketoConnectorOperator": { + "type": "string" + }, + "aws-native:customerprofiles:IntegrationMarketoSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Marketo flow source." + } + } + }, + "aws-native:customerprofiles:IntegrationObjectTypeMapping": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key." + }, + "value": { + "type": "string", + "description": "The value." + } + } + }, + "aws-native:customerprofiles:IntegrationOperatorPropertiesKeys": { + "type": "string" + }, + "aws-native:customerprofiles:IntegrationS3ConnectorOperator": { + "type": "string" + }, + "aws-native:customerprofiles:IntegrationS3SourceProperties": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The Amazon S3 bucket name where the source files are stored." + }, + "bucketPrefix": { + "type": "string", + "description": "The object key for the Amazon S3 bucket in which the source files are stored." + } + } + }, + "aws-native:customerprofiles:IntegrationSalesforceConnectorOperator": { + "type": "string" + }, + "aws-native:customerprofiles:IntegrationSalesforceSourceProperties": { + "type": "object", + "properties": { + "enableDynamicFieldUpdate": { + "type": "boolean", + "description": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow." + }, + "includeDeletedRecords": { + "type": "boolean", + "description": "Indicates whether Amazon AppFlow includes deleted files in the flow run." + }, + "object": { + "type": "string", + "description": "The object specified in the Salesforce flow source." + } + } + }, + "aws-native:customerprofiles:IntegrationScheduledTriggerProperties": { + "type": "object", + "properties": { + "dataPullMode": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationScheduledTriggerPropertiesDataPullMode", + "description": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run." + }, + "firstExecutionFrom": { + "type": "number", + "description": "Specifies the date range for the records to import from the connector in the first flow run." + }, + "scheduleEndTime": { + "type": "number", + "description": "Specifies the scheduled end time for a scheduled-trigger flow." + }, + "scheduleExpression": { + "type": "string", + "description": "The scheduling expression that determines the rate at which the schedule will run, for example rate (5 minutes)." + }, + "scheduleOffset": { + "type": "integer", + "description": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow." + }, + "scheduleStartTime": { + "type": "number", + "description": "Specifies the scheduled start time for a scheduled-trigger flow." + }, + "timezone": { + "type": "string", + "description": "Specifies the time zone used when referring to the date and time of a scheduled-triggered flow, such as America/New_York." + } + } + }, + "aws-native:customerprofiles:IntegrationScheduledTriggerPropertiesDataPullMode": { + "type": "string" + }, + "aws-native:customerprofiles:IntegrationServiceNowConnectorOperator": { + "type": "string" + }, + "aws-native:customerprofiles:IntegrationServiceNowSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the ServiceNow flow source." + } + } + }, + "aws-native:customerprofiles:IntegrationSourceConnectorProperties": { + "type": "object", + "properties": { + "marketo": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationMarketoSourceProperties", + "description": "The properties that are applied when Marketo is being used as a source." + }, + "s3": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationS3SourceProperties", + "description": "The properties that are applied when Amazon S3 is being used as the flow source." + }, + "salesforce": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationSalesforceSourceProperties", + "description": "The properties that are applied when Salesforce is being used as a source." + }, + "serviceNow": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationServiceNowSourceProperties", + "description": "The properties that are applied when ServiceNow is being used as a source." + }, + "zendesk": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationZendeskSourceProperties", + "description": "The properties that are applied when using Zendesk as a flow source." + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:customerprofiles:IntegrationSourceFlowConfig": { + "type": "object", + "properties": { + "connectorProfileName": { + "type": "string", + "description": "The name of the Amazon AppFlow connector profile. This name must be unique for each connector profile in the AWS account ." + }, + "connectorType": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationConnectorType", + "description": "The type of connector, such as Salesforce, Marketo, and so on." + }, + "incrementalPullConfig": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationIncrementalPullConfig", + "description": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull." + }, + "sourceConnectorProperties": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationSourceConnectorProperties", + "description": "Specifies the information that is required to query a particular source connector." + } + } + }, + "aws-native:customerprofiles:IntegrationTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:customerprofiles:IntegrationTask": { + "type": "object", + "properties": { + "connectorOperator": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationConnectorOperator", + "description": "The operation to be performed on the provided source fields." + }, + "destinationField": { + "type": "string", + "description": "A field in a destination connector, or a field value against which Amazon AppFlow validates a source field." + }, + "sourceFields": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The source fields to which a particular task is applied." + }, + "taskProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationTaskPropertiesMap" + }, + "description": "A map used to store task-related information. The service looks for particular information based on the TaskType." + }, + "taskType": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationTaskType", + "description": "Specifies the particular task implementation that Amazon AppFlow performs." + } + } + }, + "aws-native:customerprofiles:IntegrationTaskPropertiesMap": { + "type": "object", + "properties": { + "operatorPropertyKey": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationOperatorPropertiesKeys", + "description": "The task property key." + }, + "property": { + "type": "string", + "description": "The task property value." + } + } + }, + "aws-native:customerprofiles:IntegrationTaskType": { + "type": "string" + }, + "aws-native:customerprofiles:IntegrationTriggerConfig": { + "type": "object", + "properties": { + "triggerProperties": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationTriggerProperties", + "description": "Specifies the configuration details of a schedule-triggered flow that you define. Currently, these settings only apply to the Scheduled trigger type." + }, + "triggerType": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationTriggerType", + "description": "Specifies the type of flow trigger. It can be OnDemand, Scheduled, or Event." + } + } + }, + "aws-native:customerprofiles:IntegrationTriggerProperties": { + "type": "object", + "properties": { + "scheduled": { + "$ref": "#/types/aws-native:customerprofiles:IntegrationScheduledTriggerProperties", + "description": "Specifies the configuration details of a schedule-triggered flow that you define." + } + } + }, + "aws-native:customerprofiles:IntegrationTriggerType": { + "type": "string" + }, + "aws-native:customerprofiles:IntegrationZendeskConnectorOperator": { + "type": "string" + }, + "aws-native:customerprofiles:IntegrationZendeskSourceProperties": { + "type": "object", + "properties": { + "object": { + "type": "string", + "description": "The object specified in the Zendesk flow source." + } + } + }, + "aws-native:customerprofiles:ObjectTypeField": { + "type": "object", + "properties": { + "contentType": { + "$ref": "#/types/aws-native:customerprofiles:ObjectTypeFieldContentType", + "description": "The content type of the field. Used for determining equality when searching." + }, + "source": { + "type": "string", + "description": "A field of a ProfileObject. For example: _source.FirstName, where \"_source\" is a ProfileObjectType of a Zendesk user and \"FirstName\" is a field in that ObjectType." + }, + "target": { + "type": "string", + "description": "The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode." + } + } + }, + "aws-native:customerprofiles:ObjectTypeFieldContentType": { + "type": "string" + }, + "aws-native:customerprofiles:ObjectTypeFieldMap": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the field." + }, + "objectTypeField": { + "$ref": "#/types/aws-native:customerprofiles:ObjectTypeField", + "description": "Represents a field in a ProfileObjectType." + } + } + }, + "aws-native:customerprofiles:ObjectTypeKey": { + "type": "object", + "properties": { + "fieldNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The reference for the key name of the fields map. " + }, + "standardIdentifiers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:ObjectTypeKeyStandardIdentifiersItem" + }, + "description": "The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles." + } + } + }, + "aws-native:customerprofiles:ObjectTypeKeyMap": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the key." + }, + "objectTypeKeyList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:customerprofiles:ObjectTypeKey" + }, + "description": "A list of ObjectTypeKey." + } + } + }, + "aws-native:customerprofiles:ObjectTypeKeyStandardIdentifiersItem": { + "type": "string" + }, + "aws-native:customerprofiles:ObjectTypeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources." + }, + "value": { + "type": "string", + "description": "The value for the specified tag key." + } + } + }, + "aws-native:databrew:DatasetCsvOptions": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "A single character that specifies the delimiter being used in the CSV file." + }, + "headerRow": { + "type": "boolean", + "description": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated." + } + } + }, + "aws-native:databrew:DatasetDataCatalogInputDefinition": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "Catalog id" + }, + "databaseName": { + "type": "string", + "description": "Database name" + }, + "tableName": { + "type": "string", + "description": "Table name" + }, + "tempDirectory": { + "$ref": "#/types/aws-native:databrew:DatasetS3Location", + "description": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory." + } + } + }, + "aws-native:databrew:DatasetDatabaseInputDefinition": { + "type": "object", + "properties": { + "databaseTableName": { + "type": "string", + "description": "Database table name" + }, + "glueConnectionName": { + "type": "string", + "description": "Glue connection name" + }, + "queryString": { + "type": "string", + "description": "Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs." + }, + "tempDirectory": { + "$ref": "#/types/aws-native:databrew:DatasetS3Location", + "description": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory." + } + } + }, + "aws-native:databrew:DatasetDatetimeOptions": { + "type": "object", + "properties": { + "format": { + "type": "string", + "description": "Date/time format of a date parameter" + }, + "localeCode": { + "type": "string", + "description": "Locale code for a date parameter" + }, + "timezoneOffset": { + "type": "string", + "description": "Timezone offset" + } + } + }, + "aws-native:databrew:DatasetExcelOptions": { + "type": "object", + "properties": { + "headerRow": { + "type": "boolean", + "description": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated." + }, + "sheetIndexes": { + "type": "array", + "items": { + "type": "integer" + }, + "description": "One or more sheet numbers in the Excel file that will be included in the dataset." + }, + "sheetNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more named sheets in the Excel file that will be included in the dataset." + } + } + }, + "aws-native:databrew:DatasetFilesLimit": { + "type": "object", + "properties": { + "maxFiles": { + "type": "integer", + "description": "Maximum number of files" + }, + "order": { + "$ref": "#/types/aws-native:databrew:DatasetFilesLimitOrder", + "description": "Order" + }, + "orderedBy": { + "$ref": "#/types/aws-native:databrew:DatasetFilesLimitOrderedBy", + "description": "Ordered by" + } + } + }, + "aws-native:databrew:DatasetFilesLimitOrder": { + "type": "string" + }, + "aws-native:databrew:DatasetFilesLimitOrderedBy": { + "type": "string" + }, + "aws-native:databrew:DatasetFilterExpression": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "Filtering expression for a parameter" + }, + "valuesMap": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:DatasetFilterValue" + }, + "description": "The map of substitution variable names to their values used in this filter expression." + } + } + }, + "aws-native:databrew:DatasetFilterValue": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "The value to be associated with the substitution variable." + }, + "valueReference": { + "type": "string", + "description": "Variable name" + } + } + }, + "aws-native:databrew:DatasetFormat": { + "type": "string" + }, + "aws-native:databrew:DatasetFormatOptions": { + "type": "object", + "properties": { + "csv": { + "$ref": "#/types/aws-native:databrew:DatasetCsvOptions", + "description": "Options that define how CSV input is to be interpreted by DataBrew." + }, + "excel": { + "$ref": "#/types/aws-native:databrew:DatasetExcelOptions", + "description": "Options that define how Excel input is to be interpreted by DataBrew." + }, + "json": { + "$ref": "#/types/aws-native:databrew:DatasetJsonOptions", + "description": "Options that define how JSON input is to be interpreted by DataBrew." + } + } + }, + "aws-native:databrew:DatasetInput": { + "type": "object", + "properties": { + "dataCatalogInputDefinition": { + "$ref": "#/types/aws-native:databrew:DatasetDataCatalogInputDefinition", + "description": "The AWS Glue Data Catalog parameters for the data." + }, + "databaseInputDefinition": { + "$ref": "#/types/aws-native:databrew:DatasetDatabaseInputDefinition", + "description": "Connection information for dataset input files stored in a database." + }, + "metadata": { + "$ref": "#/types/aws-native:databrew:DatasetMetadata", + "description": "Contains additional resource information needed for specific datasets." + }, + "s3InputDefinition": { + "$ref": "#/types/aws-native:databrew:DatasetS3Location", + "description": "The Amazon S3 location where the data is stored." + } + }, + "irreversibleNames": { + "s3InputDefinition": "S3InputDefinition" + } + }, + "aws-native:databrew:DatasetJsonOptions": { + "type": "object", + "properties": { + "multiLine": { + "type": "boolean", + "description": "A value that specifies whether JSON input contains embedded new line characters." + } + } + }, + "aws-native:databrew:DatasetMetadata": { + "type": "object", + "properties": { + "sourceArn": { + "type": "string", + "description": "Arn of the source of the dataset. For e.g.: AppFlow Flow ARN." + } + } + }, + "aws-native:databrew:DatasetParameter": { + "type": "object", + "properties": { + "createColumn": { + "type": "boolean", + "description": "Add the value of this parameter as a column in a dataset." + }, + "datetimeOptions": { + "$ref": "#/types/aws-native:databrew:DatasetDatetimeOptions", + "description": "Additional parameter options such as a format and a timezone. Required for datetime parameters." + }, + "filter": { + "$ref": "#/types/aws-native:databrew:DatasetFilterExpression", + "description": "The optional filter expression structure to apply additional matching criteria to the parameter." + }, + "name": { + "type": "string", + "description": "The name of the parameter that is used in the dataset's Amazon S3 path." + }, + "type": { + "$ref": "#/types/aws-native:databrew:DatasetParameterType", + "description": "Parameter type" + } + } + }, + "aws-native:databrew:DatasetParameterType": { + "type": "string" + }, + "aws-native:databrew:DatasetPathOptions": { + "type": "object", + "properties": { + "filesLimit": { + "$ref": "#/types/aws-native:databrew:DatasetFilesLimit", + "description": "If provided, this structure imposes a limit on a number of files that should be selected." + }, + "lastModifiedDateCondition": { + "$ref": "#/types/aws-native:databrew:DatasetFilterExpression", + "description": "If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 ." + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:DatasetPathParameter" + }, + "description": "A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions." + } + } + }, + "aws-native:databrew:DatasetPathParameter": { + "type": "object", + "properties": { + "datasetParameter": { + "$ref": "#/types/aws-native:databrew:DatasetParameter", + "description": "The path parameter definition." + }, + "pathParameterName": { + "type": "string", + "description": "The name of the path parameter." + } + } + }, + "aws-native:databrew:DatasetS3Location": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The Amazon S3 bucket name." + }, + "key": { + "type": "string", + "description": "The unique name of the object in the bucket." + } + } + }, + "aws-native:databrew:DatasetTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:databrew:JobAllowedStatistics": { + "type": "object", + "properties": { + "statistics": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more column statistics to allow for columns that contain detected entities." + } + } + }, + "aws-native:databrew:JobColumnSelector": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of a column from a dataset." + }, + "regex": { + "type": "string", + "description": "A regular expression for selecting a column from a dataset." + } + } + }, + "aws-native:databrew:JobColumnStatisticsConfiguration": { + "type": "object", + "properties": { + "selectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobColumnSelector" + }, + "description": "List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns." + }, + "statistics": { + "$ref": "#/types/aws-native:databrew:JobStatisticsConfiguration", + "description": "Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations." + } + } + }, + "aws-native:databrew:JobCsvOutputOptions": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "A single character that specifies the delimiter used to create CSV job output." + } + } + }, + "aws-native:databrew:JobDataCatalogOutput": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "The unique identifier of the AWS account that holds the Data Catalog that stores the data." + }, + "databaseName": { + "type": "string", + "description": "The name of a database in the Data Catalog." + }, + "databaseOptions": { + "$ref": "#/types/aws-native:databrew:JobDatabaseTableOutputOptions", + "description": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs." + }, + "overwrite": { + "type": "boolean", + "description": "A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions." + }, + "s3Options": { + "$ref": "#/types/aws-native:databrew:JobS3TableOutputOptions", + "description": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs." + }, + "tableName": { + "type": "string", + "description": "The name of a table in the Data Catalog." + } + }, + "irreversibleNames": { + "s3Options": "S3Options" + } + }, + "aws-native:databrew:JobDatabaseOutput": { + "type": "object", + "properties": { + "databaseOptions": { + "$ref": "#/types/aws-native:databrew:JobDatabaseTableOutputOptions", + "description": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs." + }, + "databaseOutputMode": { + "$ref": "#/types/aws-native:databrew:JobDatabaseOutputDatabaseOutputMode", + "description": "Database table name" + }, + "glueConnectionName": { + "type": "string", + "description": "Glue connection name" + } + } + }, + "aws-native:databrew:JobDatabaseOutputDatabaseOutputMode": { + "type": "string" + }, + "aws-native:databrew:JobDatabaseTableOutputOptions": { + "type": "object", + "properties": { + "tableName": { + "type": "string", + "description": "A prefix for the name of a table DataBrew will create in the database." + }, + "tempDirectory": { + "$ref": "#/types/aws-native:databrew:JobS3Location", + "description": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results." + } + } + }, + "aws-native:databrew:JobEncryptionMode": { + "type": "string" + }, + "aws-native:databrew:JobEntityDetectorConfiguration": { + "type": "object", + "properties": { + "allowedStatistics": { + "$ref": "#/types/aws-native:databrew:JobAllowedStatistics", + "description": "Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities." + }, + "entityTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Entity types to detect. Can be any of the following:\n\n- USA_SSN\n- EMAIL\n- USA_ITIN\n- USA_PASSPORT_NUMBER\n- PHONE_NUMBER\n- USA_DRIVING_LICENSE\n- BANK_ACCOUNT\n- CREDIT_CARD\n- IP_ADDRESS\n- MAC_ADDRESS\n- USA_DEA_NUMBER\n- USA_HCPCS_CODE\n- USA_NATIONAL_PROVIDER_IDENTIFIER\n- USA_NATIONAL_DRUG_CODE\n- USA_HEALTH_INSURANCE_CLAIM_NUMBER\n- USA_MEDICARE_BENEFICIARY_IDENTIFIER\n- USA_CPT_CODE\n- PERSON_NAME\n- DATE\n\nThe Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE." + } + } + }, + "aws-native:databrew:JobLogSubscription": { + "type": "string" + }, + "aws-native:databrew:JobOutput": { + "type": "object", + "properties": { + "compressionFormat": { + "$ref": "#/types/aws-native:databrew:JobOutputCompressionFormat", + "description": "The compression algorithm used to compress the output text of the job." + }, + "format": { + "$ref": "#/types/aws-native:databrew:JobOutputFormat", + "description": "The data format of the output of the job." + }, + "formatOptions": { + "$ref": "#/types/aws-native:databrew:JobOutputFormatOptions", + "description": "Represents options that define how DataBrew formats job output files." + }, + "location": { + "$ref": "#/types/aws-native:databrew:JobS3Location", + "description": "The location in Amazon S3 where the job writes its output." + }, + "maxOutputFiles": { + "type": "integer", + "description": "The maximum number of files to be generated by the job and written to the output folder." + }, + "overwrite": { + "type": "boolean", + "description": "A value that, if true, means that any data in the location specified for output is overwritten with new output." + }, + "partitionColumns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The names of one or more partition columns for the output of the job." + } + } + }, + "aws-native:databrew:JobOutputCompressionFormat": { + "type": "string" + }, + "aws-native:databrew:JobOutputFormat": { + "type": "string" + }, + "aws-native:databrew:JobOutputFormatOptions": { + "type": "object", + "properties": { + "csv": { + "$ref": "#/types/aws-native:databrew:JobCsvOutputOptions", + "description": "Represents a set of options that define the structure of comma-separated value (CSV) job output." + } + } + }, + "aws-native:databrew:JobOutputLocation": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The Amazon S3 bucket name." + }, + "bucketOwner": { + "type": "string" + }, + "key": { + "type": "string", + "description": "The unique name of the object in the bucket." + } + } + }, + "aws-native:databrew:JobProfileConfiguration": { + "type": "object", + "properties": { + "columnStatisticsConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobColumnStatisticsConfiguration" + }, + "description": "List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations." + }, + "datasetStatisticsConfiguration": { + "$ref": "#/types/aws-native:databrew:JobStatisticsConfiguration", + "description": "Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations." + }, + "entityDetectorConfiguration": { + "$ref": "#/types/aws-native:databrew:JobEntityDetectorConfiguration", + "description": "Configuration of entity detection for a profile job. When undefined, entity detection is disabled." + }, + "profileColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobColumnSelector" + }, + "description": "List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns." + } + } + }, + "aws-native:databrew:JobRecipe": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Recipe name" + }, + "version": { + "type": "string", + "description": "Recipe version" + } + } + }, + "aws-native:databrew:JobS3Location": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The Amazon S3 bucket name." + }, + "bucketOwner": { + "type": "string", + "description": "The AWS account ID of the bucket owner." + }, + "key": { + "type": "string", + "description": "The unique name of the object in the bucket." + } + } + }, + "aws-native:databrew:JobS3TableOutputOptions": { + "type": "object", + "properties": { + "location": { + "$ref": "#/types/aws-native:databrew:JobS3Location", + "description": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job." + } + } + }, + "aws-native:databrew:JobSample": { + "type": "object", + "properties": { + "mode": { + "$ref": "#/types/aws-native:databrew:JobSampleMode", + "description": "A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following:\n\n- FULL_DATASET - The profile job is run on the entire dataset.\n- CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter." + }, + "size": { + "type": "integer", + "description": "The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE.\n\nLong.MAX_VALUE = 9223372036854775807" + } + } + }, + "aws-native:databrew:JobSampleMode": { + "type": "string" + }, + "aws-native:databrew:JobStatisticOverride": { + "type": "object", + "properties": { + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map that includes overrides of an evaluation’s parameters." + }, + "statistic": { + "type": "string", + "description": "The name of an evaluation" + } + } + }, + "aws-native:databrew:JobStatisticsConfiguration": { + "type": "object", + "properties": { + "includedStatistics": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of included evaluations. When the list is undefined, all supported evaluations will be included." + }, + "overrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:JobStatisticOverride" + }, + "description": "List of overrides for evaluations." + } + } + }, + "aws-native:databrew:JobTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:databrew:JobType": { + "type": "string" + }, + "aws-native:databrew:JobValidationConfiguration": { + "type": "object", + "properties": { + "rulesetArn": { + "type": "string", + "description": "Arn of the Ruleset" + }, + "validationMode": { + "$ref": "#/types/aws-native:databrew:JobValidationMode", + "description": "Mode of data quality validation. Default mode is \"CHECK_ALL\" which verifies all rules defined in the selected ruleset." + } + } + }, + "aws-native:databrew:JobValidationMode": { + "type": "string" + }, + "aws-native:databrew:ProjectSample": { + "type": "object", + "properties": { + "size": { + "type": "integer", + "description": "Sample size" + }, + "type": { + "$ref": "#/types/aws-native:databrew:ProjectSampleType", + "description": "Sample type" + } + } + }, + "aws-native:databrew:ProjectSampleType": { + "type": "string" + }, + "aws-native:databrew:ProjectTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:databrew:RecipeAction": { + "type": "object", + "properties": { + "operation": { + "type": "string", + "description": "Step action operation" + }, + "parameters": { + "oneOf": [ + { + "$ref": "#/types/aws-native:databrew:RecipeParameters" + }, + { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + ], + "description": "Contextual parameters for the transformation." + } + } + }, + "aws-native:databrew:RecipeConditionExpression": { + "type": "object", + "properties": { + "condition": { + "type": "string", + "description": "Input condition to be applied to the target column" + }, + "targetColumn": { + "type": "string", + "description": "Name of the target column" + }, + "value": { + "type": "string", + "description": "Value of the condition" + } + } + }, + "aws-native:databrew:RecipeDataCatalogInputDefinition": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "Catalog id" + }, + "databaseName": { + "type": "string", + "description": "Database name" + }, + "tableName": { + "type": "string", + "description": "Table name" + }, + "tempDirectory": { + "$ref": "#/types/aws-native:databrew:RecipeS3Location" + } + } + }, + "aws-native:databrew:RecipeParameters": { + "type": "object", + "properties": { + "aggregateFunction": { + "type": "string" + }, + "base": { + "type": "string" + }, + "caseStatement": { + "type": "string" + }, + "categoryMap": { + "type": "string" + }, + "charsToRemove": { + "type": "string" + }, + "collapseConsecutiveWhitespace": { + "type": "string" + }, + "columnDataType": { + "type": "string" + }, + "columnRange": { + "type": "string" + }, + "count": { + "type": "string" + }, + "customCharacters": { + "type": "string" + }, + "customStopWords": { + "type": "string" + }, + "customValue": { + "type": "string" + }, + "datasetsColumns": { + "type": "string" + }, + "dateAddValue": { + "type": "string" + }, + "dateTimeFormat": { + "type": "string" + }, + "dateTimeParameters": { + "type": "string" + }, + "deleteOtherRows": { + "type": "string" + }, + "delimiter": { + "type": "string" + }, + "endPattern": { + "type": "string" + }, + "endPosition": { + "type": "string" + }, + "endValue": { + "type": "string" + }, + "expandContractions": { + "type": "string" + }, + "exponent": { + "type": "string" + }, + "falseString": { + "type": "string" + }, + "groupByAggFunctionOptions": { + "type": "string" + }, + "groupByColumns": { + "type": "string" + }, + "hiddenColumns": { + "type": "string" + }, + "ignoreCase": { + "type": "string" + }, + "includeInSplit": { + "type": "string" + }, + "input": { + "$ref": "#/types/aws-native:databrew:RecipeParametersInputProperties", + "description": "Input" + }, + "interval": { + "type": "string" + }, + "isText": { + "type": "string" + }, + "joinKeys": { + "type": "string" + }, + "joinType": { + "type": "string" + }, + "leftColumns": { + "type": "string" + }, + "limit": { + "type": "string" + }, + "lowerBound": { + "type": "string" + }, + "mapType": { + "type": "string" + }, + "modeType": { + "type": "string" + }, + "multiLine": { + "type": "boolean" + }, + "numRows": { + "type": "string" + }, + "numRowsAfter": { + "type": "string" + }, + "numRowsBefore": { + "type": "string" + }, + "orderByColumn": { + "type": "string" + }, + "orderByColumns": { + "type": "string" + }, + "other": { + "type": "string" + }, + "pattern": { + "type": "string" + }, + "patternOption1": { + "type": "string" + }, + "patternOption2": { + "type": "string" + }, + "patternOptions": { + "type": "string" + }, + "period": { + "type": "string" + }, + "position": { + "type": "string" + }, + "removeAllPunctuation": { + "type": "string" + }, + "removeAllQuotes": { + "type": "string" + }, + "removeAllWhitespace": { + "type": "string" + }, + "removeCustomCharacters": { + "type": "string" + }, + "removeCustomValue": { + "type": "string" + }, + "removeLeadingAndTrailingPunctuation": { + "type": "string" + }, + "removeLeadingAndTrailingQuotes": { + "type": "string" + }, + "removeLeadingAndTrailingWhitespace": { + "type": "string" + }, + "removeLetters": { + "type": "string" + }, + "removeNumbers": { + "type": "string" + }, + "removeSourceColumn": { + "type": "string" + }, + "removeSpecialCharacters": { + "type": "string" + }, + "rightColumns": { + "type": "string" + }, + "sampleSize": { + "type": "string" + }, + "sampleType": { + "type": "string" + }, + "secondInput": { + "type": "string" + }, + "secondaryInputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:RecipeSecondaryInput" + } + }, + "sheetIndexes": { + "type": "array", + "items": { + "type": "integer" + } + }, + "sheetNames": { + "type": "array", + "items": { + "type": "string" + } + }, + "sourceColumn": { + "type": "string" + }, + "sourceColumn1": { + "type": "string" + }, + "sourceColumn2": { + "type": "string" + }, + "sourceColumns": { + "type": "string" + }, + "startColumnIndex": { + "type": "string" + }, + "startPattern": { + "type": "string" + }, + "startPosition": { + "type": "string" + }, + "startValue": { + "type": "string" + }, + "stemmingMode": { + "type": "string" + }, + "stepCount": { + "type": "string" + }, + "stepIndex": { + "type": "string" + }, + "stopWordsMode": { + "type": "string" + }, + "strategy": { + "type": "string" + }, + "targetColumn": { + "type": "string" + }, + "targetColumnNames": { + "type": "string" + }, + "targetDateFormat": { + "type": "string" + }, + "targetIndex": { + "type": "string" + }, + "timeZone": { + "type": "string" + }, + "tokenizerPattern": { + "type": "string" + }, + "trueString": { + "type": "string" + }, + "udfLang": { + "type": "string" + }, + "units": { + "type": "string" + }, + "unpivotColumn": { + "type": "string" + }, + "upperBound": { + "type": "string" + }, + "useNewDataFrame": { + "type": "string" + }, + "value": { + "type": "string" + }, + "value1": { + "type": "string" + }, + "value2": { + "type": "string" + }, + "valueColumn": { + "type": "string" + }, + "viewFrame": { + "type": "string" + } + } + }, + "aws-native:databrew:RecipeParametersInputProperties": { + "type": "object", + "properties": { + "dataCatalogInputDefinition": { + "$ref": "#/types/aws-native:databrew:RecipeDataCatalogInputDefinition" + }, + "s3InputDefinition": { + "$ref": "#/types/aws-native:databrew:RecipeS3Location" + } + }, + "irreversibleNames": { + "s3InputDefinition": "S3InputDefinition" + } + }, + "aws-native:databrew:RecipeS3Location": { + "type": "object", + "properties": { + "bucket": { + "type": "string" + }, + "key": { + "type": "string" + } + } + }, + "aws-native:databrew:RecipeSecondaryInput": { + "type": "object", + "properties": { + "dataCatalogInputDefinition": { + "$ref": "#/types/aws-native:databrew:RecipeDataCatalogInputDefinition" + }, + "s3InputDefinition": { + "$ref": "#/types/aws-native:databrew:RecipeS3Location" + } + }, + "irreversibleNames": { + "s3InputDefinition": "S3InputDefinition" + } + }, + "aws-native:databrew:RecipeStep": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:databrew:RecipeAction", + "description": "The particular action to be performed in the recipe step." + }, + "conditionExpressions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:RecipeConditionExpression" + }, + "description": "Condition expressions applied to the step action" + } + } + }, + "aws-native:databrew:RecipeTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:databrew:RulesetColumnSelector": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of a column from a dataset" + }, + "regex": { + "type": "string", + "description": "A regular expression for selecting a column from a dataset" + } + } + }, + "aws-native:databrew:RulesetRule": { + "type": "object", + "properties": { + "checkExpression": { + "type": "string", + "description": "The expression which includes column references, condition names followed by variable references, possibly grouped and combined with other conditions. For example, `(:col1 starts_with :prefix1 or :col1 starts_with :prefix2) and (:col1 ends_with :suffix1 or :col1 ends_with :suffix2)` . Column and value references are substitution variables that should start with the ':' symbol. Depending on the context, substitution variables' values can be either an actual value or a column name. These values are defined in the SubstitutionMap. If a CheckExpression starts with a column reference, then ColumnSelectors in the rule should be null. If ColumnSelectors has been defined, then there should be no columnn reference in the left side of a condition, for example, `is_between :val1 and :val2` ." + }, + "columnSelectors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:RulesetColumnSelector" + }, + "description": "List of column selectors. Selectors can be used to select columns using a name or regular expression from the dataset. Rule will be applied to selected columns." + }, + "disabled": { + "type": "boolean", + "description": "A value that specifies whether the rule is disabled. Once a rule is disabled, a profile job will not validate it during a job run. Default value is false." + }, + "name": { + "type": "string", + "description": "Name of the rule" + }, + "substitutionMap": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:databrew:RulesetSubstitutionValue" + }, + "description": "The map of substitution variable names to their values used in a check expression. Variable names should start with a ':' (colon). Variable values can either be actual values or column names. To differentiate between the two, column names should be enclosed in backticks, for example, `\":col1\": \"`Column A`\".`" + }, + "threshold": { + "$ref": "#/types/aws-native:databrew:RulesetThreshold", + "description": "The threshold used with a non-aggregate check expression. Non-aggregate check expressions will be applied to each row in a specific column, and the threshold will be used to determine whether the validation succeeds." + } + } + }, + "aws-native:databrew:RulesetSubstitutionValue": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Value or column name" + }, + "valueReference": { + "type": "string", + "description": "Variable name" + } + } + }, + "aws-native:databrew:RulesetTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:databrew:RulesetThreshold": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:databrew:RulesetThresholdType", + "description": "The type of a threshold. Used for comparison of an actual count of rows that satisfy the rule to the threshold value." + }, + "unit": { + "$ref": "#/types/aws-native:databrew:RulesetThresholdUnit", + "description": "Unit of threshold value. Can be either a COUNT or PERCENTAGE of the full sample size used for validation." + }, + "value": { + "type": "number", + "description": "The value of a threshold." + } + } + }, + "aws-native:databrew:RulesetThresholdType": { + "type": "string" + }, + "aws-native:databrew:RulesetThresholdUnit": { + "type": "string" + }, + "aws-native:databrew:ScheduleTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:datapipeline:PipelineField": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Specifies the name of a field for a particular object. To view valid values for a particular field, see Pipeline Object Reference in the AWS Data Pipeline Developer Guide." + }, + "refValue": { + "type": "string", + "description": "A field value that you specify as an identifier of another object in the same pipeline definition." + }, + "stringValue": { + "type": "string", + "description": "A field value that you specify as a string. To view valid values for a particular field, see Pipeline Object Reference in the AWS Data Pipeline Developer Guide." + } + } + }, + "aws-native:datapipeline:PipelineObject": { + "type": "object", + "properties": { + "fields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datapipeline:PipelineField" + }, + "description": "Key-value pairs that define the properties of the object." + }, + "id": { + "type": "string", + "description": "The ID of the object." + }, + "name": { + "type": "string", + "description": "The name of the object." + } + } + }, + "aws-native:datapipeline:PipelineParameterAttribute": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The field identifier." + }, + "stringValue": { + "type": "string", + "description": "The field value, expressed as a String." + } + } + }, + "aws-native:datapipeline:PipelineParameterObject": { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datapipeline:PipelineParameterAttribute" + }, + "description": "The attributes of the parameter object." + }, + "id": { + "type": "string", + "description": "The ID of the parameter object." + } + } + }, + "aws-native:datapipeline:PipelineParameterValue": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the parameter value." + }, + "stringValue": { + "type": "string", + "description": "The field value, expressed as a String." + } + } + }, + "aws-native:datapipeline:PipelineTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of a tag." + }, + "value": { + "type": "string", + "description": "The value to associate with the key name." + } + } + }, + "aws-native:datasync:AgentEndpointType": { + "type": "string" + }, + "aws-native:datasync:AgentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:LocationAzureBlobAzureAccessTier": { + "type": "string" + }, + "aws-native:datasync:LocationAzureBlobAzureBlobAuthenticationType": { + "type": "string" + }, + "aws-native:datasync:LocationAzureBlobAzureBlobSasConfiguration": { + "type": "object", + "properties": { + "azureBlobSasToken": { + "type": "string", + "description": "Specifies the shared access signature (SAS) token, which indicates the permissions DataSync needs to access your Azure Blob Storage container." + } + } + }, + "aws-native:datasync:LocationAzureBlobAzureBlobType": { + "type": "string" + }, + "aws-native:datasync:LocationAzureBlobTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:LocationEfsEc2Config": { + "type": "object", + "properties": { + "securityGroupArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the security groups that are configured for the Amazon EC2 resource." + }, + "subnetArn": { + "type": "string", + "description": "The ARN of the subnet that DataSync uses to access the target EFS file system." + } + } + }, + "aws-native:datasync:LocationEfsInTransitEncryption": { + "type": "string" + }, + "aws-native:datasync:LocationEfsTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:LocationFSxLustreTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:LocationFSxOntapNfs": { + "type": "object", + "properties": { + "mountOptions": { + "$ref": "#/types/aws-native:datasync:LocationFSxOntapNfsMountOptions", + "description": "Specifies how DataSync can access a location using the NFS protocol." + } + } + }, + "aws-native:datasync:LocationFSxOntapNfsMountOptions": { + "type": "object", + "properties": { + "version": { + "$ref": "#/types/aws-native:datasync:LocationFSxOntapNfsMountOptionsVersion", + "description": "The specific NFS version that you want DataSync to use to mount your NFS share." + } + } + }, + "aws-native:datasync:LocationFSxOntapNfsMountOptionsVersion": { + "type": "string" + }, + "aws-native:datasync:LocationFSxOntapProtocol": { + "type": "object", + "properties": { + "nfs": { + "$ref": "#/types/aws-native:datasync:LocationFSxOntapNfs", + "description": "Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM)." + }, + "smb": { + "$ref": "#/types/aws-native:datasync:LocationFSxOntapSmb", + "description": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM." + } + }, + "irreversibleNames": { + "nfs": "NFS", + "smb": "SMB" + } + }, + "aws-native:datasync:LocationFSxOntapSmb": { + "type": "object", + "properties": { + "domain": { + "type": "string", + "description": "The name of the Windows domain that the SMB server belongs to." + }, + "mountOptions": { + "$ref": "#/types/aws-native:datasync:LocationFSxOntapSmbMountOptions", + "description": "Specifies how DataSync can access a location using the SMB protocol." + }, + "password": { + "type": "string", + "description": "The password of the user who can mount the share and has the permissions to access files and folders in the SMB share." + }, + "user": { + "type": "string", + "description": "The user who can mount the share, has the permissions to access files and folders in the SMB share." + } + } + }, + "aws-native:datasync:LocationFSxOntapSmbMountOptions": { + "type": "object", + "properties": { + "version": { + "$ref": "#/types/aws-native:datasync:LocationFSxOntapSmbMountOptionsVersion", + "description": "The specific SMB version that you want DataSync to use to mount your SMB share." + } + } + }, + "aws-native:datasync:LocationFSxOntapSmbMountOptionsVersion": { + "type": "string" + }, + "aws-native:datasync:LocationFSxOntapTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:LocationFSxOpenZfsMountOptions": { + "type": "object", + "properties": { + "version": { + "$ref": "#/types/aws-native:datasync:LocationFSxOpenZfsMountOptionsVersion", + "description": "The specific NFS version that you want DataSync to use to mount your NFS share." + } + } + }, + "aws-native:datasync:LocationFSxOpenZfsMountOptionsVersion": { + "type": "string" + }, + "aws-native:datasync:LocationFSxOpenZfsNfs": { + "type": "object", + "properties": { + "mountOptions": { + "$ref": "#/types/aws-native:datasync:LocationFSxOpenZfsMountOptions", + "description": "Represents the mount options that are available for DataSync to access an NFS location." + } + } + }, + "aws-native:datasync:LocationFSxOpenZfsProtocol": { + "type": "object", + "properties": { + "nfs": { + "$ref": "#/types/aws-native:datasync:LocationFSxOpenZfsNfs", + "description": "Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system." + } + }, + "irreversibleNames": { + "nfs": "NFS" + } + }, + "aws-native:datasync:LocationFSxOpenZfsTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:LocationFSxWindowsTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:LocationHdfsAuthenticationType": { + "type": "string" + }, + "aws-native:datasync:LocationHdfsNameNode": { + "type": "object", + "properties": { + "hostname": { + "type": "string", + "description": "The DNS name or IP address of the Name Node in the customer's on premises HDFS cluster." + }, + "port": { + "type": "integer", + "description": "The port on which the Name Node is listening on for client requests." + } + } + }, + "aws-native:datasync:LocationHdfsQopConfiguration": { + "type": "object", + "properties": { + "dataTransferProtection": { + "$ref": "#/types/aws-native:datasync:LocationHdfsQopConfigurationDataTransferProtection", + "description": "Configuration for Data Transfer Protection." + }, + "rpcProtection": { + "$ref": "#/types/aws-native:datasync:LocationHdfsQopConfigurationRpcProtection", + "description": "Configuration for RPC Protection." + } + } + }, + "aws-native:datasync:LocationHdfsQopConfigurationDataTransferProtection": { + "type": "string" + }, + "aws-native:datasync:LocationHdfsQopConfigurationRpcProtection": { + "type": "string" + }, + "aws-native:datasync:LocationHdfsTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:datasync:LocationNfsMountOptions": { + "type": "object", + "properties": { + "version": { + "$ref": "#/types/aws-native:datasync:LocationNfsMountOptionsVersion", + "description": "The specific NFS version that you want DataSync to use to mount your NFS share." + } + } + }, + "aws-native:datasync:LocationNfsMountOptionsVersion": { + "type": "string" + }, + "aws-native:datasync:LocationNfsOnPremConfig": { + "type": "object", + "properties": { + "agentArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "ARN(s) of the agent(s) to use for an NFS location." + } + } + }, + "aws-native:datasync:LocationNfsTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:LocationObjectStorageServerProtocol": { + "type": "string" + }, + "aws-native:datasync:LocationObjectStorageTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:LocationS3S3StorageClass": { + "type": "string" + }, + "aws-native:datasync:LocationS3Tag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:LocationS3s3Config": { + "type": "object", + "properties": { + "bucketAccessRoleArn": { + "type": "string", + "description": "The ARN of the IAM role of the Amazon S3 bucket." + } + } + }, + "aws-native:datasync:LocationSmbMountOptions": { + "type": "object", + "properties": { + "version": { + "$ref": "#/types/aws-native:datasync:LocationSmbMountOptionsVersion", + "description": "The specific SMB version that you want DataSync to use to mount your SMB share." + } + } + }, + "aws-native:datasync:LocationSmbMountOptionsVersion": { + "type": "string" + }, + "aws-native:datasync:LocationSmbTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:StorageSystemConnectivityStatus": { + "type": "string" + }, + "aws-native:datasync:StorageSystemServerConfiguration": { + "type": "object", + "properties": { + "serverHostname": { + "type": "string", + "description": "The domain name or IP address of the storage system's management interface." + }, + "serverPort": { + "type": "integer", + "description": "The network port needed to access the system's management interface" + } + } + }, + "aws-native:datasync:StorageSystemServerCredentials": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "The password for your storage system's management interface" + }, + "username": { + "type": "string", + "description": "The username for your storage system's management interface." + } + } + }, + "aws-native:datasync:StorageSystemSystemType": { + "type": "string" + }, + "aws-native:datasync:StorageSystemTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datasync:TaskFilterRule": { + "type": "object", + "properties": { + "filterType": { + "$ref": "#/types/aws-native:datasync:TaskFilterRuleFilterType", + "description": "The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type." + }, + "value": { + "type": "string", + "description": "A single filter string that consists of the patterns to include or exclude. The patterns are delimited by \"|\"." + } + } + }, + "aws-native:datasync:TaskFilterRuleFilterType": { + "type": "string" + }, + "aws-native:datasync:TaskManifestConfig": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:datasync:TaskManifestConfigAction", + "description": "Specifies what DataSync uses the manifest for." + }, + "format": { + "$ref": "#/types/aws-native:datasync:TaskManifestConfigFormat", + "description": "Specifies the file format of your manifest." + }, + "source": { + "$ref": "#/types/aws-native:datasync:TaskManifestConfigSourceProperties", + "description": "Specifies the manifest that you want DataSync to use and where it's hosted." + } + } + }, + "aws-native:datasync:TaskManifestConfigAction": { + "type": "string" + }, + "aws-native:datasync:TaskManifestConfigFormat": { + "type": "string" + }, + "aws-native:datasync:TaskManifestConfigSourceProperties": { + "type": "object", + "properties": { + "s3": { + "$ref": "#/types/aws-native:datasync:TaskManifestConfigSourceS3" + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:datasync:TaskManifestConfigSourceS3": { + "type": "object", + "properties": { + "bucketAccessRoleArn": { + "type": "string", + "description": "Specifies the AWS Identity and Access Management (IAM) role that allows DataSync to access your manifest." + }, + "manifestObjectPath": { + "type": "string", + "description": "Specifies the Amazon S3 object key of your manifest." + }, + "manifestObjectVersionId": { + "type": "string", + "description": "Specifies the object version ID of the manifest that you want DataSync to use." + }, + "s3BucketArn": { + "type": "string", + "description": "Specifies the Amazon Resource Name (ARN) of the S3 bucket where you're hosting your manifest." + } + }, + "irreversibleNames": { + "s3BucketArn": "S3BucketArn" + } + }, + "aws-native:datasync:TaskOptions": { + "type": "object", + "properties": { + "atime": { + "$ref": "#/types/aws-native:datasync:TaskOptionsAtime", + "description": "A file metadata value that shows the last time a file was accessed (that is, when the file was read or written to)." + }, + "bytesPerSecond": { + "type": "integer", + "description": "A value that limits the bandwidth used by AWS DataSync." + }, + "gid": { + "$ref": "#/types/aws-native:datasync:TaskOptionsGid", + "description": "The group ID (GID) of the file's owners." + }, + "logLevel": { + "$ref": "#/types/aws-native:datasync:TaskOptionsLogLevel", + "description": "A value that determines the types of logs that DataSync publishes to a log stream in the Amazon CloudWatch log group that you provide." + }, + "mtime": { + "$ref": "#/types/aws-native:datasync:TaskOptionsMtime", + "description": "A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase." + }, + "objectTags": { + "$ref": "#/types/aws-native:datasync:TaskOptionsObjectTags", + "description": "A value that determines whether object tags should be read from the source object store and written to the destination object store." + }, + "overwriteMode": { + "$ref": "#/types/aws-native:datasync:TaskOptionsOverwriteMode", + "description": "A value that determines whether files at the destination should be overwritten or preserved when copying files." + }, + "posixPermissions": { + "$ref": "#/types/aws-native:datasync:TaskOptionsPosixPermissions", + "description": "A value that determines which users or groups can access a file for a specific purpose such as reading, writing, or execution of the file." + }, + "preserveDeletedFiles": { + "$ref": "#/types/aws-native:datasync:TaskOptionsPreserveDeletedFiles", + "description": "A value that specifies whether files in the destination that don't exist in the source file system should be preserved." + }, + "preserveDevices": { + "$ref": "#/types/aws-native:datasync:TaskOptionsPreserveDevices", + "description": "A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and recreate the files with that device name and metadata on the destination." + }, + "securityDescriptorCopyFlags": { + "$ref": "#/types/aws-native:datasync:TaskOptionsSecurityDescriptorCopyFlags", + "description": "A value that determines which components of the SMB security descriptor are copied during transfer." + }, + "taskQueueing": { + "$ref": "#/types/aws-native:datasync:TaskOptionsTaskQueueing", + "description": "A value that determines whether tasks should be queued before executing the tasks." + }, + "transferMode": { + "$ref": "#/types/aws-native:datasync:TaskOptionsTransferMode", + "description": "A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing to the destination location." + }, + "uid": { + "$ref": "#/types/aws-native:datasync:TaskOptionsUid", + "description": "The user ID (UID) of the file's owner." + }, + "verifyMode": { + "$ref": "#/types/aws-native:datasync:TaskOptionsVerifyMode", + "description": "A value that determines whether a data integrity verification should be performed at the end of a task execution after all data and metadata have been transferred." + } + } + }, + "aws-native:datasync:TaskOptionsAtime": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsGid": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsLogLevel": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsMtime": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsObjectTags": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsOverwriteMode": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsPosixPermissions": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsPreserveDeletedFiles": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsPreserveDevices": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsSecurityDescriptorCopyFlags": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsTaskQueueing": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsTransferMode": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsUid": { + "type": "string" + }, + "aws-native:datasync:TaskOptionsVerifyMode": { + "type": "string" + }, + "aws-native:datasync:TaskReportConfig": { + "type": "object", + "properties": { + "destination": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigDestinationProperties", + "description": "Specifies where DataSync uploads your task report." + }, + "objectVersionIds": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigObjectVersionIds", + "description": "Specifies whether your task report includes the new version of each object transferred into an S3 bucket, this only applies if you enable versioning on your bucket." + }, + "outputType": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigOutputType", + "description": "Specifies the type of task report that you want." + }, + "overrides": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigOverridesProperties", + "description": "Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that Datasync attempted to delete in your destination location." + }, + "reportLevel": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigReportLevel", + "description": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't." + } + } + }, + "aws-native:datasync:TaskReportConfigDestinationProperties": { + "type": "object", + "properties": { + "s3": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigDestinationS3" + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:datasync:TaskReportConfigDestinationS3": { + "type": "object", + "properties": { + "bucketAccessRoleArn": { + "type": "string", + "description": "Specifies the Amazon Resource Name (ARN) of the IAM policy that allows Datasync to upload a task report to your S3 bucket." + }, + "s3BucketArn": { + "type": "string", + "description": "Specifies the ARN of the S3 bucket where Datasync uploads your report." + }, + "subdirectory": { + "type": "string", + "description": "Specifies a bucket prefix for your report." + } + }, + "irreversibleNames": { + "s3BucketArn": "S3BucketArn" + } + }, + "aws-native:datasync:TaskReportConfigObjectVersionIds": { + "type": "string" + }, + "aws-native:datasync:TaskReportConfigOutputType": { + "type": "string" + }, + "aws-native:datasync:TaskReportConfigOverridesProperties": { + "type": "object", + "properties": { + "deleted": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigOverridesPropertiesDeletedProperties", + "description": "Specifies the level of reporting for the files, objects, and directories that Datasync attempted to delete in your destination location. This only applies if you configure your task to delete data in the destination that isn't in the source." + }, + "skipped": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigOverridesPropertiesSkippedProperties", + "description": "Specifies the level of reporting for the files, objects, and directories that Datasync attempted to skip during your transfer." + }, + "transferred": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigOverridesPropertiesTransferredProperties", + "description": "Specifies the level of reporting for the files, objects, and directories that Datasync attempted to transfer." + }, + "verified": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigOverridesPropertiesVerifiedProperties", + "description": "Specifies the level of reporting for the files, objects, and directories that Datasync attempted to verify at the end of your transfer. This only applies if you configure your task to verify data during and after the transfer (which Datasync does by default)" + } + } + }, + "aws-native:datasync:TaskReportConfigOverridesPropertiesDeletedProperties": { + "type": "object", + "properties": { + "reportLevel": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigOverridesPropertiesDeletedPropertiesReportLevel", + "description": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't." + } + } + }, + "aws-native:datasync:TaskReportConfigOverridesPropertiesDeletedPropertiesReportLevel": { + "type": "string" + }, + "aws-native:datasync:TaskReportConfigOverridesPropertiesSkippedProperties": { + "type": "object", + "properties": { + "reportLevel": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigOverridesPropertiesSkippedPropertiesReportLevel", + "description": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't." + } + } + }, + "aws-native:datasync:TaskReportConfigOverridesPropertiesSkippedPropertiesReportLevel": { + "type": "string" + }, + "aws-native:datasync:TaskReportConfigOverridesPropertiesTransferredProperties": { + "type": "object", + "properties": { + "reportLevel": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigOverridesPropertiesTransferredPropertiesReportLevel", + "description": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't." + } + } + }, + "aws-native:datasync:TaskReportConfigOverridesPropertiesTransferredPropertiesReportLevel": { + "type": "string" + }, + "aws-native:datasync:TaskReportConfigOverridesPropertiesVerifiedProperties": { + "type": "object", + "properties": { + "reportLevel": { + "$ref": "#/types/aws-native:datasync:TaskReportConfigOverridesPropertiesVerifiedPropertiesReportLevel", + "description": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't." + } + } + }, + "aws-native:datasync:TaskReportConfigOverridesPropertiesVerifiedPropertiesReportLevel": { + "type": "string" + }, + "aws-native:datasync:TaskReportConfigReportLevel": { + "type": "string" + }, + "aws-native:datasync:TaskSchedule": { + "type": "object", + "properties": { + "scheduleExpression": { + "type": "string", + "description": "A cron expression that specifies when AWS DataSync initiates a scheduled transfer from a source to a destination location" + }, + "status": { + "$ref": "#/types/aws-native:datasync:TaskScheduleStatus", + "description": "Specifies status of a schedule." + } + } + }, + "aws-native:datasync:TaskScheduleStatus": { + "type": "string" + }, + "aws-native:datasync:TaskStatus": { + "type": "string" + }, + "aws-native:datasync:TaskTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for an AWS resource tag." + }, + "value": { + "type": "string", + "description": "The value for an AWS resource tag." + } + } + }, + "aws-native:datazone:DataSourceConfigurationInput0Properties": { + "type": "object", + "properties": { + "glueRunConfiguration": { + "$ref": "#/types/aws-native:datazone:DataSourceGlueRunConfigurationInput" + } + } + }, + "aws-native:datazone:DataSourceConfigurationInput1Properties": { + "type": "object", + "properties": { + "redshiftRunConfiguration": { + "$ref": "#/types/aws-native:datazone:DataSourceRedshiftRunConfigurationInput" + } + } + }, + "aws-native:datazone:DataSourceEnableSetting": { + "type": "string" + }, + "aws-native:datazone:DataSourceFilterExpression": { + "type": "object", + "properties": { + "expression": { + "type": "string" + }, + "type": { + "$ref": "#/types/aws-native:datazone:DataSourceFilterExpressionType" + } + } + }, + "aws-native:datazone:DataSourceFilterExpressionType": { + "type": "string" + }, + "aws-native:datazone:DataSourceFormInput": { + "type": "object", + "properties": { + "content": { + "type": "string", + "description": "The content of the metadata form." + }, + "formName": { + "type": "string", + "description": "The name of the metadata form." + }, + "typeIdentifier": { + "type": "string", + "description": "The ID of the metadata form type." + }, + "typeRevision": { + "type": "string", + "description": "The revision of the metadata form type." + } + } + }, + "aws-native:datazone:DataSourceGlueRunConfigurationInput": { + "type": "object", + "properties": { + "autoImportDataQualityResult": { + "type": "boolean", + "description": "Specifies whether to automatically import data quality metrics as part of the data source run." + }, + "dataAccessRole": { + "type": "string", + "description": "The data access role included in the configuration details of the AWS Glue data source." + }, + "relationalFilterConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:DataSourceRelationalFilterConfiguration" + }, + "description": "The relational filter configurations included in the configuration details of the AWS Glue data source." + } + } + }, + "aws-native:datazone:DataSourceRecommendationConfiguration": { + "type": "object", + "properties": { + "enableBusinessNameGeneration": { + "type": "boolean", + "description": "Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration." + } + } + }, + "aws-native:datazone:DataSourceRedshiftClusterStorage": { + "type": "object", + "properties": { + "clusterName": { + "type": "string", + "description": "The name of an Amazon Redshift cluster." + } + } + }, + "aws-native:datazone:DataSourceRedshiftCredentialConfiguration": { + "type": "object", + "properties": { + "secretManagerArn": { + "type": "string", + "description": "The ARN of a secret manager for an Amazon Redshift cluster." + } + } + }, + "aws-native:datazone:DataSourceRedshiftRunConfigurationInput": { + "type": "object", + "properties": { + "dataAccessRole": { + "type": "string", + "description": "The data access role included in the configuration details of the Amazon Redshift data source." + }, + "redshiftCredentialConfiguration": { + "$ref": "#/types/aws-native:datazone:DataSourceRedshiftCredentialConfiguration", + "description": "The details of the credentials required to access an Amazon Redshift cluster." + }, + "redshiftStorage": { + "oneOf": [ + { + "$ref": "#/types/aws-native:datazone:DataSourceRedshiftStorage0Properties" + }, + { + "$ref": "#/types/aws-native:datazone:DataSourceRedshiftStorage1Properties" + } + ], + "description": "The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run." + }, + "relationalFilterConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:DataSourceRelationalFilterConfiguration" + } + } + } + }, + "aws-native:datazone:DataSourceRedshiftServerlessStorage": { + "type": "object", + "properties": { + "workgroupName": { + "type": "string", + "description": "The name of the Amazon Redshift Serverless workgroup." + } + } + }, + "aws-native:datazone:DataSourceRedshiftStorage0Properties": { + "type": "object", + "properties": { + "redshiftClusterSource": { + "$ref": "#/types/aws-native:datazone:DataSourceRedshiftClusterStorage" + } + } + }, + "aws-native:datazone:DataSourceRedshiftStorage1Properties": { + "type": "object", + "properties": { + "redshiftServerlessSource": { + "$ref": "#/types/aws-native:datazone:DataSourceRedshiftServerlessStorage" + } + } + }, + "aws-native:datazone:DataSourceRelationalFilterConfiguration": { + "type": "object", + "properties": { + "databaseName": { + "type": "string", + "description": "The database name specified in the relational filter configuration for the data source." + }, + "filterExpressions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:datazone:DataSourceFilterExpression" + }, + "description": "The filter expressions specified in the relational filter configuration for the data source." + }, + "schemaName": { + "type": "string", + "description": "The schema name specified in the relational filter configuration for the data source." + } + } + }, + "aws-native:datazone:DataSourceScheduleConfiguration": { + "type": "object", + "properties": { + "schedule": { + "type": "string", + "description": "The schedule of the data source runs." + }, + "timezone": { + "type": "string", + "description": "The timezone of the data source run." + } + } + }, + "aws-native:datazone:DataSourceStatus": { + "type": "string" + }, + "aws-native:datazone:DomainAuthType": { + "type": "string" + }, + "aws-native:datazone:DomainSingleSignOn": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:datazone:DomainAuthType", + "description": "The type of single sign-on in Amazon DataZone." + }, + "userAssignment": { + "$ref": "#/types/aws-native:datazone:DomainUserAssignment", + "description": "The single sign-on user assignment in Amazon DataZone." + } + } + }, + "aws-native:datazone:DomainStatus": { + "type": "string" + }, + "aws-native:datazone:DomainTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag." + }, + "value": { + "type": "string", + "description": "The value for the tag." + } + } + }, + "aws-native:datazone:DomainUserAssignment": { + "type": "string" + }, + "aws-native:datazone:EnvironmentBlueprintConfigurationRegionalParameter": { + "type": "object", + "properties": { + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A string to string map containing parameters for the region." + }, + "region": { + "type": "string", + "description": "The region specified in the environment parameter." + } + } + }, + "aws-native:datazone:EnvironmentParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of an environment parameter." + }, + "value": { + "type": "string", + "description": "The value of an environment parameter." + } + } + }, + "aws-native:datazone:EnvironmentProfileEnvironmentParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of an environment profile parameter." + }, + "value": { + "type": "string", + "description": "The value of an environment profile parameter." + } + } + }, + "aws-native:datazone:EnvironmentStatus": { + "type": "string" + }, + "aws-native:datazone:GroupProfileStatus": { + "type": "string" + }, + "aws-native:datazone:ProjectMembershipMember0Properties": { + "type": "object", + "properties": { + "userIdentifier": { + "type": "string" + } + } + }, + "aws-native:datazone:ProjectMembershipMember1Properties": { + "type": "object", + "properties": { + "groupIdentifier": { + "type": "string" + } + } + }, + "aws-native:datazone:ProjectMembershipUserDesignation": { + "type": "string" + }, + "aws-native:datazone:SubscriptionTargetForm": { + "type": "object", + "properties": { + "content": { + "type": "string", + "description": "The content of the subscription target configuration." + }, + "formName": { + "type": "string", + "description": "The form name included in the subscription target configuration." + } + } + }, + "aws-native:datazone:UserProfileDetails0Properties": { + "type": "object", + "properties": { + "iam": { + "$ref": "#/types/aws-native:datazone:UserProfileIamUserProfileDetails" + } + } + }, + "aws-native:datazone:UserProfileDetails1Properties": { + "type": "object", + "properties": { + "sso": { + "$ref": "#/types/aws-native:datazone:UserProfileSsoUserProfileDetails" + } + } + }, + "aws-native:datazone:UserProfileIamUserProfileDetails": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The ARN of the IAM User Profile." + } + } + }, + "aws-native:datazone:UserProfileSsoUserProfileDetails": { + "type": "object", + "properties": { + "firstName": { + "type": "string", + "description": "The First Name of the IAM User Profile." + }, + "lastName": { + "type": "string", + "description": "The Last Name of the IAM User Profile." + }, + "username": { + "type": "string", + "description": "The username of the SSO User Profile." + } + } + }, + "aws-native:datazone:UserProfileStatus": { + "type": "string" + }, + "aws-native:datazone:UserProfileType": { + "type": "string" + }, + "aws-native:datazone:UserProfileUserType": { + "type": "string" + }, + "aws-native:deadline:FarmTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:deadline:FleetAcceleratorCountRange": { + "type": "object", + "properties": { + "max": { + "type": "integer" + }, + "min": { + "type": "integer" + } + } + }, + "aws-native:deadline:FleetAcceleratorTotalMemoryMiBRange": { + "type": "object", + "properties": { + "max": { + "type": "integer" + }, + "min": { + "type": "integer" + } + } + }, + "aws-native:deadline:FleetAcceleratorType": { + "type": "string" + }, + "aws-native:deadline:FleetAmountCapability": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum amount of the fleet worker capability." + }, + "min": { + "type": "number", + "description": "The minimum amount of fleet worker capability." + }, + "name": { + "type": "string", + "description": "The name of the fleet capability." + } + } + }, + "aws-native:deadline:FleetAttributeCapability": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the fleet attribute capability for the worker." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The number of fleet attribute capabilities." + } + } + }, + "aws-native:deadline:FleetAutoScalingMode": { + "type": "string" + }, + "aws-native:deadline:FleetCapabilities": { + "type": "object", + "properties": { + "amounts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:deadline:FleetAmountCapability" + }, + "description": "Amount capabilities of the fleet." + }, + "attributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:deadline:FleetAttributeCapability" + }, + "description": "Attribute capabilities of the fleet." + } + } + }, + "aws-native:deadline:FleetConfiguration0Properties": { + "type": "object", + "properties": { + "customerManaged": { + "$ref": "#/types/aws-native:deadline:FleetCustomerManagedFleetConfiguration" + } + } + }, + "aws-native:deadline:FleetConfiguration1Properties": { + "type": "object", + "properties": { + "serviceManagedEc2": { + "$ref": "#/types/aws-native:deadline:FleetServiceManagedEc2FleetConfiguration" + } + } + }, + "aws-native:deadline:FleetCpuArchitectureType": { + "type": "string" + }, + "aws-native:deadline:FleetCustomerManagedFleetConfiguration": { + "type": "object", + "properties": { + "mode": { + "$ref": "#/types/aws-native:deadline:FleetAutoScalingMode" + }, + "storageProfileId": { + "type": "string" + }, + "workerCapabilities": { + "$ref": "#/types/aws-native:deadline:FleetCustomerManagedWorkerCapabilities" + } + } + }, + "aws-native:deadline:FleetCustomerManagedFleetOperatingSystemFamily": { + "type": "string" + }, + "aws-native:deadline:FleetCustomerManagedWorkerCapabilities": { + "type": "object", + "properties": { + "acceleratorCount": { + "$ref": "#/types/aws-native:deadline:FleetAcceleratorCountRange" + }, + "acceleratorTotalMemoryMiB": { + "$ref": "#/types/aws-native:deadline:FleetAcceleratorTotalMemoryMiBRange" + }, + "acceleratorTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:deadline:FleetAcceleratorType" + } + }, + "cpuArchitectureType": { + "$ref": "#/types/aws-native:deadline:FleetCpuArchitectureType" + }, + "customAmounts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:deadline:FleetAmountCapability" + } + }, + "customAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:deadline:FleetAttributeCapability" + } + }, + "memoryMiB": { + "$ref": "#/types/aws-native:deadline:FleetMemoryMiBRange" + }, + "osFamily": { + "$ref": "#/types/aws-native:deadline:FleetCustomerManagedFleetOperatingSystemFamily" + }, + "vCpuCount": { + "$ref": "#/types/aws-native:deadline:FleetVCpuCountRange" + } + } + }, + "aws-native:deadline:FleetEc2EbsVolume": { + "type": "object", + "properties": { + "iops": { + "type": "integer" + }, + "sizeGiB": { + "type": "integer" + }, + "throughputMiB": { + "type": "integer" + } + } + }, + "aws-native:deadline:FleetEc2MarketType": { + "type": "string" + }, + "aws-native:deadline:FleetMemoryMiBRange": { + "type": "object", + "properties": { + "max": { + "type": "integer" + }, + "min": { + "type": "integer" + } + } + }, + "aws-native:deadline:FleetServiceManagedEc2FleetConfiguration": { + "type": "object", + "properties": { + "instanceCapabilities": { + "$ref": "#/types/aws-native:deadline:FleetServiceManagedEc2InstanceCapabilities" + }, + "instanceMarketOptions": { + "$ref": "#/types/aws-native:deadline:FleetServiceManagedEc2InstanceMarketOptions" + } + } + }, + "aws-native:deadline:FleetServiceManagedEc2InstanceCapabilities": { + "type": "object", + "properties": { + "allowedInstanceTypes": { + "type": "array", + "items": { + "type": "string" + } + }, + "cpuArchitectureType": { + "$ref": "#/types/aws-native:deadline:FleetCpuArchitectureType" + }, + "customAmounts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:deadline:FleetAmountCapability" + } + }, + "customAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:deadline:FleetAttributeCapability" + } + }, + "excludedInstanceTypes": { + "type": "array", + "items": { + "type": "string" + } + }, + "memoryMiB": { + "$ref": "#/types/aws-native:deadline:FleetMemoryMiBRange" + }, + "osFamily": { + "$ref": "#/types/aws-native:deadline:FleetServiceManagedFleetOperatingSystemFamily" + }, + "rootEbsVolume": { + "$ref": "#/types/aws-native:deadline:FleetEc2EbsVolume" + }, + "vCpuCount": { + "$ref": "#/types/aws-native:deadline:FleetVCpuCountRange" + } + } + }, + "aws-native:deadline:FleetServiceManagedEc2InstanceMarketOptions": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:deadline:FleetEc2MarketType" + } + } + }, + "aws-native:deadline:FleetServiceManagedFleetOperatingSystemFamily": { + "type": "string" + }, + "aws-native:deadline:FleetStatus": { + "type": "string" + }, + "aws-native:deadline:FleetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:deadline:FleetVCpuCountRange": { + "type": "object", + "properties": { + "max": { + "type": "integer" + }, + "min": { + "type": "integer" + } + } + }, + "aws-native:deadline:LicenseEndpointStatus": { + "type": "string" + }, + "aws-native:deadline:LicenseEndpointTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:deadline:QueueDefaultQueueBudgetAction": { + "type": "string" + }, + "aws-native:deadline:QueueEnvironmentEnvironmentTemplateType": { + "type": "string" + }, + "aws-native:deadline:QueueJobAttachmentSettings": { + "type": "object", + "properties": { + "rootPrefix": { + "type": "string", + "description": "The root prefix." + }, + "s3BucketName": { + "type": "string", + "description": "The Amazon S3 bucket name." + } + }, + "irreversibleNames": { + "s3BucketName": "S3BucketName" + } + }, + "aws-native:deadline:QueueJobRunAsUser": { + "type": "object", + "properties": { + "posix": { + "$ref": "#/types/aws-native:deadline:QueuePosixUser", + "description": "The user and group that the jobs in the queue run as." + }, + "runAs": { + "$ref": "#/types/aws-native:deadline:QueueRunAs", + "description": "Specifies whether the job should run using the queue's system user or if the job should run using the worker agent system user." + }, + "windows": { + "$ref": "#/types/aws-native:deadline:QueueWindowsUser", + "description": "Identifies a Microsoft Windows user." + } + } + }, + "aws-native:deadline:QueuePosixUser": { + "type": "object", + "properties": { + "group": { + "type": "string", + "description": "The name of the POSIX user's group." + }, + "user": { + "type": "string", + "description": "The name of the POSIX user." + } + } + }, + "aws-native:deadline:QueueRunAs": { + "type": "string" + }, + "aws-native:deadline:QueueTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:deadline:QueueWindowsUser": { + "type": "object", + "properties": { + "passwordArn": { + "type": "string", + "description": "The password ARN for the Windows user." + }, + "user": { + "type": "string", + "description": "The user." + } + } + }, + "aws-native:deadline:StorageProfileFileSystemLocation": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The location name." + }, + "path": { + "type": "string", + "description": "The file path." + }, + "type": { + "$ref": "#/types/aws-native:deadline:StorageProfileFileSystemLocationType", + "description": "The type of file." + } + } + }, + "aws-native:deadline:StorageProfileFileSystemLocationType": { + "type": "string" + }, + "aws-native:deadline:StorageProfileOperatingSystemFamily": { + "type": "string" + }, + "aws-native:detective:GraphTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ " + } + } + }, + "aws-native:devicefarm:DevicePoolRule": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:devicefarm:DevicePoolRuleAttribute", + "description": "The rule's stringified attribute." + }, + "operator": { + "$ref": "#/types/aws-native:devicefarm:DevicePoolRuleOperator", + "description": "Specifies how Device Farm compares the rule's attribute to the value." + }, + "value": { + "type": "string", + "description": "The rule's value." + } + } + }, + "aws-native:devicefarm:DevicePoolRuleAttribute": { + "type": "string" + }, + "aws-native:devicefarm:DevicePoolRuleOperator": { + "type": "string" + }, + "aws-native:devicefarm:DevicePoolTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor in a tag category (key)." + } + } + }, + "aws-native:devicefarm:InstanceProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor in a tag category (key)." + } + } + }, + "aws-native:devicefarm:NetworkProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor in a tag category (key)." + } + } + }, + "aws-native:devicefarm:ProjectTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor in a tag category (key)." + } + } + }, + "aws-native:devicefarm:ProjectVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of security group Ids in your Amazon VPC" + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A array of subnet IDs in your Amazon VPC." + }, + "vpcId": { + "type": "string", + "description": "The ID of the Amazon VPC" + } + } + }, + "aws-native:devicefarm:TestGridProjectTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor in a tag category (key)." + } + } + }, + "aws-native:devicefarm:TestGridProjectVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of VPC security group IDs in your Amazon VPC." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of VPC subnet IDs in your Amazon VPC." + }, + "vpcId": { + "type": "string", + "description": "A list of VPC IDs.\n\nEach VPC is given a unique ID upon creation." + } + } + }, + "aws-native:devicefarm:VpceConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor in a tag category (key)." + } + } + }, + "aws-native:devopsguru:NotificationChannelConfig": { + "type": "object", + "properties": { + "filters": { + "$ref": "#/types/aws-native:devopsguru:NotificationChannelNotificationFilterConfig", + "description": "The filter configurations for the Amazon SNS notification topic you use with DevOps Guru. If you do not provide filter configurations, the default configurations are to receive notifications for all message types of `High` or `Medium` severity." + }, + "sns": { + "$ref": "#/types/aws-native:devopsguru:NotificationChannelSnsChannelConfig", + "description": "Information about a notification channel configured in DevOps Guru to send notifications when insights are created.\n\nIf you use an Amazon SNS topic in another account, you must attach a policy to it that grants DevOps Guru permission to send it notifications. DevOps Guru adds the required policy on your behalf to send notifications using Amazon SNS in your account. DevOps Guru only supports standard SNS topics. For more information, see [Permissions for Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-required-permissions.html) .\n\nIf you use an Amazon SNS topic that is encrypted by an AWS Key Management Service customer-managed key (CMK), then you must add permissions to the CMK. For more information, see [Permissions for AWS KMS–encrypted Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-kms-permissions.html) ." + } + } + }, + "aws-native:devopsguru:NotificationChannelInsightSeverity": { + "type": "string" + }, + "aws-native:devopsguru:NotificationChannelNotificationFilterConfig": { + "type": "object", + "properties": { + "messageTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:devopsguru:NotificationChannelNotificationMessageType" + }, + "description": "The events that you want to receive notifications for. For example, you can choose to receive notifications only when the severity level is upgraded or a new insight is created." + }, + "severities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:devopsguru:NotificationChannelInsightSeverity" + }, + "description": "The severity levels that you want to receive notifications for. For example, you can choose to receive notifications only for insights with `HIGH` and `MEDIUM` severity levels. For more information, see [Understanding insight severities](https://docs.aws.amazon.com/devops-guru/latest/userguide/working-with-insights.html#understanding-insights-severities) ." + } + } + }, + "aws-native:devopsguru:NotificationChannelNotificationMessageType": { + "type": "string" + }, + "aws-native:devopsguru:NotificationChannelSnsChannelConfig": { + "type": "object", + "properties": { + "topicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic." + } + } + }, + "aws-native:devopsguru:ResourceCollectionCloudFormationCollectionFilter": { + "type": "object", + "properties": { + "stackNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of CloudFormation stack names." + } + } + }, + "aws-native:devopsguru:ResourceCollectionFilter": { + "type": "object", + "properties": { + "cloudFormation": { + "$ref": "#/types/aws-native:devopsguru:ResourceCollectionCloudFormationCollectionFilter", + "description": "Information about AWS CloudFormation stacks. You can use up to 1000 stacks to specify which AWS resources in your account to analyze. For more information, see [Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html) in the *AWS CloudFormation User Guide* ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:devopsguru:ResourceCollectionTagCollection" + }, + "description": "The AWS tags used to filter the resources in the resource collection.\n\nTags help you identify and organize your AWS resources. Many AWS services support tagging, so you can assign the same tag to resources from different services to indicate that the resources are related. For example, you can assign the same tag to an Amazon DynamoDB table resource that you assign to an AWS Lambda function. For more information about using tags, see the [Tagging best practices](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-best-practices.html) whitepaper.\n\nEach AWS tag has two parts.\n\n- A tag *key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag *keys* are case-sensitive.\n- A field known as a tag *value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. The tag value is a required property when AppBoundaryKey is specified.\n\nTogether these are known as *key* - *value* pairs.\n\n\u003e The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` ." + } + } + }, + "aws-native:devopsguru:ResourceCollectionTagCollection": { + "type": "object", + "properties": { + "appBoundaryKey": { + "type": "string", + "description": "A Tag key for DevOps Guru app boundary." + }, + "tagValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Tag values of DevOps Guru app boundary." + } + } + }, + "aws-native:devopsguru:ResourceCollectionType": { + "type": "string" + }, + "aws-native:directoryservice:SimpleAdVpcSettings": { + "type": "object", + "properties": { + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets." + }, + "vpcId": { + "type": "string", + "description": "The identifier of the VPC in which to create the directory." + } + } + }, + "aws-native:dms:DataProviderDmsSslModeValue": { + "type": "string" + }, + "aws-native:dms:DataProviderEngine": { + "type": "string" + }, + "aws-native:dms:DataProviderTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:dms:InstanceProfileNetworkType": { + "type": "string" + }, + "aws-native:dms:InstanceProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:dms:MigrationProjectDataProviderDescriptor": { + "type": "object", + "properties": { + "dataProviderArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the data provider." + }, + "dataProviderIdentifier": { + "type": "string" + }, + "dataProviderName": { + "type": "string", + "description": "The user-friendly name of the data provider." + }, + "secretsManagerAccessRoleArn": { + "type": "string", + "description": "The ARN of the role used to access AWS Secrets Manager." + }, + "secretsManagerSecretId": { + "type": "string", + "description": "The identifier of the AWS Secrets Manager Secret used to store access credentials for the data provider." + } + } + }, + "aws-native:dms:MigrationProjectTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, , and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, , and -." + } + } + }, + "aws-native:dms:ReplicationConfigComputeConfig": { + "type": "object", + "properties": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone where the AWS DMS Serverless replication using this configuration will run. The default value is a random, system-chosen Availability Zone in the configuration's AWS Region , for example, `\"us-west-2\"` . You can't set this parameter if the `MultiAZ` parameter is set to `true` ." + }, + "dnsNameServers": { + "type": "string", + "description": "A list of custom DNS name servers supported for the AWS DMS Serverless replication to access your source or target database. This list overrides the default name servers supported by the AWS DMS Serverless replication. You can specify a comma-separated list of internet addresses for up to four DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`" + }, + "kmsKeyId": { + "type": "string", + "description": "An AWS Key Management Service ( AWS KMS ) key Amazon Resource Name (ARN) that is used to encrypt the data during AWS DMS Serverless replication.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your Amazon Web Services account. Your AWS account has a different default encryption key for each AWS Region ." + }, + "maxCapacityUnits": { + "type": "integer", + "description": "Specifies the maximum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the maximum value that you can specify for AWS DMS Serverless is 384. The `MaxCapacityUnits` parameter is the only DCU parameter you are required to specify." + }, + "minCapacityUnits": { + "type": "integer", + "description": "Specifies the minimum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the minimum DCU value that you can specify for AWS DMS Serverless is 1. If you don't set this value, AWS DMS sets this parameter to the minimum DCU value allowed, 1. If there is no current source activity, AWS DMS scales down your replication until it reaches the value specified in `MinCapacityUnits` ." + }, + "multiAz": { + "type": "boolean", + "description": "Specifies whether the AWS DMS Serverless replication is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to `true` ." + }, + "preferredMaintenanceWindow": { + "type": "string", + "description": "The weekly time range during which system maintenance can occur for the AWS DMS Serverless replication, in Universal Coordinated Time (UTC). The format is `ddd:hh24:mi-ddd:hh24:mi` .\n\nThe default is a 30-minute window selected at random from an 8-hour block of time per AWS Region . This maintenance occurs on a random day of the week. Valid values for days of the week include `Mon` , `Tue` , `Wed` , `Thu` , `Fri` , `Sat` , and `Sun` .\n\nConstraints include a minimum 30-minute window." + }, + "replicationSubnetGroupId": { + "type": "string", + "description": "Specifies a subnet group identifier to associate with the AWS DMS Serverless replication." + }, + "vpcSecurityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the virtual private cloud (VPC) security group to use with the AWS DMS Serverless replication. The VPC security group must work with the VPC containing the replication." + } + }, + "irreversibleNames": { + "multiAz": "MultiAZ" + } + }, + "aws-native:dms:ReplicationConfigReplicationType": { + "type": "string" + }, + "aws-native:dms:ReplicationConfigTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eTag key.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eTag value.\u003c/p\u003e" + } + } + }, + "aws-native:dms:SchemaConversionApplicationAttributesProperties": { + "type": "object", + "properties": { + "s3BucketPath": { + "type": "string" + }, + "s3BucketRoleArn": { + "type": "string" + } + }, + "irreversibleNames": { + "s3BucketPath": "S3BucketPath", + "s3BucketRoleArn": "S3BucketRoleArn" + } + }, + "aws-native:dms:SettingsProperties": { + "type": "object", + "properties": { + "microsoftSqlServerSettings": { + "$ref": "#/types/aws-native:dms:SettingsPropertiesMicrosoftSqlServerSettingsProperties", + "description": "MicrosoftSqlServerSettings property identifier." + }, + "mySqlSettings": { + "$ref": "#/types/aws-native:dms:SettingsPropertiesMySqlSettingsProperties", + "description": "MySqlSettings property identifier." + }, + "oracleSettings": { + "$ref": "#/types/aws-native:dms:SettingsPropertiesOracleSettingsProperties", + "description": "OracleSettings property identifier." + }, + "postgreSqlSettings": { + "$ref": "#/types/aws-native:dms:SettingsPropertiesPostgreSqlSettingsProperties", + "description": "PostgreSqlSettings property identifier." + } + } + }, + "aws-native:dms:SettingsPropertiesMicrosoftSqlServerSettingsProperties": { + "type": "object", + "properties": { + "certificateArn": { + "type": "string" + }, + "databaseName": { + "type": "string" + }, + "port": { + "type": "integer" + }, + "serverName": { + "type": "string" + }, + "sslMode": { + "$ref": "#/types/aws-native:dms:DataProviderDmsSslModeValue" + } + } + }, + "aws-native:dms:SettingsPropertiesMySqlSettingsProperties": { + "type": "object", + "properties": { + "certificateArn": { + "type": "string" + }, + "port": { + "type": "integer" + }, + "serverName": { + "type": "string" + }, + "sslMode": { + "$ref": "#/types/aws-native:dms:DataProviderDmsSslModeValue" + } + } + }, + "aws-native:dms:SettingsPropertiesOracleSettingsProperties": { + "type": "object", + "properties": { + "asmServer": { + "type": "string" + }, + "certificateArn": { + "type": "string" + }, + "databaseName": { + "type": "string" + }, + "port": { + "type": "integer" + }, + "secretsManagerOracleAsmAccessRoleArn": { + "type": "string" + }, + "secretsManagerOracleAsmSecretId": { + "type": "string" + }, + "secretsManagerSecurityDbEncryptionAccessRoleArn": { + "type": "string" + }, + "secretsManagerSecurityDbEncryptionSecretId": { + "type": "string" + }, + "serverName": { + "type": "string" + }, + "sslMode": { + "$ref": "#/types/aws-native:dms:DataProviderDmsSslModeValue" + } + } + }, + "aws-native:dms:SettingsPropertiesPostgreSqlSettingsProperties": { + "type": "object", + "properties": { + "certificateArn": { + "type": "string" + }, + "databaseName": { + "type": "string" + }, + "port": { + "type": "integer" + }, + "serverName": { + "type": "string" + }, + "sslMode": { + "$ref": "#/types/aws-native:dms:DataProviderDmsSslModeValue" + } + } + }, + "aws-native:docdbelastic:ClusterTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:dynamodb:GlobalTableAttributeDefinition": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "A name for the attribute." + }, + "attributeType": { + "type": "string", + "description": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary" + } + } + }, + "aws-native:dynamodb:GlobalTableCapacityAutoScalingSettings": { + "type": "object", + "properties": { + "maxCapacity": { + "type": "integer", + "description": "The maximum provisioned capacity units for the global table." + }, + "minCapacity": { + "type": "integer", + "description": "The minimum provisioned capacity units for the global table." + }, + "seedCapacity": { + "type": "integer", + "description": "When switching billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , DynamoDB requires you to specify read and write capacity unit values for the table and for each global secondary index. These values will be applied to all replicas. The table will use these provisioned values until CloudFormation creates the autoscaling policies you configured in your template. CloudFormation cannot determine what capacity the table and its global secondary indexes will require in this time period, since they are application-dependent.\n\nIf you want to switch a table's billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , you must specify a value for this property for each autoscaled resource. If you specify different values for the same resource in different regions, CloudFormation will use the highest value found in either the `SeedCapacity` or `ReadCapacityUnits` properties. For example, if your global secondary index `myGSI` has a `SeedCapacity` of 10 in us-east-1 and a fixed `ReadCapacityUnits` of 20 in eu-west-1, CloudFormation will initially set the read capacity for `myGSI` to 20. Note that if you disable `ScaleIn` for `myGSI` in us-east-1, its read capacity units might not be set back to 10.\n\nYou must also specify a value for `SeedCapacity` when you plan to switch a table's billing mode from `PROVISIONED` to `PAY_PER_REQUEST` , because CloudFormation might need to roll back the operation (reverting the billing mode to `PROVISIONED` ) and this cannot succeed without specifying a value for `SeedCapacity` ." + }, + "targetTrackingScalingPolicyConfiguration": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableTargetTrackingScalingPolicyConfiguration", + "description": "Defines a target tracking scaling policy." + } + } + }, + "aws-native:dynamodb:GlobalTableContributorInsightsSpecification": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false)." + } + } + }, + "aws-native:dynamodb:GlobalTableGlobalSecondaryIndex": { + "type": "object", + "properties": { + "indexName": { + "type": "string", + "description": "The name of the global secondary index. The name must be unique among all other indexes on this table." + }, + "keySchema": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableKeySchema" + }, + "description": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n\u003e The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n\u003e \n\u003e The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value." + }, + "projection": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableProjection", + "description": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected." + }, + "writeOnDemandThroughputSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableWriteOnDemandThroughputSettings", + "description": "Sets the write request settings for a global table or a global secondary index. You must specify this setting if you set the `BillingMode` to `PAY_PER_REQUEST` ." + }, + "writeProvisionedThroughputSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableWriteProvisionedThroughputSettings", + "description": "Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index." + } + } + }, + "aws-native:dynamodb:GlobalTableKeySchema": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "The name of a key attribute." + }, + "keyType": { + "type": "string", + "description": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n\u003e The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n\u003e \n\u003e The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value." + } + } + }, + "aws-native:dynamodb:GlobalTableKinesisStreamSpecification": { + "type": "object", + "properties": { + "approximateCreationDateTimePrecision": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableKinesisStreamSpecificationApproximateCreationDateTimePrecision", + "description": "The precision for the time and date that the stream was created." + }, + "streamArn": { + "type": "string", + "description": "The ARN for a specific Kinesis data stream." + } + } + }, + "aws-native:dynamodb:GlobalTableKinesisStreamSpecificationApproximateCreationDateTimePrecision": { + "type": "string" + }, + "aws-native:dynamodb:GlobalTableLocalSecondaryIndex": { + "type": "object", + "properties": { + "indexName": { + "type": "string", + "description": "The name of the local secondary index. The name must be unique among all other indexes on this table." + }, + "keySchema": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableKeySchema" + }, + "description": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n\u003e The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n\u003e \n\u003e The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value." + }, + "projection": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableProjection", + "description": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected." + } + } + }, + "aws-native:dynamodb:GlobalTablePointInTimeRecoverySpecification": { + "type": "object", + "properties": { + "pointInTimeRecoveryEnabled": { + "type": "boolean", + "description": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table." + } + } + }, + "aws-native:dynamodb:GlobalTableProjection": { + "type": "object", + "properties": { + "nonKeyAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Represents the non-key attribute names which will be projected into the index.\n\nFor local secondary indexes, the total count of `NonKeyAttributes` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total." + }, + "projectionType": { + "type": "string", + "description": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default." + } + } + }, + "aws-native:dynamodb:GlobalTableReadOnDemandThroughputSettings": { + "type": "object", + "properties": { + "maxReadRequestUnits": { + "type": "integer", + "description": "Maximum number of read request units for the specified replica of a global table." + } + } + }, + "aws-native:dynamodb:GlobalTableReadProvisionedThroughputSettings": { + "type": "object", + "properties": { + "readCapacityAutoScalingSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableCapacityAutoScalingSettings", + "description": "Specifies auto scaling settings for the replica table or global secondary index." + }, + "readCapacityUnits": { + "type": "integer", + "description": "Specifies a fixed read capacity for the replica table or global secondary index." + } + } + }, + "aws-native:dynamodb:GlobalTableReplicaGlobalSecondaryIndexSpecification": { + "type": "object", + "properties": { + "contributorInsightsSpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableContributorInsightsSpecification", + "description": "Updates the status for contributor insights for a specific table or index. CloudWatch Contributor Insights for DynamoDB graphs display the partition key and (if applicable) sort key of frequently accessed items and frequently throttled items in plaintext. If you require the use of AWS Key Management Service (KMS) to encrypt this table’s partition key and sort key data with an AWS managed key or customer managed key, you should not enable CloudWatch Contributor Insights for DynamoDB for this table." + }, + "indexName": { + "type": "string", + "description": "The name of the global secondary index. The name must be unique among all other indexes on this table." + }, + "readOnDemandThroughputSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableReadOnDemandThroughputSettings", + "description": "Sets the read request settings for a replica global secondary index. You must specify this setting if you set the `BillingMode` to `PAY_PER_REQUEST` ." + }, + "readProvisionedThroughputSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableReadProvisionedThroughputSettings", + "description": "Allows you to specify the read capacity settings for a replica global secondary index when the `BillingMode` is set to `PROVISIONED` ." + } + } + }, + "aws-native:dynamodb:GlobalTableReplicaSpecification": { + "type": "object", + "properties": { + "contributorInsightsSpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableContributorInsightsSpecification", + "description": "The settings used to enable or disable CloudWatch Contributor Insights for the specified replica. When not specified, defaults to contributor insights disabled for the replica." + }, + "deletionProtectionEnabled": { + "type": "boolean", + "description": "Determines if a replica is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* ." + }, + "globalSecondaryIndexes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableReplicaGlobalSecondaryIndexSpecification" + }, + "description": "Defines additional settings for the global secondary indexes of this replica." + }, + "kinesisStreamSpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableKinesisStreamSpecification", + "description": "Defines the Kinesis Data Streams configuration for the specified replica." + }, + "pointInTimeRecoverySpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTablePointInTimeRecoverySpecification", + "description": "The settings used to enable point in time recovery. When not specified, defaults to point in time recovery disabled for the replica." + }, + "readOnDemandThroughputSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableReadOnDemandThroughputSettings", + "description": "Sets read request settings for the replica table." + }, + "readProvisionedThroughputSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableReadProvisionedThroughputSettings", + "description": "Defines read capacity settings for the replica table." + }, + "region": { + "type": "string", + "description": "The region in which this replica exists." + }, + "replicaStreamSpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableReplicaStreamSpecification", + "description": "Represents the DynamoDB Streams configuration for a global table replica." + }, + "resourcePolicy": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableResourcePolicy", + "description": "A resource-based policy document that contains permissions to add to the specified replica of a DynamoDB global table. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) ." + }, + "sseSpecification": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableReplicaSseSpecification", + "description": "Allows you to specify a customer-managed key for the replica. When using customer-managed keys for server-side encryption, this property must have a value in all replicas." + }, + "tableClass": { + "type": "string", + "description": "The table class of the specified table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableTag" + }, + "description": "An array of key-value pairs to apply to this replica.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) ." + } + }, + "irreversibleNames": { + "sseSpecification": "SSESpecification" + } + }, + "aws-native:dynamodb:GlobalTableReplicaSseSpecification": { + "type": "object", + "properties": { + "kmsMasterKeyId": { + "type": "string", + "description": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` ." + } + }, + "irreversibleNames": { + "kmsMasterKeyId": "KMSMasterKeyId" + } + }, + "aws-native:dynamodb:GlobalTableReplicaStreamSpecification": { + "type": "object", + "properties": { + "resourcePolicy": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableResourcePolicy", + "description": "A resource-based policy document that contains the permissions for the specified stream of a DynamoDB global table replica. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nYou can update the `ResourcePolicy` property if you've specified more than one table using the [AWS ::DynamoDB::GlobalTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html) resource." + } + } + }, + "aws-native:dynamodb:GlobalTableResourcePolicy": { + "type": "object", + "properties": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, its indexes, and stream. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) ." + } + } + }, + "aws-native:dynamodb:GlobalTableSseSpecification": { + "type": "object", + "properties": { + "sseEnabled": { + "type": "boolean", + "description": "Indicates whether server-side encryption is performed using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified,server-side encryption is set to an AWS owned key. If you choose to use KMS encryption, you can also use customer managed KMS keys by specifying them in the `ReplicaSpecification.SSESpecification` object. You cannot mix AWS managed and customer managed KMS keys." + }, + "sseType": { + "type": "string", + "description": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply)." + } + }, + "irreversibleNames": { + "sseEnabled": "SSEEnabled", + "sseType": "SSEType" + } + }, + "aws-native:dynamodb:GlobalTableStreamSpecification": { + "type": "object", + "properties": { + "streamViewType": { + "type": "string", + "description": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream." + } + } + }, + "aws-native:dynamodb:GlobalTableTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag. Tag keys are case sensitive. Each DynamoDB table can only have up to one tag with the same key. If you try to add an existing tag (same key), the existing tag value will be updated to the new value." + }, + "value": { + "type": "string", + "description": "The value of the tag. Tag values are case-sensitive and can be null." + } + } + }, + "aws-native:dynamodb:GlobalTableTargetTrackingScalingPolicyConfiguration": { + "type": "object", + "properties": { + "disableScaleIn": { + "type": "boolean", + "description": "Indicates whether scale in by the target tracking scaling policy is disabled. The default value is `false` ." + }, + "scaleInCooldown": { + "type": "integer", + "description": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start." + }, + "scaleOutCooldown": { + "type": "integer", + "description": "The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start." + }, + "targetValue": { + "type": "number", + "description": "Defines a target value for the scaling policy." + } + } + }, + "aws-native:dynamodb:GlobalTableTimeToLiveSpecification": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "The name of the attribute used to store the expiration time for items in the table.\n\nCurrently, you cannot directly change the attribute name used to evaluate time to live. In order to do so, you must first disable time to live, and then re-enable it with the new attribute name. It can take up to one hour for changes to time to live to take effect. If you attempt to modify time to live within that time window, your stack operation might be delayed." + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table." + } + } + }, + "aws-native:dynamodb:GlobalTableWriteOnDemandThroughputSettings": { + "type": "object", + "properties": { + "maxWriteRequestUnits": { + "type": "integer", + "description": "Maximum number of write request settings for the specified replica of a global table." + } + } + }, + "aws-native:dynamodb:GlobalTableWriteProvisionedThroughputSettings": { + "type": "object", + "properties": { + "writeCapacityAutoScalingSettings": { + "$ref": "#/types/aws-native:dynamodb:GlobalTableCapacityAutoScalingSettings", + "description": "Specifies auto scaling settings for the replica table or global secondary index." + } + } + }, + "aws-native:dynamodb:TableAttributeDefinition": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "A name for the attribute." + }, + "attributeType": { + "type": "string", + "description": "The data type for the attribute, where:\n + ``S`` - the attribute is of type String\n + ``N`` - the attribute is of type Number\n + ``B`` - the attribute is of type Binary" + } + } + }, + "aws-native:dynamodb:TableContributorInsightsSpecification": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false)." + } + } + }, + "aws-native:dynamodb:TableCsv": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "The delimiter used for separating items in the CSV file being imported." + }, + "headerList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header." + } + } + }, + "aws-native:dynamodb:TableGlobalSecondaryIndex": { + "type": "object", + "properties": { + "contributorInsightsSpecification": { + "$ref": "#/types/aws-native:dynamodb:TableContributorInsightsSpecification", + "description": "The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index." + }, + "indexName": { + "type": "string", + "description": "The name of the global secondary index. The name must be unique among all other indexes on this table." + }, + "keySchema": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:TableKeySchema" + }, + "description": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n + ``HASH`` - partition key\n + ``RANGE`` - sort key\n \n The partition key of an item is also known as its *hash attribute*. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n The sort key of an item is also known as its *range attribute*. The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value." + }, + "onDemandThroughput": { + "$ref": "#/types/aws-native:dynamodb:TableOnDemandThroughput", + "description": "The maximum number of read and write units for the specified global secondary index. If you use this parameter, you must specify ``MaxReadRequestUnits``, ``MaxWriteRequestUnits``, or both." + }, + "projection": { + "$ref": "#/types/aws-native:dynamodb:TableProjection", + "description": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected." + }, + "provisionedThroughput": { + "$ref": "#/types/aws-native:dynamodb:TableProvisionedThroughput", + "description": "Represents the provisioned throughput settings for the specified global secondary index.\n For current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide*." + } + } + }, + "aws-native:dynamodb:TableImportSourceSpecification": { + "type": "object", + "properties": { + "inputCompressionType": { + "type": "string", + "description": "Type of compression to be used on the input coming from the imported table." + }, + "inputFormat": { + "type": "string", + "description": "The format of the source data. Valid values for ``ImportFormat`` are ``CSV``, ``DYNAMODB_JSON`` or ``ION``." + }, + "inputFormatOptions": { + "$ref": "#/types/aws-native:dynamodb:TableInputFormatOptions", + "description": "Additional properties that specify how the input is formatted," + }, + "s3BucketSource": { + "$ref": "#/types/aws-native:dynamodb:TableS3BucketSource", + "description": "The S3 bucket that provides the source for the import." + } + }, + "irreversibleNames": { + "s3BucketSource": "S3BucketSource" + } + }, + "aws-native:dynamodb:TableInputFormatOptions": { + "type": "object", + "properties": { + "csv": { + "$ref": "#/types/aws-native:dynamodb:TableCsv", + "description": "The options for imported source files in CSV format. The values are Delimiter and HeaderList." + } + } + }, + "aws-native:dynamodb:TableKeySchema": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "The name of a key attribute." + }, + "keyType": { + "type": "string", + "description": "The role that this key attribute will assume:\n + ``HASH`` - partition key\n + ``RANGE`` - sort key\n \n The partition key of an item is also known as its *hash attribute*. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n The sort key of an item is also known as its *range attribute*. The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value." + } + } + }, + "aws-native:dynamodb:TableKinesisStreamSpecification": { + "type": "object", + "properties": { + "approximateCreationDateTimePrecision": { + "$ref": "#/types/aws-native:dynamodb:TableKinesisStreamSpecificationApproximateCreationDateTimePrecision", + "description": "The precision for the time and date that the stream was created." + }, + "streamArn": { + "type": "string", + "description": "The ARN for a specific Kinesis data stream.\n Length Constraints: Minimum length of 37. Maximum length of 1024." + } + } + }, + "aws-native:dynamodb:TableKinesisStreamSpecificationApproximateCreationDateTimePrecision": { + "type": "string" + }, + "aws-native:dynamodb:TableLocalSecondaryIndex": { + "type": "object", + "properties": { + "indexName": { + "type": "string", + "description": "The name of the local secondary index. The name must be unique among all other indexes on this table." + }, + "keySchema": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:dynamodb:TableKeySchema" + }, + "description": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n + ``HASH`` - partition key\n + ``RANGE`` - sort key\n \n The partition key of an item is also known as its *hash attribute*. The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n The sort key of an item is also known as its *range attribute*. The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value." + }, + "projection": { + "$ref": "#/types/aws-native:dynamodb:TableProjection", + "description": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected." + } + } + }, + "aws-native:dynamodb:TableOnDemandThroughput": { + "type": "object", + "properties": { + "maxReadRequestUnits": { + "type": "integer", + "description": "Maximum number of read request units for the specified table.\n To specify a maximum ``OnDemandThroughput`` on your table, set the value of ``MaxReadRequestUnits`` as greater than or equal to 1. To remove the maximum ``OnDemandThroughput`` that is currently set on your table, set the value of ``MaxReadRequestUnits`` to -1." + }, + "maxWriteRequestUnits": { + "type": "integer", + "description": "Maximum number of write request units for the specified table.\n To specify a maximum ``OnDemandThroughput`` on your table, set the value of ``MaxWriteRequestUnits`` as greater than or equal to 1. To remove the maximum ``OnDemandThroughput`` that is currently set on your table, set the value of ``MaxWriteRequestUnits`` to -1." + } + } + }, + "aws-native:dynamodb:TablePointInTimeRecoverySpecification": { + "type": "object", + "properties": { + "pointInTimeRecoveryEnabled": { + "type": "boolean", + "description": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table." + } + } + }, + "aws-native:dynamodb:TableProjection": { + "type": "object", + "properties": { + "nonKeyAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Represents the non-key attribute names which will be projected into the index.\n For local secondary indexes, the total count of ``NonKeyAttributes`` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total." + }, + "projectionType": { + "type": "string", + "description": "The set of attributes that are projected into the index:\n + ``KEYS_ONLY`` - Only the index and primary keys are projected into the index.\n + ``INCLUDE`` - In addition to the attributes described in ``KEYS_ONLY``, the secondary index will include other non-key attributes that you specify.\n + ``ALL`` - All of the table attributes are projected into the index.\n \n When using the DynamoDB console, ``ALL`` is selected by default." + } + } + }, + "aws-native:dynamodb:TableProvisionedThroughput": { + "type": "object", + "properties": { + "readCapacityUnits": { + "type": "integer", + "description": "The maximum number of strongly consistent reads consumed per second before DynamoDB returns a ``ThrottlingException``. For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide*.\n If read/write capacity mode is ``PAY_PER_REQUEST`` the value is set to 0." + }, + "writeCapacityUnits": { + "type": "integer", + "description": "The maximum number of writes consumed per second before DynamoDB returns a ``ThrottlingException``. For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide*.\n If read/write capacity mode is ``PAY_PER_REQUEST`` the value is set to 0." + } + } + }, + "aws-native:dynamodb:TableResourcePolicy": { + "type": "object", + "properties": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "A resource-based policy document that contains permissions to add to the specified DDB table, index, or both. In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html)." + } + } + }, + "aws-native:dynamodb:TableS3BucketSource": { + "type": "object", + "properties": { + "s3Bucket": { + "type": "string", + "description": "The S3 bucket that is being imported from." + }, + "s3BucketOwner": { + "type": "string", + "description": "The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional." + }, + "s3KeyPrefix": { + "type": "string", + "description": "The key prefix shared by all S3 Objects that are being imported." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3BucketOwner": "S3BucketOwner", + "s3KeyPrefix": "S3KeyPrefix" + } + }, + "aws-native:dynamodb:TableSseSpecification": { + "type": "object", + "properties": { + "kmsMasterKeyId": { + "type": "string", + "description": "The KMS key that should be used for the KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key ``alias/aws/dynamodb``." + }, + "sseEnabled": { + "type": "boolean", + "description": "Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to ``KMS`` and an AWS managed key is used (KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key." + }, + "sseType": { + "type": "string", + "description": "Server-side encryption type. The only supported value is:\n + ``KMS`` - Server-side encryption that uses KMSlong. The key is stored in your account and is managed by KMS (KMS charges apply)." + } + }, + "irreversibleNames": { + "kmsMasterKeyId": "KMSMasterKeyId", + "sseEnabled": "SSEEnabled", + "sseType": "SSEType" + } + }, + "aws-native:dynamodb:TableStreamSpecification": { + "type": "object", + "properties": { + "resourcePolicy": { + "$ref": "#/types/aws-native:dynamodb:TableResourcePolicy", + "description": "Creates or updates a resource-based policy document that contains the permissions for DDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html)." + }, + "streamViewType": { + "type": "string", + "description": "When an item in the table is modified, ``StreamViewType`` determines what information is written to the stream for this table. Valid values for ``StreamViewType`` are:\n + ``KEYS_ONLY`` - Only the key attributes of the modified item are written to the stream.\n + ``NEW_IMAGE`` - The entire item, as it appears after it was modified, is written to the stream.\n + ``OLD_IMAGE`` - The entire item, as it appeared before it was modified, is written to the stream.\n + ``NEW_AND_OLD_IMAGES`` - Both the new and the old item images of the item are written to the stream." + } + } + }, + "aws-native:dynamodb:TableTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag. Tag keys are case sensitive. Each DynamoDB table can only have up to one tag with the same key. If you try to add an existing tag (same key), the existing tag value will be updated to the new value." + }, + "value": { + "type": "string", + "description": "The value of the tag. Tag values are case-sensitive and can be null." + } + } + }, + "aws-native:dynamodb:TableTimeToLiveSpecification": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "The name of the TTL attribute used to store the expiration time for items in the table.\n + The ``AttributeName`` property is required when enabling the TTL, or when TTL is already enabled.\n + To update this property, you must first disable TTL and then enable TTL with the new attribute name." + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table." + } + } + }, + "aws-native:ec2:CapacityReservationFleetInstanceMatchCriteria": { + "type": "string" + }, + "aws-native:ec2:CapacityReservationFleetInstanceTypeSpecification": { + "type": "object", + "properties": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone." + }, + "availabilityZoneId": { + "type": "string", + "description": "The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone." + }, + "ebsOptimized": { + "type": "boolean", + "description": "Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using EBS-optimized instance types." + }, + "instancePlatform": { + "type": "string", + "description": "The type of operating system for which the Capacity Reservation Fleet reserves capacity." + }, + "instanceType": { + "type": "string", + "description": "The instance type for which the Capacity Reservation Fleet reserves capacity." + }, + "priority": { + "type": "integer", + "description": "The priority to assign to the instance type. This value is used to determine which of the instance types specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more information, see [Instance type priority](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#instance-priority) in the *Amazon EC2 User Guide* ." + }, + "weight": { + "type": "number", + "description": "The number of capacity units provided by the specified instance type. This value, together with the total target capacity that you specify for the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the Amazon EC2 User Guide.\n\nValid Range: Minimum value of `0.001` . Maximum value of `99.999` ." + } + } + }, + "aws-native:ec2:CapacityReservationFleetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:CapacityReservationFleetTagSpecification": { + "type": "object", + "properties": { + "resourceType": { + "type": "string", + "description": "The type of resource to tag on creation. Specify `capacity-reservation-fleet` .\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:CapacityReservationFleetTag" + }, + "description": "The tags to apply to the resource." + } + } + }, + "aws-native:ec2:CapacityReservationFleetTenancy": { + "type": "string" + }, + "aws-native:ec2:CapacityReservationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag.\n\nConstraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with `aws:` ." + }, + "value": { + "type": "string", + "description": "The value of the tag.\n\nConstraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters." + } + } + }, + "aws-native:ec2:CapacityReservationTagSpecification": { + "type": "object", + "properties": { + "resourceType": { + "type": "string", + "description": "The type of resource to tag. Specify `capacity-reservation` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:CapacityReservationTag" + }, + "description": "The tags to apply to the resource." + } + } + }, + "aws-native:ec2:CarrierGatewayTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:ec2:CpuOptionsProperties": { + "type": "object", + "properties": { + "coreCount": { + "type": "integer", + "description": "The number of CPU cores for the instance." + }, + "threadsPerCore": { + "type": "integer", + "description": "The number of threads per CPU core." + } + } + }, + "aws-native:ec2:CreditSpecificationProperties": { + "type": "object", + "properties": { + "cpuCredits": { + "type": "string", + "description": "The credit option for CPU usage of the instance.\n\nValid values: `standard` | `unlimited`\n\nT3 instances with `host` tenancy do not support the `unlimited` CPU credit option." + } + }, + "irreversibleNames": { + "cpuCredits": "CPUCredits" + } + }, + "aws-native:ec2:CustomerGatewayTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:DestinationOptionsProperties": { + "type": "object", + "properties": { + "fileFormat": { + "$ref": "#/types/aws-native:ec2:FlowLogDestinationOptionsPropertiesFileFormat", + "description": "The format for the flow log. The default is `plain-text` ." + }, + "hiveCompatiblePartitions": { + "type": "boolean", + "description": "Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. The default is `false` ." + }, + "perHourPartition": { + "type": "boolean", + "description": "Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. The default is `false` ." + } + } + }, + "aws-native:ec2:DhcpOptionsTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:Ec2FleetAcceleratorCountRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` ." + }, + "min": { + "type": "integer", + "description": "The minimum number of accelerators. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:Ec2FleetAcceleratorTotalMemoryMiBRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:Ec2FleetBaselineEbsBandwidthMbpsRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:Ec2FleetCapacityRebalance": { + "type": "object", + "properties": { + "replacementStrategy": { + "$ref": "#/types/aws-native:ec2:Ec2FleetCapacityRebalanceReplacementStrategy", + "description": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. EC2 Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification." + }, + "terminationDelay": { + "type": "integer", + "description": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds." + } + } + }, + "aws-native:ec2:Ec2FleetCapacityRebalanceReplacementStrategy": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetCapacityReservationOptionsRequest": { + "type": "object", + "properties": { + "usageStrategy": { + "$ref": "#/types/aws-native:ec2:Ec2FleetCapacityReservationOptionsRequestUsageStrategy", + "description": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` or `prioritized` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` or `prioritized` ).\n\nIf you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy." + } + } + }, + "aws-native:ec2:Ec2FleetCapacityReservationOptionsRequestUsageStrategy": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetExcessCapacityTerminationPolicy": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetFleetLaunchTemplateConfigRequest": { + "type": "object", + "properties": { + "launchTemplateSpecification": { + "$ref": "#/types/aws-native:ec2:Ec2FleetFleetLaunchTemplateSpecificationRequest", + "description": "The launch template to use. You must specify either the launch template ID or launch template name in the request." + }, + "overrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetFleetLaunchTemplateOverridesRequest" + }, + "description": "Any parameters that you specify override the same parameters in the launch template.\n\nFor fleets of type `request` and `maintain` , a maximum of 300 items is allowed across all launch templates." + } + } + }, + "aws-native:ec2:Ec2FleetFleetLaunchTemplateOverridesRequest": { + "type": "object", + "properties": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to launch the instances." + }, + "instanceRequirements": { + "$ref": "#/types/aws-native:ec2:Ec2FleetInstanceRequirementsRequest", + "description": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n\u003e If you specify `InstanceRequirements` , you can't specify `InstanceType` ." + }, + "instanceType": { + "type": "string", + "description": "The instance type.\n\n`mac1.metal` is not supported as a launch template override.\n\n\u003e If you specify `InstanceType` , you can't specify `InstanceRequirements` ." + }, + "maxPrice": { + "type": "string", + "description": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n\u003e If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter." + }, + "placement": { + "$ref": "#/types/aws-native:ec2:Ec2FleetPlacement", + "description": "The location where the instance launched, if applicable." + }, + "priority": { + "type": "number", + "description": "The priority for the launch template override. The highest priority is launched first.\n\nIf the On-Demand `AllocationStrategy` is set to `prioritized` , EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacity-optimized-prioritized` , EC2 Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides." + }, + "subnetId": { + "type": "string", + "description": "The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, `subnet-1234abcdeexample1, subnet-0987cdef6example2` ). A request of type `instant` can have only one subnet ID." + }, + "weightedCapacity": { + "type": "number", + "description": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n\u003e When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour." + } + } + }, + "aws-native:ec2:Ec2FleetFleetLaunchTemplateSpecificationRequest": { + "type": "object", + "properties": { + "launchTemplateId": { + "type": "string", + "description": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both." + }, + "launchTemplateName": { + "type": "string", + "description": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both." + }, + "version": { + "type": "string", + "description": "The launch template version number, `$Latest` , or `$Default` . You must specify a value, otherwise the request fails.\n\nIf the value is `$Latest` , Amazon EC2 uses the latest version of the launch template.\n\nIf the value is `$Default` , Amazon EC2 uses the default version of the launch template." + } + } + }, + "aws-native:ec2:Ec2FleetInstanceRequirementsRequest": { + "type": "object", + "properties": { + "acceleratorCount": { + "$ref": "#/types/aws-native:ec2:Ec2FleetAcceleratorCountRequest", + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits" + }, + "acceleratorManufacturers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetInstanceRequirementsRequestAcceleratorManufacturersItem" + }, + "description": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer" + }, + "acceleratorNames": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetInstanceRequirementsRequestAcceleratorNamesItem" + }, + "description": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator" + }, + "acceleratorTotalMemoryMiB": { + "$ref": "#/types/aws-native:ec2:Ec2FleetAcceleratorTotalMemoryMiBRequest", + "description": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits" + }, + "acceleratorTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetInstanceRequirementsRequestAcceleratorTypesItem" + }, + "description": "The accelerator types that must be on the instance type.\n\n- To include instance types with GPU hardware, specify `gpu` .\n- To include instance types with FPGA hardware, specify `fpga` .\n- To include instance types with inference hardware, specify `inference` .\n\nDefault: Any accelerator type" + }, + "allowedInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n\u003e If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types" + }, + "bareMetal": { + "$ref": "#/types/aws-native:ec2:Ec2FleetInstanceRequirementsRequestBareMetal", + "description": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`" + }, + "baselineEbsBandwidthMbps": { + "$ref": "#/types/aws-native:ec2:Ec2FleetBaselineEbsBandwidthMbpsRequest", + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS–optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits" + }, + "burstablePerformance": { + "$ref": "#/types/aws-native:ec2:Ec2FleetInstanceRequirementsRequestBurstablePerformance", + "description": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`" + }, + "cpuManufacturers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetInstanceRequirementsRequestCpuManufacturersItem" + }, + "description": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n\n\u003e Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer" + }, + "excludedInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n\u003e If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types" + }, + "instanceGenerations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetInstanceRequirementsRequestInstanceGenerationsItem" + }, + "description": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types" + }, + "localStorage": { + "$ref": "#/types/aws-native:ec2:Ec2FleetInstanceRequirementsRequestLocalStorage", + "description": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`" + }, + "localStorageTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetInstanceRequirementsRequestLocalStorageTypesItem" + }, + "description": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`" + }, + "maxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n\u003e Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` ." + }, + "memoryGiBPerVCpu": { + "$ref": "#/types/aws-native:ec2:Ec2FleetMemoryGiBPerVCpuRequest", + "description": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits" + }, + "memoryMiB": { + "$ref": "#/types/aws-native:ec2:Ec2FleetMemoryMiBRequest", + "description": "The minimum and maximum amount of memory, in MiB." + }, + "networkBandwidthGbps": { + "$ref": "#/types/aws-native:ec2:Ec2FleetNetworkBandwidthGbpsRequest", + "description": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits" + }, + "networkInterfaceCount": { + "$ref": "#/types/aws-native:ec2:Ec2FleetNetworkInterfaceCountRequest", + "description": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits" + }, + "onDemandMaxPricePercentageOverLowestPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n\u003e If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`" + }, + "requireHibernateSupport": { + "type": "boolean", + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`" + }, + "spotMaxPricePercentageOverLowestPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n\u003e Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`" + }, + "totalLocalStorageGb": { + "$ref": "#/types/aws-native:ec2:Ec2FleetTotalLocalStorageGbRequest", + "description": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits" + }, + "vCpuCount": { + "$ref": "#/types/aws-native:ec2:Ec2FleetVCpuCountRangeRequest", + "description": "The minimum and maximum number of vCPUs." + } + }, + "irreversibleNames": { + "totalLocalStorageGb": "TotalLocalStorageGB" + } + }, + "aws-native:ec2:Ec2FleetInstanceRequirementsRequestAcceleratorManufacturersItem": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetInstanceRequirementsRequestAcceleratorNamesItem": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetInstanceRequirementsRequestAcceleratorTypesItem": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetInstanceRequirementsRequestBareMetal": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetInstanceRequirementsRequestBurstablePerformance": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetInstanceRequirementsRequestCpuManufacturersItem": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetInstanceRequirementsRequestInstanceGenerationsItem": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetInstanceRequirementsRequestLocalStorage": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetInstanceRequirementsRequestLocalStorageTypesItem": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetMaintenanceStrategies": { + "type": "object", + "properties": { + "capacityRebalance": { + "$ref": "#/types/aws-native:ec2:Ec2FleetCapacityRebalance", + "description": "The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted." + } + } + }, + "aws-native:ec2:Ec2FleetMemoryGiBPerVCpuRequest": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "number", + "description": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:Ec2FleetMemoryMiBRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` ." + } + } + }, + "aws-native:ec2:Ec2FleetNetworkBandwidthGbpsRequest": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "number", + "description": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:Ec2FleetNetworkInterfaceCountRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:Ec2FleetOnDemandOptionsRequest": { + "type": "object", + "properties": { + "allocationStrategy": { + "type": "string", + "description": "The strategy that determines the order of the launch template overrides to use in fulfilling On-Demand capacity.\n\n`lowest-price` - EC2 Fleet uses price to determine the order, launching the lowest price first.\n\n`prioritized` - EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first.\n\nDefault: `lowest-price`" + }, + "capacityReservationOptions": { + "$ref": "#/types/aws-native:ec2:Ec2FleetCapacityReservationOptionsRequest", + "description": "The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.\n\nSupported only for fleets of type `instant` ." + }, + "maxTotalPrice": { + "type": "string", + "description": "The maximum amount per hour for On-Demand Instances that you're willing to pay.\n\n\u003e If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* ." + }, + "minTargetCapacity": { + "type": "integer", + "description": "The minimum target capacity for On-Demand Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`" + }, + "singleAvailabilityZone": { + "type": "boolean", + "description": "Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` ." + }, + "singleInstanceType": { + "type": "boolean", + "description": "Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.\n\nSupported only for fleets of type `instant` ." + } + } + }, + "aws-native:ec2:Ec2FleetPlacement": { + "type": "object", + "properties": { + "affinity": { + "type": "string", + "description": "The affinity setting for the instance on the Dedicated Host.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) ." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) ." + }, + "groupName": { + "type": "string", + "description": "The name of the placement group that the instance is in. If you specify `GroupName` , you can't specify `GroupId` ." + }, + "hostId": { + "type": "string", + "description": "The ID of the Dedicated Host on which the instance resides.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) ." + }, + "hostResourceGroupArn": { + "type": "string", + "description": "The ARN of the host resource group in which to launch the instances.\n\nIf you specify this parameter, either omit the *Tenancy* parameter or set it to `host` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) ." + }, + "partitionNumber": { + "type": "integer", + "description": "The number of the partition that the instance is in. Valid only if the placement group strategy is set to `partition` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) ." + }, + "spreadDomain": { + "type": "string", + "description": "Reserved for future use." + }, + "tenancy": { + "type": "string", + "description": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . The `host` tenancy is not supported for [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) or for T3 instances that are configured for the `unlimited` CPU credit option." + } + } + }, + "aws-native:ec2:Ec2FleetSpotOptionsRequest": { + "type": "object", + "properties": { + "allocationStrategy": { + "$ref": "#/types/aws-native:ec2:Ec2FleetSpotOptionsRequestAllocationStrategy", + "description": "Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.\n\nIf the allocation strategy is `lowestPrice` , EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.\n\nIf the allocation strategy is `diversified` , EC2 Fleet launches instances from all the Spot Instance pools that you specify.\n\nIf the allocation strategy is `capacityOptimized` , EC2 Fleet launches instances from Spot Instance pools that are optimally chosen based on the available Spot Instance capacity.\n\n*Allowed Values* : `lowestPrice` | `diversified` | `capacityOptimized` | `capacityOptimizedPrioritized`" + }, + "instanceInterruptionBehavior": { + "$ref": "#/types/aws-native:ec2:Ec2FleetSpotOptionsRequestInstanceInterruptionBehavior", + "description": "The behavior when a Spot Instance is interrupted.\n\nDefault: `terminate`" + }, + "instancePoolsToUseCount": { + "type": "integer", + "description": "The number of Spot pools across which to allocate your target Spot capacity. Supported only when Spot `AllocationStrategy` is set to `lowest-price` . EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that EC2 Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, EC2 Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified." + }, + "maintenanceStrategies": { + "$ref": "#/types/aws-native:ec2:Ec2FleetMaintenanceStrategies", + "description": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted." + }, + "maxTotalPrice": { + "type": "string", + "description": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n\u003e If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. \u003e If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* ." + }, + "minTargetCapacity": { + "type": "integer", + "description": "The minimum target capacity for Spot Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`" + }, + "singleAvailabilityZone": { + "type": "boolean", + "description": "Indicates that the fleet launches all Spot Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` ." + }, + "singleInstanceType": { + "type": "boolean", + "description": "Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.\n\nSupported only for fleets of type `instant` ." + } + } + }, + "aws-native:ec2:Ec2FleetSpotOptionsRequestAllocationStrategy": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetSpotOptionsRequestInstanceInterruptionBehavior": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:Ec2FleetTagSpecification": { + "type": "object", + "properties": { + "resourceType": { + "$ref": "#/types/aws-native:ec2:Ec2FleetTagSpecificationResourceType", + "description": "The type of resource to tag." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:Ec2FleetTag" + }, + "description": "The tags to apply to the resource." + } + } + }, + "aws-native:ec2:Ec2FleetTagSpecificationResourceType": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetTargetCapacitySpecificationRequest": { + "type": "object", + "properties": { + "defaultTargetCapacityType": { + "$ref": "#/types/aws-native:ec2:Ec2FleetTargetCapacitySpecificationRequestDefaultTargetCapacityType", + "description": "The default target capacity type." + }, + "onDemandTargetCapacity": { + "type": "integer", + "description": "The number of On-Demand units to request." + }, + "spotTargetCapacity": { + "type": "integer", + "description": "The number of Spot units to request." + }, + "targetCapacityUnitType": { + "$ref": "#/types/aws-native:ec2:Ec2FleetTargetCapacitySpecificationRequestTargetCapacityUnitType", + "description": "The unit for the target capacity. You can specify this parameter only when using attributed-based instance type selection.\n\nDefault: `units` (the number of instances)" + }, + "totalTargetCapacity": { + "type": "integer", + "description": "The number of units to request, filled using the default target capacity type." + } + } + }, + "aws-native:ec2:Ec2FleetTargetCapacitySpecificationRequestDefaultTargetCapacityType": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetTargetCapacitySpecificationRequestTargetCapacityUnitType": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetTotalLocalStorageGbRequest": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "number", + "description": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:Ec2FleetType": { + "type": "string" + }, + "aws-native:ec2:Ec2FleetVCpuCountRangeRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum number of vCPUs. To specify no minimum limit, specify `0` ." + } + } + }, + "aws-native:ec2:EipTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:EnclaveOptionsProperties": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves." + } + } + }, + "aws-native:ec2:FlowLogDestinationOptionsPropertiesFileFormat": { + "type": "string" + }, + "aws-native:ec2:FlowLogLogDestinationType": { + "type": "string" + }, + "aws-native:ec2:FlowLogResourceType": { + "type": "string" + }, + "aws-native:ec2:FlowLogTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:FlowLogTrafficType": { + "type": "string" + }, + "aws-native:ec2:HibernationOptionsProperties": { + "type": "object", + "properties": { + "configured": { + "type": "boolean", + "description": "If you set this parameter to true, your instance is enabled for hibernation." + } + } + }, + "aws-native:ec2:InstanceAffinity": { + "type": "string" + }, + "aws-native:ec2:InstanceAssociationParameter": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name of an input parameter that is in the associated SSM document." + }, + "value": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The value of an input parameter." + } + } + }, + "aws-native:ec2:InstanceBlockDeviceMapping": { + "type": "object", + "properties": { + "deviceName": { + "type": "string", + "description": "The device name (for example, /dev/sdh or xvdh)." + }, + "ebs": { + "$ref": "#/types/aws-native:ec2:InstanceEbs", + "description": "Parameters used to automatically set up EBS volumes when the instance is launched." + }, + "noDevice": { + "$ref": "pulumi.json#/Any", + "description": "To omit the device from the block device mapping, specify an empty string.\n\n\u003e After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) ." + }, + "virtualName": { + "type": "string", + "description": "The virtual device name ( `ephemeral` N). The name must be in the form `ephemeral` *X* where *X* is a number starting from zero (0). For example, an instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\n*Constraints* : For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.\n\n\u003e After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) ." + } + } + }, + "aws-native:ec2:InstanceConnectEndpointTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:InstanceEbs": { + "type": "object", + "properties": { + "deleteOnTermination": { + "type": "boolean", + "description": "Indicates whether the EBS volume is deleted on instance termination." + }, + "encrypted": { + "type": "boolean", + "description": "Indicates whether the volume should be encrypted." + }, + "iops": { + "type": "integer", + "description": "The number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes, this represents the number of IOPS that are provisioned for the volume. For gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting." + }, + "kmsKeyId": { + "type": "string", + "description": "The identifier of the AWS Key Management Service (AWS KMS) customer managed CMK to use for Amazon EBS encryption. If KmsKeyId is specified, the encrypted state must be true. If the encrypted state is true but you do not specify KmsKeyId, your AWS managed CMK for EBS is used." + }, + "snapshotId": { + "type": "string", + "description": "The ID of the snapshot." + }, + "volumeSize": { + "type": "integer", + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size." + }, + "volumeType": { + "type": "string", + "description": "The volume type." + } + } + }, + "aws-native:ec2:InstanceElasticGpuSpecification": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of Elastic Graphics accelerator." + } + } + }, + "aws-native:ec2:InstanceElasticInferenceAccelerator": { + "type": "object", + "properties": { + "count": { + "type": "integer", + "description": "The number of elastic inference accelerators to attach to the instance." + }, + "type": { + "type": "string", + "description": "The type of elastic inference accelerator." + } + } + }, + "aws-native:ec2:InstanceIpv6Address": { + "type": "object", + "properties": { + "ipv6Address": { + "type": "string", + "description": "The IPv6 address." + } + } + }, + "aws-native:ec2:InstanceLaunchTemplateSpecification": { + "type": "object", + "properties": { + "launchTemplateId": { + "type": "string", + "description": "The ID of the launch template. You must specify the LaunchTemplateName or the LaunchTemplateId, but not both." + }, + "launchTemplateName": { + "type": "string", + "description": "The name of the launch template. You must specify the LaunchTemplateName or the LaunchTemplateId, but not both." + }, + "version": { + "type": "string", + "description": "The version number of the launch template." + } + } + }, + "aws-native:ec2:InstanceLicenseSpecification": { + "type": "object", + "properties": { + "licenseConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the license configuration." + } + } + }, + "aws-native:ec2:InstanceNetworkInterface": { + "type": "object", + "properties": { + "associateCarrierIpAddress": { + "type": "boolean", + "description": "Not currently supported by AWS CloudFormation." + }, + "associatePublicIpAddress": { + "type": "boolean", + "description": "Indicates whether to assign a public IPv4 address to an instance you launch in a VPC." + }, + "deleteOnTermination": { + "type": "boolean", + "description": "If set to true, the interface is deleted when the instance is terminated." + }, + "description": { + "type": "string", + "description": "The description of the network interface." + }, + "deviceIndex": { + "type": "string", + "description": "The position of the network interface in the attachment order. A primary network interface has a device index of 0." + }, + "groupSet": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups for the network interface." + }, + "ipv6AddressCount": { + "type": "integer", + "description": "A number of IPv6 addresses to assign to the network interface." + }, + "ipv6Addresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceIpv6Address" + }, + "description": "The IPv6 addresses associated with the network interface." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the network interface." + }, + "privateIpAddress": { + "type": "string", + "description": "The private IPv4 address of the network interface." + }, + "privateIpAddresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstancePrivateIpAddressSpecification" + }, + "description": "One or more private IPv4 addresses to assign to the network interface." + }, + "secondaryPrivateIpAddressCount": { + "type": "integer", + "description": "The number of secondary private IPv4 addresses." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet." + } + } + }, + "aws-native:ec2:InstancePrivateDnsNameOptions": { + "type": "object", + "properties": { + "enableResourceNameDnsARecord": { + "type": "boolean", + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. For more information, see Amazon EC2 instance hostname types in the Amazon Elastic Compute Cloud User Guide." + }, + "enableResourceNameDnsAaaaRecord": { + "type": "boolean", + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. For more information, see Amazon EC2 instance hostname types in the Amazon Elastic Compute Cloud User Guide." + }, + "hostnameType": { + "$ref": "#/types/aws-native:ec2:InstancePrivateDnsNameOptionsHostnameType", + "description": "The type of hostnames to assign to instances in the subnet at launch. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see Amazon EC2 instance hostname types in the Amazon Elastic Compute Cloud User Guide." + } + }, + "irreversibleNames": { + "enableResourceNameDnsAaaaRecord": "EnableResourceNameDnsAAAARecord" + } + }, + "aws-native:ec2:InstancePrivateDnsNameOptionsHostnameType": { + "type": "string" + }, + "aws-native:ec2:InstancePrivateIpAddressSpecification": { + "type": "object", + "properties": { + "primary": { + "type": "boolean", + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary." + }, + "privateIpAddress": { + "type": "string", + "description": "The private IPv4 addresses." + } + } + }, + "aws-native:ec2:InstanceSsmAssociation": { + "type": "object", + "properties": { + "associationParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:InstanceAssociationParameter" + }, + "description": "The input parameter values to use with the associated SSM document." + }, + "documentName": { + "type": "string", + "description": "The name of an SSM document to associate with the instance." + } + } + }, + "aws-native:ec2:InstanceState": { + "type": "object", + "properties": { + "code": { + "type": "string", + "description": "The state of the instance as a 16-bit unsigned integer." + }, + "name": { + "type": "string", + "description": "The current state of the instance." + } + } + }, + "aws-native:ec2:InstanceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:InstanceVolume": { + "type": "object", + "properties": { + "device": { + "type": "string", + "description": "The device name (for example, /dev/sdh or xvdh)." + }, + "volumeId": { + "type": "string", + "description": "The ID of the EBS volume. The volume and instance must be within the same Availability Zone." + } + } + }, + "aws-native:ec2:InternetGatewayTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:IpamOperatingRegion": { + "type": "object", + "properties": { + "regionName": { + "type": "string", + "description": "The name of the region." + } + } + }, + "aws-native:ec2:IpamPoolAwsService": { + "type": "string" + }, + "aws-native:ec2:IpamPoolIpamScopeType": { + "type": "string" + }, + "aws-native:ec2:IpamPoolProvisionedCidr": { + "type": "object", + "properties": { + "cidr": { + "type": "string", + "description": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` ." + } + } + }, + "aws-native:ec2:IpamPoolPublicIpSource": { + "type": "string" + }, + "aws-native:ec2:IpamPoolSourceResource": { + "type": "object", + "properties": { + "resourceId": { + "type": "string", + "description": "The source resource ID." + }, + "resourceOwner": { + "type": "string", + "description": "The source resource owner." + }, + "resourceRegion": { + "type": "string", + "description": "The source resource Region." + }, + "resourceType": { + "type": "string", + "description": "The source resource type." + } + } + }, + "aws-native:ec2:IpamPoolState": { + "type": "string" + }, + "aws-native:ec2:IpamPoolTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ec2:IpamResourceDiscoveryAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ec2:IpamResourceDiscoveryIpamOperatingRegion": { + "type": "object", + "properties": { + "regionName": { + "type": "string", + "description": "The name of the region." + } + } + }, + "aws-native:ec2:IpamResourceDiscoveryTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ec2:IpamScopeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ec2:IpamScopeType": { + "type": "string" + }, + "aws-native:ec2:IpamTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ec2:IpamTier": { + "type": "string" + }, + "aws-native:ec2:KeyPairKeyFormat": { + "type": "string" + }, + "aws-native:ec2:KeyPairKeyType": { + "type": "string" + }, + "aws-native:ec2:KeyPairTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:LaunchTemplateAcceleratorCount": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set ``Max`` to ``0``." + }, + "min": { + "type": "integer", + "description": "The minimum number of accelerators. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:LaunchTemplateAcceleratorTotalMemoryMiB": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:LaunchTemplateBaselineEbsBandwidthMbps": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:LaunchTemplateBlockDeviceMapping": { + "type": "object", + "properties": { + "deviceName": { + "type": "string", + "description": "The device name (for example, /dev/sdh or xvdh)." + }, + "ebs": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateEbs", + "description": "Parameters used to automatically set up EBS volumes when the instance is launched." + }, + "noDevice": { + "type": "string", + "description": "To omit the device from the block device mapping, specify an empty string." + }, + "virtualName": { + "type": "string", + "description": "The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume." + } + } + }, + "aws-native:ec2:LaunchTemplateCapacityReservationSpecification": { + "type": "object", + "properties": { + "capacityReservationPreference": { + "type": "string", + "description": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n + ``open`` - The instance can run in any ``open`` Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).\n + ``none`` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity." + }, + "capacityReservationTarget": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateCapacityReservationTarget", + "description": "Information about the target Capacity Reservation or Capacity Reservation group." + } + } + }, + "aws-native:ec2:LaunchTemplateCapacityReservationTarget": { + "type": "object", + "properties": { + "capacityReservationId": { + "type": "string", + "description": "The ID of the Capacity Reservation in which to run the instance." + }, + "capacityReservationResourceGroupArn": { + "type": "string", + "description": "The ARN of the Capacity Reservation resource group in which to run the instance." + } + } + }, + "aws-native:ec2:LaunchTemplateConnectionTrackingSpecification": { + "type": "object", + "properties": { + "tcpEstablishedTimeout": { + "type": "integer", + "description": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds." + }, + "udpStreamTimeout": { + "type": "integer", + "description": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds." + }, + "udpTimeout": { + "type": "integer", + "description": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds." + } + } + }, + "aws-native:ec2:LaunchTemplateCpuOptions": { + "type": "object", + "properties": { + "amdSevSnp": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateCpuOptionsAmdSevSnp", + "description": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. For more information, see [AMD SEV-SNP](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html)." + }, + "coreCount": { + "type": "integer", + "description": "The number of CPU cores for the instance." + }, + "threadsPerCore": { + "type": "integer", + "description": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of ``1``. Otherwise, specify the default value of ``2``." + } + } + }, + "aws-native:ec2:LaunchTemplateCpuOptionsAmdSevSnp": { + "type": "string" + }, + "aws-native:ec2:LaunchTemplateCreditSpecification": { + "type": "object", + "properties": { + "cpuCredits": { + "type": "string", + "description": "The credit option for CPU usage of a T instance.\n Valid values: ``standard`` | ``unlimited``" + } + } + }, + "aws-native:ec2:LaunchTemplateData": { + "type": "object", + "properties": { + "blockDeviceMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateBlockDeviceMapping" + }, + "description": "The block device mapping." + }, + "capacityReservationSpecification": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateCapacityReservationSpecification", + "description": "The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to ``open``, which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone)." + }, + "cpuOptions": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateCpuOptions", + "description": "The CPU options for the instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon EC2 User Guide*." + }, + "creditSpecification": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateCreditSpecification", + "description": "The credit option for CPU usage of the instance. Valid only for T instances." + }, + "disableApiStop": { + "type": "boolean", + "description": "Indicates whether to enable the instance for stop protection. For more information, see [Enable stop protection for your instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html) in the *Amazon EC2 User Guide*." + }, + "disableApiTermination": { + "type": "boolean", + "description": "If you set this parameter to ``true``, you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can. To change this attribute after launch, use [ModifyInstanceAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html). Alternatively, if you set ``InstanceInitiatedShutdownBehavior`` to ``terminate``, you can terminate the instance by running the shutdown command from the instance." + }, + "ebsOptimized": { + "type": "boolean", + "description": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance." + }, + "elasticGpuSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateElasticGpuSpecification" + }, + "description": "Deprecated.\n Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads that require graphics acceleration, we recommend that you use Amazon EC2 G4ad, G4dn, or G5 instances." + }, + "elasticInferenceAccelerators": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateElasticInferenceAccelerator" + }, + "description": "An elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n You cannot specify accelerators from different generations in the same request.\n Starting April 15, 2023, AWS will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service." + }, + "enclaveOptions": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateEnclaveOptions", + "description": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see [What is Nitro Enclaves?](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the *Nitro Enclaves User Guide*.\n You can't enable AWS Nitro Enclaves and hibernation on the same instance." + }, + "hibernationOptions": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateHibernationOptions", + "description": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide*." + }, + "iamInstanceProfile": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateIamInstanceProfile", + "description": "The name or Amazon Resource Name (ARN) of an IAM instance profile." + }, + "imageId": { + "type": "string", + "description": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n Valid formats:\n + ``ami-0ac394d6a3example`` \n + ``resolve:ssm:parameter-name`` \n + ``resolve:ssm:parameter-name:version-number`` \n + ``resolve:ssm:parameter-name:label`` \n \n For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*." + }, + "instanceInitiatedShutdownBehavior": { + "type": "string", + "description": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n Default: ``stop``" + }, + "instanceMarketOptions": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateInstanceMarketOptions", + "description": "The market (purchasing) option for the instances." + }, + "instanceRequirements": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateInstanceRequirements", + "description": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes.\n You must specify ``VCpuCount`` and ``MemoryMiB``. All other attributes are optional. Any unspecified optional attribute is set to its default.\n When you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.\n To limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request:\n + ``AllowedInstanceTypes`` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.\n + ``ExcludedInstanceTypes`` - The instance types to exclude from the list, even if they match your specified attributes.\n \n If you specify ``InstanceRequirements``, you can't specify ``InstanceType``.\n Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html), or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) AWS CloudFormation resource, you can't specify ``InstanceRequirements``.\n For more information, see [Attribute-based instance type selection for EC2 Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html), [Attribute-based instance type selection for Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-attribute-based-instance-type-selection.html), and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide*." + }, + "instanceType": { + "type": "string", + "description": "The instance type. For more information, see [Amazon EC2 instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide*.\n If you specify ``InstanceType``, you can't specify ``InstanceRequirements``." + }, + "kernelId": { + "type": "string", + "description": "The ID of the kernel.\n We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User Provided Kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide*." + }, + "keyName": { + "type": "string", + "description": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html).\n If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in." + }, + "licenseSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateLicenseSpecification" + }, + "description": "The license configurations." + }, + "maintenanceOptions": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateMaintenanceOptions", + "description": "The maintenance options of your instance." + }, + "metadataOptions": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateMetadataOptions", + "description": "The metadata options for the instance. For more information, see [Instance metadata and user data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) in the *Amazon EC2 User Guide*." + }, + "monitoring": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateMonitoring", + "description": "The monitoring for the instance." + }, + "networkInterfaces": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateNetworkInterface" + }, + "description": "The network interfaces for the instance." + }, + "placement": { + "$ref": "#/types/aws-native:ec2:LaunchTemplatePlacement", + "description": "The placement for the instance." + }, + "privateDnsNameOptions": { + "$ref": "#/types/aws-native:ec2:LaunchTemplatePrivateDnsNameOptions", + "description": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *User Guide*." + }, + "ramDiskId": { + "type": "string", + "description": "The ID of the RAM disk.\n We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide*." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n If you specify a network interface, you must specify any security groups as part of the network interface instead." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n If you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter." + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:TagSpecification" + }, + "description": "The tags to apply to the resources that are created during instance launch.\n To tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html).\n To tag the launch template itself, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications)." + }, + "userData": { + "type": "string", + "description": "The user data to make available to the instance. You must provide base64-encoded text. User data is limited to 16 KB. For more information, see [Run commands on your Amazon EC2 instance at launch](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) in the *Amazon EC2 User Guide*.\n If you are creating the launch template for use with BATCH, the user data must be provided in the [MIME multi-part archive format](https://docs.aws.amazon.com/https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive). For more information, see [Amazon EC2 user data in launch templates](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html) in the *User Guide*." + } + } + }, + "aws-native:ec2:LaunchTemplateEbs": { + "type": "object", + "properties": { + "deleteOnTermination": { + "type": "boolean", + "description": "Indicates whether the EBS volume is deleted on instance termination." + }, + "encrypted": { + "type": "boolean", + "description": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value." + }, + "iops": { + "type": "integer", + "description": "The number of I/O operations per second (IOPS). For ``gp3``, ``io1``, and ``io2`` volumes, this represents the number of IOPS that are provisioned for the volume. For ``gp2`` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n The following are the supported values for each volume type:\n + ``gp3``: 3,000 - 16,000 IOPS\n + ``io1``: 100 - 64,000 IOPS\n + ``io2``: 100 - 256,000 IOPS\n \n For ``io2`` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). On other instances, you can achieve performance up to 32,000 IOPS.\n This parameter is supported for ``io1``, ``io2``, and ``gp3`` volumes only." + }, + "kmsKeyId": { + "type": "string", + "description": "The ARN of the symmetric KMSlong (KMS) CMK used for encryption." + }, + "snapshotId": { + "type": "string", + "description": "The ID of the snapshot." + }, + "throughput": { + "type": "integer", + "description": "The throughput to provision for a ``gp3`` volume, with a maximum of 1,000 MiB/s.\n Valid Range: Minimum value of 125. Maximum value of 1000." + }, + "volumeSize": { + "type": "integer", + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:\n + ``gp2`` and ``gp3``: 1 - 16,384 GiB\n + ``io1``: 4 - 16,384 GiB\n + ``io2``: 4 - 65,536 GiB\n + ``st1`` and ``sc1``: 125 - 16,384 GiB\n + ``standard``: 1 - 1024 GiB" + }, + "volumeType": { + "type": "string", + "description": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide*." + } + } + }, + "aws-native:ec2:LaunchTemplateElasticGpuSpecification": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of Elastic Graphics accelerator." + } + } + }, + "aws-native:ec2:LaunchTemplateElasticInferenceAccelerator": { + "type": "object", + "properties": { + "count": { + "type": "integer", + "description": "The number of elastic inference accelerators to attach to the instance. \n Default: 1" + }, + "type": { + "type": "string", + "description": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge." + } + } + }, + "aws-native:ec2:LaunchTemplateEnaSrdSpecification": { + "type": "object", + "properties": { + "enaSrdEnabled": { + "type": "boolean", + "description": "Indicates whether ENA Express is enabled for the network interface." + }, + "enaSrdUdpSpecification": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateEnaSrdUdpSpecification", + "description": "Configures ENA Express for UDP network traffic." + } + } + }, + "aws-native:ec2:LaunchTemplateEnaSrdUdpSpecification": { + "type": "object", + "properties": { + "enaSrdUdpEnabled": { + "type": "boolean", + "description": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express." + } + } + }, + "aws-native:ec2:LaunchTemplateEnclaveOptions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "If this parameter is set to ``true``, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves." + } + } + }, + "aws-native:ec2:LaunchTemplateHibernationOptions": { + "type": "object", + "properties": { + "configured": { + "type": "boolean", + "description": "If you set this parameter to ``true``, the instance is enabled for hibernation.\n Default: ``false``" + } + } + }, + "aws-native:ec2:LaunchTemplateIamInstanceProfile": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance profile." + }, + "name": { + "type": "string", + "description": "The name of the instance profile." + } + } + }, + "aws-native:ec2:LaunchTemplateInstanceMarketOptions": { + "type": "object", + "properties": { + "marketType": { + "type": "string", + "description": "The market type." + }, + "spotOptions": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateSpotOptions", + "description": "The options for Spot Instances." + } + } + }, + "aws-native:ec2:LaunchTemplateInstanceRequirements": { + "type": "object", + "properties": { + "acceleratorCount": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateAcceleratorCount", + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n To exclude accelerator-enabled instance types, set ``Max`` to ``0``.\n Default: No minimum or maximum limits" + }, + "acceleratorManufacturers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Indicates whether instance types must have accelerators by specific manufacturers.\n + For instance types with AWS devices, specify ``amazon-web-services``.\n + For instance types with AMD devices, specify ``amd``.\n + For instance types with Habana devices, specify ``habana``.\n + For instance types with NVIDIA devices, specify ``nvidia``.\n + For instance types with Xilinx devices, specify ``xilinx``.\n \n Default: Any manufacturer" + }, + "acceleratorNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The accelerators that must be on the instance type.\n + For instance types with NVIDIA A10G GPUs, specify ``a10g``.\n + For instance types with NVIDIA A100 GPUs, specify ``a100``.\n + For instance types with NVIDIA H100 GPUs, specify ``h100``.\n + For instance types with AWS Inferentia chips, specify ``inferentia``.\n + For instance types with NVIDIA GRID K520 GPUs, specify ``k520``.\n + For instance types with NVIDIA K80 GPUs, specify ``k80``.\n + For instance types with NVIDIA M60 GPUs, specify ``m60``.\n + For instance types with AMD Radeon Pro V520 GPUs, specify ``radeon-pro-v520``.\n + For instance types with NVIDIA T4 GPUs, specify ``t4``.\n + For instance types with NVIDIA T4G GPUs, specify ``t4g``.\n + For instance types with Xilinx VU9P FPGAs, specify ``vu9p``.\n + For instance types with NVIDIA V100 GPUs, specify ``v100``.\n \n Default: Any accelerator" + }, + "acceleratorTotalMemoryMiB": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateAcceleratorTotalMemoryMiB", + "description": "The minimum and maximum amount of total accelerator memory, in MiB.\n Default: No minimum or maximum limits" + }, + "acceleratorTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The accelerator types that must be on the instance type.\n + For instance types with GPU accelerators, specify ``gpu``.\n + For instance types with FPGA accelerators, specify ``fpga``.\n + For instance types with inference accelerators, specify ``inference``.\n \n Default: Any accelerator type" + }, + "allowedInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n You can use strings with one or more wild cards, represented by an asterisk (``*``), to allow an instance type, size, or generation. The following are examples: ``m5.8xlarge``, ``c5*.*``, ``m5a.*``, ``r*``, ``*3*``.\n For example, if you specify ``c5*``,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify ``m5a.*``, Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n If you specify ``AllowedInstanceTypes``, you can't specify ``ExcludedInstanceTypes``.\n Default: All instance types" + }, + "bareMetal": { + "type": "string", + "description": "Indicates whether bare metal instance types must be included, excluded, or required.\n + To include bare metal instance types, specify ``included``.\n + To require only bare metal instance types, specify ``required``.\n + To exclude bare metal instance types, specify ``excluded``.\n \n Default: ``excluded``" + }, + "baselineEbsBandwidthMbps": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateBaselineEbsBandwidthMbps", + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS–optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide*.\n Default: No minimum or maximum limits" + }, + "burstablePerformance": { + "type": "string", + "description": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html).\n + To include burstable performance instance types, specify ``included``.\n + To require only burstable performance instance types, specify ``required``.\n + To exclude burstable performance instance types, specify ``excluded``.\n \n Default: ``excluded``" + }, + "cpuManufacturers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The CPU manufacturers to include.\n + For instance types with Intel CPUs, specify ``intel``.\n + For instance types with AMD CPUs, specify ``amd``.\n + For instance types with AWS CPUs, specify ``amazon-web-services``.\n \n Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template.\n Default: Any manufacturer" + }, + "excludedInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance types to exclude.\n You can use strings with one or more wild cards, represented by an asterisk (``*``), to exclude an instance type, size, or generation. The following are examples: ``m5.8xlarge``, ``c5*.*``, ``m5a.*``, ``r*``, ``*3*``.\n For example, if you specify ``c5*``,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify ``m5a.*``, Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n If you specify ``ExcludedInstanceTypes``, you can't specify ``AllowedInstanceTypes``.\n Default: No excluded instance types" + }, + "instanceGenerations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide*.\n For current generation instance types, specify ``current``.\n For previous generation instance types, specify ``previous``.\n Default: Current and previous generation instance types" + }, + "localStorage": { + "type": "string", + "description": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide*.\n + To include instance types with instance store volumes, specify ``included``.\n + To require only instance types with instance store volumes, specify ``required``.\n + To exclude instance types with instance store volumes, specify ``excluded``.\n \n Default: ``included``" + }, + "localStorageTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The type of local storage that is required.\n + For instance types with hard disk drive (HDD) storage, specify ``hdd``.\n + For instance types with solid state drive (SSD) storage, specify ``ssd``.\n \n Default: ``hdd`` and ``ssd``" + }, + "maxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n The parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n If you set ``TargetCapacityUnitType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n Only one of ``SpotMaxPricePercentageOverLowestPrice`` or ``MaxSpotPriceAsPercentageOfOptimalOnDemandPrice`` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as ``999999``." + }, + "memoryGiBPerVCpu": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateMemoryGiBPerVCpu", + "description": "The minimum and maximum amount of memory per vCPU, in GiB.\n Default: No minimum or maximum limits" + }, + "memoryMiB": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateMemoryMiB", + "description": "The minimum and maximum amount of memory, in MiB." + }, + "networkBandwidthGbps": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateNetworkBandwidthGbps", + "description": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n Default: No minimum or maximum limits" + }, + "networkInterfaceCount": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateNetworkInterfaceCount", + "description": "The minimum and maximum number of network interfaces.\n Default: No minimum or maximum limits" + }, + "onDemandMaxPricePercentageOverLowestPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n The parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n To turn off price protection, specify a high value, such as ``999999``.\n This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html).\n If you set ``TargetCapacityUnitType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n Default: ``20``" + }, + "requireHibernateSupport": { + "type": "boolean", + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.\n This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html).\n Default: ``false``" + }, + "spotMaxPricePercentageOverLowestPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n The parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n If you set ``TargetCapacityUnitType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html).\n Only one of ``SpotMaxPricePercentageOverLowestPrice`` or ``MaxSpotPriceAsPercentageOfOptimalOnDemandPrice`` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as ``999999``.\n Default: ``100``" + }, + "totalLocalStorageGb": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateTotalLocalStorageGb", + "description": "The minimum and maximum amount of total local storage, in GB.\n Default: No minimum or maximum limits" + }, + "vCpuCount": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateVCpuCount", + "description": "The minimum and maximum number of vCPUs." + } + }, + "irreversibleNames": { + "totalLocalStorageGb": "TotalLocalStorageGB" + } + }, + "aws-native:ec2:LaunchTemplateIpv4PrefixSpecification": { + "type": "object", + "properties": { + "ipv4Prefix": { + "type": "string", + "description": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide*." + } + } + }, + "aws-native:ec2:LaunchTemplateIpv6Add": { + "type": "object", + "properties": { + "ipv6Address": { + "type": "string", + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses." + } + } + }, + "aws-native:ec2:LaunchTemplateIpv6PrefixSpecification": { + "type": "object", + "properties": { + "ipv6Prefix": { + "type": "string", + "description": "The IPv6 prefix." + } + } + }, + "aws-native:ec2:LaunchTemplateLicenseSpecification": { + "type": "object", + "properties": { + "licenseConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the license configuration." + } + } + }, + "aws-native:ec2:LaunchTemplateMaintenanceOptions": { + "type": "object", + "properties": { + "autoRecovery": { + "type": "string", + "description": "Disables the automatic recovery behavior of your instance or sets it to default." + } + } + }, + "aws-native:ec2:LaunchTemplateMemoryGiBPerVCpu": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "number", + "description": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:LaunchTemplateMemoryMiB": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum amount of memory, in MiB. To specify no minimum limit, specify ``0``." + } + } + }, + "aws-native:ec2:LaunchTemplateMetadataOptions": { + "type": "object", + "properties": { + "httpEndpoint": { + "type": "string", + "description": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is ``enabled``.\n If you specify a value of ``disabled``, you will not be able to access your instance metadata." + }, + "httpProtocolIpv6": { + "type": "string", + "description": "Enables or disables the IPv6 endpoint for the instance metadata service.\n Default: ``disabled``" + }, + "httpPutResponseHopLimit": { + "type": "integer", + "description": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.\n Default: ``1`` \n Possible values: Integers from 1 to 64" + }, + "httpTokens": { + "type": "string", + "description": "Indicates whether IMDSv2 is required.\n + ``optional`` - IMDSv2 is optional. You can choose whether to send a session token in your instance metadata retrieval requests. If you retrieve IAM role credentials without a session token, you receive the IMDSv1 role credentials. If you retrieve IAM role credentials using a valid session token, you receive the IMDSv2 role credentials.\n + ``required`` - IMDSv2 is required. You must send a session token in your instance metadata retrieval requests. With this option, retrieving the IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.\n \n Default: If the value of ``ImdsSupport`` for the Amazon Machine Image (AMI) for your instance is ``v2.0``, the default is ``required``." + }, + "instanceMetadataTags": { + "type": "string", + "description": "Set to ``enabled`` to allow access to instance tags from the instance metadata. Set to ``disabled`` to turn off access to instance tags from the instance metadata. For more information, see [Work with instance tags using the instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS).\n Default: ``disabled``" + } + } + }, + "aws-native:ec2:LaunchTemplateMonitoring": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Specify ``true`` to enable detailed monitoring. Otherwise, basic monitoring is enabled." + } + } + }, + "aws-native:ec2:LaunchTemplateNetworkBandwidthGbps": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "number", + "description": "The minimum amount of network bandwidth, in Gbps. If this parameter is not specified, there is no minimum limit." + } + } + }, + "aws-native:ec2:LaunchTemplateNetworkInterface": { + "type": "object", + "properties": { + "associateCarrierIpAddress": { + "type": "boolean", + "description": "Associates a Carrier IP address with eth0 for a new network interface.\n Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see [Carrier IP addresses](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *Developer Guide*." + }, + "associatePublicIpAddress": { + "type": "boolean", + "description": "Associates a public IPv4 address with eth0 for a new network interface.\n AWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/)." + }, + "connectionTrackingSpecification": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateConnectionTrackingSpecification", + "description": "A connection tracking specification for the network interface." + }, + "deleteOnTermination": { + "type": "boolean", + "description": "Indicates whether the network interface is deleted when the instance is terminated." + }, + "description": { + "type": "string", + "description": "A description for the network interface." + }, + "deviceIndex": { + "type": "integer", + "description": "The device index for the network interface attachment. Each network interface requires a device index. If you create a launch template that includes secondary network interfaces but not a primary network interface, then you must add a primary network interface as a launch parameter when you launch an instance from the template." + }, + "enaSrdSpecification": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateEnaSrdSpecification", + "description": "The ENA Express configuration for the network interface." + }, + "groups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of one or more security groups." + }, + "interfaceType": { + "type": "string", + "description": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify ``efa``. For more information, see [Elastic Fabric Adapter](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide*.\n If you are not creating an EFA, specify ``interface`` or omit this parameter.\n Valid values: ``interface`` | ``efa``" + }, + "ipv4PrefixCount": { + "type": "integer", + "description": "The number of IPv4 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the ``Ipv4Prefix`` option." + }, + "ipv4Prefixes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateIpv4PrefixSpecification" + }, + "description": "One or more IPv4 prefixes to be assigned to the network interface. You cannot use this option if you use the ``Ipv4PrefixCount`` option." + }, + "ipv6AddressCount": { + "type": "integer", + "description": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses." + }, + "ipv6Addresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateIpv6Add" + }, + "description": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses." + }, + "ipv6PrefixCount": { + "type": "integer", + "description": "The number of IPv6 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the ``Ipv6Prefix`` option." + }, + "ipv6Prefixes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateIpv6PrefixSpecification" + }, + "description": "One or more IPv6 prefixes to be assigned to the network interface. You cannot use this option if you use the ``Ipv6PrefixCount`` option." + }, + "networkCardIndex": { + "type": "integer", + "description": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the network interface." + }, + "primaryIpv6": { + "type": "boolean", + "description": "The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html)." + }, + "privateIpAddress": { + "type": "string", + "description": "The primary private IPv4 address of the network interface." + }, + "privateIpAddresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplatePrivateIpAdd" + }, + "description": "One or more private IPv4 addresses." + }, + "secondaryPrivateIpAddressCount": { + "type": "integer", + "description": "The number of secondary private IPv4 addresses to assign to a network interface." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet for the network interface." + } + } + }, + "aws-native:ec2:LaunchTemplateNetworkInterfaceCount": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:LaunchTemplatePlacement": { + "type": "object", + "properties": { + "affinity": { + "type": "string", + "description": "The affinity setting for an instance on a Dedicated Host." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone for the instance." + }, + "groupId": { + "type": "string", + "description": "The Group Id of a placement group. You must specify the Placement Group *Group Id* to launch an instance in a shared placement group." + }, + "groupName": { + "type": "string", + "description": "The name of the placement group for the instance." + }, + "hostId": { + "type": "string", + "description": "The ID of the Dedicated Host for the instance." + }, + "hostResourceGroupArn": { + "type": "string", + "description": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to ``host``." + }, + "partitionNumber": { + "type": "integer", + "description": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to ``partition``." + }, + "spreadDomain": { + "type": "string", + "description": "Reserved for future use." + }, + "tenancy": { + "type": "string", + "description": "The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware." + } + } + }, + "aws-native:ec2:LaunchTemplatePrivateDnsNameOptions": { + "type": "object", + "properties": { + "enableResourceNameDnsARecord": { + "type": "boolean", + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records." + }, + "enableResourceNameDnsAaaaRecord": { + "type": "boolean", + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records." + }, + "hostnameType": { + "type": "string", + "description": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *User Guide*." + } + }, + "irreversibleNames": { + "enableResourceNameDnsAaaaRecord": "EnableResourceNameDnsAAAARecord" + } + }, + "aws-native:ec2:LaunchTemplatePrivateIpAdd": { + "type": "object", + "properties": { + "primary": { + "type": "boolean", + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary." + }, + "privateIpAddress": { + "type": "string", + "description": "The private IPv4 address." + } + } + }, + "aws-native:ec2:LaunchTemplateSpotOptions": { + "type": "object", + "properties": { + "blockDurationMinutes": { + "type": "integer", + "description": "Deprecated." + }, + "instanceInterruptionBehavior": { + "type": "string", + "description": "The behavior when a Spot Instance is interrupted. The default is ``terminate``." + }, + "maxPrice": { + "type": "string", + "description": "The maximum hourly price you're willing to pay for the Spot Instances. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter." + }, + "spotInstanceType": { + "type": "string", + "description": "The Spot Instance request type.\n If you are using Spot Instances with an Auto Scaling group, use ``one-time`` requests, as the ASlong service handles requesting new Spot Instances whenever the group is below its desired capacity." + }, + "validUntil": { + "type": "string", + "description": "The end date of the request, in UTC format (*YYYY-MM-DD*T*HH:MM:SS*Z). Supported only for persistent requests.\n + For a persistent request, the request remains active until the ``ValidUntil`` date and time is reached. Otherwise, the request remains active until you cancel it.\n + For a one-time request, ``ValidUntil`` is not supported. The request remains active until all instances launch or you cancel the request.\n \n Default: 7 days from the current date" + } + } + }, + "aws-native:ec2:LaunchTemplateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:LaunchTemplateTagSpecification": { + "type": "object", + "properties": { + "resourceType": { + "type": "string", + "description": "The type of resource. To tag a launch template, ``ResourceType`` must be ``launch-template``." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateTag" + }, + "description": "The tags for the resource." + } + } + }, + "aws-native:ec2:LaunchTemplateTotalLocalStorageGb": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "number", + "description": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:LaunchTemplateVCpuCount": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum number of vCPUs. To specify no minimum limit, specify ``0``." + } + } + }, + "aws-native:ec2:LocalGatewayRouteTableTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:ec2:LocalGatewayRouteTableVirtualInterfaceGroupAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:ec2:LocalGatewayRouteTableVpcAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:ec2:NatGatewayTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:NetworkAclTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:NetworkInsightsAccessScopeAccessScopePathRequest": { + "type": "object", + "properties": { + "destination": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopePathStatementRequest", + "description": "The destination." + }, + "source": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopePathStatementRequest", + "description": "The source." + }, + "throughResources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopeThroughResourcesStatementRequest" + }, + "description": "The through resources." + } + } + }, + "aws-native:ec2:NetworkInsightsAccessScopeAnalysisFindingsFound": { + "type": "string" + }, + "aws-native:ec2:NetworkInsightsAccessScopeAnalysisStatus": { + "type": "string" + }, + "aws-native:ec2:NetworkInsightsAccessScopeAnalysisTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:NetworkInsightsAccessScopePacketHeaderStatementRequest": { + "type": "object", + "properties": { + "destinationAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The destination addresses." + }, + "destinationPorts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The destination ports." + }, + "destinationPrefixLists": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The destination prefix lists." + }, + "protocols": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopeProtocol" + }, + "description": "The protocols." + }, + "sourceAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The source addresses." + }, + "sourcePorts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The source ports." + }, + "sourcePrefixLists": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The source prefix lists." + } + } + }, + "aws-native:ec2:NetworkInsightsAccessScopePathStatementRequest": { + "type": "object", + "properties": { + "packetHeaderStatement": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopePacketHeaderStatementRequest", + "description": "The packet header statement." + }, + "resourceStatement": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopeResourceStatementRequest", + "description": "The resource statement." + } + } + }, + "aws-native:ec2:NetworkInsightsAccessScopeProtocol": { + "type": "string" + }, + "aws-native:ec2:NetworkInsightsAccessScopeResourceStatementRequest": { + "type": "object", + "properties": { + "resourceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The resource types." + }, + "resources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The resources." + } + } + }, + "aws-native:ec2:NetworkInsightsAccessScopeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:NetworkInsightsAccessScopeThroughResourcesStatementRequest": { + "type": "object", + "properties": { + "resourceStatement": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAccessScopeResourceStatementRequest", + "description": "The resource statement." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisAdditionalDetail": { + "type": "object", + "properties": { + "additionalDetailType": { + "type": "string", + "description": "The additional detail code." + }, + "component": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The path component." + }, + "loadBalancers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent" + }, + "description": "The load balancers." + }, + "serviceName": { + "type": "string", + "description": "The name of the VPC endpoint service." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisAlternatePathHint": { + "type": "object", + "properties": { + "componentArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the component." + }, + "componentId": { + "type": "string", + "description": "The ID of the component." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisAnalysisAclRule": { + "type": "object", + "properties": { + "cidr": { + "type": "string", + "description": "The IPv4 address range, in CIDR notation." + }, + "egress": { + "type": "boolean", + "description": "Indicates whether the rule is an outbound rule." + }, + "portRange": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisPortRange", + "description": "The range of ports." + }, + "protocol": { + "type": "string", + "description": "The protocol." + }, + "ruleAction": { + "type": "string", + "description": "Indicates whether to allow or deny traffic that matches the rule." + }, + "ruleNumber": { + "type": "integer", + "description": "The rule number." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the component." + }, + "id": { + "type": "string", + "description": "The ID of the component." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisAnalysisLoadBalancerListener": { + "type": "object", + "properties": { + "instancePort": { + "type": "integer", + "description": "[Classic Load Balancers] The back-end port for the listener." + }, + "loadBalancerPort": { + "type": "integer", + "description": "The port on which the load balancer is listening." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisAnalysisLoadBalancerTarget": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "The IP address." + }, + "availabilityZone": { + "type": "string", + "description": "The Availability Zone." + }, + "instance": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "Information about the instance." + }, + "port": { + "type": "integer", + "description": "The port on which the target is listening." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisAnalysisPacketHeader": { + "type": "object", + "properties": { + "destinationAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The destination addresses." + }, + "destinationPortRanges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisPortRange" + }, + "description": "The destination port ranges." + }, + "protocol": { + "type": "string", + "description": "The protocol." + }, + "sourceAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The source addresses." + }, + "sourcePortRanges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisPortRange" + }, + "description": "The source port ranges." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisAnalysisRouteTableRoute": { + "type": "object", + "properties": { + "destinationCidr": { + "type": "string", + "description": "The destination IPv4 address, in CIDR notation." + }, + "destinationPrefixListId": { + "type": "string", + "description": "The prefix of the AWS-service ." + }, + "egressOnlyInternetGatewayId": { + "type": "string", + "description": "The ID of an egress-only internet gateway." + }, + "gatewayId": { + "type": "string", + "description": "The ID of the gateway, such as an internet gateway or virtual private gateway." + }, + "instanceId": { + "type": "string", + "description": "The ID of the instance, such as a NAT instance." + }, + "natGatewayId": { + "type": "string", + "description": "The ID of a NAT gateway." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of a network interface." + }, + "origin": { + "type": "string", + "description": "Describes how the route was created. The following are the possible values:\n\n- CreateRouteTable - The route was automatically created when the route table was created.\n- CreateRoute - The route was manually added to the route table.\n- EnableVgwRoutePropagation - The route was propagated by route propagation." + }, + "state": { + "type": "string", + "description": "The state. The following are the possible values:\n\n- active\n- blackhole" + }, + "transitGatewayId": { + "type": "string", + "description": "The ID of a transit gateway." + }, + "vpcPeeringConnectionId": { + "type": "string", + "description": "The ID of a VPC peering connection." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisAnalysisSecurityGroupRule": { + "type": "object", + "properties": { + "cidr": { + "type": "string", + "description": "The IPv4 address range, in CIDR notation." + }, + "direction": { + "type": "string", + "description": "The direction. The following are the possible values:\n\n- egress\n- ingress" + }, + "portRange": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisPortRange", + "description": "The port range." + }, + "prefixListId": { + "type": "string", + "description": "The prefix list ID." + }, + "protocol": { + "type": "string", + "description": "The protocol name." + }, + "securityGroupId": { + "type": "string", + "description": "The security group ID." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisExplanation": { + "type": "object", + "properties": { + "acl": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The network ACL." + }, + "aclRule": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisAclRule", + "description": "The network ACL rule." + }, + "address": { + "type": "string", + "description": "The IPv4 address, in CIDR notation." + }, + "addresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv4 addresses, in CIDR notation." + }, + "attachedTo": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The resource to which the component is attached." + }, + "availabilityZones": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Availability Zones." + }, + "cidrs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The CIDR ranges." + }, + "classicLoadBalancerListener": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisLoadBalancerListener", + "description": "The listener for a Classic Load Balancer." + }, + "component": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The component." + }, + "componentAccount": { + "type": "string", + "description": "The AWS account for the component." + }, + "componentRegion": { + "type": "string", + "description": "The Region for the component." + }, + "customerGateway": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The customer gateway." + }, + "destination": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The destination." + }, + "destinationVpc": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The destination VPC." + }, + "direction": { + "type": "string", + "description": "The direction. The following are the possible values:\n\n- egress\n- ingress" + }, + "elasticLoadBalancerListener": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The load balancer listener." + }, + "explanationCode": { + "type": "string", + "description": "The explanation code." + }, + "ingressRouteTable": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The route table." + }, + "internetGateway": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The internet gateway." + }, + "loadBalancerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the load balancer." + }, + "loadBalancerListenerPort": { + "type": "integer", + "description": "The listener port of the load balancer." + }, + "loadBalancerTarget": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisLoadBalancerTarget", + "description": "The target." + }, + "loadBalancerTargetGroup": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The target group." + }, + "loadBalancerTargetGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent" + }, + "description": "The target groups." + }, + "loadBalancerTargetPort": { + "type": "integer", + "description": "The target port." + }, + "missingComponent": { + "type": "string", + "description": "The missing component." + }, + "natGateway": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The NAT gateway." + }, + "networkInterface": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The network interface." + }, + "packetField": { + "type": "string", + "description": "The packet field." + }, + "port": { + "type": "integer", + "description": "The port." + }, + "portRanges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisPortRange" + }, + "description": "The port ranges." + }, + "prefixList": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The prefix list." + }, + "protocols": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The protocols." + }, + "routeTable": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The route table." + }, + "routeTableRoute": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisRouteTableRoute", + "description": "The route table route." + }, + "securityGroup": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The security group." + }, + "securityGroupRule": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisSecurityGroupRule", + "description": "The security group rule." + }, + "securityGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent" + }, + "description": "The security groups." + }, + "sourceVpc": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The source VPC." + }, + "state": { + "type": "string", + "description": "The state." + }, + "subnet": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The subnet." + }, + "subnetRouteTable": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The route table for the subnet." + }, + "transitGateway": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The transit gateway." + }, + "transitGatewayAttachment": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The transit gateway attachment." + }, + "transitGatewayRouteTable": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The transit gateway route table." + }, + "transitGatewayRouteTableRoute": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisTransitGatewayRouteTableRoute", + "description": "The transit gateway route table route." + }, + "vpc": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The component VPC." + }, + "vpcEndpoint": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The VPC endpoint." + }, + "vpcPeeringConnection": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The VPC peering connection." + }, + "vpnConnection": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The VPN connection." + }, + "vpnGateway": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The VPN gateway." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisPathComponent": { + "type": "object", + "properties": { + "aclRule": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisAclRule", + "description": "The network ACL rule." + }, + "additionalDetails": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAdditionalDetail" + }, + "description": "The additional details." + }, + "component": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The component." + }, + "destinationVpc": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The destination VPC." + }, + "elasticLoadBalancerListener": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The load balancer listener." + }, + "explanations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisExplanation" + }, + "description": "The explanation codes." + }, + "inboundHeader": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisPacketHeader", + "description": "The inbound header." + }, + "outboundHeader": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisPacketHeader", + "description": "The outbound header." + }, + "routeTableRoute": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisRouteTableRoute", + "description": "The route table route." + }, + "securityGroupRule": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisSecurityGroupRule", + "description": "The security group rule." + }, + "sequenceNumber": { + "type": "integer", + "description": "The sequence number." + }, + "serviceName": { + "type": "string", + "description": "The name of the VPC endpoint service." + }, + "sourceVpc": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The source VPC." + }, + "subnet": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The subnet." + }, + "transitGateway": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The transit gateway." + }, + "transitGatewayRouteTableRoute": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisTransitGatewayRouteTableRoute", + "description": "The route in a transit gateway route table." + }, + "vpc": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsAnalysisAnalysisComponent", + "description": "The component VPC." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisPortRange": { + "type": "object", + "properties": { + "from": { + "type": "integer", + "description": "The first port in the range." + }, + "to": { + "type": "integer", + "description": "The last port in the range." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisStatus": { + "type": "string" + }, + "aws-native:ec2:NetworkInsightsAnalysisTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:NetworkInsightsAnalysisTransitGatewayRouteTableRoute": { + "type": "object", + "properties": { + "attachmentId": { + "type": "string", + "description": "The ID of the route attachment." + }, + "destinationCidr": { + "type": "string", + "description": "The CIDR block used for destination matches." + }, + "prefixListId": { + "type": "string", + "description": "The ID of the prefix list." + }, + "resourceId": { + "type": "string", + "description": "The ID of the resource for the route attachment." + }, + "resourceType": { + "type": "string", + "description": "The resource type for the route attachment." + }, + "routeOrigin": { + "type": "string", + "description": "The route origin. The following are the possible values:\n\n- static\n- propagated" + }, + "state": { + "type": "string", + "description": "The state of the route." + } + } + }, + "aws-native:ec2:NetworkInsightsPathFilterPortRange": { + "type": "object", + "properties": { + "fromPort": { + "type": "integer", + "description": "The first port in the range." + }, + "toPort": { + "type": "integer", + "description": "The last port in the range." + } + } + }, + "aws-native:ec2:NetworkInsightsPathPathFilter": { + "type": "object", + "properties": { + "destinationAddress": { + "type": "string", + "description": "The destination IPv4 address." + }, + "destinationPortRange": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsPathFilterPortRange", + "description": "The destination port range." + }, + "sourceAddress": { + "type": "string", + "description": "The source IPv4 address." + }, + "sourcePortRange": { + "$ref": "#/types/aws-native:ec2:NetworkInsightsPathFilterPortRange", + "description": "The source port range." + } + } + }, + "aws-native:ec2:NetworkInsightsPathProtocol": { + "type": "string" + }, + "aws-native:ec2:NetworkInsightsPathTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:NetworkInterfaceAttachmentEnaSrdSpecification": { + "type": "object", + "properties": { + "enaSrdEnabled": { + "type": "boolean", + "description": "Indicates whether ENA Express is enabled for the network interface." + }, + "enaSrdUdpSpecification": { + "$ref": "#/types/aws-native:ec2:NetworkInterfaceAttachmentEnaSrdSpecificationEnaSrdUdpSpecificationProperties", + "description": "Configures ENA Express for UDP network traffic." + } + } + }, + "aws-native:ec2:NetworkInterfaceAttachmentEnaSrdSpecificationEnaSrdUdpSpecificationProperties": { + "type": "object", + "properties": { + "enaSrdUdpEnabled": { + "type": "boolean" + } + } + }, + "aws-native:ec2:NetworkInterfaceConnectionTrackingSpecification": { + "type": "object", + "properties": { + "tcpEstablishedTimeout": { + "type": "integer", + "description": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds." + }, + "udpStreamTimeout": { + "type": "integer", + "description": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds." + }, + "udpTimeout": { + "type": "integer", + "description": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds." + } + } + }, + "aws-native:ec2:NetworkInterfaceInstanceIpv6Address": { + "type": "object", + "properties": { + "ipv6Address": { + "type": "string", + "description": "An IPv6 address to associate with the network interface." + } + } + }, + "aws-native:ec2:NetworkInterfaceIpv4PrefixSpecification": { + "type": "object", + "properties": { + "ipv4Prefix": { + "type": "string", + "description": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* ." + } + } + }, + "aws-native:ec2:NetworkInterfaceIpv6PrefixSpecification": { + "type": "object", + "properties": { + "ipv6Prefix": { + "type": "string", + "description": "The IPv6 prefix. For information, see [Assigning prefixes to Amazon EC2 network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon Elastic Compute Cloud User Guide* ." + } + } + }, + "aws-native:ec2:NetworkInterfacePrivateIpAddressSpecification": { + "type": "object", + "properties": { + "primary": { + "type": "boolean", + "description": "Sets the private IP address as the primary private address. You can set only one primary private IP address. If you don't specify a primary private IP address, Amazon EC2 automatically assigns a primary private IP address." + }, + "privateIpAddress": { + "type": "string", + "description": "The private IP address of the network interface." + } + } + }, + "aws-native:ec2:NetworkInterfaceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:OptionsProperties": { + "type": "object", + "properties": { + "applianceModeSupport": { + "type": "string", + "description": "Indicates whether to enable Ipv6 Support for Vpc Attachment. Valid Values: enable | disable" + }, + "dnsSupport": { + "type": "string", + "description": "Indicates whether to enable DNS Support for Vpc Attachment. Valid Values: enable | disable" + }, + "ipv6Support": { + "type": "string", + "description": "Indicates whether to enable Ipv6 Support for Vpc Attachment. Valid Values: enable | disable" + } + } + }, + "aws-native:ec2:PlacementGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ec2:PrefixListAddressFamily": { + "type": "string" + }, + "aws-native:ec2:PrefixListEntry": { + "type": "object", + "properties": { + "cidr": { + "type": "string", + "description": "The CIDR block." + }, + "description": { + "type": "string", + "description": "A description for the entry.\n\nConstraints: Up to 255 characters in length." + } + } + }, + "aws-native:ec2:PrefixListTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:PrivateDnsNameOptionsOnLaunchProperties": { + "type": "object", + "properties": { + "enableResourceNameDnsARecord": { + "type": "boolean", + "description": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records." + }, + "enableResourceNameDnsAaaaRecord": { + "type": "boolean", + "description": "Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records." + }, + "hostnameType": { + "type": "string", + "description": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID." + } + }, + "irreversibleNames": { + "enableResourceNameDnsAaaaRecord": "EnableResourceNameDnsAAAARecord" + } + }, + "aws-native:ec2:RouteTableTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:SecurityGroupEgress": { + "type": "object", + "properties": { + "cidrIp": { + "type": "string", + "description": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* ." + }, + "cidrIpv6": { + "type": "string", + "description": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* ." + }, + "description": { + "type": "string", + "description": "A description for the security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*" + }, + "destinationPrefixListId": { + "type": "string", + "description": "The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` ." + }, + "destinationSecurityGroupId": { + "type": "string", + "description": "The ID of the destination VPC security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` ." + }, + "fromPort": { + "type": "integer", + "description": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types)." + }, + "ipProtocol": { + "type": "string", + "description": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed." + }, + "toPort": { + "type": "integer", + "description": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes)." + } + } + }, + "aws-native:ec2:SecurityGroupIngress": { + "type": "object", + "properties": { + "cidrIp": { + "type": "string", + "description": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* ." + }, + "cidrIpv6": { + "type": "string", + "description": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* ." + }, + "description": { + "type": "string", + "description": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*" + }, + "fromPort": { + "type": "integer", + "description": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types)." + }, + "ipProtocol": { + "type": "string", + "description": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed." + }, + "sourcePrefixListId": { + "type": "string", + "description": "The ID of a prefix list." + }, + "sourceSecurityGroupId": { + "type": "string", + "description": "The ID of the security group." + }, + "sourceSecurityGroupName": { + "type": "string", + "description": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID." + }, + "sourceSecurityGroupOwnerId": { + "type": "string", + "description": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify the `SourceSecurityGroupOwnerId` ; otherwise, this property is optional." + }, + "toPort": { + "type": "integer", + "description": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes)." + } + } + }, + "aws-native:ec2:SecurityGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:SnapshotBlockPublicAccessState": { + "type": "string" + }, + "aws-native:ec2:SpotFleetAcceleratorCountRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` ." + }, + "min": { + "type": "integer", + "description": "The minimum number of accelerators. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:SpotFleetAcceleratorTotalMemoryMiBRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:SpotFleetBaselineEbsBandwidthMbpsRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:SpotFleetBlockDeviceMapping": { + "type": "object", + "properties": { + "deviceName": { + "type": "string", + "description": "The device name (for example, `/dev/sdh` or `xvdh` )." + }, + "ebs": { + "$ref": "#/types/aws-native:ec2:SpotFleetEbsBlockDevice", + "description": "Parameters used to automatically set up EBS volumes when the instance is launched." + }, + "noDevice": { + "type": "string", + "description": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value." + }, + "virtualName": { + "type": "string", + "description": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI." + } + } + }, + "aws-native:ec2:SpotFleetClassicLoadBalancer": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the load balancer." + } + } + }, + "aws-native:ec2:SpotFleetClassicLoadBalancersConfig": { + "type": "object", + "properties": { + "classicLoadBalancers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetClassicLoadBalancer" + }, + "description": "One or more Classic Load Balancers." + } + } + }, + "aws-native:ec2:SpotFleetEbsBlockDevice": { + "type": "object", + "properties": { + "deleteOnTermination": { + "type": "boolean", + "description": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* ." + }, + "encrypted": { + "type": "boolean", + "description": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) in the *Amazon EC2 User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\nThis parameter is not returned by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) ." + }, + "iops": { + "type": "integer", + "description": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS." + }, + "snapshotId": { + "type": "string", + "description": "The ID of the snapshot." + }, + "volumeSize": { + "type": "integer", + "description": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB" + }, + "volumeType": { + "$ref": "#/types/aws-native:ec2:SpotFleetEbsBlockDeviceVolumeType", + "description": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* ." + } + } + }, + "aws-native:ec2:SpotFleetEbsBlockDeviceVolumeType": { + "type": "string" + }, + "aws-native:ec2:SpotFleetFleetLaunchTemplateSpecification": { + "type": "object", + "properties": { + "launchTemplateId": { + "type": "string", + "description": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both." + }, + "launchTemplateName": { + "type": "string", + "description": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both." + }, + "version": { + "type": "string", + "description": "The version number of the launch template.\n\nSpecifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) ." + } + } + }, + "aws-native:ec2:SpotFleetGroupIdentifier": { + "type": "object", + "properties": { + "groupId": { + "type": "string", + "description": "The ID of the security group." + } + } + }, + "aws-native:ec2:SpotFleetIamInstanceProfileSpecification": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the instance profile." + } + } + }, + "aws-native:ec2:SpotFleetInstanceIpv6Address": { + "type": "object", + "properties": { + "ipv6Address": { + "type": "string", + "description": "The IPv6 address." + } + } + }, + "aws-native:ec2:SpotFleetInstanceNetworkInterfaceSpecification": { + "type": "object", + "properties": { + "associatePublicIpAddress": { + "type": "boolean", + "description": "Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) ." + }, + "deleteOnTermination": { + "type": "boolean", + "description": "Indicates whether the network interface is deleted when the instance is terminated." + }, + "description": { + "type": "string", + "description": "The description of the network interface. Applies only if creating a network interface when launching an instance." + }, + "deviceIndex": { + "type": "integer", + "description": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you specify a network interface when launching an instance, you must specify the device index." + }, + "groups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance." + }, + "ipv6AddressCount": { + "type": "integer", + "description": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch." + }, + "ipv6Addresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceIpv6Address" + }, + "description": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch." + }, + "networkInterfaceId": { + "type": "string", + "description": "The ID of the network interface.\n\nIf you are creating a Spot Fleet, omit this parameter because you can’t specify a network interface ID in a launch specification." + }, + "privateIpAddresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetPrivateIpAddressSpecification" + }, + "description": "The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request." + }, + "secondaryPrivateIpAddressCount": { + "type": "integer", + "description": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet associated with the network interface." + } + } + }, + "aws-native:ec2:SpotFleetInstanceRequirementsRequest": { + "type": "object", + "properties": { + "acceleratorCount": { + "$ref": "#/types/aws-native:ec2:SpotFleetAcceleratorCountRequest", + "description": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits" + }, + "acceleratorManufacturers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceRequirementsRequestAcceleratorManufacturersItem" + }, + "description": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer" + }, + "acceleratorNames": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceRequirementsRequestAcceleratorNamesItem" + }, + "description": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator" + }, + "acceleratorTotalMemoryMiB": { + "$ref": "#/types/aws-native:ec2:SpotFleetAcceleratorTotalMemoryMiBRequest", + "description": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits" + }, + "acceleratorTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceRequirementsRequestAcceleratorTypesItem" + }, + "description": "The accelerator types that must be on the instance type.\n\n- To include instance types with GPU hardware, specify `gpu` .\n- To include instance types with FPGA hardware, specify `fpga` .\n- To include instance types with inference hardware, specify `inference` .\n\nDefault: Any accelerator type" + }, + "allowedInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n\u003e If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types" + }, + "bareMetal": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceRequirementsRequestBareMetal", + "description": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`" + }, + "baselineEbsBandwidthMbps": { + "$ref": "#/types/aws-native:ec2:SpotFleetBaselineEbsBandwidthMbpsRequest", + "description": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS–optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits" + }, + "burstablePerformance": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceRequirementsRequestBurstablePerformance", + "description": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`" + }, + "cpuManufacturers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceRequirementsRequestCpuManufacturersItem" + }, + "description": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n\n\u003e Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer" + }, + "excludedInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n\u003e If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types" + }, + "instanceGenerations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceRequirementsRequestInstanceGenerationsItem" + }, + "description": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types" + }, + "localStorage": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceRequirementsRequestLocalStorage", + "description": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`" + }, + "localStorageTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceRequirementsRequestLocalStorageTypesItem" + }, + "description": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`" + }, + "maxSpotPriceAsPercentageOfOptimalOnDemandPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n\u003e Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` ." + }, + "memoryGiBPerVCpu": { + "$ref": "#/types/aws-native:ec2:SpotFleetMemoryGiBPerVCpuRequest", + "description": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits" + }, + "memoryMiB": { + "$ref": "#/types/aws-native:ec2:SpotFleetMemoryMiBRequest", + "description": "The minimum and maximum amount of memory, in MiB." + }, + "networkBandwidthGbps": { + "$ref": "#/types/aws-native:ec2:SpotFleetNetworkBandwidthGbpsRequest", + "description": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits" + }, + "networkInterfaceCount": { + "$ref": "#/types/aws-native:ec2:SpotFleetNetworkInterfaceCountRequest", + "description": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits" + }, + "onDemandMaxPricePercentageOverLowestPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n\u003e If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`" + }, + "requireHibernateSupport": { + "type": "boolean", + "description": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`" + }, + "spotMaxPricePercentageOverLowestPrice": { + "type": "integer", + "description": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n\u003e Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`" + }, + "totalLocalStorageGb": { + "$ref": "#/types/aws-native:ec2:SpotFleetTotalLocalStorageGbRequest", + "description": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits" + }, + "vCpuCount": { + "$ref": "#/types/aws-native:ec2:SpotFleetVCpuCountRangeRequest", + "description": "The minimum and maximum number of vCPUs." + } + }, + "irreversibleNames": { + "totalLocalStorageGb": "TotalLocalStorageGB" + } + }, + "aws-native:ec2:SpotFleetInstanceRequirementsRequestAcceleratorManufacturersItem": { + "type": "string" + }, + "aws-native:ec2:SpotFleetInstanceRequirementsRequestAcceleratorNamesItem": { + "type": "string" + }, + "aws-native:ec2:SpotFleetInstanceRequirementsRequestAcceleratorTypesItem": { + "type": "string" + }, + "aws-native:ec2:SpotFleetInstanceRequirementsRequestBareMetal": { + "type": "string" + }, + "aws-native:ec2:SpotFleetInstanceRequirementsRequestBurstablePerformance": { + "type": "string" + }, + "aws-native:ec2:SpotFleetInstanceRequirementsRequestCpuManufacturersItem": { + "type": "string" + }, + "aws-native:ec2:SpotFleetInstanceRequirementsRequestInstanceGenerationsItem": { + "type": "string" + }, + "aws-native:ec2:SpotFleetInstanceRequirementsRequestLocalStorage": { + "type": "string" + }, + "aws-native:ec2:SpotFleetInstanceRequirementsRequestLocalStorageTypesItem": { + "type": "string" + }, + "aws-native:ec2:SpotFleetLaunchSpecification": { + "type": "object", + "properties": { + "blockDeviceMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetBlockDeviceMapping" + }, + "description": "One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status." + }, + "ebsOptimized": { + "type": "boolean", + "description": "Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.\n\nDefault: `false`" + }, + "iamInstanceProfile": { + "$ref": "#/types/aws-native:ec2:SpotFleetIamInstanceProfileSpecification", + "description": "The IAM instance profile." + }, + "imageId": { + "type": "string", + "description": "The ID of the AMI." + }, + "instanceRequirements": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceRequirementsRequest", + "description": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n\u003e If you specify `InstanceRequirements` , you can't specify `InstanceType` ." + }, + "instanceType": { + "type": "string", + "description": "The instance type." + }, + "kernelId": { + "type": "string", + "description": "The ID of the kernel." + }, + "keyName": { + "type": "string", + "description": "The name of the key pair." + }, + "monitoring": { + "$ref": "#/types/aws-native:ec2:SpotFleetMonitoring", + "description": "Enable or disable monitoring for the instances." + }, + "networkInterfaces": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceNetworkInterfaceSpecification" + }, + "description": "The network interfaces." + }, + "placement": { + "$ref": "#/types/aws-native:ec2:SpotFleetSpotPlacement", + "description": "The placement information." + }, + "ramdiskId": { + "type": "string", + "description": "The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID." + }, + "securityGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetGroupIdentifier" + }, + "description": "The security groups.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter." + }, + "spotPrice": { + "type": "string", + "description": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n\u003e If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter." + }, + "subnetId": { + "type": "string", + "description": "The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter." + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetTagSpecification" + }, + "description": "The tags to apply during creation." + }, + "userData": { + "type": "string", + "description": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB." + }, + "weightedCapacity": { + "type": "number", + "description": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n\u003e When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour." + } + } + }, + "aws-native:ec2:SpotFleetLaunchTemplateConfig": { + "type": "object", + "properties": { + "launchTemplateSpecification": { + "$ref": "#/types/aws-native:ec2:SpotFleetFleetLaunchTemplateSpecification", + "description": "The launch template to use. Make sure that the launch template does not contain the `NetworkInterfaceId` parameter because you can't specify a network interface ID in a Spot Fleet." + }, + "overrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetLaunchTemplateOverrides" + }, + "description": "Any parameters that you specify override the same parameters in the launch template." + } + } + }, + "aws-native:ec2:SpotFleetLaunchTemplateOverrides": { + "type": "object", + "properties": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to launch the instances." + }, + "instanceRequirements": { + "$ref": "#/types/aws-native:ec2:SpotFleetInstanceRequirementsRequest", + "description": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify instance types with the provided requirements, and then use your On-Demand and Spot allocation strategies to launch instances from these instance types, in the same way as when you specify a list of instance types.\n\n\u003e If you specify `InstanceRequirements` , you can't specify `InstanceType` ." + }, + "instanceType": { + "type": "string", + "description": "The instance type." + }, + "priority": { + "type": "number", + "description": "The priority for the launch template override. The highest priority is launched first.\n\nIf `OnDemandAllocationStrategy` is set to `prioritized` , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacityOptimizedPrioritized` , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides." + }, + "spotPrice": { + "type": "string", + "description": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n\u003e If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet in which to launch the instances." + }, + "weightedCapacity": { + "type": "number", + "description": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.\n\n\u003e When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour." + } + } + }, + "aws-native:ec2:SpotFleetLoadBalancersConfig": { + "type": "object", + "properties": { + "classicLoadBalancersConfig": { + "$ref": "#/types/aws-native:ec2:SpotFleetClassicLoadBalancersConfig", + "description": "The Classic Load Balancers." + }, + "targetGroupsConfig": { + "$ref": "#/types/aws-native:ec2:SpotFleetTargetGroupsConfig", + "description": "The target groups." + } + } + }, + "aws-native:ec2:SpotFleetMemoryGiBPerVCpuRequest": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "number", + "description": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:SpotFleetMemoryMiBRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` ." + } + } + }, + "aws-native:ec2:SpotFleetMonitoring": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enables monitoring for the instance.\n\nDefault: `false`" + } + } + }, + "aws-native:ec2:SpotFleetNetworkBandwidthGbpsRequest": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "number", + "description": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:SpotFleetNetworkInterfaceCountRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:SpotFleetPrivateIpAddressSpecification": { + "type": "object", + "properties": { + "primary": { + "type": "boolean", + "description": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary." + }, + "privateIpAddress": { + "type": "string", + "description": "The private IPv4 address." + } + } + }, + "aws-native:ec2:SpotFleetRequestConfigData": { + "type": "object", + "properties": { + "allocationStrategy": { + "$ref": "#/types/aws-native:ec2:SpotFleetRequestConfigDataAllocationStrategy", + "description": "The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet launch configuration. For more information, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide* .\n\n- **priceCapacityOptimized (recommended)** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.\n- **capacityOptimized** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. To give certain instance types a higher chance of launching first, use `capacityOptimizedPrioritized` . Set a priority for each instance type by using the `Priority` parameter for `LaunchTemplateOverrides` . You can assign the same priority to different `LaunchTemplateOverrides` . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. `capacityOptimizedPrioritized` is supported only if your Spot Fleet uses a launch template. Note that if the `OnDemandAllocationStrategy` is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity.\n- **diversified** - Spot Fleet requests instances from all of the Spot Instance pools that you specify.\n- **lowestPrice (not recommended)** - \u003e We don't recommend the `lowestPrice` allocation strategy because it has the highest risk of interruption for your Spot Instances. \n\nSpot Fleet requests instances from the lowest priced Spot Instance pool that has available capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances come from the next lowest priced pool that has available capacity. If a pool runs out of capacity before fulfilling your desired capacity, Spot Fleet will continue to fulfill your request by drawing from the next lowest priced pool. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. Because this strategy only considers instance price and not capacity availability, it might lead to high interruption rates.\n\nDefault: `lowestPrice`", + "replaceOnChanges": true + }, + "context": { + "type": "string", + "description": "Reserved." + }, + "excessCapacityTerminationPolicy": { + "$ref": "#/types/aws-native:ec2:SpotFleetRequestConfigDataExcessCapacityTerminationPolicy", + "description": "Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.\n\nSupported only for fleets of type `maintain` ." + }, + "iamFleetRole": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see [Spot Fleet Prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) in the *Amazon EC2 User Guide* . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request or when the Spot Fleet request expires, if you set `TerminateInstancesWithExpiration` .", + "replaceOnChanges": true + }, + "instanceInterruptionBehavior": { + "$ref": "#/types/aws-native:ec2:SpotFleetRequestConfigDataInstanceInterruptionBehavior", + "description": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", + "replaceOnChanges": true + }, + "instancePoolsToUseCount": { + "type": "integer", + "description": "The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot *AllocationStrategy* is set to `lowest-price` . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", + "replaceOnChanges": true + }, + "launchSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetLaunchSpecification" + }, + "description": "The launch specifications for the Spot Fleet request. If you specify `LaunchSpecifications` , you can't specify `LaunchTemplateConfigs` .", + "replaceOnChanges": true + }, + "launchTemplateConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetLaunchTemplateConfig" + }, + "description": "The launch template and overrides. If you specify `LaunchTemplateConfigs` , you can't specify `LaunchSpecifications` .", + "replaceOnChanges": true + }, + "loadBalancersConfig": { + "$ref": "#/types/aws-native:ec2:SpotFleetLoadBalancersConfig", + "description": "One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.\n\nWith Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.", + "replaceOnChanges": true + }, + "onDemandAllocationStrategy": { + "type": "string", + "description": "The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify `lowestPrice` , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify `prioritized` , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to `lowestPrice` .", + "replaceOnChanges": true + }, + "onDemandMaxTotalPrice": { + "type": "string", + "description": "The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the `onDemandMaxTotalPrice` parameter, the `spotMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity.\n\n\u003e If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `onDemandMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `onDemandMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "replaceOnChanges": true + }, + "onDemandTargetCapacity": { + "type": "integer", + "description": "The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", + "replaceOnChanges": true + }, + "replaceUnhealthyInstances": { + "type": "boolean", + "description": "Indicates whether Spot Fleet should replace unhealthy instances.", + "replaceOnChanges": true + }, + "spotMaintenanceStrategies": { + "$ref": "#/types/aws-native:ec2:SpotFleetSpotMaintenanceStrategies", + "description": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", + "replaceOnChanges": true + }, + "spotMaxTotalPrice": { + "type": "string", + "description": "The maximum amount per hour for Spot Instances that you're willing to pay. You can use the `spotMaxTotalPrice` parameter, the `onDemandMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity.\n\n\u003e If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `spotMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `spotMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", + "replaceOnChanges": true + }, + "spotPrice": { + "type": "string", + "description": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n\u003e If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", + "replaceOnChanges": true + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetTagSpecification" + }, + "description": "The key-value pair for tagging the Spot Fleet request on creation. The value for `ResourceType` must be `spot-fleet-request` , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) (valid only if you use `LaunchTemplateConfigs` ) or in the `[SpotFleetTagSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html)` (valid only if you use `LaunchSpecifications` ). For information about tagging after launch, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .", + "replaceOnChanges": true + }, + "targetCapacity": { + "type": "integer", + "description": "The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later." + }, + "targetCapacityUnitType": { + "$ref": "#/types/aws-native:ec2:SpotFleetRequestConfigDataTargetCapacityUnitType", + "description": "The unit for the target capacity. You can specify this parameter only when using attribute-based instance type selection.\n\nDefault: `units` (the number of instances)" + }, + "terminateInstancesWithExpiration": { + "type": "boolean", + "description": "Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.", + "replaceOnChanges": true + }, + "type": { + "$ref": "#/types/aws-native:ec2:SpotFleetRequestConfigDataType", + "description": "The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is `request` , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is `maintain` , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: `maintain` . `instant` is listed but is not used by Spot Fleet.", + "replaceOnChanges": true + }, + "validFrom": { + "type": "string", + "description": "The start date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). By default, Amazon EC2 starts fulfilling the request immediately.", + "replaceOnChanges": true + }, + "validUntil": { + "type": "string", + "description": "The end date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.", + "replaceOnChanges": true + } + } + }, + "aws-native:ec2:SpotFleetRequestConfigDataAllocationStrategy": { + "type": "string" + }, + "aws-native:ec2:SpotFleetRequestConfigDataExcessCapacityTerminationPolicy": { + "type": "string" + }, + "aws-native:ec2:SpotFleetRequestConfigDataInstanceInterruptionBehavior": { + "type": "string" + }, + "aws-native:ec2:SpotFleetRequestConfigDataTargetCapacityUnitType": { + "type": "string" + }, + "aws-native:ec2:SpotFleetRequestConfigDataType": { + "type": "string" + }, + "aws-native:ec2:SpotFleetSpotCapacityRebalance": { + "type": "object", + "properties": { + "replacementStrategy": { + "$ref": "#/types/aws-native:ec2:SpotFleetSpotCapacityRebalanceReplacementStrategy", + "description": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification." + }, + "terminationDelay": { + "type": "integer", + "description": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds." + } + } + }, + "aws-native:ec2:SpotFleetSpotCapacityRebalanceReplacementStrategy": { + "type": "string" + }, + "aws-native:ec2:SpotFleetSpotMaintenanceStrategies": { + "type": "object", + "properties": { + "capacityRebalance": { + "$ref": "#/types/aws-native:ec2:SpotFleetSpotCapacityRebalance", + "description": "The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. For more information, see [Capacity rebalancing](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html) in the *Amazon EC2 User Guide* ." + } + } + }, + "aws-native:ec2:SpotFleetSpotPlacement": { + "type": "object", + "properties": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone.\n\nTo specify multiple Availability Zones, separate them using commas; for example, \"us-west-2a, us-west-2b\"." + }, + "groupName": { + "type": "string", + "description": "The name of the placement group." + }, + "tenancy": { + "$ref": "#/types/aws-native:ec2:SpotFleetSpotPlacementTenancy", + "description": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for Spot Instances." + } + } + }, + "aws-native:ec2:SpotFleetSpotPlacementTenancy": { + "type": "string" + }, + "aws-native:ec2:SpotFleetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:SpotFleetTagSpecification": { + "type": "object", + "properties": { + "resourceType": { + "$ref": "#/types/aws-native:ec2:SpotFleetTagSpecificationResourceType", + "description": "The type of resource. Currently, the only resource type that is supported is `instance` . To tag the Spot Fleet request on creation, use the `TagSpecifications` parameter in `[SpotFleetRequestConfigData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html)` ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetTag" + }, + "description": "The tags." + } + } + }, + "aws-native:ec2:SpotFleetTagSpecificationResourceType": { + "type": "string" + }, + "aws-native:ec2:SpotFleetTargetGroup": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target group." + } + } + }, + "aws-native:ec2:SpotFleetTargetGroupsConfig": { + "type": "object", + "properties": { + "targetGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:SpotFleetTargetGroup" + }, + "description": "One or more target groups." + } + } + }, + "aws-native:ec2:SpotFleetTotalLocalStorageGbRequest": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "number", + "description": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter." + } + } + }, + "aws-native:ec2:SpotFleetVCpuCountRangeRequest": { + "type": "object", + "properties": { + "max": { + "type": "integer", + "description": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter." + }, + "min": { + "type": "integer", + "description": "The minimum number of vCPUs. To specify no minimum limit, specify `0` ." + } + } + }, + "aws-native:ec2:SseSpecificationProperties": { + "type": "object", + "properties": { + "customerManagedKeyEnabled": { + "type": "boolean", + "description": "Whether to encrypt the policy with the provided key or disable encryption" + }, + "kmsKeyArn": { + "type": "string", + "description": "KMS Key Arn used to encrypt the group policy" + } + } + }, + "aws-native:ec2:SubnetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:TagSpecification": { + "type": "object", + "properties": { + "resourceType": { + "type": "string", + "description": "The type of resource to tag. You can specify tags for the following resource types only: ``instance`` | ``volume`` | ``network-interface`` | ``spot-instances-request``. If the instance does not include the resource type that you specify, the instance launch fails. For example, not all instance types include a volume.\n To tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html)." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ec2:LaunchTemplateTag" + }, + "description": "The tags to apply to the resource." + } + } + }, + "aws-native:ec2:TransitGatewayAttachmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:TransitGatewayConnectOptions": { + "type": "object", + "properties": { + "protocol": { + "type": "string", + "description": "The tunnel protocol." + } + } + }, + "aws-native:ec2:TransitGatewayConnectTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag. Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:." + }, + "value": { + "type": "string", + "description": "The value of the tag. Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters." + } + } + }, + "aws-native:ec2:TransitGatewayMulticastDomainTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag. Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:." + }, + "value": { + "type": "string", + "description": "The value of the tag. Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters." + } + } + }, + "aws-native:ec2:TransitGatewayPeeringAttachmentPeeringAttachmentStatus": { + "type": "object", + "properties": { + "code": { + "type": "string", + "description": "The status code." + }, + "message": { + "type": "string", + "description": "The status message, if applicable." + } + } + }, + "aws-native:ec2:TransitGatewayPeeringAttachmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag. Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:." + }, + "value": { + "type": "string", + "description": "The value of the tag. Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters." + } + } + }, + "aws-native:ec2:TransitGatewayRouteTableTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the associated tag key-value pair" + }, + "value": { + "type": "string", + "description": "The value of the associated tag key-value pair" + } + } + }, + "aws-native:ec2:TransitGatewayTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:TransitGatewayVpcAttachmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:VerifiedAccessEndpointLoadBalancerOptions": { + "type": "object", + "properties": { + "loadBalancerArn": { + "type": "string", + "description": "The ARN of the load balancer.", + "replaceOnChanges": true + }, + "port": { + "type": "integer", + "description": "The IP port number." + }, + "protocol": { + "type": "string", + "description": "The IP protocol." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the subnets." + } + } + }, + "aws-native:ec2:VerifiedAccessEndpointNetworkInterfaceOptions": { + "type": "object", + "properties": { + "networkInterfaceId": { + "type": "string", + "description": "The ID of the network interface.", + "replaceOnChanges": true + }, + "port": { + "type": "integer", + "description": "The IP port number." + }, + "protocol": { + "type": "string", + "description": "The IP protocol." + } + } + }, + "aws-native:ec2:VerifiedAccessEndpointSseSpecification": { + "type": "object", + "properties": { + "customerManagedKeyEnabled": { + "type": "boolean", + "description": "Whether to encrypt the policy with the provided key or disable encryption" + }, + "kmsKeyArn": { + "type": "string", + "description": "KMS Key Arn used to encrypt the group policy" + } + } + }, + "aws-native:ec2:VerifiedAccessEndpointTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ec2:VerifiedAccessGroupSseSpecification": { + "type": "object", + "properties": { + "customerManagedKeyEnabled": { + "type": "boolean", + "description": "Whether to encrypt the policy with the provided key or disable encryption" + }, + "kmsKeyArn": { + "type": "string", + "description": "KMS Key Arn used to encrypt the group policy" + } + } + }, + "aws-native:ec2:VerifiedAccessGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ec2:VerifiedAccessInstanceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ec2:VerifiedAccessInstanceVerifiedAccessLogs": { + "type": "object", + "properties": { + "cloudWatchLogs": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessInstanceVerifiedAccessLogsCloudWatchLogsProperties", + "description": "Sends Verified Access logs to CloudWatch Logs." + }, + "includeTrustContext": { + "type": "boolean", + "description": "Include claims from trust providers in Verified Access logs." + }, + "kinesisDataFirehose": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessInstanceVerifiedAccessLogsKinesisDataFirehoseProperties", + "description": "Sends Verified Access logs to Kinesis." + }, + "logVersion": { + "type": "string", + "description": "Select log version for Verified Access logs." + }, + "s3": { + "$ref": "#/types/aws-native:ec2:VerifiedAccessInstanceVerifiedAccessLogsS3Properties", + "description": "Sends Verified Access logs to Amazon S3." + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:ec2:VerifiedAccessInstanceVerifiedAccessLogsCloudWatchLogsProperties": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Indicates whether logging is enabled." + }, + "logGroup": { + "type": "string", + "description": "The ID of the CloudWatch Logs log group." + } + } + }, + "aws-native:ec2:VerifiedAccessInstanceVerifiedAccessLogsKinesisDataFirehoseProperties": { + "type": "object", + "properties": { + "deliveryStream": { + "type": "string", + "description": "The ID of the delivery stream." + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether logging is enabled." + } + } + }, + "aws-native:ec2:VerifiedAccessInstanceVerifiedAccessLogsS3Properties": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The bucket name." + }, + "bucketOwner": { + "type": "string", + "description": "The ID of the AWS account that owns the Amazon S3 bucket." + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether logging is enabled." + }, + "prefix": { + "type": "string", + "description": "The bucket prefix." + } + } + }, + "aws-native:ec2:VerifiedAccessInstanceVerifiedAccessTrustProvider": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The description of trust provider." + }, + "deviceTrustProviderType": { + "type": "string", + "description": "The type of device-based trust provider." + }, + "trustProviderType": { + "type": "string", + "description": "The type of trust provider (user- or device-based)." + }, + "userTrustProviderType": { + "type": "string", + "description": "The type of user-based trust provider." + }, + "verifiedAccessTrustProviderId": { + "type": "string", + "description": "The ID of the trust provider." + } + } + }, + "aws-native:ec2:VerifiedAccessTrustProviderDeviceOptions": { + "type": "object", + "properties": { + "publicSigningKeyUrl": { + "type": "string", + "description": "URL Verified Access will use to verify authenticity of the device tokens." + }, + "tenantId": { + "type": "string", + "description": "The ID of the tenant application with the device-identity provider." + } + } + }, + "aws-native:ec2:VerifiedAccessTrustProviderOidcOptions": { + "type": "object", + "properties": { + "authorizationEndpoint": { + "type": "string", + "description": "The OIDC authorization endpoint." + }, + "clientId": { + "type": "string", + "description": "The client identifier." + }, + "clientSecret": { + "type": "string", + "description": "The client secret." + }, + "issuer": { + "type": "string", + "description": "The OIDC issuer." + }, + "scope": { + "type": "string", + "description": "OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes." + }, + "tokenEndpoint": { + "type": "string", + "description": "The OIDC token endpoint." + }, + "userInfoEndpoint": { + "type": "string", + "description": "The OIDC user info endpoint." + } + } + }, + "aws-native:ec2:VerifiedAccessTrustProviderTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ec2:VolumeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:VpcEndpointType": { + "type": "string" + }, + "aws-native:ec2:VpcPeeringConnectionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ec2:VpcTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:VpnConnectionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ec2:VpnConnectionVpnTunnelOptionsSpecification": { + "type": "object", + "properties": { + "preSharedKey": { + "type": "string", + "description": "The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.\n Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0)." + }, + "tunnelInsideCidr": { + "type": "string", + "description": "The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway. \n Constraints: A size /30 CIDR block from the ``169.254.0.0/16`` range. The following CIDR blocks are reserved and cannot be used:\n + ``169.254.0.0/30`` \n + ``169.254.1.0/30`` \n + ``169.254.2.0/30`` \n + ``169.254.3.0/30`` \n + ``169.254.4.0/30`` \n + ``169.254.5.0/30`` \n + ``169.254.169.252/30``" + } + } + }, + "aws-native:ec2:VpnGatewayTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ecr:ReplicationConfiguration": { + "type": "object", + "properties": { + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecr:ReplicationConfigurationReplicationRule" + }, + "description": "An array of objects representing the replication rules for a replication configuration. A replication configuration may contain a maximum of 10 rules." + } + } + }, + "aws-native:ecr:ReplicationConfigurationFilterType": { + "type": "string" + }, + "aws-native:ecr:ReplicationConfigurationReplicationDestination": { + "type": "object", + "properties": { + "region": { + "type": "string", + "description": "The Region to replicate to." + }, + "registryId": { + "type": "string", + "description": "The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID." + } + } + }, + "aws-native:ecr:ReplicationConfigurationReplicationRule": { + "type": "object", + "properties": { + "destinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecr:ReplicationConfigurationReplicationDestination" + }, + "description": "An array of objects representing the details of a replication destination." + }, + "repositoryFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecr:ReplicationConfigurationRepositoryFilter" + }, + "description": "An array of objects representing the details of a repository filter." + } + } + }, + "aws-native:ecr:ReplicationConfigurationRepositoryFilter": { + "type": "object", + "properties": { + "filter": { + "type": "string", + "description": "The repository filter details. When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for." + }, + "filterType": { + "$ref": "#/types/aws-native:ecr:ReplicationConfigurationFilterType", + "description": "The repository filter type. The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter." + } + } + }, + "aws-native:ecr:RepositoryCreationTemplateAppliedForItem": { + "type": "string" + }, + "aws-native:ecr:RepositoryCreationTemplateEncryptionConfiguration": { + "type": "object", + "properties": { + "encryptionType": { + "$ref": "#/types/aws-native:ecr:RepositoryCreationTemplateEncryptionType", + "description": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an AWS KMS key stored in AWS Key Management Service (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* ." + }, + "kmsKey": { + "type": "string", + "description": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used." + } + } + }, + "aws-native:ecr:RepositoryCreationTemplateEncryptionType": { + "type": "string" + }, + "aws-native:ecr:RepositoryCreationTemplateImageTagMutability": { + "type": "string" + }, + "aws-native:ecr:RepositoryCreationTemplateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ecr:RepositoryEncryptionConfiguration": { + "type": "object", + "properties": { + "encryptionType": { + "$ref": "#/types/aws-native:ecr:RepositoryEncryptionType", + "description": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an AWS KMS key stored in AWS Key Management Service (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .", + "replaceOnChanges": true + }, + "kmsKey": { + "type": "string", + "description": "If you use the ``KMS`` encryption type, specify the KMS key to use for encryption. The alias, key ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed KMS key for Amazon ECR will be used.", + "replaceOnChanges": true + } + } + }, + "aws-native:ecr:RepositoryEncryptionType": { + "type": "string" + }, + "aws-native:ecr:RepositoryImageScanningConfiguration": { + "type": "object", + "properties": { + "scanOnPush": { + "type": "boolean", + "description": "The setting that determines whether images are scanned after being pushed to a repository. If set to ``true``, images will be scanned after being pushed. If this parameter is not specified, it will default to ``false`` and images will not be scanned unless a scan is manually started." + } + } + }, + "aws-native:ecr:RepositoryImageTagMutability": { + "type": "string" + }, + "aws-native:ecr:RepositoryLifecyclePolicy": { + "type": "object", + "properties": { + "lifecyclePolicyText": { + "type": "string", + "description": "The JSON repository policy text to apply to the repository." + }, + "registryId": { + "type": "string", + "description": "The AWS account ID associated with the registry that contains the repository. If you do\n not specify a registry, the default registry is assumed." + } + } + }, + "aws-native:ecr:RepositoryTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that make up a tag. A ``key`` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "A ``value`` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:ecs:CapacityProviderAutoScalingGroupProvider": { + "type": "object", + "properties": { + "autoScalingGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name.", + "replaceOnChanges": true + }, + "managedDraining": { + "$ref": "#/types/aws-native:ecs:CapacityProviderAutoScalingGroupProviderManagedDraining", + "description": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider." + }, + "managedScaling": { + "$ref": "#/types/aws-native:ecs:CapacityProviderManagedScaling", + "description": "The managed scaling settings for the Auto Scaling group capacity provider." + }, + "managedTerminationProtection": { + "$ref": "#/types/aws-native:ecs:CapacityProviderAutoScalingGroupProviderManagedTerminationProtection", + "description": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is off.\n\n\u003e When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work. \n\nWhen managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions on as well. For more information, see [Instance Protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) in the *AWS Auto Scaling User Guide* .\n\nWhen managed termination protection is off, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in." + } + } + }, + "aws-native:ecs:CapacityProviderAutoScalingGroupProviderManagedDraining": { + "type": "string" + }, + "aws-native:ecs:CapacityProviderAutoScalingGroupProviderManagedTerminationProtection": { + "type": "string" + }, + "aws-native:ecs:CapacityProviderManagedScaling": { + "type": "object", + "properties": { + "instanceWarmupPeriod": { + "type": "integer", + "description": "The period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of `300` seconds is used." + }, + "maximumScalingStepSize": { + "type": "integer", + "description": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter. If this parameter is omitted, the default value of `10000` is used." + }, + "minimumScalingStepSize": { + "type": "integer", + "description": "The minimum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter If this parameter is omitted, the default value of `1` is used.\n\nWhen additional capacity is required, Amazon ECS will scale up the minimum scaling step size even if the actual demand is less than the minimum scaling step size.\n\nIf you use a capacity provider with an Auto Scaling group configured with more than one Amazon EC2 instance type or Availability Zone, Amazon ECS will scale up by the exact minimum scaling step size value and will ignore both the maximum scaling step size as well as the capacity demand." + }, + "status": { + "$ref": "#/types/aws-native:ecs:CapacityProviderManagedScalingStatus", + "description": "Determines whether to use managed scaling for the capacity provider." + }, + "targetCapacity": { + "type": "integer", + "description": "The target capacity utilization as a percentage for the capacity provider. The specified value must be greater than `0` and less than or equal to `100` . For example, if you want the capacity provider to maintain 10% spare capacity, then that means the utilization is 90%, so use a `targetCapacity` of `90` . The default value of `100` percent results in the Amazon EC2 instances in your Auto Scaling group being completely used." + } + } + }, + "aws-native:ecs:CapacityProviderManagedScalingStatus": { + "type": "string" + }, + "aws-native:ecs:CapacityProviderTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that make up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that make up a tag. A `value` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:ecs:ClusterCapacityProviderAssociationsCapacityProvider": { + "type": "string" + }, + "aws-native:ecs:ClusterCapacityProviderAssociationsCapacityProvider0": { + "type": "string" + }, + "aws-native:ecs:ClusterCapacityProviderAssociationsCapacityProviderStrategy": { + "type": "object", + "properties": { + "base": { + "type": "integer" + }, + "capacityProvider": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ecs:ClusterCapacityProviderAssociationsCapacityProvider" + }, + { + "type": "string" + } + ] + }, + "weight": { + "type": "integer" + } + } + }, + "aws-native:ecs:ClusterCapacityProviderStrategyItem": { + "type": "object", + "properties": { + "base": { + "type": "integer", + "description": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of ``0`` is used." + }, + "capacityProvider": { + "type": "string", + "description": "The short name of the capacity provider." + }, + "weight": { + "type": "integer", + "description": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The ``weight`` value is taken into consideration after the ``base`` value, if defined, is satisfied.\n If no ``weight`` value is specified, the default value of ``0`` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of ``0`` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of ``0``, any ``RunTask`` or ``CreateService`` actions using the capacity provider strategy will fail.\n An example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of ``1``, then when the ``base`` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of ``1`` for *capacityProviderA* and a weight of ``4`` for *capacityProviderB*, then for every one task that's run using *capacityProviderA*, four tasks would use *capacityProviderB*." + } + } + }, + "aws-native:ecs:ClusterConfiguration": { + "type": "object", + "properties": { + "executeCommandConfiguration": { + "$ref": "#/types/aws-native:ecs:ClusterExecuteCommandConfiguration", + "description": "The details of the execute command configuration." + }, + "managedStorageConfiguration": { + "$ref": "#/types/aws-native:ecs:ClusterManagedStorageConfiguration", + "description": "The details of the managed storage configuration." + } + } + }, + "aws-native:ecs:ClusterExecuteCommandConfiguration": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "Specify an KMSlong key ID to encrypt the data between the local client and the container." + }, + "logConfiguration": { + "$ref": "#/types/aws-native:ecs:ClusterExecuteCommandLogConfiguration", + "description": "The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. When ``logging=OVERRIDE`` is specified, a ``logConfiguration`` must be provided." + }, + "logging": { + "type": "string", + "description": "The log setting to use for redirecting logs for your execute command results. The following log settings are available.\n + ``NONE``: The execute command session is not logged.\n + ``DEFAULT``: The ``awslogs`` configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no ``awslogs`` log driver is configured in the task definition, the output won't be logged.\n + ``OVERRIDE``: Specify the logging details as a part of ``logConfiguration``. If the ``OVERRIDE`` logging option is specified, the ``logConfiguration`` is required." + } + } + }, + "aws-native:ecs:ClusterExecuteCommandLogConfiguration": { + "type": "object", + "properties": { + "cloudWatchEncryptionEnabled": { + "type": "boolean", + "description": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption will be off." + }, + "cloudWatchLogGroupName": { + "type": "string", + "description": "The name of the CloudWatch log group to send logs to.\n The CloudWatch log group must already be created." + }, + "s3BucketName": { + "type": "string", + "description": "The name of the S3 bucket to send logs to.\n The S3 bucket must already be created." + }, + "s3EncryptionEnabled": { + "type": "boolean", + "description": "Determines whether to use encryption on the S3 logs. If not specified, encryption is not used." + }, + "s3KeyPrefix": { + "type": "string", + "description": "An optional folder in the S3 bucket to place logs in." + } + }, + "irreversibleNames": { + "s3BucketName": "S3BucketName", + "s3EncryptionEnabled": "S3EncryptionEnabled", + "s3KeyPrefix": "S3KeyPrefix" + } + }, + "aws-native:ecs:ClusterManagedStorageConfiguration": { + "type": "object", + "properties": { + "fargateEphemeralStorageKmsKeyId": { + "type": "string", + "description": "Specify the KMSlong key ID for the Fargate ephemeral storage." + }, + "kmsKeyId": { + "type": "string", + "description": "Specify a KMSlong key ID to encrypt the managed storage." + } + } + }, + "aws-native:ecs:ClusterServiceConnectDefaults": { + "type": "object", + "properties": { + "namespace": { + "type": "string", + "description": "The namespace name or full Amazon Resource Name (ARN) of the CMAPlong namespace that's used when you create a service and don't specify a Service Connect configuration. The namespace name can include up to 1024 characters. The name is case-sensitive. The name can't include hyphens (-), tilde (~), greater than (\u003e), less than (\u003c), or slash (/).\n If you enter an existing namespace name or ARN, then that namespace will be used. Any namespace type is supported. The namespace must be in this account and this AWS Region.\n If you enter a new name, a CMAPlong namespace will be created. Amazon ECS creates a CMAP namespace with the \"API calls\" method of instance discovery only. This instance discovery method is the \"HTTP\" namespace type in the CLIlong. Other types of instance discovery aren't used by Service Connect.\n If you update the cluster with an empty string ``\"\"`` for the namespace name, the cluster configuration for Service Connect is removed. Note that the namespace will remain in CMAP and must be deleted separately.\n For more information about CMAPlong, see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *Developer Guide*." + } + } + }, + "aws-native:ecs:ClusterSettings": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the cluster setting. The value is ``containerInsights`` ." + }, + "value": { + "type": "string", + "description": "The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. \n If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html)." + } + } + }, + "aws-native:ecs:ClusterTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that make up a tag. A ``key`` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that make up a tag. A ``value`` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:ecs:ServiceAwsVpcConfiguration": { + "type": "object", + "properties": { + "assignPublicIp": { + "$ref": "#/types/aws-native:ecs:ServiceAwsVpcConfigurationAssignPublicIp", + "description": "Whether the task's elastic network interface receives a public IP address. The default value is ``DISABLED``." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified per ``AwsVpcConfiguration``.\n All specified security groups must be from the same VPC." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified per ``AwsVpcConfiguration``.\n All specified subnets must be from the same VPC." + } + } + }, + "aws-native:ecs:ServiceAwsVpcConfigurationAssignPublicIp": { + "type": "string" + }, + "aws-native:ecs:ServiceCapacityProviderStrategyItem": { + "type": "object", + "properties": { + "base": { + "type": "integer", + "description": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of ``0`` is used." + }, + "capacityProvider": { + "type": "string", + "description": "The short name of the capacity provider." + }, + "weight": { + "type": "integer", + "description": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The ``weight`` value is taken into consideration after the ``base`` value, if defined, is satisfied.\n If no ``weight`` value is specified, the default value of ``0`` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of ``0`` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of ``0``, any ``RunTask`` or ``CreateService`` actions using the capacity provider strategy will fail.\n An example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of ``1``, then when the ``base`` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of ``1`` for *capacityProviderA* and a weight of ``4`` for *capacityProviderB*, then for every one task that's run using *capacityProviderA*, four tasks would use *capacityProviderB*." + } + } + }, + "aws-native:ecs:ServiceConnectClientAlias": { + "type": "object", + "properties": { + "dnsName": { + "type": "string", + "description": "The ``dnsName`` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n If this parameter isn't specified, the default value of ``discoveryName.namespace`` is used. If the ``discoveryName`` isn't specified, the port mapping name from the task definition is used in ``portName.namespace``.\n To avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are ``database``, ``db``, or the lowercase name of a database, such as ``mysql`` or ``redis``. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "port": { + "type": "integer", + "description": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n To avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*." + } + } + }, + "aws-native:ecs:ServiceConnectConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Specifies whether to use Service Connect with this service." + }, + "logConfiguration": { + "$ref": "#/types/aws-native:ecs:ServiceLogConfiguration", + "description": "The log configuration for the container. This parameter maps to ``LogConfig`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--log-driver`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/run/).\n By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition. For more information about the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n Understand the following when specifying a log configuration for your containers.\n + Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.\n For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``.\n For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``logentries``,``syslog``, ``splunk``, and ``awsfirelens``.\n + This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.\n + For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the ``ECS_AVAILABLE_LOGGING_DRIVERS`` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide*.\n + For tasks that are on FARGATElong, because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to." + }, + "namespace": { + "type": "string", + "description": "The namespace name or full Amazon Resource Name (ARN) of the CMAPlong namespace for use with Service Connect. The namespace must be in the same AWS Region as the Amazon ECS service and cluster. The type of namespace doesn't affect Service Connect. For more information about CMAPlong, see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *Developer Guide*." + }, + "services": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceConnectService" + }, + "description": "The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service. \n This field is not required for a \"client\" Amazon ECS service that's a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that's attached to the service or by other means.\n An object selects a port from the task definition, assigns a name for the CMAPlong service, and a list of aliases (endpoints) and ports for client applications to refer to this service." + } + } + }, + "aws-native:ecs:ServiceConnectService": { + "type": "object", + "properties": { + "clientAliases": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceConnectClientAlias" + }, + "description": "The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1.\n Each alias (\"endpoint\") is a fully-qualified name and port number that other Amazon ECS tasks (\"clients\") can use to connect to this service.\n Each name and port mapping must be unique within the namespace.\n For each ``ServiceConnectService``, you must provide at least one ``clientAlias`` with one ``port``." + }, + "discoveryName": { + "type": "string", + "description": "The ``discoveryName`` is the name of the new CMAP service that Amazon ECS creates for this Amazon ECS service. This must be unique within the CMAP namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n If the ``discoveryName`` isn't specified, the port mapping name from the task definition is used in ``portName.namespace``." + }, + "ingressPortOverride": { + "type": "integer", + "description": "The port number for the Service Connect proxy to listen on.\n Use the value of this field to bypass the proxy for traffic on the port number specified in the named ``portMapping`` in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service.\n In ``awsvpc`` mode and Fargate, the default value is the container port number. The container port number is in the ``portMapping`` in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy." + }, + "portName": { + "type": "string", + "description": "The ``portName`` must match the name of one of the ``portMappings`` from all the containers in the task definition of this Amazon ECS service." + }, + "timeout": { + "$ref": "#/types/aws-native:ecs:ServiceTimeoutConfiguration", + "description": "A reference to an object that represents the configured timeouts for Service Connect." + }, + "tls": { + "$ref": "#/types/aws-native:ecs:ServiceConnectTlsConfiguration", + "description": "A reference to an object that represents a Transport Layer Security (TLS) configuration." + } + } + }, + "aws-native:ecs:ServiceConnectTlsCertificateAuthority": { + "type": "object", + "properties": { + "awsPcaAuthorityArn": { + "type": "string", + "description": "The ARN of the AWS Private Certificate Authority certificate." + } + } + }, + "aws-native:ecs:ServiceConnectTlsConfiguration": { + "type": "object", + "properties": { + "issuerCertificateAuthority": { + "$ref": "#/types/aws-native:ecs:ServiceConnectTlsCertificateAuthority", + "description": "The signer certificate authority." + }, + "kmsKey": { + "type": "string", + "description": "The AWS Key Management Service key." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that's associated with the Service Connect TLS." + } + } + }, + "aws-native:ecs:ServiceDeploymentAlarms": { + "type": "object", + "properties": { + "alarmNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more CloudWatch alarm names. Use a \",\" to separate the alarms." + }, + "enable": { + "type": "boolean", + "description": "Determines whether to use the CloudWatch alarm option in the service deployment process." + }, + "rollback": { + "type": "boolean", + "description": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully." + } + } + }, + "aws-native:ecs:ServiceDeploymentCircuitBreaker": { + "type": "object", + "properties": { + "enable": { + "type": "boolean", + "description": "Determines whether to use the deployment circuit breaker logic for the service." + }, + "rollback": { + "type": "boolean", + "description": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully." + } + } + }, + "aws-native:ecs:ServiceDeploymentConfiguration": { + "type": "object", + "properties": { + "alarms": { + "$ref": "#/types/aws-native:ecs:ServiceDeploymentAlarms", + "description": "Information about the CloudWatch alarms." + }, + "deploymentCircuitBreaker": { + "$ref": "#/types/aws-native:ecs:ServiceDeploymentCircuitBreaker", + "description": "The deployment circuit breaker can only be used for services using the rolling update (``ECS``) deployment type.\n The *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*" + }, + "maximumPercent": { + "type": "integer", + "description": "If a service is using the rolling update (``ECS``) deployment type, the ``maximumPercent`` parameter represents an upper limit on the number of your service's tasks that are allowed in the ``RUNNING`` or ``PENDING`` state during a deployment, as a percentage of the ``desiredCount`` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the ``REPLICA`` service scheduler and has a ``desiredCount`` of four tasks and a ``maximumPercent`` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default ``maximumPercent`` value for a service using the ``REPLICA`` service scheduler is 200%.\n If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and tasks that use the EC2 launch type, the *maximum percent* value is set to the default value and is used to define the upper limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state. If the tasks in the service use the Fargate launch type, the maximum percent value is not used, although it is returned when describing your service." + }, + "minimumHealthyPercent": { + "type": "integer", + "description": "If a service is using the rolling update (``ECS``) deployment type, the ``minimumHealthyPercent`` represents a lower limit on the number of your service's tasks that must remain in the ``RUNNING`` state during a deployment, as a percentage of the ``desiredCount`` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a ``desiredCount`` of four tasks and a ``minimumHealthyPercent`` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks. \n For services that *do not* use a load balancer, the following should be noted:\n + A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n + If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a ``RUNNING`` state before the task is counted towards the minimum healthy percent total.\n + If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings. \n \n For services that *do* use a load balancer, the following should be noted:\n + If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n + If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n \n If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value and is used to define the lower limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state. If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service." + } + } + }, + "aws-native:ecs:ServiceDeploymentController": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:ecs:ServiceDeploymentControllerType", + "description": "The deployment controller type to use. There are three deployment controller types available:\n + ECS The rolling update (ECS) deployment type involves replacing the current running version of the container with the latest version. The number of containers Amazon ECS adds or removes from the service during a rolling update is controlled by adjusting the minimum and maximum number of healthy tasks allowed during a service deployment, as specified in the DeploymentConfiguration. + CODE_DEPLOY The blue/green (CODE_DEPLOY) deployment type uses the blue/green deployment model powered by , which allows you to verify a new deployment of a service before sending production traffic to it. + EXTERNAL The external (EXTERNAL) deployment type enables you to use any third-party deployment controller for full control over the deployment process for an Amazon ECS service." + } + } + }, + "aws-native:ecs:ServiceDeploymentControllerType": { + "type": "string" + }, + "aws-native:ecs:ServiceEbsTagSpecification": { + "type": "object", + "properties": { + "propagateTags": { + "$ref": "#/types/aws-native:ecs:ServiceEbsTagSpecificationPropagateTags", + "description": "Determines whether to propagate the tags from the task definition to \nthe Amazon EBS volume. Tags can only propagate to a ``SERVICE`` specified in \n``ServiceVolumeConfiguration``. If no value is specified, the tags aren't \npropagated." + }, + "resourceType": { + "type": "string", + "description": "The type of volume resource." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceTag" + }, + "description": "The tags applied to this Amazon EBS volume. ``AmazonECSCreated`` and ``AmazonECSManaged`` are reserved tags that can't be used." + } + } + }, + "aws-native:ecs:ServiceEbsTagSpecificationPropagateTags": { + "type": "string" + }, + "aws-native:ecs:ServiceLaunchType": { + "type": "string" + }, + "aws-native:ecs:ServiceLoadBalancer": { + "type": "object", + "properties": { + "containerName": { + "type": "string", + "description": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n You need to specify the container name when configuring the target group for an Amazon ECS load balancer." + }, + "containerPort": { + "type": "integer", + "description": "The port on the container to associate with the load balancer. This port must correspond to a ``containerPort`` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the ``hostPort`` of the port mapping." + }, + "loadBalancerName": { + "type": "string", + "description": "The name of the load balancer to associate with the Amazon ECS service or task set.\n If you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted." + }, + "targetGroupArn": { + "type": "string", + "description": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n A target group ARN is only specified when using an Application Load Balancer or Network Load Balancer. \n For services using the ``ECS`` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide*.\n For services using the ``CODE_DEPLOY`` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide*.\n If your service's task definition uses the ``awsvpc`` network mode, you must choose ``ip`` as the target type, not ``instance``. Do this when creating your target groups because tasks that use the ``awsvpc`` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type." + } + } + }, + "aws-native:ecs:ServiceLogConfiguration": { + "type": "object", + "properties": { + "logDriver": { + "type": "string", + "description": "The log driver to use for the container.\n For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``.\n For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``logentries``,``syslog``, ``splunk``, and ``awsfirelens``.\n For more information about using the ``awslogs`` log driver, see [Using the awslogs log driver](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide*.\n For more information about using the ``awsfirelens`` log driver, see [Custom log routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*.\n If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software." + }, + "options": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``" + }, + "secretOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceSecret" + }, + "description": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*." + } + } + }, + "aws-native:ecs:ServiceManagedEbsVolumeConfiguration": { + "type": "object", + "properties": { + "encrypted": { + "type": "boolean", + "description": "Indicates whether the volume should be encrypted. If no value is specified, encryption is turned on by default. This parameter maps 1:1 with the ``Encrypted`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*." + }, + "filesystemType": { + "type": "string", + "description": "The Linux filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the task will fail to start.\n The available filesystem types are\n ``ext3``, ``ext4``, and ``xfs``. If no value is specified, the ``xfs`` filesystem type is used by default." + }, + "iops": { + "type": "integer", + "description": "The number of I/O operations per second (IOPS). For ``gp3``, ``io1``, and ``io2`` volumes, this represents the number of IOPS that are provisioned for the volume. For ``gp2`` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n The following are the supported values for each volume type.\n + ``gp3``: 3,000 - 16,000 IOPS\n + ``io1``: 100 - 64,000 IOPS\n + ``io2``: 100 - 256,000 IOPS\n \n This parameter is required for ``io1`` and ``io2`` volume types. The default for ``gp3`` volumes is ``3,000 IOPS``. This parameter is not supported for ``st1``, ``sc1``, or ``standard`` volume types.\n This parameter maps 1:1 with the ``Iops`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*." + }, + "kmsKeyId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) identifier of the AWS Key Management Service key to use for Amazon EBS encryption. When encryption is turned on and no AWS Key Management Service key is specified, the default AWS managed key for Amazon EBS volumes is used. This parameter maps 1:1 with the ``KmsKeyId`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*.\n AWS authenticates the AWS Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your AWS infrastructure. We recommend using the Amazon ECS-managed ``AmazonECSInfrastructureRolePolicyForVolumes`` IAM policy with this role. For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide*." + }, + "sizeInGiB": { + "type": "integer", + "description": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the ``Size`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*.\n The following are the supported volume size values for each volume type.\n + ``gp2`` and ``gp3``: 1-16,384\n + ``io1`` and ``io2``: 4-16,384\n + ``st1`` and ``sc1``: 125-16,384\n + ``standard``: 1-1,024" + }, + "snapshotId": { + "type": "string", + "description": "The snapshot that Amazon ECS uses to create the volume. You must specify either a snapshot ID or a volume size. This parameter maps 1:1 with the ``SnapshotId`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*." + }, + "tagSpecifications": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:ServiceEbsTagSpecification" + }, + "description": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the ``TagSpecifications.N`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*." + }, + "throughput": { + "type": "integer", + "description": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the ``Throughput`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*.\n This parameter is only supported for the ``gp3`` volume type." + }, + "volumeType": { + "type": "string", + "description": "The volume type. This parameter maps 1:1 with the ``VolumeType`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide*.\n The following are the supported volume types.\n + General Purpose SSD: ``gp2``|``gp3`` \n + Provisioned IOPS SSD: ``io1``|``io2`` \n + Throughput Optimized HDD: ``st1`` \n + Cold HDD: ``sc1`` \n + Magnetic: ``standard`` \n The magnetic volume type is not supported on Fargate." + } + } + }, + "aws-native:ecs:ServiceNetworkConfiguration": { + "type": "object", + "properties": { + "awsvpcConfiguration": { + "$ref": "#/types/aws-native:ecs:ServiceAwsVpcConfiguration", + "description": "The VPC subnets and security groups that are associated with a task.\n All specified subnets and security groups must be from the same VPC." + } + } + }, + "aws-native:ecs:ServicePlacementConstraint": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is ``distinctInstance``. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "type": { + "$ref": "#/types/aws-native:ecs:ServicePlacementConstraintType", + "description": "The type of constraint. Use ``distinctInstance`` to ensure that each task in a particular group is running on a different container instance. Use ``memberOf`` to restrict the selection to a group of valid candidates." + } + } + }, + "aws-native:ecs:ServicePlacementConstraintType": { + "type": "string" + }, + "aws-native:ecs:ServicePlacementStrategy": { + "type": "object", + "properties": { + "field": { + "type": "string", + "description": "The field to apply the placement strategy against. For the ``spread`` placement strategy, valid values are ``instanceId`` (or ``host``, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as ``attribute:ecs.availability-zone``. For the ``binpack`` placement strategy, valid values are ``CPU`` and ``MEMORY``. For the ``random`` placement strategy, this field is not used." + }, + "type": { + "$ref": "#/types/aws-native:ecs:ServicePlacementStrategyType", + "description": "The type of placement strategy. The ``random`` placement strategy randomly places tasks on available candidates. The ``spread`` placement strategy spreads placement across available candidates evenly based on the ``field`` parameter. The ``binpack`` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the ``field`` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task." + } + } + }, + "aws-native:ecs:ServicePlacementStrategyType": { + "type": "string" + }, + "aws-native:ecs:ServicePropagateTags": { + "type": "string" + }, + "aws-native:ecs:ServiceRegistry": { + "type": "object", + "properties": { + "containerName": { + "type": "string", + "description": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the ``bridge`` or ``host`` network mode, you must specify a ``containerName`` and ``containerPort`` combination from the task definition. If the task definition that your service task specifies uses the ``awsvpc`` network mode and a type SRV DNS record is used, you must specify either a ``containerName`` and ``containerPort`` combination or a ``port`` value. However, you can't specify both." + }, + "containerPort": { + "type": "integer", + "description": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the ``bridge`` or ``host`` network mode, you must specify a ``containerName`` and ``containerPort`` combination from the task definition. If the task definition your service task specifies uses the ``awsvpc`` network mode and a type SRV DNS record is used, you must specify either a ``containerName`` and ``containerPort`` combination or a ``port`` value. However, you can't specify both." + }, + "port": { + "type": "integer", + "description": "The port value used if your service discovery service specified an SRV record. This field might be used if both the ``awsvpc`` network mode and SRV records are used." + }, + "registryArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is CMAP. For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html)." + } + } + }, + "aws-native:ecs:ServiceSchedulingStrategy": { + "type": "string" + }, + "aws-native:ecs:ServiceSecret": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the secret." + }, + "valueFrom": { + "type": "string", + "description": "The secret to expose to the container. The supported values are either the full ARN of the ASMlong secret or the full ARN of the parameter in the SSM Parameter Store.\n For information about the require IAMlong permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide*.\n If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified." + } + } + }, + "aws-native:ecs:ServiceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that make up a tag. A ``key`` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that make up a tag. A ``value`` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:ecs:ServiceTimeoutConfiguration": { + "type": "object", + "properties": { + "idleTimeoutSeconds": { + "type": "integer", + "description": "The amount of time in seconds a connection will stay active while idle. A value of ``0`` can be set to disable ``idleTimeout``.\n The ``idleTimeout`` default for ``HTTP``/``HTTP2``/``GRPC`` is 5 minutes.\n The ``idleTimeout`` default for ``TCP`` is 1 hour." + }, + "perRequestTimeoutSeconds": { + "type": "integer", + "description": "The amount of time waiting for the upstream to respond with a complete response per request. A value of ``0`` can be set to disable ``perRequestTimeout``. ``perRequestTimeout`` can only be set if Service Connect ``appProtocol`` isn't ``TCP``. Only ``idleTimeout`` is allowed for ``TCP`` ``appProtocol``." + } + } + }, + "aws-native:ecs:ServiceVolumeConfiguration": { + "type": "object", + "properties": { + "managedEbsVolume": { + "$ref": "#/types/aws-native:ecs:ServiceManagedEbsVolumeConfiguration", + "description": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created." + }, + "name": { + "type": "string", + "description": "The name of the volume. This value must match the volume name from the ``Volume`` object in the task definition." + } + }, + "irreversibleNames": { + "managedEbsVolume": "ManagedEBSVolume" + } + }, + "aws-native:ecs:TaskDefinitionAuthorizationConfig": { + "type": "object", + "properties": { + "accessPointId": { + "type": "string", + "description": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the ``EFSVolumeConfiguration`` must either be omitted or set to ``/`` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the ``EFSVolumeConfiguration``. For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide*." + }, + "iam": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionAuthorizationConfigIam", + "description": "Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the ``EFSVolumeConfiguration``. If this parameter is omitted, the default value of ``DISABLED`` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service Developer Guide*." + } + }, + "irreversibleNames": { + "iam": "IAM" + } + }, + "aws-native:ecs:TaskDefinitionAuthorizationConfigIam": { + "type": "string" + }, + "aws-native:ecs:TaskDefinitionContainerDefinition": { + "type": "object", + "properties": { + "command": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The command that's passed to the container. This parameter maps to ``Cmd`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``COMMAND`` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). For more information, see [https://docs.docker.com/engine/reference/builder/#cmd](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd). If there are multiple arguments, each argument is a separated string in the array." + }, + "cpu": { + "type": "integer", + "description": "The number of ``cpu`` units reserved for the container. This parameter maps to ``CpuShares`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--cpu-shares`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n This field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level ``cpu`` value.\n You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024.\n Linux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.\n On Linux container instances, the Docker daemon on the container instance uses the CPU value to calculate the relative CPU share ratios for running containers. For more information, see [CPU share constraint](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#cpu-share-constraint) in the Docker documentation. The minimum valid CPU share value that the Linux kernel allows is 2, and the maximum valid CPU share value that the Linux kernel allows is 262144. However, the CPU parameter isn't required, and you can use CPU values below 2 or above 262144 in your container definitions. For CPU values below 2 (including null) or above 262144, the behavior varies based on your Amazon ECS container agent version:\n + *Agent versions less than or equal to 1.1.0:* Null and zero CPU values are passed to Docker as 0, which Docker then converts to 1,024 CPU shares. CPU values of 1 are passed to Docker as 1, which the Linux kernel converts to two CPU shares.\n + *Agent versions greater than or equal to 1.2.0:* Null, zero, and CPU values of 1 are passed to Docker as 2.\n + *Agent versions greater than or equal to 1.84.0:* CPU values greater than 256 vCPU are passed to Docker as 256, which is equivalent to 262144 CPU shares.\n \n On Windows container instances, the CPU limit is enforced as an absolute limit, or a quota. Windows containers only have access to the specified amount of CPU that's described in the task definition. A null or zero CPU value is passed to Docker as ``0``, which Windows interprets as 1% of one CPU." + }, + "credentialSpecs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of ARNs in SSM or Amazon S3 to a credential spec (``CredSpec``) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the ``dockerSecurityOptions``. The maximum number of ARNs is 1.\n There are two formats for each ARN.\n + credentialspecdomainless:MyARN You use credentialspecdomainless:MyARN to provide a CredSpec with an additional section for a secret in . You provide the login credentials to the domain in the secret. Each task that runs on any container instance can join different domains. You can use this format without joining the container instance to a domain. + credentialspec:MyARN You use credentialspec:MyARN to provide a CredSpec for a single domain. You must join the container instance to the domain before you start any tasks that use this task definition. \n In both formats, replace ``MyARN`` with the ARN in SSM or Amazon S3.\n If you provide a ``credentialspecdomainless:MyARN``, the ``credspec`` must provide a ARN in ASMlong for a secret containing the username, password, and the domain to connect to. For better security, the instance isn't joined to the domain for domainless authentication. Other applications on the instance can't use the domainless credentials. You can use this parameter to run tasks on the same instance, even it the tasks need to join different domains. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html)." + }, + "dependsOn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionContainerDependency" + }, + "description": "The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed.\n For tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*.\n For tasks using the Fargate launch type, the task or service requires the following platforms:\n + Linux platform version ``1.3.0`` or later.\n + Windows platform version ``1.0.0`` or later.\n \n If the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html), the ``dependsOn`` parameter is not supported. For more information see [Issue #680](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/issues/680) on the on the GitHub website." + }, + "disableNetworking": { + "type": "boolean", + "description": "When this parameter is true, networking is off within the container. This parameter maps to ``NetworkDisabled`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/).\n This parameter is not supported for Windows containers." + }, + "dnsSearchDomains": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of DNS search domains that are presented to the container. This parameter maps to ``DnsSearch`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--dns-search`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n This parameter is not supported for Windows containers." + }, + "dnsServers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of DNS servers that are presented to the container. This parameter maps to ``Dns`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--dns`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n This parameter is not supported for Windows containers." + }, + "dockerLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key/value map of labels to add to the container. This parameter maps to ``Labels`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--label`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``" + }, + "dockerSecurityOptions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of strings to provide custom configuration for multiple security systems. For more information about valid values, see [Docker Run Security Configuration](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). This field isn't valid for containers in tasks using the Fargate launch type.\n For Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.\n For any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide*.\n This parameter maps to ``SecurityOpt`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--security-opt`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n The Amazon ECS container agent running on a container instance must register with the ``ECS_SELINUX_CAPABLE=true`` or ``ECS_APPARMOR_CAPABLE=true`` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide*.\n For more information about valid values, see [Docker Run Security Configuration](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). \n Valid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" | \"credentialspec:CredentialSpecFilePath\"" + }, + "entryPoint": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Early versions of the Amazon ECS container agent don't properly handle ``entryPoint`` parameters. If you have problems using ``entryPoint``, update your container agent or enter your commands and arguments as ``command`` array items instead.\n The entry point that's passed to the container. This parameter maps to ``Entrypoint`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--entrypoint`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). For more information, see [https://docs.docker.com/engine/reference/builder/#entrypoint](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#entrypoint)." + }, + "environment": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionKeyValuePair" + }, + "description": "The environment variables to pass to a container. This parameter maps to ``Env`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--env`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n We don't recommend that you use plaintext environment variables for sensitive information, such as credential data." + }, + "environmentFiles": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionEnvironmentFile" + }, + "description": "A list of files containing the environment variables to pass to a container. This parameter maps to the ``--env-file`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n You can specify up to ten environment files. The file must have a ``.env`` file extension. Each line in an environment file contains an environment variable in ``VARIABLE=VALUE`` format. Lines beginning with ``#`` are treated as comments and are ignored. For more information about the environment variable file syntax, see [Declare default environment variables in file](https://docs.aws.amazon.com/https://docs.docker.com/compose/env-file/).\n If there are environment variables specified using the ``environment`` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "essential": { + "type": "boolean", + "description": "If the ``essential`` parameter of a container is marked as ``true``, and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the ``essential`` parameter of a container is marked as ``false``, its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n All tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "extraHosts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionHostEntry" + }, + "description": "A list of hostnames and IP address mappings to append to the ``/etc/hosts`` file on the container. This parameter maps to ``ExtraHosts`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--add-host`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n This parameter isn't supported for Windows containers or tasks that use the ``awsvpc`` network mode." + }, + "firelensConfiguration": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionFirelensConfiguration", + "description": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "healthCheck": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionHealthCheck", + "description": "The container health check command and associated configuration parameters for the container. This parameter maps to ``HealthCheck`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``HEALTHCHECK`` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration)." + }, + "hostname": { + "type": "string", + "description": "The hostname to use for your container. This parameter maps to ``Hostname`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--hostname`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n The ``hostname`` parameter is not supported if you're using the ``awsvpc`` network mode." + }, + "image": { + "type": "string", + "description": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either ``repository-url/image:tag`` or ``repository-url/image@digest``. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to ``Image`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``IMAGE`` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n + When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n + Images in Amazon ECR repositories can be specified by either using the full ``registry/repository:tag`` or ``registry/repository@digest``. For example, ``012345678910.dkr.ecr.\u003cregion-name\u003e.amazonaws.com/\u003crepository-name\u003e:latest`` or ``012345678910.dkr.ecr.\u003cregion-name\u003e.amazonaws.com/\u003crepository-name\u003e@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE``. \n + Images in official repositories on Docker Hub use a single name (for example, ``ubuntu`` or ``mongo``).\n + Images in other repositories on Docker Hub are qualified with an organization name (for example, ``amazon/amazon-ecs-agent``).\n + Images in other online repositories are qualified further by a domain name (for example, ``quay.io/assemblyline/ubuntu``)." + }, + "interactive": { + "type": "boolean", + "description": "When this parameter is ``true``, you can deploy containerized applications that require ``stdin`` or a ``tty`` to be allocated. This parameter maps to ``OpenStdin`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--interactive`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration)." + }, + "links": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ``links`` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is ``bridge``. The ``name:internalName`` construct is analogous to ``name:alias`` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. For more information about linking Docker containers, go to [Legacy container links](https://docs.aws.amazon.com/https://docs.docker.com/network/links/) in the Docker documentation. This parameter maps to ``Links`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--link`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n This parameter is not supported for Windows containers.\n Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings." + }, + "linuxParameters": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionLinuxParameters", + "description": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html).\n This parameter is not supported for Windows containers." + }, + "logConfiguration": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionLogConfiguration", + "description": "The log configuration specification for the container.\n This parameter maps to ``LogConfig`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--log-driver`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html) data type). Additional log drivers may be available in future releases of the Amazon ECS container agent.\n This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` \n The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ``ECS_AVAILABLE_LOGGING_DRIVERS`` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "memory": { + "type": "integer", + "description": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task ``memory`` value, if one is specified. This parameter maps to ``Memory`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--memory`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n If using the Fargate launch type, this parameter is optional.\n If using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level ``memory`` and ``memoryReservation`` value, ``memory`` must be greater than ``memoryReservation``. If you specify ``memoryReservation``, then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of ``memory`` is used.\n The Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.\n The Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers." + }, + "memoryReservation": { + "type": "integer", + "description": "The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the ``memory`` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to ``MemoryReservation`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--memory-reservation`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n If a task-level memory value is not specified, you must specify a non-zero integer for one or both of ``memory`` or ``memoryReservation`` in a container definition. If you specify both, ``memory`` must be greater than ``memoryReservation``. If you specify ``memoryReservation``, then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of ``memory`` is used.\n For example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a ``memoryReservation`` of 128 MiB, and a ``memory`` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.\n The Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers. \n The Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers." + }, + "mountPoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionMountPoint" + }, + "description": "The mount points for data volumes in your container.\n This parameter maps to ``Volumes`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--volume`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n Windows containers can mount whole directories on the same drive as ``$env:ProgramData``. Windows containers can't mount directories on a different drive, and mount point can't be across drives." + }, + "name": { + "type": "string", + "description": "The name of a container. If you're linking multiple containers together in a task definition, the ``name`` of one container can be entered in the ``links`` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to ``name`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--name`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration)." + }, + "portMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionPortMapping" + }, + "description": "The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.\n For task definitions that use the ``awsvpc`` network mode, you should only specify the ``containerPort``. The ``hostPort`` can be left blank or it must be the same value as the ``containerPort``.\n Port mappings on Windows use the ``NetNAT`` gateway address rather than ``localhost``. There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself. \n This parameter maps to ``PortBindings`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--publish`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). If the network mode of a task definition is set to ``none``, then you can't specify port mappings. If the network mode of a task definition is set to ``host``, then host ports must either be undefined or they must match the container port in the port mapping.\n After a task reaches the ``RUNNING`` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the ``networkBindings`` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses." + }, + "privileged": { + "type": "boolean", + "description": "When this parameter is true, the container is given elevated privileges on the host container instance (similar to the ``root`` user). This parameter maps to ``Privileged`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--privileged`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n This parameter is not supported for Windows containers or tasks run on FARGATElong." + }, + "pseudoTerminal": { + "type": "boolean", + "description": "When this parameter is ``true``, a TTY is allocated. This parameter maps to ``Tty`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--tty`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration)." + }, + "readonlyRootFilesystem": { + "type": "boolean", + "description": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ``ReadonlyRootfs`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--read-only`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n This parameter is not supported for Windows containers." + }, + "repositoryCredentials": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionRepositoryCredentials", + "description": "The private repository authentication credentials to use." + }, + "resourceRequirements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionResourceRequirement" + }, + "description": "The type and amount of a resource to assign to a container. The only supported resource is a GPU." + }, + "secrets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionSecret" + }, + "description": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "startTimeout": { + "type": "integer", + "description": "Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a ``COMPLETE``, ``SUCCESS``, or ``HEALTHY`` status. If a ``startTimeout`` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a ``STOPPED`` state.\n When the ``ECS_CONTAINER_START_TIMEOUT`` container agent configuration variable is used, it's enforced independently from this start timeout value.\n For tasks using the Fargate launch type, the task or service requires the following platforms:\n + Linux platform version ``1.3.0`` or later.\n + Windows platform version ``1.0.0`` or later.\n \n For tasks using the EC2 launch type, your container instances require at least version ``1.26.0`` of the container agent to use a container start timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version ``1.26.0-1`` of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*.\n The valid values are 2-120 seconds." + }, + "stopTimeout": { + "type": "integer", + "description": "Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.\n For tasks using the Fargate launch type, the task or service requires the following platforms:\n + Linux platform version ``1.3.0`` or later.\n + Windows platform version ``1.0.0`` or later.\n \n The max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.\n For tasks that use the EC2 launch type, if the ``stopTimeout`` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable ``ECS_CONTAINER_STOP_TIMEOUT`` is used. If neither the ``stopTimeout`` parameter or the ``ECS_CONTAINER_STOP_TIMEOUT`` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*.\n The valid values are 2-120 seconds." + }, + "systemControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionSystemControl" + }, + "description": "A list of namespaced kernel parameters to set in the container. This parameter maps to ``Sysctls`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--sysctl`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). For example, you can configure ``net.ipv4.tcp_keepalive_time`` setting to maintain longer lived connections." + }, + "ulimits": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionUlimit" + }, + "description": "A list of ``ulimits`` to set in the container. This parameter maps to ``Ulimits`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--ulimit`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` \n This parameter is not supported for Windows containers." + }, + "user": { + "type": "string", + "description": "The user to use inside the container. This parameter maps to ``User`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--user`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n When running tasks using the ``host`` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security.\n You can specify the ``user`` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n + ``user`` \n + ``user:group`` \n + ``uid`` \n + ``uid:gid`` \n + ``user:gid`` \n + ``uid:group`` \n \n This parameter is not supported for Windows containers." + }, + "volumesFrom": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionVolumeFrom" + }, + "description": "Data volumes to mount from another container. This parameter maps to ``VolumesFrom`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--volumes-from`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration)." + }, + "workingDirectory": { + "type": "string", + "description": "The working directory to run commands inside the container in. This parameter maps to ``WorkingDir`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--workdir`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration)." + } + } + }, + "aws-native:ecs:TaskDefinitionContainerDependency": { + "type": "object", + "properties": { + "condition": { + "type": "string", + "description": "The dependency condition of the container. The following are the available conditions and their behavior:\n + ``START`` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n + ``COMPLETE`` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n + ``SUCCESS`` - This condition is the same as ``COMPLETE``, but it also requires that the container exits with a ``zero`` status. This condition can't be set on an essential container.\n + ``HEALTHY`` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup." + }, + "containerName": { + "type": "string", + "description": "The name of a container." + } + } + }, + "aws-native:ecs:TaskDefinitionDevice": { + "type": "object", + "properties": { + "containerPath": { + "type": "string", + "description": "The path inside the container at which to expose the host device." + }, + "hostPath": { + "type": "string", + "description": "The path for the device on the host container instance." + }, + "permissions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The explicit permissions to provide to the container for the device. By default, the container has permissions for ``read``, ``write``, and ``mknod`` for the device." + } + } + }, + "aws-native:ecs:TaskDefinitionDockerVolumeConfiguration": { + "type": "object", + "properties": { + "autoprovision": { + "type": "boolean", + "description": "If this value is ``true``, the Docker volume is created if it doesn't already exist.\n This field is only used if the ``scope`` is ``shared``." + }, + "driver": { + "type": "string", + "description": "The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use ``docker plugin ls`` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. For more information, see [Docker plugin discovery](https://docs.aws.amazon.com/https://docs.docker.com/engine/extend/plugin_api/#plugin-discovery). This parameter maps to ``Driver`` in the [Create a volume](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/VolumeCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``xxdriver`` option to [docker volume create](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/volume_create/)." + }, + "driverOpts": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A map of Docker driver-specific options passed through. This parameter maps to ``DriverOpts`` in the [Create a volume](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/VolumeCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``xxopt`` option to [docker volume create](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/volume_create/)." + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Custom metadata to add to your Docker volume. This parameter maps to ``Labels`` in the [Create a volume](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/VolumeCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``xxlabel`` option to [docker volume create](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/volume_create/)." + }, + "scope": { + "type": "string", + "description": "The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a ``task`` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as ``shared`` persist after the task stops." + } + } + }, + "aws-native:ecs:TaskDefinitionEfsVolumeConfiguration": { + "type": "object", + "properties": { + "authorizationConfig": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionAuthorizationConfig", + "description": "The authorization configuration details for the Amazon EFS file system." + }, + "filesystemId": { + "type": "string", + "description": "The Amazon EFS file system ID to use." + }, + "rootDirectory": { + "type": "string", + "description": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying ``/`` will have the same effect as omitting this parameter.\n If an EFS access point is specified in the ``authorizationConfig``, the root directory parameter must either be omitted or set to ``/`` which will enforce the path set on the EFS access point." + }, + "transitEncryption": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionEfsVolumeConfigurationTransitEncryption", + "description": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of ``DISABLED`` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide*." + }, + "transitEncryptionPort": { + "type": "integer", + "description": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide*." + } + } + }, + "aws-native:ecs:TaskDefinitionEfsVolumeConfigurationTransitEncryption": { + "type": "string" + }, + "aws-native:ecs:TaskDefinitionEnvironmentFile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The file type to use. Environment files are objects in Amazon S3. The only supported value is ``s3``." + }, + "value": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file." + } + } + }, + "aws-native:ecs:TaskDefinitionEphemeralStorage": { + "type": "object", + "properties": { + "sizeInGiB": { + "type": "integer", + "description": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is ``20`` GiB and the maximum supported value is ``200`` GiB." + } + } + }, + "aws-native:ecs:TaskDefinitionFSxAuthorizationConfig": { + "type": "object", + "properties": { + "credentialsParameter": { + "type": "string" + }, + "domain": { + "type": "string" + } + } + }, + "aws-native:ecs:TaskDefinitionFSxWindowsFileServerVolumeConfiguration": { + "type": "object", + "properties": { + "authorizationConfig": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionFSxAuthorizationConfig", + "description": "The authorization configuration details for the Amazon FSx for Windows File Server file system." + }, + "fileSystemId": { + "type": "string", + "description": "The Amazon FSx for Windows File Server file system ID to use." + }, + "rootDirectory": { + "type": "string", + "description": "The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host." + } + } + }, + "aws-native:ecs:TaskDefinitionFirelensConfiguration": { + "type": "object", + "properties": { + "options": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event.\n If specified, valid option keys are:\n + ``enable-ecs-log-metadata``, which can be ``true`` or ``false`` \n + ``config-file-type``, which can be ``s3`` or ``file`` \n + ``config-file-value``, which is either an S3 ARN or a file path" + }, + "type": { + "type": "string", + "description": "The log router to use. The valid values are ``fluentd`` or ``fluentbit``." + } + } + }, + "aws-native:ecs:TaskDefinitionHealthCheck": { + "type": "object", + "properties": { + "command": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A string array representing the command that the container runs to determine if it is healthy. The string array must start with ``CMD`` to run the command arguments directly, or ``CMD-SHELL`` to run the command with the container's default shell. \n When you use the AWS Management Console JSON panel, the CLIlong, or the APIs, enclose the list of commands in double quotes and brackets.\n ``[ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]`` \n You don't include the double quotes and brackets when you use the AWS Management Console.\n ``CMD-SHELL, curl -f http://localhost/ || exit 1`` \n An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see ``HealthCheck`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/)." + }, + "interval": { + "type": "integer", + "description": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds." + }, + "retries": { + "type": "integer", + "description": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3." + }, + "startPeriod": { + "type": "integer", + "description": "The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the ``startPeriod`` is off.\n If a health check succeeds within the ``startPeriod``, then the container is considered healthy and any subsequent failures count toward the maximum number of retries." + }, + "timeout": { + "type": "integer", + "description": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5." + } + } + }, + "aws-native:ecs:TaskDefinitionHostEntry": { + "type": "object", + "properties": { + "hostname": { + "type": "string", + "description": "The hostname to use in the ``/etc/hosts`` entry." + }, + "ipAddress": { + "type": "string", + "description": "The IP address to use in the ``/etc/hosts`` entry." + } + } + }, + "aws-native:ecs:TaskDefinitionHostVolumeProperties": { + "type": "object", + "properties": { + "sourcePath": { + "type": "string", + "description": "When the ``host`` parameter is used, specify a ``sourcePath`` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the ``host`` parameter contains a ``sourcePath`` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the ``sourcePath`` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n If you're using the Fargate launch type, the ``sourcePath`` parameter is not supported." + } + } + }, + "aws-native:ecs:TaskDefinitionInferenceAccelerator": { + "type": "object", + "properties": { + "deviceName": { + "type": "string", + "description": "The Elastic Inference accelerator device name. The ``deviceName`` must also be referenced in a container definition as a [ResourceRequirement](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ResourceRequirement.html)." + }, + "deviceType": { + "type": "string", + "description": "The Elastic Inference accelerator type to use." + } + } + }, + "aws-native:ecs:TaskDefinitionKernelCapabilities": { + "type": "object", + "properties": { + "add": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to ``CapAdd`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--cap-add`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n Tasks launched on FARGATElong only support adding the ``SYS_PTRACE`` kernel capability.\n Valid values: ``\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"``" + }, + "drop": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to ``CapDrop`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--cap-drop`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n Valid values: ``\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"``" + } + } + }, + "aws-native:ecs:TaskDefinitionKeyValuePair": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the key-value pair. For environment variables, this is the name of the environment variable." + }, + "value": { + "type": "string", + "description": "The value of the key-value pair. For environment variables, this is the value of the environment variable." + } + } + }, + "aws-native:ecs:TaskDefinitionLinuxParameters": { + "type": "object", + "properties": { + "capabilities": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionKernelCapabilities", + "description": "The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.\n For tasks that use the Fargate launch type, ``capabilities`` is supported for all platform versions but the ``add`` parameter is only supported if using platform version 1.4.0 or later." + }, + "devices": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionDevice" + }, + "description": "Any host devices to expose to the container. This parameter maps to ``Devices`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--device`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n If you're using tasks that use the Fargate launch type, the ``devices`` parameter isn't supported." + }, + "initProcessEnabled": { + "type": "boolean", + "description": "Run an ``init`` process inside the container that forwards signals and reaps processes. This parameter maps to the ``--init`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``" + }, + "maxSwap": { + "type": "integer", + "description": "The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the ``--memory-swap`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) where the value would be the sum of the container memory plus the ``maxSwap`` value.\n If a ``maxSwap`` value of ``0`` is specified, the container will not use swap. Accepted values are ``0`` or any positive integer. If the ``maxSwap`` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A ``maxSwap`` value must be set for the ``swappiness`` parameter to be used.\n If you're using tasks that use the Fargate launch type, the ``maxSwap`` parameter isn't supported.\n If you're using tasks on Amazon Linux 2023 the ``swappiness`` parameter isn't supported." + }, + "sharedMemorySize": { + "type": "integer", + "description": "The value for the size (in MiB) of the ``/dev/shm`` volume. This parameter maps to the ``--shm-size`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n If you are using tasks that use the Fargate launch type, the ``sharedMemorySize`` parameter is not supported." + }, + "swappiness": { + "type": "integer", + "description": "This allows you to tune a container's memory swappiness behavior. A ``swappiness`` value of ``0`` will cause swapping to not happen unless absolutely necessary. A ``swappiness`` value of ``100`` will cause pages to be swapped very aggressively. Accepted values are whole numbers between ``0`` and ``100``. If the ``swappiness`` parameter is not specified, a default value of ``60`` is used. If a value is not specified for ``maxSwap`` then this parameter is ignored. This parameter maps to the ``--memory-swappiness`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n If you're using tasks that use the Fargate launch type, the ``swappiness`` parameter isn't supported.\n If you're using tasks on Amazon Linux 2023 the ``swappiness`` parameter isn't supported." + }, + "tmpfs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionTmpfs" + }, + "description": "The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the ``--tmpfs`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration).\n If you're using tasks that use the Fargate launch type, the ``tmpfs`` parameter isn't supported." + } + } + }, + "aws-native:ecs:TaskDefinitionLogConfiguration": { + "type": "object", + "properties": { + "logDriver": { + "type": "string", + "description": "The log driver to use for the container.\n For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``.\n For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``logentries``,``syslog``, ``splunk``, and ``awsfirelens``.\n For more information about using the ``awslogs`` log driver, see [Using the awslogs log driver](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide*.\n For more information about using the ``awsfirelens`` log driver, see [Custom log routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*.\n If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software." + }, + "options": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'``" + }, + "secretOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionSecret" + }, + "description": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*." + } + } + }, + "aws-native:ecs:TaskDefinitionMountPoint": { + "type": "object", + "properties": { + "containerPath": { + "type": "string", + "description": "The path on the container to mount the host volume at." + }, + "readOnly": { + "type": "boolean", + "description": "If this value is ``true``, the container has read-only access to the volume. If this value is ``false``, then the container can write to the volume. The default value is ``false``." + }, + "sourceVolume": { + "type": "string", + "description": "The name of the volume to mount. Must be a volume name referenced in the ``name`` parameter of task definition ``volume``." + } + } + }, + "aws-native:ecs:TaskDefinitionPlacementConstraint": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "type": { + "type": "string", + "description": "The type of constraint. The ``MemberOf`` constraint restricts selection to be from a group of valid candidates." + } + } + }, + "aws-native:ecs:TaskDefinitionPortMapping": { + "type": "object", + "properties": { + "appProtocol": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionPortMappingAppProtocol", + "description": "The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.\n If you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP.\n ``appProtocol`` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.\n Tasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "containerPort": { + "type": "integer", + "description": "The port number on the container that's bound to the user-specified or automatically assigned host port.\n If you use containers in a task with the ``awsvpc`` or ``host`` network mode, specify the exposed ports using ``containerPort``.\n If you use containers in a task with the ``bridge`` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see ``hostPort``. Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance." + }, + "containerPortRange": { + "type": "string", + "description": "The port number range on the container that's bound to the dynamically mapped host port range. \n The following rules apply when you specify a ``containerPortRange``:\n + You must use either the ``bridge`` network mode or the ``awsvpc`` network mode.\n + This parameter is available for both the EC2 and FARGATElong launch types.\n + This parameter is available for both the Linux and Windows operating systems.\n + The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the ``ecs-init`` package \n + You can specify a maximum of 100 port ranges per container.\n + You do not specify a ``hostPortRange``. The value of the ``hostPortRange`` is set as follows:\n + For containers in a task with the ``awsvpc`` network mode, the ``hostPortRange`` is set to the same value as the ``containerPortRange``. This is a static mapping strategy.\n + For containers in a task with the ``bridge`` network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.\n \n + The ``containerPortRange`` valid values are between 1 and 65535.\n + A port can only be included in one port mapping per container.\n + You cannot specify overlapping port ranges.\n + The first port in the range must be less than last port in the range.\n + Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.\n For more information, see [Issue #11185](https://docs.aws.amazon.com/https://github.com/moby/moby/issues/11185) on the Github website.\n For information about how to turn off the docker-proxy in the Docker daemon config file, see [Docker daemon](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bootstrap_container_instance.html#bootstrap_docker_daemon) in the *Amazon ECS Developer Guide*.\n \n You can call [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) to view the ``hostPortRange`` which are the host ports that are bound to the container ports." + }, + "hostPort": { + "type": "integer", + "description": "The port number on the container instance to reserve for your container.\n If you specify a ``containerPortRange``, leave this field empty and the value of the ``hostPort`` is set as follows:\n + For containers in a task with the ``awsvpc`` network mode, the ``hostPort`` is set to the same value as the ``containerPort``. This is a static mapping strategy.\n + For containers in a task with the ``bridge`` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy.\n \n If you use containers in a task with the ``awsvpc`` or ``host`` network mode, the ``hostPort`` can either be left blank or set to the same value as the ``containerPort``.\n If you use containers in a task with the ``bridge`` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the ``hostPort`` (or set it to ``0``) while specifying a ``containerPort`` and your container automatically receives a port in the ephemeral port range for your container instance operating system and Docker version.\n The default ephemeral port range for Docker version 1.6.0 and later is listed on the instance under ``/proc/sys/net/ipv4/ip_local_port_range``. If this kernel parameter is unavailable, the default ephemeral port range from 49153 through 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port in the ephemeral port range as these are reserved for automatic assignment. In general, ports below 32768 are outside of the ephemeral port range.\n The default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the Amazon ECS container agent ports 51678-51680. Any host port that was previously specified in a running task is also reserved while the task is running. That is, after a task stops, the host port is released. The current reserved ports are displayed in the ``remainingResources`` of [DescribeContainerInstances](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) output. A container instance can have up to 100 reserved ports at a time. This number includes the default reserved ports. Automatically assigned ports aren't included in the 100 reserved ports quota." + }, + "name": { + "type": "string", + "description": "The name that's used for the port mapping. This parameter only applies to Service Connect. This parameter is the name that you use in the ``serviceConnectConfiguration`` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*." + }, + "protocol": { + "type": "string", + "description": "The protocol used for the port mapping. Valid values are ``tcp`` and ``udp``. The default is ``tcp``. ``protocol`` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment." + } + } + }, + "aws-native:ecs:TaskDefinitionPortMappingAppProtocol": { + "type": "string" + }, + "aws-native:ecs:TaskDefinitionProxyConfiguration": { + "type": "object", + "properties": { + "containerName": { + "type": "string", + "description": "The name of the container that will serve as the App Mesh proxy." + }, + "proxyConfigurationProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionKeyValuePair" + }, + "description": "The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs.\n + ``IgnoredUID`` - (Required) The user ID (UID) of the proxy container as defined by the ``user`` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If ``IgnoredGID`` is specified, this field can be empty.\n + ``IgnoredGID`` - (Required) The group ID (GID) of the proxy container as defined by the ``user`` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If ``IgnoredUID`` is specified, this field can be empty.\n + ``AppPorts`` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the ``ProxyIngressPort`` and ``ProxyEgressPort``.\n + ``ProxyIngressPort`` - (Required) Specifies the port that incoming traffic to the ``AppPorts`` is directed to.\n + ``ProxyEgressPort`` - (Required) Specifies the port that outgoing traffic from the ``AppPorts`` is directed to.\n + ``EgressIgnoredPorts`` - (Required) The egress traffic going to the specified ports is ignored and not redirected to the ``ProxyEgressPort``. It can be an empty list.\n + ``EgressIgnoredIPs`` - (Required) The egress traffic going to the specified IP addresses is ignored and not redirected to the ``ProxyEgressPort``. It can be an empty list." + }, + "type": { + "type": "string", + "description": "The proxy type. The only supported value is ``APPMESH``." + } + } + }, + "aws-native:ecs:TaskDefinitionRepositoryCredentials": { + "type": "object", + "properties": { + "credentialsParameter": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials.\n When you use the Amazon ECS API, CLI, or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret." + } + } + }, + "aws-native:ecs:TaskDefinitionResourceRequirement": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "The type of resource to assign to a container." + }, + "value": { + "type": "string", + "description": "The value for the specified resource type.\n When the type is ``GPU``, the value is the number of physical ``GPUs`` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n When the type is ``InferenceAccelerator``, the ``value`` matches the ``deviceName`` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition." + } + } + }, + "aws-native:ecs:TaskDefinitionRuntimePlatform": { + "type": "object", + "properties": { + "cpuArchitecture": { + "type": "string", + "description": "The CPU architecture.\n You can run your Linux tasks on an ARM-based platform by setting the value to ``ARM64``. This option is available for tasks that run on Linux Amazon EC2 instance or Linux containers on Fargate." + }, + "operatingSystemFamily": { + "type": "string", + "description": "The operating system." + } + } + }, + "aws-native:ecs:TaskDefinitionSecret": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the secret." + }, + "valueFrom": { + "type": "string", + "description": "The secret to expose to the container. The supported values are either the full ARN of the ASMlong secret or the full ARN of the parameter in the SSM Parameter Store.\n For information about the require IAMlong permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide*.\n If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified." + } + } + }, + "aws-native:ecs:TaskDefinitionSystemControl": { + "type": "object", + "properties": { + "namespace": { + "type": "string", + "description": "The namespaced kernel parameter to set a ``value`` for." + }, + "value": { + "type": "string", + "description": "The namespaced kernel parameter to set a ``value`` for.\n Valid IPC namespace values: ``\"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\" | \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" | \"kernel.shmmni\" | \"kernel.shm_rmid_forced\"``, and ``Sysctls`` that start with ``\"fs.mqueue.*\"`` \n Valid network namespace values: ``Sysctls`` that start with ``\"net.*\"`` \n All of these values are supported by Fargate." + } + } + }, + "aws-native:ecs:TaskDefinitionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that make up a tag. A ``key`` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that make up a tag. A ``value`` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:ecs:TaskDefinitionTmpfs": { + "type": "object", + "properties": { + "containerPath": { + "type": "string", + "description": "The absolute file path where the tmpfs volume is to be mounted." + }, + "mountOptions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of tmpfs volume mount options.\n Valid values: ``\"defaults\" | \"ro\" | \"rw\" | \"suid\" | \"nosuid\" | \"dev\" | \"nodev\" | \"exec\" | \"noexec\" | \"sync\" | \"async\" | \"dirsync\" | \"remount\" | \"mand\" | \"nomand\" | \"atime\" | \"noatime\" | \"diratime\" | \"nodiratime\" | \"bind\" | \"rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime\" | \"norelatime\" | \"strictatime\" | \"nostrictatime\" | \"mode\" | \"uid\" | \"gid\" | \"nr_inodes\" | \"nr_blocks\" | \"mpol\"``" + }, + "size": { + "type": "integer", + "description": "The maximum size (in MiB) of the tmpfs volume." + } + } + }, + "aws-native:ecs:TaskDefinitionUlimit": { + "type": "object", + "properties": { + "hardLimit": { + "type": "integer", + "description": "The hard limit for the ``ulimit`` type." + }, + "name": { + "type": "string", + "description": "The ``type`` of the ``ulimit``." + }, + "softLimit": { + "type": "integer", + "description": "The soft limit for the ``ulimit`` type." + } + } + }, + "aws-native:ecs:TaskDefinitionVolume": { + "type": "object", + "properties": { + "configuredAtLaunch": { + "type": "boolean", + "description": "Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration.\n To configure a volume at launch time, use this task definition revision and specify a ``volumeConfigurations`` object when calling the ``CreateService``, ``UpdateService``, ``RunTask`` or ``StartTask`` APIs." + }, + "dockerVolumeConfiguration": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionDockerVolumeConfiguration", + "description": "This parameter is specified when you use Docker volumes.\n Windows containers only support the use of the ``local`` driver. To use bind mounts, specify the ``host`` parameter instead.\n Docker volumes aren't supported by tasks run on FARGATElong." + }, + "efsVolumeConfiguration": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionEfsVolumeConfiguration", + "description": "This parameter is specified when you use an Amazon Elastic File System file system for task storage." + }, + "fSxWindowsFileServerVolumeConfiguration": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionFSxWindowsFileServerVolumeConfiguration", + "description": "This parameter is specified when you use Amazon FSx for Windows File Server file system for task storage." + }, + "host": { + "$ref": "#/types/aws-native:ecs:TaskDefinitionHostVolumeProperties", + "description": "This parameter is specified when you use bind mount host volumes. The contents of the ``host`` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the ``host`` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n Windows containers can mount whole directories on the same drive as ``$env:ProgramData``. Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount ``C:\\my\\path:C:\\my\\path`` and ``D:\\:D:\\``, but not ``D:\\my\\path:C:\\my\\path`` or ``D:\\:C:\\my\\path``." + }, + "name": { + "type": "string", + "description": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.\n When using a volume configured at launch, the ``name`` is required and must also be specified as the volume name in the ``ServiceVolumeConfiguration`` or ``TaskVolumeConfiguration`` parameter when creating your service or standalone task.\n For all other types of volumes, this name is referenced in the ``sourceVolume`` parameter of the ``mountPoints`` object in the container definition.\n When a volume is using the ``efsVolumeConfiguration``, the name is required." + } + }, + "irreversibleNames": { + "efsVolumeConfiguration": "EFSVolumeConfiguration" + } + }, + "aws-native:ecs:TaskDefinitionVolumeFrom": { + "type": "object", + "properties": { + "readOnly": { + "type": "boolean", + "description": "If this value is ``true``, the container has read-only access to the volume. If this value is ``false``, then the container can write to the volume. The default value is ``false``." + }, + "sourceContainer": { + "type": "string", + "description": "The name of another container within the same task definition to mount volumes from." + } + } + }, + "aws-native:ecs:TaskSetAwsVpcConfiguration": { + "type": "object", + "properties": { + "assignPublicIp": { + "$ref": "#/types/aws-native:ecs:TaskSetAwsVpcConfigurationAssignPublicIp", + "description": "Whether the task's elastic network interface receives a public IP address. The default value is DISABLED." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. There is a limit of 5 security groups that can be specified per AwsVpcConfiguration." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The subnets associated with the task or service. There is a limit of 16 subnets that can be specified per AwsVpcConfiguration." + } + } + }, + "aws-native:ecs:TaskSetAwsVpcConfigurationAssignPublicIp": { + "type": "string" + }, + "aws-native:ecs:TaskSetLaunchType": { + "type": "string" + }, + "aws-native:ecs:TaskSetLoadBalancer": { + "type": "object", + "properties": { + "containerName": { + "type": "string", + "description": "The name of the container (as it appears in a container definition) to associate with the load balancer." + }, + "containerPort": { + "type": "integer", + "description": "The port on the container to associate with the load balancer. This port must correspond to a containerPort in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they are launched on must allow ingress traffic on the hostPort of the port mapping." + }, + "targetGroupArn": { + "type": "string", + "description": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set. A target group ARN is only specified when using an Application Load Balancer or Network Load Balancer. If you are using a Classic Load Balancer this should be omitted. For services using the ECS deployment controller, you can specify one or multiple target groups. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html in the Amazon Elastic Container Service Developer Guide. For services using the CODE_DEPLOY deployment controller, you are required to define two target groups for the load balancer. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html in the Amazon Elastic Container Service Developer Guide. If your service's task definition uses the awsvpc network mode (which is required for the Fargate launch type), you must choose ip as the target type, not instance, when creating your target groups because tasks that use the awsvpc network mode are associated with an elastic network interface, not an Amazon EC2 instance." + } + } + }, + "aws-native:ecs:TaskSetNetworkConfiguration": { + "type": "object", + "properties": { + "awsVpcConfiguration": { + "$ref": "#/types/aws-native:ecs:TaskSetAwsVpcConfiguration", + "description": "The VPC subnets and security groups that are associated with a task.\n\n\u003e All specified subnets and security groups must be from the same VPC." + } + } + }, + "aws-native:ecs:TaskSetScale": { + "type": "object", + "properties": { + "unit": { + "$ref": "#/types/aws-native:ecs:TaskSetScaleUnit", + "description": "The unit of measure for the scale value." + }, + "value": { + "type": "number", + "description": "The value, specified as a percent total of a service's desiredCount, to scale the task set. Accepted values are numbers between 0 and 100." + } + } + }, + "aws-native:ecs:TaskSetScaleUnit": { + "type": "string" + }, + "aws-native:ecs:TaskSetServiceRegistry": { + "type": "object", + "properties": { + "containerName": { + "type": "string", + "description": "The container name value, already specified in the task definition, to be used for your service discovery service. If the task definition that your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition that your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination or a port value, but not both." + }, + "containerPort": { + "type": "integer", + "description": "The port value, already specified in the task definition, to be used for your service discovery service. If the task definition your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination or a port value, but not both." + }, + "port": { + "type": "integer", + "description": "The port value used if your service discovery service specified an SRV record. This field may be used if both the awsvpc network mode and SRV records are used." + }, + "registryArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map. For more information, see https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html" + } + } + }, + "aws-native:ecs:TaskSetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that make up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that make up a tag. A `value` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:efs:AccessPointCreationInfo": { + "type": "object", + "properties": { + "ownerGid": { + "type": "string", + "description": "Specifies the POSIX group ID to apply to the ``RootDirectory``. Accepts values from 0 to 2^32 (4294967295)." + }, + "ownerUid": { + "type": "string", + "description": "Specifies the POSIX user ID to apply to the ``RootDirectory``. Accepts values from 0 to 2^32 (4294967295)." + }, + "permissions": { + "type": "string", + "description": "Specifies the POSIX permissions to apply to the ``RootDirectory``, in the format of an octal number representing the file's mode bits." + } + } + }, + "aws-native:efs:AccessPointPosixUser": { + "type": "object", + "properties": { + "gid": { + "type": "string", + "description": "The POSIX group ID used for all file system operations using this access point.", + "replaceOnChanges": true + }, + "secondaryGids": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Secondary POSIX group IDs used for all file system operations using this access point.", + "replaceOnChanges": true + }, + "uid": { + "type": "string", + "description": "The POSIX user ID used for all file system operations using this access point.", + "replaceOnChanges": true + } + } + }, + "aws-native:efs:AccessPointRootDirectory": { + "type": "object", + "properties": { + "creationInfo": { + "$ref": "#/types/aws-native:efs:AccessPointCreationInfo", + "description": "(Optional) Specifies the POSIX IDs and permissions to apply to the access point's ``RootDirectory``. If the ``RootDirectory`` \u003e ``Path`` specified does not exist, EFS creates the root directory using the ``CreationInfo`` settings when a client connects to an access point. When specifying the ``CreationInfo``, you must provide values for all properties. \n If you do not provide ``CreationInfo`` and the specified ``RootDirectory`` \u003e ``Path`` does not exist, attempts to mount the file system using the access point will fail.", + "replaceOnChanges": true + }, + "path": { + "type": "string", + "description": "Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the ``CreationInfo``.", + "replaceOnChanges": true + } + } + }, + "aws-native:efs:AccessPointTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key (String). The key can't start with ``aws:``." + }, + "value": { + "type": "string", + "description": "The value of the tag key." + } + } + }, + "aws-native:efs:FileSystemBackupPolicy": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:efs:FileSystemBackupPolicyStatus", + "description": "Set the backup policy status for the file system.\n + *ENABLED* - Turns automatic backups on for the file system. \n + *DISABLED* - Turns automatic backups off for the file system." + } + } + }, + "aws-native:efs:FileSystemBackupPolicyStatus": { + "type": "string" + }, + "aws-native:efs:FileSystemElasticFileSystemTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key (String). The key can't start with ``aws:``." + }, + "value": { + "type": "string", + "description": "The value of the tag key." + } + } + }, + "aws-native:efs:FileSystemLifecyclePolicy": { + "type": "object", + "properties": { + "transitionToArchive": { + "type": "string", + "description": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events." + }, + "transitionToIa": { + "type": "string", + "description": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events." + }, + "transitionToPrimaryStorageClass": { + "type": "string", + "description": "Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events." + } + }, + "irreversibleNames": { + "transitionToIa": "TransitionToIA" + } + }, + "aws-native:efs:FileSystemProtection": { + "type": "object", + "properties": { + "replicationOverwriteProtection": { + "$ref": "#/types/aws-native:efs:FileSystemProtectionReplicationOverwriteProtection", + "description": "The status of the file system's replication overwrite protection.\n + ``ENABLED`` – The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is ``ENABLED`` by default. \n + ``DISABLED`` – The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication.\n + ``REPLICATING`` – The file system is being used as the destination file system in a replication configuration. The file system is read-only and is only modified only by EFS replication.\n \n If the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable." + } + } + }, + "aws-native:efs:FileSystemProtectionReplicationOverwriteProtection": { + "type": "string" + }, + "aws-native:efs:FileSystemReplicationConfiguration": { + "type": "object", + "properties": { + "destinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:efs:FileSystemReplicationDestination" + }, + "description": "An array of destination objects. Only one destination object is supported." + } + } + }, + "aws-native:efs:FileSystemReplicationDestination": { + "type": "object", + "properties": { + "availabilityZoneName": { + "type": "string", + "description": "For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located. \n Use the format ``us-east-1a`` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide*.\n One Zone file system type is not available in all Availability Zones in AWS-Regions where Amazon EFS is available." + }, + "fileSystemId": { + "type": "string", + "description": "The ID of the destination Amazon EFS file system." + }, + "kmsKeyId": { + "type": "string", + "description": "The ID of an kms-key-long used to protect the encrypted file system." + }, + "region": { + "type": "string", + "description": "The AWS-Region in which the destination file system is located.\n For One Zone file systems, the replication configuration must specify the AWS-Region in which the destination file system is located." + } + } + }, + "aws-native:eks:AccessEntryAccessPolicy": { + "type": "object", + "properties": { + "accessScope": { + "$ref": "#/types/aws-native:eks:AccessEntryAccessScope", + "description": "The scope of an `AccessPolicy` that's associated to an `AccessEntry` ." + }, + "policyArn": { + "type": "string", + "description": "The ARN of the access policy to add to the access entry." + } + } + }, + "aws-native:eks:AccessEntryAccessScope": { + "type": "object", + "properties": { + "namespaces": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The namespaces to associate with the access scope. Only specify if Type is set to 'namespace'." + }, + "type": { + "$ref": "#/types/aws-native:eks:AccessEntryAccessScopeType", + "description": "The type of the access scope." + } + } + }, + "aws-native:eks:AccessEntryAccessScopeType": { + "type": "string" + }, + "aws-native:eks:AccessEntryTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:eks:AddonPodIdentityAssociation": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "The IAM role ARN that the pod identity association is created for." + }, + "serviceAccount": { + "type": "string", + "description": "The Kubernetes service account that the pod identity association is created for." + } + } + }, + "aws-native:eks:AddonResolveConflicts": { + "type": "string" + }, + "aws-native:eks:AddonTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:eks:ClusterAccessConfig": { + "type": "object", + "properties": { + "authenticationMode": { + "$ref": "#/types/aws-native:eks:ClusterAccessConfigAuthenticationMode", + "description": "Specify the authentication mode that should be used to create your cluster." + }, + "bootstrapClusterCreatorAdminPermissions": { + "type": "boolean", + "description": "Set this value to false to avoid creating a default cluster admin Access Entry using the IAM principal used to create the cluster.", + "replaceOnChanges": true + } + } + }, + "aws-native:eks:ClusterAccessConfigAuthenticationMode": { + "type": "string" + }, + "aws-native:eks:ClusterControlPlanePlacement": { + "type": "object", + "properties": { + "groupName": { + "type": "string", + "description": "Specify the placement group name of the control place machines for your cluster." + } + } + }, + "aws-native:eks:ClusterEncryptionConfig": { + "type": "object", + "properties": { + "provider": { + "$ref": "#/types/aws-native:eks:ClusterProvider", + "description": "The encryption provider for the cluster." + }, + "resources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the resources to be encrypted. The only supported value is \"secrets\"." + } + } + }, + "aws-native:eks:ClusterKubernetesNetworkConfig": { + "type": "object", + "properties": { + "ipFamily": { + "$ref": "#/types/aws-native:eks:ClusterKubernetesNetworkConfigIpFamily", + "description": "Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on" + }, + "serviceIpv4Cidr": { + "type": "string", + "description": "The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. " + }, + "serviceIpv6Cidr": { + "type": "string", + "description": "The CIDR block to assign Kubernetes service IP addresses from." + } + } + }, + "aws-native:eks:ClusterKubernetesNetworkConfigIpFamily": { + "type": "string" + }, + "aws-native:eks:ClusterLoggingEnabledTypes": { + "type": "object", + "properties": { + "enabledTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:ClusterLoggingTypeConfig" + }, + "description": "The enabled control plane logs for your cluster. All log types are disabled if the array is empty.\n\n\u003e When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it." + } + } + }, + "aws-native:eks:ClusterLoggingTypeConfig": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:eks:ClusterLoggingTypeConfigType", + "description": "name of the log type" + } + } + }, + "aws-native:eks:ClusterLoggingTypeConfigType": { + "type": "string" + }, + "aws-native:eks:ClusterOutpostConfig": { + "type": "object", + "properties": { + "controlPlaneInstanceType": { + "type": "string", + "description": "Specify the Instance type of the machines that should be used to create your cluster." + }, + "controlPlanePlacement": { + "$ref": "#/types/aws-native:eks:ClusterControlPlanePlacement", + "description": "Specify the placement group of the control plane machines for your cluster." + }, + "outpostArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster." + } + } + }, + "aws-native:eks:ClusterProvider": { + "type": "object", + "properties": { + "keyArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key." + } + } + }, + "aws-native:eks:ClusterResourcesVpcConfig": { + "type": "object", + "properties": { + "endpointPrivateAccess": { + "type": "boolean", + "description": "Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods." + }, + "endpointPublicAccess": { + "type": "boolean", + "description": "Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server." + }, + "publicAccessCidrs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane." + } + } + }, + "aws-native:eks:ClusterTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:eks:ClusterUpgradePolicy": { + "type": "object", + "properties": { + "supportType": { + "$ref": "#/types/aws-native:eks:ClusterUpgradePolicySupportType", + "description": "Specify the support type for your cluster." + } + } + }, + "aws-native:eks:ClusterUpgradePolicySupportType": { + "type": "string" + }, + "aws-native:eks:FargateProfileLabel": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the label." + }, + "value": { + "type": "string", + "description": "The value for the label. " + } + } + }, + "aws-native:eks:FargateProfileSelector": { + "type": "object", + "properties": { + "labels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:FargateProfileLabel" + }, + "description": "The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match." + }, + "namespace": { + "type": "string", + "description": "The Kubernetes `namespace` that the selector should match." + } + } + }, + "aws-native:eks:FargateProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:eks:IdentityProviderConfigOidcIdentityProviderConfig": { + "type": "object", + "properties": { + "clientId": { + "type": "string", + "description": "This is also known as audience. The ID for the client application that makes authentication requests to the OpenID identity provider." + }, + "groupsClaim": { + "type": "string", + "description": "The JWT claim that the provider uses to return your groups." + }, + "groupsPrefix": { + "type": "string", + "description": "The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups)." + }, + "issuerUrl": { + "type": "string", + "description": "The URL of the OpenID identity provider that allows the API server to discover public signing keys for verifying tokens." + }, + "requiredClaims": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:eks:IdentityProviderConfigRequiredClaim" + }, + "description": "The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value." + }, + "usernameClaim": { + "type": "string", + "description": "The JSON Web Token (JWT) claim to use as the username. The default is sub, which is expected to be a unique identifier of the end user. You can choose other claims, such as email or name, depending on the OpenID identity provider. Claims other than email are prefixed with the issuer URL to prevent naming clashes with other plug-ins." + }, + "usernamePrefix": { + "type": "string", + "description": "The prefix that is prepended to username claims to prevent clashes with existing names. If you do not provide this field, and username is a value other than email, the prefix defaults to issuerurl#. You can use the value - to disable all prefixing." + } + } + }, + "aws-native:eks:IdentityProviderConfigRequiredClaim": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the requiredClaims." + }, + "value": { + "type": "string", + "description": "The value for the requiredClaims." + } + } + }, + "aws-native:eks:IdentityProviderConfigTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:eks:IdentityProviderConfigType": { + "type": "string" + }, + "aws-native:eks:Logging": { + "type": "object", + "properties": { + "clusterLogging": { + "$ref": "#/types/aws-native:eks:ClusterLoggingEnabledTypes", + "description": "The cluster control plane logging configuration for your cluster. ", + "language": { + "csharp": { + "name": "ClusterLoggingValue" + } + } + } + } + }, + "aws-native:eks:NodegroupLaunchTemplateSpecification": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name in the request, but not both." + }, + "name": { + "type": "string", + "description": "The name of the launch template.\n\nYou must specify either the launch template name or the launch template ID in the request, but not both." + }, + "version": { + "type": "string", + "description": "The version number of the launch template to use. If no version is specified, then the template's default version is used." + } + } + }, + "aws-native:eks:NodegroupRemoteAccess": { + "type": "object", + "properties": { + "ec2SshKey": { + "type": "string", + "description": "The Amazon EC2 SSH key name that provides access for SSH communication with the nodes in the managed node group. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances* . For Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more information, see [Amazon EC2 key pairs and Windows instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Windows Instances* ." + }, + "sourceSecurityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security group IDs that are allowed SSH access (port 22) to the nodes. For Windows, the port is 3389. If you specify an Amazon EC2 SSH key but don't specify a source security group when you create a managed node group, then the port on the nodes is opened to the internet ( `0.0.0.0/0` ). For more information, see [Security Groups for Your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* ." + } + } + }, + "aws-native:eks:NodegroupScalingConfig": { + "type": "object", + "properties": { + "desiredSize": { + "type": "integer", + "description": "The current number of nodes that the managed node group should maintain.\n\n\u003e If you use the Kubernetes [Cluster Autoscaler](https://docs.aws.amazon.com/https://github.com/kubernetes/autoscaler#kubernetes-autoscaler) , you shouldn't change the `desiredSize` value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down. \n\nWhenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value. When using CloudFormation, no action occurs if you remove this parameter from your CFN template.\n\nThis parameter can be different from `minSize` in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let the Cluster Autoscaler reduce the number if there are too many. When the Cluster Autoscaler is used, the `desiredSize` parameter is altered by the Cluster Autoscaler (but can be out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed node group lower than `minSize` or higher than `maxSize` ." + }, + "maxSize": { + "type": "integer", + "description": "The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see [Amazon EKS service quotas](https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the *Amazon EKS User Guide* ." + }, + "minSize": { + "type": "integer", + "description": "The minimum number of nodes that the managed node group can scale in to." + } + } + }, + "aws-native:eks:NodegroupTaint": { + "type": "object", + "properties": { + "effect": { + "type": "string", + "description": "The effect of the taint." + }, + "key": { + "type": "string", + "description": "The key of the taint." + }, + "value": { + "type": "string", + "description": "The value of the taint." + } + } + }, + "aws-native:eks:NodegroupUpdateConfig": { + "type": "object", + "properties": { + "maxUnavailable": { + "type": "number", + "description": "The maximum number of nodes unavailable at once during a version update. Nodes will be updated in parallel. This value or maxUnavailablePercentage is required to have a value.The maximum number is 100. " + }, + "maxUnavailablePercentage": { + "type": "number", + "description": "The maximum percentage of nodes unavailable during a version update. This percentage of nodes will be updated in parallel, up to 100 nodes at once. This value or maxUnavailable is required to have a value." + } + } + }, + "aws-native:eks:PodIdentityAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:elasticache:AuthenticationModeProperties": { + "type": "object", + "properties": { + "passwords": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Passwords used for this user account. You can create up to two passwords for each user." + }, + "type": { + "$ref": "#/types/aws-native:elasticache:UserAuthenticationModePropertiesType", + "description": "Authentication Type" + } + } + }, + "aws-native:elasticache:GlobalReplicationGroupMember": { + "type": "object", + "properties": { + "replicationGroupId": { + "type": "string", + "description": "Regionally unique identifier for the member i.e. ReplicationGroupId." + }, + "replicationGroupRegion": { + "type": "string", + "description": "The AWS region of the Global Datastore member." + }, + "role": { + "$ref": "#/types/aws-native:elasticache:GlobalReplicationGroupMemberRole", + "description": "Indicates the role of the member, primary or secondary." + } + } + }, + "aws-native:elasticache:GlobalReplicationGroupMemberRole": { + "type": "string" + }, + "aws-native:elasticache:GlobalReplicationGroupRegionalConfiguration": { + "type": "object", + "properties": { + "replicationGroupId": { + "type": "string", + "description": "The replication group id of the Global Datastore member." + }, + "replicationGroupRegion": { + "type": "string", + "description": "The AWS region of the Global Datastore member." + }, + "reshardingConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticache:GlobalReplicationGroupReshardingConfiguration" + }, + "description": "A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster. " + } + } + }, + "aws-native:elasticache:GlobalReplicationGroupReshardingConfiguration": { + "type": "object", + "properties": { + "nodeGroupId": { + "type": "string", + "description": "Unique identifier for the Node Group. This is either auto-generated by ElastiCache (4-digit id) or a user supplied id." + }, + "preferredAvailabilityZones": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of preferred availability zones for the nodes of new node groups." + } + } + }, + "aws-native:elasticache:ParameterGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag. May not be null." + }, + "value": { + "type": "string", + "description": "The tag's value. May be null." + } + } + }, + "aws-native:elasticache:ServerlessCacheCacheUsageLimits": { + "type": "object", + "properties": { + "dataStorage": { + "$ref": "#/types/aws-native:elasticache:ServerlessCacheDataStorage", + "description": "The maximum data storage limit in the cache, expressed in Gigabytes." + }, + "ecpuPerSecond": { + "$ref": "#/types/aws-native:elasticache:ServerlessCacheEcpuPerSecond", + "description": "The number of ElastiCache Processing Units (ECPU) the cache can consume per second." + } + }, + "irreversibleNames": { + "ecpuPerSecond": "ECPUPerSecond" + } + }, + "aws-native:elasticache:ServerlessCacheDataStorage": { + "type": "object", + "properties": { + "maximum": { + "type": "integer", + "description": "The maximum cached data capacity of the Serverless Cache." + }, + "minimum": { + "type": "integer", + "description": "The minimum cached data capacity of the Serverless Cache." + }, + "unit": { + "$ref": "#/types/aws-native:elasticache:ServerlessCacheDataStorageUnit", + "description": "The unit of cached data capacity of the Serverless Cache." + } + } + }, + "aws-native:elasticache:ServerlessCacheDataStorageUnit": { + "type": "string" + }, + "aws-native:elasticache:ServerlessCacheEcpuPerSecond": { + "type": "object", + "properties": { + "maximum": { + "type": "integer", + "description": "The maximum ECPU per second of the Serverless Cache." + }, + "minimum": { + "type": "integer", + "description": "The minimum ECPU per second of the Serverless Cache." + } + } + }, + "aws-native:elasticache:ServerlessCacheEndpoint": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "Endpoint address." + }, + "port": { + "type": "string", + "description": "Endpoint port." + } + } + }, + "aws-native:elasticache:ServerlessCacheTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with 'aws:'. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:elasticache:SubnetGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag. May not be null." + }, + "value": { + "type": "string", + "description": "The tag's value. May be null." + } + } + }, + "aws-native:elasticache:UserAuthenticationModePropertiesType": { + "type": "string" + }, + "aws-native:elasticache:UserEngine": { + "type": "string" + }, + "aws-native:elasticache:UserGroupEngine": { + "type": "string" + }, + "aws-native:elasticache:UserGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with 'aws:'. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:elasticache:UserTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with 'aws:'. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:elasticbeanstalk:ApplicationMaxAgeRule": { + "type": "object", + "properties": { + "deleteSourceFromS3": { + "type": "boolean", + "description": "Set to true to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version." + }, + "enabled": { + "type": "boolean", + "description": "Specify true to apply the rule, or false to disable it." + }, + "maxAgeInDays": { + "type": "integer", + "description": "Specify the number of days to retain an application versions." + } + }, + "irreversibleNames": { + "deleteSourceFromS3": "DeleteSourceFromS3" + } + }, + "aws-native:elasticbeanstalk:ApplicationMaxCountRule": { + "type": "object", + "properties": { + "deleteSourceFromS3": { + "type": "boolean", + "description": "Set to true to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version." + }, + "enabled": { + "type": "boolean", + "description": "Specify true to apply the rule, or false to disable it." + }, + "maxCount": { + "type": "integer", + "description": "Specify the maximum number of application versions to retain." + } + }, + "irreversibleNames": { + "deleteSourceFromS3": "DeleteSourceFromS3" + } + }, + "aws-native:elasticbeanstalk:ApplicationResourceLifecycleConfig": { + "type": "object", + "properties": { + "serviceRole": { + "type": "string", + "description": "The ARN of an IAM service role that Elastic Beanstalk has permission to assume. The ServiceRole property is required the first time that you provide a ResourceLifecycleConfig for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value." + }, + "versionLifecycleConfig": { + "$ref": "#/types/aws-native:elasticbeanstalk:ApplicationVersionLifecycleConfig", + "description": "Defines lifecycle settings for application versions." + } + } + }, + "aws-native:elasticbeanstalk:ApplicationVersionLifecycleConfig": { + "type": "object", + "properties": { + "maxAgeRule": { + "$ref": "#/types/aws-native:elasticbeanstalk:ApplicationMaxAgeRule", + "description": "Specify a max age rule to restrict the length of time that application versions are retained for an application." + }, + "maxCountRule": { + "$ref": "#/types/aws-native:elasticbeanstalk:ApplicationMaxCountRule", + "description": "Specify a max count rule to restrict the number of application versions that are retained for an application." + } + } + }, + "aws-native:elasticbeanstalk:ApplicationVersionSourceBundle": { + "type": "object", + "properties": { + "s3Bucket": { + "type": "string", + "description": "The Amazon S3 bucket where the data is located." + }, + "s3Key": { + "type": "string", + "description": "The Amazon S3 key where the data is located." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3Key": "S3Key" + } + }, + "aws-native:elasticbeanstalk:ConfigurationTemplateConfigurationOptionSetting": { + "type": "object", + "properties": { + "namespace": { + "type": "string", + "description": "A unique namespace that identifies the option's associated AWS resource." + }, + "optionName": { + "type": "string", + "description": "The name of the configuration option." + }, + "resourceName": { + "type": "string", + "description": "A unique resource name for the option setting. Use it for a time–based scaling configuration option. " + }, + "value": { + "type": "string", + "description": "The current value for the configuration option." + } + } + }, + "aws-native:elasticbeanstalk:ConfigurationTemplateSourceConfiguration": { + "type": "object", + "properties": { + "applicationName": { + "type": "string", + "description": "The name of the application associated with the configuration." + }, + "templateName": { + "type": "string", + "description": "The name of the configuration template." + } + } + }, + "aws-native:elasticbeanstalk:EnvironmentOptionSetting": { + "type": "object", + "properties": { + "namespace": { + "type": "string", + "description": "A unique namespace that identifies the option's associated AWS resource." + }, + "optionName": { + "type": "string", + "description": "The name of the configuration option." + }, + "resourceName": { + "type": "string", + "description": "A unique resource name for the option setting. Use it for a time–based scaling configuration option." + }, + "value": { + "type": "string", + "description": "The current value for the configuration option." + } + } + }, + "aws-native:elasticbeanstalk:EnvironmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag." + }, + "value": { + "type": "string", + "description": "The value for the tag." + } + } + }, + "aws-native:elasticbeanstalk:EnvironmentTier": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of this environment tier.", + "replaceOnChanges": true + }, + "type": { + "type": "string", + "description": "The type of this environment tier.", + "replaceOnChanges": true + }, + "version": { + "type": "string", + "description": "The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerAction": { + "type": "object", + "properties": { + "authenticateCognitoConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerAuthenticateCognitoConfig", + "description": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when ``Type`` is ``authenticate-cognito``." + }, + "authenticateOidcConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerAuthenticateOidcConfig", + "description": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when ``Type`` is ``authenticate-oidc``." + }, + "fixedResponseConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerFixedResponseConfig", + "description": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when ``Type`` is ``fixed-response``." + }, + "forwardConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerForwardConfig", + "description": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when ``Type`` is ``forward``. If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``." + }, + "order": { + "type": "integer", + "description": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first." + }, + "redirectConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRedirectConfig", + "description": "[Application Load Balancer] Information for creating a redirect action. Specify only when ``Type`` is ``redirect``." + }, + "targetGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target group. Specify only when ``Type`` is ``forward`` and you want to route to a single target group. To route to one or more target groups, use ``ForwardConfig`` instead." + }, + "type": { + "type": "string", + "description": "The type of action." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerAuthenticateCognitoConfig": { + "type": "object", + "properties": { + "authenticationRequestExtraParams": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint." + }, + "onUnauthenticatedRequest": { + "type": "string", + "description": "The behavior if the user is not authenticated. The following are possible values:\n + deny```` - Return an HTTP 401 Unauthorized error.\n + allow```` - Allow the request to be forwarded to the target.\n + authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value." + }, + "scope": { + "type": "string", + "description": "The set of user claims to be requested from the IdP. The default is ``openid``.\n To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP." + }, + "sessionCookieName": { + "type": "string", + "description": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie." + }, + "sessionTimeout": { + "type": "string", + "description": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days)." + }, + "userPoolArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool." + }, + "userPoolClientId": { + "type": "string", + "description": "The ID of the Amazon Cognito user pool client." + }, + "userPoolDomain": { + "type": "string", + "description": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerAuthenticateOidcConfig": { + "type": "object", + "properties": { + "authenticationRequestExtraParams": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint." + }, + "authorizationEndpoint": { + "type": "string", + "description": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path." + }, + "clientId": { + "type": "string", + "description": "The OAuth 2.0 client identifier." + }, + "clientSecret": { + "type": "string", + "description": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set ``UseExistingClientSecret`` to true." + }, + "issuer": { + "type": "string", + "description": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path." + }, + "onUnauthenticatedRequest": { + "type": "string", + "description": "The behavior if the user is not authenticated. The following are possible values:\n + deny```` - Return an HTTP 401 Unauthorized error.\n + allow```` - Allow the request to be forwarded to the target.\n + authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value." + }, + "scope": { + "type": "string", + "description": "The set of user claims to be requested from the IdP. The default is ``openid``.\n To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP." + }, + "sessionCookieName": { + "type": "string", + "description": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie." + }, + "sessionTimeout": { + "type": "string", + "description": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days)." + }, + "tokenEndpoint": { + "type": "string", + "description": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path." + }, + "useExistingClientSecret": { + "type": "boolean", + "description": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false." + }, + "userInfoEndpoint": { + "type": "string", + "description": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerCertificate": { + "type": "object", + "properties": { + "certificateArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the certificate." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerFixedResponseConfig": { + "type": "object", + "properties": { + "contentType": { + "type": "string", + "description": "The content type.\n Valid Values: text/plain | text/css | text/html | application/javascript | application/json" + }, + "messageBody": { + "type": "string", + "description": "The message." + }, + "statusCode": { + "type": "string", + "description": "The HTTP response code (2XX, 4XX, or 5XX)." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerForwardConfig": { + "type": "object", + "properties": { + "targetGroupStickinessConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerTargetGroupStickinessConfig", + "description": "Information about the target group stickiness for a rule." + }, + "targetGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerTargetGroupTuple" + }, + "description": "Information about how traffic will be distributed between multiple target groups in a forward rule." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerMutualAuthentication": { + "type": "object", + "properties": { + "ignoreClientCertificateExpiry": { + "type": "boolean", + "description": "Indicates whether expired client certificates are ignored." + }, + "mode": { + "type": "string", + "description": "The client certificate handling method. Options are ``off``, ``passthrough`` or ``verify``. The default value is ``off``." + }, + "trustStoreArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the trust store." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRedirectConfig": { + "type": "object", + "properties": { + "host": { + "type": "string", + "description": "The hostname. This component is not percent-encoded. The hostname can contain #{host}." + }, + "path": { + "type": "string", + "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}." + }, + "port": { + "type": "string", + "description": "The port. You can specify a value from 1 to 65535 or #{port}." + }, + "protocol": { + "type": "string", + "description": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You cannot redirect HTTPS to HTTP." + }, + "query": { + "type": "string", + "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords." + }, + "statusCode": { + "type": "string", + "description": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302)." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleAction": { + "type": "object", + "properties": { + "authenticateCognitoConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleAuthenticateCognitoConfig", + "description": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when ``Type`` is ``authenticate-cognito``." + }, + "authenticateOidcConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleAuthenticateOidcConfig", + "description": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when ``Type`` is ``authenticate-oidc``." + }, + "fixedResponseConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleFixedResponseConfig", + "description": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when ``Type`` is ``fixed-response``." + }, + "forwardConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleForwardConfig", + "description": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when ``Type`` is ``forward``. If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``." + }, + "order": { + "type": "integer", + "description": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first." + }, + "redirectConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleRedirectConfig", + "description": "[Application Load Balancer] Information for creating a redirect action. Specify only when ``Type`` is ``redirect``." + }, + "targetGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target group. Specify only when ``Type`` is ``forward`` and you want to route to a single target group. To route to one or more target groups, use ``ForwardConfig`` instead." + }, + "type": { + "type": "string", + "description": "The type of action." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleAuthenticateCognitoConfig": { + "type": "object", + "properties": { + "authenticationRequestExtraParams": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint." + }, + "onUnauthenticatedRequest": { + "type": "string", + "description": "The behavior if the user is not authenticated. The following are possible values:\n + deny```` - Return an HTTP 401 Unauthorized error.\n + allow```` - Allow the request to be forwarded to the target.\n + authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value." + }, + "scope": { + "type": "string", + "description": "The set of user claims to be requested from the IdP. The default is ``openid``.\n To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP." + }, + "sessionCookieName": { + "type": "string", + "description": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie." + }, + "sessionTimeout": { + "type": "integer", + "description": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days)." + }, + "userPoolArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool." + }, + "userPoolClientId": { + "type": "string", + "description": "The ID of the Amazon Cognito user pool client." + }, + "userPoolDomain": { + "type": "string", + "description": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleAuthenticateOidcConfig": { + "type": "object", + "properties": { + "authenticationRequestExtraParams": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint." + }, + "authorizationEndpoint": { + "type": "string", + "description": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path." + }, + "clientId": { + "type": "string", + "description": "The OAuth 2.0 client identifier." + }, + "clientSecret": { + "type": "string", + "description": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set ``UseExistingClientSecret`` to true." + }, + "issuer": { + "type": "string", + "description": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path." + }, + "onUnauthenticatedRequest": { + "type": "string", + "description": "The behavior if the user is not authenticated. The following are possible values:\n + deny```` - Return an HTTP 401 Unauthorized error.\n + allow```` - Allow the request to be forwarded to the target.\n + authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value." + }, + "scope": { + "type": "string", + "description": "The set of user claims to be requested from the IdP. The default is ``openid``.\n To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP." + }, + "sessionCookieName": { + "type": "string", + "description": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie." + }, + "sessionTimeout": { + "type": "integer", + "description": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days)." + }, + "tokenEndpoint": { + "type": "string", + "description": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path." + }, + "useExistingClientSecret": { + "type": "boolean", + "description": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false." + }, + "userInfoEndpoint": { + "type": "string", + "description": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleFixedResponseConfig": { + "type": "object", + "properties": { + "contentType": { + "type": "string", + "description": "The content type.\n Valid Values: text/plain | text/css | text/html | application/javascript | application/json" + }, + "messageBody": { + "type": "string", + "description": "The message." + }, + "statusCode": { + "type": "string", + "description": "The HTTP response code (2XX, 4XX, or 5XX)." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleForwardConfig": { + "type": "object", + "properties": { + "targetGroupStickinessConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleTargetGroupStickinessConfig", + "description": "Information about the target group stickiness for a rule." + }, + "targetGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleTargetGroupTuple" + }, + "description": "Information about how traffic will be distributed between multiple target groups in a forward rule." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleHostHeaderConfig": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n If you specify multiple strings, the condition is satisfied if one of the strings matches the host name." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleHttpHeaderConfig": { + "type": "object", + "properties": { + "httpHeaderName": { + "type": "string", + "description": "The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n If the same header appears multiple times in the request, we search them in order until a match is found.\n If you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleHttpRequestMethodConfig": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match.\n If you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRulePathPatternConfig": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n If you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleQueryStringConfig": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleQueryStringKeyValue" + }, + "description": "The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in ``Values`` using a '\\' character.\n If you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleQueryStringKeyValue": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key. You can omit the key." + }, + "value": { + "type": "string", + "description": "The value." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleRedirectConfig": { + "type": "object", + "properties": { + "host": { + "type": "string", + "description": "The hostname. This component is not percent-encoded. The hostname can contain #{host}." + }, + "path": { + "type": "string", + "description": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}." + }, + "port": { + "type": "string", + "description": "The port. You can specify a value from 1 to 65535 or #{port}." + }, + "protocol": { + "type": "string", + "description": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You cannot redirect HTTPS to HTTP." + }, + "query": { + "type": "string", + "description": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords." + }, + "statusCode": { + "type": "string", + "description": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302)." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleRuleCondition": { + "type": "object", + "properties": { + "field": { + "type": "string", + "description": "The field in the HTTP request. The following are the possible values:\n + ``http-header`` \n + ``http-request-method`` \n + ``host-header`` \n + ``path-pattern`` \n + ``query-string`` \n + ``source-ip``" + }, + "hostHeaderConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleHostHeaderConfig", + "description": "Information for a host header condition. Specify only when ``Field`` is ``host-header``." + }, + "httpHeaderConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleHttpHeaderConfig", + "description": "Information for an HTTP header condition. Specify only when ``Field`` is ``http-header``." + }, + "httpRequestMethodConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleHttpRequestMethodConfig", + "description": "Information for an HTTP method condition. Specify only when ``Field`` is ``http-request-method``." + }, + "pathPatternConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRulePathPatternConfig", + "description": "Information for a path pattern condition. Specify only when ``Field`` is ``path-pattern``." + }, + "queryStringConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleQueryStringConfig", + "description": "Information for a query string condition. Specify only when ``Field`` is ``query-string``." + }, + "sourceIpConfig": { + "$ref": "#/types/aws-native:elasticloadbalancingv2:ListenerRuleSourceIpConfig", + "description": "Information for a source IP condition. Specify only when ``Field`` is ``source-ip``." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The condition value. Specify only when ``Field`` is ``host-header`` or ``path-pattern``. Alternatively, to specify multiple host names or multiple path patterns, use ``HostHeaderConfig`` or ``PathPatternConfig``.\n If ``Field`` is ``host-header`` and you're not using ``HostHeaderConfig``, you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters.\n + A-Z, a-z, 0-9\n + - .\n + * (matches 0 or more characters)\n + ? (matches exactly 1 character)\n \n If ``Field`` is ``path-pattern`` and you're not using ``PathPatternConfig``, you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters.\n + A-Z, a-z, 0-9\n + _ - . $ / ~ \" ' @ : +\n + \u0026 (using \u0026amp;)\n + * (matches 0 or more characters)\n + ? (matches exactly 1 character)" + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleSourceIpConfig": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported.\n If you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleTargetGroupStickinessConfig": { + "type": "object", + "properties": { + "durationSeconds": { + "type": "integer", + "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days)." + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether target group stickiness is enabled." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerRuleTargetGroupTuple": { + "type": "object", + "properties": { + "targetGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target group." + }, + "weight": { + "type": "integer", + "description": "The weight. The range is 0 to 999." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerTargetGroupStickinessConfig": { + "type": "object", + "properties": { + "durationSeconds": { + "type": "integer", + "description": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days)." + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether target group stickiness is enabled." + } + } + }, + "aws-native:elasticloadbalancingv2:ListenerTargetGroupTuple": { + "type": "object", + "properties": { + "targetGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target group." + }, + "weight": { + "type": "integer", + "description": "The weight. The range is 0 to 999." + } + } + }, + "aws-native:elasticloadbalancingv2:LoadBalancerAttribute": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name of the attribute.\n The following attributes are supported by all load balancers:\n + ``deletion_protection.enabled`` - Indicates whether deletion protection is enabled. The value is ``true`` or ``false``. The default is ``false``.\n + ``load_balancing.cross_zone.enabled`` - Indicates whether cross-zone load balancing is enabled. The possible values are ``true`` and ``false``. The default for Network Load Balancers and Gateway Load Balancers is ``false``. The default for Application Load Balancers is ``true``, and cannot be changed.\n \n The following attributes are supported by both Application Load Balancers and Network Load Balancers:\n + ``access_logs.s3.enabled`` - Indicates whether access logs are enabled. The value is ``true`` or ``false``. The default is ``false``.\n + ``access_logs.s3.bucket`` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n + ``access_logs.s3.prefix`` - The prefix for the location in the S3 bucket for the access logs.\n + ``ipv6.deny_all_igw_traffic`` - Blocks internet gateway (IGW) access to the load balancer. It is set to ``false`` for internet-facing load balancers and ``true`` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.\n \n The following attributes are supported by only Application Load Balancers:\n + ``idle_timeout.timeout_seconds`` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.\n + ``client_keep_alive.seconds`` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n + ``connection_logs.s3.enabled`` - Indicates whether connection logs are enabled. The value is ``true`` or ``false``. The default is ``false``.\n + ``connection_logs.s3.bucket`` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n + ``connection_logs.s3.prefix`` - The prefix for the location in the S3 bucket for the connection logs.\n + ``routing.http.desync_mitigation_mode`` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are ``monitor``, ``defensive``, and ``strictest``. The default is ``defensive``.\n + ``routing.http.drop_invalid_header_fields.enabled`` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer (``true``) or routed to targets (``false``). The default is ``false``.\n + ``routing.http.preserve_host_header.enabled`` - Indicates whether the Application Load Balancer should preserve the ``Host`` header in the HTTP request and send it to the target without any change. The possible values are ``true`` and ``false``. The default is ``false``.\n + ``routing.http.x_amzn_tls_version_and_cipher_suite.enabled`` - Indicates whether the two headers (``x-amzn-tls-version`` and ``x-amzn-tls-cipher-suite``), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The ``x-amzn-tls-version`` header has information about the TLS protocol version negotiated with the client, and the ``x-amzn-tls-cipher-suite`` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are ``true`` and ``false``. The default is ``false``.\n + ``routing.http.xff_client_port.enabled`` - Indicates whether the ``X-Forwarded-For`` header should preserve the source port that the client used to connect to the load balancer. The possible values are ``true`` and ``false``. The default is ``false``.\n + ``routing.http.xff_header_processing.mode`` - Enables you to modify, preserve, or remove the ``X-Forwarded-For`` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are ``append``, ``preserve``, and ``remove``. The default is ``append``.\n + If the value is ``append``, the Application Load Balancer adds the client IP address (of the last hop) to the ``X-Forwarded-For`` header in the HTTP request before it sends it to targets.\n + If the value is ``preserve`` the Application Load Balancer preserves the ``X-Forwarded-For`` header in the HTTP request, and sends it to targets without any change.\n + If the value is ``remove``, the Application Load Balancer removes the ``X-Forwarded-For`` header in the HTTP request before it sends it to targets.\n \n + ``routing.http2.enabled`` - Indicates whether HTTP/2 is enabled. The possible values are ``true`` and ``false``. The default is ``true``. Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.\n + ``waf.fail_open.enabled`` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are ``true`` and ``false``. The default is ``false``.\n \n The following attributes are supported by only Network Load Balancers:\n + ``dns_record.client_routing_policy`` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are ``availability_zone_affinity`` with 100 percent zonal affinity, ``partial_availability_zone_affinity`` with 85 percent zonal affinity, and ``any_availability_zone`` with 0 percent zonal affinity." + }, + "value": { + "type": "string", + "description": "The value of the attribute." + } + } + }, + "aws-native:elasticloadbalancingv2:LoadBalancerSubnetMapping": { + "type": "object", + "properties": { + "allocationId": { + "type": "string", + "description": "[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer." + }, + "iPv6Address": { + "type": "string", + "description": "[Network Load Balancers] The IPv6 address." + }, + "privateIPv4Address": { + "type": "string", + "description": "[Network Load Balancers] The private IPv4 address for an internal load balancer." + }, + "subnetId": { + "type": "string", + "description": "The ID of the subnet." + } + } + }, + "aws-native:elasticloadbalancingv2:LoadBalancerTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:elasticloadbalancingv2:TargetGroupAttribute": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The value of the attribute." + }, + "value": { + "type": "string", + "description": "The name of the attribute." + } + } + }, + "aws-native:elasticloadbalancingv2:TargetGroupMatcher": { + "type": "object", + "properties": { + "grpcCode": { + "type": "string", + "description": "You can specify values between 0 and 99. You can specify multiple values, or a range of values. The default value is 12." + }, + "httpCode": { + "type": "string", + "description": "For Application Load Balancers, you can specify values between 200 and 499, and the default value is 200. You can specify multiple values or a range of values. " + } + } + }, + "aws-native:elasticloadbalancingv2:TargetGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The value for the tag. " + }, + "value": { + "type": "string", + "description": "The key name of the tag. " + } + } + }, + "aws-native:elasticloadbalancingv2:TargetGroupTargetDescription": { + "type": "object", + "properties": { + "availabilityZone": { + "type": "string", + "description": "An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer." + }, + "id": { + "type": "string", + "description": "The ID of the target. If the target type of the target group is instance, specify an instance ID. If the target type is ip, specify an IP address. If the target type is lambda, specify the ARN of the Lambda function. If the target type is alb, specify the ARN of the Application Load Balancer target. " + }, + "port": { + "type": "integer", + "description": "The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is alb, the targeted Application Load Balancer must have at least one listener whose port matches the target group port. Not used if the target is a Lambda function." + } + } + }, + "aws-native:elasticloadbalancingv2:TrustStoreRevocation": { + "type": "object", + "properties": { + "numberOfRevokedEntries": { + "type": "integer", + "description": "The number of revoked certificates." + }, + "revocationId": { + "type": "string", + "description": "The revocation ID of the revocation file." + }, + "revocationType": { + "type": "string", + "description": "The type of revocation file." + }, + "trustStoreArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the trust store." + } + } + }, + "aws-native:elasticloadbalancingv2:TrustStoreRevocationRevocationContent": { + "type": "object", + "properties": { + "revocationType": { + "type": "string", + "description": "The type of revocation file." + }, + "s3Bucket": { + "type": "string", + "description": "The Amazon S3 bucket for the revocation file." + }, + "s3Key": { + "type": "string", + "description": "The Amazon S3 path for the revocation file." + }, + "s3ObjectVersion": { + "type": "string", + "description": "The Amazon S3 object version of the revocation file." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3Key": "S3Key", + "s3ObjectVersion": "S3ObjectVersion" + } + }, + "aws-native:elasticloadbalancingv2:TrustStoreTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:emr:StudioAuthMode": { + "type": "string" + }, + "aws-native:emr:StudioIdcUserAssignment": { + "type": "string" + }, + "aws-native:emr:StudioSessionMappingIdentityType": { + "type": "string" + }, + "aws-native:emr:StudioTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:emr:WalWorkspaceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:emrcontainers:VirtualClusterContainerInfo": { + "type": "object", + "properties": { + "eksInfo": { + "$ref": "#/types/aws-native:emrcontainers:VirtualClusterEksInfo", + "description": "The information about the Amazon EKS cluster." + } + } + }, + "aws-native:emrcontainers:VirtualClusterContainerProvider": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the container cluster" + }, + "info": { + "$ref": "#/types/aws-native:emrcontainers:VirtualClusterContainerInfo", + "description": "The information about the container cluster." + }, + "type": { + "type": "string", + "description": "The type of the container provider" + } + } + }, + "aws-native:emrcontainers:VirtualClusterEksInfo": { + "type": "object", + "properties": { + "namespace": { + "type": "string", + "description": "The namespaces of the EKS cluster.\n\n*Minimum* : 1\n\n*Maximum* : 63\n\n*Pattern* : `[a-z0-9]([-a-z0-9]*[a-z0-9])?`" + } + } + }, + "aws-native:emrcontainers:VirtualClusterTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:emrserverless:ApplicationArchitecture": { + "type": "string" + }, + "aws-native:emrserverless:ApplicationAutoStartConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "If set to true, the Application will automatically start. Defaults to true." + } + } + }, + "aws-native:emrserverless:ApplicationAutoStopConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "If set to true, the Application will automatically stop after being idle. Defaults to true." + }, + "idleTimeoutMinutes": { + "type": "integer", + "description": "The amount of time [in minutes] to wait before auto stopping the Application when idle. Defaults to 15 minutes." + } + } + }, + "aws-native:emrserverless:ApplicationCloudWatchLoggingConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "If set to false, CloudWatch logging will be turned off. Defaults to false." + }, + "encryptionKeyArn": { + "type": "string", + "description": "KMS key ARN to encrypt the logs stored in given CloudWatch log-group." + }, + "logGroupName": { + "type": "string", + "description": "Log-group name to produce log-streams on CloudWatch. If undefined, logs will be produced in a default log-group /aws/emr-serverless" + }, + "logStreamNamePrefix": { + "type": "string", + "description": "Log-stream name prefix by which log-stream names will start in the CloudWatch Log-group." + }, + "logTypeMap": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:emrserverless:ApplicationLogTypeMapKeyValuePair" + }, + "description": "The specific log-streams which need to be uploaded to CloudWatch." + } + } + }, + "aws-native:emrserverless:ApplicationConfigurationObject": { + "type": "object", + "properties": { + "classification": { + "type": "string", + "description": "String with a maximum length of 1024." + }, + "configurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:emrserverless:ApplicationConfigurationObject" + } + }, + "properties": { + "type": "object", + "additionalProperties": { + "type": "string" + } + } + } + }, + "aws-native:emrserverless:ApplicationImageConfigurationInput": { + "type": "object", + "properties": { + "imageUri": { + "type": "string", + "description": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration." + } + } + }, + "aws-native:emrserverless:ApplicationInitialCapacityConfig": { + "type": "object", + "properties": { + "workerConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationWorkerConfiguration" + }, + "workerCount": { + "type": "integer", + "description": "Initial count of workers to be initialized when an Application is started. This count will be continued to be maintained until the Application is stopped" + } + } + }, + "aws-native:emrserverless:ApplicationInitialCapacityConfigKeyValuePair": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Worker type for an analytics framework." + }, + "value": { + "$ref": "#/types/aws-native:emrserverless:ApplicationInitialCapacityConfig" + } + } + }, + "aws-native:emrserverless:ApplicationInteractiveConfiguration": { + "type": "object", + "properties": { + "livyEndpointEnabled": { + "type": "boolean", + "description": "Enables an Apache Livy endpoint that you can connect to and run interactive jobs" + }, + "studioEnabled": { + "type": "boolean", + "description": "Enabled you to connect an Application to Amazon EMR Studio to run interactive workloads in a notebook" + } + } + }, + "aws-native:emrserverless:ApplicationLogTypeMapKeyValuePair": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:emrserverless:ApplicationManagedPersistenceMonitoringConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "If set to false, managed logging will be turned off. Defaults to true." + }, + "encryptionKeyArn": { + "type": "string", + "description": "KMS key ARN to encrypt the logs stored in managed persistence" + } + } + }, + "aws-native:emrserverless:ApplicationMaximumAllowedResources": { + "type": "object", + "properties": { + "cpu": { + "type": "string", + "description": "Per worker CPU resource. vCPU is the only supported unit and specifying vCPU is optional." + }, + "disk": { + "type": "string", + "description": "Per worker Disk resource. GB is the only supported unit and specifying GB is optional" + }, + "memory": { + "type": "string", + "description": "Per worker memory resource. GB is the only supported unit and specifying GB is optional." + } + } + }, + "aws-native:emrserverless:ApplicationMonitoringConfiguration": { + "type": "object", + "properties": { + "cloudWatchLoggingConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationCloudWatchLoggingConfiguration", + "description": "CloudWatch logging configurations for a JobRun." + }, + "managedPersistenceMonitoringConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationManagedPersistenceMonitoringConfiguration", + "description": "Managed log persistence configurations for a JobRun." + }, + "s3MonitoringConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationS3MonitoringConfiguration", + "description": "S3 monitoring configurations for a JobRun." + } + }, + "irreversibleNames": { + "s3MonitoringConfiguration": "S3MonitoringConfiguration" + } + }, + "aws-native:emrserverless:ApplicationNetworkConfiguration": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of the security groups in the VPC to which you want to connect your job or application." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of the subnets in the VPC to which you want to connect your job or application." + } + } + }, + "aws-native:emrserverless:ApplicationS3MonitoringConfiguration": { + "type": "object", + "properties": { + "encryptionKeyArn": { + "type": "string", + "description": "KMS key ARN to encrypt the logs stored in given s3" + }, + "logUri": { + "type": "string" + } + } + }, + "aws-native:emrserverless:ApplicationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 128 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:emrserverless:ApplicationWorkerConfiguration": { + "type": "object", + "properties": { + "cpu": { + "type": "string", + "description": "Per worker CPU resource. vCPU is the only supported unit and specifying vCPU is optional." + }, + "disk": { + "type": "string", + "description": "Per worker Disk resource. GB is the only supported unit and specifying GB is optional" + }, + "diskType": { + "type": "string", + "description": "Per worker DiskType resource. Shuffle optimized and Standard are only supported types and specifying diskType is optional" + }, + "memory": { + "type": "string", + "description": "Per worker memory resource. GB is the only supported unit and specifying GB is optional." + } + } + }, + "aws-native:emrserverless:ApplicationWorkerTypeSpecificationInput": { + "type": "object", + "properties": { + "imageConfiguration": { + "$ref": "#/types/aws-native:emrserverless:ApplicationImageConfigurationInput", + "description": "The image configuration for a worker type." + } + } + }, + "aws-native:entityresolution:IdMappingWorkflowIdMappingRuleBasedProperties": { + "type": "object", + "properties": { + "attributeMatchingModel": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowIdMappingRuleBasedPropertiesAttributeMatchingModel", + "description": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of the `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B." + }, + "recordMatchingModel": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowIdMappingRuleBasedPropertiesRecordMatchingModel", + "description": "The type of matching record that is allowed to be used in an ID mapping workflow.\n\nIf the value is set to `ONE_SOURCE_TO_ONE_TARGET` , only one record in the source can be matched to the same record in the target.\n\nIf the value is set to `MANY_SOURCE_TO_ONE_TARGET` , multiple records in the source can be matched to one record in the target." + }, + "ruleDefinitionType": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowIdMappingRuleBasedPropertiesRuleDefinitionType", + "description": "The set of rules you can use in an ID mapping workflow. The limitations specified for the source or target to define the match rules must be compatible." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowRule" + }, + "description": "The rules that can be used for ID mapping." + } + } + }, + "aws-native:entityresolution:IdMappingWorkflowIdMappingRuleBasedPropertiesAttributeMatchingModel": { + "type": "string" + }, + "aws-native:entityresolution:IdMappingWorkflowIdMappingRuleBasedPropertiesRecordMatchingModel": { + "type": "string" + }, + "aws-native:entityresolution:IdMappingWorkflowIdMappingRuleBasedPropertiesRuleDefinitionType": { + "type": "string" + }, + "aws-native:entityresolution:IdMappingWorkflowIdMappingTechniques": { + "type": "object", + "properties": { + "idMappingType": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowIdMappingTechniquesIdMappingType", + "description": "The type of ID mapping." + }, + "providerProperties": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowProviderProperties", + "description": "An object which defines any additional configurations required by the provider service." + }, + "ruleBasedProperties": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowIdMappingRuleBasedProperties", + "description": "An object which defines any additional configurations required by rule-based matching." + } + } + }, + "aws-native:entityresolution:IdMappingWorkflowIdMappingTechniquesIdMappingType": { + "type": "string" + }, + "aws-native:entityresolution:IdMappingWorkflowInputSource": { + "type": "object", + "properties": { + "inputSourceArn": { + "type": "string", + "description": "An Glue table ARN for the input source table, MatchingWorkflow arn or IdNamespace ARN" + }, + "schemaArn": { + "type": "string", + "description": "The ARN (Amazon Resource Name) that AWS Entity Resolution generated for the `SchemaMapping` ." + }, + "type": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowInputSourceType", + "description": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to." + } + }, + "irreversibleNames": { + "inputSourceArn": "InputSourceARN" + } + }, + "aws-native:entityresolution:IdMappingWorkflowInputSourceType": { + "type": "string" + }, + "aws-native:entityresolution:IdMappingWorkflowIntermediateSourceConfiguration": { + "type": "object", + "properties": { + "intermediateS3Path": { + "type": "string", + "description": "The s3 path that would be used to stage the intermediate data being generated during workflow execution." + } + }, + "irreversibleNames": { + "intermediateS3Path": "IntermediateS3Path" + } + }, + "aws-native:entityresolution:IdMappingWorkflowOutputSource": { + "type": "object", + "properties": { + "kmsArn": { + "type": "string", + "description": "Customer AWS KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key." + }, + "outputS3Path": { + "type": "string", + "description": "The S3 path to which Entity Resolution will write the output table" + } + }, + "irreversibleNames": { + "kmsArn": "KMSArn", + "outputS3Path": "OutputS3Path" + } + }, + "aws-native:entityresolution:IdMappingWorkflowProviderProperties": { + "type": "object", + "properties": { + "intermediateSourceConfiguration": { + "$ref": "#/types/aws-native:entityresolution:IdMappingWorkflowIntermediateSourceConfiguration", + "description": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently." + }, + "providerConfiguration": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Additional Provider configuration that would be required for the provider service. The Configuration must be in JSON string format" + }, + "providerServiceArn": { + "type": "string", + "description": "Arn of the Provider Service being used." + } + } + }, + "aws-native:entityresolution:IdMappingWorkflowRule": { + "type": "object", + "properties": { + "matchingKeys": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match." + }, + "ruleName": { + "type": "string", + "description": "A name for the matching rule." + } + } + }, + "aws-native:entityresolution:IdMappingWorkflowTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:entityresolution:IdNamespaceIdMappingWorkflowProperties": { + "type": "object", + "properties": { + "idMappingType": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceIdMappingWorkflowPropertiesIdMappingType", + "description": "The type of ID mapping." + }, + "providerProperties": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceNamespaceProviderProperties", + "description": "An object which defines any additional configurations required by the provider service." + }, + "ruleBasedProperties": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceNamespaceRuleBasedProperties", + "description": "An object which defines any additional configurations required by rule-based matching." + } + } + }, + "aws-native:entityresolution:IdNamespaceIdMappingWorkflowPropertiesIdMappingType": { + "type": "string" + }, + "aws-native:entityresolution:IdNamespaceInputSource": { + "type": "object", + "properties": { + "inputSourceArn": { + "type": "string", + "description": "An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table." + }, + "schemaName": { + "type": "string", + "description": "The name of the schema." + } + }, + "irreversibleNames": { + "inputSourceArn": "InputSourceARN" + } + }, + "aws-native:entityresolution:IdNamespaceNamespaceProviderProperties": { + "type": "object", + "properties": { + "providerConfiguration": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Additional Provider configuration that would be required for the provider service. The Configuration must be in JSON string format." + }, + "providerServiceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the provider service." + } + } + }, + "aws-native:entityresolution:IdNamespaceNamespaceRuleBasedProperties": { + "type": "object", + "properties": { + "attributeMatchingModel": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceNamespaceRuleBasedPropertiesAttributeMatchingModel", + "description": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B." + }, + "recordMatchingModels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceRecordMatchingModel" + }, + "description": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B." + }, + "ruleDefinitionTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceRuleDefinitionType" + }, + "description": "The sets of rules you can use in an ID mapping workflow. The limitations specified for the source and target must be compatible." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:IdNamespaceRule" + }, + "description": "The rules for the ID namespace." + } + } + }, + "aws-native:entityresolution:IdNamespaceNamespaceRuleBasedPropertiesAttributeMatchingModel": { + "type": "string" + }, + "aws-native:entityresolution:IdNamespaceRecordMatchingModel": { + "type": "string" + }, + "aws-native:entityresolution:IdNamespaceRule": { + "type": "object", + "properties": { + "matchingKeys": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match." + }, + "ruleName": { + "type": "string", + "description": "A name for the matching rule." + } + } + }, + "aws-native:entityresolution:IdNamespaceRuleDefinitionType": { + "type": "string" + }, + "aws-native:entityresolution:IdNamespaceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:entityresolution:IdNamespaceType": { + "type": "string" + }, + "aws-native:entityresolution:MatchingWorkflowInputSource": { + "type": "object", + "properties": { + "applyNormalization": { + "type": "boolean", + "description": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890." + }, + "inputSourceArn": { + "type": "string", + "description": "An Glue table ARN for the input source table" + }, + "schemaArn": { + "type": "string", + "description": "The name of the schema." + } + }, + "irreversibleNames": { + "inputSourceArn": "InputSourceARN" + } + }, + "aws-native:entityresolution:MatchingWorkflowIntermediateSourceConfiguration": { + "type": "object", + "properties": { + "intermediateS3Path": { + "type": "string", + "description": "The s3 path that would be used to stage the intermediate data being generated during workflow execution." + } + }, + "irreversibleNames": { + "intermediateS3Path": "IntermediateS3Path" + } + }, + "aws-native:entityresolution:MatchingWorkflowOutputAttribute": { + "type": "object", + "properties": { + "hashed": { + "type": "boolean", + "description": "Enables the ability to hash the column values in the output." + }, + "name": { + "type": "string", + "description": "A name of a column to be written to the output. This must be an `InputField` name in the schema mapping." + } + } + }, + "aws-native:entityresolution:MatchingWorkflowOutputSource": { + "type": "object", + "properties": { + "applyNormalization": { + "type": "boolean", + "description": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890." + }, + "kmsArn": { + "type": "string", + "description": "Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key." + }, + "output": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowOutputAttribute" + }, + "description": "A list of `OutputAttribute` objects, each of which have the fields `Name` and `Hashed` . Each of these objects selects a column to be included in the output table, and whether the values of the column should be hashed." + }, + "outputS3Path": { + "type": "string", + "description": "The S3 path to which Entity Resolution will write the output table" + } + }, + "irreversibleNames": { + "kmsArn": "KMSArn", + "outputS3Path": "OutputS3Path" + } + }, + "aws-native:entityresolution:MatchingWorkflowProviderProperties": { + "type": "object", + "properties": { + "intermediateSourceConfiguration": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowIntermediateSourceConfiguration", + "description": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently." + }, + "providerConfiguration": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Additional Provider configuration that would be required for the provider service. The Configuration must be in JSON string format" + }, + "providerServiceArn": { + "type": "string", + "description": "Arn of the Provider service being used." + } + } + }, + "aws-native:entityresolution:MatchingWorkflowResolutionTechniques": { + "type": "object", + "properties": { + "providerProperties": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowProviderProperties", + "description": "The properties of the provider service." + }, + "resolutionType": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowResolutionType", + "description": "The type of matching. There are three types of matching: `RULE_MATCHING` , `ML_MATCHING` , and `PROVIDER` ." + }, + "ruleBasedProperties": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowRuleBasedProperties", + "description": "An object which defines the list of matching rules to run and has a field `Rules` , which is a list of rule objects." + } + } + }, + "aws-native:entityresolution:MatchingWorkflowResolutionType": { + "type": "string" + }, + "aws-native:entityresolution:MatchingWorkflowRule": { + "type": "object", + "properties": { + "matchingKeys": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match." + }, + "ruleName": { + "type": "string", + "description": "A name for the matching rule." + } + } + }, + "aws-native:entityresolution:MatchingWorkflowRuleBasedProperties": { + "type": "object", + "properties": { + "attributeMatchingModel": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowRuleBasedPropertiesAttributeMatchingModel", + "description": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` .\n\nIf you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A and the value of `BusinessEmail` field of Profile B matches, the two profiles are matched on the `Email` attribute type.\n\nIf you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B." + }, + "matchPurpose": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowRuleBasedPropertiesMatchPurpose", + "description": "An indicator of whether to generate IDs and index the data or not.\n\nIf you choose `IDENTIFIER_GENERATION` , the process generates IDs and indexes the data.\n\nIf you choose `INDEXING` , the process indexes the data without generating IDs." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:entityresolution:MatchingWorkflowRule" + }, + "description": "A list of `Rule` objects, each of which have fields `RuleName` and `MatchingKeys` ." + } + } + }, + "aws-native:entityresolution:MatchingWorkflowRuleBasedPropertiesAttributeMatchingModel": { + "type": "string" + }, + "aws-native:entityresolution:MatchingWorkflowRuleBasedPropertiesMatchPurpose": { + "type": "string" + }, + "aws-native:entityresolution:MatchingWorkflowTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:entityresolution:PolicyStatementStatementEffect": { + "type": "string" + }, + "aws-native:entityresolution:SchemaMappingSchemaAttributeType": { + "type": "string" + }, + "aws-native:entityresolution:SchemaMappingSchemaInputAttribute": { + "type": "object", + "properties": { + "fieldName": { + "type": "string" + }, + "groupName": { + "type": "string" + }, + "hashed": { + "type": "boolean" + }, + "matchKey": { + "type": "string" + }, + "subType": { + "type": "string", + "description": "The subtype of the Attribute. Would be required only when type is PROVIDER_ID" + }, + "type": { + "$ref": "#/types/aws-native:entityresolution:SchemaMappingSchemaAttributeType" + } + } + }, + "aws-native:entityresolution:SchemaMappingTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:events:ApiDestinationHttpMethod": { + "type": "string" + }, + "aws-native:events:ConnectionApiKeyAuthParameters": { + "type": "object", + "properties": { + "apiKeyName": { + "type": "string", + "description": "The name of the API key to use for authorization." + }, + "apiKeyValue": { + "type": "string", + "description": "The value for the API key to use for authorization." + } + } + }, + "aws-native:events:ConnectionAuthParameters": { + "type": "object", + "properties": { + "apiKeyAuthParameters": { + "$ref": "#/types/aws-native:events:ConnectionApiKeyAuthParameters", + "description": "The API Key parameters to use for authorization." + }, + "basicAuthParameters": { + "$ref": "#/types/aws-native:events:ConnectionBasicAuthParameters", + "description": "The authorization parameters for Basic authorization." + }, + "invocationHttpParameters": { + "$ref": "#/types/aws-native:events:ConnectionHttpParameters", + "description": "Additional parameters for the connection that are passed through with every invocation to the HTTP endpoint." + }, + "oAuthParameters": { + "$ref": "#/types/aws-native:events:ConnectionOAuthParameters", + "description": "The OAuth parameters to use for authorization." + } + } + }, + "aws-native:events:ConnectionAuthorizationType": { + "type": "string" + }, + "aws-native:events:ConnectionBasicAuthParameters": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "The password associated with the user name to use for Basic authorization." + }, + "username": { + "type": "string", + "description": "The user name to use for Basic authorization." + } + } + }, + "aws-native:events:ConnectionClientParameters": { + "type": "object", + "properties": { + "clientId": { + "type": "string", + "description": "The client ID to use for OAuth authorization." + }, + "clientSecret": { + "type": "string", + "description": "The client secret assciated with the client ID to use for OAuth authorization." + } + }, + "irreversibleNames": { + "clientId": "ClientID" + } + }, + "aws-native:events:ConnectionHttpParameters": { + "type": "object", + "properties": { + "bodyParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:ConnectionParameter" + }, + "description": "Contains additional body string parameters for the connection." + }, + "headerParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:ConnectionParameter" + }, + "description": "Contains additional header parameters for the connection." + }, + "queryStringParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:ConnectionParameter" + }, + "description": "Contains additional query string parameters for the connection." + } + } + }, + "aws-native:events:ConnectionOAuthParameters": { + "type": "object", + "properties": { + "authorizationEndpoint": { + "type": "string", + "description": "The URL to the authorization endpoint when OAuth is specified as the authorization type." + }, + "clientParameters": { + "$ref": "#/types/aws-native:events:ConnectionClientParameters", + "description": "A `CreateConnectionOAuthClientRequestParameters` object that contains the client parameters for OAuth authorization." + }, + "httpMethod": { + "$ref": "#/types/aws-native:events:ConnectionOAuthParametersHttpMethod", + "description": "The method to use for the authorization request." + }, + "oAuthHttpParameters": { + "$ref": "#/types/aws-native:events:ConnectionHttpParameters", + "description": "A `ConnectionHttpParameters` object that contains details about the additional parameters to use for the connection." + } + } + }, + "aws-native:events:ConnectionOAuthParametersHttpMethod": { + "type": "string" + }, + "aws-native:events:ConnectionParameter": { + "type": "object", + "properties": { + "isValueSecret": { + "type": "boolean", + "description": "Specifies whether the value is secret." + }, + "key": { + "type": "string", + "description": "The key for a query string parameter." + }, + "value": { + "type": "string", + "description": "The value associated with the key for the query string parameter." + } + } + }, + "aws-native:events:DeadLetterConfigProperties": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The ARN of the SQS queue specified as the target for the dead-letter queue." + } + } + }, + "aws-native:events:EndpointEventBus": { + "type": "object", + "properties": { + "eventBusArn": { + "type": "string" + } + } + }, + "aws-native:events:EndpointFailoverConfig": { + "type": "object", + "properties": { + "primary": { + "$ref": "#/types/aws-native:events:EndpointPrimary", + "description": "The main Region of the endpoint." + }, + "secondary": { + "$ref": "#/types/aws-native:events:EndpointSecondary", + "description": "The Region that events are routed to when failover is triggered or event replication is enabled." + } + } + }, + "aws-native:events:EndpointPrimary": { + "type": "object", + "properties": { + "healthCheck": { + "type": "string", + "description": "The ARN of the health check used by the endpoint to determine whether failover is triggered." + } + } + }, + "aws-native:events:EndpointReplicationConfig": { + "type": "object", + "properties": { + "state": { + "$ref": "#/types/aws-native:events:EndpointReplicationState", + "description": "The state of event replication." + } + } + }, + "aws-native:events:EndpointReplicationState": { + "type": "string" + }, + "aws-native:events:EndpointRoutingConfig": { + "type": "object", + "properties": { + "failoverConfig": { + "$ref": "#/types/aws-native:events:EndpointFailoverConfig", + "description": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered." + } + } + }, + "aws-native:events:EndpointSecondary": { + "type": "object", + "properties": { + "route": { + "type": "string", + "description": "Defines the secondary Region." + } + } + }, + "aws-native:events:EndpointState": { + "type": "string" + }, + "aws-native:events:EventBusTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources." + }, + "value": { + "type": "string", + "description": "The value for the specified tag key." + } + } + }, + "aws-native:events:RuleAppSyncParameters": { + "type": "object", + "properties": { + "graphQlOperation": { + "type": "string", + "description": "The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service.\n\nFor more information, see [Operations](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations) in the *AWS AppSync User Guide* ." + } + }, + "irreversibleNames": { + "graphQlOperation": "GraphQLOperation" + } + }, + "aws-native:events:RuleAwsVpcConfiguration": { + "type": "object", + "properties": { + "assignPublicIp": { + "type": "string", + "description": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` ." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets." + } + } + }, + "aws-native:events:RuleBatchArrayProperties": { + "type": "object", + "properties": { + "size": { + "type": "integer", + "description": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000." + } + } + }, + "aws-native:events:RuleBatchParameters": { + "type": "object", + "properties": { + "arrayProperties": { + "$ref": "#/types/aws-native:events:RuleBatchArrayProperties", + "description": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job." + }, + "jobDefinition": { + "type": "string", + "description": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist." + }, + "jobName": { + "type": "string", + "description": "The name to use for this execution of the job, if the target is an AWS Batch job." + }, + "retryStrategy": { + "$ref": "#/types/aws-native:events:RuleBatchRetryStrategy", + "description": "The retry strategy to use for failed jobs, if the target is an AWS Batch job. The retry strategy is the number of times to retry the failed job execution. Valid values are 1–10. When you specify a retry strategy here, it overrides the retry strategy defined in the job definition." + } + } + }, + "aws-native:events:RuleBatchRetryStrategy": { + "type": "object", + "properties": { + "attempts": { + "type": "integer", + "description": "The number of times to attempt to retry, if the job fails. Valid values are 1–10." + } + } + }, + "aws-native:events:RuleCapacityProviderStrategyItem": { + "type": "object", + "properties": { + "base": { + "type": "integer", + "description": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used." + }, + "capacityProvider": { + "type": "string", + "description": "The short name of the capacity provider." + }, + "weight": { + "type": "integer", + "description": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied." + } + } + }, + "aws-native:events:RuleDeadLetterConfig": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The ARN of the SQS queue specified as the target for the dead-letter queue." + } + } + }, + "aws-native:events:RuleEcsParameters": { + "type": "object", + "properties": { + "capacityProviderStrategy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:RuleCapacityProviderStrategyItem" + }, + "description": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used." + }, + "enableEcsManagedTags": { + "type": "boolean", + "description": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide." + }, + "enableExecuteCommand": { + "type": "boolean", + "description": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task." + }, + "group": { + "type": "string", + "description": "Specifies an ECS task group for the task. The maximum length is 255 characters." + }, + "launchType": { + "type": "string", + "description": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:events:RuleNetworkConfiguration", + "description": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails." + }, + "placementConstraints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:RulePlacementConstraint" + }, + "description": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime)." + }, + "placementStrategies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:RulePlacementStrategy" + }, + "description": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task." + }, + "platformVersion": { + "type": "string", + "description": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "propagateTags": { + "type": "string", + "description": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action." + }, + "referenceId": { + "type": "string", + "description": "The reference ID to use for the task." + }, + "tagList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:RuleTag" + }, + "description": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference." + }, + "taskCount": { + "type": "integer", + "description": "The number of tasks to create based on `TaskDefinition` . The default is 1." + }, + "taskDefinitionArn": { + "type": "string", + "description": "The ARN of the task definition to use if the event target is an Amazon ECS task." + } + }, + "irreversibleNames": { + "enableEcsManagedTags": "EnableECSManagedTags" + } + }, + "aws-native:events:RuleHttpParameters": { + "type": "object", + "properties": { + "headerParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The headers that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination." + }, + "pathParameterValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The path parameter values to be used to populate API Gateway API or EventBridge ApiDestination path wildcards (\"*\")." + }, + "queryStringParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The query string keys/values that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination." + } + } + }, + "aws-native:events:RuleInputTransformer": { + "type": "object", + "properties": { + "inputPathsMap": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Map of JSON paths to be extracted from the event. You can then insert these in the template in `InputTemplate` to produce the output you want to be sent to the target.\n\n`InputPathsMap` is an array key-value pairs, where each value is a valid JSON path. You can have as many as 100 key-value pairs. You must use JSON dot notation, not bracket notation.\n\nThe keys cannot start with \" AWS .\"" + }, + "inputTemplate": { + "type": "string", + "description": "Input template where you specify placeholders that will be filled with the values of the keys from `InputPathsMap` to customize the data sent to the target. Enclose each `InputPathsMaps` value in brackets: \u003c *value* \u003e\n\nIf `InputTemplate` is a JSON object (surrounded by curly braces), the following restrictions apply:\n\n- The placeholder cannot be used as an object key.\n\nThe following example shows the syntax for using `InputPathsMap` and `InputTemplate` .\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \"\u003cinstance\u003e is in state \u003cstatus\u003e\"`\n\n`}`\n\nTo have the `InputTemplate` include quote marks within a JSON string, escape each quote marks with a slash, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \"\u003cinstance\u003e is in state \\\"\u003cstatus\u003e\\\"\"`\n\n`}`\n\nThe `InputTemplate` can also be valid JSON with varibles in quotes or out, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": '{\"myInstance\": \u003cinstance\u003e,\"myStatus\": \"\u003cinstance\u003e is in state \\\"\u003cstatus\u003e\\\"\"}'`\n\n`}`" + } + } + }, + "aws-native:events:RuleKinesisParameters": { + "type": "object", + "properties": { + "partitionKeyPath": { + "type": "string", + "description": "The JSON path to be extracted from the event and used as the partition key. For more information, see [Amazon Kinesis Streams Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html#partition-key) in the *Amazon Kinesis Streams Developer Guide* ." + } + } + }, + "aws-native:events:RuleNetworkConfiguration": { + "type": "object", + "properties": { + "awsVpcConfiguration": { + "$ref": "#/types/aws-native:events:RuleAwsVpcConfiguration", + "description": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode." + } + } + }, + "aws-native:events:RulePlacementConstraint": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide." + }, + "type": { + "type": "string", + "description": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates." + } + } + }, + "aws-native:events:RulePlacementStrategy": { + "type": "object", + "properties": { + "field": { + "type": "string", + "description": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used." + }, + "type": { + "type": "string", + "description": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task)." + } + } + }, + "aws-native:events:RuleRedshiftDataParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "The name of the database. Required when authenticating using temporary credentials." + }, + "dbUser": { + "type": "string", + "description": "The database user name. Required when authenticating using temporary credentials." + }, + "secretManagerArn": { + "type": "string", + "description": "The name or ARN of the secret that enables access to the database. Required when authenticating using AWS Secrets Manager." + }, + "sql": { + "type": "string", + "description": "The SQL statement text to run." + }, + "sqls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more SQL statements to run. The SQL statements are run as a single transaction. They run serially in the order of the array. Subsequent SQL statements don't start until the previous statement in the array completes. If any SQL statement fails, then because they are run as one transaction, all work is rolled back." + }, + "statementName": { + "type": "string", + "description": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query." + }, + "withEvent": { + "type": "boolean", + "description": "Indicates whether to send an event back to EventBridge after the SQL statement runs." + } + } + }, + "aws-native:events:RuleRetryPolicy": { + "type": "object", + "properties": { + "maximumEventAgeInSeconds": { + "type": "integer", + "description": "The maximum amount of time, in seconds, to continue to make retry attempts." + }, + "maximumRetryAttempts": { + "type": "integer", + "description": "The maximum number of retry attempts to make before the request fails. Retry attempts continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is met." + } + } + }, + "aws-native:events:RuleRunCommandParameters": { + "type": "object", + "properties": { + "runCommandTargets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:RuleRunCommandTarget" + }, + "description": "Currently, we support including only one RunCommandTarget block, which specifies either an array of InstanceIds or a tag." + } + } + }, + "aws-native:events:RuleRunCommandTarget": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Can be either `tag:` *tag-key* or `InstanceIds` ." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "If `Key` is `tag:` *tag-key* , `Values` is a list of tag values. If `Key` is `InstanceIds` , `Values` is a list of Amazon EC2 instance IDs." + } + } + }, + "aws-native:events:RuleSageMakerPipelineParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of parameter to start execution of a SageMaker Model Building Pipeline." + }, + "value": { + "type": "string", + "description": "Value of parameter to start execution of a SageMaker Model Building Pipeline." + } + } + }, + "aws-native:events:RuleSageMakerPipelineParameters": { + "type": "object", + "properties": { + "pipelineParameterList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:events:RuleSageMakerPipelineParameter" + }, + "description": "List of Parameter names and values for SageMaker Model Building Pipeline execution." + } + } + }, + "aws-native:events:RuleSqsParameters": { + "type": "object", + "properties": { + "messageGroupId": { + "type": "string", + "description": "The FIFO message group ID to use as the target." + } + } + }, + "aws-native:events:RuleState": { + "type": "string" + }, + "aws-native:events:RuleTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources." + }, + "value": { + "type": "string", + "description": "The value for the specified tag key." + } + } + }, + "aws-native:events:RuleTarget": { + "type": "object", + "properties": { + "appSyncParameters": { + "$ref": "#/types/aws-native:events:RuleAppSyncParameters", + "description": "Contains the GraphQL operation to be parsed and executed, if the event target is an AWS AppSync API." + }, + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target." + }, + "batchParameters": { + "$ref": "#/types/aws-native:events:RuleBatchParameters", + "description": "If the event target is an AWS Batch job, this contains the job definition, job name, and other parameters. For more information, see [Jobs](https://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the *AWS Batch User Guide* ." + }, + "deadLetterConfig": { + "$ref": "#/types/aws-native:events:RuleDeadLetterConfig", + "description": "The `DeadLetterConfig` that defines the target queue to send dead-letter queue events to." + }, + "ecsParameters": { + "$ref": "#/types/aws-native:events:RuleEcsParameters", + "description": "Contains the Amazon ECS task definition and task count to be used, if the event target is an Amazon ECS task. For more information about Amazon ECS tasks, see [Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon EC2 Container Service Developer Guide* ." + }, + "httpParameters": { + "$ref": "#/types/aws-native:events:RuleHttpParameters", + "description": "Contains the HTTP parameters to use when the target is a API Gateway endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence." + }, + "id": { + "type": "string", + "description": "The ID of the target within the specified rule. Use this ID to reference the target when updating the rule. We recommend using a memorable and unique string." + }, + "input": { + "type": "string", + "description": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) ." + }, + "inputPath": { + "type": "string", + "description": "The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. You may use JSON dot notation or bracket notation. For more information about JSON paths, see [JSONPath](https://docs.aws.amazon.com/http://goessner.net/articles/JsonPath/) ." + }, + "inputTransformer": { + "$ref": "#/types/aws-native:events:RuleInputTransformer", + "description": "Settings to enable you to provide custom input to a target based on certain event data. You can extract one or more key-value pairs from the event and then use that data to send customized input to the target." + }, + "kinesisParameters": { + "$ref": "#/types/aws-native:events:RuleKinesisParameters", + "description": "The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the `eventId` as the partition key." + }, + "redshiftDataParameters": { + "$ref": "#/types/aws-native:events:RuleRedshiftDataParameters", + "description": "Contains the Amazon Redshift Data API parameters to use when the target is a Amazon Redshift cluster.\n\nIf you specify a Amazon Redshift Cluster as a Target, you can use this to specify parameters to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events." + }, + "retryPolicy": { + "$ref": "#/types/aws-native:events:RuleRetryPolicy", + "description": "The `RetryPolicy` object that contains the retry policy configuration to use for the dead-letter queue." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. If one rule triggers multiple targets, you can use a different IAM role for each target." + }, + "runCommandParameters": { + "$ref": "#/types/aws-native:events:RuleRunCommandParameters", + "description": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command." + }, + "sageMakerPipelineParameters": { + "$ref": "#/types/aws-native:events:RuleSageMakerPipelineParameters", + "description": "Contains the SageMaker Model Building Pipeline parameters to start execution of a SageMaker Model Building Pipeline.\n\nIf you specify a SageMaker Model Building Pipeline as a target, you can use this to specify parameters to start a pipeline execution based on EventBridge events." + }, + "sqsParameters": { + "$ref": "#/types/aws-native:events:RuleSqsParameters", + "description": "Contains the message group ID to use when the target is a FIFO queue.\n\nIf you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled." + } + } + }, + "aws-native:eventschemas:DiscovererTagsEntry": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of a key-value pair." + }, + "value": { + "type": "string", + "description": "The value of a key-value pair." + } + } + }, + "aws-native:eventschemas:RegistryTagsEntry": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of a key-value pair." + }, + "value": { + "type": "string", + "description": "The value of a key-value pair." + } + } + }, + "aws-native:eventschemas:SchemaTagsEntry": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of a key-value pair." + }, + "value": { + "type": "string", + "description": "The value of a key-value pair." + } + } + }, + "aws-native:evidently:ExperimentMetricGoalObject": { + "type": "object", + "properties": { + "desiredChange": { + "$ref": "#/types/aws-native:evidently:ExperimentMetricGoalObjectDesiredChange", + "description": "`INCREASE` means that a variation with a higher number for this metric is performing better.\n\n`DECREASE` means that a variation with a lower number for this metric is performing better." + }, + "entityIdKey": { + "type": "string", + "description": "The JSON path to reference the entity id in the event." + }, + "eventPattern": { + "type": "string", + "description": "Event patterns have the same structure as the events they match. Rules use event patterns to select events. An event pattern either matches an event or it doesn't." + }, + "metricName": { + "type": "string", + "description": "A name for the metric. It can include up to 255 characters." + }, + "unitLabel": { + "type": "string", + "description": "A label for the units that the metric is measuring." + }, + "valueKey": { + "type": "string", + "description": "The JSON path to reference the numerical metric value in the event." + } + } + }, + "aws-native:evidently:ExperimentMetricGoalObjectDesiredChange": { + "type": "string" + }, + "aws-native:evidently:ExperimentOnlineAbConfigObject": { + "type": "object", + "properties": { + "controlTreatmentName": { + "type": "string", + "description": "The name of the variation that is to be the default variation that the other variations are compared to." + }, + "treatmentWeights": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:ExperimentTreatmentToWeight" + }, + "description": "A set of key-value pairs. The keys are treatment names, and the values are the portion of experiment traffic to be assigned to that treatment. Specify the traffic portion in thousandths of a percent, so 20,000 for a variation would allocate 20% of the experiment traffic to that variation." + } + } + }, + "aws-native:evidently:ExperimentRunningStatusObject": { + "type": "object", + "properties": { + "analysisCompleteTime": { + "type": "string", + "description": "Provide the analysis Completion time for an experiment" + }, + "desiredState": { + "type": "string", + "description": "Provide CANCELLED or COMPLETED desired state when stopping an experiment" + }, + "reason": { + "type": "string", + "description": "Reason is a required input for stopping the experiment" + }, + "status": { + "type": "string", + "description": "Provide START or STOP action to apply on an experiment" + } + } + }, + "aws-native:evidently:ExperimentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:evidently:ExperimentTreatmentObject": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The description of the treatment." + }, + "feature": { + "type": "string", + "description": "The name of the feature for this experiment." + }, + "treatmentName": { + "type": "string", + "description": "A name for this treatment. It can include up to 127 characters." + }, + "variation": { + "type": "string", + "description": "The name of the variation to use for this treatment." + } + } + }, + "aws-native:evidently:ExperimentTreatmentToWeight": { + "type": "object", + "properties": { + "splitWeight": { + "type": "integer", + "description": "The portion of experiment traffic to allocate to this treatment. Specify the traffic portion in thousandths of a percent, so 20,000 allocated to a treatment would allocate 20% of the experiment traffic to that treatment." + }, + "treatment": { + "type": "string", + "description": "The name of the treatment." + } + } + }, + "aws-native:evidently:FeatureEntityOverride": { + "type": "object", + "properties": { + "entityId": { + "type": "string", + "description": "The entity ID to be served the variation specified in `Variation` ." + }, + "variation": { + "type": "string", + "description": "The name of the variation to serve to the user session that matches the `EntityId` ." + } + } + }, + "aws-native:evidently:FeatureEvaluationStrategy": { + "type": "string" + }, + "aws-native:evidently:FeatureTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:evidently:FeatureVariationObject": { + "type": "object", + "properties": { + "booleanValue": { + "type": "boolean", + "description": "The value assigned to this variation, if the variation type is boolean." + }, + "doubleValue": { + "type": "number", + "description": "The value assigned to this variation, if the variation type is a double." + }, + "longValue": { + "type": "number", + "description": "The value assigned to this variation, if the variation type is a long." + }, + "stringValue": { + "type": "string", + "description": "The value assigned to this variation, if the variation type is a string." + }, + "variationName": { + "type": "string", + "description": "A name for the variation. It can include up to 127 characters." + } + } + }, + "aws-native:evidently:LaunchExecutionStatusObject": { + "type": "object", + "properties": { + "desiredState": { + "type": "string", + "description": "Provide CANCELLED or COMPLETED as the launch desired state. Defaults to Completed if not provided." + }, + "reason": { + "type": "string", + "description": "Provide a reason for stopping the launch. Defaults to empty if not provided." + }, + "status": { + "type": "string", + "description": "Provide START or STOP action to apply on a launch" + } + } + }, + "aws-native:evidently:LaunchGroupObject": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "A description of the launch group." + }, + "feature": { + "type": "string", + "description": "The feature that this launch is using." + }, + "groupName": { + "type": "string", + "description": "A name for this launch group. It can include up to 127 characters." + }, + "variation": { + "type": "string", + "description": "The feature variation to use for this launch group." + } + } + }, + "aws-native:evidently:LaunchGroupToWeight": { + "type": "object", + "properties": { + "groupName": { + "type": "string", + "description": "The name of the launch group. It can include up to 127 characters." + }, + "splitWeight": { + "type": "integer", + "description": "The portion of launch traffic to allocate to this launch group.\n\nThis is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the launch audience to this launch group." + } + } + }, + "aws-native:evidently:LaunchMetricDefinitionObject": { + "type": "object", + "properties": { + "entityIdKey": { + "type": "string", + "description": "The JSON path to reference the entity id in the event." + }, + "eventPattern": { + "type": "string", + "description": "Event patterns have the same structure as the events they match. Rules use event patterns to select events. An event pattern either matches an event or it doesn't." + }, + "metricName": { + "type": "string", + "description": "A name for the metric. It can include up to 255 characters." + }, + "unitLabel": { + "type": "string", + "description": "A label for the units that the metric is measuring." + }, + "valueKey": { + "type": "string", + "description": "The JSON path to reference the numerical metric value in the event." + } + } + }, + "aws-native:evidently:LaunchSegmentOverride": { + "type": "object", + "properties": { + "evaluationOrder": { + "type": "integer", + "description": "A number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first." + }, + "segment": { + "type": "string", + "description": "The ARN of the segment to use for this override." + }, + "weights": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:LaunchGroupToWeight" + }, + "description": "The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic." + } + } + }, + "aws-native:evidently:LaunchStepConfig": { + "type": "object", + "properties": { + "groupWeights": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:LaunchGroupToWeight" + }, + "description": "An array of structures that define how much launch traffic to allocate to each launch group during this step of the launch." + }, + "segmentOverrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:evidently:LaunchSegmentOverride" + }, + "description": "An array of structures that you can use to specify different traffic splits for one or more audience *segments* . A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age.\n\nFor more information, see [Use segments to focus your audience](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html) ." + }, + "startTime": { + "type": "string", + "description": "The date and time to start this step of the launch. Use UTC format, `yyyy-MM-ddTHH:mm:ssZ` . For example, `2025-11-25T23:59:59Z`" + } + } + }, + "aws-native:evidently:LaunchTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:evidently:ProjectAppConfigResourceObject": { + "type": "object", + "properties": { + "applicationId": { + "type": "string", + "description": "The ID of the AWS AppConfig application to use for client-side evaluation." + }, + "environmentId": { + "type": "string", + "description": "The ID of the AWS AppConfig environment to use for client-side evaluation." + } + } + }, + "aws-native:evidently:ProjectDataDeliveryObject": { + "type": "object", + "properties": { + "logGroup": { + "type": "string", + "description": "If the project stores evaluation events in CloudWatch Logs , this structure stores the log group name." + }, + "s3": { + "$ref": "#/types/aws-native:evidently:ProjectS3Destination", + "description": "If the project stores evaluation events in an Amazon S3 bucket, this structure stores the bucket name and bucket prefix." + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:evidently:ProjectS3Destination": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The name of the bucket in which Evidently stores evaluation events." + }, + "prefix": { + "type": "string", + "description": "The bucket prefix in which Evidently stores evaluation events." + } + } + }, + "aws-native:evidently:ProjectTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:evidently:SegmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:finspace:EnvironmentFederationMode": { + "type": "string" + }, + "aws-native:finspace:EnvironmentFederationParameters": { + "type": "object", + "properties": { + "applicationCallBackUrl": { + "type": "string", + "description": "SAML metadata URL to link with the Environment" + }, + "attributeMap": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:finspace:EnvironmentFederationParametersAttributeMapItemProperties" + }, + "description": "Attribute map for SAML configuration" + }, + "federationProviderName": { + "type": "string", + "description": "Federation provider name to link with the Environment" + }, + "federationUrn": { + "type": "string", + "description": "SAML metadata URL to link with the Environment" + }, + "samlMetadataDocument": { + "type": "string", + "description": "SAML metadata document to link the federation provider to the Environment" + }, + "samlMetadataUrl": { + "type": "string", + "description": "SAML metadata URL to link with the Environment" + } + }, + "irreversibleNames": { + "applicationCallBackUrl": "ApplicationCallBackURL", + "federationUrn": "FederationURN", + "samlMetadataUrl": "SamlMetadataURL" + } + }, + "aws-native:finspace:EnvironmentFederationParametersAttributeMapItemProperties": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:finspace:EnvironmentStatus": { + "type": "string" + }, + "aws-native:finspace:EnvironmentSuperuserParameters": { + "type": "object", + "properties": { + "emailAddress": { + "type": "string", + "description": "Email address" + }, + "firstName": { + "type": "string", + "description": "First name" + }, + "lastName": { + "type": "string", + "description": "Last name" + } + } + }, + "aws-native:finspace:EnvironmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:fis:ExperimentTemplateAction": { + "type": "object", + "properties": { + "actionId": { + "type": "string", + "description": "The ID of the action." + }, + "description": { + "type": "string", + "description": "A description for the action." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The parameters for the action, if applicable." + }, + "startAfter": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name of the action that must be completed before the current action starts." + }, + "targets": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "One or more targets for the action." + } + } + }, + "aws-native:fis:ExperimentTemplateExperimentOptions": { + "type": "object", + "properties": { + "accountTargeting": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateExperimentOptionsAccountTargeting", + "description": "The account targeting setting for the experiment template.", + "replaceOnChanges": true + }, + "emptyTargetResolutionMode": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateExperimentOptionsEmptyTargetResolutionMode", + "description": "The target resolution failure mode for the experiment template." + } + } + }, + "aws-native:fis:ExperimentTemplateExperimentOptionsAccountTargeting": { + "type": "string" + }, + "aws-native:fis:ExperimentTemplateExperimentOptionsEmptyTargetResolutionMode": { + "type": "string" + }, + "aws-native:fis:ExperimentTemplateLogConfiguration": { + "type": "object", + "properties": { + "cloudWatchLogsConfiguration": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateLogConfigurationCloudWatchLogsConfigurationProperties", + "description": "The configuration for experiment logging to CloudWatch Logs ." + }, + "logSchemaVersion": { + "type": "integer", + "description": "The schema version." + }, + "s3Configuration": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateLogConfigurationS3ConfigurationProperties", + "description": "The configuration for experiment logging to Amazon S3 ." + } + }, + "irreversibleNames": { + "s3Configuration": "S3Configuration" + } + }, + "aws-native:fis:ExperimentTemplateLogConfigurationCloudWatchLogsConfigurationProperties": { + "type": "object", + "properties": { + "logGroupArn": { + "type": "string" + } + } + }, + "aws-native:fis:ExperimentTemplateLogConfigurationS3ConfigurationProperties": { + "type": "object", + "properties": { + "bucketName": { + "type": "string" + }, + "prefix": { + "type": "string" + } + } + }, + "aws-native:fis:ExperimentTemplateStopCondition": { + "type": "object", + "properties": { + "source": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:fis:ExperimentTemplateTarget": { + "type": "object", + "properties": { + "filters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:fis:ExperimentTemplateTargetFilter" + }, + "description": "The filters to apply to identify target resources using specific attributes." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The parameters for the resource type." + }, + "resourceArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon Resource Names (ARNs) of the targets." + }, + "resourceTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags for the target resources." + }, + "resourceType": { + "type": "string", + "description": "The resource type." + }, + "selectionMode": { + "type": "string", + "description": "Scopes the identified resources to a specific count or percentage." + } + } + }, + "aws-native:fis:ExperimentTemplateTargetFilter": { + "type": "object", + "properties": { + "path": { + "type": "string" + }, + "values": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:fms:PolicyFirewallDeploymentModel": { + "type": "string" + }, + "aws-native:fms:PolicyIeMap": { + "type": "object", + "properties": { + "account": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The account list for the map." + }, + "orgunit": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The organizational unit list for the map." + } + }, + "irreversibleNames": { + "account": "ACCOUNT", + "orgunit": "ORGUNIT" + } + }, + "aws-native:fms:PolicyNetworkAclCommonPolicy": { + "type": "object", + "properties": { + "networkAclEntrySet": { + "$ref": "#/types/aws-native:fms:PolicyNetworkAclEntrySet", + "description": "The definition of the first and last rules for the network ACL policy." + } + } + }, + "aws-native:fms:PolicyNetworkAclEntry": { + "type": "object", + "properties": { + "cidrBlock": { + "type": "string", + "description": "CIDR block." + }, + "egress": { + "type": "boolean", + "description": "Whether the entry is an egress entry." + }, + "icmpTypeCode": { + "$ref": "#/types/aws-native:fms:PolicyNetworkAclEntryIcmpTypeCodeProperties", + "description": "ICMP type and code." + }, + "ipv6CidrBlock": { + "type": "string", + "description": "IPv6 CIDR block." + }, + "portRange": { + "$ref": "#/types/aws-native:fms:PolicyNetworkAclEntryPortRangeProperties", + "description": "Port range." + }, + "protocol": { + "type": "string", + "description": "Protocol." + }, + "ruleAction": { + "$ref": "#/types/aws-native:fms:PolicyNetworkAclEntryRuleAction", + "description": "Rule Action." + } + } + }, + "aws-native:fms:PolicyNetworkAclEntryIcmpTypeCodeProperties": { + "type": "object", + "properties": { + "code": { + "type": "integer", + "description": "Code." + }, + "type": { + "type": "integer", + "description": "Type." + } + } + }, + "aws-native:fms:PolicyNetworkAclEntryPortRangeProperties": { + "type": "object", + "properties": { + "from": { + "type": "integer", + "description": "From Port." + }, + "to": { + "type": "integer", + "description": "To Port." + } + } + }, + "aws-native:fms:PolicyNetworkAclEntryRuleAction": { + "type": "string" + }, + "aws-native:fms:PolicyNetworkAclEntrySet": { + "type": "object", + "properties": { + "firstEntries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:fms:PolicyNetworkAclEntry" + }, + "description": "The rules that you want to run first in the Firewall Manager managed network ACLs.\n\n\u003e Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. \n\nYou must specify at least one first entry or one last entry in any network ACL policy." + }, + "forceRemediateForFirstEntries": { + "type": "boolean", + "description": "Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries.\n\nIf forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* ." + }, + "forceRemediateForLastEntries": { + "type": "boolean", + "description": "Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries.\n\nIf forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* ." + }, + "lastEntries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:fms:PolicyNetworkAclEntry" + }, + "description": "The rules that you want to run last in the Firewall Manager managed network ACLs.\n\n\u003e Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. \n\nYou must specify at least one first entry or one last entry in any network ACL policy." + } + } + }, + "aws-native:fms:PolicyNetworkFirewallPolicy": { + "type": "object", + "properties": { + "firewallDeploymentModel": { + "$ref": "#/types/aws-native:fms:PolicyFirewallDeploymentModel", + "description": "Defines the deployment model to use for the firewall policy. To use a distributed model, set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` ." + } + } + }, + "aws-native:fms:PolicyOption": { + "type": "object", + "properties": { + "networkAclCommonPolicy": { + "$ref": "#/types/aws-native:fms:PolicyNetworkAclCommonPolicy", + "description": "Defines a Firewall Manager network ACL policy." + }, + "networkFirewallPolicy": { + "$ref": "#/types/aws-native:fms:PolicyNetworkFirewallPolicy", + "description": "Defines the deployment model to use for the firewall policy." + }, + "thirdPartyFirewallPolicy": { + "$ref": "#/types/aws-native:fms:PolicyThirdPartyFirewallPolicy", + "description": "Defines the policy options for a third-party firewall policy." + } + } + }, + "aws-native:fms:PolicyResourceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The resource tag key." + }, + "value": { + "type": "string", + "description": "The resource tag value." + } + } + }, + "aws-native:fms:PolicySecurityServicePolicyData": { + "type": "object", + "properties": { + "managedServiceData": { + "type": "string", + "description": "Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" + }, + "policyOption": { + "$ref": "#/types/aws-native:fms:PolicyOption", + "description": "Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy." + }, + "type": { + "$ref": "#/types/aws-native:fms:PolicyType", + "description": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support ." + } + } + }, + "aws-native:fms:PolicyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:fms:PolicyThirdPartyFirewallPolicy": { + "type": "object", + "properties": { + "firewallDeploymentModel": { + "$ref": "#/types/aws-native:fms:PolicyFirewallDeploymentModel", + "description": "Defines the deployment model to use for the third-party firewall policy." + } + } + }, + "aws-native:fms:PolicyType": { + "type": "string" + }, + "aws-native:fms:ResourceSetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:forecast:DatasetAttributesItemProperties": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "Name of the dataset field" + }, + "attributeType": { + "$ref": "#/types/aws-native:forecast:DatasetAttributesItemPropertiesAttributeType", + "description": "Data type of the field" + } + } + }, + "aws-native:forecast:DatasetAttributesItemPropertiesAttributeType": { + "type": "string" + }, + "aws-native:forecast:DatasetDomain": { + "type": "string" + }, + "aws-native:forecast:DatasetGroupDomain": { + "type": "string" + }, + "aws-native:forecast:DatasetGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:forecast:DatasetType": { + "type": "string" + }, + "aws-native:forecast:EncryptionConfigProperties": { + "type": "object", + "properties": { + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the KMS key." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key.\n\nPassing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an `InvalidInputException` error." + } + } + }, + "aws-native:forecast:SchemaProperties": { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:forecast:DatasetAttributesItemProperties" + }, + "description": "An array of attributes specifying the name and type of each field in a dataset." + } + } + }, + "aws-native:forecast:TagsItemProperties": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:frauddetector:DetectorEntityType": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The entity type ARN." + }, + "createdTime": { + "type": "string", + "description": "The time when the entity type was created." + }, + "description": { + "type": "string", + "description": "The description." + }, + "inline": { + "type": "boolean", + "description": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these Variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the entity type was last updated." + }, + "name": { + "type": "string", + "description": "The entity type name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorTag" + }, + "description": "Tags associated with this entity type." + } + } + }, + "aws-native:frauddetector:DetectorEventType": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The ARN of the event type." + }, + "createdTime": { + "type": "string", + "description": "The time when the event type was created." + }, + "description": { + "type": "string", + "description": "The description of the event type." + }, + "entityTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorEntityType" + }, + "description": "The event type entity types." + }, + "eventVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorEventVariable" + }, + "description": "The event type event variables." + }, + "inline": { + "type": "boolean", + "description": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables." + }, + "labels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorLabel" + }, + "description": "The event type labels." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the event type was last updated." + }, + "name": { + "type": "string", + "description": "The name for the event type" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorTag" + }, + "description": "Tags associated with this event type." + } + } + }, + "aws-native:frauddetector:DetectorEventVariable": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The event variable ARN." + }, + "createdTime": { + "type": "string", + "description": "The time when the event variable was created." + }, + "dataSource": { + "$ref": "#/types/aws-native:frauddetector:DetectorEventVariableDataSource", + "description": "The data source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource." + }, + "dataType": { + "$ref": "#/types/aws-native:frauddetector:DetectorEventVariableDataType", + "description": "The data type of the event variable.\n\nValid values: `STRING | INTEGER | BOOLEAN | FLOAT`" + }, + "defaultValue": { + "type": "string", + "description": "The default value of the event variable. This is required if you are providing the details of your variables instead of the ARN." + }, + "description": { + "type": "string", + "description": "The description." + }, + "inline": { + "type": "boolean", + "description": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the event variable was last updated." + }, + "name": { + "type": "string", + "description": "The name of the event variable." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorTag" + }, + "description": "Tags associated with this event variable." + }, + "variableType": { + "$ref": "#/types/aws-native:frauddetector:DetectorEventVariableVariableType", + "description": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) ." + } + } + }, + "aws-native:frauddetector:DetectorEventVariableDataSource": { + "type": "string" + }, + "aws-native:frauddetector:DetectorEventVariableDataType": { + "type": "string" + }, + "aws-native:frauddetector:DetectorEventVariableVariableType": { + "type": "string" + }, + "aws-native:frauddetector:DetectorLabel": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The label ARN." + }, + "createdTime": { + "type": "string", + "description": "The time when the label was created." + }, + "description": { + "type": "string", + "description": "The description." + }, + "inline": { + "type": "boolean", + "description": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the label was last updated." + }, + "name": { + "type": "string", + "description": "The label name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorTag" + }, + "description": "Tags associated with this label." + } + } + }, + "aws-native:frauddetector:DetectorModel": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The ARN of the model." + } + } + }, + "aws-native:frauddetector:DetectorOutcome": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The outcome ARN." + }, + "createdTime": { + "type": "string", + "description": "The time when the outcome was created." + }, + "description": { + "type": "string", + "description": "The description." + }, + "inline": { + "type": "boolean", + "description": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the outcome was last updated." + }, + "name": { + "type": "string", + "description": "The outcome name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorTag" + }, + "description": "Tags associated with this outcome." + } + } + }, + "aws-native:frauddetector:DetectorRule": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The rule ARN." + }, + "createdTime": { + "type": "string", + "description": "The time when the event type was created." + }, + "description": { + "type": "string", + "description": "The description." + }, + "detectorId": { + "type": "string", + "description": "The detector for which the rule is associated." + }, + "expression": { + "type": "string", + "description": "The rule expression. A rule expression captures the business logic. For more information, see [Rule language reference](https://docs.aws.amazon.com/frauddetector/latest/ug/rule-language-reference.html) ." + }, + "language": { + "$ref": "#/types/aws-native:frauddetector:DetectorRuleLanguage", + "description": "The rule language.\n\nValid Value: DETECTORPL" + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the event type was last updated." + }, + "outcomes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorOutcome" + }, + "description": "The rule outcome." + }, + "ruleId": { + "type": "string", + "description": "The rule ID." + }, + "ruleVersion": { + "type": "string", + "description": "The rule version." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:DetectorTag" + }, + "description": "Tags associated with this event type." + } + } + }, + "aws-native:frauddetector:DetectorRuleExecutionMode": { + "type": "string" + }, + "aws-native:frauddetector:DetectorRuleLanguage": { + "type": "string" + }, + "aws-native:frauddetector:DetectorTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A tag key." + }, + "value": { + "type": "string", + "description": "A value assigned to a tag key." + } + } + }, + "aws-native:frauddetector:DetectorVersionStatus": { + "type": "string" + }, + "aws-native:frauddetector:EntityTypeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A tag key." + }, + "value": { + "type": "string", + "description": "A value assigned to a tag key." + } + } + }, + "aws-native:frauddetector:EventTypeEntityType": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The entity type ARN." + }, + "createdTime": { + "type": "string", + "description": "The time when the event type was created." + }, + "description": { + "type": "string", + "description": "The description." + }, + "inline": { + "type": "boolean", + "description": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the event type was last updated." + }, + "name": { + "type": "string", + "description": "The entity type name.\n\n`^[0-9a-z_-]+$`" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:EventTypeTag" + }, + "description": "Tags associated with this event type." + } + } + }, + "aws-native:frauddetector:EventTypeEventVariable": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The event variable ARN." + }, + "createdTime": { + "type": "string", + "description": "The time when the event type was created." + }, + "dataSource": { + "$ref": "#/types/aws-native:frauddetector:EventTypeEventVariableDataSource", + "description": "The source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a event type, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource." + }, + "dataType": { + "$ref": "#/types/aws-native:frauddetector:EventTypeEventVariableDataType", + "description": "The data type of the event variable. For more information, see [Data types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#data-types) ." + }, + "defaultValue": { + "type": "string", + "description": "The default value of the event variable" + }, + "description": { + "type": "string", + "description": "The description." + }, + "inline": { + "type": "boolean", + "description": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the event type was last updated." + }, + "name": { + "type": "string", + "description": "The name of the event variable." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:EventTypeTag" + }, + "description": "Tags associated with this event type." + }, + "variableType": { + "$ref": "#/types/aws-native:frauddetector:EventTypeEventVariableVariableType", + "description": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types) ." + } + } + }, + "aws-native:frauddetector:EventTypeEventVariableDataSource": { + "type": "string" + }, + "aws-native:frauddetector:EventTypeEventVariableDataType": { + "type": "string" + }, + "aws-native:frauddetector:EventTypeEventVariableVariableType": { + "type": "string" + }, + "aws-native:frauddetector:EventTypeLabel": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The label ARN." + }, + "createdTime": { + "type": "string", + "description": "The time when the event type was created." + }, + "description": { + "type": "string", + "description": "The description." + }, + "inline": { + "type": "boolean", + "description": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your EventType but not execute any changes to the variables." + }, + "lastUpdatedTime": { + "type": "string", + "description": "The time when the event type was last updated." + }, + "name": { + "type": "string", + "description": "The label name." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:frauddetector:EventTypeTag" + }, + "description": "Tags associated with this event type." + } + } + }, + "aws-native:frauddetector:EventTypeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A tag key." + }, + "value": { + "type": "string", + "description": "A value assigned to a tag key." + } + } + }, + "aws-native:frauddetector:LabelTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A tag key." + }, + "value": { + "type": "string", + "description": "A value assigned to a tag key." + } + } + }, + "aws-native:frauddetector:ListTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:frauddetector:OutcomeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A tag key." + }, + "value": { + "type": "string", + "description": "A value assigned to a tag key." + } + } + }, + "aws-native:frauddetector:VariableDataSource": { + "type": "string" + }, + "aws-native:frauddetector:VariableDataType": { + "type": "string" + }, + "aws-native:frauddetector:VariableTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A tag key." + }, + "value": { + "type": "string", + "description": "A value assigned to a tag key." + } + } + }, + "aws-native:frauddetector:VariableType": { + "type": "string" + }, + "aws-native:fsx:DataRepositoryAssociationAutoExportPolicy": { + "type": "object", + "properties": { + "events": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:fsx:DataRepositoryAssociationEventType" + }, + "description": "The ``AutoExportPolicy`` can have the following event values:\n + ``NEW`` - New files and directories are automatically exported to the data repository as they are added to the file system.\n + ``CHANGED`` - Changes to files and directories on the file system are automatically exported to the data repository.\n + ``DELETED`` - Files and directories are automatically deleted on the data repository when they are deleted on the file system.\n \n You can define any combination of event types for your ``AutoExportPolicy``." + } + } + }, + "aws-native:fsx:DataRepositoryAssociationAutoImportPolicy": { + "type": "object", + "properties": { + "events": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:fsx:DataRepositoryAssociationEventType" + }, + "description": "The ``AutoImportPolicy`` can have the following event values:\n + ``NEW`` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system.\n + ``CHANGED`` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository.\n + ``DELETED`` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository.\n \n You can define any combination of event types for your ``AutoImportPolicy``." + } + } + }, + "aws-native:fsx:DataRepositoryAssociationEventType": { + "type": "string" + }, + "aws-native:fsx:DataRepositoryAssociationS3": { + "type": "object", + "properties": { + "autoExportPolicy": { + "$ref": "#/types/aws-native:fsx:DataRepositoryAssociationAutoExportPolicy", + "description": "Describes a data repository association's automatic export policy. The ``AutoExportPolicy`` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file.\n The ``AutoExportPolicy`` is only supported on Amazon FSx for Lustre file systems with a data repository association." + }, + "autoImportPolicy": { + "$ref": "#/types/aws-native:fsx:DataRepositoryAssociationAutoImportPolicy", + "description": "Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket.\n The ``AutoImportPolicy`` is only supported on Amazon FSx for Lustre file systems with a data repository association." + } + } + }, + "aws-native:fsx:DataRepositoryAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A value that specifies the ``TagKey``, the name of the tag. Tag keys must be unique for the resource to which they are attached." + }, + "value": { + "type": "string", + "description": "A value that specifies the ``TagValue``, the value assigned to the corresponding tag key. Tag values can be null and don't have to be unique in a tag set. For example, you can have a key-value pair in a tag set of ``finances : April`` and also of ``payroll : April``." + } + } + }, + "aws-native:gamelift:AliasRoutingStrategy": { + "type": "object", + "properties": { + "fleetId": { + "type": "string", + "description": "A unique identifier for a fleet that the alias points to. If you specify SIMPLE for the Type property, you must specify this property." + }, + "message": { + "type": "string", + "description": "The message text to be used with a terminal routing strategy. If you specify TERMINAL for the Type property, you must specify this property." + }, + "type": { + "$ref": "#/types/aws-native:gamelift:AliasRoutingStrategyType", + "description": "Simple routing strategy. The alias resolves to one specific fleet. Use this type when routing to active fleets." + } + } + }, + "aws-native:gamelift:AliasRoutingStrategyType": { + "type": "string" + }, + "aws-native:gamelift:BuildOperatingSystem": { + "type": "string" + }, + "aws-native:gamelift:BuildStorageLocation": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "An Amazon S3 bucket identifier. This is the name of the S3 bucket." + }, + "key": { + "type": "string", + "description": "The name of the zip file that contains the build files or script files." + }, + "objectVersion": { + "type": "string", + "description": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift uses this information when retrieving files from your S3 bucket. To retrieve a specific version of the file, provide an object version. To retrieve the latest version of the file, do not set this parameter." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for an IAM role that allows Amazon GameLift to access the S3 bucket." + } + } + }, + "aws-native:gamelift:ContainerGroupDefinitionContainerDefinition": { + "type": "object", + "properties": { + "command": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The command that's passed to the container." + }, + "containerName": { + "type": "string", + "description": "A descriptive label for the container definition. Container definition names must be unique with a container group definition." + }, + "cpu": { + "type": "integer", + "description": "The maximum number of CPU units reserved for this container. The value is expressed as an integer amount of CPU units. 1 vCPU is equal to 1024 CPU units" + }, + "dependsOn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionContainerDependency" + }, + "description": "A list of container dependencies that determines when this container starts up and shuts down. For container groups with multiple containers, dependencies let you define a startup/shutdown sequence across the containers." + }, + "entryPoint": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The entry point that's passed to the container so that it will run as an executable. If there are multiple arguments, each argument is a string in the array." + }, + "environment": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionContainerEnvironment" + }, + "description": "The environment variables to pass to a container." + }, + "essential": { + "type": "boolean", + "description": "Specifies if the container is essential. If an essential container fails a health check, then all containers in the container group will be restarted. You must specify exactly 1 essential container in a container group." + }, + "healthCheck": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionContainerHealthCheck", + "description": "Specifies how the health of the containers will be checked." + }, + "imageUri": { + "type": "string", + "description": "Specifies the image URI of this container." + }, + "memoryLimits": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionMemoryLimits", + "description": "Specifies how much memory is available to the container. You must specify at least this parameter or the TotalMemoryLimit parameter of the ContainerGroupDefinition." + }, + "portConfiguration": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionPortConfiguration", + "description": "Defines the ports on the container." + }, + "resolvedImageDigest": { + "type": "string", + "description": "The digest of the container image." + }, + "workingDirectory": { + "type": "string", + "description": "The working directory to run commands inside the container in." + } + } + }, + "aws-native:gamelift:ContainerGroupDefinitionContainerDependency": { + "type": "object", + "properties": { + "condition": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionContainerDependencyCondition", + "description": "The type of dependency." + }, + "containerName": { + "type": "string", + "description": "A descriptive label for the container definition. The container being defined depends on this container's condition." + } + } + }, + "aws-native:gamelift:ContainerGroupDefinitionContainerDependencyCondition": { + "type": "string" + }, + "aws-native:gamelift:ContainerGroupDefinitionContainerEnvironment": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The environment variable name." + }, + "value": { + "type": "string", + "description": "The environment variable value." + } + } + }, + "aws-native:gamelift:ContainerGroupDefinitionContainerHealthCheck": { + "type": "object", + "properties": { + "command": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A string array representing the command that the container runs to determine if it is healthy." + }, + "interval": { + "type": "integer", + "description": "How often (in seconds) the health is checked." + }, + "retries": { + "type": "integer", + "description": "How many times the process manager will retry the command after a timeout. (The first run of the command does not count as a retry.)" + }, + "startPeriod": { + "type": "integer", + "description": "The optional grace period (in seconds) to give a container time to boostrap before teh health check is declared failed." + }, + "timeout": { + "type": "integer", + "description": "How many seconds the process manager allows the command to run before canceling it." + } + } + }, + "aws-native:gamelift:ContainerGroupDefinitionContainerPortRange": { + "type": "object", + "properties": { + "fromPort": { + "type": "integer", + "description": "A starting value for the range of allowed port numbers." + }, + "protocol": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionContainerPortRangeProtocol", + "description": "Defines the protocol of these ports." + }, + "toPort": { + "type": "integer", + "description": "An ending value for the range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than FromPort." + } + } + }, + "aws-native:gamelift:ContainerGroupDefinitionContainerPortRangeProtocol": { + "type": "string" + }, + "aws-native:gamelift:ContainerGroupDefinitionMemoryLimits": { + "type": "object", + "properties": { + "hardLimit": { + "type": "integer", + "description": "The hard limit of memory to reserve for the container." + }, + "softLimit": { + "type": "integer", + "description": "The amount of memory that is reserved for the container." + } + } + }, + "aws-native:gamelift:ContainerGroupDefinitionOperatingSystem": { + "type": "string" + }, + "aws-native:gamelift:ContainerGroupDefinitionPortConfiguration": { + "type": "object", + "properties": { + "containerPortRanges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:ContainerGroupDefinitionContainerPortRange" + }, + "description": "Specifies one or more ranges of ports on a container." + } + } + }, + "aws-native:gamelift:ContainerGroupDefinitionSchedulingStrategy": { + "type": "string" + }, + "aws-native:gamelift:ContainerGroupDefinitionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length." + } + } + }, + "aws-native:gamelift:FleetAnywhereConfiguration": { + "type": "object", + "properties": { + "cost": { + "type": "string", + "description": "Cost of compute can be specified on Anywhere Fleets to prioritize placement across Queue destinations based on Cost." + } + } + }, + "aws-native:gamelift:FleetApplyCapacity": { + "type": "string" + }, + "aws-native:gamelift:FleetCertificateConfiguration": { + "type": "object", + "properties": { + "certificateType": { + "$ref": "#/types/aws-native:gamelift:FleetCertificateConfigurationCertificateType", + "description": "Indicates whether a TLS/SSL certificate is generated for a fleet.\n\nValid values include:\n\n- *GENERATED* - Generate a TLS/SSL certificate for this fleet.\n- *DISABLED* - (default) Do not generate a TLS/SSL certificate for this fleet." + } + } + }, + "aws-native:gamelift:FleetCertificateConfigurationCertificateType": { + "type": "string" + }, + "aws-native:gamelift:FleetComputeType": { + "type": "string" + }, + "aws-native:gamelift:FleetConnectionPortRange": { + "type": "object", + "properties": { + "fromPort": { + "type": "integer", + "description": "A starting value for a range of allowed port numbers." + }, + "toPort": { + "type": "integer", + "description": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be higher than FromPort." + } + } + }, + "aws-native:gamelift:FleetContainerGroupsConfiguration": { + "type": "object", + "properties": { + "connectionPortRange": { + "$ref": "#/types/aws-native:gamelift:FleetConnectionPortRange", + "description": "A set of ports to allow inbound traffic, including game clients, to connect to processes running in the container fleet.\n\nConnection ports are dynamically mapped to container ports, which are assigned to individual processes running in a container. The connection port range must have enough ports to map to all container ports across a fleet instance. To calculate the minimum connection ports needed, use the following formula:\n\n*[Total number of container ports as defined for containers in the replica container group] * [Desired or calculated number of replica container groups per instance] + [Total number of container ports as defined for containers in the daemon container group]*\n\nAs a best practice, double the minimum number of connection ports.\n\n\u003e Use the fleet's `EC2InboundPermissions` property to control external access to connection ports. Set this property to the connection port numbers that you want to open access to. See `IpPermission` for more details." + }, + "containerGroupDefinitionNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The names of the container group definitions that will be created in an instance. You must specify exactly one REPLICA container group. You have the option to also specify one DAEMON container group." + }, + "containerGroupsPerInstance": { + "$ref": "#/types/aws-native:gamelift:FleetContainerGroupsPerInstance" + } + } + }, + "aws-native:gamelift:FleetContainerGroupsPerInstance": { + "type": "object", + "properties": { + "desiredReplicaContainerGroupsPerInstance": { + "type": "integer", + "description": "Use this parameter to override the number of replica container groups GameLift will launch per instance with a number that is lower than that calculated maximum." + }, + "maxReplicaContainerGroupsPerInstance": { + "type": "integer", + "description": "GameLift calculates the maximum number of replica container groups it can launch per instance based on instance properties such as CPU, memory, and connection ports." + } + } + }, + "aws-native:gamelift:FleetInstanceRoleCredentialsProvider": { + "type": "string" + }, + "aws-native:gamelift:FleetIpPermission": { + "type": "object", + "properties": { + "fromPort": { + "type": "integer", + "description": "A starting value for a range of allowed port numbers." + }, + "ipRange": { + "type": "string", + "description": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \"000.000.000.000/[subnet mask]\" or optionally the shortened version \"0.0.0.0/[subnet mask]\"." + }, + "protocol": { + "$ref": "#/types/aws-native:gamelift:FleetIpPermissionProtocol", + "description": "The network communication protocol used by the fleet." + }, + "toPort": { + "type": "integer", + "description": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be higher than FromPort." + } + } + }, + "aws-native:gamelift:FleetIpPermissionProtocol": { + "type": "string" + }, + "aws-native:gamelift:FleetLocationCapacity": { + "type": "object", + "properties": { + "desiredEc2Instances": { + "type": "integer", + "description": "The number of EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits." + }, + "maxSize": { + "type": "integer", + "description": "The maximum value that is allowed for the fleet's instance count for a location. When creating a new fleet, GameLift automatically sets this value to \"1\". Once the fleet is active, you can change this value." + }, + "minSize": { + "type": "integer", + "description": "The minimum value allowed for the fleet's instance count for a location. When creating a new fleet, GameLift automatically sets this value to \"0\". After the fleet is active, you can change this value." + } + }, + "irreversibleNames": { + "desiredEc2Instances": "DesiredEC2Instances" + } + }, + "aws-native:gamelift:FleetLocationConfiguration": { + "type": "object", + "properties": { + "location": { + "type": "string", + "description": "An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting." + }, + "locationCapacity": { + "$ref": "#/types/aws-native:gamelift:FleetLocationCapacity", + "description": "Current resource capacity settings for managed EC2 fleets and container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)" + } + } + }, + "aws-native:gamelift:FleetNewGameSessionProtectionPolicy": { + "type": "string" + }, + "aws-native:gamelift:FleetResourceCreationLimitPolicy": { + "type": "object", + "properties": { + "newGameSessionsPerCreator": { + "type": "integer", + "description": "The maximum number of game sessions that an individual can create during the policy period." + }, + "policyPeriodInMinutes": { + "type": "integer", + "description": "The time span used in evaluating the resource creation limit policy." + } + } + }, + "aws-native:gamelift:FleetRuntimeConfiguration": { + "type": "object", + "properties": { + "gameSessionActivationTimeoutSeconds": { + "type": "integer", + "description": "The maximum amount of time (in seconds) that a game session can remain in status ACTIVATING. If the game session is not active before the timeout, activation is terminated and the game session status is changed to TERMINATED." + }, + "maxConcurrentGameSessionActivations": { + "type": "integer", + "description": "The maximum number of game sessions with status ACTIVATING to allow on an instance simultaneously. This setting limits the amount of instance resources that can be used for new game activations at any one time." + }, + "serverProcesses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:FleetServerProcess" + }, + "description": "A collection of server process configurations that describe which server processes to run on each instance in a fleet." + } + } + }, + "aws-native:gamelift:FleetScalingPolicy": { + "type": "object", + "properties": { + "comparisonOperator": { + "$ref": "#/types/aws-native:gamelift:FleetScalingPolicyComparisonOperator", + "description": "Comparison operator to use when measuring a metric against the threshold value." + }, + "evaluationPeriods": { + "type": "integer", + "description": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered." + }, + "location": { + "type": "string", + "description": "The fleet location." + }, + "metricName": { + "$ref": "#/types/aws-native:gamelift:FleetScalingPolicyMetricName", + "description": "Name of the Amazon GameLift-defined metric that is used to trigger a scaling adjustment." + }, + "name": { + "type": "string", + "description": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique." + }, + "policyType": { + "$ref": "#/types/aws-native:gamelift:FleetScalingPolicyPolicyType", + "description": "The type of scaling policy to create. For a target-based policy, set the parameter MetricName to 'PercentAvailableGameSessions' and specify a TargetConfiguration. For a rule-based policy set the following parameters: MetricName, ComparisonOperator, Threshold, EvaluationPeriods, ScalingAdjustmentType, and ScalingAdjustment." + }, + "scalingAdjustment": { + "type": "integer", + "description": "Amount of adjustment to make, based on the scaling adjustment type." + }, + "scalingAdjustmentType": { + "$ref": "#/types/aws-native:gamelift:FleetScalingPolicyScalingAdjustmentType", + "description": "The type of adjustment to make to a fleet's instance count." + }, + "status": { + "$ref": "#/types/aws-native:gamelift:FleetScalingPolicyStatus", + "description": "Current status of the scaling policy. The scaling policy can be in force only when in an ACTIVE status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change." + }, + "targetConfiguration": { + "$ref": "#/types/aws-native:gamelift:FleetTargetConfiguration", + "description": "An object that contains settings for a target-based scaling policy." + }, + "threshold": { + "type": "number", + "description": "Metric value used to trigger a scaling event." + }, + "updateStatus": { + "$ref": "#/types/aws-native:gamelift:FleetScalingPolicyUpdateStatus", + "description": "The current status of the fleet's scaling policies in a requested fleet location. The status PENDING_UPDATE indicates that an update was requested for the fleet but has not yet been completed for the location." + } + } + }, + "aws-native:gamelift:FleetScalingPolicyComparisonOperator": { + "type": "string" + }, + "aws-native:gamelift:FleetScalingPolicyMetricName": { + "type": "string" + }, + "aws-native:gamelift:FleetScalingPolicyPolicyType": { + "type": "string" + }, + "aws-native:gamelift:FleetScalingPolicyScalingAdjustmentType": { + "type": "string" + }, + "aws-native:gamelift:FleetScalingPolicyStatus": { + "type": "string" + }, + "aws-native:gamelift:FleetScalingPolicyUpdateStatus": { + "type": "string" + }, + "aws-native:gamelift:FleetServerProcess": { + "type": "object", + "properties": { + "concurrentExecutions": { + "type": "integer", + "description": "The number of server processes that use this configuration to run concurrently on an instance." + }, + "launchPath": { + "type": "string", + "description": "The location of the server executable in a custom game build or the name of the Realtime script file that contains the Init() function. Game builds and Realtime scripts are installed on instances at the root:\n\nWindows (for custom game builds only): C:\\game. Example: \"C:\\game\\MyGame\\server.exe\"\n\nLinux: /local/game. Examples: \"/local/game/MyGame/server.exe\" or \"/local/game/MyRealtimeScript.js\"" + }, + "parameters": { + "type": "string", + "description": "An optional list of parameters to pass to the server executable or Realtime script on launch." + } + } + }, + "aws-native:gamelift:FleetTargetConfiguration": { + "type": "object", + "properties": { + "targetValue": { + "type": "number", + "description": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions)." + } + } + }, + "aws-native:gamelift:FleetType": { + "type": "string" + }, + "aws-native:gamelift:GameServerGroupAutoScalingPolicy": { + "type": "object", + "properties": { + "estimatedInstanceWarmup": { + "type": "number", + "description": "Length of time, in seconds, it takes for a new instance to start new game server processes and register with Amazon GameLift FleetIQ. Specifying a warm-up time can be useful, particularly with game servers that take a long time to start up, because it avoids prematurely starting new instances." + }, + "targetTrackingConfiguration": { + "$ref": "#/types/aws-native:gamelift:GameServerGroupTargetTrackingConfiguration", + "description": "Settings for a target-based scaling policy applied to Auto Scaling group. These settings are used to create a target-based policy that tracks the GameLift FleetIQ metric `PercentUtilizedGameServers` and specifies a target value for the metric. As player usage changes, the policy triggers to adjust the game server group capacity so that the metric returns to the target value." + } + } + }, + "aws-native:gamelift:GameServerGroupBalancingStrategy": { + "type": "string" + }, + "aws-native:gamelift:GameServerGroupDeleteOption": { + "type": "string" + }, + "aws-native:gamelift:GameServerGroupGameServerProtectionPolicy": { + "type": "string" + }, + "aws-native:gamelift:GameServerGroupInstanceDefinition": { + "type": "object", + "properties": { + "instanceType": { + "type": "string" + }, + "weightedCapacity": { + "type": "string" + } + } + }, + "aws-native:gamelift:GameServerGroupLaunchTemplate": { + "type": "object", + "properties": { + "launchTemplateId": { + "type": "string", + "description": "A unique identifier for an existing Amazon EC2 launch template." + }, + "launchTemplateName": { + "type": "string", + "description": "A readable identifier for an existing Amazon EC2 launch template." + }, + "version": { + "type": "string", + "description": "The version of the Amazon EC2 launch template to use. If no version is specified, the default version will be used. With Amazon EC2, you can specify a default version for a launch template. If none is set, the default is the first version created." + } + } + }, + "aws-native:gamelift:GameServerGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for a developer-defined key:value pair for tagging an AWS resource." + }, + "value": { + "type": "string", + "description": "The value for a developer-defined key:value pair for tagging an AWS resource." + } + } + }, + "aws-native:gamelift:GameServerGroupTargetTrackingConfiguration": { + "type": "object", + "properties": { + "targetValue": { + "type": "number", + "description": "Desired value to use with a game server group target-based scaling policy." + } + } + }, + "aws-native:gamelift:GameSessionQueueDestination": { + "type": "object", + "properties": { + "destinationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that is assigned to fleet or fleet alias. ARNs, which include a fleet ID or alias ID and a Region name, provide a unique identifier across all Regions." + } + } + }, + "aws-native:gamelift:GameSessionQueueFilterConfiguration": { + "type": "object", + "properties": { + "allowedLocations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of locations to allow game session placement in, in the form of AWS Region codes such as `us-west-2` ." + } + } + }, + "aws-native:gamelift:GameSessionQueuePlayerLatencyPolicy": { + "type": "object", + "properties": { + "maximumIndividualPlayerLatencyMilliseconds": { + "type": "integer", + "description": "The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property." + }, + "policyDurationSeconds": { + "type": "integer", + "description": "The length of time, in seconds, that the policy is enforced while placing a new game session." + } + } + }, + "aws-native:gamelift:GameSessionQueuePriorityConfiguration": { + "type": "object", + "properties": { + "locationOrder": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The prioritization order to use for fleet locations, when the `PriorityOrder` property includes `LOCATION` . Locations are identified by AWS Region codes such as `us-west-2` . Each location can only be listed once." + }, + "priorityOrder": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:gamelift:GameSessionQueuePriorityOrderItem" + }, + "description": "The recommended sequence to use when prioritizing where to place new game sessions. Each type can only be listed once.\n\n- `LATENCY` -- FleetIQ prioritizes locations where the average player latency (provided in each game session request) is lowest.\n- `COST` -- FleetIQ prioritizes destinations with the lowest current hosting costs. Cost is evaluated based on the location, instance type, and fleet type (Spot or On-Demand) for each destination in the queue.\n- `DESTINATION` -- FleetIQ prioritizes based on the order that destinations are listed in the queue configuration.\n- `LOCATION` -- FleetIQ prioritizes based on the provided order of locations, as defined in `LocationOrder` ." + } + } + }, + "aws-native:gamelift:GameSessionQueuePriorityOrderItem": { + "type": "string" + }, + "aws-native:gamelift:GameSessionQueueTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length." + } + } + }, + "aws-native:gamelift:LocationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length." + } + } + }, + "aws-native:gamelift:MatchmakingConfigurationBackfillMode": { + "type": "string" + }, + "aws-native:gamelift:MatchmakingConfigurationFlexMatchMode": { + "type": "string" + }, + "aws-native:gamelift:MatchmakingConfigurationGameProperty": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The game property identifier." + }, + "value": { + "type": "string", + "description": "The game property value." + } + } + }, + "aws-native:gamelift:MatchmakingConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length." + } + } + }, + "aws-native:gamelift:MatchmakingRuleSetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length." + } + } + }, + "aws-native:gamelift:ScriptS3Location": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "An Amazon S3 bucket identifier. This is the name of the S3 bucket." + }, + "key": { + "type": "string", + "description": "The name of the zip file that contains the script files." + }, + "objectVersion": { + "type": "string", + "description": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift uses this information when retrieving files from your S3 bucket. To retrieve a specific version of the file, provide an object version. To retrieve the latest version of the file, do not set this parameter." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for an IAM role that allows Amazon GameLift to access the S3 bucket." + } + } + }, + "aws-native:gamelift:ScriptTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length." + } + } + }, + "aws-native:globalaccelerator:AcceleratorIpAddressType": { + "type": "string" + }, + "aws-native:globalaccelerator:AcceleratorTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Key of the tag. Value can be 1 to 127 characters." + }, + "value": { + "type": "string", + "description": "Value for the tag. Value can be 1 to 255 characters." + } + } + }, + "aws-native:globalaccelerator:CrossAccountAttachmentResource": { + "type": "object", + "properties": { + "endpointId": { + "type": "string", + "description": "The endpoint ID for the endpoint that is specified as a AWS resource.\n\nAn endpoint ID for the cross-account feature is the ARN of an AWS resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator." + }, + "region": { + "type": "string", + "description": "The AWS Region where a shared endpoint resource is located." + } + } + }, + "aws-native:globalaccelerator:CrossAccountAttachmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Key of the tag. Value can be 1 to 127 characters." + }, + "value": { + "type": "string", + "description": "Value for the tag. Value can be 1 to 255 characters." + } + } + }, + "aws-native:globalaccelerator:EndpointGroupEndpointConfiguration": { + "type": "object", + "properties": { + "attachmentArn": { + "type": "string", + "description": "Attachment ARN that provides access control to the cross account endpoint. Not required for resources hosted in the same account as the endpoint group." + }, + "clientIpPreservationEnabled": { + "type": "boolean", + "description": "true if client ip should be preserved" + }, + "endpointId": { + "type": "string", + "description": "Id of the endpoint. For Network/Application Load Balancer this value is the ARN. For EIP, this value is the allocation ID. For EC2 instances, this is the EC2 instance ID" + }, + "weight": { + "type": "integer", + "description": "The weight for the endpoint." + } + }, + "irreversibleNames": { + "clientIpPreservationEnabled": "ClientIPPreservationEnabled" + } + }, + "aws-native:globalaccelerator:EndpointGroupHealthCheckProtocol": { + "type": "string" + }, + "aws-native:globalaccelerator:EndpointGroupPortOverride": { + "type": "object", + "properties": { + "endpointPort": { + "type": "integer", + "description": "The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance." + }, + "listenerPort": { + "type": "integer", + "description": "The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on." + } + } + }, + "aws-native:globalaccelerator:ListenerClientAffinity": { + "type": "string" + }, + "aws-native:globalaccelerator:ListenerPortRange": { + "type": "object", + "properties": { + "fromPort": { + "type": "integer", + "description": "The first port in the range of ports, inclusive." + }, + "toPort": { + "type": "integer", + "description": "The last port in the range of ports, inclusive." + } + } + }, + "aws-native:globalaccelerator:ListenerProtocol": { + "type": "string" + }, + "aws-native:glue:RegistryTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key to identify the tag." + }, + "value": { + "type": "string", + "description": "Corresponding tag value for the key." + } + } + }, + "aws-native:glue:SchemaCompatibility": { + "type": "string" + }, + "aws-native:glue:SchemaDataFormat": { + "type": "string" + }, + "aws-native:glue:SchemaRegistry": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "Amazon Resource Name for the Registry." + }, + "name": { + "type": "string", + "description": "Name of the registry in which the schema will be created." + } + } + }, + "aws-native:glue:SchemaTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key to identify the tag." + }, + "value": { + "type": "string", + "description": "Corresponding tag value for the key." + } + } + }, + "aws-native:glue:SchemaVersion": { + "type": "object", + "properties": { + "isLatest": { + "type": "boolean", + "description": "Indicates if the latest version needs to be updated." + }, + "versionNumber": { + "type": "integer", + "description": "Indicates the version number in the schema to update." + } + } + }, + "aws-native:glue:SchemaVersionSchema": { + "type": "object", + "properties": { + "registryName": { + "type": "string", + "description": "Name of the registry to identify where the Schema is located." + }, + "schemaArn": { + "type": "string", + "description": "Amazon Resource Name for the Schema. This attribute can be used to uniquely represent the Schema." + }, + "schemaName": { + "type": "string", + "description": "Name of the schema. This parameter requires RegistryName to be provided." + } + } + }, + "aws-native:glue:TriggerAction": { + "type": "object", + "properties": { + "arguments": { + "$ref": "pulumi.json#/Any", + "description": "The job arguments used when this trigger fires. For this job run, they replace the default arguments set in the job definition itself." + }, + "crawlerName": { + "type": "string", + "description": "The name of the crawler to be used with this action." + }, + "jobName": { + "type": "string", + "description": "The name of a job to be executed." + }, + "notificationProperty": { + "$ref": "#/types/aws-native:glue:TriggerNotificationProperty", + "description": "Specifies configuration properties of a job run notification." + }, + "securityConfiguration": { + "type": "string", + "description": "The name of the SecurityConfiguration structure to be used with this action." + }, + "timeout": { + "type": "integer", + "description": "The JobRun timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job." + } + } + }, + "aws-native:glue:TriggerCondition": { + "type": "object", + "properties": { + "crawlState": { + "type": "string", + "description": "The state of the crawler to which this condition applies." + }, + "crawlerName": { + "type": "string", + "description": "The name of the crawler to which this condition applies." + }, + "jobName": { + "type": "string", + "description": "The name of the job whose JobRuns this condition applies to, and on which this trigger waits." + }, + "logicalOperator": { + "type": "string", + "description": "A logical operator." + }, + "state": { + "type": "string", + "description": "The condition state. Currently, the values supported are SUCCEEDED, STOPPED, TIMEOUT, and FAILED." + } + } + }, + "aws-native:glue:TriggerEventBatchingCondition": { + "type": "object", + "properties": { + "batchSize": { + "type": "integer", + "description": "Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires." + }, + "batchWindow": { + "type": "integer", + "description": "Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received." + } + } + }, + "aws-native:glue:TriggerNotificationProperty": { + "type": "object", + "properties": { + "notifyDelayAfter": { + "type": "integer", + "description": "After a job run starts, the number of minutes to wait before sending a job run delay notification" + } + } + }, + "aws-native:glue:TriggerPredicate": { + "type": "object", + "properties": { + "conditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:glue:TriggerCondition" + }, + "description": "A list of the conditions that determine when the trigger will fire." + }, + "logical": { + "type": "string", + "description": "An optional field if only one condition is listed. If multiple conditions are listed, then this field is required." + } + } + }, + "aws-native:grafana:WorkspaceAccountAccessType": { + "type": "string" + }, + "aws-native:grafana:WorkspaceAssertionAttributes": { + "type": "object", + "properties": { + "email": { + "type": "string", + "description": "Name of the attribute within the SAML assert to use as the users email in Grafana." + }, + "groups": { + "type": "string", + "description": "Name of the attribute within the SAML assert to use as the users groups in Grafana." + }, + "login": { + "type": "string", + "description": "Name of the attribute within the SAML assert to use as the users login handle in Grafana." + }, + "name": { + "type": "string", + "description": "Name of the attribute within the SAML assert to use as the users name in Grafana." + }, + "org": { + "type": "string", + "description": "Name of the attribute within the SAML assert to use as the users organizations in Grafana." + }, + "role": { + "type": "string", + "description": "Name of the attribute within the SAML assert to use as the users roles in Grafana." + } + } + }, + "aws-native:grafana:WorkspaceAuthenticationProviderTypes": { + "type": "string" + }, + "aws-native:grafana:WorkspaceDataSourceType": { + "type": "string" + }, + "aws-native:grafana:WorkspaceIdpMetadata": { + "type": "object", + "properties": { + "url": { + "type": "string", + "description": "URL that vends the IdPs metadata." + }, + "xml": { + "type": "string", + "description": "XML blob of the IdPs metadata." + } + } + }, + "aws-native:grafana:WorkspaceNetworkAccessControl": { + "type": "object", + "properties": { + "prefixListIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration then no IP addresses will be allowed to access the workspace." + }, + "vpceIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of Amazon VPC endpoint IDs for the workspace. If a NetworkAccessConfiguration is specified then only VPC endpoints specified here will be allowed to access the workspace." + } + } + }, + "aws-native:grafana:WorkspaceNotificationDestinationType": { + "type": "string" + }, + "aws-native:grafana:WorkspacePermissionType": { + "type": "string" + }, + "aws-native:grafana:WorkspaceRoleValues": { + "type": "object", + "properties": { + "admin": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of SAML roles which will be mapped into the Grafana Admin role." + }, + "editor": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of SAML roles which will be mapped into the Grafana Editor role." + } + } + }, + "aws-native:grafana:WorkspaceSamlConfiguration": { + "type": "object", + "properties": { + "allowedOrganizations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of SAML organizations allowed to access Grafana." + }, + "assertionAttributes": { + "$ref": "#/types/aws-native:grafana:WorkspaceAssertionAttributes", + "description": "A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace." + }, + "idpMetadata": { + "$ref": "#/types/aws-native:grafana:WorkspaceIdpMetadata", + "description": "A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace." + }, + "loginValidityDuration": { + "type": "number", + "description": "The maximum lifetime an authenticated user can be logged in (in minutes) before being required to re-authenticate." + }, + "roleValues": { + "$ref": "#/types/aws-native:grafana:WorkspaceRoleValues", + "description": "A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace." + } + } + }, + "aws-native:grafana:WorkspaceSamlConfigurationStatus": { + "type": "string" + }, + "aws-native:grafana:WorkspaceStatus": { + "type": "string" + }, + "aws-native:grafana:WorkspaceVpcConfiguration": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect." + } + } + }, + "aws-native:greengrassv2:ComponentVersionComponentDependencyRequirement": { + "type": "object", + "properties": { + "dependencyType": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionComponentDependencyRequirementDependencyType" + }, + "versionRequirement": { + "type": "string" + } + } + }, + "aws-native:greengrassv2:ComponentVersionComponentDependencyRequirementDependencyType": { + "type": "string" + }, + "aws-native:greengrassv2:ComponentVersionComponentPlatform": { + "type": "object", + "properties": { + "attributes": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A dictionary of attributes for the platform. The AWS IoT Greengrass Core software defines the `os` and `platform` by default. You can specify additional platform attributes for a core device when you deploy the AWS IoT Greengrass nucleus component. For more information, see the [AWS IoT Greengrass nucleus component](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) in the *AWS IoT Greengrass V2 Developer Guide* ." + }, + "name": { + "type": "string", + "description": "The friendly name of the platform. This name helps you identify the platform.\n\nIf you omit this parameter, AWS IoT Greengrass creates a friendly name from the `os` and `architecture` of the platform." + } + } + }, + "aws-native:greengrassv2:ComponentVersionLambdaContainerParams": { + "type": "object", + "properties": { + "devices": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaDeviceMount" + }, + "description": "The list of system devices that the container can access." + }, + "memorySizeInKb": { + "type": "integer", + "description": "The memory size of the container, expressed in kilobytes.\n\nDefault: `16384` (16 MB)" + }, + "mountRoSysfs": { + "type": "boolean", + "description": "Whether or not the container can read information from the device's `/sys` folder.\n\nDefault: `false`" + }, + "volumes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaVolumeMount" + }, + "description": "The list of volumes that the container can access." + } + }, + "irreversibleNames": { + "memorySizeInKb": "MemorySizeInKB", + "mountRoSysfs": "MountROSysfs" + } + }, + "aws-native:greengrassv2:ComponentVersionLambdaDeviceMount": { + "type": "object", + "properties": { + "addGroupOwner": { + "type": "boolean", + "description": "Whether or not to add the component's system user as an owner of the device.\n\nDefault: `false`" + }, + "path": { + "type": "string", + "description": "The mount path for the device in the file system." + }, + "permission": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaFilesystemPermission", + "description": "The permission to access the device: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`" + } + } + }, + "aws-native:greengrassv2:ComponentVersionLambdaEventSource": { + "type": "object", + "properties": { + "topic": { + "type": "string", + "description": "The topic to which to subscribe to receive event messages." + }, + "type": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaEventSourceType", + "description": "The type of event source. Choose from the following options:\n\n- `PUB_SUB` – Subscribe to local publish/subscribe messages. This event source type doesn't support MQTT wildcards ( `+` and `#` ) in the event source topic.\n- `IOT_CORE` – Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT wildcards ( `+` and `#` ) in the event source topic." + } + } + }, + "aws-native:greengrassv2:ComponentVersionLambdaEventSourceType": { + "type": "string" + }, + "aws-native:greengrassv2:ComponentVersionLambdaExecutionParameters": { + "type": "object", + "properties": { + "environmentVariables": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The map of environment variables that are available to the Lambda function when it runs." + }, + "eventSources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaEventSource" + }, + "description": "The list of event sources to which to subscribe to receive work messages. The Lambda function runs when it receives a message from an event source. You can subscribe this function to local publish/subscribe messages and AWS IoT Core MQTT messages." + }, + "execArgs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of arguments to pass to the Lambda function when it runs." + }, + "inputPayloadEncodingType": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaExecutionParametersInputPayloadEncodingType", + "description": "The encoding type that the Lambda function supports.\n\nDefault: `json`" + }, + "linuxProcessParams": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaLinuxProcessParams", + "description": "The parameters for the Linux process that contains the Lambda function." + }, + "maxIdleTimeInSeconds": { + "type": "integer", + "description": "The maximum amount of time in seconds that a non-pinned Lambda function can idle before the AWS IoT Greengrass Core software stops its process." + }, + "maxInstancesCount": { + "type": "integer", + "description": "The maximum number of instances that a non-pinned Lambda function can run at the same time." + }, + "maxQueueSize": { + "type": "integer", + "description": "The maximum size of the message queue for the Lambda function component. The AWS IoT Greengrass core device stores messages in a FIFO (first-in-first-out) queue until it can run the Lambda function to consume each message." + }, + "pinned": { + "type": "boolean", + "description": "Whether or not the Lambda function is pinned, or long-lived.\n\n- A pinned Lambda function starts when the AWS IoT Greengrass Core starts and keeps running in its own container.\n- A non-pinned Lambda function starts only when it receives a work item and exists after it idles for `maxIdleTimeInSeconds` . If the function has multiple work items, the AWS IoT Greengrass Core software creates multiple instances of the function.\n\nDefault: `true`" + }, + "statusTimeoutInSeconds": { + "type": "integer", + "description": "The interval in seconds at which a pinned (also known as long-lived) Lambda function component sends status updates to the Lambda manager component." + }, + "timeoutInSeconds": { + "type": "integer", + "description": "The maximum amount of time in seconds that the Lambda function can process a work item." + } + } + }, + "aws-native:greengrassv2:ComponentVersionLambdaExecutionParametersInputPayloadEncodingType": { + "type": "string" + }, + "aws-native:greengrassv2:ComponentVersionLambdaFilesystemPermission": { + "type": "string" + }, + "aws-native:greengrassv2:ComponentVersionLambdaFunctionRecipeSource": { + "type": "object", + "properties": { + "componentDependencies": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionComponentDependencyRequirement" + }, + "description": "The component versions on which this Lambda function component depends." + }, + "componentLambdaParameters": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaExecutionParameters", + "description": "The system and runtime parameters for the Lambda function as it runs on the AWS IoT Greengrass core device." + }, + "componentName": { + "type": "string", + "description": "The name of the component.\n\nDefaults to the name of the Lambda function." + }, + "componentPlatforms": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionComponentPlatform" + }, + "description": "The platforms that the component version supports." + }, + "componentVersion": { + "type": "string", + "description": "The version of the component.\n\nDefaults to the version of the Lambda function as a semantic version. For example, if your function version is `3` , the component version becomes `3.0.0` ." + }, + "lambdaArn": { + "type": "string", + "description": "The ARN of the Lambda function. The ARN must include the version of the function to import. You can't use version aliases like `$LATEST` ." + } + } + }, + "aws-native:greengrassv2:ComponentVersionLambdaLinuxProcessParams": { + "type": "object", + "properties": { + "containerParams": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaContainerParams", + "description": "The parameters for the container in which the Lambda function runs." + }, + "isolationMode": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaLinuxProcessParamsIsolationMode", + "description": "The isolation mode for the process that contains the Lambda function. The process can run in an isolated runtime environment inside the AWS IoT Greengrass container, or as a regular process outside any container.\n\nDefault: `GreengrassContainer`" + } + } + }, + "aws-native:greengrassv2:ComponentVersionLambdaLinuxProcessParamsIsolationMode": { + "type": "string" + }, + "aws-native:greengrassv2:ComponentVersionLambdaVolumeMount": { + "type": "object", + "properties": { + "addGroupOwner": { + "type": "boolean", + "description": "Whether or not to add the AWS IoT Greengrass user group as an owner of the volume.\n\nDefault: `false`" + }, + "destinationPath": { + "type": "string", + "description": "The path to the logical volume in the file system." + }, + "permission": { + "$ref": "#/types/aws-native:greengrassv2:ComponentVersionLambdaFilesystemPermission", + "description": "The permission to access the volume: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`" + }, + "sourcePath": { + "type": "string", + "description": "The path to the physical volume in the file system." + } + } + }, + "aws-native:greengrassv2:DeploymentComponentConfigurationUpdate": { + "type": "object", + "properties": { + "merge": { + "type": "string" + }, + "reset": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:greengrassv2:DeploymentComponentDeploymentSpecification": { + "type": "object", + "properties": { + "componentVersion": { + "type": "string" + }, + "configurationUpdate": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentComponentConfigurationUpdate" + }, + "runWith": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentComponentRunWith" + } + } + }, + "aws-native:greengrassv2:DeploymentComponentRunWith": { + "type": "object", + "properties": { + "posixUser": { + "type": "string" + }, + "systemResourceLimits": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentSystemResourceLimits" + }, + "windowsUser": { + "type": "string" + } + } + }, + "aws-native:greengrassv2:DeploymentComponentUpdatePolicy": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentComponentUpdatePolicyAction", + "description": "Whether or not to notify components and wait for components to become safe to update. Choose from the following options:\n\n- `NOTIFY_COMPONENTS` – The deployment notifies each component before it stops and updates that component. Components can use the [SubscribeToComponentUpdates](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-subscribetocomponentupdates) IPC operation to receive these notifications. Then, components can respond with the [DeferComponentUpdate](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) IPC operation. For more information, see the [Create deployments](https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n- `SKIP_NOTIFY_COMPONENTS` – The deployment doesn't notify components or wait for them to be safe to update.\n\nDefault: `NOTIFY_COMPONENTS`" + }, + "timeoutInSeconds": { + "type": "integer", + "description": "The amount of time in seconds that each component on a device has to report that it's safe to update. If the component waits for longer than this timeout, then the deployment proceeds on the device.\n\nDefault: `60`" + } + } + }, + "aws-native:greengrassv2:DeploymentComponentUpdatePolicyAction": { + "type": "string" + }, + "aws-native:greengrassv2:DeploymentConfigurationValidationPolicy": { + "type": "object", + "properties": { + "timeoutInSeconds": { + "type": "integer", + "description": "The amount of time in seconds that a component can validate its configuration updates. If the validation time exceeds this timeout, then the deployment proceeds for the device.\n\nDefault: `30`" + } + } + }, + "aws-native:greengrassv2:DeploymentIoTJobAbortConfig": { + "type": "object", + "properties": { + "criteriaList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentIoTJobAbortCriteria" + }, + "description": "The list of criteria that define when and how to cancel the configuration deployment." + } + } + }, + "aws-native:greengrassv2:DeploymentIoTJobAbortCriteria": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentIoTJobAbortCriteriaAction", + "description": "The action to perform when the criteria are met." + }, + "failureType": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentIoTJobAbortCriteriaFailureType", + "description": "The type of job deployment failure that can cancel a job." + }, + "minNumberOfExecutedThings": { + "type": "integer", + "description": "The minimum number of things that receive the configuration before the job can cancel." + }, + "thresholdPercentage": { + "type": "number", + "description": "The minimum percentage of `failureType` failures that occur before the job can cancel.\n\nThis parameter supports up to two digits after the decimal (for example, you can specify `10.9` or `10.99` , but not `10.999` )." + } + } + }, + "aws-native:greengrassv2:DeploymentIoTJobAbortCriteriaAction": { + "type": "string" + }, + "aws-native:greengrassv2:DeploymentIoTJobAbortCriteriaFailureType": { + "type": "string" + }, + "aws-native:greengrassv2:DeploymentIoTJobConfiguration": { + "type": "object", + "properties": { + "abortConfig": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentIoTJobAbortConfig", + "description": "The stop configuration for the job. This configuration defines when and how to stop a job rollout." + }, + "jobExecutionsRolloutConfig": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentIoTJobExecutionsRolloutConfig", + "description": "The rollout configuration for the job. This configuration defines the rate at which the job rolls out to the fleet of target devices." + }, + "timeoutConfig": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentIoTJobTimeoutConfig", + "description": "The timeout configuration for the job. This configuration defines the amount of time each device has to complete the job." + } + } + }, + "aws-native:greengrassv2:DeploymentIoTJobExecutionsRolloutConfig": { + "type": "object", + "properties": { + "exponentialRate": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentIoTJobExponentialRolloutRate", + "description": "The exponential rate to increase the job rollout rate." + }, + "maximumPerMinute": { + "type": "integer", + "description": "The maximum number of devices that receive a pending job notification, per minute." + } + } + }, + "aws-native:greengrassv2:DeploymentIoTJobExponentialRolloutRate": { + "type": "object", + "properties": { + "baseRatePerMinute": { + "type": "integer", + "description": "The minimum number of devices that receive a pending job notification, per minute, when the job starts. This parameter defines the initial rollout rate of the job." + }, + "incrementFactor": { + "type": "number", + "description": "The exponential factor to increase the rollout rate for the job.\n\nThis parameter supports up to one digit after the decimal (for example, you can specify `1.5` , but not `1.55` )." + }, + "rateIncreaseCriteria": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentIoTJobRateIncreaseCriteria", + "description": "The criteria to increase the rollout rate for the job." + } + } + }, + "aws-native:greengrassv2:DeploymentIoTJobRateIncreaseCriteria": { + "type": "object" + }, + "aws-native:greengrassv2:DeploymentIoTJobTimeoutConfig": { + "type": "object", + "properties": { + "inProgressTimeoutInMinutes": { + "type": "integer", + "description": "The amount of time, in minutes, that devices have to complete the job. The timer starts when the job status is set to `IN_PROGRESS` . If the job status doesn't change to a terminal state before the time expires, then the job status is set to `TIMED_OUT` .\n\nThe timeout interval must be between 1 minute and 7 days (10080 minutes)." + } + } + }, + "aws-native:greengrassv2:DeploymentPolicies": { + "type": "object", + "properties": { + "componentUpdatePolicy": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentComponentUpdatePolicy", + "description": "The component update policy for the configuration deployment. This policy defines when it's safe to deploy the configuration to devices." + }, + "configurationValidationPolicy": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentConfigurationValidationPolicy", + "description": "The configuration validation policy for the configuration deployment. This policy defines how long each component has to validate its configure updates." + }, + "failureHandlingPolicy": { + "$ref": "#/types/aws-native:greengrassv2:DeploymentPoliciesFailureHandlingPolicy", + "description": "The failure handling policy for the configuration deployment. This policy defines what to do if the deployment fails.\n\nDefault: `ROLLBACK`" + } + } + }, + "aws-native:greengrassv2:DeploymentPoliciesFailureHandlingPolicy": { + "type": "string" + }, + "aws-native:greengrassv2:DeploymentSystemResourceLimits": { + "type": "object", + "properties": { + "cpus": { + "type": "number" + }, + "memory": { + "type": "integer" + } + } + }, + "aws-native:groundstation:ConfigAntennaDownlinkConfig": { + "type": "object", + "properties": { + "spectrumConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigSpectrumConfig", + "description": "Defines the spectrum configuration." + } + } + }, + "aws-native:groundstation:ConfigAntennaDownlinkDemodDecodeConfig": { + "type": "object", + "properties": { + "decodeConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigDecodeConfig", + "description": "Defines how the RF signal will be decoded." + }, + "demodulationConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigDemodulationConfig", + "description": "Defines how the RF signal will be demodulated." + }, + "spectrumConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigSpectrumConfig", + "description": "Defines the spectrum configuration." + } + } + }, + "aws-native:groundstation:ConfigAntennaUplinkConfig": { + "type": "object", + "properties": { + "spectrumConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigUplinkSpectrumConfig", + "description": "Defines the spectrum configuration." + }, + "targetEirp": { + "$ref": "#/types/aws-native:groundstation:ConfigEirp", + "description": "The equivalent isotropically radiated power (EIRP) to use for uplink transmissions. Valid values are between 20.0 to 50.0 dBW." + }, + "transmitDisabled": { + "type": "boolean", + "description": "Whether or not uplink transmit is disabled." + } + } + }, + "aws-native:groundstation:ConfigBandwidthUnits": { + "type": "string" + }, + "aws-native:groundstation:ConfigData": { + "type": "object", + "properties": { + "antennaDownlinkConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigAntennaDownlinkConfig", + "description": "Provides information for an antenna downlink config object. Antenna downlink config objects are used to provide parameters for downlinks where no demodulation or decoding is performed by Ground Station (RF over IP downlinks)." + }, + "antennaDownlinkDemodDecodeConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigAntennaDownlinkDemodDecodeConfig", + "description": "Provides information for a downlink demod decode config object. Downlink demod decode config objects are used to provide parameters for downlinks where the Ground Station service will demodulate and decode the downlinked data." + }, + "antennaUplinkConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigAntennaUplinkConfig", + "description": "Provides information for an uplink config object. Uplink config objects are used to provide parameters for uplink contacts." + }, + "dataflowEndpointConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigDataflowEndpointConfig", + "description": "Provides information for a dataflow endpoint config object. Dataflow endpoint config objects are used to provide parameters about which IP endpoint(s) to use during a contact. Dataflow endpoints are where Ground Station sends data during a downlink contact and where Ground Station receives data to send to the satellite during an uplink contact." + }, + "s3RecordingConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigS3RecordingConfig", + "description": "Provides information for an S3 recording config object. S3 recording config objects are used to provide parameters for S3 recording during downlink contacts." + }, + "trackingConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigTrackingConfig", + "description": "Provides information for a tracking config object. Tracking config objects are used to provide parameters about how to track the satellite through the sky during a contact." + }, + "uplinkEchoConfig": { + "$ref": "#/types/aws-native:groundstation:ConfigUplinkEchoConfig", + "description": "Provides information for an uplink echo config object. Uplink echo config objects are used to provide parameters for uplink echo during uplink contacts." + } + }, + "irreversibleNames": { + "s3RecordingConfig": "S3RecordingConfig" + } + }, + "aws-native:groundstation:ConfigDataflowEndpointConfig": { + "type": "object", + "properties": { + "dataflowEndpointName": { + "type": "string", + "description": "The name of the dataflow endpoint to use during contacts." + }, + "dataflowEndpointRegion": { + "type": "string", + "description": "The region of the dataflow endpoint to use during contacts. When omitted, Ground Station will use the region of the contact." + } + } + }, + "aws-native:groundstation:ConfigDecodeConfig": { + "type": "object", + "properties": { + "unvalidatedJson": { + "type": "string", + "description": "The decoding settings are in JSON format and define a set of steps to perform to decode the data." + } + }, + "irreversibleNames": { + "unvalidatedJson": "UnvalidatedJSON" + } + }, + "aws-native:groundstation:ConfigDemodulationConfig": { + "type": "object", + "properties": { + "unvalidatedJson": { + "type": "string", + "description": "The demodulation settings are in JSON format and define parameters for demodulation, for example which modulation scheme (e.g. PSK, QPSK, etc.) and matched filter to use." + } + }, + "irreversibleNames": { + "unvalidatedJson": "UnvalidatedJSON" + } + }, + "aws-native:groundstation:ConfigEirp": { + "type": "object", + "properties": { + "units": { + "$ref": "#/types/aws-native:groundstation:ConfigEirpUnits", + "description": "The units of the EIRP." + }, + "value": { + "type": "number", + "description": "The value of the EIRP. Valid values are between 20.0 to 50.0 dBW." + } + } + }, + "aws-native:groundstation:ConfigEirpUnits": { + "type": "string" + }, + "aws-native:groundstation:ConfigFrequency": { + "type": "object", + "properties": { + "units": { + "$ref": "#/types/aws-native:groundstation:ConfigFrequencyUnits", + "description": "The units of the frequency." + }, + "value": { + "type": "number", + "description": "The value of the frequency. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink." + } + } + }, + "aws-native:groundstation:ConfigFrequencyBandwidth": { + "type": "object", + "properties": { + "units": { + "$ref": "#/types/aws-native:groundstation:ConfigBandwidthUnits", + "description": "The units of the bandwidth." + }, + "value": { + "type": "number", + "description": "The value of the bandwidth. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz." + } + } + }, + "aws-native:groundstation:ConfigFrequencyUnits": { + "type": "string" + }, + "aws-native:groundstation:ConfigPolarization": { + "type": "string" + }, + "aws-native:groundstation:ConfigS3RecordingConfig": { + "type": "object", + "properties": { + "bucketArn": { + "type": "string", + "description": "S3 Bucket where the data is written. The name of the S3 Bucket provided must begin with `aws-groundstation` ." + }, + "prefix": { + "type": "string", + "description": "The prefix of the S3 data object. If you choose to use any optional keys for substitution, these values will be replaced with the corresponding information from your contact details. For example, a prefix of `{satellite_id}/{year}/{month}/{day}/` will replaced with `fake_satellite_id/2021/01/10/`\n\n*Optional keys for substitution* : `{satellite_id}` | `{config-name}` | `{config-id}` | `{year}` | `{month}` | `{day}`" + }, + "roleArn": { + "type": "string", + "description": "Defines the ARN of the role assumed for putting archives to S3." + } + } + }, + "aws-native:groundstation:ConfigSpectrumConfig": { + "type": "object", + "properties": { + "bandwidth": { + "$ref": "#/types/aws-native:groundstation:ConfigFrequencyBandwidth", + "description": "The bandwidth of the spectrum. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz." + }, + "centerFrequency": { + "$ref": "#/types/aws-native:groundstation:ConfigFrequency", + "description": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink." + }, + "polarization": { + "$ref": "#/types/aws-native:groundstation:ConfigPolarization", + "description": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` . Capturing both `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` polarization requires two separate configs." + } + } + }, + "aws-native:groundstation:ConfigTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:groundstation:ConfigTrackingConfig": { + "type": "object", + "properties": { + "autotrack": { + "$ref": "#/types/aws-native:groundstation:ConfigTrackingConfigAutotrack", + "description": "Specifies whether or not to use autotrack. `REMOVED` specifies that program track should only be used during the contact. `PREFERRED` specifies that autotracking is preferred during the contact but fallback to program track if the signal is lost. `REQUIRED` specifies that autotracking is required during the contact and not to use program track if the signal is lost." + } + } + }, + "aws-native:groundstation:ConfigTrackingConfigAutotrack": { + "type": "string" + }, + "aws-native:groundstation:ConfigUplinkEchoConfig": { + "type": "object", + "properties": { + "antennaUplinkConfigArn": { + "type": "string", + "description": "Defines the ARN of the uplink config to echo back to a dataflow endpoint." + }, + "enabled": { + "type": "boolean", + "description": "Whether or not uplink echo is enabled." + } + } + }, + "aws-native:groundstation:ConfigUplinkSpectrumConfig": { + "type": "object", + "properties": { + "centerFrequency": { + "$ref": "#/types/aws-native:groundstation:ConfigFrequency", + "description": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink." + }, + "polarization": { + "$ref": "#/types/aws-native:groundstation:ConfigPolarization", + "description": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` ." + } + } + }, + "aws-native:groundstation:DataflowEndpointGroupAgentStatus": { + "type": "string" + }, + "aws-native:groundstation:DataflowEndpointGroupAuditResults": { + "type": "string" + }, + "aws-native:groundstation:DataflowEndpointGroupAwsGroundStationAgentEndpoint": { + "type": "object", + "properties": { + "agentStatus": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupAgentStatus" + }, + "auditResults": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupAuditResults" + }, + "egressAddress": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupConnectionDetails" + }, + "ingressAddress": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupRangedConnectionDetails" + }, + "name": { + "type": "string" + } + } + }, + "aws-native:groundstation:DataflowEndpointGroupConnectionDetails": { + "type": "object", + "properties": { + "mtu": { + "type": "integer", + "description": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint." + }, + "socketAddress": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupSocketAddress", + "description": "A socket address." + } + } + }, + "aws-native:groundstation:DataflowEndpointGroupDataflowEndpoint": { + "type": "object", + "properties": { + "address": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupSocketAddress", + "description": "The address and port of an endpoint." + }, + "mtu": { + "type": "integer", + "description": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. Valid values are between 1400 and 1500. A default value of 1500 is used if not set." + }, + "name": { + "type": "string", + "description": "The endpoint name.\n\nWhen listing available contacts for a satellite, Ground Station searches for a dataflow endpoint whose name matches the value specified by the dataflow endpoint config of the selected mission profile. If no matching dataflow endpoints are found then Ground Station will not display any available contacts for the satellite." + } + } + }, + "aws-native:groundstation:DataflowEndpointGroupEndpointDetails": { + "type": "object", + "properties": { + "awsGroundStationAgentEndpoint": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupAwsGroundStationAgentEndpoint", + "description": "An agent endpoint." + }, + "endpoint": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupDataflowEndpoint", + "description": "Information about the endpoint such as name and the endpoint address." + }, + "securityDetails": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupSecurityDetails", + "description": "The role ARN, and IDs for security groups and subnets." + } + } + }, + "aws-native:groundstation:DataflowEndpointGroupIntegerRange": { + "type": "object", + "properties": { + "maximum": { + "type": "integer", + "description": "A maximum value." + }, + "minimum": { + "type": "integer", + "description": "A minimum value." + } + } + }, + "aws-native:groundstation:DataflowEndpointGroupRangedConnectionDetails": { + "type": "object", + "properties": { + "mtu": { + "type": "integer", + "description": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint." + }, + "socketAddress": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupRangedSocketAddress", + "description": "A ranged socket address." + } + } + }, + "aws-native:groundstation:DataflowEndpointGroupRangedSocketAddress": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "IPv4 socket address." + }, + "portRange": { + "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupIntegerRange", + "description": "Port range of a socket address." + } + } + }, + "aws-native:groundstation:DataflowEndpointGroupSecurityDetails": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "The ARN of a role which Ground Station has permission to assume, such as `arn:aws:iam::1234567890:role/DataDeliveryServiceRole` .\n\nGround Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security group Ids of the security role, such as `sg-1234567890abcdef0` ." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The subnet Ids of the security details, such as `subnet-12345678` ." + } + } + }, + "aws-native:groundstation:DataflowEndpointGroupSocketAddress": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the endpoint, such as `Endpoint 1` ." + }, + "port": { + "type": "integer", + "description": "The port of the endpoint, such as `55888` ." + } + } + }, + "aws-native:groundstation:DataflowEndpointGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:groundstation:MissionProfileDataflowEdge": { + "type": "object", + "properties": { + "destination": { + "type": "string", + "description": "The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge." + }, + "source": { + "type": "string", + "description": "The ARN of the source for this dataflow edge. For example, specify the ARN of an antenna downlink config for a downlink edge or a dataflow endpoint config for an uplink edge." + } + } + }, + "aws-native:groundstation:MissionProfileStreamsKmsKey": { + "type": "object", + "properties": { + "kmsAliasArn": { + "type": "string" + }, + "kmsKeyArn": { + "type": "string" + } + } + }, + "aws-native:groundstation:MissionProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:guardduty:DetectorCfnDataSourceConfigurations": { + "type": "object", + "properties": { + "kubernetes": { + "$ref": "#/types/aws-native:guardduty:DetectorCfnKubernetesConfiguration", + "description": "Describes which Kubernetes data sources are enabled for a detector." + }, + "malwareProtection": { + "$ref": "#/types/aws-native:guardduty:DetectorCfnMalwareProtectionConfiguration", + "description": "Describes whether Malware Protection will be enabled as a data source." + }, + "s3Logs": { + "$ref": "#/types/aws-native:guardduty:DetectorCfns3LogsConfiguration", + "description": "Describes whether S3 data event logs are enabled as a data source." + } + }, + "irreversibleNames": { + "s3Logs": "S3Logs" + } + }, + "aws-native:guardduty:DetectorCfnFeatureAdditionalConfiguration": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the additional configuration." + }, + "status": { + "type": "string", + "description": "Status of the additional configuration." + } + } + }, + "aws-native:guardduty:DetectorCfnFeatureConfiguration": { + "type": "object", + "properties": { + "additionalConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:guardduty:DetectorCfnFeatureAdditionalConfiguration" + }, + "description": "Information about the additional configuration of a feature in your account." + }, + "name": { + "type": "string", + "description": "Name of the feature. For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* ." + }, + "status": { + "$ref": "#/types/aws-native:guardduty:DetectorCfnFeatureConfigurationStatus", + "description": "Status of the feature configuration." + } + } + }, + "aws-native:guardduty:DetectorCfnFeatureConfigurationStatus": { + "type": "string" + }, + "aws-native:guardduty:DetectorCfnKubernetesAuditLogsConfiguration": { + "type": "object", + "properties": { + "enable": { + "type": "boolean", + "description": "Describes whether Kubernetes audit logs are enabled as a data source for the detector." + } + } + }, + "aws-native:guardduty:DetectorCfnKubernetesConfiguration": { + "type": "object", + "properties": { + "auditLogs": { + "$ref": "#/types/aws-native:guardduty:DetectorCfnKubernetesAuditLogsConfiguration", + "description": "Describes whether Kubernetes audit logs are enabled as a data source for the detector." + } + } + }, + "aws-native:guardduty:DetectorCfnMalwareProtectionConfiguration": { + "type": "object", + "properties": { + "scanEc2InstanceWithFindings": { + "$ref": "#/types/aws-native:guardduty:DetectorCfnScanEc2InstanceWithFindingsConfiguration", + "description": "Describes the configuration of Malware Protection for EC2 instances with findings." + } + } + }, + "aws-native:guardduty:DetectorCfnScanEc2InstanceWithFindingsConfiguration": { + "type": "object", + "properties": { + "ebsVolumes": { + "type": "boolean", + "description": "Describes the configuration for scanning EBS volumes as data source." + } + } + }, + "aws-native:guardduty:DetectorCfns3LogsConfiguration": { + "type": "object", + "properties": { + "enable": { + "type": "boolean", + "description": "The status of S3 data event logs as a data source." + } + } + }, + "aws-native:guardduty:DetectorTagItem": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:guardduty:FilterCondition": { + "type": "object", + "properties": { + "eq": { + "type": "array", + "items": { + "type": "string" + } + }, + "equals": { + "type": "array", + "items": { + "type": "string" + } + }, + "greaterThan": { + "type": "integer" + }, + "greaterThanOrEqual": { + "type": "integer" + }, + "gt": { + "type": "integer" + }, + "gte": { + "type": "integer" + }, + "lessThan": { + "type": "integer" + }, + "lessThanOrEqual": { + "type": "integer" + }, + "lt": { + "type": "integer" + }, + "lte": { + "type": "integer" + }, + "neq": { + "type": "array", + "items": { + "type": "string" + } + }, + "notEquals": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:guardduty:FilterFindingCriteria": { + "type": "object", + "properties": { + "criterion": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:guardduty:FilterCondition" + }, + "description": "Represents a map of finding properties that match specified conditions and values when querying findings.\n\nFor information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion:\n\n- accountId\n- id\n- region\n- severity\n\nTo filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition:\n\n- *Low* : `[\"1\", \"2\", \"3\"]`\n- *Medium* : `[\"4\", \"5\", \"6\"]`\n- *High* : `[\"7\", \"8\", \"9\"]`\n\nFor more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* .\n- type\n- updatedAt\n\nType: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds.\n- resource.accessKeyDetails.accessKeyId\n- resource.accessKeyDetails.principalId\n- resource.accessKeyDetails.userName\n- resource.accessKeyDetails.userType\n- resource.instanceDetails.iamInstanceProfile.id\n- resource.instanceDetails.imageId\n- resource.instanceDetails.instanceId\n- resource.instanceDetails.tags.key\n- resource.instanceDetails.tags.value\n- resource.instanceDetails.networkInterfaces.ipv6Addresses\n- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress\n- resource.instanceDetails.networkInterfaces.publicDnsName\n- resource.instanceDetails.networkInterfaces.publicIp\n- resource.instanceDetails.networkInterfaces.securityGroups.groupId\n- resource.instanceDetails.networkInterfaces.securityGroups.groupName\n- resource.instanceDetails.networkInterfaces.subnetId\n- resource.instanceDetails.networkInterfaces.vpcId\n- resource.instanceDetails.outpostArn\n- resource.resourceType\n- resource.s3BucketDetails.publicAccess.effectivePermissions\n- resource.s3BucketDetails.name\n- resource.s3BucketDetails.tags.key\n- resource.s3BucketDetails.tags.value\n- resource.s3BucketDetails.type\n- service.action.actionType\n- service.action.awsApiCallAction.api\n- service.action.awsApiCallAction.callerType\n- service.action.awsApiCallAction.errorCode\n- service.action.awsApiCallAction.remoteIpDetails.city.cityName\n- service.action.awsApiCallAction.remoteIpDetails.country.countryName\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.awsApiCallAction.remoteIpDetails.organization.asn\n- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg\n- service.action.awsApiCallAction.serviceName\n- service.action.dnsRequestAction.domain\n- service.action.dnsRequestAction.domainWithSuffix\n- service.action.networkConnectionAction.blocked\n- service.action.networkConnectionAction.connectionDirection\n- service.action.networkConnectionAction.localPortDetails.port\n- service.action.networkConnectionAction.protocol\n- service.action.networkConnectionAction.remoteIpDetails.city.cityName\n- service.action.networkConnectionAction.remoteIpDetails.country.countryName\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV6\n- service.action.networkConnectionAction.remoteIpDetails.organization.asn\n- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg\n- service.action.networkConnectionAction.remotePortDetails.port\n- service.action.awsApiCallAction.remoteAccountDetails.affiliated\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.kubernetesApiCallAction.namespace\n- service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn\n- service.action.kubernetesApiCallAction.requestUri\n- service.action.kubernetesApiCallAction.statusCode\n- service.action.networkConnectionAction.localIpDetails.ipAddressV4\n- service.action.networkConnectionAction.localIpDetails.ipAddressV6\n- service.action.networkConnectionAction.protocol\n- service.action.awsApiCallAction.serviceName\n- service.action.awsApiCallAction.remoteAccountDetails.accountId\n- service.additionalInfo.threatListName\n- service.resourceRole\n- resource.eksClusterDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.namespace\n- resource.kubernetesDetails.kubernetesUserDetails.username\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix\n- service.ebsVolumeScanDetails.scanId\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash\n- service.malwareScanDetails.threats.name\n- resource.ecsClusterDetails.name\n- resource.ecsClusterDetails.taskDetails.containers.image\n- resource.ecsClusterDetails.taskDetails.definitionArn\n- resource.containerDetails.image\n- resource.rdsDbInstanceDetails.dbInstanceIdentifier\n- resource.rdsDbInstanceDetails.dbClusterIdentifier\n- resource.rdsDbInstanceDetails.engine\n- resource.rdsDbUserDetails.user\n- resource.rdsDbInstanceDetails.tags.key\n- resource.rdsDbInstanceDetails.tags.value\n- service.runtimeDetails.process.executableSha256\n- service.runtimeDetails.process.name\n- service.runtimeDetails.process.name\n- resource.lambdaDetails.functionName\n- resource.lambdaDetails.functionArn\n- resource.lambdaDetails.tags.key\n- resource.lambdaDetails.tags.value" + } + } + }, + "aws-native:guardduty:FilterTagItem": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:guardduty:IpSetTagItem": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:guardduty:MalwareProtectionPlanCfnActions": { + "type": "object", + "properties": { + "tagging": { + "$ref": "#/types/aws-native:guardduty:MalwareProtectionPlanCfnTagging", + "description": "Contains information about tagging status of the Malware Protection plan resource." + } + } + }, + "aws-native:guardduty:MalwareProtectionPlanCfnProtectedResource": { + "type": "object", + "properties": { + "s3Bucket": { + "$ref": "#/types/aws-native:guardduty:MalwareProtectionPlanCfnProtectedResourceS3BucketProperties", + "description": "Information about the protected S3 bucket resource." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket" + } + }, + "aws-native:guardduty:MalwareProtectionPlanCfnProtectedResourceS3BucketProperties": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "Name of the S3 bucket." + }, + "objectPrefixes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Information about the specified object prefixes. The S3 object will be scanned only if it belongs to any of the specified object prefixes." + } + } + }, + "aws-native:guardduty:MalwareProtectionPlanCfnStatusReasons": { + "type": "object", + "properties": { + "code": { + "type": "string", + "description": "The status code of the Malware Protection plan." + }, + "message": { + "type": "string", + "description": "Issue message that specifies the reason." + } + } + }, + "aws-native:guardduty:MalwareProtectionPlanCfnTagging": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "Indicates whether or not you chose GuardDuty to add a predefined tag to the scanned S3 object." + } + } + }, + "aws-native:guardduty:MalwareProtectionPlanTagItem": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:guardduty:ThreatIntelSetTagItem": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:healthimaging:DatastoreStatus": { + "type": "string" + }, + "aws-native:healthlake:FhirDatastoreCreatedAt": { + "type": "object", + "properties": { + "nanos": { + "type": "integer", + "description": "Nanoseconds." + }, + "seconds": { + "type": "string", + "description": "Seconds since epoch." + } + } + }, + "aws-native:healthlake:FhirDatastoreDatastoreStatus": { + "type": "string" + }, + "aws-native:healthlake:FhirDatastoreDatastoreTypeVersion": { + "type": "string" + }, + "aws-native:healthlake:FhirDatastoreIdentityProviderConfiguration": { + "type": "object", + "properties": { + "authorizationStrategy": { + "$ref": "#/types/aws-native:healthlake:FhirDatastoreIdentityProviderConfigurationAuthorizationStrategy", + "description": "Type of Authorization Strategy. The two types of supported Authorization strategies are SMART_ON_FHIR_V1 and AWS_AUTH." + }, + "fineGrainedAuthorizationEnabled": { + "type": "boolean", + "description": "Flag to indicate if fine-grained authorization will be enabled for the datastore" + }, + "idpLambdaArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Lambda function that will be used to decode the access token created by the authorization server." + }, + "metadata": { + "type": "string", + "description": "The JSON metadata elements for identity provider configuration." + } + } + }, + "aws-native:healthlake:FhirDatastoreIdentityProviderConfigurationAuthorizationStrategy": { + "type": "string" + }, + "aws-native:healthlake:FhirDatastoreKmsEncryptionConfig": { + "type": "object", + "properties": { + "cmkType": { + "$ref": "#/types/aws-native:healthlake:FhirDatastoreKmsEncryptionConfigCmkType", + "description": "The type of customer-managed-key (CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and AWS owned CMKs." + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS encryption key id/alias used to encrypt the Data Store contents at rest." + } + } + }, + "aws-native:healthlake:FhirDatastoreKmsEncryptionConfigCmkType": { + "type": "string" + }, + "aws-native:healthlake:FhirDatastorePreloadDataConfig": { + "type": "object", + "properties": { + "preloadDataType": { + "$ref": "#/types/aws-native:healthlake:FhirDatastorePreloadDataConfigPreloadDataType", + "description": "The type of preloaded data. Only Synthea preloaded data is supported." + } + } + }, + "aws-native:healthlake:FhirDatastorePreloadDataConfigPreloadDataType": { + "type": "string" + }, + "aws-native:healthlake:FhirDatastoreSseConfiguration": { + "type": "object", + "properties": { + "kmsEncryptionConfig": { + "$ref": "#/types/aws-native:healthlake:FhirDatastoreKmsEncryptionConfig", + "description": "The server-side encryption key configuration for a customer provided encryption key (CMK)." + } + } + }, + "aws-native:healthlake:FhirDatastoreTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:iam:GroupPolicy": { + "type": "object", + "properties": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The policy document." + }, + "policyName": { + "type": "string", + "description": "The friendly name (not ARN) identifying the policy." + } + } + }, + "aws-native:iam:OidcProviderTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:iam:RolePolicy": { + "type": "object", + "properties": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json)." + }, + "policyName": { + "type": "string", + "description": "The friendly name (not ARN) identifying the policy." + } + } + }, + "aws-native:iam:RoleTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name that can be used to look up or retrieve the associated value. For example, ``Department`` or ``Cost Center`` are common choices." + }, + "value": { + "type": "string", + "description": "The value associated with this tag. For example, tags with a key name of ``Department`` could have values such as ``Human Resources``, ``Accounting``, and ``Support``. Tags with a key name of ``Cost Center`` might have values that consist of the number associated with the different cost centers in your company. Typically, many resources have tags with the same key name but with different values.\n AWS always interprets the tag ``Value`` as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code." + } + } + }, + "aws-native:iam:SamlProviderTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:iam:ServerCertificateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:iam:UserLoginProfile": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "The user's password." + }, + "passwordResetRequired": { + "type": "boolean", + "description": "Specifies whether the user is required to set a new password on next sign-in." + } + } + }, + "aws-native:iam:UserPolicy": { + "type": "object", + "properties": { + "policyDocument": { + "$ref": "pulumi.json#/Any", + "description": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json)." + }, + "policyName": { + "type": "string", + "description": "The friendly name (not ARN) identifying the policy." + } + } + }, + "aws-native:iam:UserTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name that can be used to look up or retrieve the associated value. For example, ``Department`` or ``Cost Center`` are common choices." + }, + "value": { + "type": "string", + "description": "The value associated with this tag. For example, tags with a key name of ``Department`` could have values such as ``Human Resources``, ``Accounting``, and ``Support``. Tags with a key name of ``Cost Center`` might have values that consist of the number associated with the different cost centers in your company. Typically, many resources have tags with the same key name but with different values.\n AWS always interprets the tag ``Value`` as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code." + } + } + }, + "aws-native:iam:VirtualMfaDeviceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:identitystore:GroupMembershipMemberId": { + "type": "object", + "properties": { + "userId": { + "type": "string", + "description": "The identifier for a user in the identity store." + } + } + }, + "aws-native:imagebuilder:ComponentPlatform": { + "type": "string" + }, + "aws-native:imagebuilder:ComponentType": { + "type": "string" + }, + "aws-native:imagebuilder:ContainerRecipeComponentConfiguration": { + "type": "object", + "properties": { + "componentArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the component." + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeComponentParameter" + }, + "description": "A group of parameter settings that are used to configure the component for a specific recipe." + } + } + }, + "aws-native:imagebuilder:ContainerRecipeComponentParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the component parameter to set." + }, + "value": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Sets the value for the named component parameter." + } + } + }, + "aws-native:imagebuilder:ContainerRecipeContainerType": { + "type": "string" + }, + "aws-native:imagebuilder:ContainerRecipeEbsInstanceBlockDeviceSpecification": { + "type": "object", + "properties": { + "deleteOnTermination": { + "type": "boolean", + "description": "Use to configure delete on termination of the associated device." + }, + "encrypted": { + "type": "boolean", + "description": "Use to configure device encryption." + }, + "iops": { + "type": "integer", + "description": "Use to configure device IOPS." + }, + "kmsKeyId": { + "type": "string", + "description": "Use to configure the KMS key to use when encrypting the device." + }, + "snapshotId": { + "type": "string", + "description": "The snapshot that defines the device contents." + }, + "throughput": { + "type": "integer", + "description": "For GP3 volumes only - The throughput in MiB/s that the volume supports." + }, + "volumeSize": { + "type": "integer", + "description": "Use to override the device's volume size." + }, + "volumeType": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeEbsInstanceBlockDeviceSpecificationVolumeType", + "description": "Use to override the device's volume type." + } + } + }, + "aws-native:imagebuilder:ContainerRecipeEbsInstanceBlockDeviceSpecificationVolumeType": { + "type": "string" + }, + "aws-native:imagebuilder:ContainerRecipeInstanceBlockDeviceMapping": { + "type": "object", + "properties": { + "deviceName": { + "type": "string", + "description": "The device to which these mappings apply." + }, + "ebs": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeEbsInstanceBlockDeviceSpecification", + "description": "Use to manage Amazon EBS-specific configuration for this mapping." + }, + "noDevice": { + "type": "string", + "description": "Use to remove a mapping from the parent image." + }, + "virtualName": { + "type": "string", + "description": "Use to manage instance ephemeral devices." + } + } + }, + "aws-native:imagebuilder:ContainerRecipeInstanceConfiguration": { + "type": "object", + "properties": { + "blockDeviceMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeInstanceBlockDeviceMapping" + }, + "description": "Defines the block devices to attach for building an instance from this Image Builder AMI." + }, + "image": { + "type": "string", + "description": "The AMI ID to use as the base image for a container build and test instance. If not specified, Image Builder will use the appropriate ECS-optimized AMI as a base image." + } + } + }, + "aws-native:imagebuilder:ContainerRecipePlatformOverride": { + "type": "string" + }, + "aws-native:imagebuilder:ContainerRecipeTargetContainerRepository": { + "type": "object", + "properties": { + "repositoryName": { + "type": "string", + "description": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location." + }, + "service": { + "$ref": "#/types/aws-native:imagebuilder:ContainerRecipeTargetContainerRepositoryService", + "description": "Specifies the service in which this image was registered." + } + } + }, + "aws-native:imagebuilder:ContainerRecipeTargetContainerRepositoryService": { + "type": "string" + }, + "aws-native:imagebuilder:DistributionConfigurationAmiDistributionConfiguration": { + "type": "object", + "properties": { + "amiTags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The tags to apply to AMIs distributed to this Region." + }, + "description": { + "type": "string", + "description": "The description of the AMI distribution configuration." + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key identifier used to encrypt the distributed image." + }, + "launchPermissionConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:DistributionConfigurationLaunchPermissionConfiguration", + "description": "Launch permissions can be used to configure which AWS account s can use the AMI to launch instances." + }, + "name": { + "type": "string", + "description": "The name of the AMI distribution configuration." + }, + "targetAccountIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of accounts to which you want to distribute an image." + } + } + }, + "aws-native:imagebuilder:DistributionConfigurationContainerDistributionConfiguration": { + "type": "object", + "properties": { + "containerTags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Tags that are attached to the container distribution configuration." + }, + "description": { + "type": "string", + "description": "The description of the container distribution configuration." + }, + "targetRepository": { + "$ref": "#/types/aws-native:imagebuilder:DistributionConfigurationTargetContainerRepository", + "description": "The destination repository for the container distribution configuration." + } + } + }, + "aws-native:imagebuilder:DistributionConfigurationDistribution": { + "type": "object", + "properties": { + "amiDistributionConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:DistributionConfigurationAmiDistributionConfiguration", + "description": "The specific AMI settings, such as launch permissions and AMI tags. For details, see example schema below." + }, + "containerDistributionConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:DistributionConfigurationContainerDistributionConfiguration", + "description": "Container distribution settings for encryption, licensing, and sharing in a specific Region. For details, see example schema below." + }, + "fastLaunchConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:DistributionConfigurationFastLaunchConfiguration" + }, + "description": "The Windows faster-launching configurations to use for AMI distribution." + }, + "launchTemplateConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:DistributionConfigurationLaunchTemplateConfiguration" + }, + "description": "A group of launchTemplateConfiguration settings that apply to image distribution." + }, + "licenseConfigurationArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The License Manager Configuration to associate with the AMI in the specified Region." + }, + "region": { + "type": "string", + "description": "region" + } + } + }, + "aws-native:imagebuilder:DistributionConfigurationFastLaunchConfiguration": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "The owner account ID for the fast-launch enabled Windows AMI." + }, + "enabled": { + "type": "boolean", + "description": "A Boolean that represents the current state of faster launching for the Windows AMI. Set to true to start using Windows faster launching, or false to stop using it." + }, + "launchTemplate": { + "$ref": "#/types/aws-native:imagebuilder:DistributionConfigurationFastLaunchLaunchTemplateSpecification", + "description": "The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots." + }, + "maxParallelLaunches": { + "type": "integer", + "description": "The maximum number of parallel instances that are launched for creating resources." + }, + "snapshotConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:DistributionConfigurationFastLaunchSnapshotConfiguration", + "description": "Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled." + } + } + }, + "aws-native:imagebuilder:DistributionConfigurationFastLaunchLaunchTemplateSpecification": { + "type": "object", + "properties": { + "launchTemplateId": { + "type": "string", + "description": "The ID of the launch template to use for faster launching for a Windows AMI." + }, + "launchTemplateName": { + "type": "string", + "description": "The name of the launch template to use for faster launching for a Windows AMI." + }, + "launchTemplateVersion": { + "type": "string", + "description": "The version of the launch template to use for faster launching for a Windows AMI." + } + } + }, + "aws-native:imagebuilder:DistributionConfigurationFastLaunchSnapshotConfiguration": { + "type": "object", + "properties": { + "targetResourceCount": { + "type": "integer", + "description": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI." + } + } + }, + "aws-native:imagebuilder:DistributionConfigurationLaunchPermissionConfiguration": { + "type": "object", + "properties": { + "organizationArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARN for an Amazon Web Services Organization that you want to share your AMI with." + }, + "organizationalUnitArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ARN for an Organizations organizational unit (OU) that you want to share your AMI with." + }, + "userGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name of the group." + }, + "userIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The AWS account ID." + } + } + }, + "aws-native:imagebuilder:DistributionConfigurationLaunchTemplateConfiguration": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "The account ID that this configuration applies to." + }, + "launchTemplateId": { + "type": "string", + "description": "Identifies the EC2 launch template to use." + }, + "setDefaultVersion": { + "type": "boolean", + "description": "Set the specified EC2 launch template as the default launch template for the specified account." + } + } + }, + "aws-native:imagebuilder:DistributionConfigurationTargetContainerRepository": { + "type": "object", + "properties": { + "repositoryName": { + "type": "string", + "description": "The repository name of target container repository." + }, + "service": { + "$ref": "#/types/aws-native:imagebuilder:DistributionConfigurationTargetContainerRepositoryService", + "description": "The service of target container repository." + } + } + }, + "aws-native:imagebuilder:DistributionConfigurationTargetContainerRepositoryService": { + "type": "string" + }, + "aws-native:imagebuilder:ImageEcrConfiguration": { + "type": "object", + "properties": { + "containerTags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Tags for Image Builder to apply the output container image that is scanned. Tags can help you identify and manage your scanned images." + }, + "repositoryName": { + "type": "string", + "description": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don’t provide this information, Image Builder creates a repository in your account named image-builder-image-scanning-repository to use for vulnerability scans for your output container images." + } + } + }, + "aws-native:imagebuilder:ImagePipelineEcrConfiguration": { + "type": "object", + "properties": { + "containerTags": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Tags for Image Builder to apply the output container image that is scanned. Tags can help you identify and manage your scanned images." + }, + "repositoryName": { + "type": "string", + "description": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don't provide this information, Image Builder creates a repository in your account named image-builder-image-scanning-repository to use for vulnerability scans for your output container images." + } + } + }, + "aws-native:imagebuilder:ImagePipelineImageScanningConfiguration": { + "type": "object", + "properties": { + "ecrConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineEcrConfiguration", + "description": "Contains ECR settings for vulnerability scans." + }, + "imageScanningEnabled": { + "type": "boolean", + "description": "This sets whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image." + } + } + }, + "aws-native:imagebuilder:ImagePipelineImageTestsConfiguration": { + "type": "object", + "properties": { + "imageTestsEnabled": { + "type": "boolean", + "description": "Defines if tests should be executed when building this image." + }, + "timeoutMinutes": { + "type": "integer", + "description": "The maximum time in minutes that tests are permitted to run." + } + } + }, + "aws-native:imagebuilder:ImagePipelineSchedule": { + "type": "object", + "properties": { + "pipelineExecutionStartCondition": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineSchedulePipelineExecutionStartCondition", + "description": "The condition configures when the pipeline should trigger a new image build." + }, + "scheduleExpression": { + "type": "string", + "description": "The expression determines how often EC2 Image Builder evaluates your pipelineExecutionStartCondition." + } + } + }, + "aws-native:imagebuilder:ImagePipelineSchedulePipelineExecutionStartCondition": { + "type": "string" + }, + "aws-native:imagebuilder:ImagePipelineStatus": { + "type": "string" + }, + "aws-native:imagebuilder:ImagePipelineWorkflowConfiguration": { + "type": "object", + "properties": { + "onFailure": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineWorkflowConfigurationOnFailure", + "description": "Define execution decision in case of workflow failure" + }, + "parallelGroup": { + "type": "string", + "description": "The parallel group name" + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ImagePipelineWorkflowParameter" + }, + "description": "The parameters associated with the workflow" + }, + "workflowArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the workflow" + } + } + }, + "aws-native:imagebuilder:ImagePipelineWorkflowConfigurationOnFailure": { + "type": "string" + }, + "aws-native:imagebuilder:ImagePipelineWorkflowParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the workflow parameter to set." + }, + "value": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Sets the value for the named workflow parameter." + } + } + }, + "aws-native:imagebuilder:ImageRecipeAdditionalInstanceConfiguration": { + "type": "object", + "properties": { + "systemsManagerAgent": { + "$ref": "#/types/aws-native:imagebuilder:ImageRecipeSystemsManagerAgent", + "description": "Contains settings for the SSM agent on your build instance." + }, + "userDataOverride": { + "type": "string", + "description": "Use this property to provide commands or a command script to run when you launch your build instance." + } + } + }, + "aws-native:imagebuilder:ImageRecipeComponentConfiguration": { + "type": "object", + "properties": { + "componentArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the component." + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ImageRecipeComponentParameter" + }, + "description": "A group of parameter settings that are used to configure the component for a specific recipe." + } + } + }, + "aws-native:imagebuilder:ImageRecipeComponentParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the component parameter to set." + }, + "value": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Sets the value for the named component parameter." + } + } + }, + "aws-native:imagebuilder:ImageRecipeEbsInstanceBlockDeviceSpecification": { + "type": "object", + "properties": { + "deleteOnTermination": { + "type": "boolean", + "description": "Use to configure delete on termination of the associated device." + }, + "encrypted": { + "type": "boolean", + "description": "Use to configure device encryption." + }, + "iops": { + "type": "integer", + "description": "Use to configure device IOPS." + }, + "kmsKeyId": { + "type": "string", + "description": "Use to configure the KMS key to use when encrypting the device." + }, + "snapshotId": { + "type": "string", + "description": "The snapshot that defines the device contents." + }, + "throughput": { + "type": "integer", + "description": "For GP3 volumes only - The throughput in MiB/s that the volume supports." + }, + "volumeSize": { + "type": "integer", + "description": "Use to override the device's volume size." + }, + "volumeType": { + "$ref": "#/types/aws-native:imagebuilder:ImageRecipeEbsInstanceBlockDeviceSpecificationVolumeType", + "description": "Use to override the device's volume type." + } + } + }, + "aws-native:imagebuilder:ImageRecipeEbsInstanceBlockDeviceSpecificationVolumeType": { + "type": "string" + }, + "aws-native:imagebuilder:ImageRecipeInstanceBlockDeviceMapping": { + "type": "object", + "properties": { + "deviceName": { + "type": "string", + "description": "The device to which these mappings apply." + }, + "ebs": { + "$ref": "#/types/aws-native:imagebuilder:ImageRecipeEbsInstanceBlockDeviceSpecification", + "description": "Use to manage Amazon EBS-specific configuration for this mapping." + }, + "noDevice": { + "type": "string", + "description": "Use to remove a mapping from the parent image." + }, + "virtualName": { + "type": "string", + "description": "Use to manage instance ephemeral devices." + } + } + }, + "aws-native:imagebuilder:ImageRecipeSystemsManagerAgent": { + "type": "object", + "properties": { + "uninstallAfterBuild": { + "type": "boolean", + "description": "Controls whether the SSM agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false." + } + } + }, + "aws-native:imagebuilder:ImageScanningConfiguration": { + "type": "object", + "properties": { + "ecrConfiguration": { + "$ref": "#/types/aws-native:imagebuilder:ImageEcrConfiguration", + "description": "Contains ECR settings for vulnerability scans." + }, + "imageScanningEnabled": { + "type": "boolean", + "description": "This sets whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image." + } + } + }, + "aws-native:imagebuilder:ImageTestsConfiguration": { + "type": "object", + "properties": { + "imageTestsEnabled": { + "type": "boolean", + "description": "ImageTestsEnabled" + }, + "timeoutMinutes": { + "type": "integer", + "description": "TimeoutMinutes" + } + } + }, + "aws-native:imagebuilder:ImageWorkflowConfiguration": { + "type": "object", + "properties": { + "onFailure": { + "$ref": "#/types/aws-native:imagebuilder:ImageWorkflowConfigurationOnFailure", + "description": "Define execution decision in case of workflow failure" + }, + "parallelGroup": { + "type": "string", + "description": "The parallel group name" + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:ImageWorkflowParameter" + }, + "description": "The parameters associated with the workflow" + }, + "workflowArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the workflow" + } + } + }, + "aws-native:imagebuilder:ImageWorkflowConfigurationOnFailure": { + "type": "string" + }, + "aws-native:imagebuilder:ImageWorkflowParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the workflow parameter to set." + }, + "value": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Sets the value for the named workflow parameter." + } + } + }, + "aws-native:imagebuilder:InfrastructureConfigurationInstanceMetadataOptions": { + "type": "object", + "properties": { + "httpPutResponseHopLimit": { + "type": "integer", + "description": "Limit the number of hops that an instance metadata request can traverse to reach its destination." + }, + "httpTokens": { + "$ref": "#/types/aws-native:imagebuilder:InfrastructureConfigurationInstanceMetadataOptionsHttpTokens", + "description": "Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows: " + } + } + }, + "aws-native:imagebuilder:InfrastructureConfigurationInstanceMetadataOptionsHttpTokens": { + "type": "string" + }, + "aws-native:imagebuilder:InfrastructureConfigurationLogging": { + "type": "object", + "properties": { + "s3Logs": { + "$ref": "#/types/aws-native:imagebuilder:InfrastructureConfigurationS3Logs", + "description": "The Amazon S3 logging configuration." + } + }, + "irreversibleNames": { + "s3Logs": "S3Logs" + } + }, + "aws-native:imagebuilder:InfrastructureConfigurationS3Logs": { + "type": "object", + "properties": { + "s3BucketName": { + "type": "string", + "description": "S3BucketName" + }, + "s3KeyPrefix": { + "type": "string", + "description": "S3KeyPrefix" + } + }, + "irreversibleNames": { + "s3BucketName": "S3BucketName", + "s3KeyPrefix": "S3KeyPrefix" + } + }, + "aws-native:imagebuilder:LifecyclePolicyAction": { + "type": "object", + "properties": { + "includeResources": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyIncludeResources", + "description": "Specifies the resources that the lifecycle policy applies to." + }, + "type": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyActionType", + "description": "The action type of the policy detail." + } + } + }, + "aws-native:imagebuilder:LifecyclePolicyActionType": { + "type": "string" + }, + "aws-native:imagebuilder:LifecyclePolicyAmiExclusionRules": { + "type": "object", + "properties": { + "isPublic": { + "type": "boolean", + "description": "Use to apply lifecycle policy actions on whether the AMI is public." + }, + "lastLaunched": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyLastLaunched", + "description": "Use to apply lifecycle policy actions on AMIs launched before a certain time." + }, + "regions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Use to apply lifecycle policy actions on AMIs distributed to a set of regions." + }, + "sharedAccounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Use to apply lifecycle policy actions on AMIs shared with a set of regions." + }, + "tagMap": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The AMIs to select by tag." + } + } + }, + "aws-native:imagebuilder:LifecyclePolicyExclusionRules": { + "type": "object", + "properties": { + "amis": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyAmiExclusionRules", + "description": "Lists configuration values that apply to AMIs that Image Builder should exclude from the lifecycle action." + }, + "tagMap": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The Image Builder tags to filter on." + } + } + }, + "aws-native:imagebuilder:LifecyclePolicyFilter": { + "type": "object", + "properties": { + "retainAtLeast": { + "type": "integer", + "description": "The minimum number of Image Builder resources to retain." + }, + "type": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyFilterType", + "description": "The filter type." + }, + "unit": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyTimeUnit", + "description": "The value's time unit." + }, + "value": { + "type": "integer", + "description": "The filter value." + } + } + }, + "aws-native:imagebuilder:LifecyclePolicyFilterType": { + "type": "string" + }, + "aws-native:imagebuilder:LifecyclePolicyIncludeResources": { + "type": "object", + "properties": { + "amis": { + "type": "boolean", + "description": "Use to configure lifecycle actions on AMIs." + }, + "containers": { + "type": "boolean", + "description": "Use to configure lifecycle actions on containers." + }, + "snapshots": { + "type": "boolean", + "description": "Use to configure lifecycle actions on snapshots." + } + } + }, + "aws-native:imagebuilder:LifecyclePolicyLastLaunched": { + "type": "object", + "properties": { + "unit": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyTimeUnit", + "description": "The value's time unit." + }, + "value": { + "type": "integer", + "description": "The last launched value." + } + } + }, + "aws-native:imagebuilder:LifecyclePolicyPolicyDetail": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyAction", + "description": "Configuration details for the policy action." + }, + "exclusionRules": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyExclusionRules", + "description": "Additional rules to specify resources that should be exempt from policy actions." + }, + "filter": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyFilter", + "description": "Specifies the resources that the lifecycle policy applies to." + } + } + }, + "aws-native:imagebuilder:LifecyclePolicyRecipeSelection": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The recipe name." + }, + "semanticVersion": { + "type": "string", + "description": "The recipe version." + } + } + }, + "aws-native:imagebuilder:LifecyclePolicyResourceSelection": { + "type": "object", + "properties": { + "recipes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:imagebuilder:LifecyclePolicyRecipeSelection" + }, + "description": "The recipes to select." + }, + "tagMap": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The Image Builder resources to select by tag." + } + } + }, + "aws-native:imagebuilder:LifecyclePolicyResourceType": { + "type": "string" + }, + "aws-native:imagebuilder:LifecyclePolicyStatus": { + "type": "string" + }, + "aws-native:imagebuilder:LifecyclePolicyTimeUnit": { + "type": "string" + }, + "aws-native:imagebuilder:WorkflowType": { + "type": "string" + }, + "aws-native:index:CreateOnlyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag", + "replaceOnChanges": true + }, + "value": { + "type": "string", + "description": "The value of the tag", + "replaceOnChanges": true + } + } + }, + "aws-native:index:Tag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag" + }, + "value": { + "type": "string", + "description": "The value of the tag" + } + } + }, + "aws-native:inspector:AssessmentTemplateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A tag key." + }, + "value": { + "type": "string", + "description": "A value assigned to a tag key." + } + } + }, + "aws-native:inspector:ResourceGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A tag key." + }, + "value": { + "type": "string", + "description": "A value assigned to a tag key." + } + } + }, + "aws-native:inspectorv2:CisScanConfigurationCisSecurityLevel": { + "type": "string" + }, + "aws-native:inspectorv2:CisScanConfigurationCisTargets": { + "type": "object", + "properties": { + "accountIds": { + "type": "array", + "items": { + "type": "string" + } + }, + "targetResourceTags": { + "type": "object", + "additionalProperties": { + "$ref": "pulumi.json#/Any" + } + } + } + }, + "aws-native:inspectorv2:CisScanConfigurationDailySchedule": { + "type": "object", + "properties": { + "startTime": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationTime" + } + } + }, + "aws-native:inspectorv2:CisScanConfigurationDay": { + "type": "string" + }, + "aws-native:inspectorv2:CisScanConfigurationMonthlySchedule": { + "type": "object", + "properties": { + "day": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationDay" + }, + "startTime": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationTime" + } + } + }, + "aws-native:inspectorv2:CisScanConfigurationOneTimeSchedule": { + "type": "object" + }, + "aws-native:inspectorv2:CisScanConfigurationSchedule": { + "type": "object", + "properties": { + "daily": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationDailySchedule" + }, + "monthly": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationMonthlySchedule" + }, + "oneTime": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationOneTimeSchedule" + }, + "weekly": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationWeeklySchedule" + } + } + }, + "aws-native:inspectorv2:CisScanConfigurationTime": { + "type": "object", + "properties": { + "timeOfDay": { + "type": "string" + }, + "timeZone": { + "type": "string" + } + } + }, + "aws-native:inspectorv2:CisScanConfigurationWeeklySchedule": { + "type": "object", + "properties": { + "days": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationDay" + } + }, + "startTime": { + "$ref": "#/types/aws-native:inspectorv2:CisScanConfigurationTime" + } + } + }, + "aws-native:inspectorv2:FilterAction": { + "type": "string" + }, + "aws-native:inspectorv2:FilterCriteria": { + "type": "object", + "properties": { + "awsAccountId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details of the AWS account IDs used to filter findings." + }, + "componentId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details of the component IDs used to filter findings." + }, + "componentType": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details of the component types used to filter findings." + }, + "ec2InstanceImageId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details of the Amazon EC2 instance image IDs used to filter findings." + }, + "ec2InstanceSubnetId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details of the Amazon EC2 instance subnet IDs used to filter findings." + }, + "ec2InstanceVpcId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details of the Amazon EC2 instance VPC IDs used to filter findings." + }, + "ecrImageArchitecture": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details of the Amazon ECR image architecture types used to filter findings." + }, + "ecrImageHash": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details of the Amazon ECR image hashes used to filter findings." + }, + "ecrImagePushedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterDateFilter" + }, + "description": "Details on the Amazon ECR image push date and time used to filter findings." + }, + "ecrImageRegistry": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the Amazon ECR registry used to filter findings." + }, + "ecrImageRepositoryName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the name of the Amazon ECR repository used to filter findings." + }, + "ecrImageTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "The tags attached to the Amazon ECR container image." + }, + "findingArn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the finding ARNs used to filter findings." + }, + "findingStatus": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the finding status types used to filter findings." + }, + "findingType": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the finding types used to filter findings." + }, + "firstObservedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterDateFilter" + }, + "description": "Details on the date and time a finding was first seen used to filter findings." + }, + "inspectorScore": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterNumberFilter" + }, + "description": "The Amazon Inspector score to filter on." + }, + "lastObservedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterDateFilter" + }, + "description": "Details on the date and time a finding was last seen used to filter findings." + }, + "networkProtocol": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on network protocol used to filter findings." + }, + "portRange": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterPortRangeFilter" + }, + "description": "Details on the port ranges used to filter findings." + }, + "relatedVulnerabilities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the related vulnerabilities used to filter findings." + }, + "resourceId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the resource IDs used to filter findings." + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterMapFilter" + }, + "description": "Details on the resource tags used to filter findings." + }, + "resourceType": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the resource types used to filter findings." + }, + "severity": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the severity used to filter findings." + }, + "title": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the finding title used to filter findings." + }, + "updatedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterDateFilter" + }, + "description": "Details on the date and time a finding was last updated at used to filter findings." + }, + "vendorSeverity": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the vendor severity used to filter findings." + }, + "vulnerabilityId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the vulnerability ID used to filter findings." + }, + "vulnerabilitySource": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "description": "Details on the vulnerability score to filter findings by." + }, + "vulnerablePackages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:inspectorv2:FilterPackageFilter" + }, + "description": "Details on the vulnerable packages used to filter findings." + } + } + }, + "aws-native:inspectorv2:FilterDateFilter": { + "type": "object", + "properties": { + "endInclusive": { + "type": "integer" + }, + "startInclusive": { + "type": "integer" + } + } + }, + "aws-native:inspectorv2:FilterMapComparison": { + "type": "string" + }, + "aws-native:inspectorv2:FilterMapFilter": { + "type": "object", + "properties": { + "comparison": { + "$ref": "#/types/aws-native:inspectorv2:FilterMapComparison" + }, + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:inspectorv2:FilterNumberFilter": { + "type": "object", + "properties": { + "lowerInclusive": { + "type": "number" + }, + "upperInclusive": { + "type": "number" + } + } + }, + "aws-native:inspectorv2:FilterPackageFilter": { + "type": "object", + "properties": { + "architecture": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "epoch": { + "$ref": "#/types/aws-native:inspectorv2:FilterNumberFilter" + }, + "name": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "release": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "sourceLayerHash": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + }, + "version": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringFilter" + } + } + }, + "aws-native:inspectorv2:FilterPortRangeFilter": { + "type": "object", + "properties": { + "beginInclusive": { + "type": "integer" + }, + "endInclusive": { + "type": "integer" + } + } + }, + "aws-native:inspectorv2:FilterStringComparison": { + "type": "string" + }, + "aws-native:inspectorv2:FilterStringFilter": { + "type": "object", + "properties": { + "comparison": { + "$ref": "#/types/aws-native:inspectorv2:FilterStringComparison" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:internetmonitor:MonitorConfigState": { + "type": "string" + }, + "aws-native:internetmonitor:MonitorHealthEventsConfig": { + "type": "object", + "properties": { + "availabilityLocalHealthEventsConfig": { + "$ref": "#/types/aws-native:internetmonitor:MonitorLocalHealthEventsConfig", + "description": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local availability issue." + }, + "availabilityScoreThreshold": { + "type": "number", + "description": "The health event threshold percentage set for availability scores. When the overall availability score is at or below this percentage, Internet Monitor creates a health event." + }, + "performanceLocalHealthEventsConfig": { + "$ref": "#/types/aws-native:internetmonitor:MonitorLocalHealthEventsConfig", + "description": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local performance issue." + }, + "performanceScoreThreshold": { + "type": "number", + "description": "The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event." + } + } + }, + "aws-native:internetmonitor:MonitorInternetMeasurementsLogDelivery": { + "type": "object", + "properties": { + "s3Config": { + "$ref": "#/types/aws-native:internetmonitor:MonitorS3Config", + "description": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3." + } + }, + "irreversibleNames": { + "s3Config": "S3Config" + } + }, + "aws-native:internetmonitor:MonitorLocalHealthEventsConfig": { + "type": "object", + "properties": { + "healthScoreThreshold": { + "type": "number", + "description": "The health event threshold percentage set for a local health score." + }, + "minTrafficImpact": { + "type": "number", + "description": "The minimum percentage of overall traffic for an application that must be impacted by an issue before Internet Monitor creates an event when a threshold is crossed for a local health score.\n\nIf you don't set a minimum traffic impact threshold, the default value is 0.01%." + }, + "status": { + "$ref": "#/types/aws-native:internetmonitor:MonitorLocalHealthEventsConfigStatus", + "description": "The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` ." + } + } + }, + "aws-native:internetmonitor:MonitorLocalHealthEventsConfigStatus": { + "type": "string" + }, + "aws-native:internetmonitor:MonitorProcessingStatusCode": { + "type": "string" + }, + "aws-native:internetmonitor:MonitorS3Config": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The Amazon S3 bucket name for internet measurements publishing." + }, + "bucketPrefix": { + "type": "string", + "description": "An optional Amazon S3 bucket prefix for internet measurements publishing." + }, + "logDeliveryStatus": { + "$ref": "#/types/aws-native:internetmonitor:MonitorS3ConfigLogDeliveryStatus", + "description": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise." + } + } + }, + "aws-native:internetmonitor:MonitorS3ConfigLogDeliveryStatus": { + "type": "string" + }, + "aws-native:internetmonitor:MonitorTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:iot:AbortConfigProperties": { + "type": "object", + "properties": { + "criteriaList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:JobTemplateAbortCriteria" + }, + "description": "The list of criteria that determine when and how to abort the job." + } + } + }, + "aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "True if the check is enabled." + } + } + }, + "aws-native:iot:AccountAuditConfigurationAuditCheckConfigurations": { + "type": "object", + "properties": { + "authenticatedCognitoRoleOverlyPermissiveCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks the permissiveness of an authenticated Amazon Cognito identity pool role. For this check, AWS IoT Device Defender audits all Amazon Cognito identity pools that have been used to connect to the AWS IoT message broker during the 31 days before the audit is performed." + }, + "caCertificateExpiringCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if a CA certificate is expiring. This check applies to CA certificates expiring within 30 days or that have expired." + }, + "caCertificateKeyQualityCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks the quality of the CA certificate key. The quality checks if the key is in a valid format, not expired, and if the key meets a minimum required size. This check applies to CA certificates that are `ACTIVE` or `PENDING_TRANSFER` ." + }, + "conflictingClientIdsCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if multiple devices connect using the same client ID." + }, + "deviceCertificateExpiringCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if a device certificate is expiring. This check applies to device certificates expiring within 30 days or that have expired." + }, + "deviceCertificateKeyQualityCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks the quality of the device certificate key. The quality checks if the key is in a valid format, not expired, signed by a registered certificate authority, and if the key meets a minimum required size." + }, + "deviceCertificateSharedCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if multiple concurrent connections use the same X.509 certificate to authenticate with AWS IoT ." + }, + "intermediateCaRevokedForActiveDeviceCertificatesCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if device certificates are still active despite being revoked by an intermediate CA." + }, + "ioTPolicyPotentialMisConfigurationCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if an AWS IoT policy is potentially misconfigured. Misconfigured policies, including overly permissive policies, can cause security incidents like allowing devices access to unintended resources. This check is a warning for you to make sure that only intended actions are allowed before updating the policy." + }, + "iotPolicyOverlyPermissiveCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks the permissiveness of a policy attached to an authenticated Amazon Cognito identity pool role." + }, + "iotRoleAliasAllowsAccessToUnusedServicesCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if a role alias has access to services that haven't been used for the AWS IoT device in the last year." + }, + "iotRoleAliasOverlyPermissiveCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if the temporary credentials provided by AWS IoT role aliases are overly permissive." + }, + "loggingDisabledCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if AWS IoT logs are disabled." + }, + "revokedCaCertificateStillActiveCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if a revoked CA certificate is still active." + }, + "revokedDeviceCertificateStillActiveCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if a revoked device certificate is still active." + }, + "unauthenticatedCognitoRoleOverlyPermissiveCheck": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditCheckConfiguration", + "description": "Checks if policy attached to an unauthenticated Amazon Cognito identity pool role is too permissive." + } + } + }, + "aws-native:iot:AccountAuditConfigurationAuditNotificationTarget": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "True if notifications to the target are enabled." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants permission to send notifications to the target." + }, + "targetArn": { + "type": "string", + "description": "The ARN of the target (SNS topic) to which audit notifications are sent." + } + } + }, + "aws-native:iot:AccountAuditConfigurationAuditNotificationTargetConfigurations": { + "type": "object", + "properties": { + "sns": { + "$ref": "#/types/aws-native:iot:AccountAuditConfigurationAuditNotificationTarget", + "description": "The `Sns` notification target." + } + } + }, + "aws-native:iot:AuthorizerStatus": { + "type": "string" + }, + "aws-native:iot:AuthorizerTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iot:BillingGroupPropertiesProperties": { + "type": "object", + "properties": { + "billingGroupDescription": { + "type": "string", + "description": "The description of the billing group." + } + } + }, + "aws-native:iot:BillingGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:iot:CaCertificateAutoRegistrationStatus": { + "type": "string" + }, + "aws-native:iot:CaCertificateCertificateMode": { + "type": "string" + }, + "aws-native:iot:CaCertificateRegistrationConfig": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "The ARN of the role." + }, + "templateBody": { + "type": "string", + "description": "The template body." + }, + "templateName": { + "type": "string", + "description": "The name of the provisioning template." + } + } + }, + "aws-native:iot:CaCertificateStatus": { + "type": "string" + }, + "aws-native:iot:CaCertificateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:iot:CertificateMode": { + "type": "string" + }, + "aws-native:iot:CertificateProviderOperation": { + "type": "string" + }, + "aws-native:iot:CertificateProviderTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:iot:CertificateStatus": { + "type": "string" + }, + "aws-native:iot:CustomMetricMetricType": { + "type": "string" + }, + "aws-native:iot:CustomMetricTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iot:DimensionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iot:DimensionType": { + "type": "string" + }, + "aws-native:iot:DomainConfigurationAuthorizerConfig": { + "type": "object", + "properties": { + "allowAuthorizerOverride": { + "type": "boolean", + "description": "A Boolean that specifies whether the domain configuration's authorization service can be overridden." + }, + "defaultAuthorizerName": { + "type": "string", + "description": "The name of the authorization service for a domain configuration." + } + } + }, + "aws-native:iot:DomainConfigurationDomainType": { + "type": "string" + }, + "aws-native:iot:DomainConfigurationServerCertificateConfig": { + "type": "object", + "properties": { + "enableOcspCheck": { + "type": "boolean", + "description": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide." + } + }, + "irreversibleNames": { + "enableOcspCheck": "EnableOCSPCheck" + } + }, + "aws-native:iot:DomainConfigurationServerCertificateSummary": { + "type": "object", + "properties": { + "serverCertificateArn": { + "type": "string", + "description": "The ARN of the server certificate." + }, + "serverCertificateStatus": { + "$ref": "#/types/aws-native:iot:DomainConfigurationServerCertificateSummaryServerCertificateStatus", + "description": "The status of the server certificate." + }, + "serverCertificateStatusDetail": { + "type": "string", + "description": "Details that explain the status of the server certificate." + } + } + }, + "aws-native:iot:DomainConfigurationServerCertificateSummaryServerCertificateStatus": { + "type": "string" + }, + "aws-native:iot:DomainConfigurationServiceType": { + "type": "string" + }, + "aws-native:iot:DomainConfigurationStatus": { + "type": "string" + }, + "aws-native:iot:DomainConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iot:DomainConfigurationTlsConfig": { + "type": "object", + "properties": { + "securityPolicy": { + "type": "string", + "description": "The security policy for a domain configuration. For more information, see [Security policies](https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table) in the *AWS IoT Core developer guide* ." + } + } + }, + "aws-native:iot:FleetMetricAggregationType": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Fleet Indexing aggregation type names such as Statistics, Percentiles and Cardinality" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Fleet Indexing aggregation type values" + } + } + }, + "aws-native:iot:FleetMetricTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key" + }, + "value": { + "type": "string", + "description": "The tag's value" + } + } + }, + "aws-native:iot:JobExecutionsRetryConfigProperties": { + "type": "object", + "properties": { + "retryCriteriaList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:JobTemplateRetryCriteria" + }, + "description": "The list of criteria that determines how many retries are allowed for each failure type for a job." + } + } + }, + "aws-native:iot:JobExecutionsRolloutConfigProperties": { + "type": "object", + "properties": { + "exponentialRolloutRate": { + "$ref": "#/types/aws-native:iot:JobTemplateExponentialRolloutRate", + "description": "The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout." + }, + "maximumPerMinute": { + "type": "integer", + "description": "The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout." + } + } + }, + "aws-native:iot:JobTemplateAbortCriteria": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:iot:JobTemplateAction", + "description": "The type of job action to take to initiate the job abort." + }, + "failureType": { + "$ref": "#/types/aws-native:iot:JobTemplateFailureType", + "description": "The type of job execution failures that can initiate a job abort." + }, + "minNumberOfExecutedThings": { + "type": "integer", + "description": "The minimum number of things which must receive job execution notifications before the job can be aborted." + }, + "thresholdPercentage": { + "type": "number", + "description": "The minimum percentage of job execution failures that must occur to initiate the job abort." + } + } + }, + "aws-native:iot:JobTemplateAction": { + "type": "string" + }, + "aws-native:iot:JobTemplateExponentialRolloutRate": { + "type": "object", + "properties": { + "baseRatePerMinute": { + "type": "integer", + "description": "The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout." + }, + "incrementFactor": { + "type": "number", + "description": "The exponential factor to increase the rate of rollout for a job." + }, + "rateIncreaseCriteria": { + "$ref": "#/types/aws-native:iot:JobTemplateRateIncreaseCriteria", + "description": "The criteria to initiate the increase in rate of rollout for a job." + } + } + }, + "aws-native:iot:JobTemplateFailureType": { + "type": "string" + }, + "aws-native:iot:JobTemplateJobRetryFailureType": { + "type": "string" + }, + "aws-native:iot:JobTemplateMaintenanceWindow": { + "type": "object", + "properties": { + "durationInMinutes": { + "type": "integer", + "description": "Displays the duration of the next maintenance window." + }, + "startTime": { + "type": "string", + "description": "Displays the start time of the next maintenance window." + } + } + }, + "aws-native:iot:JobTemplateRateIncreaseCriteria": { + "type": "object", + "properties": { + "numberOfNotifiedThings": { + "type": "integer", + "description": "The threshold for number of notified things that will initiate the increase in rate of rollout." + }, + "numberOfSucceededThings": { + "type": "integer", + "description": "The threshold for number of succeeded things that will initiate the increase in rate of rollout." + } + } + }, + "aws-native:iot:JobTemplateRetryCriteria": { + "type": "object", + "properties": { + "failureType": { + "$ref": "#/types/aws-native:iot:JobTemplateJobRetryFailureType", + "description": "The type of job execution failures that can initiate a job retry." + }, + "numberOfRetries": { + "type": "integer", + "description": "The number of retries allowed for a failure type for the job." + } + } + }, + "aws-native:iot:JobTemplateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iot:LoggingDefaultLogLevel": { + "type": "string" + }, + "aws-native:iot:MetricsExportConfigProperties": { + "type": "object", + "properties": { + "mqttTopic": { + "type": "string", + "description": "The topic for metrics export." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants permission to publish to mqtt topic." + } + } + }, + "aws-native:iot:MitigationActionActionParams": { + "type": "object", + "properties": { + "addThingsToThingGroupParams": { + "$ref": "#/types/aws-native:iot:MitigationActionAddThingsToThingGroupParams", + "description": "Specifies the group to which you want to add the devices." + }, + "enableIoTLoggingParams": { + "$ref": "#/types/aws-native:iot:MitigationActionEnableIoTLoggingParams", + "description": "Specifies the logging level and the role with permissions for logging. You cannot specify a logging level of `DISABLED` ." + }, + "publishFindingToSnsParams": { + "$ref": "#/types/aws-native:iot:MitigationActionPublishFindingToSnsParams", + "description": "Specifies the topic to which the finding should be published." + }, + "replaceDefaultPolicyVersionParams": { + "$ref": "#/types/aws-native:iot:MitigationActionReplaceDefaultPolicyVersionParams", + "description": "Replaces the policy version with a default or blank policy. You specify the template name. Only a value of `BLANK_POLICY` is currently supported." + }, + "updateCaCertificateParams": { + "$ref": "#/types/aws-native:iot:MitigationActionUpdateCaCertificateParams", + "description": "Specifies the new state for the CA certificate. Only a value of `DEACTIVATE` is currently supported." + }, + "updateDeviceCertificateParams": { + "$ref": "#/types/aws-native:iot:MitigationActionUpdateDeviceCertificateParams", + "description": "Specifies the new state for a device certificate. Only a value of `DEACTIVATE` is currently supported." + } + }, + "irreversibleNames": { + "updateCaCertificateParams": "UpdateCACertificateParams" + } + }, + "aws-native:iot:MitigationActionAddThingsToThingGroupParams": { + "type": "object", + "properties": { + "overrideDynamicGroups": { + "type": "boolean", + "description": "Specifies if this mitigation action can move the things that triggered the mitigation action out of one or more dynamic thing groups." + }, + "thingGroupNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of groups to which you want to add the things that triggered the mitigation action." + } + } + }, + "aws-native:iot:MitigationActionEnableIoTLoggingParams": { + "type": "object", + "properties": { + "logLevel": { + "$ref": "#/types/aws-native:iot:MitigationActionEnableIoTLoggingParamsLogLevel", + "description": " Specifies which types of information are logged." + }, + "roleArnForLogging": { + "type": "string", + "description": " The ARN of the IAM role used for logging." + } + } + }, + "aws-native:iot:MitigationActionEnableIoTLoggingParamsLogLevel": { + "type": "string" + }, + "aws-native:iot:MitigationActionPublishFindingToSnsParams": { + "type": "object", + "properties": { + "topicArn": { + "type": "string", + "description": "The ARN of the topic to which you want to publish the findings." + } + } + }, + "aws-native:iot:MitigationActionReplaceDefaultPolicyVersionParams": { + "type": "object", + "properties": { + "templateName": { + "$ref": "#/types/aws-native:iot:MitigationActionReplaceDefaultPolicyVersionParamsTemplateName", + "description": "The name of the template to be applied. The only supported value is `BLANK_POLICY` ." + } + } + }, + "aws-native:iot:MitigationActionReplaceDefaultPolicyVersionParamsTemplateName": { + "type": "string" + }, + "aws-native:iot:MitigationActionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iot:MitigationActionUpdateCaCertificateParams": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:iot:MitigationActionUpdateCaCertificateParamsAction", + "description": "The action that you want to apply to the CA certificate. The only supported value is `DEACTIVATE` ." + } + } + }, + "aws-native:iot:MitigationActionUpdateCaCertificateParamsAction": { + "type": "string" + }, + "aws-native:iot:MitigationActionUpdateDeviceCertificateParams": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:iot:MitigationActionUpdateDeviceCertificateParamsAction", + "description": "The action that you want to apply to the device certificate. The only supported value is `DEACTIVATE` ." + } + } + }, + "aws-native:iot:MitigationActionUpdateDeviceCertificateParamsAction": { + "type": "string" + }, + "aws-native:iot:PolicyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iot:PresignedUrlConfigProperties": { + "type": "object", + "properties": { + "expiresInSec": { + "type": "integer", + "description": "How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document." + }, + "roleArn": { + "type": "string", + "description": "The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.\n\n\u003e For information about addressing the confused deputy problem, see [cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html) in the *AWS IoT Core developer guide* ." + } + } + }, + "aws-native:iot:ProvisioningTemplateProvisioningHook": { + "type": "object", + "properties": { + "payloadVersion": { + "type": "string", + "description": "The payload that was sent to the target function. The valid payload is `\"2020-04-01\"` ." + }, + "targetArn": { + "type": "string", + "description": "The ARN of the target function." + } + } + }, + "aws-native:iot:ProvisioningTemplateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iot:ProvisioningTemplateTemplateType": { + "type": "string" + }, + "aws-native:iot:ResourceSpecificLoggingLogLevel": { + "type": "string" + }, + "aws-native:iot:ResourceSpecificLoggingTargetType": { + "type": "string" + }, + "aws-native:iot:RoleAliasTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:iot:ScheduledAuditDayOfWeek": { + "type": "string" + }, + "aws-native:iot:ScheduledAuditFrequency": { + "type": "string" + }, + "aws-native:iot:ScheduledAuditTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iot:SecurityProfileAlertTarget": { + "type": "object", + "properties": { + "alertTargetArn": { + "type": "string", + "description": "The ARN of the notification target to which alerts are sent." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants permission to send alerts to the notification target." + } + } + }, + "aws-native:iot:SecurityProfileBehavior": { + "type": "object", + "properties": { + "criteria": { + "$ref": "#/types/aws-native:iot:SecurityProfileBehaviorCriteria", + "description": "The criteria that determine if a device is behaving normally in regard to the `metric` .\n\n\u003e In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously." + }, + "exportMetric": { + "type": "boolean", + "description": "Value indicates exporting metrics related to the behavior when it is true." + }, + "metric": { + "type": "string", + "description": "What is measured by the behavior." + }, + "metricDimension": { + "$ref": "#/types/aws-native:iot:SecurityProfileMetricDimension", + "description": "The dimension of the metric." + }, + "name": { + "type": "string", + "description": "The name for the behavior." + }, + "suppressAlerts": { + "type": "boolean", + "description": "Manage Detect alarm SNS notifications by setting behavior notification to on or suppressed. Detect will continue to performing device behavior evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification." + } + } + }, + "aws-native:iot:SecurityProfileBehaviorCriteria": { + "type": "object", + "properties": { + "comparisonOperator": { + "$ref": "#/types/aws-native:iot:SecurityProfileBehaviorCriteriaComparisonOperator", + "description": "The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold)." + }, + "consecutiveDatapointsToAlarm": { + "type": "integer", + "description": "If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1." + }, + "consecutiveDatapointsToClear": { + "type": "integer", + "description": "If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1." + }, + "durationSeconds": { + "type": "integer", + "description": "Use this to specify the time duration over which the behavior is evaluated." + }, + "mlDetectionConfig": { + "$ref": "#/types/aws-native:iot:SecurityProfileMachineLearningDetectionConfig", + "description": "The confidence level of the detection model." + }, + "statisticalThreshold": { + "$ref": "#/types/aws-native:iot:SecurityProfileStatisticalThreshold", + "description": "A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior." + }, + "value": { + "$ref": "#/types/aws-native:iot:SecurityProfileMetricValue", + "description": "The value to be compared with the `metric` ." + } + } + }, + "aws-native:iot:SecurityProfileBehaviorCriteriaComparisonOperator": { + "type": "string" + }, + "aws-native:iot:SecurityProfileMachineLearningDetectionConfig": { + "type": "object", + "properties": { + "confidenceLevel": { + "$ref": "#/types/aws-native:iot:SecurityProfileMachineLearningDetectionConfigConfidenceLevel", + "description": "The sensitivity of anomalous behavior evaluation. Can be Low, Medium, or High." + } + } + }, + "aws-native:iot:SecurityProfileMachineLearningDetectionConfigConfidenceLevel": { + "type": "string" + }, + "aws-native:iot:SecurityProfileMetricDimension": { + "type": "object", + "properties": { + "dimensionName": { + "type": "string", + "description": "A unique identifier for the dimension." + }, + "operator": { + "$ref": "#/types/aws-native:iot:SecurityProfileMetricDimensionOperator", + "description": "Defines how the dimensionValues of a dimension are interpreted." + } + } + }, + "aws-native:iot:SecurityProfileMetricDimensionOperator": { + "type": "string" + }, + "aws-native:iot:SecurityProfileMetricToRetain": { + "type": "object", + "properties": { + "exportMetric": { + "type": "boolean", + "description": "The value indicates exporting metrics related to the `MetricToRetain` when it's true." + }, + "metric": { + "type": "string", + "description": "What is measured by the behavior." + }, + "metricDimension": { + "$ref": "#/types/aws-native:iot:SecurityProfileMetricDimension", + "description": "The dimension of the metric." + } + } + }, + "aws-native:iot:SecurityProfileMetricValue": { + "type": "object", + "properties": { + "cidrs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "If the ComparisonOperator calls for a set of CIDRs, use this to specify that set to be compared with the metric." + }, + "count": { + "type": "string", + "description": "If the ComparisonOperator calls for a numeric value, use this to specify that (integer) numeric value to be compared with the metric." + }, + "number": { + "type": "number", + "description": "The numeral value of a metric." + }, + "numbers": { + "type": "array", + "items": { + "type": "number" + }, + "description": "The numeral values of a metric." + }, + "ports": { + "type": "array", + "items": { + "type": "integer" + }, + "description": "If the ComparisonOperator calls for a set of ports, use this to specify that set to be compared with the metric." + }, + "strings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The string values of a metric." + } + } + }, + "aws-native:iot:SecurityProfileStatisticalThreshold": { + "type": "object", + "properties": { + "statistic": { + "$ref": "#/types/aws-native:iot:SecurityProfileStatisticalThresholdStatistic", + "description": "The percentile which resolves to a threshold value by which compliance with a behavior is determined" + } + } + }, + "aws-native:iot:SecurityProfileStatisticalThresholdStatistic": { + "type": "string" + }, + "aws-native:iot:SecurityProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iot:SoftwarePackageTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:iot:SoftwarePackageVersionPackageVersionStatus": { + "type": "string" + }, + "aws-native:iot:SoftwarePackageVersionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:iot:ThingAttributePayload": { + "type": "object", + "properties": { + "attributes": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`" + } + } + }, + "aws-native:iot:ThingGroupAttributePayload": { + "type": "object", + "properties": { + "attributes": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`" + } + } + }, + "aws-native:iot:ThingGroupPropertiesProperties": { + "type": "object", + "properties": { + "attributePayload": { + "$ref": "#/types/aws-native:iot:ThingGroupAttributePayload", + "description": "The thing group attributes in JSON format." + }, + "thingGroupDescription": { + "type": "string", + "description": "The thing group description." + } + } + }, + "aws-native:iot:ThingGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:iot:ThingTypePropertiesProperties": { + "type": "object", + "properties": { + "searchableAttributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of searchable thing attribute names." + }, + "thingTypeDescription": { + "type": "string", + "description": "The description of the thing type." + } + } + }, + "aws-native:iot:ThingTypeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:iot:TimeoutConfigProperties": { + "type": "object", + "properties": { + "inProgressTimeoutInMinutes": { + "type": "integer", + "description": "Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal `TIMED_OUT` status." + } + } + }, + "aws-native:iot:TopicRuleAction": { + "type": "object", + "properties": { + "cloudwatchAlarm": { + "$ref": "#/types/aws-native:iot:TopicRuleCloudwatchAlarmAction", + "description": "Change the state of a CloudWatch alarm." + }, + "cloudwatchLogs": { + "$ref": "#/types/aws-native:iot:TopicRuleCloudwatchLogsAction", + "description": "Sends data to CloudWatch." + }, + "cloudwatchMetric": { + "$ref": "#/types/aws-native:iot:TopicRuleCloudwatchMetricAction", + "description": "Capture a CloudWatch metric." + }, + "dynamoDBv2": { + "$ref": "#/types/aws-native:iot:TopicRuleDynamoDBv2Action", + "description": "Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column." + }, + "dynamoDb": { + "$ref": "#/types/aws-native:iot:TopicRuleDynamoDbAction", + "description": "Write to a DynamoDB table." + }, + "elasticsearch": { + "$ref": "#/types/aws-native:iot:TopicRuleElasticsearchAction", + "description": "Write data to an Amazon OpenSearch Service domain.\n\n\u003e The `Elasticsearch` action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the `OpenSearch` rule action instead. For more information, see [OpenSearchAction](https://docs.aws.amazon.com//iot/latest/apireference/API_OpenSearchAction.html) ." + }, + "firehose": { + "$ref": "#/types/aws-native:iot:TopicRuleFirehoseAction", + "description": "Write to an Amazon Kinesis Firehose stream." + }, + "http": { + "$ref": "#/types/aws-native:iot:TopicRuleHttpAction", + "description": "Send data to an HTTPS endpoint." + }, + "iotAnalytics": { + "$ref": "#/types/aws-native:iot:TopicRuleIotAnalyticsAction", + "description": "Sends message data to an AWS IoT Analytics channel." + }, + "iotEvents": { + "$ref": "#/types/aws-native:iot:TopicRuleIotEventsAction", + "description": "Sends an input to an AWS IoT Events detector." + }, + "iotSiteWise": { + "$ref": "#/types/aws-native:iot:TopicRuleIotSiteWiseAction", + "description": "Sends data from the MQTT message that triggered the rule to AWS IoT SiteWise asset properties." + }, + "kafka": { + "$ref": "#/types/aws-native:iot:TopicRuleKafkaAction", + "description": "Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster." + }, + "kinesis": { + "$ref": "#/types/aws-native:iot:TopicRuleKinesisAction", + "description": "Write data to an Amazon Kinesis stream." + }, + "lambda": { + "$ref": "#/types/aws-native:iot:TopicRuleLambdaAction", + "description": "Invoke a Lambda function." + }, + "location": { + "$ref": "#/types/aws-native:iot:TopicRuleLocationAction", + "description": "Sends device location data to [Amazon Location Service](https://docs.aws.amazon.com//location/latest/developerguide/welcome.html) ." + }, + "openSearch": { + "$ref": "#/types/aws-native:iot:TopicRuleOpenSearchAction", + "description": "Write data to an Amazon OpenSearch Service domain." + }, + "republish": { + "$ref": "#/types/aws-native:iot:TopicRuleRepublishAction", + "description": "Publish to another MQTT topic." + }, + "s3": { + "$ref": "#/types/aws-native:iot:TopicRuleS3Action", + "description": "Write to an Amazon S3 bucket." + }, + "sns": { + "$ref": "#/types/aws-native:iot:TopicRuleSnsAction", + "description": "Publish to an Amazon SNS topic." + }, + "sqs": { + "$ref": "#/types/aws-native:iot:TopicRuleSqsAction", + "description": "Publish to an Amazon SQS queue." + }, + "stepFunctions": { + "$ref": "#/types/aws-native:iot:TopicRuleStepFunctionsAction", + "description": "Starts execution of a Step Functions state machine." + }, + "timestream": { + "$ref": "#/types/aws-native:iot:TopicRuleTimestreamAction", + "description": "Writes attributes from an MQTT message." + } + }, + "irreversibleNames": { + "dynamoDb": "DynamoDB", + "s3": "S3" + } + }, + "aws-native:iot:TopicRuleAssetPropertyTimestamp": { + "type": "object", + "properties": { + "offsetInNanos": { + "type": "string", + "description": "Optional. A string that contains the nanosecond time offset. Accepts substitution templates." + }, + "timeInSeconds": { + "type": "string", + "description": "A string that contains the time in seconds since epoch. Accepts substitution templates." + } + } + }, + "aws-native:iot:TopicRuleAssetPropertyValue": { + "type": "object", + "properties": { + "quality": { + "type": "string", + "description": "Optional. A string that describes the quality of the value. Accepts substitution templates. Must be `GOOD` , `BAD` , or `UNCERTAIN` ." + }, + "timestamp": { + "$ref": "#/types/aws-native:iot:TopicRuleAssetPropertyTimestamp", + "description": "The asset property value timestamp." + }, + "value": { + "$ref": "#/types/aws-native:iot:TopicRuleAssetPropertyVariant", + "description": "The value of the asset property." + } + } + }, + "aws-native:iot:TopicRuleAssetPropertyVariant": { + "type": "object", + "properties": { + "booleanValue": { + "type": "string", + "description": "Optional. A string that contains the boolean value ( `true` or `false` ) of the value entry. Accepts substitution templates." + }, + "doubleValue": { + "type": "string", + "description": "Optional. A string that contains the double value of the value entry. Accepts substitution templates." + }, + "integerValue": { + "type": "string", + "description": "Optional. A string that contains the integer value of the value entry. Accepts substitution templates." + }, + "stringValue": { + "type": "string", + "description": "Optional. The string value of the value entry. Accepts substitution templates." + } + } + }, + "aws-native:iot:TopicRuleCannedAccessControlList": { + "type": "string" + }, + "aws-native:iot:TopicRuleCloudwatchAlarmAction": { + "type": "object", + "properties": { + "alarmName": { + "type": "string", + "description": "The CloudWatch alarm name." + }, + "roleArn": { + "type": "string", + "description": "The IAM role that allows access to the CloudWatch alarm." + }, + "stateReason": { + "type": "string", + "description": "The reason for the alarm change." + }, + "stateValue": { + "type": "string", + "description": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA." + } + } + }, + "aws-native:iot:TopicRuleCloudwatchLogsAction": { + "type": "object", + "properties": { + "batchMode": { + "type": "boolean", + "description": "Indicates whether batches of log records will be extracted and uploaded into CloudWatch." + }, + "logGroupName": { + "type": "string", + "description": "The CloudWatch log name." + }, + "roleArn": { + "type": "string", + "description": "The IAM role that allows access to the CloudWatch log." + } + } + }, + "aws-native:iot:TopicRuleCloudwatchMetricAction": { + "type": "object", + "properties": { + "metricName": { + "type": "string", + "description": "The CloudWatch metric name." + }, + "metricNamespace": { + "type": "string", + "description": "The CloudWatch metric namespace name." + }, + "metricTimestamp": { + "type": "string", + "description": "An optional [Unix timestamp](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp) ." + }, + "metricUnit": { + "type": "string", + "description": "The [metric unit](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) supported by CloudWatch." + }, + "metricValue": { + "type": "string", + "description": "The CloudWatch metric value." + }, + "roleArn": { + "type": "string", + "description": "The IAM role that allows access to the CloudWatch metric." + } + } + }, + "aws-native:iot:TopicRuleDestinationHttpUrlDestinationSummary": { + "type": "object", + "properties": { + "confirmationUrl": { + "type": "string", + "description": "The URL used to confirm the HTTP topic rule destination URL." + } + } + }, + "aws-native:iot:TopicRuleDestinationStatus": { + "type": "string" + }, + "aws-native:iot:TopicRuleDestinationVpcDestinationProperties": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs)." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security groups of the VPC destination." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The subnet IDs of the VPC destination." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC." + } + } + }, + "aws-native:iot:TopicRuleDynamoDBv2Action": { + "type": "object", + "properties": { + "putItem": { + "$ref": "#/types/aws-native:iot:TopicRulePutItemInput", + "description": "Specifies the DynamoDB table to which the message data will be written. For example:\n\n`{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }`\n\nEach attribute in the message payload will be written to a separate column in the DynamoDB database." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that grants access to the DynamoDB table." + } + } + }, + "aws-native:iot:TopicRuleDynamoDbAction": { + "type": "object", + "properties": { + "hashKeyField": { + "type": "string", + "description": "The hash key name." + }, + "hashKeyType": { + "type": "string", + "description": "The hash key type. Valid values are \"STRING\" or \"NUMBER\"" + }, + "hashKeyValue": { + "type": "string", + "description": "The hash key value." + }, + "payloadField": { + "type": "string", + "description": "The action payload. This name can be customized." + }, + "rangeKeyField": { + "type": "string", + "description": "The range key name." + }, + "rangeKeyType": { + "type": "string", + "description": "The range key type. Valid values are \"STRING\" or \"NUMBER\"" + }, + "rangeKeyValue": { + "type": "string", + "description": "The range key value." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that grants access to the DynamoDB table." + }, + "tableName": { + "type": "string", + "description": "The name of the DynamoDB table." + } + } + }, + "aws-native:iot:TopicRuleElasticsearchAction": { + "type": "object", + "properties": { + "endpoint": { + "type": "string", + "description": "The endpoint of your OpenSearch domain." + }, + "id": { + "type": "string", + "description": "The unique identifier for the document you are storing." + }, + "index": { + "type": "string", + "description": "The index where you want to store your data." + }, + "roleArn": { + "type": "string", + "description": "The IAM role ARN that has access to OpenSearch." + }, + "type": { + "type": "string", + "description": "The type of document you are storing." + } + } + }, + "aws-native:iot:TopicRuleFirehoseAction": { + "type": "object", + "properties": { + "batchMode": { + "type": "boolean", + "description": "Whether to deliver the Kinesis Data Firehose stream as a batch by using [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) . The default value is `false` .\n\nWhen `batchMode` is `true` and the rule's SQL statement evaluates to an Array, each Array element forms one record in the [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) request. The resulting array can't have more than 500 records." + }, + "deliveryStreamName": { + "type": "string", + "description": "The delivery stream name." + }, + "roleArn": { + "type": "string", + "description": "The IAM role that grants access to the Amazon Kinesis Firehose stream." + }, + "separator": { + "type": "string", + "description": "A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma)." + } + } + }, + "aws-native:iot:TopicRuleHttpAction": { + "type": "object", + "properties": { + "auth": { + "$ref": "#/types/aws-native:iot:TopicRuleHttpAuthorization", + "description": "The authentication method to use when sending data to an HTTPS endpoint." + }, + "confirmationUrl": { + "type": "string", + "description": "The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL." + }, + "headers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:TopicRuleHttpActionHeader" + }, + "description": "The HTTP headers to send with the message data." + }, + "url": { + "type": "string", + "description": "The endpoint URL. If substitution templates are used in the URL, you must also specify a `confirmationUrl` . If this is a new destination, a new `TopicRuleDestination` is created if possible." + } + } + }, + "aws-native:iot:TopicRuleHttpActionHeader": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The HTTP header key." + }, + "value": { + "type": "string", + "description": "The HTTP header value. Substitution templates are supported." + } + } + }, + "aws-native:iot:TopicRuleHttpAuthorization": { + "type": "object", + "properties": { + "sigv4": { + "$ref": "#/types/aws-native:iot:TopicRuleSigV4Authorization", + "description": "Use Sig V4 authorization. For more information, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) ." + } + } + }, + "aws-native:iot:TopicRuleIotAnalyticsAction": { + "type": "object", + "properties": { + "batchMode": { + "type": "boolean", + "description": "Whether to process the action as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by [`BatchPutMessage`](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html) The resulting array can't have more than 100 messages." + }, + "channelName": { + "type": "string", + "description": "The name of the IoT Analytics channel to which message data will be sent." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage)." + } + } + }, + "aws-native:iot:TopicRuleIotEventsAction": { + "type": "object", + "properties": { + "batchMode": { + "type": "boolean", + "description": "Whether to process the event actions as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` , you can't specify a `messageId` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when Events by calling [`BatchPutMessage`](https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html) . The resulting array can't have more than 10 messages." + }, + "inputName": { + "type": "string", + "description": "The name of the AWS IoT Events input." + }, + "messageId": { + "type": "string", + "description": "The ID of the message. The default `messageId` is a new UUID value.\n\nWhen `batchMode` is `true` , you can't specify a `messageId` --a new UUID value will be assigned.\n\nAssign a value to this property to ensure that only one input (message) with a given `messageId` will be processed by an AWS IoT Events detector." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants AWS IoT permission to send an input to an AWS IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\")." + } + } + }, + "aws-native:iot:TopicRuleIotSiteWiseAction": { + "type": "object", + "properties": { + "putAssetPropertyValueEntries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:TopicRulePutAssetPropertyValueEntry" + }, + "description": "A list of asset property value entries." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants AWS IoT permission to send an asset property value to AWS IoT SiteWise. ( `\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"` ). The trust policy can restrict access to specific asset hierarchy paths." + } + } + }, + "aws-native:iot:TopicRuleKafkaAction": { + "type": "object", + "properties": { + "clientProperties": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Properties of the Apache Kafka producer client." + }, + "destinationArn": { + "type": "string", + "description": "The ARN of Kafka action's VPC `TopicRuleDestination` ." + }, + "headers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:TopicRuleKafkaActionHeader" + }, + "description": "The list of Kafka headers that you specify." + }, + "key": { + "type": "string", + "description": "The Kafka message key." + }, + "partition": { + "type": "string", + "description": "The Kafka message partition." + }, + "topic": { + "type": "string", + "description": "The Kafka topic for messages to be sent to the Kafka broker." + } + } + }, + "aws-native:iot:TopicRuleKafkaActionHeader": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the Kafka header." + }, + "value": { + "type": "string", + "description": "The value of the Kafka header." + } + } + }, + "aws-native:iot:TopicRuleKinesisAction": { + "type": "object", + "properties": { + "partitionKey": { + "type": "string", + "description": "The partition key." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that grants access to the Amazon Kinesis stream." + }, + "streamName": { + "type": "string", + "description": "The name of the Amazon Kinesis stream." + } + } + }, + "aws-native:iot:TopicRuleLambdaAction": { + "type": "object", + "properties": { + "functionArn": { + "type": "string", + "description": "The ARN of the Lambda function." + } + } + }, + "aws-native:iot:TopicRuleLocationAction": { + "type": "object", + "properties": { + "deviceId": { + "type": "string", + "description": "The unique ID of the device providing the location data." + }, + "latitude": { + "type": "string", + "description": "A string that evaluates to a double value that represents the latitude of the device's location." + }, + "longitude": { + "type": "string", + "description": "A string that evaluates to a double value that represents the longitude of the device's location." + }, + "roleArn": { + "type": "string", + "description": "The IAM role that grants permission to write to the Amazon Location resource." + }, + "timestamp": { + "$ref": "#/types/aws-native:iot:TopicRuleTimestamp", + "description": "The time that the location data was sampled. The default value is the time the MQTT message was processed." + }, + "trackerName": { + "type": "string", + "description": "The name of the tracker resource in Amazon Location in which the location is updated." + } + } + }, + "aws-native:iot:TopicRuleOpenSearchAction": { + "type": "object", + "properties": { + "endpoint": { + "type": "string", + "description": "The endpoint of your OpenSearch domain." + }, + "id": { + "type": "string", + "description": "The unique identifier for the document you are storing." + }, + "index": { + "type": "string", + "description": "The OpenSearch index where you want to store your data." + }, + "roleArn": { + "type": "string", + "description": "The IAM role ARN that has access to OpenSearch." + }, + "type": { + "type": "string", + "description": "The type of document you are storing." + } + } + }, + "aws-native:iot:TopicRulePayload": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:TopicRuleAction" + }, + "description": "The actions associated with the rule." + }, + "awsIotSqlVersion": { + "type": "string", + "description": "The version of the SQL rules engine to use when evaluating the rule.\n\nThe default value is 2015-10-08." + }, + "description": { + "type": "string", + "description": "The description of the rule." + }, + "errorAction": { + "$ref": "#/types/aws-native:iot:TopicRuleAction", + "description": "The action to take when an error occurs." + }, + "ruleDisabled": { + "type": "boolean", + "description": "Specifies whether the rule is disabled." + }, + "sql": { + "type": "string", + "description": "The SQL statement used to query the topic. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html) in the *AWS IoT Developer Guide* ." + } + } + }, + "aws-native:iot:TopicRulePutAssetPropertyValueEntry": { + "type": "object", + "properties": { + "assetId": { + "type": "string", + "description": "The ID of the AWS IoT SiteWise asset. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates." + }, + "entryId": { + "type": "string", + "description": "Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID." + }, + "propertyAlias": { + "type": "string", + "description": "The name of the property alias associated with your asset property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates." + }, + "propertyId": { + "type": "string", + "description": "The ID of the asset's property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates." + }, + "propertyValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:TopicRuleAssetPropertyValue" + }, + "description": "A list of property values to insert that each contain timestamp, quality, and value (TQV) information." + } + } + }, + "aws-native:iot:TopicRulePutItemInput": { + "type": "object", + "properties": { + "tableName": { + "type": "string", + "description": "The table where the message data will be written." + } + } + }, + "aws-native:iot:TopicRuleRepublishAction": { + "type": "object", + "properties": { + "headers": { + "$ref": "#/types/aws-native:iot:TopicRuleRepublishActionHeaders", + "description": "MQTT Version 5.0 headers information. For more information, see [MQTT](https://docs.aws.amazon.com//iot/latest/developerguide/mqtt.html) in the IoT Core Developer Guide." + }, + "qos": { + "type": "integer", + "description": "The Quality of Service (QoS) level to use when republishing messages. The default value is 0." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that grants access." + }, + "topic": { + "type": "string", + "description": "The name of the MQTT topic." + } + } + }, + "aws-native:iot:TopicRuleRepublishActionHeaders": { + "type": "object", + "properties": { + "contentType": { + "type": "string", + "description": "A UTF-8 encoded string that describes the content of the publishing message.\n\nFor more information, see [Content Type](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) ." + }, + "correlationData": { + "type": "string", + "description": "The base64-encoded binary data used by the sender of the request message to identify which request the response message is for.\n\nFor more information, see [Correlation Data](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .\n\n\u003e This binary data must be base64-encoded." + }, + "messageExpiry": { + "type": "string", + "description": "A user-defined integer value that represents the message expiry interval at the broker. If the messages haven't been sent to the subscribers within that interval, the message expires and is removed. The value of `messageExpiry` represents the number of seconds before it expires. For more information about the limits of `messageExpiry` , see [Message broker and protocol limits and quotas](https://docs.aws.amazon.com//general/latest/gr/iot-core.html#limits_iot) in the IoT Core Reference Guide.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) ." + }, + "payloadFormatIndicator": { + "type": "string", + "description": "An `Enum` string value that indicates whether the payload is formatted as UTF-8.\n\nValid values are `UNSPECIFIED_BYTES` and `UTF8_DATA` .\n\nFor more information, see [Payload Format Indicator](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111) from the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) ." + }, + "responseTopic": { + "type": "string", + "description": "A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic to which the receiver should publish as part of the request-response flow. The topic must not contain wildcard characters.\n\nFor more information, see [Response Topic](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) ." + }, + "userProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:TopicRuleUserProperty" + }, + "description": "An array of key-value pairs that you define in the MQTT5 header." + } + } + }, + "aws-native:iot:TopicRuleS3Action": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The Amazon S3 bucket." + }, + "cannedAcl": { + "$ref": "#/types/aws-native:iot:TopicRuleCannedAccessControlList", + "description": "The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see [S3 canned ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) ." + }, + "key": { + "type": "string", + "description": "The object key. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) ." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that grants access." + } + } + }, + "aws-native:iot:TopicRuleSigV4Authorization": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "The ARN of the signing role." + }, + "serviceName": { + "type": "string", + "description": "The service name to use while signing with Sig V4." + }, + "signingRegion": { + "type": "string", + "description": "The signing region." + } + } + }, + "aws-native:iot:TopicRuleSnsAction": { + "type": "object", + "properties": { + "messageFormat": { + "type": "string", + "description": "(Optional) The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. For more information, see [Amazon SNS Message and JSON Formats](https://docs.aws.amazon.com/sns/latest/dg/json-formats.html) in the *Amazon Simple Notification Service Developer Guide* ." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that grants access." + }, + "targetArn": { + "type": "string", + "description": "The ARN of the SNS topic." + } + } + }, + "aws-native:iot:TopicRuleSqsAction": { + "type": "object", + "properties": { + "queueUrl": { + "type": "string", + "description": "The URL of the Amazon SQS queue." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that grants access." + }, + "useBase64": { + "type": "boolean", + "description": "Specifies whether to use Base64 encoding." + } + }, + "irreversibleNames": { + "useBase64": "UseBase64" + } + }, + "aws-native:iot:TopicRuleStepFunctionsAction": { + "type": "object", + "properties": { + "executionNamePrefix": { + "type": "string", + "description": "(Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\")." + }, + "stateMachineName": { + "type": "string", + "description": "The name of the Step Functions state machine whose execution will be started." + } + } + }, + "aws-native:iot:TopicRuleTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iot:TopicRuleTimestamp": { + "type": "object", + "properties": { + "unit": { + "type": "string", + "description": "The precision of the timestamp value that results from the expression described in `value` ." + }, + "value": { + "type": "string", + "description": "An expression that returns a long epoch time value." + } + } + }, + "aws-native:iot:TopicRuleTimestreamAction": { + "type": "object", + "properties": { + "databaseName": { + "type": "string", + "description": "The name of an Amazon Timestream database that has the table to write records into." + }, + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iot:TopicRuleTimestreamDimension" + }, + "description": "Metadata attributes of the time series that are written in each measure record." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the role that grants AWS IoT permission to write to the Timestream database table." + }, + "tableName": { + "type": "string", + "description": "The table where the message data will be written." + }, + "timestamp": { + "$ref": "#/types/aws-native:iot:TopicRuleTimestreamTimestamp", + "description": "The value to use for the entry's timestamp. If blank, the time that the entry was processed is used." + } + } + }, + "aws-native:iot:TopicRuleTimestreamDimension": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:iot:TopicRuleTimestreamTimestamp": { + "type": "object", + "properties": { + "unit": { + "type": "string", + "description": "The precision of the timestamp value that results from the expression described in `value` ." + }, + "value": { + "type": "string", + "description": "An expression that returns a long epoch time value." + } + } + }, + "aws-native:iot:TopicRuleUserProperty": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:iotanalytics:ChannelCustomerManagedS3": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the S3 bucket in which channel data is stored." + }, + "keyPrefix": { + "type": "string", + "description": "(Optional) The prefix used to create the keys of the channel data objects. Each object in an S3 bucket has a key that is its unique identifier within the bucket (each object in a bucket has exactly one key). The prefix must end with a forward slash (/)." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources." + } + } + }, + "aws-native:iotanalytics:ChannelRetentionPeriod": { + "type": "object", + "properties": { + "numberOfDays": { + "type": "integer", + "description": "The number of days that message data is kept. The `unlimited` parameter must be false." + }, + "unlimited": { + "type": "boolean", + "description": "If true, message data is kept indefinitely." + } + } + }, + "aws-native:iotanalytics:ChannelServiceManagedS3": { + "type": "object" + }, + "aws-native:iotanalytics:ChannelStorage": { + "type": "object", + "properties": { + "customerManagedS3": { + "$ref": "#/types/aws-native:iotanalytics:ChannelCustomerManagedS3", + "description": "Used to store channel data in an S3 bucket that you manage. If customer managed storage is selected, the `retentionPeriod` parameter is ignored. You can't change the choice of S3 storage after the data store is created." + }, + "serviceManagedS3": { + "$ref": "#/types/aws-native:iotanalytics:ChannelServiceManagedS3", + "description": "Used to store channel data in an S3 bucket managed by AWS IoT Analytics . You can't change the choice of S3 storage after the data store is created." + } + }, + "irreversibleNames": { + "customerManagedS3": "CustomerManagedS3", + "serviceManagedS3": "ServiceManagedS3" + } + }, + "aws-native:iotanalytics:ChannelTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iotanalytics:DatasetAction": { + "type": "object", + "properties": { + "actionName": { + "type": "string", + "description": "The name of the data set action by which data set contents are automatically created." + }, + "containerAction": { + "$ref": "#/types/aws-native:iotanalytics:DatasetContainerAction", + "description": "Information which allows the system to run a containerized application in order to create the data set contents. The application must be in a Docker container along with any needed support libraries." + }, + "queryAction": { + "$ref": "#/types/aws-native:iotanalytics:DatasetQueryAction", + "description": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents." + } + } + }, + "aws-native:iotanalytics:DatasetContainerAction": { + "type": "object", + "properties": { + "executionRoleArn": { + "type": "string", + "description": "The ARN of the role which gives permission to the system to access needed resources in order to run the \"containerAction\". This includes, at minimum, permission to retrieve the data set contents which are the input to the containerized application." + }, + "image": { + "type": "string", + "description": "The ARN of the Docker container stored in your account. The Docker container contains an application and needed support libraries and is used to generate data set contents." + }, + "resourceConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatasetResourceConfiguration", + "description": "Configuration of the resource which executes the \"containerAction\"." + }, + "variables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatasetVariable" + }, + "description": "The values of variables used within the context of the execution of the containerized application (basically, parameters passed to the application). Each variable must have a name and a value given by one of \"stringValue\", \"datasetContentVersionValue\", or \"outputFileUriValue\"." + } + } + }, + "aws-native:iotanalytics:DatasetContentDeliveryRule": { + "type": "object", + "properties": { + "destination": { + "$ref": "#/types/aws-native:iotanalytics:DatasetContentDeliveryRuleDestination", + "description": "The destination to which dataset contents are delivered." + }, + "entryName": { + "type": "string", + "description": "The name of the dataset content delivery rules entry." + } + } + }, + "aws-native:iotanalytics:DatasetContentDeliveryRuleDestination": { + "type": "object", + "properties": { + "iotEventsDestinationConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatasetIotEventsDestinationConfiguration", + "description": "Configuration information for delivery of dataset contents to AWS IoT Events ." + }, + "s3DestinationConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatasetS3DestinationConfiguration", + "description": "Configuration information for delivery of dataset contents to Amazon S3." + } + }, + "irreversibleNames": { + "s3DestinationConfiguration": "S3DestinationConfiguration" + } + }, + "aws-native:iotanalytics:DatasetContentVersionValue": { + "type": "object", + "properties": { + "datasetName": { + "type": "string", + "description": "The name of the dataset whose latest contents are used as input to the notebook or application." + } + } + }, + "aws-native:iotanalytics:DatasetDeltaTime": { + "type": "object", + "properties": { + "offsetSeconds": { + "type": "integer", + "description": "The number of seconds of estimated in-flight lag time of message data. When you create dataset contents using message data from a specified timeframe, some message data might still be in flight when processing begins, and so do not arrive in time to be processed. Use this field to make allowances for the in flight time of your message data, so that data not processed from a previous timeframe is included with the next timeframe. Otherwise, missed message data would be excluded from processing during the next timeframe too, because its timestamp places it within the previous timeframe." + }, + "timeExpression": { + "type": "string", + "description": "An expression by which the time of the message data might be determined. This can be the name of a timestamp field or a SQL expression that is used to derive the time the message data was generated." + } + } + }, + "aws-native:iotanalytics:DatasetDeltaTimeSessionWindowConfiguration": { + "type": "object", + "properties": { + "timeoutInMinutes": { + "type": "integer", + "description": "A time interval. You can use `timeoutInMinutes` so that AWS IoT Analytics can batch up late data notifications that have been generated since the last execution. AWS IoT Analytics sends one batch of notifications to Amazon CloudWatch Events at one time.\n\nFor more information about how to write a timestamp expression, see [Date and Time Functions and Operators](https://docs.aws.amazon.com/https://prestodb.io/docs/current/functions/datetime.html) , in the *Presto 0.172 Documentation* ." + } + } + }, + "aws-native:iotanalytics:DatasetFilter": { + "type": "object", + "properties": { + "deltaTime": { + "$ref": "#/types/aws-native:iotanalytics:DatasetDeltaTime", + "description": "Used to limit data to that which has arrived since the last execution of the action." + } + } + }, + "aws-native:iotanalytics:DatasetGlueConfiguration": { + "type": "object", + "properties": { + "databaseName": { + "type": "string", + "description": "The name of the database in your AWS Glue Data Catalog in which the table is located. An AWS Glue Data Catalog database contains metadata tables." + }, + "tableName": { + "type": "string", + "description": "The name of the table in your AWS Glue Data Catalog that is used to perform the ETL operations. An AWS Glue Data Catalog table contains partitioned data and descriptions of data sources and targets." + } + } + }, + "aws-native:iotanalytics:DatasetIotEventsDestinationConfiguration": { + "type": "object", + "properties": { + "inputName": { + "type": "string", + "description": "The name of the AWS IoT Events input to which dataset contents are delivered." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants AWS IoT Analytics permission to deliver dataset contents to an AWS IoT Events input." + } + } + }, + "aws-native:iotanalytics:DatasetLateDataRule": { + "type": "object", + "properties": { + "ruleConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatasetLateDataRuleConfiguration", + "description": "The information needed to configure the late data rule." + }, + "ruleName": { + "type": "string", + "description": "The name of the late data rule." + } + } + }, + "aws-native:iotanalytics:DatasetLateDataRuleConfiguration": { + "type": "object", + "properties": { + "deltaTimeSessionWindowConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatasetDeltaTimeSessionWindowConfiguration", + "description": "The information needed to configure a delta time session window." + } + } + }, + "aws-native:iotanalytics:DatasetOutputFileUriValue": { + "type": "object", + "properties": { + "fileName": { + "type": "string", + "description": "The URI of the location where dataset contents are stored, usually the URI of a file in an S3 bucket." + } + } + }, + "aws-native:iotanalytics:DatasetQueryAction": { + "type": "object", + "properties": { + "filters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatasetFilter" + }, + "description": "Pre-filters applied to message data." + }, + "sqlQuery": { + "type": "string", + "description": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents." + } + } + }, + "aws-native:iotanalytics:DatasetResourceConfiguration": { + "type": "object", + "properties": { + "computeType": { + "$ref": "#/types/aws-native:iotanalytics:DatasetResourceConfigurationComputeType", + "description": "The type of the compute resource used to execute the `containerAction` . Possible values are: `ACU_1` (vCPU=4, memory=16 GiB) or `ACU_2` (vCPU=8, memory=32 GiB)." + }, + "volumeSizeInGb": { + "type": "integer", + "description": "The size, in GB, of the persistent storage available to the resource instance used to execute the `containerAction` (min: 1, max: 50)." + } + }, + "irreversibleNames": { + "volumeSizeInGb": "VolumeSizeInGB" + } + }, + "aws-native:iotanalytics:DatasetResourceConfigurationComputeType": { + "type": "string" + }, + "aws-native:iotanalytics:DatasetRetentionPeriod": { + "type": "object", + "properties": { + "numberOfDays": { + "type": "integer", + "description": "The number of days that message data is kept. The `unlimited` parameter must be false." + }, + "unlimited": { + "type": "boolean", + "description": "If true, message data is kept indefinitely." + } + } + }, + "aws-native:iotanalytics:DatasetS3DestinationConfiguration": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the S3 bucket to which dataset contents are delivered." + }, + "glueConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatasetGlueConfiguration", + "description": "Configuration information for coordination with AWS Glue , a fully managed extract, transform and load (ETL) service." + }, + "key": { + "type": "string", + "description": "The key of the dataset contents object in an S3 bucket. Each object has a key that is a unique identifier. Each object has exactly one key.\n\nYou can create a unique key with the following options:\n\n- Use `!{iotanalytics:scheduleTime}` to insert the time of a scheduled SQL query run.\n- Use `!{iotanalytics:versionId}` to insert a unique hash that identifies a dataset content.\n- Use `!{iotanalytics:creationTime}` to insert the creation time of a dataset content.\n\nThe following example creates a unique key for a CSV file: `dataset/mydataset/!{iotanalytics:scheduleTime}/!{iotanalytics:versionId}.csv`\n\n\u003e If you don't use `!{iotanalytics:versionId}` to specify the key, you might get duplicate keys. For example, you might have two dataset contents with the same `scheduleTime` but different `versionId` s. This means that one dataset content overwrites the other." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 and AWS Glue resources." + } + } + }, + "aws-native:iotanalytics:DatasetSchedule": { + "type": "object", + "properties": { + "scheduleExpression": { + "type": "string", + "description": "The expression that defines when to trigger an update. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html) in the Amazon CloudWatch documentation." + } + } + }, + "aws-native:iotanalytics:DatasetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iotanalytics:DatasetTrigger": { + "type": "object", + "properties": { + "schedule": { + "$ref": "#/types/aws-native:iotanalytics:DatasetSchedule", + "description": "The \"Schedule\" when the trigger is initiated." + }, + "triggeringDataset": { + "$ref": "#/types/aws-native:iotanalytics:DatasetTriggeringDataset", + "description": "Information about the data set whose content generation triggers the new data set content generation." + } + } + }, + "aws-native:iotanalytics:DatasetTriggeringDataset": { + "type": "object", + "properties": { + "datasetName": { + "type": "string", + "description": "The name of the data set whose content generation triggers the new data set content generation." + } + } + }, + "aws-native:iotanalytics:DatasetVariable": { + "type": "object", + "properties": { + "datasetContentVersionValue": { + "$ref": "#/types/aws-native:iotanalytics:DatasetContentVersionValue", + "description": "The value of the variable as a structure that specifies a dataset content version." + }, + "doubleValue": { + "type": "number", + "description": "The value of the variable as a double (numeric)." + }, + "outputFileUriValue": { + "$ref": "#/types/aws-native:iotanalytics:DatasetOutputFileUriValue", + "description": "The value of the variable as a structure that specifies an output file URI." + }, + "stringValue": { + "type": "string", + "description": "The value of the variable as a string." + }, + "variableName": { + "type": "string", + "description": "The name of the variable." + } + } + }, + "aws-native:iotanalytics:DatasetVersioningConfiguration": { + "type": "object", + "properties": { + "maxVersions": { + "type": "integer", + "description": "How many versions of dataset contents are kept. The `unlimited` parameter must be `false` ." + }, + "unlimited": { + "type": "boolean", + "description": "If true, unlimited versions of dataset contents are kept." + } + } + }, + "aws-native:iotanalytics:DatastoreColumn": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the column." + }, + "type": { + "type": "string", + "description": "The type of data. For more information about the supported data types, see [Common data types](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-common.html) in the *AWS Glue Developer Guide* ." + } + } + }, + "aws-native:iotanalytics:DatastoreCustomerManagedS3": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the Amazon S3 bucket where your data is stored." + }, + "keyPrefix": { + "type": "string", + "description": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/)." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources." + } + } + }, + "aws-native:iotanalytics:DatastoreCustomerManagedS3Storage": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the Amazon S3 bucket where your data is stored." + }, + "keyPrefix": { + "type": "string", + "description": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/)." + } + } + }, + "aws-native:iotanalytics:DatastoreFileFormatConfiguration": { + "type": "object", + "properties": { + "jsonConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreJsonConfiguration", + "description": "Contains the configuration information of the JSON format." + }, + "parquetConfiguration": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreParquetConfiguration", + "description": "Contains the configuration information of the Parquet format." + } + } + }, + "aws-native:iotanalytics:DatastoreIotSiteWiseMultiLayerStorage": { + "type": "object", + "properties": { + "customerManagedS3Storage": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreCustomerManagedS3Storage", + "description": "Stores data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage." + } + }, + "irreversibleNames": { + "customerManagedS3Storage": "CustomerManagedS3Storage" + } + }, + "aws-native:iotanalytics:DatastoreJsonConfiguration": { + "type": "object" + }, + "aws-native:iotanalytics:DatastoreParquetConfiguration": { + "type": "object", + "properties": { + "schemaDefinition": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreSchemaDefinition", + "description": "Information needed to define a schema." + } + } + }, + "aws-native:iotanalytics:DatastorePartition": { + "type": "object", + "properties": { + "partition": { + "$ref": "#/types/aws-native:iotanalytics:Partition", + "description": "A partition dimension defined by an attribute." + }, + "timestampPartition": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreTimestampPartition", + "description": "A partition dimension defined by a timestamp attribute." + } + } + }, + "aws-native:iotanalytics:DatastorePartitions": { + "type": "object", + "properties": { + "partitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatastorePartition" + }, + "description": "A list of partition dimensions in a data store." + } + } + }, + "aws-native:iotanalytics:DatastoreRetentionPeriod": { + "type": "object", + "properties": { + "numberOfDays": { + "type": "integer", + "description": "The number of days that message data is kept. The `unlimited` parameter must be false." + }, + "unlimited": { + "type": "boolean", + "description": "If true, message data is kept indefinitely." + } + } + }, + "aws-native:iotanalytics:DatastoreSchemaDefinition": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreColumn" + }, + "description": "Specifies one or more columns that store your data.\n\nEach schema can have up to 100 columns. Each column can have up to 100 nested types." + } + } + }, + "aws-native:iotanalytics:DatastoreServiceManagedS3": { + "type": "object" + }, + "aws-native:iotanalytics:DatastoreStorage": { + "type": "object", + "properties": { + "customerManagedS3": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreCustomerManagedS3", + "description": "Use this to store data store data in an S3 bucket that you manage. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store." + }, + "iotSiteWiseMultiLayerStorage": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreIotSiteWiseMultiLayerStorage", + "description": "Use this to store data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. You can't change the choice of Amazon S3 storage after your data store is created." + }, + "serviceManagedS3": { + "$ref": "#/types/aws-native:iotanalytics:DatastoreServiceManagedS3", + "description": "Use this to store data store data in an S3 bucket managed by the AWS IoT Analytics service. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store." + } + }, + "irreversibleNames": { + "customerManagedS3": "CustomerManagedS3", + "serviceManagedS3": "ServiceManagedS3" + } + }, + "aws-native:iotanalytics:DatastoreTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iotanalytics:DatastoreTimestampPartition": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "The attribute name of the partition defined by a timestamp." + }, + "timestampFormat": { + "type": "string", + "description": "The timestamp format of a partition defined by a timestamp. The default format is seconds since epoch (January 1, 1970 at midnight UTC time)." + } + } + }, + "aws-native:iotanalytics:Partition": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "The name of the attribute that defines a partition dimension." + } + } + }, + "aws-native:iotanalytics:PipelineActivity": { + "type": "object", + "properties": { + "addAttributes": { + "$ref": "#/types/aws-native:iotanalytics:PipelineAddAttributes", + "description": "Adds other attributes based on existing attributes in the message." + }, + "channel": { + "$ref": "#/types/aws-native:iotanalytics:PipelineChannel", + "description": "Determines the source of the messages to be processed." + }, + "datastore": { + "$ref": "#/types/aws-native:iotanalytics:PipelineDatastore", + "description": "Specifies where to store the processed message data." + }, + "deviceRegistryEnrich": { + "$ref": "#/types/aws-native:iotanalytics:PipelineDeviceRegistryEnrich", + "description": "Adds data from the AWS IoT device registry to your message." + }, + "deviceShadowEnrich": { + "$ref": "#/types/aws-native:iotanalytics:PipelineDeviceShadowEnrich", + "description": "Adds information from the AWS IoT Device Shadows service to a message." + }, + "filter": { + "$ref": "#/types/aws-native:iotanalytics:PipelineFilter", + "description": "Filters a message based on its attributes." + }, + "lambda": { + "$ref": "#/types/aws-native:iotanalytics:PipelineLambda", + "description": "Runs a Lambda function to modify the message." + }, + "math": { + "$ref": "#/types/aws-native:iotanalytics:PipelineMath", + "description": "Computes an arithmetic expression using the message's attributes and adds it to the message." + }, + "removeAttributes": { + "$ref": "#/types/aws-native:iotanalytics:PipelineRemoveAttributes", + "description": "Removes attributes from a message." + }, + "selectAttributes": { + "$ref": "#/types/aws-native:iotanalytics:PipelineSelectAttributes", + "description": "Creates a new message using only the specified attributes from the original message." + } + } + }, + "aws-native:iotanalytics:PipelineAddAttributes": { + "type": "object", + "properties": { + "attributes": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A list of 1-50 \"AttributeNameMapping\" objects that map an existing attribute to a new attribute.\n\n\u003e The existing attributes remain in the message, so if you want to remove the originals, use \"RemoveAttributeActivity\"." + }, + "name": { + "type": "string", + "description": "The name of the 'addAttributes' activity." + }, + "next": { + "type": "string", + "description": "The next activity in the pipeline." + } + } + }, + "aws-native:iotanalytics:PipelineChannel": { + "type": "object", + "properties": { + "channelName": { + "type": "string", + "description": "The name of the channel from which the messages are processed." + }, + "name": { + "type": "string", + "description": "The name of the 'channel' activity." + }, + "next": { + "type": "string", + "description": "The next activity in the pipeline." + } + } + }, + "aws-native:iotanalytics:PipelineDatastore": { + "type": "object", + "properties": { + "datastoreName": { + "type": "string", + "description": "The name of the data store where processed messages are stored." + }, + "name": { + "type": "string", + "description": "The name of the datastore activity." + } + } + }, + "aws-native:iotanalytics:PipelineDeviceRegistryEnrich": { + "type": "object", + "properties": { + "attribute": { + "type": "string", + "description": "The name of the attribute that is added to the message." + }, + "name": { + "type": "string", + "description": "The name of the 'deviceRegistryEnrich' activity." + }, + "next": { + "type": "string", + "description": "The next activity in the pipeline." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that allows access to the device's registry information." + }, + "thingName": { + "type": "string", + "description": "The name of the IoT device whose registry information is added to the message." + } + } + }, + "aws-native:iotanalytics:PipelineDeviceShadowEnrich": { + "type": "object", + "properties": { + "attribute": { + "type": "string", + "description": "The name of the attribute that is added to the message." + }, + "name": { + "type": "string", + "description": "The name of the 'deviceShadowEnrich' activity." + }, + "next": { + "type": "string", + "description": "The next activity in the pipeline." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that allows access to the device's shadow." + }, + "thingName": { + "type": "string", + "description": "The name of the IoT device whose shadow information is added to the message." + } + } + }, + "aws-native:iotanalytics:PipelineFilter": { + "type": "object", + "properties": { + "filter": { + "type": "string", + "description": "An expression that looks like an SQL WHERE clause that must return a Boolean value." + }, + "name": { + "type": "string", + "description": "The name of the 'filter' activity." + }, + "next": { + "type": "string", + "description": "The next activity in the pipeline." + } + } + }, + "aws-native:iotanalytics:PipelineLambda": { + "type": "object", + "properties": { + "batchSize": { + "type": "integer", + "description": "The number of messages passed to the Lambda function for processing.\n\nThe AWS Lambda function must be able to process all of these messages within five minutes, which is the maximum timeout duration for Lambda functions." + }, + "lambdaName": { + "type": "string", + "description": "The name of the Lambda function that is run on the message." + }, + "name": { + "type": "string", + "description": "The name of the 'lambda' activity." + }, + "next": { + "type": "string", + "description": "The next activity in the pipeline." + } + } + }, + "aws-native:iotanalytics:PipelineMath": { + "type": "object", + "properties": { + "attribute": { + "type": "string", + "description": "The name of the attribute that contains the result of the math operation." + }, + "math": { + "type": "string", + "description": "An expression that uses one or more existing attributes and must return an integer value." + }, + "name": { + "type": "string", + "description": "The name of the 'math' activity." + }, + "next": { + "type": "string", + "description": "The next activity in the pipeline." + } + } + }, + "aws-native:iotanalytics:PipelineRemoveAttributes": { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of 1-50 attributes to remove from the message." + }, + "name": { + "type": "string", + "description": "The name of the 'removeAttributes' activity." + }, + "next": { + "type": "string", + "description": "The next activity in the pipeline." + } + } + }, + "aws-native:iotanalytics:PipelineSelectAttributes": { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the attributes to select from the message." + }, + "name": { + "type": "string", + "description": "The name of the 'selectAttributes' activity." + }, + "next": { + "type": "string", + "description": "The next activity in the pipeline." + } + } + }, + "aws-native:iotanalytics:PipelineTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iotcoredeviceadvisor:SuiteDefinitionConfigurationProperties": { + "type": "object", + "properties": { + "devicePermissionRoleArn": { + "type": "string", + "description": "Gets the device permission ARN. This is a required parameter." + }, + "devices": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotcoredeviceadvisor:SuiteDefinitionDeviceUnderTest" + }, + "description": "Gets the devices configured." + }, + "intendedForQualification": { + "type": "boolean", + "description": "Gets the tests intended for qualification in a suite." + }, + "rootGroup": { + "type": "string", + "description": "Gets the test suite root group. This is a required parameter. For updating or creating the latest qualification suite, if `intendedForQualification` is set to true, `rootGroup` can be an empty string. If `intendedForQualification` is false, `rootGroup` cannot be an empty string. If `rootGroup` is empty, and `intendedForQualification` is set to true, all the qualification tests are included, and the configuration is default.\n\nFor a qualification suite, the minimum length is 0, and the maximum is 2048. For a non-qualification suite, the minimum length is 1, and the maximum is 2048." + }, + "suiteDefinitionName": { + "type": "string", + "description": "Gets the suite definition name. This is a required parameter." + } + } + }, + "aws-native:iotcoredeviceadvisor:SuiteDefinitionDeviceUnderTest": { + "type": "object", + "properties": { + "certificateArn": { + "type": "string" + }, + "thingArn": { + "type": "string" + } + } + }, + "aws-native:iotcoredeviceadvisor:SuiteDefinitionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:iotevents:AlarmModelAcknowledgeFlow": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "The value must be TRUE or FALSE. If TRUE, you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to NORMAL. If FALSE, you won't receive notifications. The alarm automatically changes to the NORMAL state when the input property value returns to the specified range." + } + } + }, + "aws-native:iotevents:AlarmModelAlarmAction": { + "type": "object", + "properties": { + "dynamoDBv2": { + "$ref": "#/types/aws-native:iotevents:AlarmModelDynamoDBv2" + }, + "dynamoDb": { + "$ref": "#/types/aws-native:iotevents:AlarmModelDynamoDb" + }, + "firehose": { + "$ref": "#/types/aws-native:iotevents:AlarmModelFirehose" + }, + "iotEvents": { + "$ref": "#/types/aws-native:iotevents:AlarmModelIotEvents" + }, + "iotSiteWise": { + "$ref": "#/types/aws-native:iotevents:AlarmModelIotSiteWise" + }, + "iotTopicPublish": { + "$ref": "#/types/aws-native:iotevents:AlarmModelIotTopicPublish" + }, + "lambda": { + "$ref": "#/types/aws-native:iotevents:AlarmModelLambda" + }, + "sns": { + "$ref": "#/types/aws-native:iotevents:AlarmModelSns" + }, + "sqs": { + "$ref": "#/types/aws-native:iotevents:AlarmModelSqs" + } + }, + "irreversibleNames": { + "dynamoDb": "DynamoDB" + } + }, + "aws-native:iotevents:AlarmModelAlarmCapabilities": { + "type": "object", + "properties": { + "acknowledgeFlow": { + "$ref": "#/types/aws-native:iotevents:AlarmModelAcknowledgeFlow", + "description": "Specifies whether to get notified for alarm state changes." + }, + "initializationConfiguration": { + "$ref": "#/types/aws-native:iotevents:AlarmModelInitializationConfiguration", + "description": "Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model." + } + } + }, + "aws-native:iotevents:AlarmModelAlarmEventActions": { + "type": "object", + "properties": { + "alarmActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotevents:AlarmModelAlarmAction" + }, + "description": "Specifies one or more supported actions to receive notifications when the alarm state changes." + } + } + }, + "aws-native:iotevents:AlarmModelAlarmRule": { + "type": "object", + "properties": { + "simpleRule": { + "$ref": "#/types/aws-native:iotevents:AlarmModelSimpleRule", + "description": "A rule that compares an input property value to a threshold value with a comparison operator." + } + } + }, + "aws-native:iotevents:AlarmModelAssetPropertyTimestamp": { + "type": "object", + "properties": { + "offsetInNanos": { + "type": "string", + "description": "The timestamp, in seconds, in the Unix epoch format. The valid range is between `1-31556889864403199`. You can also specify an expression." + }, + "timeInSeconds": { + "type": "string", + "description": "The nanosecond offset converted from `timeInSeconds`. The valid range is between `0-999999999`. You can also specify an expression." + } + } + }, + "aws-native:iotevents:AlarmModelAssetPropertyValue": { + "type": "object", + "properties": { + "quality": { + "type": "string", + "description": "The quality of the asset property value. The value must be `GOOD`, `BAD`, or `UNCERTAIN`. You can also specify an expression." + }, + "timestamp": { + "$ref": "#/types/aws-native:iotevents:AlarmModelAssetPropertyTimestamp" + }, + "value": { + "$ref": "#/types/aws-native:iotevents:AlarmModelAssetPropertyVariant" + } + } + }, + "aws-native:iotevents:AlarmModelAssetPropertyVariant": { + "type": "object", + "properties": { + "booleanValue": { + "type": "string", + "description": "The asset property value is a Boolean value that must be `TRUE` or `FALSE`. You can also specify an expression. If you use an expression, the evaluated result should be a Boolean value." + }, + "doubleValue": { + "type": "string", + "description": "The asset property value is a double. You can also specify an expression. If you use an expression, the evaluated result should be a double." + }, + "integerValue": { + "type": "string", + "description": "The asset property value is an integer. You can also specify an expression. If you use an expression, the evaluated result should be an integer." + }, + "stringValue": { + "type": "string", + "description": "The asset property value is a string. You can also specify an expression. If you use an expression, the evaluated result should be a string." + } + } + }, + "aws-native:iotevents:AlarmModelDynamoDBv2": { + "type": "object", + "properties": { + "payload": { + "$ref": "#/types/aws-native:iotevents:AlarmModelPayload" + }, + "tableName": { + "type": "string", + "description": "The name of the DynamoDB table." + } + } + }, + "aws-native:iotevents:AlarmModelDynamoDb": { + "type": "object", + "properties": { + "hashKeyField": { + "type": "string", + "description": "The name of the hash key (also called the partition key)." + }, + "hashKeyType": { + "type": "string", + "description": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n* `STRING` - The hash key is a string.\n\n* `NUMBER` - The hash key is a number.\n\nIf you don't specify `hashKeyType`, the default value is `STRING`." + }, + "hashKeyValue": { + "type": "string", + "description": "The value of the hash key (also called the partition key)." + }, + "operation": { + "type": "string", + "description": "The type of operation to perform. You can specify the following values:\n\n* `INSERT` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n\n* `UPDATE` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\n* `DELETE` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `INSERT` operation." + }, + "payload": { + "$ref": "#/types/aws-native:iotevents:AlarmModelPayload" + }, + "payloadField": { + "type": "string", + "description": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload`." + }, + "rangeKeyField": { + "type": "string", + "description": "The name of the range key (also called the sort key)." + }, + "rangeKeyType": { + "type": "string", + "description": "The data type for the range key (also called the sort key), You can specify the following values:\n\n* `STRING` - The range key is a string.\n\n* `NUMBER` - The range key is number.\n\nIf you don't specify `rangeKeyField`, the default value is `STRING`." + }, + "rangeKeyValue": { + "type": "string", + "description": "The value of the range key (also called the sort key)." + }, + "tableName": { + "type": "string", + "description": "The name of the DynamoDB table." + } + } + }, + "aws-native:iotevents:AlarmModelFirehose": { + "type": "object", + "properties": { + "deliveryStreamName": { + "type": "string", + "description": "The name of the Kinesis Data Firehose delivery stream where the data is written." + }, + "payload": { + "$ref": "#/types/aws-native:iotevents:AlarmModelPayload" + }, + "separator": { + "type": "string", + "description": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma)." + } + } + }, + "aws-native:iotevents:AlarmModelInitializationConfiguration": { + "type": "object", + "properties": { + "disabledOnInitialization": { + "type": "boolean", + "description": "The value must be TRUE or FALSE. If FALSE, all alarm instances created based on the alarm model are activated. The default value is TRUE." + } + } + }, + "aws-native:iotevents:AlarmModelIotEvents": { + "type": "object", + "properties": { + "inputName": { + "type": "string", + "description": "The name of the AWS IoT Events input where the data is sent." + }, + "payload": { + "$ref": "#/types/aws-native:iotevents:AlarmModelPayload" + } + } + }, + "aws-native:iotevents:AlarmModelIotSiteWise": { + "type": "object", + "properties": { + "assetId": { + "type": "string", + "description": "The ID of the asset that has the specified property. You can specify an expression." + }, + "entryId": { + "type": "string", + "description": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier. You can also specify an expression." + }, + "propertyAlias": { + "type": "string", + "description": "The alias of the asset property. You can also specify an expression." + }, + "propertyId": { + "type": "string", + "description": "The ID of the asset property. You can specify an expression." + }, + "propertyValue": { + "$ref": "#/types/aws-native:iotevents:AlarmModelAssetPropertyValue" + } + } + }, + "aws-native:iotevents:AlarmModelIotTopicPublish": { + "type": "object", + "properties": { + "mqttTopic": { + "type": "string", + "description": "The MQTT topic of the message. You can use a string expression that includes variables (`$variable.\u003cvariable-name\u003e`) and input values (`$input.\u003cinput-name\u003e.\u003cpath-to-datum\u003e`) as the topic string." + }, + "payload": { + "$ref": "#/types/aws-native:iotevents:AlarmModelPayload" + } + } + }, + "aws-native:iotevents:AlarmModelLambda": { + "type": "object", + "properties": { + "functionArn": { + "type": "string", + "description": "The ARN of the Lambda function that is executed." + }, + "payload": { + "$ref": "#/types/aws-native:iotevents:AlarmModelPayload" + } + } + }, + "aws-native:iotevents:AlarmModelPayload": { + "type": "object", + "properties": { + "contentExpression": { + "type": "string", + "description": "The content of the payload. You can use a string expression that includes quoted strings (`'\u003cstring\u003e'`), variables (`$variable.\u003cvariable-name\u003e`), input values (`$input.\u003cinput-name\u003e.\u003cpath-to-datum\u003e`), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB." + }, + "type": { + "type": "string", + "description": "The value of the payload type can be either `STRING` or `JSON`." + } + } + }, + "aws-native:iotevents:AlarmModelSimpleRule": { + "type": "object", + "properties": { + "comparisonOperator": { + "$ref": "#/types/aws-native:iotevents:AlarmModelSimpleRuleComparisonOperator", + "description": "The comparison operator." + }, + "inputProperty": { + "type": "string", + "description": "The value on the left side of the comparison operator. You can specify an AWS IoT Events input attribute as an input property." + }, + "threshold": { + "type": "string", + "description": "The value on the right side of the comparison operator. You can enter a number or specify an AWS IoT Events input attribute." + } + } + }, + "aws-native:iotevents:AlarmModelSimpleRuleComparisonOperator": { + "type": "string" + }, + "aws-native:iotevents:AlarmModelSns": { + "type": "object", + "properties": { + "payload": { + "$ref": "#/types/aws-native:iotevents:AlarmModelPayload" + }, + "targetArn": { + "type": "string", + "description": "The ARN of the Amazon SNS target where the message is sent." + } + } + }, + "aws-native:iotevents:AlarmModelSqs": { + "type": "object", + "properties": { + "payload": { + "$ref": "#/types/aws-native:iotevents:AlarmModelPayload" + }, + "queueUrl": { + "type": "string", + "description": "The URL of the SQS queue where the data is written." + }, + "useBase64": { + "type": "boolean", + "description": "Set this to `TRUE` if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to `FALSE`." + } + }, + "irreversibleNames": { + "useBase64": "UseBase64" + } + }, + "aws-native:iotevents:AlarmModelTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Key of the Tag." + }, + "value": { + "type": "string", + "description": "Value of the Tag." + } + } + }, + "aws-native:iotevents:DetectorModelAction": { + "type": "object", + "properties": { + "clearTimer": { + "$ref": "#/types/aws-native:iotevents:DetectorModelClearTimer", + "description": "Information needed to clear the timer." + }, + "dynamoDBv2": { + "$ref": "#/types/aws-native:iotevents:DetectorModelDynamoDBv2", + "description": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* ." + }, + "dynamoDb": { + "$ref": "#/types/aws-native:iotevents:DetectorModelDynamoDb", + "description": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* ." + }, + "firehose": { + "$ref": "#/types/aws-native:iotevents:DetectorModelFirehose", + "description": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream." + }, + "iotEvents": { + "$ref": "#/types/aws-native:iotevents:DetectorModelIotEvents", + "description": "Sends AWS IoT Events input, which passes information about the detector model instance and the event that triggered the action." + }, + "iotSiteWise": { + "$ref": "#/types/aws-native:iotevents:DetectorModelIotSiteWise", + "description": "Sends information about the detector model instance and the event that triggered the action to an asset property in AWS IoT SiteWise ." + }, + "iotTopicPublish": { + "$ref": "#/types/aws-native:iotevents:DetectorModelIotTopicPublish", + "description": "Publishes an MQTT message with the given topic to the AWS IoT message broker." + }, + "lambda": { + "$ref": "#/types/aws-native:iotevents:DetectorModelLambda", + "description": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action." + }, + "resetTimer": { + "$ref": "#/types/aws-native:iotevents:DetectorModelResetTimer", + "description": "Information needed to reset the timer." + }, + "setTimer": { + "$ref": "#/types/aws-native:iotevents:DetectorModelSetTimer", + "description": "Information needed to set the timer." + }, + "setVariable": { + "$ref": "#/types/aws-native:iotevents:DetectorModelSetVariable", + "description": "Sets a variable to a specified value." + }, + "sns": { + "$ref": "#/types/aws-native:iotevents:DetectorModelSns", + "description": "Sends an Amazon SNS message." + }, + "sqs": { + "$ref": "#/types/aws-native:iotevents:DetectorModelSqs", + "description": "Sends an Amazon SNS message." + } + }, + "irreversibleNames": { + "dynamoDb": "DynamoDB" + } + }, + "aws-native:iotevents:DetectorModelAssetPropertyTimestamp": { + "type": "object", + "properties": { + "offsetInNanos": { + "type": "string", + "description": "The timestamp, in seconds, in the Unix epoch format. The valid range is between `1-31556889864403199`. You can also specify an expression." + }, + "timeInSeconds": { + "type": "string", + "description": "The nanosecond offset converted from `timeInSeconds`. The valid range is between `0-999999999`. You can also specify an expression." + } + } + }, + "aws-native:iotevents:DetectorModelAssetPropertyValue": { + "type": "object", + "properties": { + "quality": { + "type": "string", + "description": "The quality of the asset property value. The value must be `GOOD`, `BAD`, or `UNCERTAIN`. You can also specify an expression." + }, + "timestamp": { + "$ref": "#/types/aws-native:iotevents:DetectorModelAssetPropertyTimestamp", + "description": "The timestamp associated with the asset property value. The default is the current event time." + }, + "value": { + "$ref": "#/types/aws-native:iotevents:DetectorModelAssetPropertyVariant", + "description": "The value to send to an asset property." + } + } + }, + "aws-native:iotevents:DetectorModelAssetPropertyVariant": { + "type": "object", + "properties": { + "booleanValue": { + "type": "string", + "description": "The asset property value is a Boolean value that must be `TRUE` or `FALSE`. You can also specify an expression. If you use an expression, the evaluated result should be a Boolean value." + }, + "doubleValue": { + "type": "string", + "description": "The asset property value is a double. You can also specify an expression. If you use an expression, the evaluated result should be a double." + }, + "integerValue": { + "type": "string", + "description": "The asset property value is an integer. You can also specify an expression. If you use an expression, the evaluated result should be an integer." + }, + "stringValue": { + "type": "string", + "description": "The asset property value is a string. You can also specify an expression. If you use an expression, the evaluated result should be a string." + } + } + }, + "aws-native:iotevents:DetectorModelClearTimer": { + "type": "object", + "properties": { + "timerName": { + "type": "string", + "description": "The name of the timer to clear." + } + } + }, + "aws-native:iotevents:DetectorModelDefinition": { + "type": "object", + "properties": { + "initialStateName": { + "type": "string", + "description": "The state that is entered at the creation of each detector (instance)." + }, + "states": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotevents:DetectorModelState" + }, + "description": "Information about the states of the detector." + } + } + }, + "aws-native:iotevents:DetectorModelDynamoDBv2": { + "type": "object", + "properties": { + "payload": { + "$ref": "#/types/aws-native:iotevents:DetectorModelPayload", + "description": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` ." + }, + "tableName": { + "type": "string", + "description": "The name of the DynamoDB table." + } + } + }, + "aws-native:iotevents:DetectorModelDynamoDb": { + "type": "object", + "properties": { + "hashKeyField": { + "type": "string", + "description": "The name of the hash key (also called the partition key)." + }, + "hashKeyType": { + "type": "string", + "description": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n* `STRING` - The hash key is a string.\n\n* `NUMBER` - The hash key is a number.\n\nIf you don't specify `hashKeyType`, the default value is `STRING`." + }, + "hashKeyValue": { + "type": "string", + "description": "The value of the hash key (also called the partition key)." + }, + "operation": { + "type": "string", + "description": "The type of operation to perform. You can specify the following values:\n\n* `INSERT` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n\n* `UPDATE` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\n* `DELETE` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `INSERT` operation." + }, + "payload": { + "$ref": "#/types/aws-native:iotevents:DetectorModelPayload", + "description": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` ." + }, + "payloadField": { + "type": "string", + "description": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload`." + }, + "rangeKeyField": { + "type": "string", + "description": "The name of the range key (also called the sort key)." + }, + "rangeKeyType": { + "type": "string", + "description": "The data type for the range key (also called the sort key), You can specify the following values:\n\n* `STRING` - The range key is a string.\n\n* `NUMBER` - The range key is number.\n\nIf you don't specify `rangeKeyField`, the default value is `STRING`." + }, + "rangeKeyValue": { + "type": "string", + "description": "The value of the range key (also called the sort key)." + }, + "tableName": { + "type": "string", + "description": "The name of the DynamoDB table." + } + } + }, + "aws-native:iotevents:DetectorModelEvaluationMethod": { + "type": "string" + }, + "aws-native:iotevents:DetectorModelEvent": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotevents:DetectorModelAction" + }, + "description": "The actions to be performed." + }, + "condition": { + "type": "string", + "description": "The Boolean expression that, when `TRUE`, causes the `actions` to be performed. If not present, the `actions` are performed (=`TRUE`). If the expression result is not a `Boolean` value, the `actions` are not performed (=`FALSE`)." + }, + "eventName": { + "type": "string", + "description": "The name of the event." + } + } + }, + "aws-native:iotevents:DetectorModelFirehose": { + "type": "object", + "properties": { + "deliveryStreamName": { + "type": "string", + "description": "The name of the Kinesis Data Firehose delivery stream where the data is written." + }, + "payload": { + "$ref": "#/types/aws-native:iotevents:DetectorModelPayload", + "description": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream." + }, + "separator": { + "type": "string", + "description": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma)." + } + } + }, + "aws-native:iotevents:DetectorModelIotEvents": { + "type": "object", + "properties": { + "inputName": { + "type": "string", + "description": "The name of the AWS IoT Events input where the data is sent." + }, + "payload": { + "$ref": "#/types/aws-native:iotevents:DetectorModelPayload", + "description": "You can configure the action payload when you send a message to an AWS IoT Events input." + } + } + }, + "aws-native:iotevents:DetectorModelIotSiteWise": { + "type": "object", + "properties": { + "assetId": { + "type": "string", + "description": "The ID of the asset that has the specified property. You can specify an expression." + }, + "entryId": { + "type": "string", + "description": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier. You can also specify an expression." + }, + "propertyAlias": { + "type": "string", + "description": "The alias of the asset property. You can also specify an expression." + }, + "propertyId": { + "type": "string", + "description": "The ID of the asset property. You can specify an expression." + }, + "propertyValue": { + "$ref": "#/types/aws-native:iotevents:DetectorModelAssetPropertyValue", + "description": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information." + } + } + }, + "aws-native:iotevents:DetectorModelIotTopicPublish": { + "type": "object", + "properties": { + "mqttTopic": { + "type": "string", + "description": "The MQTT topic of the message. You can use a string expression that includes variables (`$variable.\u003cvariable-name\u003e`) and input values (`$input.\u003cinput-name\u003e.\u003cpath-to-datum\u003e`) as the topic string." + }, + "payload": { + "$ref": "#/types/aws-native:iotevents:DetectorModelPayload", + "description": "You can configure the action payload when you publish a message to an AWS IoT Core topic." + } + } + }, + "aws-native:iotevents:DetectorModelLambda": { + "type": "object", + "properties": { + "functionArn": { + "type": "string", + "description": "The ARN of the Lambda function that is executed." + }, + "payload": { + "$ref": "#/types/aws-native:iotevents:DetectorModelPayload", + "description": "You can configure the action payload when you send a message to a Lambda function." + } + } + }, + "aws-native:iotevents:DetectorModelOnEnter": { + "type": "object", + "properties": { + "events": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotevents:DetectorModelEvent" + }, + "description": "Specifies the `actions` that are performed when the state is entered and the `condition` is `TRUE`." + } + } + }, + "aws-native:iotevents:DetectorModelOnExit": { + "type": "object", + "properties": { + "events": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotevents:DetectorModelEvent" + }, + "description": "Specifies the `actions` that are performed when the state is exited and the `condition` is `TRUE`." + } + } + }, + "aws-native:iotevents:DetectorModelOnInput": { + "type": "object", + "properties": { + "events": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotevents:DetectorModelEvent" + }, + "description": "Specifies the `actions` performed when the `condition` evaluates to `TRUE`." + }, + "transitionEvents": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotevents:DetectorModelTransitionEvent" + }, + "description": "Specifies the `actions` performed, and the next `state` entered, when a `condition` evaluates to `TRUE`." + } + } + }, + "aws-native:iotevents:DetectorModelPayload": { + "type": "object", + "properties": { + "contentExpression": { + "type": "string", + "description": "The content of the payload. You can use a string expression that includes quoted strings (`'\u003cstring\u003e'`), variables (`$variable.\u003cvariable-name\u003e`), input values (`$input.\u003cinput-name\u003e.\u003cpath-to-datum\u003e`), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB." + }, + "type": { + "type": "string", + "description": "The value of the payload type can be either `STRING` or `JSON`." + } + } + }, + "aws-native:iotevents:DetectorModelResetTimer": { + "type": "object", + "properties": { + "timerName": { + "type": "string", + "description": "The name of the timer to reset." + } + } + }, + "aws-native:iotevents:DetectorModelSetTimer": { + "type": "object", + "properties": { + "durationExpression": { + "type": "string", + "description": "The duration of the timer, in seconds. You can use a string expression that includes numbers, variables (`$variable.\u003cvariable-name\u003e`), and input values (`$input.\u003cinput-name\u003e.\u003cpath-to-datum\u003e`) as the duration. The range of the duration is `1-31622400` seconds. To ensure accuracy, the minimum duration is `60` seconds. The evaluated result of the duration is rounded down to the nearest whole number." + }, + "seconds": { + "type": "integer", + "description": "The number of seconds until the timer expires. The minimum value is `60` seconds to ensure accuracy. The maximum value is `31622400` seconds." + }, + "timerName": { + "type": "string", + "description": "The name of the timer." + } + } + }, + "aws-native:iotevents:DetectorModelSetVariable": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "The new value of the variable." + }, + "variableName": { + "type": "string", + "description": "The name of the variable." + } + } + }, + "aws-native:iotevents:DetectorModelSns": { + "type": "object", + "properties": { + "payload": { + "$ref": "#/types/aws-native:iotevents:DetectorModelPayload", + "description": "You can configure the action payload when you send a message as an Amazon SNS push notification." + }, + "targetArn": { + "type": "string", + "description": "The ARN of the Amazon SNS target where the message is sent." + } + } + }, + "aws-native:iotevents:DetectorModelSqs": { + "type": "object", + "properties": { + "payload": { + "$ref": "#/types/aws-native:iotevents:DetectorModelPayload", + "description": "You can configure the action payload when you send a message to an Amazon SQS queue." + }, + "queueUrl": { + "type": "string", + "description": "The URL of the SQS queue where the data is written." + }, + "useBase64": { + "type": "boolean", + "description": "Set this to `TRUE` if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to `FALSE`." + } + }, + "irreversibleNames": { + "useBase64": "UseBase64" + } + }, + "aws-native:iotevents:DetectorModelState": { + "type": "object", + "properties": { + "onEnter": { + "$ref": "#/types/aws-native:iotevents:DetectorModelOnEnter", + "description": "When entering this state, perform these `actions` if the `condition` is TRUE." + }, + "onExit": { + "$ref": "#/types/aws-native:iotevents:DetectorModelOnExit", + "description": "When exiting this state, perform these `actions` if the specified `condition` is `TRUE` ." + }, + "onInput": { + "$ref": "#/types/aws-native:iotevents:DetectorModelOnInput", + "description": "When an input is received and the `condition` is TRUE, perform the specified `actions` ." + }, + "stateName": { + "type": "string", + "description": "The name of the state." + } + } + }, + "aws-native:iotevents:DetectorModelTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Key of the Tag." + }, + "value": { + "type": "string", + "description": "Value of the Tag." + } + } + }, + "aws-native:iotevents:DetectorModelTransitionEvent": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotevents:DetectorModelAction" + }, + "description": "The actions to be performed." + }, + "condition": { + "type": "string", + "description": "A Boolean expression that when `TRUE` causes the `actions` to be performed and the `nextState` to be entered." + }, + "eventName": { + "type": "string", + "description": "The name of the event." + }, + "nextState": { + "type": "string", + "description": "The next state to enter." + } + } + }, + "aws-native:iotevents:InputAttribute": { + "type": "object", + "properties": { + "jsonPath": { + "type": "string", + "description": "An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to AWS IoT Events (`BatchPutMessage`). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the `condition` expressions used by detectors.\n\n_Syntax_: `\u003cfield-name\u003e.\u003cfield-name\u003e...`" + } + } + }, + "aws-native:iotevents:InputDefinition": { + "type": "object", + "properties": { + "attributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotevents:InputAttribute" + }, + "description": "The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage`. Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input." + } + } + }, + "aws-native:iotevents:InputTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Key of the Tag." + }, + "value": { + "type": "string", + "description": "Value of the Tag." + } + } + }, + "aws-native:iotfleethub:ApplicationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:iotsitewise:AccessPolicyIamRole": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The ARN of the IAM role." + } + } + }, + "aws-native:iotsitewise:AccessPolicyIamUser": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The ARN of the IAM user." + } + } + }, + "aws-native:iotsitewise:AccessPolicyIdentity": { + "type": "object", + "properties": { + "iamRole": { + "$ref": "#/types/aws-native:iotsitewise:AccessPolicyIamRole", + "description": "An IAM role identity." + }, + "iamUser": { + "$ref": "#/types/aws-native:iotsitewise:AccessPolicyIamUser", + "description": "An IAM user identity." + }, + "user": { + "$ref": "#/types/aws-native:iotsitewise:AccessPolicyUser", + "description": "An IAM Identity Center user identity." + } + } + }, + "aws-native:iotsitewise:AccessPolicyPortal": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the portal." + } + } + }, + "aws-native:iotsitewise:AccessPolicyProject": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the project." + } + } + }, + "aws-native:iotsitewise:AccessPolicyResource": { + "type": "object", + "properties": { + "portal": { + "$ref": "#/types/aws-native:iotsitewise:AccessPolicyPortal", + "description": "Identifies an AWS IoT SiteWise Monitor portal." + }, + "project": { + "$ref": "#/types/aws-native:iotsitewise:AccessPolicyProject", + "description": "Identifies a specific AWS IoT SiteWise Monitor project." + } + } + }, + "aws-native:iotsitewise:AccessPolicyUser": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The AWS SSO ID of the user." + } + } + }, + "aws-native:iotsitewise:AlarmsProperties": { + "type": "object", + "properties": { + "alarmRoleArn": { + "type": "string", + "description": "The ARN of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events." + }, + "notificationLambdaArn": { + "type": "string", + "description": "The ARN of the AWS Lambda function that manages alarm notifications. For more information, see Managing alarm notifications in the AWS IoT Events Developer Guide." + } + } + }, + "aws-native:iotsitewise:AssetHierarchy": { + "type": "object", + "properties": { + "childAssetId": { + "type": "string", + "description": "The ID of the child asset to be associated." + }, + "externalId": { + "type": "string", + "description": "String-friendly customer provided external ID" + }, + "id": { + "type": "string", + "description": "Customer provided actual UUID for property" + }, + "logicalId": { + "type": "string", + "description": "The LogicalID of a hierarchy in the parent asset's model." + } + } + }, + "aws-native:iotsitewise:AssetModelAttribute": { + "type": "object", + "properties": { + "defaultValue": { + "type": "string", + "description": "The default value of the asset model property attribute. All assets that you create from the asset model contain this attribute value. You can update an attribute's value after you create an asset. For more information, see [Updating attribute values](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/update-attribute-values.html) in the *AWS IoT SiteWise User Guide* ." + } + } + }, + "aws-native:iotsitewise:AssetModelCompositeModel": { + "type": "object", + "properties": { + "composedAssetModelId": { + "type": "string", + "description": "The component model ID for which the composite model is composed of" + }, + "compositeModelProperties": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelProperty" + }, + "description": "The property definitions of the asset model. You can specify up to 200 properties per asset model." + }, + "description": { + "type": "string", + "description": "A description for the asset composite model." + }, + "externalId": { + "type": "string", + "description": "The External ID of the composite model" + }, + "id": { + "type": "string", + "description": "The Actual ID of the composite model" + }, + "name": { + "type": "string", + "description": "A unique, friendly name for the asset composite model." + }, + "parentAssetModelCompositeModelExternalId": { + "type": "string", + "description": "The parent composite model External ID" + }, + "path": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The path of the composite model. This is only for derived composite models" + }, + "type": { + "type": "string", + "description": "The type of the composite model. For alarm composite models, this type is AWS/ALARM" + } + } + }, + "aws-native:iotsitewise:AssetModelDataType": { + "type": "string" + }, + "aws-native:iotsitewise:AssetModelDataTypeSpec": { + "type": "string" + }, + "aws-native:iotsitewise:AssetModelExpressionVariable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The friendly name of the variable to be used in the expression." + }, + "value": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelVariableValue", + "description": "The variable that identifies an asset property from which to use values." + } + } + }, + "aws-native:iotsitewise:AssetModelHierarchy": { + "type": "object", + "properties": { + "childAssetModelId": { + "type": "string", + "description": "The ID of the asset model. All assets in this hierarchy must be instances of the child AssetModelId asset model." + }, + "externalId": { + "type": "string", + "description": "Customer provided external ID for hierarchy" + }, + "id": { + "type": "string", + "description": "Customer provided actual ID for hierarchy" + }, + "logicalId": { + "type": "string", + "description": "Customer provided logical ID for hierarchy." + }, + "name": { + "type": "string", + "description": "The name of the asset model hierarchy." + } + } + }, + "aws-native:iotsitewise:AssetModelMetric": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "The mathematical expression that defines the metric aggregation function. You can specify up to 10 functions per expression." + }, + "variables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelExpressionVariable" + }, + "description": "The list of variables used in the expression." + }, + "window": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelMetricWindow", + "description": "The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression" + } + } + }, + "aws-native:iotsitewise:AssetModelMetricWindow": { + "type": "object", + "properties": { + "tumbling": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelTumblingWindow", + "description": "The tumbling time interval window." + } + } + }, + "aws-native:iotsitewise:AssetModelProperty": { + "type": "object", + "properties": { + "dataType": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelDataType", + "description": "The data type of the asset model property." + }, + "dataTypeSpec": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelDataTypeSpec", + "description": "The data type of the structure for this property." + }, + "externalId": { + "type": "string", + "description": "The External ID of the Asset Model Property" + }, + "id": { + "type": "string", + "description": "The ID of the Asset Model Property" + }, + "logicalId": { + "type": "string", + "description": "Customer provided Logical ID for property." + }, + "name": { + "type": "string", + "description": "The name of the asset model property." + }, + "type": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelPropertyType", + "description": "The property type" + }, + "unit": { + "type": "string", + "description": "The unit of the asset model property, such as Newtons or RPM." + } + } + }, + "aws-native:iotsitewise:AssetModelPropertyPathDefinition": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the property" + } + } + }, + "aws-native:iotsitewise:AssetModelPropertyType": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelAttribute", + "description": "Specifies an asset attribute property. An attribute generally contains static information, such as the serial number of an [IIoT](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Internet_of_things#Industrial_applications) wind turbine." + }, + "metric": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelMetric", + "description": "Specifies an asset metric property. A metric contains a mathematical expression that uses aggregate functions to process all input data points over a time interval and output a single data point, such as to calculate the average hourly temperature." + }, + "transform": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelTransform", + "description": "Specifies an asset transform property. A transform contains a mathematical expression that maps a property's data points from one form to another, such as a unit conversion from Celsius to Fahrenheit." + }, + "typeName": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelTypeName", + "description": "The type of property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` ." + } + } + }, + "aws-native:iotsitewise:AssetModelTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key or name that identifies the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:iotsitewise:AssetModelTransform": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "The mathematical expression that defines the transformation function. You can specify up to 10 functions per expression." + }, + "variables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelExpressionVariable" + }, + "description": "The list of variables used in the expression." + } + } + }, + "aws-native:iotsitewise:AssetModelTumblingWindow": { + "type": "object", + "properties": { + "interval": { + "type": "string", + "description": "The time interval for the tumbling window. The interval time must be between 1 minute and 1 week.\n\nAWS IoT SiteWise computes the `1w` interval the end of Sunday at midnight each week (UTC), the `1d` interval at the end of each day at midnight (UTC), the `1h` interval at the end of each hour, and so on.\n\nWhen AWS IoT SiteWise aggregates data points for metric computations, the start of each interval is exclusive and the end of each interval is inclusive. AWS IoT SiteWise places the computed data point at the end of the interval." + }, + "offset": { + "type": "string", + "description": "The offset for the tumbling window. The `offset` parameter accepts the following:\n\n- The offset time.\n\nFor example, if you specify `18h` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The ISO 8601 format.\n\nFor example, if you specify `PT18H` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The 24-hour clock.\n\nFor example, if you specify `00:03:00` for `offset` , `5m` for `interval` , and you create the metric at 2 PM (UTC), you get the first aggregation result at 2:03 PM (UTC). You get the second aggregation result at 2:08 PM (UTC).\n- The offset time zone.\n\nFor example, if you specify `2021-07-23T18:00-08` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (PST), you get the first aggregation result at 6 PM (PST) on the day when you create the metric.\n- If you create the metric after 6 PM (PST), you get the first aggregation result at 6 PM (PST) the next day." + } + } + }, + "aws-native:iotsitewise:AssetModelTypeName": { + "type": "string" + }, + "aws-native:iotsitewise:AssetModelVariableValue": { + "type": "object", + "properties": { + "hierarchyExternalId": { + "type": "string", + "description": "The External ID of the hierarchy that is trying to be referenced" + }, + "hierarchyId": { + "type": "string", + "description": "The ID of the hierarchy that is trying to be referenced" + }, + "hierarchyLogicalId": { + "type": "string", + "description": "The `LogicalID` of the hierarchy to query for the `PropertyLogicalID` .\n\nYou use a `hierarchyLogicalID` instead of a model ID because you can have several hierarchies using the same model and therefore the same property. For example, you might have separately grouped assets that come from the same asset model. For more information, see [Defining relationships between asset models (hierarchies)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* ." + }, + "propertyExternalId": { + "type": "string", + "description": "The External ID of the property that is trying to be referenced" + }, + "propertyId": { + "type": "string", + "description": "The ID of the property that is trying to be referenced" + }, + "propertyLogicalId": { + "type": "string", + "description": "The `LogicalID` of the property that is being referenced." + }, + "propertyPath": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iotsitewise:AssetModelPropertyPathDefinition" + }, + "description": "The path of the property that is trying to be referenced" + } + } + }, + "aws-native:iotsitewise:AssetProperty": { + "type": "object", + "properties": { + "alias": { + "type": "string", + "description": "The property alias that identifies the property." + }, + "externalId": { + "type": "string", + "description": "String-friendly customer provided external ID" + }, + "id": { + "type": "string", + "description": "Customer provided actual UUID for property" + }, + "logicalId": { + "type": "string", + "description": "Customer provided ID for property." + }, + "notificationState": { + "$ref": "#/types/aws-native:iotsitewise:AssetPropertyNotificationState", + "description": "The MQTT notification state (ENABLED or DISABLED) for this asset property." + }, + "unit": { + "type": "string", + "description": "The unit of measure (such as Newtons or RPM) of the asset property. If you don't specify a value for this parameter, the service uses the value of the assetModelProperty in the asset model." + } + } + }, + "aws-native:iotsitewise:AssetPropertyNotificationState": { + "type": "string" + }, + "aws-native:iotsitewise:AssetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key or name that identifies the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:iotsitewise:DashboardTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key or name that identifies the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:iotsitewise:GatewayCapabilitySummary": { + "type": "object", + "properties": { + "capabilityConfiguration": { + "type": "string", + "description": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* ." + }, + "capabilityNamespace": { + "type": "string", + "description": "The namespace of the capability configuration. For example, if you configure OPC-UA sources from the AWS IoT SiteWise console, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:version` , where `version` is a number such as `1` ." + } + } + }, + "aws-native:iotsitewise:GatewayGreengrass": { + "type": "object", + "properties": { + "groupArn": { + "type": "string", + "description": "The ARN of the Greengrass group." + } + } + }, + "aws-native:iotsitewise:GatewayGreengrassV2": { + "type": "object", + "properties": { + "coreDeviceThingName": { + "type": "string", + "description": "The name of the CoreDevice in GreenGrass V2." + } + } + }, + "aws-native:iotsitewise:GatewayPlatform": { + "type": "object", + "properties": { + "greengrass": { + "$ref": "#/types/aws-native:iotsitewise:GatewayGreengrass", + "description": "A gateway that runs on AWS IoT Greengrass V1." + }, + "greengrassV2": { + "$ref": "#/types/aws-native:iotsitewise:GatewayGreengrassV2", + "description": "A gateway that runs on AWS IoT Greengrass V2." + }, + "siemensIe": { + "$ref": "#/types/aws-native:iotsitewise:GatewaySiemensIe", + "description": "A gateway that runs on Siemens Industrial Edge." + } + }, + "irreversibleNames": { + "greengrassV2": "GreengrassV2", + "siemensIe": "SiemensIE" + } + }, + "aws-native:iotsitewise:GatewaySiemensIe": { + "type": "object", + "properties": { + "iotCoreThingName": { + "type": "string", + "description": "The name of the IoT Core Thing." + } + } + }, + "aws-native:iotsitewise:GatewayTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key or name that identifies the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:iotsitewise:PortalTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key or name that identifies the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:iotsitewise:ProjectTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key or name that identifies the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:iottwinmaker:ComponentTypeCompositeComponentType": { + "type": "object", + "properties": { + "componentTypeId": { + "type": "string", + "description": "The id of the composite component type." + } + } + }, + "aws-native:iottwinmaker:ComponentTypeDataConnector": { + "type": "object", + "properties": { + "isNative": { + "type": "boolean", + "description": "A Boolean value that specifies whether the data connector is native to IoT TwinMaker." + }, + "lambda": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeLambdaFunction", + "description": "The Lambda function associated with this data connector." + } + } + }, + "aws-native:iottwinmaker:ComponentTypeDataType": { + "type": "object", + "properties": { + "allowedValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeDataValue" + }, + "description": "The allowed values for this data type." + }, + "nestedType": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeDataType", + "description": "The nested type in the data type." + }, + "relationship": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeRelationship", + "description": "A relationship that associates a component with another component." + }, + "type": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeDataTypeType", + "description": "The underlying type of the data type." + }, + "unitOfMeasure": { + "type": "string", + "description": "The unit of measure used in this data type." + } + } + }, + "aws-native:iottwinmaker:ComponentTypeDataTypeType": { + "type": "string" + }, + "aws-native:iottwinmaker:ComponentTypeDataValue": { + "type": "object", + "properties": { + "booleanValue": { + "type": "boolean", + "description": "A Boolean value." + }, + "doubleValue": { + "type": "number", + "description": "A double value." + }, + "expression": { + "type": "string", + "description": "An expression that produces the value." + }, + "integerValue": { + "type": "integer", + "description": "An integer value." + }, + "listValue": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeDataValue" + }, + "description": "A list of multiple values." + }, + "longValue": { + "type": "number", + "description": "A long value." + }, + "mapValue": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeDataValue" + }, + "description": "An object that maps strings to multiple DataValue objects. \n\n" + }, + "relationshipValue": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeDataValueRelationshipValueProperties", + "description": "A value that relates a component to another component." + }, + "stringValue": { + "type": "string", + "description": "A string value." + } + } + }, + "aws-native:iottwinmaker:ComponentTypeDataValueRelationshipValueProperties": { + "type": "object", + "properties": { + "targetComponentName": { + "type": "string" + }, + "targetEntityId": { + "type": "string" + } + } + }, + "aws-native:iottwinmaker:ComponentTypeFunction": { + "type": "object", + "properties": { + "implementedBy": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeDataConnector", + "description": "The data connector." + }, + "requiredProperties": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The required properties of the function." + }, + "scope": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeFunctionScope", + "description": "The scope of the function." + } + } + }, + "aws-native:iottwinmaker:ComponentTypeFunctionScope": { + "type": "string" + }, + "aws-native:iottwinmaker:ComponentTypeLambdaFunction": { + "type": "object", + "properties": { + "arn": { + "type": "string" + } + } + }, + "aws-native:iottwinmaker:ComponentTypePropertyDefinition": { + "type": "object", + "properties": { + "configurations": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An object that specifies information about a property." + }, + "dataType": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeDataType", + "description": "An object that contains information about the data type." + }, + "defaultValue": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeDataValue", + "description": "An object that contains the default value." + }, + "isExternalId": { + "type": "boolean", + "description": "A Boolean value that specifies whether the property ID comes from an external data store." + }, + "isRequiredInEntity": { + "type": "boolean", + "description": "A Boolean value that specifies whether the property is required." + }, + "isStoredExternally": { + "type": "boolean", + "description": "A Boolean value that specifies whether the property is stored externally." + }, + "isTimeSeries": { + "type": "boolean", + "description": "A Boolean value that specifies whether the property consists of time series data." + } + } + }, + "aws-native:iottwinmaker:ComponentTypePropertyGroup": { + "type": "object", + "properties": { + "groupType": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypePropertyGroupGroupType", + "description": "The type of property group." + }, + "propertyNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of property names in the property group." + } + } + }, + "aws-native:iottwinmaker:ComponentTypePropertyGroupGroupType": { + "type": "string" + }, + "aws-native:iottwinmaker:ComponentTypeRelationship": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "description": "The type of the relationship." + }, + "targetComponentTypeId": { + "type": "string", + "description": "The ID of the target component type associated with this relationship." + } + } + }, + "aws-native:iottwinmaker:ComponentTypeStatus": { + "type": "object", + "properties": { + "error": { + "oneOf": [ + { + "$ref": "pulumi.json#/Any" + }, + { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeStatusErrorProperties" + } + ], + "description": "The component type error." + }, + "state": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeStatusState", + "description": "The component type status state." + } + } + }, + "aws-native:iottwinmaker:ComponentTypeStatusError1Properties": { + "type": "object", + "properties": { + "code": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeStatusError1PropertiesCode" + }, + "message": { + "type": "string" + } + } + }, + "aws-native:iottwinmaker:ComponentTypeStatusError1PropertiesCode": { + "type": "string" + }, + "aws-native:iottwinmaker:ComponentTypeStatusErrorProperties": { + "type": "object", + "properties": { + "code": { + "$ref": "#/types/aws-native:iottwinmaker:ComponentTypeStatusErrorPropertiesCode" + }, + "message": { + "type": "string" + } + } + }, + "aws-native:iottwinmaker:ComponentTypeStatusErrorPropertiesCode": { + "type": "string" + }, + "aws-native:iottwinmaker:ComponentTypeStatusState": { + "type": "string" + }, + "aws-native:iottwinmaker:EntityComponent": { + "type": "object", + "properties": { + "componentName": { + "type": "string", + "description": "The name of the component." + }, + "componentTypeId": { + "type": "string", + "description": "The ID of the component type." + }, + "definedIn": { + "type": "string", + "description": "The name of the property definition set in the component." + }, + "description": { + "type": "string", + "description": "The description of the component." + }, + "properties": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:EntityProperty" + }, + "description": "An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object." + }, + "propertyGroups": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:EntityPropertyGroup" + }, + "description": "An object that maps strings to the property groups to set in the component type. Each string in the mapping must be unique to this object." + }, + "status": { + "$ref": "#/types/aws-native:iottwinmaker:EntityStatus", + "description": "The current status of the entity." + } + } + }, + "aws-native:iottwinmaker:EntityCompositeComponent": { + "type": "object", + "properties": { + "componentName": { + "type": "string", + "description": "The name of the component." + }, + "componentPath": { + "type": "string", + "description": "The path of the component." + }, + "componentTypeId": { + "type": "string", + "description": "The ID of the component type." + }, + "description": { + "type": "string", + "description": "The description of the component." + }, + "properties": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:EntityProperty" + }, + "description": "An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object." + }, + "propertyGroups": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:EntityPropertyGroup" + }, + "description": "An object that maps strings to the property groups to set in the component type. Each string in the mapping must be unique to this object." + }, + "status": { + "$ref": "#/types/aws-native:iottwinmaker:EntityStatus", + "description": "The current status of the component." + } + } + }, + "aws-native:iottwinmaker:EntityDataType": { + "type": "object", + "properties": { + "allowedValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iottwinmaker:EntityDataValue" + }, + "description": "The allowed values for this data type." + }, + "nestedType": { + "$ref": "#/types/aws-native:iottwinmaker:EntityDataType", + "description": "The nested type in the data type." + }, + "relationship": { + "$ref": "#/types/aws-native:iottwinmaker:EntityRelationship", + "description": "A relationship that associates a component with another component." + }, + "type": { + "$ref": "#/types/aws-native:iottwinmaker:EntityDataTypeType", + "description": "The underlying type of the data type." + }, + "unitOfMeasure": { + "type": "string", + "description": "The unit of measure used in this data type." + } + } + }, + "aws-native:iottwinmaker:EntityDataTypeType": { + "type": "string" + }, + "aws-native:iottwinmaker:EntityDataValue": { + "type": "object", + "properties": { + "booleanValue": { + "type": "boolean", + "description": "A Boolean value." + }, + "doubleValue": { + "type": "number", + "description": "A double value." + }, + "expression": { + "type": "string", + "description": "An expression that produces the value." + }, + "integerValue": { + "type": "integer", + "description": "An integer value." + }, + "listValue": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:iottwinmaker:EntityDataValue" + }, + "description": "A list of multiple values." + }, + "longValue": { + "type": "number", + "description": "A long value." + }, + "mapValue": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:iottwinmaker:EntityDataValue" + }, + "description": "An object that maps strings to multiple DataValue objects." + }, + "relationshipValue": { + "$ref": "#/types/aws-native:iottwinmaker:EntityDataValueRelationshipValueProperties", + "description": "A value that relates a component to another component." + }, + "stringValue": { + "type": "string", + "description": "A string value." + } + } + }, + "aws-native:iottwinmaker:EntityDataValueRelationshipValueProperties": { + "type": "object", + "properties": { + "targetComponentName": { + "type": "string" + }, + "targetEntityId": { + "type": "string" + } + } + }, + "aws-native:iottwinmaker:EntityDefinition": { + "type": "object", + "properties": { + "configuration": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "An object that specifies information about a property configuration." + }, + "dataType": { + "$ref": "#/types/aws-native:iottwinmaker:EntityDataType", + "description": "An object that contains information about the data type." + }, + "defaultValue": { + "$ref": "#/types/aws-native:iottwinmaker:EntityDataValue", + "description": "An object that contains the default value." + }, + "isExternalId": { + "type": "boolean", + "description": "A Boolean value that specifies whether the property ID comes from an external data store." + }, + "isFinal": { + "type": "boolean", + "description": "A Boolean value that specifies whether the property definition can be updated." + }, + "isImported": { + "type": "boolean", + "description": "A Boolean value that specifies whether the property definition is imported from an external data store." + }, + "isInherited": { + "type": "boolean", + "description": "A Boolean value that specifies whether the property definition is inherited from a parent entity." + }, + "isRequiredInEntity": { + "type": "boolean", + "description": "A Boolean value that specifies whether the property is required." + }, + "isStoredExternally": { + "type": "boolean", + "description": "A Boolean value that specifies whether the property is stored externally." + }, + "isTimeSeries": { + "type": "boolean", + "description": "A Boolean value that specifies whether the property consists of time series data." + } + } + }, + "aws-native:iottwinmaker:EntityProperty": { + "type": "object", + "properties": { + "definition": { + "$ref": "#/types/aws-native:iottwinmaker:EntityDefinition", + "description": "The definition of the property." + }, + "value": { + "$ref": "#/types/aws-native:iottwinmaker:EntityDataValue", + "description": "The value of the property." + } + } + }, + "aws-native:iottwinmaker:EntityPropertyGroup": { + "type": "object", + "properties": { + "groupType": { + "$ref": "#/types/aws-native:iottwinmaker:EntityPropertyGroupGroupType", + "description": "The type of property group." + }, + "propertyNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of property names in the property group." + } + } + }, + "aws-native:iottwinmaker:EntityPropertyGroupGroupType": { + "type": "string" + }, + "aws-native:iottwinmaker:EntityRelationship": { + "type": "object", + "properties": { + "relationshipType": { + "type": "string", + "description": "The type of the relationship." + }, + "targetComponentTypeId": { + "type": "string", + "description": "The ID of the target component type associated with this relationship." + } + } + }, + "aws-native:iottwinmaker:EntityStatus": { + "type": "object", + "properties": { + "error": { + "oneOf": [ + { + "$ref": "pulumi.json#/Any" + }, + { + "$ref": "#/types/aws-native:iottwinmaker:EntityStatusErrorProperties" + } + ] + }, + "state": { + "$ref": "#/types/aws-native:iottwinmaker:EntityStatusState" + } + } + }, + "aws-native:iottwinmaker:EntityStatusError1Properties": { + "type": "object", + "properties": { + "code": { + "$ref": "#/types/aws-native:iottwinmaker:EntityStatusError1PropertiesCode" + }, + "message": { + "type": "string" + } + } + }, + "aws-native:iottwinmaker:EntityStatusError1PropertiesCode": { + "type": "string" + }, + "aws-native:iottwinmaker:EntityStatusErrorProperties": { + "type": "object", + "properties": { + "code": { + "$ref": "#/types/aws-native:iottwinmaker:EntityStatusErrorPropertiesCode" + }, + "message": { + "type": "string" + } + } + }, + "aws-native:iottwinmaker:EntityStatusErrorPropertiesCode": { + "type": "string" + }, + "aws-native:iottwinmaker:EntityStatusState": { + "type": "string" + }, + "aws-native:iotwireless:DestinationExpressionType": { + "type": "string" + }, + "aws-native:iotwireless:DestinationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key value." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iotwireless:DeviceProfileLoRaWanDeviceProfile": { + "type": "object", + "properties": { + "classBTimeout": { + "type": "integer", + "description": "The ClassBTimeout value." + }, + "classCTimeout": { + "type": "integer", + "description": "The ClassCTimeout value." + }, + "factoryPresetFreqsList": { + "type": "array", + "items": { + "type": "integer" + }, + "description": "The list of values that make up the FactoryPresetFreqs value. Valid range of values include a minimum value of 1000000 and a maximum value of 16700000." + }, + "macVersion": { + "type": "string", + "description": "The MAC version (such as OTAA 1.1 or OTAA 1.0.3) to use with this device profile." + }, + "maxDutyCycle": { + "type": "integer", + "description": "The MaxDutyCycle value." + }, + "maxEirp": { + "type": "integer", + "description": "The MaxEIRP value." + }, + "pingSlotDr": { + "type": "integer", + "description": "The PingSlotDR value." + }, + "pingSlotFreq": { + "type": "integer", + "description": "The PingSlotFreq value." + }, + "pingSlotPeriod": { + "type": "integer", + "description": "The PingSlotPeriod value." + }, + "regParamsRevision": { + "type": "string", + "description": "The version of regional parameters." + }, + "rfRegion": { + "type": "string", + "description": "The frequency band (RFRegion) value." + }, + "rxDataRate2": { + "type": "integer", + "description": "The RXDataRate2 value." + }, + "rxDelay1": { + "type": "integer", + "description": "The RXDelay1 value." + }, + "rxDrOffset1": { + "type": "integer", + "description": "The RXDROffset1 value." + }, + "rxFreq2": { + "type": "integer", + "description": "The RXFreq2 value." + }, + "supports32BitFCnt": { + "type": "boolean", + "description": "The Supports32BitFCnt value." + }, + "supportsClassB": { + "type": "boolean", + "description": "The SupportsClassB value." + }, + "supportsClassC": { + "type": "boolean", + "description": "The SupportsClassC value." + }, + "supportsJoin": { + "type": "boolean", + "description": "The SupportsJoin value." + } + }, + "irreversibleNames": { + "supports32BitFCnt": "Supports32BitFCnt" + } + }, + "aws-native:iotwireless:DeviceProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key value." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iotwireless:FuotaTaskLoRaWan": { + "type": "object", + "properties": { + "rfRegion": { + "type": "string", + "description": "FUOTA task LoRaWAN RF region" + }, + "startTime": { + "type": "string", + "description": "FUOTA task LoRaWAN start time" + } + } + }, + "aws-native:iotwireless:FuotaTaskTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key value." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iotwireless:MulticastGroupLoRaWan": { + "type": "object", + "properties": { + "dlClass": { + "type": "string", + "description": "Multicast group LoRaWAN DL Class" + }, + "numberOfDevicesInGroup": { + "type": "integer", + "description": "Multicast group number of devices in group. Returned after successful read." + }, + "numberOfDevicesRequested": { + "type": "integer", + "description": "Multicast group number of devices requested. Returned after successful read." + }, + "rfRegion": { + "type": "string", + "description": "Multicast group LoRaWAN RF region" + } + } + }, + "aws-native:iotwireless:MulticastGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key value." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iotwireless:NetworkAnalyzerConfigurationLogLevel": { + "type": "string" + }, + "aws-native:iotwireless:NetworkAnalyzerConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:iotwireless:NetworkAnalyzerConfigurationWirelessDeviceFrameInfo": { + "type": "string" + }, + "aws-native:iotwireless:ServiceProfileLoRaWanServiceProfile": { + "type": "object", + "properties": { + "addGwMetadata": { + "type": "boolean", + "description": "The AddGWMetaData value." + }, + "channelMask": { + "type": "string", + "description": "The ChannelMask value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "devStatusReqFreq": { + "type": "integer", + "description": "The DevStatusReqFreq value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "dlBucketSize": { + "type": "integer", + "description": "The DLBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "dlRate": { + "type": "integer", + "description": "The DLRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "dlRatePolicy": { + "type": "string", + "description": "The DLRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "drMax": { + "type": "integer", + "description": "The DRMax value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "drMin": { + "type": "integer", + "description": "The DRMin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "hrAllowed": { + "type": "boolean", + "description": "The HRAllowed value that describes whether handover roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "minGwDiversity": { + "type": "integer", + "description": "The MinGwDiversity value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "nwkGeoLoc": { + "type": "boolean", + "description": "The NwkGeoLoc value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "prAllowed": { + "type": "boolean", + "description": "The PRAllowed value that describes whether passive roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "raAllowed": { + "type": "boolean", + "description": "The RAAllowed value that describes whether roaming activation is allowed." + }, + "reportDevStatusBattery": { + "type": "boolean", + "description": "The ReportDevStatusBattery value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "reportDevStatusMargin": { + "type": "boolean", + "description": "The ReportDevStatusMargin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "targetPer": { + "type": "integer", + "description": "The TargetPer value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "ulBucketSize": { + "type": "integer", + "description": "The UlBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "ulRate": { + "type": "integer", + "description": "The ULRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + }, + "ulRatePolicy": { + "type": "string", + "description": "The ULRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`" + } + } + }, + "aws-native:iotwireless:ServiceProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key value." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iotwireless:TaskDefinitionLoRaWanGatewayVersion": { + "type": "object", + "properties": { + "model": { + "type": "string", + "description": "The model number of the wireless gateway." + }, + "packageVersion": { + "type": "string", + "description": "The version of the wireless gateway firmware." + }, + "station": { + "type": "string", + "description": "The basic station version of the wireless gateway." + } + } + }, + "aws-native:iotwireless:TaskDefinitionLoRaWanUpdateGatewayTaskCreate": { + "type": "object", + "properties": { + "currentVersion": { + "$ref": "#/types/aws-native:iotwireless:TaskDefinitionLoRaWanGatewayVersion", + "description": "The version of the gateways that should receive the update." + }, + "sigKeyCrc": { + "type": "integer", + "description": "The CRC of the signature private key to check." + }, + "updateSignature": { + "type": "string", + "description": "The signature used to verify the update firmware." + }, + "updateVersion": { + "$ref": "#/types/aws-native:iotwireless:TaskDefinitionLoRaWanGatewayVersion", + "description": "The firmware version to update the gateway to." + } + } + }, + "aws-native:iotwireless:TaskDefinitionLoRaWanUpdateGatewayTaskEntry": { + "type": "object", + "properties": { + "currentVersion": { + "$ref": "#/types/aws-native:iotwireless:TaskDefinitionLoRaWanGatewayVersion", + "description": "The version of the gateways that should receive the update." + }, + "updateVersion": { + "$ref": "#/types/aws-native:iotwireless:TaskDefinitionLoRaWanGatewayVersion", + "description": "The firmware version to update the gateway to." + } + } + }, + "aws-native:iotwireless:TaskDefinitionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key value." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iotwireless:TaskDefinitionType": { + "type": "string" + }, + "aws-native:iotwireless:TaskDefinitionUpdateWirelessGatewayTaskCreate": { + "type": "object", + "properties": { + "loRaWan": { + "$ref": "#/types/aws-native:iotwireless:TaskDefinitionLoRaWanUpdateGatewayTaskCreate", + "description": "The properties that relate to the LoRaWAN wireless gateway." + }, + "updateDataRole": { + "type": "string", + "description": "The IAM role used to read data from the S3 bucket." + }, + "updateDataSource": { + "type": "string", + "description": "The link to the S3 bucket." + } + }, + "irreversibleNames": { + "loRaWan": "LoRaWAN" + } + }, + "aws-native:iotwireless:TraceContentProperties": { + "type": "object", + "properties": { + "logLevel": { + "$ref": "#/types/aws-native:iotwireless:NetworkAnalyzerConfigurationLogLevel", + "description": "The log level for a log message. The log levels can be disabled, or set to `ERROR` to display less verbose logs containing only error information, or to `INFO` for more detailed logs" + }, + "wirelessDeviceFrameInfo": { + "$ref": "#/types/aws-native:iotwireless:NetworkAnalyzerConfigurationWirelessDeviceFrameInfo", + "description": "`FrameInfo` of your wireless device resources for the trace content. Use FrameInfo to debug the communication between your LoRaWAN end devices and the network server." + } + } + }, + "aws-native:iotwireless:WirelessDeviceAbpV10x": { + "type": "object", + "properties": { + "devAddr": { + "type": "string", + "description": "The DevAddr value." + }, + "sessionKeys": { + "$ref": "#/types/aws-native:iotwireless:WirelessDeviceSessionKeysAbpV10x", + "description": "Session keys for ABP v1.0.x." + } + } + }, + "aws-native:iotwireless:WirelessDeviceAbpV11": { + "type": "object", + "properties": { + "devAddr": { + "type": "string", + "description": "The DevAddr value." + }, + "sessionKeys": { + "$ref": "#/types/aws-native:iotwireless:WirelessDeviceSessionKeysAbpV11", + "description": "Session keys for ABP v1.1." + } + } + }, + "aws-native:iotwireless:WirelessDeviceLoRaWanDevice": { + "type": "object", + "properties": { + "abpV10x": { + "$ref": "#/types/aws-native:iotwireless:WirelessDeviceAbpV10x", + "description": "ABP device object for LoRaWAN specification v1.0.x." + }, + "abpV11": { + "$ref": "#/types/aws-native:iotwireless:WirelessDeviceAbpV11", + "description": "ABP device object for create APIs for v1.1." + }, + "devEui": { + "type": "string", + "description": "The DevEUI value." + }, + "deviceProfileId": { + "type": "string", + "description": "The ID of the device profile for the new wireless device." + }, + "otaaV10x": { + "$ref": "#/types/aws-native:iotwireless:WirelessDeviceOtaaV10x", + "description": "OTAA device object for create APIs for v1.0.x" + }, + "otaaV11": { + "$ref": "#/types/aws-native:iotwireless:WirelessDeviceOtaaV11", + "description": "OTAA device object for v1.1 for create APIs." + }, + "serviceProfileId": { + "type": "string", + "description": "The ID of the service profile." + } + }, + "irreversibleNames": { + "abpV10x": "AbpV10x", + "abpV11": "AbpV11", + "otaaV10x": "OtaaV10x", + "otaaV11": "OtaaV11" + } + }, + "aws-native:iotwireless:WirelessDeviceOtaaV10x": { + "type": "object", + "properties": { + "appEui": { + "type": "string", + "description": "The AppEUI value. You specify this value when using LoRaWAN versions v1.0.2 or v1.0.3." + }, + "appKey": { + "type": "string", + "description": "The AppKey value." + } + } + }, + "aws-native:iotwireless:WirelessDeviceOtaaV11": { + "type": "object", + "properties": { + "appKey": { + "type": "string", + "description": "The AppKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value." + }, + "joinEui": { + "type": "string", + "description": "The JoinEUI value." + }, + "nwkKey": { + "type": "string", + "description": "The NwkKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value." + } + } + }, + "aws-native:iotwireless:WirelessDeviceSessionKeysAbpV10x": { + "type": "object", + "properties": { + "appSKey": { + "type": "string", + "description": "The AppSKey value." + }, + "nwkSKey": { + "type": "string", + "description": "The NwkKey value." + } + } + }, + "aws-native:iotwireless:WirelessDeviceSessionKeysAbpV11": { + "type": "object", + "properties": { + "appSKey": { + "type": "string", + "description": "The AppSKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppSKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value." + }, + "fNwkSIntKey": { + "type": "string", + "description": "The FNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the FNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value." + }, + "nwkSEncKey": { + "type": "string", + "description": "The NwkSEncKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkSEncKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value." + }, + "sNwkSIntKey": { + "type": "string", + "description": "The SNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the SNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value." + } + } + }, + "aws-native:iotwireless:WirelessDeviceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key value." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:iotwireless:WirelessDeviceType": { + "type": "string" + }, + "aws-native:iotwireless:WirelessGatewayLoRaWanGateway": { + "type": "object", + "properties": { + "gatewayEui": { + "type": "string", + "description": "The gateway's EUI value." + }, + "rfRegion": { + "type": "string", + "description": "The frequency band (RFRegion) value." + } + } + }, + "aws-native:iotwireless:WirelessGatewayTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key value." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:ivs:ChannelLatencyMode": { + "type": "string" + }, + "aws-native:ivs:ChannelPreset": { + "type": "string" + }, + "aws-native:ivs:ChannelTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:ivs:ChannelType": { + "type": "string" + }, + "aws-native:ivs:EncoderConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ivs:PlaybackKeyPairTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:ivs:PlaybackRestrictionPolicyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ivs:RecordingConfigurationDestinationConfiguration": { + "type": "object", + "properties": { + "s3": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationS3DestinationConfiguration", + "description": "An S3 destination configuration where recorded videos will be stored. See the [S3DestinationConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-s3destinationconfiguration.html) property type for more information.", + "replaceOnChanges": true + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:ivs:RecordingConfigurationRenditionConfiguration": { + "type": "object", + "properties": { + "renditionSelection": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationRenditionConfigurationRenditionSelection", + "description": "Resolution Selection indicates which set of renditions are recorded for a stream.", + "replaceOnChanges": true + }, + "renditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationRenditionConfigurationRenditionsItem" + }, + "description": "Renditions indicates which renditions are recorded for a stream.", + "replaceOnChanges": true + } + } + }, + "aws-native:ivs:RecordingConfigurationRenditionConfigurationRenditionSelection": { + "type": "string" + }, + "aws-native:ivs:RecordingConfigurationRenditionConfigurationRenditionsItem": { + "type": "string" + }, + "aws-native:ivs:RecordingConfigurationS3DestinationConfiguration": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "Location (S3 bucket name) where recorded videos will be stored.", + "replaceOnChanges": true + } + } + }, + "aws-native:ivs:RecordingConfigurationState": { + "type": "string" + }, + "aws-native:ivs:RecordingConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:ivs:RecordingConfigurationThumbnailConfiguration": { + "type": "object", + "properties": { + "recordingMode": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationThumbnailConfigurationRecordingMode", + "description": "Thumbnail Recording Mode, which determines whether thumbnails are recorded at an interval or are disabled.", + "replaceOnChanges": true + }, + "resolution": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationThumbnailConfigurationResolution", + "description": "Resolution indicates the desired resolution of recorded thumbnails.", + "replaceOnChanges": true + }, + "storage": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ivs:RecordingConfigurationThumbnailConfigurationStorageItem" + }, + "description": "Storage indicates the format in which thumbnails are recorded.", + "replaceOnChanges": true + }, + "targetIntervalSeconds": { + "type": "integer", + "description": "Target Interval Seconds defines the interval at which thumbnails are recorded. This field is required if RecordingMode is INTERVAL.", + "replaceOnChanges": true + } + } + }, + "aws-native:ivs:RecordingConfigurationThumbnailConfigurationRecordingMode": { + "type": "string" + }, + "aws-native:ivs:RecordingConfigurationThumbnailConfigurationResolution": { + "type": "string" + }, + "aws-native:ivs:RecordingConfigurationThumbnailConfigurationStorageItem": { + "type": "string" + }, + "aws-native:ivs:StageTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:ivs:StorageConfigurationS3StorageConfiguration": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "Location (S3 bucket name) where recorded videos will be stored. Note that the StorageConfiguration and S3 bucket must be in the same region as the Composition.", + "replaceOnChanges": true + } + } + }, + "aws-native:ivs:StorageConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:ivs:StreamKeyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that makes up a tag. A `key` is a general label that acts like a category for more specific tag values." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that makes up a tag. A `value` acts as a descriptor within a tag category (key)." + } + } + }, + "aws-native:ivs:VideoProperties": { + "type": "object", + "properties": { + "bitrate": { + "type": "integer", + "description": "Bitrate for generated output, in bps. Default: 2500000.", + "replaceOnChanges": true + }, + "framerate": { + "type": "number", + "description": "Video frame rate, in fps. Default: 30.", + "replaceOnChanges": true + }, + "height": { + "type": "integer", + "description": "Video-resolution height. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 720.", + "replaceOnChanges": true + }, + "width": { + "type": "integer", + "description": "Video-resolution width. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 1280.", + "replaceOnChanges": true + } + } + }, + "aws-native:ivschat:LoggingConfigurationCloudWatchLogsDestinationConfiguration": { + "type": "object", + "properties": { + "logGroupName": { + "type": "string", + "description": "Name of the Amazon CloudWatch Logs log group where chat activity will be logged." + } + } + }, + "aws-native:ivschat:LoggingConfigurationDestinationConfiguration": { + "type": "object", + "properties": { + "cloudWatchLogs": { + "$ref": "#/types/aws-native:ivschat:LoggingConfigurationCloudWatchLogsDestinationConfiguration", + "description": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged." + }, + "firehose": { + "$ref": "#/types/aws-native:ivschat:LoggingConfigurationFirehoseDestinationConfiguration", + "description": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged." + }, + "s3": { + "$ref": "#/types/aws-native:ivschat:LoggingConfigurationS3DestinationConfiguration", + "description": "An Amazon S3 destination configuration where chat activity will be logged." + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:ivschat:LoggingConfigurationFirehoseDestinationConfiguration": { + "type": "object", + "properties": { + "deliveryStreamName": { + "type": "string", + "description": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged." + } + } + }, + "aws-native:ivschat:LoggingConfigurationS3DestinationConfiguration": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "Name of the Amazon S3 bucket where chat activity will be logged." + } + } + }, + "aws-native:ivschat:LoggingConfigurationState": { + "type": "string" + }, + "aws-native:ivschat:LoggingConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ivschat:RoomMessageReviewHandler": { + "type": "object", + "properties": { + "fallbackResult": { + "$ref": "#/types/aws-native:ivschat:RoomMessageReviewHandlerFallbackResult", + "description": "Specifies the fallback behavior if the handler does not return a valid response, encounters an error, or times out." + }, + "uri": { + "type": "string", + "description": "Identifier of the message review handler." + } + } + }, + "aws-native:ivschat:RoomMessageReviewHandlerFallbackResult": { + "type": "string" + }, + "aws-native:ivschat:RoomTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:kafkaconnect:ConnectorApacheKafkaCluster": { + "type": "object", + "properties": { + "bootstrapServers": { + "type": "string", + "description": "The bootstrap servers string of the Apache Kafka cluster." + }, + "vpc": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorVpc", + "description": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster." + } + } + }, + "aws-native:kafkaconnect:ConnectorAutoScaling": { + "type": "object", + "properties": { + "maxWorkerCount": { + "type": "integer", + "description": "The maximum number of workers for a connector." + }, + "mcuCount": { + "type": "integer", + "description": "Specifies how many MSK Connect Units (MCU) as the minimum scaling unit." + }, + "minWorkerCount": { + "type": "integer", + "description": "The minimum number of workers for a connector." + }, + "scaleInPolicy": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorScaleInPolicy", + "description": "The sacle-in policy for the connector." + }, + "scaleOutPolicy": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorScaleOutPolicy", + "description": "The sacle-out policy for the connector." + } + } + }, + "aws-native:kafkaconnect:ConnectorCapacity": { + "type": "object", + "properties": { + "autoScaling": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorAutoScaling", + "description": "Information about the auto scaling parameters for the connector." + }, + "provisionedCapacity": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorProvisionedCapacity", + "description": "Details about a fixed capacity allocated to a connector." + } + } + }, + "aws-native:kafkaconnect:ConnectorCloudWatchLogsLogDelivery": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Specifies whether the logs get sent to the specified CloudWatch Logs destination." + }, + "logGroup": { + "type": "string", + "description": "The CloudWatch log group that is the destination for log delivery." + } + } + }, + "aws-native:kafkaconnect:ConnectorCustomPlugin": { + "type": "object", + "properties": { + "customPluginArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the custom plugin to use." + }, + "revision": { + "type": "integer", + "description": "The revision of the custom plugin to use." + } + } + }, + "aws-native:kafkaconnect:ConnectorFirehoseLogDelivery": { + "type": "object", + "properties": { + "deliveryStream": { + "type": "string", + "description": "The Kinesis Data Firehose delivery stream that is the destination for log delivery." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether the logs get sent to the specified Kinesis Data Firehose delivery stream." + } + } + }, + "aws-native:kafkaconnect:ConnectorKafkaCluster": { + "type": "object", + "properties": { + "apacheKafkaCluster": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorApacheKafkaCluster", + "description": "The Apache Kafka cluster to which the connector is connected." + } + } + }, + "aws-native:kafkaconnect:ConnectorKafkaClusterClientAuthentication": { + "type": "object", + "properties": { + "authenticationType": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorKafkaClusterClientAuthenticationType", + "description": "The type of client authentication used to connect to the Apache Kafka cluster. Value NONE means that no client authentication is used." + } + } + }, + "aws-native:kafkaconnect:ConnectorKafkaClusterClientAuthenticationType": { + "type": "string" + }, + "aws-native:kafkaconnect:ConnectorKafkaClusterEncryptionInTransit": { + "type": "object", + "properties": { + "encryptionType": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorKafkaClusterEncryptionInTransitType", + "description": "The type of encryption in transit to the Apache Kafka cluster." + } + } + }, + "aws-native:kafkaconnect:ConnectorKafkaClusterEncryptionInTransitType": { + "type": "string" + }, + "aws-native:kafkaconnect:ConnectorLogDelivery": { + "type": "object", + "properties": { + "workerLogDelivery": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorWorkerLogDelivery", + "description": "The workers can send worker logs to different destination types. This configuration specifies the details of these destinations." + } + } + }, + "aws-native:kafkaconnect:ConnectorPlugin": { + "type": "object", + "properties": { + "customPlugin": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorCustomPlugin", + "description": "Details about a custom plugin." + } + } + }, + "aws-native:kafkaconnect:ConnectorProvisionedCapacity": { + "type": "object", + "properties": { + "mcuCount": { + "type": "integer", + "description": "Specifies how many MSK Connect Units (MCU) are allocated to the connector." + }, + "workerCount": { + "type": "integer", + "description": "Number of workers for a connector." + } + } + }, + "aws-native:kafkaconnect:ConnectorS3LogDelivery": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the S3 bucket that is the destination for log delivery." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether the logs get sent to the specified Amazon S3 destination." + }, + "prefix": { + "type": "string", + "description": "The S3 prefix that is the destination for log delivery." + } + } + }, + "aws-native:kafkaconnect:ConnectorScaleInPolicy": { + "type": "object", + "properties": { + "cpuUtilizationPercentage": { + "type": "integer", + "description": "Specifies the CPU utilization percentage threshold at which connector scale in should trigger." + } + } + }, + "aws-native:kafkaconnect:ConnectorScaleOutPolicy": { + "type": "object", + "properties": { + "cpuUtilizationPercentage": { + "type": "integer", + "description": "Specifies the CPU utilization percentage threshold at which connector scale out should trigger." + } + } + }, + "aws-native:kafkaconnect:ConnectorTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:kafkaconnect:ConnectorVpc": { + "type": "object", + "properties": { + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The AWS security groups to associate with the elastic network interfaces in order to specify what the connector has access to." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of subnets to connect to in the virtual private cloud (VPC). AWS creates elastic network interfaces inside these subnets." + } + } + }, + "aws-native:kafkaconnect:ConnectorWorkerConfiguration": { + "type": "object", + "properties": { + "revision": { + "type": "integer", + "description": "The revision of the worker configuration to use." + }, + "workerConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the worker configuration to use." + } + } + }, + "aws-native:kafkaconnect:ConnectorWorkerLogDelivery": { + "type": "object", + "properties": { + "cloudWatchLogs": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorCloudWatchLogsLogDelivery", + "description": "Details about delivering logs to Amazon CloudWatch Logs." + }, + "firehose": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorFirehoseLogDelivery", + "description": "Details about delivering logs to Amazon Kinesis Data Firehose." + }, + "s3": { + "$ref": "#/types/aws-native:kafkaconnect:ConnectorS3LogDelivery", + "description": "Details about delivering logs to Amazon S3." + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:kafkaconnect:CustomPluginContentType": { + "type": "string" + }, + "aws-native:kafkaconnect:CustomPluginFileDescription": { + "type": "object", + "properties": { + "fileMd5": { + "type": "string", + "description": "The hex-encoded MD5 checksum of the custom plugin file. You can use it to validate the file." + }, + "fileSize": { + "type": "integer", + "description": "The size in bytes of the custom plugin file. You can use it to validate the file." + } + } + }, + "aws-native:kafkaconnect:CustomPluginLocation": { + "type": "object", + "properties": { + "s3Location": { + "$ref": "#/types/aws-native:kafkaconnect:CustomPluginS3Location", + "description": "The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3." + } + }, + "irreversibleNames": { + "s3Location": "S3Location" + } + }, + "aws-native:kafkaconnect:CustomPluginS3Location": { + "type": "object", + "properties": { + "bucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an S3 bucket." + }, + "fileKey": { + "type": "string", + "description": "The file key for an object in an S3 bucket." + }, + "objectVersion": { + "type": "string", + "description": "The version of an object in an S3 bucket." + } + } + }, + "aws-native:kafkaconnect:CustomPluginTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:kafkaconnect:WorkerConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:kendra:DataSourceAccessControlListConfiguration": { + "type": "object", + "properties": { + "keyPath": { + "type": "string", + "description": "Path to the AWS S3 bucket that contains the access control list files." + } + } + }, + "aws-native:kendra:DataSourceAclConfiguration": { + "type": "object", + "properties": { + "allowedGroupsColumnName": { + "type": "string", + "description": "A list of groups, separated by semi-colons, that filters a query response based on user context. The document is only returned to users that are in one of the groups specified in the `UserContext` field of the [Query](https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html) operation." + } + } + }, + "aws-native:kendra:DataSourceColumnConfiguration": { + "type": "object", + "properties": { + "changeDetectingColumns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One to five columns that indicate when a document in the database has changed." + }, + "documentDataColumnName": { + "type": "string", + "description": "The column that contains the contents of the document." + }, + "documentIdColumnName": { + "type": "string", + "description": "The column that provides the document's identifier." + }, + "documentTitleColumnName": { + "type": "string", + "description": "The column that contains the title of the document." + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + }, + "description": "An array of objects that map database column names to the corresponding fields in an index. You must first create the fields in the index using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation." + } + } + }, + "aws-native:kendra:DataSourceConditionOperator": { + "type": "string" + }, + "aws-native:kendra:DataSourceConfiguration": { + "type": "object", + "properties": { + "confluenceConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluenceConfiguration", + "description": "Provides the configuration information to connect to Confluence as your data source." + }, + "databaseConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceDatabaseConfiguration", + "description": "Provides the configuration information to connect to a database as your data source." + }, + "googleDriveConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceGoogleDriveConfiguration", + "description": "Provides the configuration information to connect to Google Drive as your data source." + }, + "oneDriveConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceOneDriveConfiguration", + "description": "Provides the configuration information to connect to Microsoft OneDrive as your data source." + }, + "s3Configuration": { + "$ref": "#/types/aws-native:kendra:DataSourceS3DataSourceConfiguration", + "description": "Provides the configuration information to connect to an Amazon S3 bucket as your data source.\n\n\u003e Amazon Kendra now supports an upgraded Amazon S3 connector.\n\u003e \n\u003e You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector.\n\u003e \n\u003e Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector.\n\u003e \n\u003e We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024." + }, + "salesforceConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceSalesforceConfiguration", + "description": "Provides the configuration information to connect to Salesforce as your data source." + }, + "serviceNowConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceServiceNowConfiguration", + "description": "Provides the configuration information to connect to ServiceNow as your data source." + }, + "sharePointConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceSharePointConfiguration", + "description": "Provides the configuration information to connect to Microsoft SharePoint as your data source." + }, + "webCrawlerConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceWebCrawlerConfiguration", + "description": "Provides the configuration information required for Amazon Kendra Web Crawler." + }, + "workDocsConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceWorkDocsConfiguration", + "description": "Provides the configuration information to connect to Amazon WorkDocs as your data source." + } + }, + "irreversibleNames": { + "s3Configuration": "S3Configuration" + } + }, + "aws-native:kendra:DataSourceConfluenceAttachmentConfiguration": { + "type": "object", + "properties": { + "attachmentFieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluenceAttachmentToIndexFieldMapping" + }, + "description": "Maps attributes or field names of Confluence attachments to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `AttachentFieldMappings` parameter, you must specify at least one field mapping." + }, + "crawlAttachments": { + "type": "boolean", + "description": "`TRUE` to index attachments of pages and blogs in Confluence." + } + } + }, + "aws-native:kendra:DataSourceConfluenceAttachmentFieldName": { + "type": "string" + }, + "aws-native:kendra:DataSourceConfluenceAttachmentToIndexFieldMapping": { + "type": "object", + "properties": { + "dataSourceFieldName": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluenceAttachmentFieldName" + }, + "dateFieldFormat": { + "type": "string" + }, + "indexFieldName": { + "type": "string" + } + } + }, + "aws-native:kendra:DataSourceConfluenceBlogConfiguration": { + "type": "object", + "properties": { + "blogFieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluenceBlogToIndexFieldMapping" + }, + "description": "Maps attributes or field names of Confluence blogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `BlogFieldMappings` parameter, you must specify at least one field mapping." + } + } + }, + "aws-native:kendra:DataSourceConfluenceBlogFieldName": { + "type": "string" + }, + "aws-native:kendra:DataSourceConfluenceBlogToIndexFieldMapping": { + "type": "object", + "properties": { + "dataSourceFieldName": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluenceBlogFieldName" + }, + "dateFieldFormat": { + "type": "string" + }, + "indexFieldName": { + "type": "string" + } + } + }, + "aws-native:kendra:DataSourceConfluenceConfiguration": { + "type": "object", + "properties": { + "attachmentConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluenceAttachmentConfiguration", + "description": "Configuration information for indexing attachments to Confluence blogs and pages." + }, + "blogConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluenceBlogConfiguration", + "description": "Configuration information for indexing Confluence blogs." + }, + "exclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index." + }, + "inclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to include certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are included in the index. Content that doesn't match the patterns is excluded from the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index." + }, + "pageConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluencePageConfiguration", + "description": "Configuration information for indexing Confluence pages." + }, + "secretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the Confluence instance. If you use Confluence Cloud, you use a generated API token as the password.\n\nYou can also provide authentication credentials in the form of a personal access token. For more information, see [Using a Confluence data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-confluence.html) ." + }, + "serverUrl": { + "type": "string", + "description": "The URL of your Confluence instance. Use the full URL of the server. For example, *https://server.example.com:port/* . You can also use an IP address, for example, *https://192.168.1.113/* ." + }, + "spaceConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluenceSpaceConfiguration", + "description": "Configuration information for indexing Confluence spaces." + }, + "version": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluenceVersion", + "description": "The version or the type of Confluence installation to connect to." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceVpcConfiguration", + "description": "Configuration information for an Amazon Virtual Private Cloud to connect to your Confluence. For more information, see [Configuring a VPC](https://docs.aws.amazon.com/kendra/latest/dg/vpc-configuration.html) ." + } + } + }, + "aws-native:kendra:DataSourceConfluencePageConfiguration": { + "type": "object", + "properties": { + "pageFieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluencePageToIndexFieldMapping" + }, + "description": "Maps attributes or field names of Confluence pages to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `PageFieldMappings` parameter, you must specify at least one field mapping." + } + } + }, + "aws-native:kendra:DataSourceConfluencePageFieldName": { + "type": "string" + }, + "aws-native:kendra:DataSourceConfluencePageToIndexFieldMapping": { + "type": "object", + "properties": { + "dataSourceFieldName": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluencePageFieldName" + }, + "dateFieldFormat": { + "type": "string" + }, + "indexFieldName": { + "type": "string" + } + } + }, + "aws-native:kendra:DataSourceConfluenceSpaceConfiguration": { + "type": "object", + "properties": { + "crawlArchivedSpaces": { + "type": "boolean", + "description": "`TRUE` to index archived spaces." + }, + "crawlPersonalSpaces": { + "type": "boolean", + "description": "`TRUE` to index personal spaces. You can add restrictions to items in personal spaces. If personal spaces are indexed, queries without user context information may return restricted items from a personal space in their results. For more information, see [Filtering on user context](https://docs.aws.amazon.com/kendra/latest/dg/user-context-filter.html) ." + }, + "excludeSpaces": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of space keys of Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are not indexed. If a space is in both the `ExcludeSpaces` and the `IncludeSpaces` list, the space is excluded." + }, + "includeSpaces": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of space keys for Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are indexed. Spaces that aren't in the list aren't indexed. A space in the list must exist. Otherwise, Amazon Kendra logs an error when the data source is synchronized. If a space is in both the `IncludeSpaces` and the `ExcludeSpaces` list, the space is excluded." + }, + "spaceFieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluenceSpaceToIndexFieldMapping" + }, + "description": "Maps attributes or field names of Confluence spaces to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `SpaceFieldMappings` parameter, you must specify at least one field mapping." + } + } + }, + "aws-native:kendra:DataSourceConfluenceSpaceFieldName": { + "type": "string" + }, + "aws-native:kendra:DataSourceConfluenceSpaceToIndexFieldMapping": { + "type": "object", + "properties": { + "dataSourceFieldName": { + "$ref": "#/types/aws-native:kendra:DataSourceConfluenceSpaceFieldName" + }, + "dateFieldFormat": { + "type": "string" + }, + "indexFieldName": { + "type": "string" + } + } + }, + "aws-native:kendra:DataSourceConfluenceVersion": { + "type": "string" + }, + "aws-native:kendra:DataSourceConnectionConfiguration": { + "type": "object", + "properties": { + "databaseHost": { + "type": "string", + "description": "The name of the host for the database. Can be either a string (host.subdomain.domain.tld) or an IPv4 or IPv6 address." + }, + "databaseName": { + "type": "string", + "description": "The name of the database containing the document data." + }, + "databasePort": { + "type": "integer", + "description": "The port that the database uses for connections." + }, + "secretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that stores the credentials. The credentials should be a user-password pair. For more information, see [Using a Database Data Source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-database.html) . For more information about AWS Secrets Manager , see [What Is AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) in the *AWS Secrets Manager* user guide." + }, + "tableName": { + "type": "string", + "description": "The name of the table that contains the document data." + } + } + }, + "aws-native:kendra:DataSourceCustomDocumentEnrichmentConfiguration": { + "type": "object", + "properties": { + "inlineConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceInlineCustomDocumentEnrichmentConfiguration" + }, + "description": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra." + }, + "postExtractionHookConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceHookConfiguration", + "description": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) ." + }, + "preExtractionHookConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceHookConfiguration", + "description": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) ." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) ." + } + } + }, + "aws-native:kendra:DataSourceDatabaseConfiguration": { + "type": "object", + "properties": { + "aclConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceAclConfiguration", + "description": "Information about the database column that provides information for user context filtering." + }, + "columnConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceColumnConfiguration", + "description": "Information about where the index should get the document information from the database." + }, + "connectionConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceConnectionConfiguration", + "description": "Configuration information that's required to connect to a database." + }, + "databaseEngineType": { + "$ref": "#/types/aws-native:kendra:DataSourceDatabaseEngineType", + "description": "The type of database engine that runs the database." + }, + "sqlConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceSqlConfiguration", + "description": "Provides information about how Amazon Kendra uses quote marks around SQL identifiers when querying a database data source." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceVpcConfiguration", + "description": "Provides information for connecting to an Amazon VPC." + } + } + }, + "aws-native:kendra:DataSourceDatabaseEngineType": { + "type": "string" + }, + "aws-native:kendra:DataSourceDocumentAttributeCondition": { + "type": "object", + "properties": { + "conditionDocumentAttributeKey": { + "type": "string", + "description": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Kendra currently does not support `_document_body` as an attribute key used for the condition." + }, + "conditionOnValue": { + "$ref": "#/types/aws-native:kendra:DataSourceDocumentAttributeValue", + "description": "The value used by the operator.\n\nFor example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value." + }, + "operator": { + "$ref": "#/types/aws-native:kendra:DataSourceConditionOperator", + "description": "The condition operator.\n\nFor example, you can use 'Contains' to partially match a string." + } + } + }, + "aws-native:kendra:DataSourceDocumentAttributeTarget": { + "type": "object", + "properties": { + "targetDocumentAttributeKey": { + "type": "string" + }, + "targetDocumentAttributeValue": { + "$ref": "#/types/aws-native:kendra:DataSourceDocumentAttributeValue" + }, + "targetDocumentAttributeValueDeletion": { + "type": "boolean" + } + } + }, + "aws-native:kendra:DataSourceDocumentAttributeValue": { + "type": "object", + "properties": { + "dateValue": { + "type": "string", + "description": "A date expressed as an ISO 8601 string.\n\nIt is important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time." + }, + "longValue": { + "type": "integer", + "description": "A long integer value." + }, + "stringListValue": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of strings. The default maximum length or number of strings is 10." + }, + "stringValue": { + "type": "string", + "description": "A string, such as \"department\"." + } + } + }, + "aws-native:kendra:DataSourceDocumentsMetadataConfiguration": { + "type": "object", + "properties": { + "s3Prefix": { + "type": "string", + "description": "A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `S3Prefix` to include only the desired metadata files." + } + }, + "irreversibleNames": { + "s3Prefix": "S3Prefix" + } + }, + "aws-native:kendra:DataSourceGoogleDriveConfiguration": { + "type": "object", + "properties": { + "excludeMimeTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of MIME types to exclude from the index. All documents matching the specified MIME type are excluded.\n\nFor a list of MIME types, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) ." + }, + "excludeSharedDrives": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of identifiers or shared drives to exclude from the index. All files and folders stored on the shared drive are excluded." + }, + "excludeUserAccounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of email addresses of the users. Documents owned by these users are excluded from the index. Documents shared with excluded users are indexed unless they are excluded in another way." + }, + "exclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to exclude certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index." + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + }, + "description": "Maps Google Drive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Google Drive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Google Drive data source field names must exist in your Google Drive custom metadata." + }, + "inclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to include certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index." + }, + "secretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of a AWS Secrets Manager secret that contains the credentials required to connect to Google Drive. For more information, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) ." + } + } + }, + "aws-native:kendra:DataSourceHookConfiguration": { + "type": "object", + "properties": { + "invocationCondition": { + "$ref": "#/types/aws-native:kendra:DataSourceDocumentAttributeCondition", + "description": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time." + }, + "lambdaArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role with permission to run a Lambda function during ingestion. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) ." + }, + "s3Bucket": { + "type": "string", + "description": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda) ." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket" + } + }, + "aws-native:kendra:DataSourceInlineCustomDocumentEnrichmentConfiguration": { + "type": "object", + "properties": { + "condition": { + "$ref": "#/types/aws-native:kendra:DataSourceDocumentAttributeCondition" + }, + "documentContentDeletion": { + "type": "boolean" + }, + "target": { + "$ref": "#/types/aws-native:kendra:DataSourceDocumentAttributeTarget" + } + } + }, + "aws-native:kendra:DataSourceOneDriveConfiguration": { + "type": "object", + "properties": { + "disableLocalGroups": { + "type": "boolean", + "description": "`TRUE` to disable local groups information." + }, + "exclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to exclude certain documents in your OneDrive. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name." + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + }, + "description": "A list of `DataSourceToIndexFieldMapping` objects that map OneDrive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to OneDrive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The OneDrive data source field names must exist in your OneDrive custom metadata." + }, + "inclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to include certain documents in your OneDrive. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name." + }, + "oneDriveUsers": { + "$ref": "#/types/aws-native:kendra:DataSourceOneDriveUsers", + "description": "A list of user accounts whose documents should be indexed." + }, + "secretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password to connect to OneDrive. The user name should be the application ID for the OneDrive application, and the password is the application key for the OneDrive application." + }, + "tenantDomain": { + "type": "string", + "description": "The Azure Active Directory domain of the organization." + } + } + }, + "aws-native:kendra:DataSourceOneDriveUsers": { + "type": "object", + "properties": { + "oneDriveUserList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of users whose documents should be indexed. Specify the user names in email format, for example, `username@tenantdomain` . If you need to index the documents of more than 10 users, use the `OneDriveUserS3Path` field to specify the location of a file containing a list of users." + }, + "oneDriveUserS3Path": { + "$ref": "#/types/aws-native:kendra:DataSourceS3Path", + "description": "The S3 bucket location of a file containing a list of users whose documents should be indexed." + } + }, + "irreversibleNames": { + "oneDriveUserS3Path": "OneDriveUserS3Path" + } + }, + "aws-native:kendra:DataSourceProxyConfiguration": { + "type": "object", + "properties": { + "credentials": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nThe credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials." + }, + "host": { + "type": "string", + "description": "The name of the website host you want to connect to via a web proxy server.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\"." + }, + "port": { + "type": "integer", + "description": "The port number of the website host you want to connect to via a web proxy server.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS." + } + } + }, + "aws-native:kendra:DataSourceQueryIdentifiersEnclosingOption": { + "type": "string" + }, + "aws-native:kendra:DataSourceS3DataSourceConfiguration": { + "type": "object", + "properties": { + "accessControlListConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceAccessControlListConfiguration", + "description": "Provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html) ." + }, + "bucketName": { + "type": "string", + "description": "The name of the bucket that contains the documents." + }, + "documentsMetadataConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceDocumentsMetadataConfiguration", + "description": "Specifies document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document." + }, + "exclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to exclude from your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** —All files inside config directory.\n- ***/*.png* —All .png files in all directories.\n- ***/*.{png, ico, md}* —All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* —All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* —All .ts files but not .module.ts\n- **.png , *.jpg* —All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** —All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** —All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference." + }, + "inclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to include in your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** —All files inside config directory.\n- ***/*.png* —All .png files in all directories.\n- ***/*.{png, ico, md}* —All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* —All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* —All .ts files but not .module.ts\n- **.png , *.jpg* —All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** —All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** —All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference." + }, + "inclusionPrefixes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of S3 prefixes for the documents that should be included in the index." + } + } + }, + "aws-native:kendra:DataSourceS3Path": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the S3 bucket that contains the file." + }, + "key": { + "type": "string", + "description": "The name of the file." + } + } + }, + "aws-native:kendra:DataSourceSalesforceChatterFeedConfiguration": { + "type": "object", + "properties": { + "documentDataFieldName": { + "type": "string", + "description": "The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the `Body` column." + }, + "documentTitleFieldName": { + "type": "string", + "description": "The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the `Title` column." + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + }, + "description": "Maps fields from a Salesforce chatter feed into Amazon Kendra index fields." + }, + "includeFilterTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceSalesforceChatterFeedIncludeFilterType" + }, + "description": "Filters the documents in the feed based on status of the user. When you specify `ACTIVE_USERS` only documents from users who have an active account are indexed. When you specify `STANDARD_USER` only documents for Salesforce standard users are documented. You can specify both." + } + } + }, + "aws-native:kendra:DataSourceSalesforceChatterFeedIncludeFilterType": { + "type": "string" + }, + "aws-native:kendra:DataSourceSalesforceConfiguration": { + "type": "object", + "properties": { + "chatterFeedConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceSalesforceChatterFeedConfiguration", + "description": "Configuration information for Salesforce chatter feeds." + }, + "crawlAttachments": { + "type": "boolean", + "description": "Indicates whether Amazon Kendra should index attachments to Salesforce objects." + }, + "excludeAttachmentFilePatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to exclude certain documents in your Salesforce. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file." + }, + "includeAttachmentFilePatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to include certain documents in your Salesforce. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file." + }, + "knowledgeArticleConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceSalesforceKnowledgeArticleConfiguration", + "description": "Configuration information for the knowledge article types that Amazon Kendra indexes. Amazon Kendra indexes standard knowledge articles and the standard fields of knowledge articles, or the custom fields of custom knowledge articles, but not both." + }, + "secretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the key/value pairs required to connect to your Salesforce instance. The secret must contain a JSON structure with the following keys:\n\n- authenticationUrl - The OAUTH endpoint that Amazon Kendra connects to get an OAUTH token.\n- consumerKey - The application public key generated when you created your Salesforce application.\n- consumerSecret - The application private key generated when you created your Salesforce application.\n- password - The password associated with the user logging in to the Salesforce instance.\n- securityToken - The token associated with the user logging in to the Salesforce instance.\n- username - The user name of the user logging in to the Salesforce instance." + }, + "serverUrl": { + "type": "string", + "description": "The instance URL for the Salesforce site that you want to index." + }, + "standardObjectAttachmentConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceSalesforceStandardObjectAttachmentConfiguration", + "description": "Configuration information for processing attachments to Salesforce standard objects." + }, + "standardObjectConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceSalesforceStandardObjectConfiguration" + }, + "description": "Configuration of the Salesforce standard objects that Amazon Kendra indexes." + } + } + }, + "aws-native:kendra:DataSourceSalesforceCustomKnowledgeArticleTypeConfiguration": { + "type": "object", + "properties": { + "documentDataFieldName": { + "type": "string" + }, + "documentTitleFieldName": { + "type": "string" + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + } + }, + "name": { + "type": "string" + } + } + }, + "aws-native:kendra:DataSourceSalesforceKnowledgeArticleConfiguration": { + "type": "object", + "properties": { + "customKnowledgeArticleTypeConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceSalesforceCustomKnowledgeArticleTypeConfiguration" + }, + "description": "Configuration information for custom Salesforce knowledge articles." + }, + "includedStates": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceSalesforceKnowledgeArticleState" + }, + "description": "Specifies the document states that should be included when Amazon Kendra indexes knowledge articles. You must specify at least one state." + }, + "standardKnowledgeArticleTypeConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceSalesforceStandardKnowledgeArticleTypeConfiguration", + "description": "Configuration information for standard Salesforce knowledge articles." + } + } + }, + "aws-native:kendra:DataSourceSalesforceKnowledgeArticleState": { + "type": "string" + }, + "aws-native:kendra:DataSourceSalesforceStandardKnowledgeArticleTypeConfiguration": { + "type": "object", + "properties": { + "documentDataFieldName": { + "type": "string", + "description": "The name of the field that contains the document data to index." + }, + "documentTitleFieldName": { + "type": "string", + "description": "The name of the field that contains the document title." + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + }, + "description": "Maps attributes or field names of the knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata." + } + } + }, + "aws-native:kendra:DataSourceSalesforceStandardObjectAttachmentConfiguration": { + "type": "object", + "properties": { + "documentTitleFieldName": { + "type": "string", + "description": "The name of the field used for the document title." + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + }, + "description": "One or more objects that map fields in attachments to Amazon Kendra index fields." + } + } + }, + "aws-native:kendra:DataSourceSalesforceStandardObjectConfiguration": { + "type": "object", + "properties": { + "documentDataFieldName": { + "type": "string" + }, + "documentTitleFieldName": { + "type": "string" + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + } + }, + "name": { + "$ref": "#/types/aws-native:kendra:DataSourceSalesforceStandardObjectName" + } + } + }, + "aws-native:kendra:DataSourceSalesforceStandardObjectName": { + "type": "string" + }, + "aws-native:kendra:DataSourceServiceNowAuthenticationType": { + "type": "string" + }, + "aws-native:kendra:DataSourceServiceNowBuildVersionType": { + "type": "string" + }, + "aws-native:kendra:DataSourceServiceNowConfiguration": { + "type": "object", + "properties": { + "authenticationType": { + "$ref": "#/types/aws-native:kendra:DataSourceServiceNowAuthenticationType", + "description": "The type of authentication used to connect to the ServiceNow instance. If you choose `HTTP_BASIC` , Amazon Kendra is authenticated using the user name and password provided in the AWS Secrets Manager secret in the `SecretArn` field. If you choose `OAUTH2` , Amazon Kendra is authenticated using the credentials of client ID, client secret, user name and password.\n\nWhen you use `OAUTH2` authentication, you must generate a token and a client secret using the ServiceNow console. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) ." + }, + "hostUrl": { + "type": "string", + "description": "The ServiceNow instance that the data source connects to. The host endpoint should look like the following: *{instance}.service-now.com.*" + }, + "knowledgeArticleConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceServiceNowKnowledgeArticleConfiguration", + "description": "Configuration information for crawling knowledge articles in the ServiceNow site." + }, + "secretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the user name and password required to connect to the ServiceNow instance. You can also provide OAuth authentication credentials of user name, password, client ID, and client secret. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) ." + }, + "serviceCatalogConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceServiceNowServiceCatalogConfiguration", + "description": "Configuration information for crawling service catalogs in the ServiceNow site." + }, + "serviceNowBuildVersion": { + "$ref": "#/types/aws-native:kendra:DataSourceServiceNowBuildVersionType", + "description": "The identifier of the release that the ServiceNow host is running. If the host is not running the `LONDON` release, use `OTHERS` ." + } + } + }, + "aws-native:kendra:DataSourceServiceNowKnowledgeArticleConfiguration": { + "type": "object", + "properties": { + "crawlAttachments": { + "type": "boolean", + "description": "`TRUE` to index attachments to knowledge articles." + }, + "documentDataFieldName": { + "type": "string", + "description": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index." + }, + "documentTitleFieldName": { + "type": "string", + "description": "The name of the ServiceNow field that is mapped to the index document title field." + }, + "excludeAttachmentFilePatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns applied to exclude certain knowledge article attachments. Attachments that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index." + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + }, + "description": "Maps attributes or field names of knoweldge articles to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata." + }, + "filterQuery": { + "type": "string", + "description": "A query that selects the knowledge articles to index. The query can return articles from multiple knowledge bases, and the knowledge bases can be public or private.\n\nThe query string must be one generated by the ServiceNow console. For more information, see [Specifying documents to index with a query](https://docs.aws.amazon.com/kendra/latest/dg/servicenow-query.html) ." + }, + "includeAttachmentFilePatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns applied to include knowledge article attachments. Attachments that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index." + } + } + }, + "aws-native:kendra:DataSourceServiceNowServiceCatalogConfiguration": { + "type": "object", + "properties": { + "crawlAttachments": { + "type": "boolean", + "description": "`TRUE` to index attachments to service catalog items." + }, + "documentDataFieldName": { + "type": "string", + "description": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index." + }, + "documentTitleFieldName": { + "type": "string", + "description": "The name of the ServiceNow field that is mapped to the index document title field." + }, + "excludeAttachmentFilePatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to exclude certain attachments of catalogs in your ServiceNow. Item that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment." + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + }, + "description": "Maps attributes or field names of catalogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata." + }, + "includeAttachmentFilePatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to include certain attachments of catalogs in your ServiceNow. Item that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment." + } + } + }, + "aws-native:kendra:DataSourceSharePointConfiguration": { + "type": "object", + "properties": { + "crawlAttachments": { + "type": "boolean", + "description": "`TRUE` to index document attachments." + }, + "disableLocalGroups": { + "type": "boolean", + "description": "`TRUE` to disable local groups information." + }, + "documentTitleFieldName": { + "type": "string", + "description": "The Microsoft SharePoint attribute field that contains the title of the document." + }, + "exclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an exclusion pattern and an inclusion pattern, the document is not included in the index.\n\nThe regex is applied to the display URL of the SharePoint document." + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + }, + "description": "A list of `DataSourceToIndexFieldMapping` objects that map Microsoft SharePoint attributes or fields to Amazon Kendra index fields. You must first create the index fields using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation before you map SharePoint attributes. For more information, see [Mapping Data Source Fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) ." + }, + "inclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to include certain documents in your SharePoint. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe regex applies to the display URL of the SharePoint document." + }, + "secretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the SharePoint instance. For more information, see [Microsoft SharePoint](https://docs.aws.amazon.com/kendra/latest/dg/data-source-sharepoint.html) ." + }, + "sharePointVersion": { + "$ref": "#/types/aws-native:kendra:DataSourceSharePointConfigurationSharePointVersion", + "description": "The version of Microsoft SharePoint that you use." + }, + "sslCertificateS3Path": { + "$ref": "#/types/aws-native:kendra:DataSourceS3Path", + "description": "Information required to find a specific file in an Amazon S3 bucket." + }, + "urls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Microsoft SharePoint site URLs for the documents you want to index." + }, + "useChangeLog": { + "type": "boolean", + "description": "`TRUE` to use the SharePoint change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in SharePoint." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceVpcConfiguration", + "description": "Provides information for connecting to an Amazon VPC." + } + }, + "irreversibleNames": { + "sslCertificateS3Path": "SslCertificateS3Path" + } + }, + "aws-native:kendra:DataSourceSharePointConfigurationSharePointVersion": { + "type": "string" + }, + "aws-native:kendra:DataSourceSqlConfiguration": { + "type": "object", + "properties": { + "queryIdentifiersEnclosingOption": { + "$ref": "#/types/aws-native:kendra:DataSourceQueryIdentifiersEnclosingOption", + "description": "Determines whether Amazon Kendra encloses SQL identifiers for tables and column names in double quotes (\") when making a database query. You can set the value to `DOUBLE_QUOTES` or `NONE` .\n\nBy default, Amazon Kendra passes SQL identifiers the way that they are entered into the data source configuration. It does not change the case of identifiers or enclose them in quotes.\n\nPostgreSQL internally converts uppercase characters to lower case characters in identifiers unless they are quoted. Choosing this option encloses identifiers in quotes so that PostgreSQL does not convert the character's case.\n\nFor MySQL databases, you must enable the ansi_quotes option when you set this field to `DOUBLE_QUOTES` ." + } + } + }, + "aws-native:kendra:DataSourceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag" + }, + "value": { + "type": "string", + "description": "A string containing the value for the tag" + } + } + }, + "aws-native:kendra:DataSourceToIndexFieldMapping": { + "type": "object", + "properties": { + "dataSourceFieldName": { + "type": "string" + }, + "dateFieldFormat": { + "type": "string" + }, + "indexFieldName": { + "type": "string" + } + } + }, + "aws-native:kendra:DataSourceType": { + "type": "string" + }, + "aws-native:kendra:DataSourceVpcConfiguration": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Kendra to connect to the data source." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device." + } + } + }, + "aws-native:kendra:DataSourceWebCrawlerAuthenticationConfiguration": { + "type": "object", + "properties": { + "basicAuthentication": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceWebCrawlerBasicAuthentication" + }, + "description": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials.\n\nThe list includes the name and port number of the website host." + } + } + }, + "aws-native:kendra:DataSourceWebCrawlerBasicAuthentication": { + "type": "object", + "properties": { + "credentials": { + "type": "string" + }, + "host": { + "type": "string" + }, + "port": { + "type": "integer" + } + } + }, + "aws-native:kendra:DataSourceWebCrawlerConfiguration": { + "type": "object", + "properties": { + "authenticationConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceWebCrawlerAuthenticationConfiguration", + "description": "Configuration information required to connect to websites using authentication.\n\nYou can connect to websites using basic authentication of user name and password. You use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) to store your authentication credentials.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS." + }, + "crawlDepth": { + "type": "integer", + "description": "The 'depth' or number of levels from the seed level to crawl. For example, the seed URL page is depth 1 and any hyperlinks on this page that are also crawled are depth 2." + }, + "maxContentSizePerPageInMegaBytes": { + "type": "number", + "description": "The maximum size (in MB) of a web page or attachment to crawl.\n\nFiles larger than this size (in MB) are skipped/not crawled.\n\nThe default maximum size of a web page or attachment is set to 50 MB." + }, + "maxLinksPerPage": { + "type": "integer", + "description": "The maximum number of URLs on a web page to include when crawling a website. This number is per web page.\n\nAs a website’s web pages are crawled, any URLs the web pages link to are also crawled. URLs on a web page are crawled in order of appearance.\n\nThe default maximum links per page is 100." + }, + "maxUrlsPerMinuteCrawlRate": { + "type": "integer", + "description": "The maximum number of URLs crawled per website host per minute.\n\nA minimum of one URL is required.\n\nThe default maximum number of URLs crawled per website host per minute is 300." + }, + "proxyConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceProxyConfiguration", + "description": "Configuration information required to connect to your internal websites via a web proxy.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.\n\nWeb proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) ." + }, + "urlExclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index." + }, + "urlInclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index." + }, + "urls": { + "$ref": "#/types/aws-native:kendra:DataSourceWebCrawlerUrls", + "description": "Specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl.\n\nYou can include website subdomains. You can list up to 100 seed URLs and up to three sitemap URLs.\n\nYou can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling.\n\n*When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://docs.aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index.*" + } + } + }, + "aws-native:kendra:DataSourceWebCrawlerSeedUrlConfiguration": { + "type": "object", + "properties": { + "seedUrls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of seed or starting point URLs of the websites you want to crawl.\n\nThe list can include a maximum of 100 seed URLs." + }, + "webCrawlerMode": { + "$ref": "#/types/aws-native:kendra:DataSourceWebCrawlerSeedUrlConfigurationWebCrawlerMode", + "description": "You can choose one of the following modes:\n\n- `HOST_ONLY` —crawl only the website host names. For example, if the seed URL is \"abc.example.com\", then only URLs with host name \"abc.example.com\" are crawled.\n- `SUBDOMAINS` —crawl the website host names with subdomains. For example, if the seed URL is \"abc.example.com\", then \"a.abc.example.com\" and \"b.abc.example.com\" are also crawled.\n- `EVERYTHING` —crawl the website host names with subdomains and other domains that the web pages link to.\n\nThe default mode is set to `HOST_ONLY` ." + } + } + }, + "aws-native:kendra:DataSourceWebCrawlerSeedUrlConfigurationWebCrawlerMode": { + "type": "string" + }, + "aws-native:kendra:DataSourceWebCrawlerSiteMapsConfiguration": { + "type": "object", + "properties": { + "siteMaps": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of sitemap URLs of the websites you want to crawl.\n\nThe list can include a maximum of three sitemap URLs." + } + } + }, + "aws-native:kendra:DataSourceWebCrawlerUrls": { + "type": "object", + "properties": { + "seedUrlConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceWebCrawlerSeedUrlConfiguration", + "description": "Configuration of the seed or starting point URLs of the websites you want to crawl.\n\nYou can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the web pages link to.\n\nYou can list up to 100 seed URLs." + }, + "siteMapsConfiguration": { + "$ref": "#/types/aws-native:kendra:DataSourceWebCrawlerSiteMapsConfiguration", + "description": "Configuration of the sitemap URLs of the websites you want to crawl.\n\nOnly URLs belonging to the same website host names are crawled. You can list up to three sitemap URLs." + } + } + }, + "aws-native:kendra:DataSourceWorkDocsConfiguration": { + "type": "object", + "properties": { + "crawlComments": { + "type": "boolean", + "description": "`TRUE` to include comments on documents in your index. Including comments in your index means each comment is a document that can be searched on.\n\nThe default is set to `FALSE` ." + }, + "exclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to exclude certain files in your Amazon WorkDocs site repository. Files that match the patterns are excluded from the index. Files that don’t match the patterns are included in the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index." + }, + "fieldMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:DataSourceToIndexFieldMapping" + }, + "description": "A list of `DataSourceToIndexFieldMapping` objects that map Amazon WorkDocs data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Amazon WorkDocs fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Amazon WorkDocs data source field names must exist in your Amazon WorkDocs custom metadata." + }, + "inclusionPatterns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of regular expression patterns to include certain files in your Amazon WorkDocs site repository. Files that match the patterns are included in the index. Files that don't match the patterns are excluded from the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index." + }, + "organizationId": { + "type": "string", + "description": "The identifier of the directory corresponding to your Amazon WorkDocs site repository.\n\nYou can find the organization ID in the [AWS Directory Service](https://docs.aws.amazon.com/directoryservicev2/) by going to *Active Directory* , then *Directories* . Your Amazon WorkDocs site directory has an ID, which is the organization ID. You can also set up a new Amazon WorkDocs directory in the AWS Directory Service console and enable a Amazon WorkDocs site for the directory in the Amazon WorkDocs console." + }, + "useChangeLog": { + "type": "boolean", + "description": "`TRUE` to use the Amazon WorkDocs change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in Amazon WorkDocs." + } + } + }, + "aws-native:kendra:FaqFileFormat": { + "type": "string" + }, + "aws-native:kendra:FaqS3Path": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the S3 bucket that contains the file." + }, + "key": { + "type": "string", + "description": "The name of the file." + } + } + }, + "aws-native:kendra:FaqTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag" + }, + "value": { + "type": "string", + "description": "A string containing the value for the tag" + } + } + }, + "aws-native:kendra:IndexCapacityUnitsConfiguration": { + "type": "object", + "properties": { + "queryCapacityUnits": { + "type": "integer", + "description": "The amount of extra query capacity for an index and [GetQuerySuggestions](https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html) capacity.\n\nA single extra capacity unit for an index provides 0.1 queries per second or approximately 8,000 queries per day. You can add up to 100 extra capacity units.\n\n`GetQuerySuggestions` capacity is five times the provisioned query capacity for an index, or the base capacity of 2.5 calls per second, whichever is higher. For example, the base capacity for an index is 0.1 queries per second, and `GetQuerySuggestions` capacity has a base of 2.5 calls per second. If you add another 0.1 queries per second to total 0.2 queries per second for an index, the `GetQuerySuggestions` capacity is 2.5 calls per second (higher than five times 0.2 queries per second)." + }, + "storageCapacityUnits": { + "type": "integer", + "description": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. You can add up to 100 extra capacity units." + } + } + }, + "aws-native:kendra:IndexDocumentAttributeValueType": { + "type": "string" + }, + "aws-native:kendra:IndexDocumentMetadataConfiguration": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "relevance": { + "$ref": "#/types/aws-native:kendra:IndexRelevance" + }, + "search": { + "$ref": "#/types/aws-native:kendra:IndexSearch" + }, + "type": { + "$ref": "#/types/aws-native:kendra:IndexDocumentAttributeValueType" + } + } + }, + "aws-native:kendra:IndexEdition": { + "type": "string" + }, + "aws-native:kendra:IndexJsonTokenTypeConfiguration": { + "type": "object", + "properties": { + "groupAttributeField": { + "type": "string" + }, + "userNameAttributeField": { + "type": "string" + } + } + }, + "aws-native:kendra:IndexJwtTokenTypeConfiguration": { + "type": "object", + "properties": { + "claimRegex": { + "type": "string" + }, + "groupAttributeField": { + "type": "string" + }, + "issuer": { + "type": "string" + }, + "keyLocation": { + "$ref": "#/types/aws-native:kendra:IndexKeyLocation" + }, + "secretManagerArn": { + "type": "string" + }, + "url": { + "type": "string" + }, + "userNameAttributeField": { + "type": "string" + } + }, + "irreversibleNames": { + "url": "URL" + } + }, + "aws-native:kendra:IndexKeyLocation": { + "type": "string" + }, + "aws-native:kendra:IndexOrder": { + "type": "string" + }, + "aws-native:kendra:IndexRelevance": { + "type": "object", + "properties": { + "duration": { + "type": "string" + }, + "freshness": { + "type": "boolean" + }, + "importance": { + "type": "integer" + }, + "rankOrder": { + "$ref": "#/types/aws-native:kendra:IndexOrder" + }, + "valueImportanceItems": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kendra:IndexValueImportanceItem" + } + } + } + }, + "aws-native:kendra:IndexSearch": { + "type": "object", + "properties": { + "displayable": { + "type": "boolean" + }, + "facetable": { + "type": "boolean" + }, + "searchable": { + "type": "boolean" + }, + "sortable": { + "type": "boolean" + } + } + }, + "aws-native:kendra:IndexServerSideEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The identifier of the AWS KMS key . Amazon Kendra doesn't support asymmetric keys." + } + } + }, + "aws-native:kendra:IndexTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag" + }, + "value": { + "type": "string", + "description": "A string containing the value for the tag" + } + } + }, + "aws-native:kendra:IndexUserContextPolicy": { + "type": "string" + }, + "aws-native:kendra:IndexUserTokenConfiguration": { + "type": "object", + "properties": { + "jsonTokenTypeConfiguration": { + "$ref": "#/types/aws-native:kendra:IndexJsonTokenTypeConfiguration" + }, + "jwtTokenTypeConfiguration": { + "$ref": "#/types/aws-native:kendra:IndexJwtTokenTypeConfiguration" + } + } + }, + "aws-native:kendra:IndexValueImportanceItem": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "integer" + } + } + }, + "aws-native:kendraranking:ExecutionPlanCapacityUnitsConfiguration": { + "type": "object", + "properties": { + "rescoreCapacityUnits": { + "type": "integer", + "description": "The amount of extra capacity for your rescore execution plan.\n\nA single extra capacity unit for a rescore execution plan provides 0.01 rescore requests per second. You can add up to 1000 extra capacity units." + } + } + }, + "aws-native:kendraranking:ExecutionPlanTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag" + }, + "value": { + "type": "string", + "description": "A string containing the value for the tag" + } + } + }, + "aws-native:kinesis:StreamEncryption": { + "type": "object", + "properties": { + "encryptionType": { + "$ref": "#/types/aws-native:kinesis:StreamEncryptionEncryptionType", + "description": "The encryption type to use. The only valid value is KMS. " + }, + "keyId": { + "type": "string", + "description": "The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by \"alias/\".You can also use a master key owned by Kinesis Data Streams by specifying the alias aws/kinesis." + } + } + }, + "aws-native:kinesis:StreamEncryptionEncryptionType": { + "type": "string" + }, + "aws-native:kinesis:StreamModeDetails": { + "type": "object", + "properties": { + "streamMode": { + "$ref": "#/types/aws-native:kinesis:StreamModeDetailsStreamMode", + "description": "The mode of the stream" + } + } + }, + "aws-native:kinesis:StreamModeDetailsStreamMode": { + "type": "string" + }, + "aws-native:kinesis:StreamTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationCatalogConfiguration": { + "type": "object", + "properties": { + "glueDataCatalogConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationGlueDataCatalogConfiguration", + "description": "The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationCheckpointConfiguration": { + "type": "object", + "properties": { + "checkpointInterval": { + "type": "integer", + "description": "Describes the interval in milliseconds between checkpoint operations." + }, + "checkpointingEnabled": { + "type": "boolean", + "description": "Describes whether checkpointing is enabled for a Flink-based Kinesis Data Analytics application." + }, + "configurationType": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationCheckpointConfigurationConfigurationType", + "description": "Describes whether the application uses Kinesis Data Analytics' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled`, `CheckpointInterval`, or `MinPauseBetweenCheckpoints` parameters." + }, + "minPauseBetweenCheckpoints": { + "type": "integer", + "description": "Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the CheckpointInterval, the application otherwise performs continual checkpoint operations. For more information, see Tuning Checkpointing in the Apache Flink Documentation." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationCheckpointConfigurationConfigurationType": { + "type": "string" + }, + "aws-native:kinesisanalyticsv2:ApplicationCodeConfiguration": { + "type": "object", + "properties": { + "codeContent": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationCodeContent", + "description": "The location and type of the application code." + }, + "codeContentType": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationCodeConfigurationCodeContentType", + "description": "Specifies whether the code content is in text or zip format." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationCodeConfigurationCodeContentType": { + "type": "string" + }, + "aws-native:kinesisanalyticsv2:ApplicationCodeContent": { + "type": "object", + "properties": { + "s3ContentLocation": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationS3ContentLocation", + "description": "Information about the Amazon S3 bucket that contains the application code." + }, + "textContent": { + "type": "string", + "description": "The text-format code for a Flink-based Kinesis Data Analytics application." + }, + "zipFileContent": { + "type": "string", + "description": "The zip-format code for a Flink-based Kinesis Data Analytics application." + } + }, + "irreversibleNames": { + "s3ContentLocation": "S3ContentLocation" + } + }, + "aws-native:kinesisanalyticsv2:ApplicationConfiguration": { + "type": "object", + "properties": { + "applicationCodeConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationCodeConfiguration", + "description": "The code location and type parameters for a Flink-based Kinesis Data Analytics application." + }, + "applicationSnapshotConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationSnapshotConfiguration", + "description": "Describes whether snapshots are enabled for a Flink-based Kinesis Data Analytics application." + }, + "applicationSystemRollbackConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationSystemRollbackConfiguration", + "description": "Describes whether system initiated rollbacks are enabled for a Flink-based Kinesis Data Analytics application." + }, + "environmentProperties": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationEnvironmentProperties", + "description": "Describes execution properties for a Flink-based Kinesis Data Analytics application." + }, + "flinkApplicationConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationFlinkApplicationConfiguration", + "description": "The creation and update parameters for a Flink-based Kinesis Data Analytics application." + }, + "sqlApplicationConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationSqlApplicationConfiguration", + "description": "The creation and update parameters for a SQL-based Kinesis Data Analytics application." + }, + "vpcConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationVpcConfiguration" + }, + "description": "The array of descriptions of VPC configurations available to the application." + }, + "zeppelinApplicationConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationZeppelinApplicationConfiguration", + "description": "The configuration parameters for a Kinesis Data Analytics Studio notebook." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationCsvMappingParameters": { + "type": "object", + "properties": { + "recordColumnDelimiter": { + "type": "string", + "description": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter." + }, + "recordRowDelimiter": { + "type": "string", + "description": "The row delimiter. For example, in a CSV format, '\\n' is the typical row delimiter." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationCustomArtifactConfiguration": { + "type": "object", + "properties": { + "artifactType": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationCustomArtifactConfigurationArtifactType", + "description": "Set this to either `UDF` or `DEPENDENCY_JAR`. `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket." + }, + "mavenReference": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationMavenReference", + "description": "The parameters required to fully specify a Maven reference." + }, + "s3ContentLocation": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationS3ContentLocation", + "description": "The location of the custom artifacts." + } + }, + "irreversibleNames": { + "s3ContentLocation": "S3ContentLocation" + } + }, + "aws-native:kinesisanalyticsv2:ApplicationCustomArtifactConfigurationArtifactType": { + "type": "string" + }, + "aws-native:kinesisanalyticsv2:ApplicationDeployAsApplicationConfiguration": { + "type": "object", + "properties": { + "s3ContentLocation": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationS3ContentBaseLocation", + "description": "The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data." + } + }, + "irreversibleNames": { + "s3ContentLocation": "S3ContentLocation" + } + }, + "aws-native:kinesisanalyticsv2:ApplicationEnvironmentProperties": { + "type": "object", + "properties": { + "propertyGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationPropertyGroup" + }, + "description": "Describes the execution property groups." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationFlinkApplicationConfiguration": { + "type": "object", + "properties": { + "checkpointConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationCheckpointConfiguration", + "description": "Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see Checkpoints for Fault Tolerance in the Apache Flink Documentation." + }, + "monitoringConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationMonitoringConfiguration", + "description": "Describes configuration parameters for Amazon CloudWatch logging for an application." + }, + "parallelismConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationParallelismConfiguration", + "description": "Describes parameters for how an application executes multiple tasks simultaneously." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationFlinkRunConfiguration": { + "type": "object", + "properties": { + "allowNonRestoredState": { + "type": "boolean", + "description": "When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. Defaults to false. If you update your application without specifying this parameter, AllowNonRestoredState will be set to false, even if it was previously set to true." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationGlueDataCatalogConfiguration": { + "type": "object", + "properties": { + "databaseArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the database." + } + }, + "irreversibleNames": { + "databaseArn": "DatabaseARN" + } + }, + "aws-native:kinesisanalyticsv2:ApplicationInput": { + "type": "object", + "properties": { + "inputParallelism": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationInputParallelism", + "description": "Describes the number of in-application streams to create." + }, + "inputProcessingConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationInputProcessingConfiguration", + "description": "The InputProcessingConfiguration for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is InputLambdaProcessor." + }, + "inputSchema": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationInputSchema", + "description": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created." + }, + "kinesisFirehoseInput": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationKinesisFirehoseInput", + "description": "If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN." + }, + "kinesisStreamsInput": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationKinesisStreamsInput", + "description": "If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN)." + }, + "namePrefix": { + "type": "string", + "description": "The name prefix to use when creating an in-application stream. Suppose that you specify a prefix `\"MyInApplicationStream\"`. Kinesis Data Analytics then creates one or more (as per the InputParallelism count you specified) in-application streams with the names `\"MyInApplicationStream_001\"`, `\"MyInApplicationStream_002\"`, and so on." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationInputLambdaProcessor": { + "type": "object", + "properties": { + "resourceArn": { + "type": "string", + "description": "The ARN of the Amazon Lambda function that operates on records in the stream." + } + }, + "irreversibleNames": { + "resourceArn": "ResourceARN" + } + }, + "aws-native:kinesisanalyticsv2:ApplicationInputParallelism": { + "type": "object", + "properties": { + "count": { + "type": "integer", + "description": "The number of in-application streams to create." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationInputProcessingConfiguration": { + "type": "object", + "properties": { + "inputLambdaProcessor": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationInputLambdaProcessor", + "description": "The InputLambdaProcessor that is used to preprocess the records in the stream before being processed by your application code." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationInputSchema": { + "type": "object", + "properties": { + "recordColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationRecordColumn" + }, + "description": "A list of `RecordColumn` objects." + }, + "recordEncoding": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationInputSchemaRecordEncoding", + "description": "Specifies the encoding of the records in the streaming source. For example, UTF-8." + }, + "recordFormat": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationRecordFormat", + "description": "Specifies the format of the records on the streaming source." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationInputSchemaRecordEncoding": { + "type": "string" + }, + "aws-native:kinesisanalyticsv2:ApplicationJsonMappingParameters": { + "type": "object", + "properties": { + "recordRowPath": { + "type": "string", + "description": "The path to the top-level parent that contains the records." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationKinesisFirehoseInput": { + "type": "object", + "properties": { + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the delivery stream." + } + }, + "irreversibleNames": { + "resourceArn": "ResourceARN" + } + }, + "aws-native:kinesisanalyticsv2:ApplicationKinesisStreamsInput": { + "type": "object", + "properties": { + "resourceArn": { + "type": "string", + "description": "The ARN of the input Kinesis data stream to read." + } + }, + "irreversibleNames": { + "resourceArn": "ResourceARN" + } + }, + "aws-native:kinesisanalyticsv2:ApplicationMaintenanceConfiguration": { + "type": "object", + "properties": { + "applicationMaintenanceWindowStartTime": { + "type": "string", + "description": "The start time for the maintenance window." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationMappingParameters": { + "type": "object", + "properties": { + "csvMappingParameters": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationCsvMappingParameters", + "description": "Provides additional mapping information when the record format uses delimiters (for example, CSV)." + }, + "jsonMappingParameters": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationJsonMappingParameters", + "description": "Provides additional mapping information when JSON is the record format on the streaming source." + } + }, + "irreversibleNames": { + "csvMappingParameters": "CSVMappingParameters", + "jsonMappingParameters": "JSONMappingParameters" + } + }, + "aws-native:kinesisanalyticsv2:ApplicationMavenReference": { + "type": "object", + "properties": { + "artifactId": { + "type": "string", + "description": "The artifact ID of the Maven reference." + }, + "groupId": { + "type": "string", + "description": "The group ID of the Maven reference." + }, + "version": { + "type": "string", + "description": "The version of the Maven reference." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationMode": { + "type": "string" + }, + "aws-native:kinesisanalyticsv2:ApplicationMonitoringConfiguration": { + "type": "object", + "properties": { + "configurationType": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationMonitoringConfigurationConfigurationType", + "description": "Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to CUSTOM in order to set the LogLevel or MetricsLevel parameters." + }, + "logLevel": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationMonitoringConfigurationLogLevel", + "description": "Describes the verbosity of the CloudWatch Logs for an application." + }, + "metricsLevel": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationMonitoringConfigurationMetricsLevel", + "description": "Describes the granularity of the CloudWatch Logs for an application. The Parallelism level is not recommended for applications with a Parallelism over 64 due to excessive costs." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationMonitoringConfigurationConfigurationType": { + "type": "string" + }, + "aws-native:kinesisanalyticsv2:ApplicationMonitoringConfigurationLogLevel": { + "type": "string" + }, + "aws-native:kinesisanalyticsv2:ApplicationMonitoringConfigurationMetricsLevel": { + "type": "string" + }, + "aws-native:kinesisanalyticsv2:ApplicationParallelismConfiguration": { + "type": "object", + "properties": { + "autoScalingEnabled": { + "type": "boolean", + "description": "Describes whether the Kinesis Data Analytics service can increase the parallelism of the application in response to increased throughput." + }, + "configurationType": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationParallelismConfigurationConfigurationType", + "description": "Describes whether the application uses the default parallelism for the Kinesis Data Analytics service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled`, `Parallelism`, or `ParallelismPerKPU` properties." + }, + "parallelism": { + "type": "integer", + "description": "Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if ParallelismConfiguration:AutoScalingEnabled is set to true." + }, + "parallelismPerKpu": { + "type": "integer", + "description": "Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see Amazon Kinesis Data Analytics Pricing." + } + }, + "irreversibleNames": { + "parallelismPerKpu": "ParallelismPerKPU" + } + }, + "aws-native:kinesisanalyticsv2:ApplicationParallelismConfigurationConfigurationType": { + "type": "string" + }, + "aws-native:kinesisanalyticsv2:ApplicationPropertyGroup": { + "type": "object", + "properties": { + "propertyGroupId": { + "type": "string", + "description": "Describes the key of an application execution property key-value pair." + }, + "propertyMap": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Describes the value of an application execution property key-value pair." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationRecordColumn": { + "type": "object", + "properties": { + "mapping": { + "type": "string", + "description": "A reference to the data element in the streaming input or the reference data source." + }, + "name": { + "type": "string", + "description": "The name of the column that is created in the in-application input stream or reference table." + }, + "sqlType": { + "type": "string", + "description": "The type of column created in the in-application input stream or reference table." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationRecordFormat": { + "type": "object", + "properties": { + "mappingParameters": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationMappingParameters", + "description": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source." + }, + "recordFormatType": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationRecordFormatRecordFormatType", + "description": "The type of record format." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationRecordFormatRecordFormatType": { + "type": "string" + }, + "aws-native:kinesisanalyticsv2:ApplicationRestoreConfiguration": { + "type": "object", + "properties": { + "applicationRestoreType": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationRestoreConfigurationApplicationRestoreType", + "description": "Specifies how the application should be restored." + }, + "snapshotName": { + "type": "string", + "description": "The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if RESTORE_FROM_CUSTOM_SNAPSHOT is specified for the ApplicationRestoreType." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationRestoreConfigurationApplicationRestoreType": { + "type": "string" + }, + "aws-native:kinesisanalyticsv2:ApplicationRunConfiguration": { + "type": "object", + "properties": { + "applicationRestoreConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationRestoreConfiguration", + "description": "Describes the restore behavior of a restarting application." + }, + "flinkRunConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationFlinkRunConfiguration", + "description": "Describes the starting parameters for a Flink-based Kinesis Data Analytics application." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationS3ContentBaseLocation": { + "type": "object", + "properties": { + "basePath": { + "type": "string", + "description": "The base path for the S3 bucket." + }, + "bucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the S3 bucket." + } + }, + "irreversibleNames": { + "bucketArn": "BucketARN" + } + }, + "aws-native:kinesisanalyticsv2:ApplicationS3ContentLocation": { + "type": "object", + "properties": { + "bucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the S3 bucket containing the application code." + }, + "fileKey": { + "type": "string", + "description": "The file key for the object containing the application code." + }, + "objectVersion": { + "type": "string", + "description": "The version of the object containing the application code." + } + }, + "irreversibleNames": { + "bucketArn": "BucketARN" + } + }, + "aws-native:kinesisanalyticsv2:ApplicationSnapshotConfiguration": { + "type": "object", + "properties": { + "snapshotsEnabled": { + "type": "boolean", + "description": "Describes whether snapshots are enabled for a Flink-based Kinesis Data Analytics application." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationSqlApplicationConfiguration": { + "type": "object", + "properties": { + "inputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationInput" + }, + "description": "The array of Input objects describing the input streams used by the application." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationSystemRollbackConfiguration": { + "type": "object", + "properties": { + "rollbackEnabled": { + "type": "boolean", + "description": "Describes whether system initiated rollbacks are enabled for a Flink-based Kinesis Data Analytics application." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that's 0 to 256 characters in length." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationVpcConfiguration": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The array of SecurityGroup IDs used by the VPC configuration." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The array of Subnet IDs used by the VPC configuration." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationZeppelinApplicationConfiguration": { + "type": "object", + "properties": { + "catalogConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationCatalogConfiguration", + "description": "The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook." + }, + "customArtifactsConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationCustomArtifactConfiguration" + }, + "description": "A list of CustomArtifactConfiguration objects." + }, + "deployAsApplicationConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationDeployAsApplicationConfiguration", + "description": "The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state." + }, + "monitoringConfiguration": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationZeppelinMonitoringConfiguration", + "description": "The monitoring configuration of a Kinesis Data Analytics Studio notebook." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationZeppelinMonitoringConfiguration": { + "type": "object", + "properties": { + "logLevel": { + "$ref": "#/types/aws-native:kinesisanalyticsv2:ApplicationZeppelinMonitoringConfigurationLogLevel", + "description": "The verbosity of the CloudWatch Logs for an application. You can set it to `INFO`, `WARN`, `ERROR`, or `DEBUG`." + } + } + }, + "aws-native:kinesisanalyticsv2:ApplicationZeppelinMonitoringConfigurationLogLevel": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamAmazonOpenSearchServerlessBufferingHints": { + "type": "object", + "properties": { + "intervalInSeconds": { + "type": "integer", + "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes)." + }, + "sizeInMbs": { + "type": "integer", + "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\n\nWe recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher." + } + }, + "irreversibleNames": { + "sizeInMbs": "SizeInMBs" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamAmazonOpenSearchServerlessDestinationConfiguration": { + "type": "object", + "properties": { + "bufferingHints": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAmazonOpenSearchServerlessBufferingHints", + "description": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used." + }, + "cloudWatchLoggingOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCloudWatchLoggingOptions" + }, + "collectionEndpoint": { + "type": "string", + "description": "The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service." + }, + "indexName": { + "type": "string", + "description": "The Serverless offering for Amazon OpenSearch Service index name." + }, + "processingConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessingConfiguration" + }, + "retryOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAmazonOpenSearchServerlessRetryOptions", + "description": "The retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes)." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents." + }, + "s3BackupMode": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAmazonOpenSearchServerlessDestinationConfigurationS3BackupMode", + "description": "Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix." + }, + "s3Configuration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration" + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamVpcConfiguration", + "replaceOnChanges": true + } + }, + "irreversibleNames": { + "roleArn": "RoleARN", + "s3BackupMode": "S3BackupMode", + "s3Configuration": "S3Configuration" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamAmazonOpenSearchServerlessDestinationConfigurationS3BackupMode": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamAmazonOpenSearchServerlessRetryOptions": { + "type": "object", + "properties": { + "durationInSeconds": { + "type": "integer", + "description": "After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamAmazonopensearchserviceBufferingHints": { + "type": "object", + "properties": { + "intervalInSeconds": { + "type": "integer", + "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes)." + }, + "sizeInMbs": { + "type": "integer", + "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher." + } + }, + "irreversibleNames": { + "sizeInMbs": "SizeInMBs" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamAmazonopensearchserviceDestinationConfiguration": { + "type": "object", + "properties": { + "bufferingHints": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAmazonopensearchserviceBufferingHints", + "description": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used." + }, + "cloudWatchLoggingOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCloudWatchLoggingOptions", + "description": "Describes the Amazon CloudWatch logging options for your delivery stream." + }, + "clusterEndpoint": { + "type": "string", + "description": "The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field." + }, + "documentIdOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamDocumentIdOptions", + "description": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID." + }, + "domainArn": { + "type": "string", + "description": "The ARN of the Amazon OpenSearch Service domain." + }, + "indexName": { + "type": "string", + "description": "The Amazon OpenSearch Service index name." + }, + "indexRotationPeriod": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAmazonopensearchserviceDestinationConfigurationIndexRotationPeriod", + "description": "The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data." + }, + "processingConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessingConfiguration", + "description": "Describes a data processing configuration." + }, + "retryOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAmazonopensearchserviceRetryOptions", + "description": "The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes)." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents." + }, + "s3BackupMode": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAmazonopensearchserviceDestinationConfigurationS3BackupMode", + "description": "Defines how documents should be delivered to Amazon S3." + }, + "s3Configuration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration", + "description": "Describes the configuration of a destination in Amazon S3." + }, + "typeName": { + "type": "string", + "description": "The Amazon OpenSearch Service type name." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamVpcConfiguration", + "description": "The details of the VPC of the Amazon OpenSearch Service destination.", + "replaceOnChanges": true + } + }, + "irreversibleNames": { + "domainArn": "DomainARN", + "roleArn": "RoleARN", + "s3BackupMode": "S3BackupMode", + "s3Configuration": "S3Configuration" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamAmazonopensearchserviceDestinationConfigurationIndexRotationPeriod": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamAmazonopensearchserviceDestinationConfigurationS3BackupMode": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamAmazonopensearchserviceRetryOptions": { + "type": "object", + "properties": { + "durationInSeconds": { + "type": "integer", + "description": "After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamAuthenticationConfiguration": { + "type": "object", + "properties": { + "connectivity": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAuthenticationConfigurationConnectivity", + "description": "The type of connectivity used to access the Amazon MSK cluster." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role used to access the Amazon MSK cluster." + } + }, + "irreversibleNames": { + "roleArn": "RoleARN" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamAuthenticationConfigurationConnectivity": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamBufferingHints": { + "type": "object", + "properties": { + "intervalInSeconds": { + "type": "integer", + "description": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* ." + }, + "sizeInMbs": { + "type": "integer", + "description": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* ." + } + }, + "irreversibleNames": { + "sizeInMbs": "SizeInMBs" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamCatalogConfiguration": { + "type": "object", + "properties": { + "catalogArn": { + "type": "string", + "description": "Specifies the Glue catalog ARN indentifier of the destination Apache Iceberg Tables. You must specify the ARN in the format `arn:aws:glue:region:account-id:catalog` .\n\nAmazon Data Firehose is in preview release and is subject to change." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamCloudWatchLoggingOptions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Indicates whether CloudWatch Logs logging is enabled." + }, + "logGroupName": { + "type": "string", + "description": "The name of the CloudWatch Logs log group that contains the log stream that Kinesis Data Firehose will use.\n\nConditional. If you enable logging, you must specify this property." + }, + "logStreamName": { + "type": "string", + "description": "The name of the CloudWatch Logs log stream that Kinesis Data Firehose uses to send logs about data delivery.\n\nConditional. If you enable logging, you must specify this property." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamCopyCommand": { + "type": "object", + "properties": { + "copyOptions": { + "type": "string", + "description": "Parameters to use with the Amazon Redshift `COPY` command. For examples, see the `CopyOptions` content for the [CopyCommand](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html) data type in the *Amazon Kinesis Data Firehose API Reference* ." + }, + "dataTableColumns": { + "type": "string", + "description": "A comma-separated list of column names." + }, + "dataTableName": { + "type": "string", + "description": "The name of the target table. The table must already exist in the database." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamDataFormatConversionConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Defaults to `true` . Set it to `false` if you want to disable format conversion while preserving the configuration details." + }, + "inputFormatConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamInputFormatConfiguration", + "description": "Specifies the deserializer that you want Firehose to use to convert the format of your data from JSON. This parameter is required if `Enabled` is set to true." + }, + "outputFormatConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamOutputFormatConfiguration", + "description": "Specifies the serializer that you want Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if `Enabled` is set to true." + }, + "schemaConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSchemaConfiguration", + "description": "Specifies the AWS Glue Data Catalog table that contains the column information. This parameter is required if `Enabled` is set to true." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamDeserializer": { + "type": "object", + "properties": { + "hiveJsonSerDe": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamHiveJsonSerDe", + "description": "The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe." + }, + "openXJsonSerDe": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamOpenXJsonSerDe", + "description": "The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamDestinationTableConfiguration": { + "type": "object", + "properties": { + "destinationDatabaseName": { + "type": "string" + }, + "destinationTableName": { + "type": "string" + }, + "s3ErrorOutputPrefix": { + "type": "string" + }, + "uniqueKeys": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "irreversibleNames": { + "s3ErrorOutputPrefix": "S3ErrorOutputPrefix" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamDocumentIdOptions": { + "type": "object", + "properties": { + "defaultDocumentIdFormat": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamDocumentIdOptionsDefaultDocumentIdFormat", + "description": "When the `FIREHOSE_DEFAULT` option is chosen, Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs.\n\nWhen the `NO_DOCUMENT_ID` option is chosen, Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamDocumentIdOptionsDefaultDocumentIdFormat": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamDynamicPartitioningConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Specifies whether dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream." + }, + "retryOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamRetryOptions", + "description": "Specifies the retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamElasticsearchBufferingHints": { + "type": "object", + "properties": { + "intervalInSeconds": { + "type": "integer", + "description": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* ." + }, + "sizeInMbs": { + "type": "integer", + "description": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* ." + } + }, + "irreversibleNames": { + "sizeInMbs": "SizeInMBs" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamElasticsearchDestinationConfiguration": { + "type": "object", + "properties": { + "bufferingHints": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamElasticsearchBufferingHints", + "description": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon ES domain." + }, + "cloudWatchLoggingOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCloudWatchLoggingOptions", + "description": "The Amazon CloudWatch Logs logging options for the delivery stream." + }, + "clusterEndpoint": { + "type": "string", + "description": "The endpoint to use when communicating with the cluster. Specify either this `ClusterEndpoint` or the `DomainARN` field." + }, + "documentIdOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamDocumentIdOptions", + "description": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID." + }, + "domainArn": { + "type": "string", + "description": "The ARN of the Amazon ES domain. The IAM role must have permissions for `DescribeElasticsearchDomain` , `DescribeElasticsearchDomains` , and `DescribeElasticsearchDomainConfig` after assuming the role specified in *RoleARN* .\n\nSpecify either `ClusterEndpoint` or `DomainARN` ." + }, + "indexName": { + "type": "string", + "description": "The name of the Elasticsearch index to which Kinesis Data Firehose adds data for indexing." + }, + "indexRotationPeriod": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamElasticsearchDestinationConfigurationIndexRotationPeriod", + "description": "The frequency of Elasticsearch index rotation. If you enable index rotation, Kinesis Data Firehose appends a portion of the UTC arrival timestamp to the specified index name, and rotates the appended timestamp accordingly. For more information, see [Index Rotation for the Amazon ES Destination](https://docs.aws.amazon.com/firehose/latest/dev/basic-deliver.html#es-index-rotation) in the *Amazon Kinesis Data Firehose Developer Guide* ." + }, + "processingConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessingConfiguration", + "description": "The data processing configuration for the Kinesis Data Firehose delivery stream." + }, + "retryOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamElasticsearchRetryOptions", + "description": "The retry behavior when Kinesis Data Firehose is unable to deliver data to Amazon ES." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see [Controlling Access with Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html) ." + }, + "s3BackupMode": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamElasticsearchDestinationConfigurationS3BackupMode", + "description": "The condition under which Kinesis Data Firehose delivers data to Amazon Simple Storage Service (Amazon S3). You can send Amazon S3 all documents (all data) or only the documents that Kinesis Data Firehose could not deliver to the Amazon ES destination. For more information and valid values, see the `S3BackupMode` content for the [ElasticsearchDestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchDestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* ." + }, + "s3Configuration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration", + "description": "The S3 bucket where Kinesis Data Firehose backs up incoming data." + }, + "typeName": { + "type": "string", + "description": "The Elasticsearch type name that Amazon ES adds to documents when indexing data." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamVpcConfiguration", + "description": "The details of the VPC of the Amazon ES destination.", + "replaceOnChanges": true + } + }, + "irreversibleNames": { + "domainArn": "DomainARN", + "roleArn": "RoleARN", + "s3BackupMode": "S3BackupMode", + "s3Configuration": "S3Configuration" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamElasticsearchDestinationConfigurationIndexRotationPeriod": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamElasticsearchDestinationConfigurationS3BackupMode": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamElasticsearchRetryOptions": { + "type": "object", + "properties": { + "durationInSeconds": { + "type": "integer", + "description": "After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose re-attempts delivery (including the first attempt). If Kinesis Data Firehose can't deliver the data within the specified time, it writes the data to the backup S3 bucket. For valid values, see the `DurationInSeconds` content for the [ElasticsearchRetryOptions](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchRetryOptions.html) data type in the *Amazon Kinesis Data Firehose API Reference* ." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsEncryptionConfig": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamKmsEncryptionConfig", + "description": "The AWS Key Management Service ( AWS KMS) encryption key that Amazon S3 uses to encrypt your data." + }, + "noEncryptionConfig": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamEncryptionConfigurationNoEncryptionConfig", + "description": "Disables encryption. For valid values, see the `NoEncryptionConfig` content for the [EncryptionConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_EncryptionConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* ." + } + }, + "irreversibleNames": { + "kmsEncryptionConfig": "KMSEncryptionConfig" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamEncryptionConfigurationInput": { + "type": "object", + "properties": { + "keyArn": { + "type": "string", + "description": "If you set `KeyType` to `CUSTOMER_MANAGED_CMK` , you must specify the Amazon Resource Name (ARN) of the CMK. If you set `KeyType` to `AWS _OWNED_CMK` , Firehose uses a service-account CMK." + }, + "keyType": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamEncryptionConfigurationInputKeyType", + "description": "Indicates the type of customer master key (CMK) to use for encryption. The default setting is `AWS_OWNED_CMK` . For more information about CMKs, see [Customer Master Keys (CMKs)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) .\n\nYou can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams.\n\n\u003e To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see [About Symmetric and Asymmetric CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html) in the AWS Key Management Service developer guide." + } + }, + "irreversibleNames": { + "keyArn": "KeyARN" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamEncryptionConfigurationInputKeyType": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamEncryptionConfigurationNoEncryptionConfig": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamExtendedS3DestinationConfiguration": { + "type": "object", + "properties": { + "bucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon S3 bucket. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* ." + }, + "bufferingHints": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamBufferingHints", + "description": "The buffering option." + }, + "cloudWatchLoggingOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCloudWatchLoggingOptions", + "description": "The Amazon CloudWatch logging options for your delivery stream." + }, + "compressionFormat": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamExtendedS3DestinationConfigurationCompressionFormat", + "description": "The compression format. If no value is specified, the default is `UNCOMPRESSED` ." + }, + "customTimeZone": { + "type": "string", + "description": "The time zone you prefer. UTC is the default." + }, + "dataFormatConversionConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamDataFormatConversionConfiguration", + "description": "The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3." + }, + "dynamicPartitioningConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamDynamicPartitioningConfiguration", + "description": "The configuration of the dynamic partitioning mechanism that creates targeted data sets from the streaming data by partitioning it based on partition keys." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamEncryptionConfiguration", + "description": "The encryption configuration for the Kinesis Data Firehose delivery stream. The default value is `NoEncryption` ." + }, + "errorOutputPrefix": { + "type": "string", + "description": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) ." + }, + "fileExtension": { + "type": "string", + "description": "Specify a file extension. It will override the default file extension" + }, + "prefix": { + "type": "string", + "description": "The `YYYY/MM/DD/HH` time format prefix is automatically used for delivered Amazon S3 files. For more information, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* ." + }, + "processingConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessingConfiguration", + "description": "The data processing configuration for the Kinesis Data Firehose delivery stream." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS credentials. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* ." + }, + "s3BackupConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration", + "description": "The configuration for backup in Amazon S3." + }, + "s3BackupMode": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamExtendedS3DestinationConfigurationS3BackupMode", + "description": "The Amazon S3 backup mode. After you create a delivery stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the delivery stream to disable it." + } + }, + "irreversibleNames": { + "bucketArn": "BucketARN", + "roleArn": "RoleARN", + "s3BackupConfiguration": "S3BackupConfiguration", + "s3BackupMode": "S3BackupMode" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamExtendedS3DestinationConfigurationCompressionFormat": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamExtendedS3DestinationConfigurationS3BackupMode": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamHiveJsonSerDe": { + "type": "object", + "properties": { + "timestampFormats": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Indicates how you want Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://docs.aws.amazon.com/https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html) . You can also use the special value `millis` to parse timestamps in epoch milliseconds. If you don't specify a format, Firehose uses `java.sql.Timestamp::valueOf` by default." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamHttpEndpointCommonAttribute": { + "type": "object", + "properties": { + "attributeName": { + "type": "string", + "description": "The name of the HTTP endpoint common attribute." + }, + "attributeValue": { + "type": "string", + "description": "The value of the HTTP endpoint common attribute." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamHttpEndpointConfiguration": { + "type": "object", + "properties": { + "accessKey": { + "type": "string", + "description": "The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination." + }, + "name": { + "type": "string", + "description": "The name of the HTTP endpoint selected as the destination." + }, + "url": { + "type": "string", + "description": "The URL of the HTTP endpoint selected as the destination." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamHttpEndpointDestinationConfiguration": { + "type": "object", + "properties": { + "bufferingHints": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamBufferingHints", + "description": "The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs and IntervalInSeconds parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other." + }, + "cloudWatchLoggingOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCloudWatchLoggingOptions", + "description": "Describes the Amazon CloudWatch logging options for your delivery stream." + }, + "endpointConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamHttpEndpointConfiguration", + "description": "The configuration of the HTTP endpoint selected as the destination." + }, + "processingConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessingConfiguration", + "description": "Describes the data processing configuration." + }, + "requestConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamHttpEndpointRequestConfiguration", + "description": "The configuration of the request sent to the HTTP endpoint specified as the destination." + }, + "retryOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamRetryOptions", + "description": "Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination." + }, + "roleArn": { + "type": "string", + "description": "Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs." + }, + "s3BackupMode": { + "type": "string", + "description": "Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents (AllData) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination (FailedDataOnly)." + }, + "s3Configuration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration", + "description": "Describes the configuration of a destination in Amazon S3." + }, + "secretsManagerConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSecretsManagerConfiguration", + "description": "The configuration that defines how you access secrets for HTTP Endpoint destination." + } + }, + "irreversibleNames": { + "roleArn": "RoleARN", + "s3BackupMode": "S3BackupMode", + "s3Configuration": "S3Configuration" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamHttpEndpointRequestConfiguration": { + "type": "object", + "properties": { + "commonAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamHttpEndpointCommonAttribute" + }, + "description": "Describes the metadata sent to the HTTP endpoint destination." + }, + "contentEncoding": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamHttpEndpointRequestConfigurationContentEncoding", + "description": "Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamHttpEndpointRequestConfigurationContentEncoding": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamIcebergDestinationConfiguration": { + "type": "object", + "properties": { + "bufferingHints": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamBufferingHints" + }, + "catalogConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCatalogConfiguration", + "description": "Configuration describing where the destination Apache Iceberg Tables are persisted.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, + "cloudWatchLoggingOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCloudWatchLoggingOptions" + }, + "destinationTableConfigurationList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamDestinationTableConfiguration" + }, + "description": "Provides a list of `DestinationTableConfigurations` which Firehose uses to deliver data to Apache Iceberg Tables. Firehose will write data with insert if table specific configuration is not provided here.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, + "processingConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessingConfiguration" + }, + "retryOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamRetryOptions" + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the the IAM role to be assumed by Firehose for calling Apache Iceberg Tables.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, + "s3BackupMode": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamIcebergDestinationConfigurations3BackupMode", + "description": "Describes how Firehose will backup records. Currently,S3 backup only supports `FailedDataOnly` for preview.\n\nAmazon Data Firehose is in preview release and is subject to change." + }, + "s3Configuration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration" + } + }, + "irreversibleNames": { + "roleArn": "RoleARN", + "s3Configuration": "S3Configuration" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamIcebergDestinationConfigurations3BackupMode": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamInputFormatConfiguration": { + "type": "object", + "properties": { + "deserializer": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamDeserializer", + "description": "Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamKinesisStreamSourceConfiguration": { + "type": "object", + "properties": { + "kinesisStreamArn": { + "type": "string", + "description": "The ARN of the source Kinesis data stream." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that provides access to the source Kinesis data stream." + } + }, + "irreversibleNames": { + "kinesisStreamArn": "KinesisStreamARN", + "roleArn": "RoleARN" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamKmsEncryptionConfig": { + "type": "object", + "properties": { + "awskmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket." + } + }, + "irreversibleNames": { + "awskmsKeyArn": "AWSKMSKeyARN" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamMskSourceConfiguration": { + "type": "object", + "properties": { + "authenticationConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamAuthenticationConfiguration", + "description": "The authentication configuration of the Amazon MSK cluster." + }, + "mskClusterArn": { + "type": "string", + "description": "The ARN of the Amazon MSK cluster." + }, + "readFromTimestamp": { + "type": "string", + "description": "The start date and time in UTC for the offset position within your MSK topic from where Firehose begins to read. By default, this is set to timestamp when Firehose becomes Active.\n\nIf you want to create a Firehose stream with Earliest start position from SDK or CLI, you need to set the `ReadFromTimestamp` parameter to Epoch (1970-01-01T00:00:00Z)." + }, + "topicName": { + "type": "string", + "description": "The topic name within the Amazon MSK cluster." + } + }, + "irreversibleNames": { + "mskClusterArn": "MSKClusterARN" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamOpenXJsonSerDe": { + "type": "object", + "properties": { + "caseInsensitive": { + "type": "boolean", + "description": "When set to `true` , which is the default, Firehose converts JSON keys to lowercase before deserializing them." + }, + "columnToJsonKeyMappings": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, `timestamp` is a Hive keyword. If you have a JSON key named `timestamp` , set this parameter to `{\"ts\": \"timestamp\"}` to map this key to a column named `ts` ." + }, + "convertDotsInJsonKeysToUnderscores": { + "type": "boolean", + "description": "When set to `true` , specifies that the names of the keys include dots and that you want Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option.\n\nThe default is `false` ." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamOrcSerDe": { + "type": "object", + "properties": { + "blockSizeBytes": { + "type": "integer", + "description": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations." + }, + "bloomFilterColumns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The column names for which you want Firehose to create bloom filters. The default is `null` ." + }, + "bloomFilterFalsePositiveProbability": { + "type": "number", + "description": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1." + }, + "compression": { + "type": "string", + "description": "The compression code to use over data blocks. The default is `SNAPPY` ." + }, + "dictionaryKeyThreshold": { + "type": "number", + "description": "Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1." + }, + "enablePadding": { + "type": "boolean", + "description": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false` ." + }, + "formatVersion": { + "type": "string", + "description": "The version of the file to write. The possible values are `V0_11` and `V0_12` . The default is `V0_12` ." + }, + "paddingTolerance": { + "type": "number", + "description": "A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size.\n\nFor the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task.\n\nKinesis Data Firehose ignores this parameter when `EnablePadding` is `false` ." + }, + "rowIndexStride": { + "type": "integer", + "description": "The number of rows between index entries. The default is 10,000 and the minimum is 1,000." + }, + "stripeSizeBytes": { + "type": "integer", + "description": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamOutputFormatConfiguration": { + "type": "object", + "properties": { + "serializer": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSerializer", + "description": "Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamParquetSerDe": { + "type": "object", + "properties": { + "blockSizeBytes": { + "type": "integer", + "description": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations." + }, + "compression": { + "type": "string", + "description": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED` , `SNAPPY` , and `GZIP` , with the default being `SNAPPY` . Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed." + }, + "enableDictionaryCompression": { + "type": "boolean", + "description": "Indicates whether to enable dictionary compression." + }, + "maxPaddingBytes": { + "type": "integer", + "description": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0." + }, + "pageSizeBytes": { + "type": "integer", + "description": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB." + }, + "writerVersion": { + "type": "string", + "description": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` ." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamProcessingConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Indicates whether data processing is enabled (true) or disabled (false)." + }, + "processors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessor" + }, + "description": "The data processors." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamProcessor": { + "type": "object", + "properties": { + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessorParameter" + }, + "description": "The processor parameters." + }, + "type": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessorType", + "description": "The type of processor. Valid values: `Lambda` ." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamProcessorParameter": { + "type": "object", + "properties": { + "parameterName": { + "type": "string", + "description": "The name of the parameter. Currently the following default values are supported: 3 for `NumberOfRetries` and 60 for the `BufferIntervalInSeconds` . The `BufferSizeInMBs` ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB." + }, + "parameterValue": { + "type": "string", + "description": "The parameter value." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamProcessorType": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamRedshiftDestinationConfiguration": { + "type": "object", + "properties": { + "cloudWatchLoggingOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCloudWatchLoggingOptions", + "description": "The CloudWatch logging options for your delivery stream." + }, + "clusterJdbcurl": { + "type": "string", + "description": "The connection string that Kinesis Data Firehose uses to connect to the Amazon Redshift cluster." + }, + "copyCommand": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCopyCommand", + "description": "Configures the Amazon Redshift `COPY` command that Kinesis Data Firehose uses to load data into the cluster from the Amazon S3 bucket." + }, + "password": { + "type": "string", + "description": "The password for the Amazon Redshift user that you specified in the `Username` property." + }, + "processingConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessingConfiguration", + "description": "The data processing configuration for the Kinesis Data Firehose delivery stream." + }, + "retryOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamRedshiftRetryOptions", + "description": "The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes)." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon Redshift Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-rs) in the *Amazon Kinesis Data Firehose Developer Guide* ." + }, + "s3BackupConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration", + "description": "The configuration for backup in Amazon S3." + }, + "s3BackupMode": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamRedshiftDestinationConfigurationS3BackupMode", + "description": "The Amazon S3 backup mode. After you create a delivery stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the delivery stream to disable it." + }, + "s3Configuration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration", + "description": "The S3 bucket where Kinesis Data Firehose first delivers data. After the data is in the bucket, Kinesis Data Firehose uses the `COPY` command to load the data into the Amazon Redshift cluster. For the Amazon S3 bucket's compression format, don't specify `SNAPPY` or `ZIP` because the Amazon Redshift `COPY` command doesn't support them." + }, + "secretsManagerConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSecretsManagerConfiguration", + "description": "The configuration that defines how you access secrets for Amazon Redshift." + }, + "username": { + "type": "string", + "description": "The Amazon Redshift user that has permission to access the Amazon Redshift cluster. This user must have `INSERT` privileges for copying data from the Amazon S3 bucket to the cluster." + } + }, + "irreversibleNames": { + "clusterJdbcurl": "ClusterJDBCURL", + "roleArn": "RoleARN", + "s3BackupConfiguration": "S3BackupConfiguration", + "s3BackupMode": "S3BackupMode", + "s3Configuration": "S3Configuration" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamRedshiftDestinationConfigurationS3BackupMode": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamRedshiftRetryOptions": { + "type": "object", + "properties": { + "durationInSeconds": { + "type": "integer", + "description": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of `DurationInSeconds` is 0 (zero) or if the first delivery attempt takes longer than the current value." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamRetryOptions": { + "type": "object", + "properties": { + "durationInSeconds": { + "type": "integer", + "description": "The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration": { + "type": "object", + "properties": { + "bucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon S3 bucket to send data to." + }, + "bufferingHints": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamBufferingHints", + "description": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon S3 bucket." + }, + "cloudWatchLoggingOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCloudWatchLoggingOptions", + "description": "The CloudWatch logging options for your delivery stream." + }, + "compressionFormat": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfigurationCompressionFormat", + "description": "The type of compression that Kinesis Data Firehose uses to compress the data that it delivers to the Amazon S3 bucket. For valid values, see the `CompressionFormat` content for the [S3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_S3DestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* ." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamEncryptionConfiguration", + "description": "Configures Amazon Simple Storage Service (Amazon S3) server-side encryption. Kinesis Data Firehose uses AWS Key Management Service ( AWS KMS) to encrypt the data that it delivers to your Amazon S3 bucket." + }, + "errorOutputPrefix": { + "type": "string", + "description": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) ." + }, + "prefix": { + "type": "string", + "description": "A prefix that Kinesis Data Firehose adds to the files that it delivers to the Amazon S3 bucket. The prefix helps you identify the files that Kinesis Data Firehose delivered." + }, + "roleArn": { + "type": "string", + "description": "The ARN of an AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon S3 Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-s3) in the *Amazon Kinesis Data Firehose Developer Guide* ." + } + }, + "irreversibleNames": { + "bucketArn": "BucketARN", + "roleArn": "RoleARN" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfigurationCompressionFormat": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamSchemaConfiguration": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default." + }, + "databaseName": { + "type": "string", + "description": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n\n\u003e If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `DatabaseName` property is required and its value must be specified." + }, + "region": { + "type": "string", + "description": "If you don't specify an AWS Region, the default is the current Region." + }, + "roleArn": { + "type": "string", + "description": "The role that Firehose can use to access AWS Glue. This role must be in the same account you use for Firehose. Cross-account roles aren't allowed.\n\n\u003e If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `RoleARN` property is required and its value must be specified." + }, + "tableName": { + "type": "string", + "description": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n\u003e If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified." + }, + "versionId": { + "type": "string", + "description": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up." + } + }, + "irreversibleNames": { + "roleArn": "RoleARN" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamSecretsManagerConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Specifies whether you want to use the the secrets manager feature. When set as `True` the secrets manager configuration overwrites the existing secrets in the destination configuration. When it's set to `False` Firehose falls back to the credentials in the destination configuration." + }, + "roleArn": { + "type": "string", + "description": "Specifies the role that Firehose assumes when calling the Secrets Manager API operation. When you provide the role, it overrides any destination specific role defined in the destination configuration. If you do not provide the then we use the destination specific role. This parameter is required for Splunk." + }, + "secretArn": { + "type": "string", + "description": "The ARN of the secret that stores your credentials. It must be in the same region as the Firehose stream and the role. The secret ARN can reside in a different account than the delivery stream and role as Firehose supports cross-account secret access. This parameter is required when *Enabled* is set to `True` ." + } + }, + "irreversibleNames": { + "roleArn": "RoleARN", + "secretArn": "SecretARN" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamSerializer": { + "type": "object", + "properties": { + "orcSerDe": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamOrcSerDe", + "description": "A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://docs.aws.amazon.com/https://orc.apache.org/docs/) ." + }, + "parquetSerDe": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamParquetSerDe", + "description": "A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/documentation/latest/) ." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamSnowflakeBufferingHints": { + "type": "object", + "properties": { + "intervalInSeconds": { + "type": "integer", + "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 0." + }, + "sizeInMbs": { + "type": "integer", + "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 1." + } + }, + "irreversibleNames": { + "sizeInMbs": "SizeInMBs" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamSnowflakeDestinationConfiguration": { + "type": "object", + "properties": { + "accountUrl": { + "type": "string", + "description": "URL for accessing your Snowflake account. This URL must include your [account identifier](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-account-identifier) . Note that the protocol (https://) and port number are optional." + }, + "bufferingHints": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSnowflakeBufferingHints", + "description": "Describes the buffering to perform before delivering data to the Snowflake destination. If you do not specify any value, Firehose uses the default values." + }, + "cloudWatchLoggingOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCloudWatchLoggingOptions" + }, + "contentColumnName": { + "type": "string", + "description": "The name of the record content column" + }, + "dataLoadingOption": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSnowflakeDestinationConfigurationDataLoadingOption", + "description": "Choose to load JSON keys mapped to table column names or choose to split the JSON payload where content is mapped to a record content column and source metadata is mapped to a record metadata column." + }, + "database": { + "type": "string", + "description": "All data in Snowflake is maintained in databases." + }, + "keyPassphrase": { + "type": "string", + "description": "Passphrase to decrypt the private key when the key is encrypted. For information, see [Using Key Pair Authentication \u0026 Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) ." + }, + "metaDataColumnName": { + "type": "string", + "description": "The name of the record metadata column" + }, + "privateKey": { + "type": "string", + "description": "The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication \u0026 Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) ." + }, + "processingConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessingConfiguration", + "description": "Specifies configuration for Snowflake." + }, + "retryOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSnowflakeRetryOptions", + "description": "The time period where Firehose will retry sending data to the chosen HTTP endpoint." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Snowflake role" + }, + "s3BackupMode": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSnowflakeDestinationConfigurationS3BackupMode", + "description": "Choose an S3 backup mode" + }, + "s3Configuration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration" + }, + "schema": { + "type": "string", + "description": "Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views" + }, + "secretsManagerConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSecretsManagerConfiguration", + "description": "The configuration that defines how you access secrets for Snowflake." + }, + "snowflakeRoleConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSnowflakeRoleConfiguration", + "description": "Optionally configure a Snowflake role. Otherwise the default user role will be used." + }, + "snowflakeVpcConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSnowflakeVpcConfiguration", + "description": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-\u003c[id]\u003e. For more information, see [Amazon PrivateLink \u0026 Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", + "replaceOnChanges": true + }, + "table": { + "type": "string", + "description": "All data in Snowflake is stored in database tables, logically structured as collections of columns and rows." + }, + "user": { + "type": "string", + "description": "User login name for the Snowflake account." + } + }, + "irreversibleNames": { + "roleArn": "RoleARN", + "s3BackupMode": "S3BackupMode", + "s3Configuration": "S3Configuration" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamSnowflakeDestinationConfigurationDataLoadingOption": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamSnowflakeDestinationConfigurationS3BackupMode": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamSnowflakeRetryOptions": { + "type": "object", + "properties": { + "durationInSeconds": { + "type": "integer", + "description": "the time period where Firehose will retry sending data to the chosen HTTP endpoint." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamSnowflakeRoleConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Snowflake role" + }, + "snowflakeRole": { + "type": "string", + "description": "The Snowflake role you wish to configure" + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamSnowflakeVpcConfiguration": { + "type": "object", + "properties": { + "privateLinkVpceId": { + "type": "string", + "description": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-\u003c[id]\u003e. For more information, see [Amazon PrivateLink \u0026 Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)" + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamSplunkBufferingHints": { + "type": "object", + "properties": { + "intervalInSeconds": { + "type": "integer", + "description": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 60 (1 minute)." + }, + "sizeInMbs": { + "type": "integer", + "description": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5." + } + }, + "irreversibleNames": { + "sizeInMbs": "SizeInMBs" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamSplunkDestinationConfiguration": { + "type": "object", + "properties": { + "bufferingHints": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSplunkBufferingHints", + "description": "The buffering options. If no value is specified, the default values for Splunk are used." + }, + "cloudWatchLoggingOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamCloudWatchLoggingOptions", + "description": "The Amazon CloudWatch logging options for your delivery stream." + }, + "hecAcknowledgmentTimeoutInSeconds": { + "type": "integer", + "description": "The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings." + }, + "hecEndpoint": { + "type": "string", + "description": "The HTTP Event Collector (HEC) endpoint to which Firehose sends your data." + }, + "hecEndpointType": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSplunkDestinationConfigurationHecEndpointType", + "description": "This type can be either `Raw` or `Event` ." + }, + "hecToken": { + "type": "string", + "description": "This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint." + }, + "processingConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamProcessingConfiguration", + "description": "The data processing configuration." + }, + "retryOptions": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSplunkRetryOptions", + "description": "The retry behavior in case Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk." + }, + "s3BackupMode": { + "type": "string", + "description": "Defines how documents should be delivered to Amazon S3. When set to `FailedEventsOnly` , Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to `AllEvents` , Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is `FailedEventsOnly` .\n\nYou can update this backup mode from `FailedEventsOnly` to `AllEvents` . You can't update it from `AllEvents` to `FailedEventsOnly` ." + }, + "s3Configuration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamS3DestinationConfiguration", + "description": "The configuration for the backup Amazon S3 location." + }, + "secretsManagerConfiguration": { + "$ref": "#/types/aws-native:kinesisfirehose:DeliveryStreamSecretsManagerConfiguration", + "description": "The configuration that defines how you access secrets for Splunk." + } + }, + "irreversibleNames": { + "hecAcknowledgmentTimeoutInSeconds": "HECAcknowledgmentTimeoutInSeconds", + "hecEndpoint": "HECEndpoint", + "hecEndpointType": "HECEndpointType", + "hecToken": "HECToken", + "s3BackupMode": "S3BackupMode", + "s3Configuration": "S3Configuration" + } + }, + "aws-native:kinesisfirehose:DeliveryStreamSplunkDestinationConfigurationHecEndpointType": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamSplunkRetryOptions": { + "type": "object", + "properties": { + "durationInSeconds": { + "type": "integer", + "description": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt." + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A unique identifier for the tag. Maximum length: 128 characters. Valid characters: Unicode letters, digits, white space, _ . / = + - % @" + }, + "value": { + "type": "string", + "description": "An optional string, which you can use to describe or define the tag. Maximum length: 256 characters. Valid characters: Unicode letters, digits, white space, _ . / = + - % @" + } + } + }, + "aws-native:kinesisfirehose:DeliveryStreamType": { + "type": "string" + }, + "aws-native:kinesisfirehose:DeliveryStreamVpcConfiguration": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:\n\n- `ec2:DescribeVpcs`\n- `ec2:DescribeVpcAttribute`\n- `ec2:DescribeSubnets`\n- `ec2:DescribeSecurityGroups`\n- `ec2:DescribeNetworkInterfaces`\n- `ec2:CreateNetworkInterface`\n- `ec2:CreateNetworkInterfacePermission`\n- `ec2:DeleteNetworkInterface`\n\nIf you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.\n\nThe number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here." + } + }, + "irreversibleNames": { + "roleArn": "RoleARN" + } + }, + "aws-native:kinesisvideo:SignalingChannelTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. Specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. The following characters can be used: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. Specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. The following characters can be used: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:kinesisvideo:SignalingChannelType": { + "type": "string" + }, + "aws-native:kinesisvideo:StreamTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. Specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. The following characters can be used: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. Specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. The following characters can be used: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:kms:KeyOrigin": { + "type": "string" + }, + "aws-native:kms:KeySpec": { + "type": "string" + }, + "aws-native:kms:KeyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with ``aws:``. digits, whitespace, ``_``, ``.``, ``:``, ``/``, ``=``, ``+``, ``@``, ``-``, and ``\"``.\n For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, ``_``, ``.``, ``/``, ``=``, ``+``, and ``-``.\n For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)." + } + } + }, + "aws-native:kms:KeyUsage": { + "type": "string" + }, + "aws-native:kms:ReplicaKeyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:lakeformation:DataCellsFilterColumnWildcard": { + "type": "object", + "properties": { + "excludedColumnNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of column names to be excluded from the Data Cells Filter." + } + } + }, + "aws-native:lakeformation:DataCellsFilterRowFilter": { + "type": "object", + "properties": { + "allRowsWildcard": { + "$ref": "pulumi.json#/Any", + "description": "An empty object representing a row wildcard." + }, + "filterExpression": { + "type": "string", + "description": "A PartiQL predicate." + } + } + }, + "aws-native:lakeformation:PrincipalPermissionsCatalogResource": { + "type": "object" + }, + "aws-native:lakeformation:PrincipalPermissionsColumnWildcard": { + "type": "object", + "properties": { + "excludedColumnNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Excludes column names. Any column with this name will be excluded." + } + } + }, + "aws-native:lakeformation:PrincipalPermissionsDataCellsFilterResource": { + "type": "object", + "properties": { + "databaseName": { + "type": "string", + "description": "A database in the GLUDC." + }, + "name": { + "type": "string", + "description": "The name given by the user to the data filter cell." + }, + "tableCatalogId": { + "type": "string", + "description": "The ID of the catalog to which the table belongs." + }, + "tableName": { + "type": "string", + "description": "The name of the table." + } + } + }, + "aws-native:lakeformation:PrincipalPermissionsDataLakePrincipal": { + "type": "object", + "properties": { + "dataLakePrincipalIdentifier": { + "type": "string", + "description": "An identifier for the LFlong principal." + } + } + }, + "aws-native:lakeformation:PrincipalPermissionsDataLocationResource": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "The identifier for the GLUDC where the location is registered with LFlong." + }, + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource." + } + } + }, + "aws-native:lakeformation:PrincipalPermissionsDatabaseResource": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "The identifier for the Data Catalog. By default, it is the account ID of the caller." + }, + "name": { + "type": "string", + "description": "The name of the database resource. Unique to the Data Catalog." + } + } + }, + "aws-native:lakeformation:PrincipalPermissionsLfTag": { + "type": "object", + "properties": { + "tagKey": { + "type": "string", + "description": "The key-name for the LF-tag." + }, + "tagValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of possible values of the corresponding ``TagKey`` of an LF-tag key-value pair." + } + } + }, + "aws-native:lakeformation:PrincipalPermissionsLfTagKeyResource": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "The identifier for the GLUDC where the location is registered with GLUDC." + }, + "tagKey": { + "type": "string", + "description": "The key-name for the LF-tag." + }, + "tagValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of possible values for the corresponding ``TagKey`` of an LF-tag key-value pair." + } + } + }, + "aws-native:lakeformation:PrincipalPermissionsLfTagPolicyResource": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "The identifier for the GLUDC. The GLUDC is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your LFlong environment." + }, + "expression": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsLfTag" + }, + "description": "A list of LF-tag conditions that apply to the resource's LF-tag policy." + }, + "resourceType": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsResourceType", + "description": "The resource type for which the LF-tag policy applies." + } + } + }, + "aws-native:lakeformation:PrincipalPermissionsPermission": { + "type": "string" + }, + "aws-native:lakeformation:PrincipalPermissionsResource": { + "type": "object", + "properties": { + "catalog": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsCatalogResource", + "description": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your LFlong environment." + }, + "dataCellsFilter": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsDataCellsFilterResource", + "description": "A data cell filter." + }, + "dataLocation": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsDataLocationResource", + "description": "The location of an Amazon S3 path where permissions are granted or revoked." + }, + "database": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsDatabaseResource", + "description": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal." + }, + "lfTag": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsLfTagKeyResource", + "description": "The LF-tag key and values attached to a resource." + }, + "lfTagPolicy": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsLfTagPolicyResource", + "description": "A list of LF-tag conditions that define a resource's LF-tag policy." + }, + "table": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsTableResource", + "description": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal." + }, + "tableWithColumns": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsTableWithColumnsResource", + "description": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3." + } + }, + "irreversibleNames": { + "lfTag": "LFTag", + "lfTagPolicy": "LFTagPolicy" + } + }, + "aws-native:lakeformation:PrincipalPermissionsResourceType": { + "type": "string" + }, + "aws-native:lakeformation:PrincipalPermissionsTableResource": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "The identifier for the Data Catalog. By default, it is the account ID of the caller." + }, + "databaseName": { + "type": "string", + "description": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal." + }, + "name": { + "type": "string", + "description": "The name of the table." + }, + "tableWildcard": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsTableWildcard", + "description": "A wildcard object representing every table under a database.\n At least one of ``TableResource$Name`` or ``TableResource$TableWildcard`` is required." + } + } + }, + "aws-native:lakeformation:PrincipalPermissionsTableWildcard": { + "type": "object" + }, + "aws-native:lakeformation:PrincipalPermissionsTableWithColumnsResource": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "The identifier for the GLUDC where the location is registered with LFlong." + }, + "columnNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of column names for the table. At least one of ``ColumnNames`` or ``ColumnWildcard`` is required." + }, + "columnWildcard": { + "$ref": "#/types/aws-native:lakeformation:PrincipalPermissionsColumnWildcard", + "description": "A wildcard specified by a ``ColumnWildcard`` object. At least one of ``ColumnNames`` or ``ColumnWildcard`` is required." + }, + "databaseName": { + "type": "string", + "description": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal." + }, + "name": { + "type": "string", + "description": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal." + } + } + }, + "aws-native:lakeformation:TagAssociationCatalogResource": { + "type": "object" + }, + "aws-native:lakeformation:TagAssociationDatabaseResource": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "The identifier for the Data Catalog . By default, it should be the account ID of the caller." + }, + "name": { + "type": "string", + "description": "The name of the database resource. Unique to the Data Catalog." + } + } + }, + "aws-native:lakeformation:TagAssociationLfTagPair": { + "type": "object", + "properties": { + "catalogId": { + "type": "string" + }, + "tagKey": { + "type": "string" + }, + "tagValues": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:lakeformation:TagAssociationResource": { + "type": "object", + "properties": { + "catalog": { + "$ref": "#/types/aws-native:lakeformation:TagAssociationCatalogResource", + "description": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment." + }, + "database": { + "$ref": "#/types/aws-native:lakeformation:TagAssociationDatabaseResource", + "description": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal." + }, + "table": { + "$ref": "#/types/aws-native:lakeformation:TagAssociationTableResource", + "description": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal." + }, + "tableWithColumns": { + "$ref": "#/types/aws-native:lakeformation:TagAssociationTableWithColumnsResource", + "description": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3." + } + } + }, + "aws-native:lakeformation:TagAssociationTableResource": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "The identifier for the Data Catalog . By default, it is the account ID of the caller." + }, + "databaseName": { + "type": "string", + "description": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal." + }, + "name": { + "type": "string", + "description": "The name of the table." + }, + "tableWildcard": { + "$ref": "#/types/aws-native:lakeformation:TagAssociationTableWildcard", + "description": "A wildcard object representing every table under a database.This is an object with no properties that effectively behaves as a true or false depending on whether not it is passed as a parameter. The valid inputs for a property with this type in either yaml or json is null or {}.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required." + } + } + }, + "aws-native:lakeformation:TagAssociationTableWildcard": { + "type": "object" + }, + "aws-native:lakeformation:TagAssociationTableWithColumnsResource": { + "type": "object", + "properties": { + "catalogId": { + "type": "string", + "description": "A wildcard object representing every table under a database.\n\nAt least one of TableResource$Name or TableResource$TableWildcard is required." + }, + "columnNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required." + }, + "databaseName": { + "type": "string", + "description": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal." + }, + "name": { + "type": "string", + "description": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal." + } + } + }, + "aws-native:lambda:AliasProvisionedConcurrencyConfiguration": { + "type": "object", + "properties": { + "provisionedConcurrentExecutions": { + "type": "integer", + "description": "The amount of provisioned concurrency to allocate for the alias." + } + } + }, + "aws-native:lambda:AliasRoutingConfiguration": { + "type": "object", + "properties": { + "additionalVersionWeights": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lambda:AliasVersionWeight" + }, + "description": "The second version, and the percentage of traffic that's routed to it." + } + } + }, + "aws-native:lambda:AliasVersionWeight": { + "type": "object", + "properties": { + "functionVersion": { + "type": "string", + "description": "The qualifier of the second version." + }, + "functionWeight": { + "type": "number", + "description": "The percentage of traffic that the alias routes to the second version." + } + } + }, + "aws-native:lambda:CodeSigningConfigAllowedPublishers": { + "type": "object", + "properties": { + "signingProfileVersionArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Signing profile version Arns" + } + } + }, + "aws-native:lambda:CodeSigningConfigCodeSigningPolicies": { + "type": "object", + "properties": { + "untrustedArtifactOnDeployment": { + "$ref": "#/types/aws-native:lambda:CodeSigningConfigCodeSigningPoliciesUntrustedArtifactOnDeployment", + "description": "Indicates how Lambda operations involve updating the code artifact will operate. Default to Warn if not provided" + } + } + }, + "aws-native:lambda:CodeSigningConfigCodeSigningPoliciesUntrustedArtifactOnDeployment": { + "type": "string" + }, + "aws-native:lambda:EventInvokeConfigDestinationConfig": { + "type": "object", + "properties": { + "onFailure": { + "$ref": "#/types/aws-native:lambda:EventInvokeConfigOnFailure", + "description": "The destination configuration for failed invocations." + }, + "onSuccess": { + "$ref": "#/types/aws-native:lambda:EventInvokeConfigOnSuccess", + "description": "The destination configuration for successful invocations." + } + } + }, + "aws-native:lambda:EventInvokeConfigOnFailure": { + "type": "object", + "properties": { + "destination": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the destination resource." + } + } + }, + "aws-native:lambda:EventInvokeConfigOnSuccess": { + "type": "object", + "properties": { + "destination": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the destination resource." + } + } + }, + "aws-native:lambda:EventSourceMappingAmazonManagedKafkaEventSourceConfig": { + "type": "object", + "properties": { + "consumerGroupId": { + "type": "string", + "description": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id)." + } + } + }, + "aws-native:lambda:EventSourceMappingDestinationConfig": { + "type": "object", + "properties": { + "onFailure": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingOnFailure", + "description": "The destination configuration for failed invocations." + } + } + }, + "aws-native:lambda:EventSourceMappingDocumentDbEventSourceConfig": { + "type": "object", + "properties": { + "collectionName": { + "type": "string", + "description": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections." + }, + "databaseName": { + "type": "string", + "description": "The name of the database to consume within the DocumentDB cluster." + }, + "fullDocument": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingDocumentDbEventSourceConfigFullDocument", + "description": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes." + } + } + }, + "aws-native:lambda:EventSourceMappingDocumentDbEventSourceConfigFullDocument": { + "type": "string" + }, + "aws-native:lambda:EventSourceMappingEndpoints": { + "type": "object", + "properties": { + "kafkaBootstrapServers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of bootstrap servers for your Kafka brokers in the following format: ``\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]``." + } + } + }, + "aws-native:lambda:EventSourceMappingFilter": { + "type": "object", + "properties": { + "pattern": { + "type": "string", + "description": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax)." + } + } + }, + "aws-native:lambda:EventSourceMappingFilterCriteria": { + "type": "object", + "properties": { + "filters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingFilter" + }, + "description": "A list of filters." + } + } + }, + "aws-native:lambda:EventSourceMappingFunctionResponseTypesItem": { + "type": "string" + }, + "aws-native:lambda:EventSourceMappingOnFailure": { + "type": "object", + "properties": { + "destination": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the destination resource.\n To retain records of [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, or Amazon EventBridge event bus as the destination.\n To retain records of failed invocations from [Kinesis and DynamoDB event sources](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#event-source-mapping-destinations), you can configure an Amazon SNS topic or Amazon SQS queue as the destination.\n To retain records of failed invocations from [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination), you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination." + } + } + }, + "aws-native:lambda:EventSourceMappingScalingConfig": { + "type": "object", + "properties": { + "maximumConcurrency": { + "type": "integer", + "description": "Limits the number of concurrent instances that the SQS event source can invoke." + } + } + }, + "aws-native:lambda:EventSourceMappingSelfManagedEventSource": { + "type": "object", + "properties": { + "endpoints": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingEndpoints", + "description": "The list of bootstrap servers for your Kafka brokers in the following format: ``\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]``." + } + } + }, + "aws-native:lambda:EventSourceMappingSelfManagedKafkaEventSourceConfig": { + "type": "object", + "properties": { + "consumerGroupId": { + "type": "string", + "description": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id)." + } + } + }, + "aws-native:lambda:EventSourceMappingSourceAccessConfiguration": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:lambda:EventSourceMappingSourceAccessConfigurationType", + "description": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``\"Type\":\"SASL_SCRAM_512_AUTH\"``.\n + ``BASIC_AUTH`` – (Amazon MQ) The ASMlong secret that stores your broker credentials.\n + ``BASIC_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n + ``VPC_SUBNET`` – (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n + ``VPC_SECURITY_GROUP`` – (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_256_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n + ``SASL_SCRAM_512_AUTH`` – (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n + ``VIRTUAL_HOST`` –- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n + ``CLIENT_CERTIFICATE_TLS_AUTH`` – (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n + ``SERVER_ROOT_CA_CERTIFICATE`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers." + }, + "uri": { + "type": "string", + "description": "The value for your chosen configuration in ``Type``. For example: ``\"URI\": \"arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName\"``." + } + }, + "irreversibleNames": { + "uri": "URI" + } + }, + "aws-native:lambda:EventSourceMappingSourceAccessConfigurationType": { + "type": "string" + }, + "aws-native:lambda:FunctionArchitecturesItem": { + "type": "string" + }, + "aws-native:lambda:FunctionCode": { + "type": "object", + "properties": { + "imageUri": { + "type": "string", + "description": "URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry." + }, + "s3Bucket": { + "type": "string", + "description": "An Amazon S3 bucket in the same AWS-Region as your function. The bucket can be in a different AWS-account." + }, + "s3Key": { + "type": "string", + "description": "The Amazon S3 key of the deployment package." + }, + "s3ObjectVersion": { + "type": "string", + "description": "For versioned objects, the version of the deployment package object to use." + }, + "sourceKmsKeyArn": { + "type": "string" + }, + "zipFile": { + "type": "string", + "description": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, CFN places it in a file named ``index`` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html). This zip file cannot exceed 4MB. For the ``Handler`` property, the first part of the handler identifier must be ``index``. For example, ``index.handler``.\n For JSON, you must escape quotes and special characters such as newline (``\\n``) with a backslash.\n If you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ([cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html)) that simplifies sending responses. See [Using Lambda with CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3Key": "S3Key", + "s3ObjectVersion": "S3ObjectVersion", + "sourceKmsKeyArn": "SourceKMSKeyArn" + } + }, + "aws-native:lambda:FunctionDeadLetterConfig": { + "type": "object", + "properties": { + "targetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic." + } + } + }, + "aws-native:lambda:FunctionEnvironment": { + "type": "object", + "properties": { + "variables": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html)." + } + } + }, + "aws-native:lambda:FunctionEphemeralStorage": { + "type": "object", + "properties": { + "size": { + "type": "integer", + "description": "The size of the function's ``/tmp`` directory." + } + } + }, + "aws-native:lambda:FunctionFileSystemConfig": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system." + }, + "localMountPath": { + "type": "string", + "description": "The path where the function can access the file system, starting with ``/mnt/``." + } + } + }, + "aws-native:lambda:FunctionImageConfig": { + "type": "object", + "properties": { + "command": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list." + }, + "entryPoint": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list." + }, + "workingDirectory": { + "type": "string", + "description": "Specifies the working directory. The length of the directory string cannot exceed 1,000 characters." + } + } + }, + "aws-native:lambda:FunctionLoggingConfig": { + "type": "object", + "properties": { + "applicationLogLevel": { + "$ref": "#/types/aws-native:lambda:FunctionLoggingConfigApplicationLogLevel", + "description": "Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where ``TRACE`` is the highest level and ``FATAL`` is the lowest." + }, + "logFormat": { + "$ref": "#/types/aws-native:lambda:FunctionLoggingConfigLogFormat", + "description": "The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON." + }, + "logGroup": { + "type": "string", + "description": "The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named ``/aws/lambda/\u003cfunction name\u003e``. To use a different log group, enter an existing log group or enter a new log group name." + }, + "systemLogLevel": { + "$ref": "#/types/aws-native:lambda:FunctionLoggingConfigSystemLogLevel", + "description": "Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where ``DEBUG`` is the highest level and ``WARN`` is the lowest." + } + } + }, + "aws-native:lambda:FunctionLoggingConfigApplicationLogLevel": { + "type": "string" + }, + "aws-native:lambda:FunctionLoggingConfigLogFormat": { + "type": "string" + }, + "aws-native:lambda:FunctionLoggingConfigSystemLogLevel": { + "type": "string" + }, + "aws-native:lambda:FunctionPackageType": { + "type": "string" + }, + "aws-native:lambda:FunctionRuntimeManagementConfig": { + "type": "object", + "properties": { + "runtimeVersionArn": { + "type": "string", + "description": "The ARN of the runtime version you want the function to use.\n This is only required if you're using the *Manual* runtime update mode." + }, + "updateRuntimeOn": { + "$ref": "#/types/aws-native:lambda:FunctionRuntimeManagementConfigUpdateRuntimeOn", + "description": "Specify the runtime update mode.\n + *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase). This is the best choice for most customers to ensure they always benefit from runtime updates.\n + *FunctionUpdate* - LAM updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n + *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback).\n \n *Valid Values*: ``Auto`` | ``FunctionUpdate`` | ``Manual``" + } + } + }, + "aws-native:lambda:FunctionRuntimeManagementConfigUpdateRuntimeOn": { + "type": "string" + }, + "aws-native:lambda:FunctionSnapStart": { + "type": "object", + "properties": { + "applyOn": { + "$ref": "#/types/aws-native:lambda:FunctionSnapStartApplyOn", + "description": "Set ``ApplyOn`` to ``PublishedVersions`` to create a snapshot of the initialized execution environment when you publish a function version." + } + } + }, + "aws-native:lambda:FunctionSnapStartApplyOn": { + "type": "string" + }, + "aws-native:lambda:FunctionSnapStartResponse": { + "type": "object", + "properties": { + "applyOn": { + "$ref": "#/types/aws-native:lambda:FunctionSnapStartResponseApplyOn", + "description": "When set to ``PublishedVersions``, Lambda creates a snapshot of the execution environment when you publish a function version." + }, + "optimizationStatus": { + "$ref": "#/types/aws-native:lambda:FunctionSnapStartResponseOptimizationStatus", + "description": "When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using), this response element indicates whether SnapStart is activated for the specified function version." + } + } + }, + "aws-native:lambda:FunctionSnapStartResponseApplyOn": { + "type": "string" + }, + "aws-native:lambda:FunctionSnapStartResponseOptimizationStatus": { + "type": "string" + }, + "aws-native:lambda:FunctionTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:lambda:FunctionTracingConfig": { + "type": "object", + "properties": { + "mode": { + "$ref": "#/types/aws-native:lambda:FunctionTracingConfigMode", + "description": "The tracing mode." + } + } + }, + "aws-native:lambda:FunctionTracingConfigMode": { + "type": "string" + }, + "aws-native:lambda:FunctionVpcConfig": { + "type": "object", + "properties": { + "ipv6AllowedForDualStack": { + "type": "boolean", + "description": "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of VPC security group IDs." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of VPC subnet IDs." + } + } + }, + "aws-native:lambda:LayerVersionContent": { + "type": "object", + "properties": { + "s3Bucket": { + "type": "string", + "description": "The Amazon S3 bucket of the layer archive." + }, + "s3Key": { + "type": "string", + "description": "The Amazon S3 key of the layer archive." + }, + "s3ObjectVersion": { + "type": "string", + "description": "For versioned objects, the version of the layer archive object to use." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3Key": "S3Key", + "s3ObjectVersion": "S3ObjectVersion" + } + }, + "aws-native:lambda:PermissionFunctionUrlAuthType": { + "type": "string" + }, + "aws-native:lambda:UrlAllowMethodsItem": { + "type": "string" + }, + "aws-native:lambda:UrlAuthType": { + "type": "string" + }, + "aws-native:lambda:UrlCors": { + "type": "object", + "properties": { + "allowCredentials": { + "type": "boolean", + "description": "Specifies whether credentials are included in the CORS request." + }, + "allowHeaders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Represents a collection of allowed headers." + }, + "allowMethods": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lambda:UrlAllowMethodsItem" + }, + "description": "Represents a collection of allowed HTTP methods." + }, + "allowOrigins": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Represents a collection of allowed origins." + }, + "exposeHeaders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Represents a collection of exposed headers." + }, + "maxAge": { + "type": "integer", + "description": "The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to `0` , which means the browser will not cache results." + } + } + }, + "aws-native:lambda:UrlInvokeMode": { + "type": "string" + }, + "aws-native:lambda:VersionProvisionedConcurrencyConfiguration": { + "type": "object", + "properties": { + "provisionedConcurrentExecutions": { + "type": "integer", + "description": "The amount of provisioned concurrency to allocate for the version." + } + } + }, + "aws-native:lambda:VersionRuntimePolicy": { + "type": "object", + "properties": { + "runtimeVersionArn": { + "type": "string", + "description": "The ARN of the runtime the function is configured to use. If the runtime update mode is manual, the ARN is returned, otherwise null is returned." + }, + "updateRuntimeOn": { + "type": "string", + "description": "The runtime update mode." + } + } + }, + "aws-native:launchwizard:DeploymentStatus": { + "type": "string" + }, + "aws-native:launchwizard:DeploymentTags": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:lex:BotAdvancedRecognitionSetting": { + "type": "object", + "properties": { + "audioRecognitionStrategy": { + "$ref": "#/types/aws-native:lex:BotAudioRecognitionStrategy", + "description": "Enables using the slot values as a custom vocabulary for recognizing user utterances." + } + } + }, + "aws-native:lex:BotAliasAudioLogDestination": { + "type": "object", + "properties": { + "s3Bucket": { + "$ref": "#/types/aws-native:lex:BotAliasS3BucketLogDestination" + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket" + } + }, + "aws-native:lex:BotAliasAudioLogSetting": { + "type": "object", + "properties": { + "destination": { + "$ref": "#/types/aws-native:lex:BotAliasAudioLogDestination" + }, + "enabled": { + "type": "boolean" + } + } + }, + "aws-native:lex:BotAliasCloudWatchLogGroupLogDestination": { + "type": "object", + "properties": { + "cloudWatchLogGroupArn": { + "type": "string", + "description": "A string used to identify the groupArn for the Cloudwatch Log Group" + }, + "logPrefix": { + "type": "string", + "description": "A string containing the value for the Log Prefix" + } + } + }, + "aws-native:lex:BotAliasCodeHookSpecification": { + "type": "object", + "properties": { + "lambdaCodeHook": { + "$ref": "#/types/aws-native:lex:BotAliasLambdaCodeHook" + } + } + }, + "aws-native:lex:BotAliasConversationLogSettings": { + "type": "object", + "properties": { + "audioLogSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotAliasAudioLogSetting" + }, + "description": "The Amazon S3 settings for logging audio to an S3 bucket." + }, + "textLogSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotAliasTextLogSetting" + }, + "description": "The Amazon CloudWatch Logs settings for logging text and metadata." + } + } + }, + "aws-native:lex:BotAliasLambdaCodeHook": { + "type": "object", + "properties": { + "codeHookInterfaceVersion": { + "type": "string", + "description": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function." + }, + "lambdaArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Lambda function." + } + } + }, + "aws-native:lex:BotAliasLocaleSettings": { + "type": "object", + "properties": { + "codeHookSpecification": { + "$ref": "#/types/aws-native:lex:BotAliasCodeHookSpecification" + }, + "enabled": { + "type": "boolean", + "description": "Whether the Lambda code hook is enabled" + } + } + }, + "aws-native:lex:BotAliasLocaleSettingsItem": { + "type": "object", + "properties": { + "botAliasLocaleSetting": { + "$ref": "#/types/aws-native:lex:BotAliasLocaleSettings" + }, + "localeId": { + "type": "string", + "description": "A string used to identify the locale" + } + } + }, + "aws-native:lex:BotAliasS3BucketLogDestination": { + "type": "object", + "properties": { + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an S3 bucket." + }, + "logPrefix": { + "type": "string", + "description": "The Amazon S3 key of the deployment package." + }, + "s3BucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored." + } + }, + "irreversibleNames": { + "s3BucketArn": "S3BucketArn" + } + }, + "aws-native:lex:BotAliasStatus": { + "type": "string" + }, + "aws-native:lex:BotAliasTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag" + }, + "value": { + "type": "string", + "description": "A string containing the value for the tag" + } + } + }, + "aws-native:lex:BotAliasTextLogDestination": { + "type": "object", + "properties": { + "cloudWatch": { + "$ref": "#/types/aws-native:lex:BotAliasCloudWatchLogGroupLogDestination" + } + } + }, + "aws-native:lex:BotAliasTextLogSetting": { + "type": "object", + "properties": { + "destination": { + "$ref": "#/types/aws-native:lex:BotAliasTextLogDestination" + }, + "enabled": { + "type": "boolean" + } + } + }, + "aws-native:lex:BotAllowedInputTypes": { + "type": "object", + "properties": { + "allowAudioInput": { + "type": "boolean", + "description": "Indicates whether audio input is allowed." + }, + "allowDtmfInput": { + "type": "boolean", + "description": "Indicates whether DTMF input is allowed." + } + }, + "irreversibleNames": { + "allowDtmfInput": "AllowDTMFInput" + } + }, + "aws-native:lex:BotAudioAndDtmfInputSpecification": { + "type": "object", + "properties": { + "audioSpecification": { + "$ref": "#/types/aws-native:lex:BotAudioSpecification" + }, + "dtmfSpecification": { + "$ref": "#/types/aws-native:lex:BotDtmfSpecification" + }, + "startTimeoutMs": { + "type": "integer", + "description": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs." + } + }, + "irreversibleNames": { + "dtmfSpecification": "DTMFSpecification" + } + }, + "aws-native:lex:BotAudioLogDestination": { + "type": "object", + "properties": { + "s3Bucket": { + "$ref": "#/types/aws-native:lex:BotS3BucketLogDestination" + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket" + } + }, + "aws-native:lex:BotAudioLogSetting": { + "type": "object", + "properties": { + "destination": { + "$ref": "#/types/aws-native:lex:BotAudioLogDestination" + }, + "enabled": { + "type": "boolean" + } + } + }, + "aws-native:lex:BotAudioRecognitionStrategy": { + "type": "string" + }, + "aws-native:lex:BotAudioSpecification": { + "type": "object", + "properties": { + "endTimeoutMs": { + "type": "integer", + "description": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished." + }, + "maxLengthMs": { + "type": "integer", + "description": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application." + } + } + }, + "aws-native:lex:BotButton": { + "type": "object", + "properties": { + "text": { + "type": "string", + "description": "The text that appears on the button." + }, + "value": { + "type": "string", + "description": "The value returned to Amazon Lex when the user chooses this button." + } + } + }, + "aws-native:lex:BotCloudWatchLogGroupLogDestination": { + "type": "object", + "properties": { + "cloudWatchLogGroupArn": { + "type": "string", + "description": "A string used to identify the groupArn for the Cloudwatch Log Group" + }, + "logPrefix": { + "type": "string", + "description": "A string containing the value for the Log Prefix" + } + } + }, + "aws-native:lex:BotCodeHookSpecification": { + "type": "object", + "properties": { + "lambdaCodeHook": { + "$ref": "#/types/aws-native:lex:BotLambdaCodeHook" + } + } + }, + "aws-native:lex:BotCondition": { + "type": "object", + "properties": { + "expressionString": { + "type": "string", + "description": "The expression string that is evaluated." + } + } + }, + "aws-native:lex:BotConditionalBranch": { + "type": "object", + "properties": { + "condition": { + "$ref": "#/types/aws-native:lex:BotCondition", + "description": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken." + }, + "name": { + "type": "string", + "description": "The name of the branch." + }, + "nextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "The next step in the conversation." + }, + "response": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + } + } + }, + "aws-native:lex:BotConditionalSpecification": { + "type": "object", + "properties": { + "conditionalBranches": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotConditionalBranch" + }, + "description": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true." + }, + "defaultBranch": { + "$ref": "#/types/aws-native:lex:BotDefaultConditionalBranch", + "description": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step." + }, + "isActive": { + "type": "boolean", + "description": "Determines whether a conditional branch is active. When active is false, the conditions are not evaluated." + } + } + }, + "aws-native:lex:BotConversationLogSettings": { + "type": "object", + "properties": { + "audioLogSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotAudioLogSetting" + }, + "description": "The Amazon S3 settings for logging audio to an S3 bucket." + }, + "textLogSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotTextLogSetting" + }, + "description": "The Amazon CloudWatch Logs settings for logging text and metadata." + } + } + }, + "aws-native:lex:BotCustomPayload": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "The string that is sent to your application." + } + } + }, + "aws-native:lex:BotCustomVocabulary": { + "type": "object", + "properties": { + "customVocabularyItems": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotCustomVocabularyItem" + }, + "description": "Specifies a list of words that you expect to be used during a conversation with your bot." + } + } + }, + "aws-native:lex:BotCustomVocabularyItem": { + "type": "object", + "properties": { + "displayAs": { + "type": "string", + "description": "Defines how you want your phrase to look in your transcription output." + }, + "phrase": { + "type": "string", + "description": "Phrase that should be recognized." + }, + "weight": { + "type": "integer", + "description": "The degree to which the phrase recognition is boosted. The weight 0 means that no boosting will be applied and the entry will only be used for performing replacements using the displayAs field." + } + } + }, + "aws-native:lex:BotDefaultConditionalBranch": { + "type": "object", + "properties": { + "nextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "The next step in the conversation." + }, + "response": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + } + } + }, + "aws-native:lex:BotDialogAction": { + "type": "object", + "properties": { + "slotToElicit": { + "type": "string", + "description": "If the dialog action is ElicitSlot, defines the slot to elicit from the user." + }, + "suppressNextMessage": { + "type": "boolean", + "description": "When true the next message for the intent is not used." + }, + "type": { + "$ref": "#/types/aws-native:lex:BotDialogActionType", + "description": "The action that the bot should execute." + } + } + }, + "aws-native:lex:BotDialogActionType": { + "type": "string" + }, + "aws-native:lex:BotDialogCodeHookInvocationSetting": { + "type": "object", + "properties": { + "enableCodeHookInvocation": { + "type": "boolean", + "description": "Indicates whether a Lambda function should be invoked for the dialog." + }, + "invocationLabel": { + "type": "string", + "description": "A label that indicates the dialog step from which the dialog code hook is happening." + }, + "isActive": { + "type": "boolean", + "description": "Determines whether a dialog code hook is used when the intent is activated." + }, + "postCodeHookSpecification": { + "$ref": "#/types/aws-native:lex:BotPostDialogCodeHookInvocationSpecification", + "description": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete." + } + } + }, + "aws-native:lex:BotDialogCodeHookSetting": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enables the dialog code hook so that it processes user requests." + } + } + }, + "aws-native:lex:BotDialogState": { + "type": "object", + "properties": { + "dialogAction": { + "$ref": "#/types/aws-native:lex:BotDialogAction", + "description": "Defines the action that the bot executes at runtime when the conversation reaches this step." + }, + "intent": { + "$ref": "#/types/aws-native:lex:BotIntentOverride", + "description": "Override settings to configure the intent state." + }, + "sessionAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotSessionAttribute" + }, + "description": "List of session attributes to be applied when the conversation reaches this step." + } + } + }, + "aws-native:lex:BotDtmfSpecification": { + "type": "object", + "properties": { + "deletionCharacter": { + "type": "string", + "description": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input." + }, + "endCharacter": { + "type": "string", + "description": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout." + }, + "endTimeoutMs": { + "type": "integer", + "description": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded." + }, + "maxLength": { + "type": "integer", + "description": "The maximum number of DTMF digits allowed in an utterance." + } + } + }, + "aws-native:lex:BotElicitationCodeHookInvocationSetting": { + "type": "object", + "properties": { + "enableCodeHookInvocation": { + "type": "boolean", + "description": "Indicates whether a Lambda function should be invoked for the dialog." + }, + "invocationLabel": { + "type": "string", + "description": "A label that indicates the dialog step from which the dialog code hook is happening." + } + } + }, + "aws-native:lex:BotExternalSourceSetting": { + "type": "object", + "properties": { + "grammarSlotTypeSetting": { + "$ref": "#/types/aws-native:lex:BotGrammarSlotTypeSetting", + "description": "Settings required for a slot type based on a grammar that you provide." + } + } + }, + "aws-native:lex:BotFulfillmentCodeHookSetting": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Indicates whether a Lambda function should be invoked to fulfill a specific intent." + }, + "fulfillmentUpdatesSpecification": { + "$ref": "#/types/aws-native:lex:BotFulfillmentUpdatesSpecification", + "description": "Provides settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations." + }, + "isActive": { + "type": "boolean", + "description": "Determines whether the fulfillment code hook is used. When active is false, the code hook doesn't run." + }, + "postFulfillmentStatusSpecification": { + "$ref": "#/types/aws-native:lex:BotPostFulfillmentStatusSpecification", + "description": "Provides settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations." + } + } + }, + "aws-native:lex:BotFulfillmentStartResponseSpecification": { + "type": "object", + "properties": { + "allowInterrupt": { + "type": "boolean", + "description": "Determines whether the user can interrupt the start message while it is playing." + }, + "delayInSeconds": { + "type": "integer", + "description": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played." + }, + "messageGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotMessageGroup" + }, + "description": "1 - 5 message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user." + } + } + }, + "aws-native:lex:BotFulfillmentUpdateResponseSpecification": { + "type": "object", + "properties": { + "allowInterrupt": { + "type": "boolean", + "description": "Determines whether the user can interrupt an update message while it is playing." + }, + "frequencyInSeconds": { + "type": "integer", + "description": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user." + }, + "messageGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotMessageGroup" + }, + "description": "1 - 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user." + } + } + }, + "aws-native:lex:BotFulfillmentUpdatesSpecification": { + "type": "object", + "properties": { + "active": { + "type": "boolean", + "description": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent." + }, + "startResponse": { + "$ref": "#/types/aws-native:lex:BotFulfillmentStartResponseSpecification", + "description": "Provides configuration information for the message sent to users when the fulfillment Lambda functions starts running." + }, + "timeoutInSeconds": { + "type": "integer", + "description": "The length of time that the fulfillment Lambda function should run before it times out." + }, + "updateResponse": { + "$ref": "#/types/aws-native:lex:BotFulfillmentUpdateResponseSpecification", + "description": "Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running." + } + } + }, + "aws-native:lex:BotGrammarSlotTypeSetting": { + "type": "object", + "properties": { + "source": { + "$ref": "#/types/aws-native:lex:BotGrammarSlotTypeSource", + "description": "The source of the grammar used to create the slot type." + } + } + }, + "aws-native:lex:BotGrammarSlotTypeSource": { + "type": "object", + "properties": { + "kmsKeyArn": { + "type": "string", + "description": "The Amazon KMS key required to decrypt the contents of the grammar, if any." + }, + "s3BucketName": { + "type": "string", + "description": "The name of the S3 bucket that contains the grammar source." + }, + "s3ObjectKey": { + "type": "string", + "description": "The path to the grammar in the S3 bucket." + } + }, + "irreversibleNames": { + "s3BucketName": "S3BucketName", + "s3ObjectKey": "S3ObjectKey" + } + }, + "aws-native:lex:BotImageResponseCard": { + "type": "object", + "properties": { + "buttons": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotButton" + }, + "description": "A list of buttons that should be displayed on the response card." + }, + "imageUrl": { + "type": "string", + "description": "The URL of an image to display on the response card." + }, + "subtitle": { + "type": "string", + "description": "The subtitle to display on the response card." + }, + "title": { + "type": "string", + "description": "The title to display on the response card." + } + } + }, + "aws-native:lex:BotInitialResponseSetting": { + "type": "object", + "properties": { + "codeHook": { + "$ref": "#/types/aws-native:lex:BotDialogCodeHookInvocationSetting", + "description": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation." + }, + "conditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition." + }, + "initialResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + }, + "nextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "The next step in the conversation." + } + } + }, + "aws-native:lex:BotInputContext": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the context." + } + } + }, + "aws-native:lex:BotIntent": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Description of thr intent." + }, + "dialogCodeHook": { + "$ref": "#/types/aws-native:lex:BotDialogCodeHookSetting", + "description": "Specifies that Amazon Lex invokes the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction." + }, + "fulfillmentCodeHook": { + "$ref": "#/types/aws-native:lex:BotFulfillmentCodeHookSetting", + "description": "Specifies that Amazon Lex invokes the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user." + }, + "initialResponseSetting": { + "$ref": "#/types/aws-native:lex:BotInitialResponseSetting", + "description": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots." + }, + "inputContexts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotInputContext" + }, + "description": "A list of contexts that must be active for this intent to be considered by Amazon Lex ." + }, + "intentClosingSetting": { + "$ref": "#/types/aws-native:lex:BotIntentClosingSetting", + "description": "Sets the response that Amazon Lex sends to the user when the intent is closed." + }, + "intentConfirmationSetting": { + "$ref": "#/types/aws-native:lex:BotIntentConfirmationSetting", + "description": "Provides prompts that Amazon Lex sends to the user to confirm the completion of an intent. If the user answers \"no,\" the settings contain a statement that is sent to the user to end the intent." + }, + "kendraConfiguration": { + "$ref": "#/types/aws-native:lex:BotKendraConfiguration", + "description": "Provides configuration information for the `AMAZON.KendraSearchIntent` intent. When you use this intent, Amazon Lex searches the specified Amazon Kendra index and returns documents from the index that match the user's utterance." + }, + "name": { + "type": "string", + "description": "The name of the intent." + }, + "outputContexts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotOutputContext" + }, + "description": "A list of contexts that the intent activates when it is fulfilled." + }, + "parentIntentSignature": { + "type": "string", + "description": "A unique identifier for the built-in intent to base this intent on." + }, + "sampleUtterances": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotSampleUtterance" + }, + "description": "A sample utterance that invokes an intent or respond to a slot elicitation prompt." + }, + "slotPriorities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotSlotPriority" + }, + "description": "Indicates the priority for slots. Amazon Lex prompts the user for slot values in priority order." + }, + "slots": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotSlot" + }, + "description": "List of slots" + } + } + }, + "aws-native:lex:BotIntentClosingSetting": { + "type": "object", + "properties": { + "closingResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "The response that Amazon Lex sends to the user when the intent is complete." + }, + "conditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "A list of conditional branches associated with the intent's closing response. These branches are executed when the nextStep attribute is set to EvalutateConditional." + }, + "isActive": { + "type": "boolean", + "description": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the active field isn't specified, the default is true." + }, + "nextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "Specifies the next step that the bot executes after playing the intent's closing response." + } + } + }, + "aws-native:lex:BotIntentConfirmationSetting": { + "type": "object", + "properties": { + "codeHook": { + "$ref": "#/types/aws-native:lex:BotDialogCodeHookInvocationSetting", + "description": "The DialogCodeHookInvocationSetting object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is InvokeDialogCodeHook." + }, + "confirmationConditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "A list of conditional branches to evaluate after the intent is closed." + }, + "confirmationNextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "Specifies the next step that the bot executes when the customer confirms the intent." + }, + "confirmationResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + }, + "declinationConditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "A list of conditional branches to evaluate after the intent is declined." + }, + "declinationNextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "Specifies the next step that the bot executes when the customer declines the intent." + }, + "declinationResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "When the user answers \"no\" to the question defined in promptSpecification, Amazon Lex responds with this response to acknowledge that the intent was canceled." + }, + "elicitationCodeHook": { + "$ref": "#/types/aws-native:lex:BotElicitationCodeHookInvocationSetting", + "description": "The DialogCodeHookInvocationSetting used when the code hook is invoked during confirmation prompt retries." + }, + "failureConditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition." + }, + "failureNextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "The next step to take in the conversation if the confirmation step fails." + }, + "failureResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + }, + "isActive": { + "type": "boolean", + "description": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the active field isn't specified, the default is true." + }, + "promptSpecification": { + "$ref": "#/types/aws-native:lex:BotPromptSpecification", + "description": "Prompts the user to confirm the intent. This question should have a yes or no answer." + } + } + }, + "aws-native:lex:BotIntentOverride": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the intent. Only required when you're switching intents." + }, + "slots": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotSlotValueOverrideMap" + }, + "description": "A map of all of the slot value overrides for the intent." + } + } + }, + "aws-native:lex:BotKendraConfiguration": { + "type": "object", + "properties": { + "kendraIndex": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the `AMAZON.KendraSearchIntent` intent to search. The index must be in the same account and Region as the Amazon Lex bot." + }, + "queryFilterString": { + "type": "string", + "description": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html) ." + }, + "queryFilterStringEnabled": { + "type": "boolean", + "description": "Determines whether the AMAZON.KendraSearchIntent intent uses a custom query string to query the Amazon Kendra index." + } + } + }, + "aws-native:lex:BotLambdaCodeHook": { + "type": "object", + "properties": { + "codeHookInterfaceVersion": { + "type": "string", + "description": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function." + }, + "lambdaArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Lambda function." + } + } + }, + "aws-native:lex:BotLocale": { + "type": "object", + "properties": { + "customVocabulary": { + "$ref": "#/types/aws-native:lex:BotCustomVocabulary", + "description": "Specifies a custom vocabulary to use with a specific locale." + }, + "description": { + "type": "string", + "description": "A description of the bot locale. Use this to help identify the bot locale in lists." + }, + "intents": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotIntent" + }, + "description": "List of intents" + }, + "localeId": { + "type": "string", + "description": "The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales." + }, + "nluConfidenceThreshold": { + "type": "number", + "description": "Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot." + }, + "slotTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotSlotType" + }, + "description": "List of SlotTypes" + }, + "voiceSettings": { + "$ref": "#/types/aws-native:lex:BotVoiceSettings", + "description": "Defines settings for using an Amazon Polly voice to communicate with a user." + } + } + }, + "aws-native:lex:BotMessage": { + "type": "object", + "properties": { + "customPayload": { + "$ref": "#/types/aws-native:lex:BotCustomPayload" + }, + "imageResponseCard": { + "$ref": "#/types/aws-native:lex:BotImageResponseCard" + }, + "plainTextMessage": { + "$ref": "#/types/aws-native:lex:BotPlainTextMessage" + }, + "ssmlMessage": { + "$ref": "#/types/aws-native:lex:BotSsmlMessage" + } + }, + "irreversibleNames": { + "ssmlMessage": "SSMLMessage" + } + }, + "aws-native:lex:BotMessageGroup": { + "type": "object", + "properties": { + "message": { + "$ref": "#/types/aws-native:lex:BotMessage" + }, + "variations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotMessage" + }, + "description": "Message variations to send to the user." + } + } + }, + "aws-native:lex:BotMessageSelectionStrategy": { + "type": "string" + }, + "aws-native:lex:BotMultipleValuesSetting": { + "type": "object", + "properties": { + "allowMultipleValues": { + "type": "boolean", + "description": "Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value.\n\nMulti-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` .\n\nIf the `allowMutlipleValues` is not set, the default value is `false` ." + } + } + }, + "aws-native:lex:BotObfuscationSetting": { + "type": "object", + "properties": { + "obfuscationSettingType": { + "$ref": "#/types/aws-native:lex:BotObfuscationSettingObfuscationSettingType", + "description": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values." + } + } + }, + "aws-native:lex:BotObfuscationSettingObfuscationSettingType": { + "type": "string" + }, + "aws-native:lex:BotOutputContext": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "timeToLiveInSeconds": { + "type": "integer" + }, + "turnsToLive": { + "type": "integer" + } + } + }, + "aws-native:lex:BotPlainTextMessage": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "The message to send to the user." + } + } + }, + "aws-native:lex:BotPostDialogCodeHookInvocationSpecification": { + "type": "object", + "properties": { + "failureConditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed." + }, + "failureNextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed." + }, + "failureResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + }, + "successConditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "A list of conditional branches to evaluate after the dialog code hook finishes successfully." + }, + "successNextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "Specifics the next step the bot runs after the dialog code hook finishes successfully." + }, + "successResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + }, + "timeoutConditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "A list of conditional branches to evaluate if the code hook times out." + }, + "timeoutNextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "Specifies the next step that the bot runs when the code hook times out." + }, + "timeoutResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + } + } + }, + "aws-native:lex:BotPostFulfillmentStatusSpecification": { + "type": "object", + "properties": { + "failureConditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the State field of the Intent object set to Failed." + }, + "failureNextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the State field of the Intent object set to Failed." + }, + "failureResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + }, + "successConditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully." + }, + "successNextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully." + }, + "successResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + }, + "timeoutConditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "A list of conditional branches to evaluate if the fulfillment code hook times out." + }, + "timeoutNextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "Specifies the next step that the bot runs when the fulfillment code hook times out." + }, + "timeoutResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + } + } + }, + "aws-native:lex:BotPromptAttemptSpecification": { + "type": "object", + "properties": { + "allowInterrupt": { + "type": "boolean", + "description": "Indicates whether the user can interrupt a speech prompt attempt from the bot." + }, + "allowedInputTypes": { + "$ref": "#/types/aws-native:lex:BotAllowedInputTypes" + }, + "audioAndDtmfInputSpecification": { + "$ref": "#/types/aws-native:lex:BotAudioAndDtmfInputSpecification" + }, + "textInputSpecification": { + "$ref": "#/types/aws-native:lex:BotTextInputSpecification" + } + }, + "irreversibleNames": { + "audioAndDtmfInputSpecification": "AudioAndDTMFInputSpecification" + } + }, + "aws-native:lex:BotPromptSpecification": { + "type": "object", + "properties": { + "allowInterrupt": { + "type": "boolean", + "description": "Indicates whether the user can interrupt a speech prompt from the bot." + }, + "maxRetries": { + "type": "integer", + "description": "The maximum number of times the bot tries to elicit a response from the user using this prompt." + }, + "messageGroupsList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotMessageGroup" + }, + "description": "A collection of messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime." + }, + "messageSelectionStrategy": { + "$ref": "#/types/aws-native:lex:BotMessageSelectionStrategy", + "description": "Indicates how a message is selected from a message group among retries." + }, + "promptAttemptsSpecification": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:lex:BotPromptAttemptSpecification" + }, + "description": "Specifies the advanced settings on each attempt of the prompt." + } + } + }, + "aws-native:lex:BotResponseSpecification": { + "type": "object", + "properties": { + "allowInterrupt": { + "type": "boolean", + "description": "Indicates whether the user can interrupt a speech prompt from the bot." + }, + "messageGroupsList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotMessageGroup" + }, + "description": "A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime." + } + } + }, + "aws-native:lex:BotS3BucketLogDestination": { + "type": "object", + "properties": { + "kmsKeyArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an S3 bucket." + }, + "logPrefix": { + "type": "string", + "description": "The Amazon S3 key of the deployment package." + }, + "s3BucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored." + } + }, + "irreversibleNames": { + "s3BucketArn": "S3BucketArn" + } + }, + "aws-native:lex:BotS3Location": { + "type": "object", + "properties": { + "s3Bucket": { + "type": "string", + "description": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account." + }, + "s3ObjectKey": { + "type": "string", + "description": "The Amazon S3 key of the deployment package." + }, + "s3ObjectVersion": { + "type": "string", + "description": "For versioned objects, the version of the deployment package object to use. If not specified, the current object version will be used." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3ObjectKey": "S3ObjectKey", + "s3ObjectVersion": "S3ObjectVersion" + } + }, + "aws-native:lex:BotSampleUtterance": { + "type": "object", + "properties": { + "utterance": { + "type": "string" + } + } + }, + "aws-native:lex:BotSampleValue": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "The value that can be used for a slot type." + } + } + }, + "aws-native:lex:BotSessionAttribute": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name of the session attribute." + }, + "value": { + "type": "string", + "description": "The session-specific context information for the session attribute." + } + } + }, + "aws-native:lex:BotSlot": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The description of the slot." + }, + "multipleValuesSetting": { + "$ref": "#/types/aws-native:lex:BotMultipleValuesSetting", + "description": "Indicates whether a slot can return multiple values." + }, + "name": { + "type": "string", + "description": "The name given to the slot." + }, + "obfuscationSetting": { + "$ref": "#/types/aws-native:lex:BotObfuscationSetting", + "description": "Determines whether the contents of the slot are obfuscated in Amazon CloudWatch Logs logs. Use obfuscated slots to protect information such as personally identifiable information (PII) in logs." + }, + "slotTypeName": { + "type": "string", + "description": "The name of the slot type that this slot is based on. The slot type defines the acceptable values for the slot." + }, + "valueElicitationSetting": { + "$ref": "#/types/aws-native:lex:BotSlotValueElicitationSetting", + "description": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- ORIGINAL_VALUE - Returns the value entered by the user, if the user value is similar to a slot value.\n- TOP_RESOLUTION - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` ." + } + } + }, + "aws-native:lex:BotSlotCaptureSetting": { + "type": "object", + "properties": { + "captureConditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "A list of conditional branches to evaluate after the slot value is captured." + }, + "captureNextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out." + }, + "captureResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + }, + "codeHook": { + "$ref": "#/types/aws-native:lex:BotDialogCodeHookInvocationSetting", + "description": "Code hook called after Amazon Lex successfully captures a slot value." + }, + "elicitationCodeHook": { + "$ref": "#/types/aws-native:lex:BotElicitationCodeHookInvocationSetting", + "description": "Code hook called when Amazon Lex doesn't capture a slot value." + }, + "failureConditional": { + "$ref": "#/types/aws-native:lex:BotConditionalSpecification", + "description": "A list of conditional branches to evaluate when the slot value isn't captured." + }, + "failureNextStep": { + "$ref": "#/types/aws-native:lex:BotDialogState", + "description": "Specifies the next step that the bot runs when the slot value code is not recognized." + }, + "failureResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input." + } + } + }, + "aws-native:lex:BotSlotConstraint": { + "type": "string" + }, + "aws-native:lex:BotSlotDefaultValue": { + "type": "object", + "properties": { + "defaultValue": { + "type": "string", + "description": "The default value to use when a user doesn't provide a value for a slot." + } + } + }, + "aws-native:lex:BotSlotDefaultValueSpecification": { + "type": "object", + "properties": { + "defaultValueList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotSlotDefaultValue" + }, + "description": "A list of slot default values" + } + } + }, + "aws-native:lex:BotSlotPriority": { + "type": "object", + "properties": { + "priority": { + "type": "integer" + }, + "slotName": { + "type": "string", + "description": "The name of the slot." + } + } + }, + "aws-native:lex:BotSlotShape": { + "type": "string" + }, + "aws-native:lex:BotSlotType": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "A description of the slot type. Use the description to help identify the slot type in lists." + }, + "externalSourceSetting": { + "$ref": "#/types/aws-native:lex:BotExternalSourceSetting", + "description": "Sets the type of external information used to create the slot type." + }, + "name": { + "type": "string", + "description": "The name of the slot type. A slot type name must be unique withing the account." + }, + "parentSlotTypeSignature": { + "type": "string", + "description": "The built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent lot type.\n\nOnly `AMAZON.AlphaNumeric` is supported." + }, + "slotTypeValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotSlotTypeValue" + }, + "description": "A list of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for the slot." + }, + "valueSelectionSetting": { + "$ref": "#/types/aws-native:lex:BotSlotValueSelectionSetting", + "description": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` ." + } + } + }, + "aws-native:lex:BotSlotTypeValue": { + "type": "object", + "properties": { + "sampleValue": { + "$ref": "#/types/aws-native:lex:BotSampleValue" + }, + "synonyms": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotSampleValue" + } + } + } + }, + "aws-native:lex:BotSlotValue": { + "type": "object", + "properties": { + "interpretedValue": { + "type": "string", + "description": "The value that Amazon Lex determines for the slot." + } + } + }, + "aws-native:lex:BotSlotValueElicitationSetting": { + "type": "object", + "properties": { + "defaultValueSpecification": { + "$ref": "#/types/aws-native:lex:BotSlotDefaultValueSpecification", + "description": "A list of default values for a slot." + }, + "promptSpecification": { + "$ref": "#/types/aws-native:lex:BotPromptSpecification", + "description": "The prompt that Amazon Lex uses to elicit the slot value from the user." + }, + "sampleUtterances": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotSampleUtterance" + }, + "description": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy." + }, + "slotCaptureSetting": { + "$ref": "#/types/aws-native:lex:BotSlotCaptureSetting", + "description": "Specifies the next stage in the conversation after capturing the slot." + }, + "slotConstraint": { + "$ref": "#/types/aws-native:lex:BotSlotConstraint", + "description": "Specifies whether the slot is required or optional." + }, + "waitAndContinueSpecification": { + "$ref": "#/types/aws-native:lex:BotWaitAndContinueSpecification", + "description": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input." + } + } + }, + "aws-native:lex:BotSlotValueOverride": { + "type": "object", + "properties": { + "shape": { + "$ref": "#/types/aws-native:lex:BotSlotShape", + "description": "When the shape value is List, it indicates that the values field contains a list of slot values. When the value is Scalar, it indicates that the value field contains a single value." + }, + "value": { + "$ref": "#/types/aws-native:lex:BotSlotValue", + "description": "The current value of the slot." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotSlotValueOverride" + }, + "description": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\"" + } + } + }, + "aws-native:lex:BotSlotValueOverrideMap": { + "type": "object", + "properties": { + "slotName": { + "type": "string", + "description": "The name of the slot." + }, + "slotValueOverride": { + "$ref": "#/types/aws-native:lex:BotSlotValueOverride", + "description": "The SlotValueOverride object to which the slot name will be mapped." + } + } + }, + "aws-native:lex:BotSlotValueRegexFilter": { + "type": "object", + "properties": { + "pattern": { + "type": "string", + "description": "Regex pattern" + } + } + }, + "aws-native:lex:BotSlotValueResolutionStrategy": { + "type": "string" + }, + "aws-native:lex:BotSlotValueSelectionSetting": { + "type": "object", + "properties": { + "advancedRecognitionSetting": { + "$ref": "#/types/aws-native:lex:BotAdvancedRecognitionSetting", + "description": "Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances." + }, + "regexFilter": { + "$ref": "#/types/aws-native:lex:BotSlotValueRegexFilter", + "description": "A regular expression used to validate the value of a slot." + }, + "resolutionStrategy": { + "$ref": "#/types/aws-native:lex:BotSlotValueResolutionStrategy", + "description": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` ." + } + } + }, + "aws-native:lex:BotSsmlMessage": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "The SSML text that defines the prompt." + } + } + }, + "aws-native:lex:BotStillWaitingResponseSpecification": { + "type": "object", + "properties": { + "allowInterrupt": { + "type": "boolean", + "description": "Indicates whether the user can interrupt a speech prompt from the bot." + }, + "frequencyInSeconds": { + "type": "integer", + "description": "How often a message should be sent to the user. Minimum of 1 second, maximum of 5 minutes." + }, + "messageGroupsList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotMessageGroup" + }, + "description": "One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user." + }, + "timeoutInSeconds": { + "type": "integer", + "description": "If Amazon Lex waits longer than this length of time for a response, it will stop sending messages." + } + } + }, + "aws-native:lex:BotTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:lex:BotTestBotAliasSettings": { + "type": "object", + "properties": { + "botAliasLocaleSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lex:BotAliasLocaleSettingsItem" + }, + "description": "Specifies settings that are unique to a locale. For example, you can use a different Lambda function depending on the bot's locale." + }, + "conversationLogSettings": { + "$ref": "#/types/aws-native:lex:BotConversationLogSettings", + "description": "Specifies settings for conversation logs that save audio, text, and metadata information for conversations with your users." + }, + "description": { + "type": "string", + "description": "Specifies a description for the test bot alias." + }, + "sentimentAnalysisSettings": { + "$ref": "#/types/aws-native:lex:BotTestBotAliasSettingsSentimentAnalysisSettingsProperties", + "description": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances." + } + } + }, + "aws-native:lex:BotTestBotAliasSettingsSentimentAnalysisSettingsProperties": { + "type": "object", + "properties": { + "detectSentiment": { + "type": "boolean", + "description": "Enable to call Amazon Comprehend for Sentiment natively within Lex" + } + } + }, + "aws-native:lex:BotTextInputSpecification": { + "type": "object", + "properties": { + "startTimeoutMs": { + "type": "integer", + "description": "Time for which a bot waits before re-prompting a customer for text input." + } + } + }, + "aws-native:lex:BotTextLogDestination": { + "type": "object", + "properties": { + "cloudWatch": { + "$ref": "#/types/aws-native:lex:BotCloudWatchLogGroupLogDestination" + } + } + }, + "aws-native:lex:BotTextLogSetting": { + "type": "object", + "properties": { + "destination": { + "$ref": "#/types/aws-native:lex:BotTextLogDestination" + }, + "enabled": { + "type": "boolean" + } + } + }, + "aws-native:lex:BotVersionLocaleDetails": { + "type": "object", + "properties": { + "sourceBotVersion": { + "type": "string" + } + } + }, + "aws-native:lex:BotVersionLocaleSpecification": { + "type": "object", + "properties": { + "botVersionLocaleDetails": { + "$ref": "#/types/aws-native:lex:BotVersionLocaleDetails" + }, + "localeId": { + "type": "string" + } + } + }, + "aws-native:lex:BotVoiceSettings": { + "type": "object", + "properties": { + "engine": { + "$ref": "#/types/aws-native:lex:BotVoiceSettingsEngine", + "description": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the engine parameter of the SynthesizeSpeech operation in the Amazon Polly developer guide." + }, + "voiceId": { + "type": "string", + "description": "The Amazon Polly voice ID that Amazon Lex uses for voice interaction with the user." + } + } + }, + "aws-native:lex:BotVoiceSettingsEngine": { + "type": "string" + }, + "aws-native:lex:BotWaitAndContinueSpecification": { + "type": "object", + "properties": { + "continueResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation." + }, + "isActive": { + "type": "boolean", + "description": "Specifies whether the bot will wait for a user to respond." + }, + "stillWaitingResponse": { + "$ref": "#/types/aws-native:lex:BotStillWaitingResponseSpecification", + "description": "The response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user." + }, + "waitingResponse": { + "$ref": "#/types/aws-native:lex:BotResponseSpecification", + "description": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue." + } + } + }, + "aws-native:lex:DataPrivacyProperties": { + "type": "object", + "properties": { + "childDirected": { + "type": "boolean", + "description": "For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying `true` or `false` in the `childDirected` field. By specifying `true` in the `childDirected` field, you confirm that your use of Amazon Lex *is* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. By specifying `false` in the `childDirected` field, you confirm that your use of Amazon Lex *is not* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. You may not specify a default value for the `childDirected` field that does not accurately reflect whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. If your use of Amazon Lex relates to a website, program, or other application that is directed in whole or in part, to children under age 13, you must obtain any required verifiable parental consent under COPPA. For information regarding the use of Amazon Lex in connection with websites, programs, or other applications that are directed or targeted, in whole or in part, to children under age 13, see the [Amazon Lex FAQ](https://docs.aws.amazon.com/lex/faqs#data-security) ." + } + } + }, + "aws-native:lex:ResourcePolicyPolicy": { + "type": "object" + }, + "aws-native:lex:SentimentAnalysisSettingsProperties": { + "type": "object", + "properties": { + "detectSentiment": { + "type": "boolean", + "description": "Enable to call Amazon Comprehend for Sentiment natively within Lex" + } + } + }, + "aws-native:licensemanager:LicenseBorrowConfiguration": { + "type": "object", + "properties": { + "allowEarlyCheckIn": { + "type": "boolean", + "description": "Indicates whether early check-ins are allowed." + }, + "maxTimeToLiveInMinutes": { + "type": "integer", + "description": "Maximum time for the borrow configuration, in minutes." + } + } + }, + "aws-native:licensemanager:LicenseConsumptionConfiguration": { + "type": "object", + "properties": { + "borrowConfiguration": { + "$ref": "#/types/aws-native:licensemanager:LicenseBorrowConfiguration", + "description": "Details about a borrow configuration." + }, + "provisionalConfiguration": { + "$ref": "#/types/aws-native:licensemanager:LicenseProvisionalConfiguration", + "description": "Details about a provisional configuration." + }, + "renewType": { + "type": "string", + "description": "Renewal frequency." + } + } + }, + "aws-native:licensemanager:LicenseEntitlement": { + "type": "object", + "properties": { + "allowCheckIn": { + "type": "boolean", + "description": "Indicates whether check-ins are allowed." + }, + "maxCount": { + "type": "integer", + "description": "Maximum entitlement count. Use if the unit is not None." + }, + "name": { + "type": "string", + "description": "Entitlement name." + }, + "overage": { + "type": "boolean", + "description": "Indicates whether overages are allowed." + }, + "unit": { + "type": "string", + "description": "Entitlement unit." + }, + "value": { + "type": "string", + "description": "Entitlement resource. Use only if the unit is None." + } + } + }, + "aws-native:licensemanager:LicenseIssuerData": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Issuer name." + }, + "signKey": { + "type": "string", + "description": "Asymmetric KMS key from AWS Key Management Service . The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm." + } + } + }, + "aws-native:licensemanager:LicenseMetadata": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The key name." + }, + "value": { + "type": "string", + "description": "The value." + } + } + }, + "aws-native:licensemanager:LicenseProvisionalConfiguration": { + "type": "object", + "properties": { + "maxTimeToLiveInMinutes": { + "type": "integer", + "description": "Maximum time for the provisional configuration, in minutes." + } + } + }, + "aws-native:licensemanager:LicenseValidityDateFormat": { + "type": "object", + "properties": { + "begin": { + "type": "string", + "description": "Validity begin date for the license." + }, + "end": { + "type": "string", + "description": "Validity begin date for the license." + } + } + }, + "aws-native:lightsail:BucketAccessRules": { + "type": "object", + "properties": { + "allowPublicOverrides": { + "type": "boolean", + "description": "A Boolean value that indicates whether the access control list (ACL) permissions that are applied to individual objects override the getObject option that is currently specified." + }, + "getObject": { + "type": "string", + "description": "Specifies the anonymous access to all objects in a bucket." + } + } + }, + "aws-native:lightsail:BucketTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:lightsail:CertificateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:lightsail:Container": { + "type": "object", + "properties": { + "command": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The launch command for the container." + }, + "containerName": { + "type": "string", + "description": "The name of the container." + }, + "environment": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:ContainerEnvironmentVariable" + }, + "description": "The environment variables of the container." + }, + "image": { + "type": "string", + "description": "The name of the image used for the container." + }, + "ports": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:ContainerPortInfo" + }, + "description": "The open firewall ports of the container." + } + } + }, + "aws-native:lightsail:ContainerEnvironmentVariable": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "The environment variable value." + }, + "variable": { + "type": "string", + "description": "The environment variable key." + } + } + }, + "aws-native:lightsail:ContainerHealthCheckConfig": { + "type": "object", + "properties": { + "healthyThreshold": { + "type": "integer", + "description": "The number of consecutive health checks successes required before moving the container to the Healthy state. The default value is 2." + }, + "intervalSeconds": { + "type": "integer", + "description": "The approximate interval, in seconds, between health checks of an individual container. You can specify between 5 and 300 seconds. The default value is 5." + }, + "path": { + "type": "string", + "description": "The path on the container on which to perform the health check. The default value is /." + }, + "successCodes": { + "type": "string", + "description": "The HTTP codes to use when checking for a successful response from a container. You can specify values between 200 and 499. You can specify multiple values (for example, 200,202) or a range of values (for example, 200-299)." + }, + "timeoutSeconds": { + "type": "integer", + "description": "The amount of time, in seconds, during which no response means a failed health check. You can specify between 2 and 60 seconds. The default value is 2." + }, + "unhealthyThreshold": { + "type": "integer", + "description": "The number of consecutive health check failures required before moving the container to the Unhealthy state. The default value is 2." + } + } + }, + "aws-native:lightsail:ContainerPortInfo": { + "type": "object", + "properties": { + "port": { + "type": "string", + "description": "The open firewall ports of the container." + }, + "protocol": { + "type": "string", + "description": "The protocol name for the open ports.\n\n*Allowed values* : `HTTP` | `HTTPS` | `TCP` | `UDP`" + } + } + }, + "aws-native:lightsail:ContainerPrivateRegistryAccess": { + "type": "object", + "properties": { + "ecrImagePullerRole": { + "$ref": "#/types/aws-native:lightsail:ContainerPrivateRegistryAccessEcrImagePullerRoleProperties", + "description": "An object to describe a request to activate or deactivate the role that you can use to grant an Amazon Lightsail container service access to Amazon Elastic Container Registry (Amazon ECR) private repositories." + } + } + }, + "aws-native:lightsail:ContainerPrivateRegistryAccessEcrImagePullerRoleProperties": { + "type": "object", + "properties": { + "isActive": { + "type": "boolean", + "description": "A Boolean value that indicates whether to activate the role." + }, + "principalArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the role, if it is activated." + } + } + }, + "aws-native:lightsail:ContainerPublicDomainName": { + "type": "object", + "properties": { + "certificateName": { + "type": "string", + "description": "The name of the certificate for the public domains." + }, + "domainNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An object that describes the configuration for the containers of the deployment." + } + } + }, + "aws-native:lightsail:ContainerPublicEndpoint": { + "type": "object", + "properties": { + "containerName": { + "type": "string", + "description": "The name of the container for the endpoint." + }, + "containerPort": { + "type": "integer", + "description": "The port of the container to which traffic is forwarded to." + }, + "healthCheckConfig": { + "$ref": "#/types/aws-native:lightsail:ContainerHealthCheckConfig", + "description": "An object that describes the health check configuration of the container." + } + } + }, + "aws-native:lightsail:ContainerServiceDeployment": { + "type": "object", + "properties": { + "containers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:Container" + }, + "description": "An object that describes the configuration for the containers of the deployment." + }, + "publicEndpoint": { + "$ref": "#/types/aws-native:lightsail:ContainerPublicEndpoint", + "description": "An object that describes the endpoint of the deployment." + } + } + }, + "aws-native:lightsail:ContainerTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:lightsail:DatabaseRelationalDatabaseParameter": { + "type": "object", + "properties": { + "allowedValues": { + "type": "string", + "description": "Specifies the valid range of values for the parameter." + }, + "applyMethod": { + "type": "string", + "description": "Indicates when parameter updates are applied. Can be immediate or pending-reboot." + }, + "applyType": { + "type": "string", + "description": "Specifies the engine-specific parameter type." + }, + "dataType": { + "type": "string", + "description": "Specifies the valid data type for the parameter." + }, + "description": { + "type": "string", + "description": "Provides a description of the parameter." + }, + "isModifiable": { + "type": "boolean", + "description": "A Boolean value indicating whether the parameter can be modified." + }, + "parameterName": { + "type": "string", + "description": "Specifies the name of the parameter." + }, + "parameterValue": { + "type": "string", + "description": "Specifies the value of the parameter." + } + } + }, + "aws-native:lightsail:DatabaseTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:lightsail:DiskAddOn": { + "type": "object", + "properties": { + "addOnType": { + "type": "string", + "description": "The add-on type" + }, + "autoSnapshotAddOnRequest": { + "$ref": "#/types/aws-native:lightsail:DiskAutoSnapshotAddOn", + "description": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created." + }, + "status": { + "$ref": "#/types/aws-native:lightsail:DiskAddOnStatus", + "description": "Status of the Addon" + } + } + }, + "aws-native:lightsail:DiskAddOnStatus": { + "type": "string" + }, + "aws-native:lightsail:DiskAutoSnapshotAddOn": { + "type": "object", + "properties": { + "snapshotTimeOfDay": { + "type": "string", + "description": "The daily time when an automatic snapshot will be created." + } + } + }, + "aws-native:lightsail:DiskLocation": { + "type": "object", + "properties": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to create your disk. Use the following format: us-east-2a (case sensitive). Be sure to add the include Availability Zones parameter to your request." + }, + "regionName": { + "type": "string", + "description": "The Region Name in which to create your disk." + } + } + }, + "aws-native:lightsail:DiskTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:lightsail:InstanceAddOn": { + "type": "object", + "properties": { + "addOnType": { + "type": "string", + "description": "The add-on type" + }, + "autoSnapshotAddOnRequest": { + "$ref": "#/types/aws-native:lightsail:InstanceAutoSnapshotAddOn", + "description": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created." + }, + "status": { + "$ref": "#/types/aws-native:lightsail:InstanceAddOnStatus", + "description": "Status of the Addon" + } + } + }, + "aws-native:lightsail:InstanceAddOnStatus": { + "type": "string" + }, + "aws-native:lightsail:InstanceAutoSnapshotAddOn": { + "type": "object", + "properties": { + "snapshotTimeOfDay": { + "type": "string", + "description": "The daily time when an automatic snapshot will be created." + } + } + }, + "aws-native:lightsail:InstanceDisk": { + "type": "object", + "properties": { + "attachedTo": { + "type": "string", + "description": "Instance attached to the disk." + }, + "attachmentState": { + "type": "string", + "description": "Attachment state of the disk." + }, + "diskName": { + "type": "string", + "description": "The names to use for your new Lightsail disk." + }, + "iops": { + "type": "integer", + "description": "IOPS of disk." + }, + "isSystemDisk": { + "type": "boolean", + "description": "Is the Attached disk is the system disk of the Instance." + }, + "path": { + "type": "string", + "description": "Path of the disk attached to the instance." + }, + "sizeInGb": { + "type": "string", + "description": "Size of the disk attached to the Instance." + } + }, + "irreversibleNames": { + "iops": "IOPS" + } + }, + "aws-native:lightsail:InstanceHardware": { + "type": "object", + "properties": { + "cpuCount": { + "type": "integer", + "description": "CPU count of the Instance." + }, + "disks": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:InstanceDisk" + }, + "description": "Disks attached to the Instance." + }, + "ramSizeInGb": { + "type": "integer", + "description": "RAM Size of the Instance." + } + } + }, + "aws-native:lightsail:InstanceLocation": { + "type": "object", + "properties": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone in which to create your instance. Use the following format: us-east-2a (case sensitive). Be sure to add the include Availability Zones parameter to your request." + }, + "regionName": { + "type": "string", + "description": "The Region Name in which to create your instance." + } + } + }, + "aws-native:lightsail:InstanceMonthlyTransfer": { + "type": "object", + "properties": { + "gbPerMonthAllocated": { + "type": "string", + "description": "GbPerMonthAllocated of the Instance." + } + } + }, + "aws-native:lightsail:InstanceNetworking": { + "type": "object", + "properties": { + "monthlyTransfer": { + "$ref": "#/types/aws-native:lightsail:InstanceMonthlyTransfer", + "description": "The monthly amount of data transfer, in GB, allocated for the instance" + }, + "ports": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lightsail:InstancePort" + }, + "description": "Ports to the Instance." + } + } + }, + "aws-native:lightsail:InstancePort": { + "type": "object", + "properties": { + "accessDirection": { + "type": "string", + "description": "Access Direction for Protocol of the Instance(inbound/outbound)." + }, + "accessFrom": { + "type": "string", + "description": "Access From Protocol of the Instance." + }, + "accessType": { + "type": "string", + "description": "Access Type Protocol of the Instance." + }, + "cidrListAliases": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An alias that defines access for a preconfigured range of IP addresses.\n\nThe only alias currently supported is `lightsail-connect` , which allows IP addresses of the browser-based RDP/SSH client in the Lightsail console to connect to your instance." + }, + "cidrs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv4 address, or range of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.\n\n\u003e The `ipv6Cidrs` parameter lists the IPv6 addresses that are allowed to connect to an instance. \n\nExamples:\n\n- To allow the IP address `192.0.2.44` , specify `192.0.2.44` or `192.0.2.44/32` .\n- To allow the IP addresses `192.0.2.0` to `192.0.2.255` , specify `192.0.2.0/24` ." + }, + "commonName": { + "type": "string", + "description": "CommonName for Protocol of the Instance." + }, + "fromPort": { + "type": "integer", + "description": "From Port of the Instance." + }, + "ipv6Cidrs": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IPv6 address, or range of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. Only devices with an IPv6 address can connect to an instance through IPv6; otherwise, IPv4 should be used.\n\n\u003e The `cidrs` parameter lists the IPv4 addresses that are allowed to connect to an instance." + }, + "protocol": { + "type": "string", + "description": "Port Protocol of the Instance." + }, + "toPort": { + "type": "integer", + "description": "To Port of the Instance." + } + } + }, + "aws-native:lightsail:InstanceState": { + "type": "object", + "properties": { + "code": { + "type": "integer", + "description": "Status code of the Instance." + }, + "name": { + "type": "string", + "description": "Status code of the Instance." + } + } + }, + "aws-native:lightsail:InstanceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:lightsail:LoadBalancerTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:location:ApiKeyRestrictions": { + "type": "object", + "properties": { + "allowActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of allowed actions that an API key resource grants permissions to perform. You must have at least one action for each type of resource. For example, if you have a place resource, you must include at least one place action.\n\nThe following are valid values for the actions.\n\n- *Map actions*\n\n- `geo:GetMap*` - Allows all actions needed for map rendering.\n- *Place actions*\n\n- `geo:SearchPlaceIndexForText` - Allows geocoding.\n- `geo:SearchPlaceIndexForPosition` - Allows reverse geocoding.\n- `geo:SearchPlaceIndexForSuggestions` - Allows generating suggestions from text.\n- `geo:GetPlace` - Allows finding a place by place ID.\n- *Route actions*\n\n- `geo:CalculateRoute` - Allows point to point routing.\n- `geo:CalculateRouteMatrix` - Allows calculating a matrix of routes.\n\n\u003e You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `[\"geo:GetMap*\"]` is valid but `[\"geo:GetMapTile\"]` is not. Similarly, you cannot use `[\"geo:SearchPlaceIndexFor*\"]` - you must list each of the Place actions separately." + }, + "allowReferers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An optional list of allowed HTTP referers for which requests must originate from. Requests using this API key from other domains will not be allowed.\n\nRequirements:\n\n- Contain only alphanumeric characters (A–Z, a–z, 0–9) or any symbols in this list `$\\-._+!*`(),;/?:@=\u0026`\n- May contain a percent (%) if followed by 2 hexadecimal digits (A-F, a-f, 0-9); this is used for URL encoding purposes.\n- May contain wildcard characters question mark (?) and asterisk (*).\n\nQuestion mark (?) will replace any single character (including hexadecimal digits).\n\nAsterisk (*) will replace any multiple characters (including multiple hexadecimal digits).\n- No spaces allowed. For example, `https://example.com` ." + }, + "allowResources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of allowed resource ARNs that a API key bearer can perform actions on.\n\n- The ARN must be the correct ARN for a map, place, or route ARN. You may include wildcards in the resource-id to match multiple resources of the same type.\n- The resources must be in the same `partition` , `region` , and `account-id` as the key that is being created.\n- Other than wildcards, you must include the full ARN, including the `arn` , `partition` , `service` , `region` , `account-id` and `resource-id` delimited by colons (:).\n- No spaces allowed, even with wildcards. For example, `arn:aws:geo:region: *account-id* :map/ExampleMap*` .\n\nFor more information about ARN format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) ." + } + } + }, + "aws-native:location:ApiKeyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:location:GeofenceCollectionPricingPlan": { + "type": "string" + }, + "aws-native:location:GeofenceCollectionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:location:MapConfiguration": { + "type": "object", + "properties": { + "customLayers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as the `POI` layer for the VectorEsriNavigation style.\n\n\u003e Currenlty only `VectorEsriNavigation` supports CustomLayers. For more information, see [Custom Layers](https://docs.aws.amazon.com//location/latest/developerguide/map-concepts.html#map-custom-layers) ." + }, + "politicalView": { + "type": "string", + "description": "Specifies the map political view selected from an available data provider." + }, + "style": { + "type": "string", + "description": "Specifies the map style selected from an available data provider.\n\nValid [Esri map styles](https://docs.aws.amazon.com/location/latest/developerguide/esri.html) :\n\n- `VectorEsriDarkGrayCanvas` – The Esri Dark Gray Canvas map style. A vector basemap with a dark gray, neutral background with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `RasterEsriImagery` – The Esri Imagery map style. A raster basemap that provides one meter or better satellite and aerial imagery in many parts of the world and lower resolution satellite imagery worldwide.\n- `VectorEsriLightGrayCanvas` – The Esri Light Gray Canvas map style, which provides a detailed vector basemap with a light gray, neutral background style with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `VectorEsriTopographic` – The Esri Light map style, which provides a detailed vector basemap with a classic Esri map style.\n- `VectorEsriStreets` – The Esri Street Map style, which provides a detailed vector basemap for the world symbolized with a classic Esri street map style. The vector tile layer is similar in content and style to the World Street Map raster map.\n- `VectorEsriNavigation` – The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a custom navigation map style that's designed for use during the day in mobile devices.\n\nValid [HERE Technologies map styles](https://docs.aws.amazon.com/location/latest/developerguide/HERE.html) :\n\n- `VectorHereContrast` – The HERE Contrast (Berlin) map style is a high contrast detailed base map of the world that blends 3D and 2D rendering.\n\n\u003e The `VectorHereContrast` style has been renamed from `VectorHereBerlin` . `VectorHereBerlin` has been deprecated, but will continue to work in applications that use it.\n- `VectorHereExplore` – A default HERE map style containing a neutral, global map and its features including roads, buildings, landmarks, and water features. It also now includes a fully designed map of Japan.\n- `VectorHereExploreTruck` – A global map containing truck restrictions and attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments and icons on top of HERE Explore to support use cases within transport and logistics.\n- `RasterHereExploreSatellite` – A global map containing high resolution satellite imagery.\n- `HybridHereExploreSatellite` – A global map displaying the road network, street names, and city labels over satellite imagery. This style will automatically retrieve both raster and vector tiles, and your charges will be based on total tiles retrieved.\n\n\u003e Hybrid styles use both vector and raster tiles when rendering the map that you see. This means that more tiles are retrieved than when using either vector or raster tiles alone. Your charges will include all tiles retrieved.\n\nValid [GrabMaps map styles](https://docs.aws.amazon.com/location/latest/developerguide/grab.html) :\n\n- `VectorGrabStandardLight` – The Grab Standard Light map style provides a basemap with detailed land use coloring, area names, roads, landmarks, and points of interest covering Southeast Asia.\n- `VectorGrabStandardDark` – The Grab Standard Dark map style provides a dark variation of the standard basemap covering Southeast Asia.\n\n\u003e Grab provides maps only for countries in Southeast Asia, and is only available in the Asia Pacific (Singapore) Region ( `ap-southeast-1` ). For more information, see [GrabMaps countries and area covered](https://docs.aws.amazon.com/location/latest/developerguide/grab.html#grab-coverage-area) . \n\nValid [Open Data map styles](https://docs.aws.amazon.com/location/latest/developerguide/open-data.html) :\n\n- `VectorOpenDataStandardLight` – The Open Data Standard Light map style provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataStandardDark` – Open Data Standard Dark is a dark-themed map style that provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataVisualizationLight` – The Open Data Visualization Light map style is a light-themed style with muted colors and fewer features that aids in understanding overlaid data.\n- `VectorOpenDataVisualizationDark` – The Open Data Visualization Dark map style is a dark-themed style with muted colors and fewer features that aids in understanding overlaid data." + } + } + }, + "aws-native:location:MapPricingPlan": { + "type": "string" + }, + "aws-native:location:MapTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:location:PlaceIndexDataSourceConfiguration": { + "type": "object", + "properties": { + "intendedUse": { + "$ref": "#/types/aws-native:location:PlaceIndexIntendedUse", + "description": "Specifies how the results of an operation will be stored by the caller.\n\nValid values include:\n\n- `SingleUse` specifies that the results won't be stored.\n- `Storage` specifies that the result can be cached or stored in a database.\n\nDefault value: `SingleUse`" + } + } + }, + "aws-native:location:PlaceIndexIntendedUse": { + "type": "string" + }, + "aws-native:location:PlaceIndexPricingPlan": { + "type": "string" + }, + "aws-native:location:PlaceIndexTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:location:RouteCalculatorPricingPlan": { + "type": "string" + }, + "aws-native:location:RouteCalculatorTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:location:TrackerPositionFiltering": { + "type": "string" + }, + "aws-native:location:TrackerPricingPlan": { + "type": "string" + }, + "aws-native:location:TrackerTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:logs:AccountPolicyPolicyType": { + "type": "string" + }, + "aws-native:logs:AccountPolicyScope": { + "type": "string" + }, + "aws-native:logs:DeliveryDestinationDestinationPolicy": { + "type": "object", + "properties": { + "deliveryDestinationName": { + "type": "string", + "description": "The name of the delivery destination to assign this policy to" + }, + "deliveryDestinationPolicy": { + "type": "string", + "description": "The contents of the policy attached to the delivery destination" + } + } + }, + "aws-native:logs:DeliveryDestinationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:logs:DeliverySourceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode" + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode" + } + } + }, + "aws-native:logs:DeliveryTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode" + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode" + } + } + }, + "aws-native:logs:LogAnomalyDetectorEvaluationFrequency": { + "type": "string" + }, + "aws-native:logs:LogGroupClass": { + "type": "string" + }, + "aws-native:logs:LogGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:logs:MetricFilterDimension": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name for the CW metric dimension that the metric filter creates.\n Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:)." + }, + "value": { + "type": "string", + "description": "The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, ``$.eventType`` for JSON log events, or ``$server`` for space-delimited log events." + } + } + }, + "aws-native:logs:MetricFilterMetricTransformation": { + "type": "object", + "properties": { + "defaultValue": { + "type": "number", + "description": "(Optional) The value to emit when a filter pattern does not match a log event. This value can be null." + }, + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:logs:MetricFilterDimension" + }, + "description": "The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.\n Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as ``IPAddress`` or ``requestID`` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric. \n CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.\n You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html)." + }, + "metricName": { + "type": "string", + "description": "The name of the CloudWatch metric." + }, + "metricNamespace": { + "type": "string", + "description": "A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace)." + }, + "metricValue": { + "type": "string", + "description": "The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like ``Error``, specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as ``$.size``." + }, + "unit": { + "$ref": "#/types/aws-native:logs:MetricFilterMetricTransformationUnit", + "description": "The unit to assign to the metric. If you omit this, the unit is set as ``None``." + } + } + }, + "aws-native:logs:MetricFilterMetricTransformationUnit": { + "type": "string" + }, + "aws-native:logs:SubscriptionFilterDistribution": { + "type": "string" + }, + "aws-native:lookoutmetrics:AlertAction": { + "type": "object", + "properties": { + "lambdaConfiguration": { + "$ref": "#/types/aws-native:lookoutmetrics:AlertLambdaConfiguration", + "description": "A configuration for an AWS Lambda channel." + }, + "snsConfiguration": { + "$ref": "#/types/aws-native:lookoutmetrics:AlertSnsConfiguration", + "description": "A configuration for an Amazon SNS channel." + } + }, + "irreversibleNames": { + "snsConfiguration": "SNSConfiguration" + } + }, + "aws-native:lookoutmetrics:AlertLambdaConfiguration": { + "type": "object", + "properties": { + "lambdaArn": { + "type": "string", + "description": "ARN of a Lambda to send alert notifications to." + }, + "roleArn": { + "type": "string", + "description": "ARN of an IAM role that LookoutMetrics should assume to access the Lambda function." + } + } + }, + "aws-native:lookoutmetrics:AlertSnsConfiguration": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "ARN of an IAM role that LookoutMetrics should assume to access the SNS topic." + }, + "snsTopicArn": { + "type": "string", + "description": "ARN of an SNS topic to send alert notifications to." + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorAppFlowConfig": { + "type": "object", + "properties": { + "flowName": { + "type": "string", + "description": "name of the flow." + }, + "roleArn": { + "type": "string", + "description": "An IAM role that gives Amazon Lookout for Metrics permission to access the flow." + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorCloudwatchConfig": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "An IAM role that gives Amazon Lookout for Metrics permission to access data in Amazon CloudWatch." + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorConfig": { + "type": "object", + "properties": { + "anomalyDetectorFrequency": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorFrequency", + "description": "Frequency of anomaly detection" + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorCsvFormatDescriptor": { + "type": "object", + "properties": { + "charset": { + "type": "string", + "description": "The character set in which the source CSV file is written." + }, + "containsHeader": { + "type": "boolean", + "description": "Whether or not the source CSV file contains a header." + }, + "delimiter": { + "type": "string", + "description": "The character used to delimit the source CSV file." + }, + "fileCompression": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorCsvFormatDescriptorFileCompression", + "description": "The level of compression of the source CSV file." + }, + "headerList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the source CSV file's headers, if any." + }, + "quoteSymbol": { + "type": "string", + "description": "The character used as a quote character." + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorCsvFormatDescriptorFileCompression": { + "type": "string" + }, + "aws-native:lookoutmetrics:AnomalyDetectorFileFormatDescriptor": { + "type": "object", + "properties": { + "csvFormatDescriptor": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorCsvFormatDescriptor", + "description": "Contains information about how a source CSV data file should be analyzed." + }, + "jsonFormatDescriptor": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorJsonFormatDescriptor", + "description": "Contains information about how a source JSON data file should be analyzed." + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorFrequency": { + "type": "string" + }, + "aws-native:lookoutmetrics:AnomalyDetectorJsonFormatDescriptor": { + "type": "object", + "properties": { + "charset": { + "type": "string", + "description": "The character set in which the source JSON file is written." + }, + "fileCompression": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorJsonFormatDescriptorFileCompression", + "description": "The level of compression of the source CSV file." + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorJsonFormatDescriptorFileCompression": { + "type": "string" + }, + "aws-native:lookoutmetrics:AnomalyDetectorMetric": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorMetricAggregationFunction", + "description": "Operator used to aggregate metric values" + }, + "metricName": { + "type": "string", + "description": "The name of the metric." + }, + "namespace": { + "type": "string", + "description": "The namespace for the metric." + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorMetricAggregationFunction": { + "type": "string" + }, + "aws-native:lookoutmetrics:AnomalyDetectorMetricSet": { + "type": "object", + "properties": { + "dimensionList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Dimensions for this MetricSet." + }, + "metricList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorMetric" + }, + "description": "Metrics captured by this MetricSet." + }, + "metricSetDescription": { + "type": "string", + "description": "A description for the MetricSet." + }, + "metricSetFrequency": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorMetricSetMetricSetFrequency", + "description": "A frequency period to aggregate the data" + }, + "metricSetName": { + "type": "string", + "description": "The name of the MetricSet." + }, + "metricSource": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorMetricSource", + "description": "Contains information about how the source data should be interpreted." + }, + "offset": { + "type": "integer", + "description": "Offset, in seconds, between the frequency interval and the time at which the metrics are available." + }, + "timestampColumn": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorTimestampColumn", + "description": "Contains information about the column used for tracking time in your source data." + }, + "timezone": { + "type": "string", + "description": "The time zone in which your source data was recorded." + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorMetricSetMetricSetFrequency": { + "type": "string" + }, + "aws-native:lookoutmetrics:AnomalyDetectorMetricSource": { + "type": "object", + "properties": { + "appFlowConfig": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorAppFlowConfig", + "description": "Details about an AppFlow datasource." + }, + "cloudwatchConfig": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorCloudwatchConfig", + "description": "Details about an Amazon CloudWatch monitoring datasource." + }, + "rdsSourceConfig": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorRdsSourceConfig", + "description": "Details about an Amazon Relational Database Service (RDS) datasource." + }, + "redshiftSourceConfig": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorRedshiftSourceConfig", + "description": "Details about an Amazon Redshift database datasource." + }, + "s3SourceConfig": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorS3SourceConfig", + "description": "Contains information about the configuration of the S3 bucket that contains source files." + } + }, + "irreversibleNames": { + "rdsSourceConfig": "RDSSourceConfig", + "s3SourceConfig": "S3SourceConfig" + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorRdsSourceConfig": { + "type": "object", + "properties": { + "databaseHost": { + "type": "string", + "description": "The host name of the database." + }, + "databaseName": { + "type": "string", + "description": "The name of the RDS database." + }, + "databasePort": { + "type": "integer", + "description": "The port number where the database can be accessed." + }, + "dbInstanceIdentifier": { + "type": "string", + "description": "A string identifying the database instance." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the role." + }, + "secretManagerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role." + }, + "tableName": { + "type": "string", + "description": "The name of the table in the database." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorVpcConfiguration", + "description": "An object containing information about the Amazon Virtual Private Cloud (VPC) configuration." + } + }, + "irreversibleNames": { + "dbInstanceIdentifier": "DBInstanceIdentifier" + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorRedshiftSourceConfig": { + "type": "object", + "properties": { + "clusterIdentifier": { + "type": "string", + "description": "A string identifying the Redshift cluster." + }, + "databaseHost": { + "type": "string", + "description": "The name of the database host." + }, + "databaseName": { + "type": "string", + "description": "The Redshift database name." + }, + "databasePort": { + "type": "integer", + "description": "The port number where the database can be accessed." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the role providing access to the database." + }, + "secretManagerArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role." + }, + "tableName": { + "type": "string", + "description": "The table name of the Redshift database." + }, + "vpcConfiguration": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorVpcConfiguration", + "description": "Contains information about the Amazon Virtual Private Cloud (VPC) configuration." + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorS3SourceConfig": { + "type": "object", + "properties": { + "fileFormatDescriptor": { + "$ref": "#/types/aws-native:lookoutmetrics:AnomalyDetectorFileFormatDescriptor", + "description": "Contains information about a source file's formatting." + }, + "historicalDataPathList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of paths to the historical data files." + }, + "roleArn": { + "type": "string", + "description": "The ARN of an IAM role that has read and write access permissions to the source S3 bucket." + }, + "templatedPathList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of templated paths to the source files." + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorTimestampColumn": { + "type": "object", + "properties": { + "columnFormat": { + "type": "string", + "description": "A timestamp format for the timestamps in the dataset" + }, + "columnName": { + "type": "string", + "description": "The name of the timestamp column." + } + } + }, + "aws-native:lookoutmetrics:AnomalyDetectorVpcConfiguration": { + "type": "object", + "properties": { + "securityGroupIdList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of strings containing the list of security groups." + }, + "subnetIdList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of strings containing the Amazon VPC subnet IDs (e.g., `subnet-0bb1c79de3EXAMPLE` ." + } + } + }, + "aws-native:m2:ApplicationDefinition0Properties": { + "type": "object", + "properties": { + "s3Location": { + "type": "string" + } + }, + "irreversibleNames": { + "s3Location": "S3Location" + } + }, + "aws-native:m2:ApplicationDefinition1Properties": { + "type": "object", + "properties": { + "content": { + "type": "string" + } + } + }, + "aws-native:m2:ApplicationEngineType": { + "type": "string" + }, + "aws-native:m2:EnvironmentEngineType": { + "type": "string" + }, + "aws-native:m2:EnvironmentHighAvailabilityConfig": { + "type": "object", + "properties": { + "desiredCapacity": { + "type": "integer", + "description": "The number of instances in a high availability configuration. The minimum possible value is 1 and the maximum is 100." + } + } + }, + "aws-native:m2:EnvironmentStorageConfiguration": { + "type": "object" + }, + "aws-native:macie:AllowListCriteria": { + "type": "object" + }, + "aws-native:macie:AllowListStatus": { + "type": "string" + }, + "aws-native:macie:AllowListTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:macie:CustomDataIdentifierTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:macie:FindingsFilterCriterionAdditionalProperties": { + "type": "object", + "properties": { + "eq": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The value for the specified property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values." + }, + "gt": { + "type": "integer", + "description": "The value for the specified property is greater than the specified value." + }, + "gte": { + "type": "integer", + "description": "The value for the specified property is greater than or equal to the specified value." + }, + "lt": { + "type": "integer", + "description": "The value for the specified property is less than the specified value." + }, + "lte": { + "type": "integer", + "description": "The value for the specified property is less than or equal to the specified value." + }, + "neq": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The value for the specified property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values." + } + } + }, + "aws-native:macie:FindingsFilterFindingCriteria": { + "type": "object", + "properties": { + "criterion": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:macie:FindingsFilterCriterionAdditionalProperties" + }, + "description": "Specifies a condition that defines the property, operator, and one or more values to use to filter the results." + } + } + }, + "aws-native:macie:FindingsFilterFindingFilterAction": { + "type": "string" + }, + "aws-native:macie:FindingsFilterTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag's key." + }, + "value": { + "type": "string", + "description": "The tag's value." + } + } + }, + "aws-native:macie:SessionFindingPublishingFrequency": { + "type": "string" + }, + "aws-native:macie:SessionStatus": { + "type": "string" + }, + "aws-native:mediaconnect:BridgeEgressGatewayBridge": { + "type": "object", + "properties": { + "maxBitrate": { + "type": "integer", + "description": "The maximum expected bitrate of the egress bridge." + } + } + }, + "aws-native:mediaconnect:BridgeFailoverConfig": { + "type": "object", + "properties": { + "failoverMode": { + "$ref": "#/types/aws-native:mediaconnect:BridgeFailoverModeEnum", + "description": "The type of failover you choose for this flow. FAILOVER allows switching between different streams." + }, + "sourcePriority": { + "$ref": "#/types/aws-native:mediaconnect:BridgeSourcePriority", + "description": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams." + }, + "state": { + "$ref": "#/types/aws-native:mediaconnect:BridgeFailoverConfigStateEnum", + "description": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources." + } + } + }, + "aws-native:mediaconnect:BridgeFailoverConfigStateEnum": { + "type": "string" + }, + "aws-native:mediaconnect:BridgeFailoverModeEnum": { + "type": "string" + }, + "aws-native:mediaconnect:BridgeFlowSource": { + "type": "object", + "properties": { + "flowArn": { + "type": "string", + "description": "The ARN of the cloud flow used as a source of this bridge." + }, + "flowVpcInterfaceAttachment": { + "$ref": "#/types/aws-native:mediaconnect:BridgeVpcInterfaceAttachment", + "description": "The name of the VPC interface attachment to use for this source." + }, + "name": { + "type": "string", + "description": "The name of the flow source." + } + } + }, + "aws-native:mediaconnect:BridgeIngressGatewayBridge": { + "type": "object", + "properties": { + "maxBitrate": { + "type": "integer", + "description": "The maximum expected bitrate of the ingress bridge." + }, + "maxOutputs": { + "type": "integer", + "description": "The maximum number of outputs on the ingress bridge." + } + } + }, + "aws-native:mediaconnect:BridgeNetworkOutput": { + "type": "object", + "properties": { + "ipAddress": { + "type": "string", + "description": "The network output IP Address." + }, + "name": { + "type": "string", + "description": "The network output name." + }, + "networkName": { + "type": "string", + "description": "The network output's gateway network name." + }, + "port": { + "type": "integer", + "description": "The network output port." + }, + "protocol": { + "$ref": "#/types/aws-native:mediaconnect:BridgeProtocolEnum", + "description": "The network output protocol." + }, + "ttl": { + "type": "integer", + "description": "The network output TTL." + } + } + }, + "aws-native:mediaconnect:BridgeNetworkSource": { + "type": "object", + "properties": { + "multicastIp": { + "type": "string", + "description": "The network source multicast IP." + }, + "name": { + "type": "string", + "description": "The name of the network source." + }, + "networkName": { + "type": "string", + "description": "The network source's gateway network name." + }, + "port": { + "type": "integer", + "description": "The network source port." + }, + "protocol": { + "$ref": "#/types/aws-native:mediaconnect:BridgeProtocolEnum", + "description": "The network source protocol." + } + } + }, + "aws-native:mediaconnect:BridgeOutput": { + "type": "object", + "properties": { + "networkOutput": { + "$ref": "#/types/aws-native:mediaconnect:BridgeNetworkOutput", + "description": "The output of the bridge. A network output is delivered to your premises." + } + } + }, + "aws-native:mediaconnect:BridgeOutputResourceBridgeNetworkOutput": { + "type": "object", + "properties": { + "ipAddress": { + "type": "string", + "description": "The network output IP Address." + }, + "networkName": { + "type": "string", + "description": "The network output's gateway network name." + }, + "port": { + "type": "integer", + "description": "The network output port." + }, + "protocol": { + "$ref": "#/types/aws-native:mediaconnect:BridgeOutputResourceBridgeNetworkOutputProtocol", + "description": "The network output protocol." + }, + "ttl": { + "type": "integer", + "description": "The network output TTL." + } + } + }, + "aws-native:mediaconnect:BridgeOutputResourceBridgeNetworkOutputProtocol": { + "type": "string" + }, + "aws-native:mediaconnect:BridgeProtocolEnum": { + "type": "string" + }, + "aws-native:mediaconnect:BridgeSource": { + "type": "object", + "properties": { + "flowSource": { + "$ref": "#/types/aws-native:mediaconnect:BridgeFlowSource", + "description": "The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow." + }, + "networkSource": { + "$ref": "#/types/aws-native:mediaconnect:BridgeNetworkSource", + "description": "The source of the bridge. A network source originates at your premises." + } + } + }, + "aws-native:mediaconnect:BridgeSourceBridgeFlowSource": { + "type": "object", + "properties": { + "flowArn": { + "type": "string", + "description": "The ARN of the cloud flow used as a source of this bridge." + }, + "flowVpcInterfaceAttachment": { + "$ref": "#/types/aws-native:mediaconnect:BridgeSourceVpcInterfaceAttachment", + "description": "The name of the VPC interface attachment to use for this source." + } + } + }, + "aws-native:mediaconnect:BridgeSourceBridgeNetworkSource": { + "type": "object", + "properties": { + "multicastIp": { + "type": "string", + "description": "The network source multicast IP." + }, + "networkName": { + "type": "string", + "description": "The network source's gateway network name." + }, + "port": { + "type": "integer", + "description": "The network source port." + }, + "protocol": { + "$ref": "#/types/aws-native:mediaconnect:BridgeSourceProtocolEnum", + "description": "The network source protocol." + } + } + }, + "aws-native:mediaconnect:BridgeSourcePriority": { + "type": "object", + "properties": { + "primarySource": { + "type": "string", + "description": "The name of the source you choose as the primary source for this flow." + } + } + }, + "aws-native:mediaconnect:BridgeSourceProtocolEnum": { + "type": "string" + }, + "aws-native:mediaconnect:BridgeSourceVpcInterfaceAttachment": { + "type": "object", + "properties": { + "vpcInterfaceName": { + "type": "string", + "description": "The name of the VPC interface to use for this resource." + } + } + }, + "aws-native:mediaconnect:BridgeStateEnum": { + "type": "string" + }, + "aws-native:mediaconnect:BridgeVpcInterfaceAttachment": { + "type": "object", + "properties": { + "vpcInterfaceName": { + "type": "string", + "description": "The name of the VPC interface to use for this resource." + } + } + }, + "aws-native:mediaconnect:FlowEncryption": { + "type": "object", + "properties": { + "algorithm": { + "$ref": "#/types/aws-native:mediaconnect:FlowEncryptionAlgorithm", + "description": "The type of algorithm that is used for the encryption (such as aes128, aes192, or aes256)." + }, + "constantInitializationVector": { + "type": "string", + "description": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption." + }, + "deviceId": { + "type": "string", + "description": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption." + }, + "keyType": { + "$ref": "#/types/aws-native:mediaconnect:FlowEncryptionKeyType", + "description": "The type of key that is used for the encryption. If no keyType is provided, the service will use the default setting (static-key)." + }, + "region": { + "type": "string", + "description": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption." + }, + "resourceId": { + "type": "string", + "description": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that you created during setup (when you set up AWS Elemental MediaConnect as a trusted entity)." + }, + "secretArn": { + "type": "string", + "description": " The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption." + }, + "url": { + "type": "string", + "description": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption." + } + } + }, + "aws-native:mediaconnect:FlowEncryptionAlgorithm": { + "type": "string" + }, + "aws-native:mediaconnect:FlowEncryptionKeyType": { + "type": "string" + }, + "aws-native:mediaconnect:FlowEntitlementEncryption": { + "type": "object", + "properties": { + "algorithm": { + "$ref": "#/types/aws-native:mediaconnect:FlowEntitlementEncryptionAlgorithm", + "description": "The type of algorithm that is used for the encryption (such as aes128, aes192, or aes256)." + }, + "constantInitializationVector": { + "type": "string", + "description": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption." + }, + "deviceId": { + "type": "string", + "description": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption." + }, + "keyType": { + "$ref": "#/types/aws-native:mediaconnect:FlowEntitlementEncryptionKeyType", + "description": "The type of key that is used for the encryption. If no keyType is provided, the service will use the default setting (static-key)." + }, + "region": { + "type": "string", + "description": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption." + }, + "resourceId": { + "type": "string", + "description": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that you created during setup (when you set up AWS Elemental MediaConnect as a trusted entity)." + }, + "secretArn": { + "type": "string", + "description": " The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption." + }, + "url": { + "type": "string", + "description": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption." + } + } + }, + "aws-native:mediaconnect:FlowEntitlementEncryptionAlgorithm": { + "type": "string" + }, + "aws-native:mediaconnect:FlowEntitlementEncryptionKeyType": { + "type": "string" + }, + "aws-native:mediaconnect:FlowEntitlementEntitlementStatus": { + "type": "string" + }, + "aws-native:mediaconnect:FlowFailoverConfig": { + "type": "object", + "properties": { + "failoverMode": { + "$ref": "#/types/aws-native:mediaconnect:FlowFailoverConfigFailoverMode", + "description": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams." + }, + "recoveryWindow": { + "type": "integer", + "description": "Search window time to look for dash-7 packets" + }, + "sourcePriority": { + "$ref": "#/types/aws-native:mediaconnect:FlowFailoverConfigSourcePriorityProperties", + "description": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams." + }, + "state": { + "$ref": "#/types/aws-native:mediaconnect:FlowFailoverConfigState", + "description": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources." + } + } + }, + "aws-native:mediaconnect:FlowFailoverConfigFailoverMode": { + "type": "string" + }, + "aws-native:mediaconnect:FlowFailoverConfigSourcePriorityProperties": { + "type": "object", + "properties": { + "primarySource": { + "type": "string", + "description": "The name of the source you choose as the primary source for this flow." + } + } + }, + "aws-native:mediaconnect:FlowFailoverConfigState": { + "type": "string" + }, + "aws-native:mediaconnect:FlowFmtp": { + "type": "object", + "properties": { + "channelOrder": { + "type": "string", + "description": "The format of the audio channel." + }, + "colorimetry": { + "$ref": "#/types/aws-native:mediaconnect:FlowFmtpColorimetry", + "description": "The format used for the representation of color." + }, + "exactFramerate": { + "type": "string", + "description": "The frame rate for the video stream, in frames/second. For example: 60000/1001." + }, + "par": { + "type": "string", + "description": "The pixel aspect ratio (PAR) of the video." + }, + "range": { + "$ref": "#/types/aws-native:mediaconnect:FlowFmtpRange", + "description": "The encoding range of the video." + }, + "scanMode": { + "$ref": "#/types/aws-native:mediaconnect:FlowFmtpScanMode", + "description": "The type of compression that was used to smooth the video's appearance." + }, + "tcs": { + "$ref": "#/types/aws-native:mediaconnect:FlowFmtpTcs", + "description": "The transfer characteristic system (TCS) that is used in the video." + } + } + }, + "aws-native:mediaconnect:FlowFmtpColorimetry": { + "type": "string" + }, + "aws-native:mediaconnect:FlowFmtpRange": { + "type": "string" + }, + "aws-native:mediaconnect:FlowFmtpScanMode": { + "type": "string" + }, + "aws-native:mediaconnect:FlowFmtpTcs": { + "type": "string" + }, + "aws-native:mediaconnect:FlowGatewayBridgeSource": { + "type": "object", + "properties": { + "bridgeArn": { + "type": "string", + "description": "The ARN of the bridge feeding this flow." + }, + "vpcInterfaceAttachment": { + "$ref": "#/types/aws-native:mediaconnect:FlowVpcInterfaceAttachment", + "description": "The name of the VPC interface attachment to use for this bridge source." + } + } + }, + "aws-native:mediaconnect:FlowInputConfiguration": { + "type": "object", + "properties": { + "inputPort": { + "type": "integer", + "description": "The port that the flow listens on for an incoming media stream." + }, + "interface": { + "$ref": "#/types/aws-native:mediaconnect:FlowInterface", + "description": "The VPC interface where the media stream comes in from." + } + } + }, + "aws-native:mediaconnect:FlowInterface": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the VPC interface that you want to use for the media stream associated with the output." + } + } + }, + "aws-native:mediaconnect:FlowMaintenance": { + "type": "object", + "properties": { + "maintenanceDay": { + "$ref": "#/types/aws-native:mediaconnect:FlowMaintenanceMaintenanceDay", + "description": "A day of a week when the maintenance will happen. Use Monday/Tuesday/Wednesday/Thursday/Friday/Saturday/Sunday." + }, + "maintenanceStartHour": { + "type": "string", + "description": "UTC time when the maintenance will happen. Use 24-hour HH:MM format. Minutes must be 00. Example: 13:00. The default value is 02:00." + } + } + }, + "aws-native:mediaconnect:FlowMaintenanceMaintenanceDay": { + "type": "string" + }, + "aws-native:mediaconnect:FlowMediaStream": { + "type": "object", + "properties": { + "attributes": { + "$ref": "#/types/aws-native:mediaconnect:FlowMediaStreamAttributes", + "description": "Attributes that are related to the media stream." + }, + "clockRate": { + "type": "integer", + "description": "The sample rate for the stream. This value in measured in kHz." + }, + "description": { + "type": "string", + "description": "A description that can help you quickly identify what your media stream is used for." + }, + "fmt": { + "type": "integer", + "description": "The format type number (sometimes referred to as RTP payload type) of the media stream. MediaConnect assigns this value to the media stream. For ST 2110 JPEG XS outputs, you need to provide this value to the receiver." + }, + "mediaStreamId": { + "type": "integer", + "description": "A unique identifier for the media stream." + }, + "mediaStreamName": { + "type": "string", + "description": "A name that helps you distinguish one media stream from another." + }, + "mediaStreamType": { + "$ref": "#/types/aws-native:mediaconnect:FlowMediaStreamMediaStreamType", + "description": "The type of media stream." + }, + "videoFormat": { + "$ref": "#/types/aws-native:mediaconnect:FlowMediaStreamVideoFormat", + "description": "The resolution of the video." + } + } + }, + "aws-native:mediaconnect:FlowMediaStreamAttributes": { + "type": "object", + "properties": { + "fmtp": { + "$ref": "#/types/aws-native:mediaconnect:FlowFmtp", + "description": "A set of parameters that define the media stream." + }, + "lang": { + "type": "string", + "description": "The audio language, in a format that is recognized by the receiver." + } + } + }, + "aws-native:mediaconnect:FlowMediaStreamMediaStreamType": { + "type": "string" + }, + "aws-native:mediaconnect:FlowMediaStreamSourceConfiguration": { + "type": "object", + "properties": { + "encodingName": { + "$ref": "#/types/aws-native:mediaconnect:FlowMediaStreamSourceConfigurationEncodingName", + "description": "The format that was used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video, 2110 streams, set the encoding name to raw. For video, JPEG XS streams, set the encoding name to jxsv." + }, + "inputConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:FlowInputConfiguration" + }, + "description": "The media streams that you want to associate with the source." + }, + "mediaStreamName": { + "type": "string", + "description": "A name that helps you distinguish one media stream from another." + } + } + }, + "aws-native:mediaconnect:FlowMediaStreamSourceConfigurationEncodingName": { + "type": "string" + }, + "aws-native:mediaconnect:FlowMediaStreamVideoFormat": { + "type": "string" + }, + "aws-native:mediaconnect:FlowOutputDestinationConfiguration": { + "type": "object", + "properties": { + "destinationIp": { + "type": "string", + "description": "The IP address where contents of the media stream will be sent." + }, + "destinationPort": { + "type": "integer", + "description": "The port to use when the content of the media stream is distributed to the output." + }, + "interface": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputInterface", + "description": "The VPC interface that is used for the media stream associated with the output." + } + } + }, + "aws-native:mediaconnect:FlowOutputEncodingParameters": { + "type": "object", + "properties": { + "compressionFactor": { + "type": "number", + "description": "A value that is used to calculate compression for an output. The bitrate of the output is calculated as follows: Output bitrate = (1 / compressionFactor) * (source bitrate) This property only applies to outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol. Valid values are in the range of 3.0 to 10.0, inclusive." + }, + "encoderProfile": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputEncodingParametersEncoderProfile", + "description": "A setting on the encoder that drives compression settings. This property only applies to video media streams associated with outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol." + } + } + }, + "aws-native:mediaconnect:FlowOutputEncodingParametersEncoderProfile": { + "type": "string" + }, + "aws-native:mediaconnect:FlowOutputEncryption": { + "type": "object", + "properties": { + "algorithm": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputEncryptionAlgorithm", + "description": "The type of algorithm that is used for the encryption (such as aes128, aes192, or aes256)." + }, + "keyType": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputEncryptionKeyType", + "description": "The type of key that is used for the encryption. If no keyType is provided, the service will use the default setting (static-key)." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that you created during setup (when you set up AWS Elemental MediaConnect as a trusted entity)." + }, + "secretArn": { + "type": "string", + "description": " The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption." + } + } + }, + "aws-native:mediaconnect:FlowOutputEncryptionAlgorithm": { + "type": "string" + }, + "aws-native:mediaconnect:FlowOutputEncryptionKeyType": { + "type": "string" + }, + "aws-native:mediaconnect:FlowOutputInterface": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the VPC interface that you want to use for the media stream associated with the output." + } + } + }, + "aws-native:mediaconnect:FlowOutputMediaStreamOutputConfiguration": { + "type": "object", + "properties": { + "destinationConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputDestinationConfiguration" + }, + "description": "The media streams that you want to associate with the output." + }, + "encodingName": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputMediaStreamOutputConfigurationEncodingName", + "description": "The format that will be used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video streams on sources or outputs that use the CDI protocol, set the encoding name to raw. For video streams on sources or outputs that use the ST 2110 JPEG XS protocol, set the encoding name to jxsv." + }, + "encodingParameters": { + "$ref": "#/types/aws-native:mediaconnect:FlowOutputEncodingParameters", + "description": "A collection of parameters that determine how MediaConnect will convert the content. These fields only apply to outputs on flows that have a CDI source." + }, + "mediaStreamName": { + "type": "string", + "description": "A name that helps you distinguish one media stream from another." + } + } + }, + "aws-native:mediaconnect:FlowOutputMediaStreamOutputConfigurationEncodingName": { + "type": "string" + }, + "aws-native:mediaconnect:FlowOutputOutputStatus": { + "type": "string" + }, + "aws-native:mediaconnect:FlowOutputProtocol": { + "type": "string" + }, + "aws-native:mediaconnect:FlowOutputVpcInterfaceAttachment": { + "type": "object", + "properties": { + "vpcInterfaceName": { + "type": "string", + "description": "The name of the VPC interface to use for this output." + } + } + }, + "aws-native:mediaconnect:FlowSource": { + "type": "object", + "properties": { + "decryption": { + "$ref": "#/types/aws-native:mediaconnect:FlowEncryption", + "description": "The type of decryption that is used on the content ingested from this source." + }, + "description": { + "type": "string", + "description": "A description for the source. This value is not used or seen outside of the current AWS Elemental MediaConnect account." + }, + "entitlementArn": { + "type": "string", + "description": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow." + }, + "gatewayBridgeSource": { + "$ref": "#/types/aws-native:mediaconnect:FlowGatewayBridgeSource", + "description": "The source configuration for cloud flows receiving a stream from a bridge." + }, + "ingestIp": { + "type": "string", + "description": "The IP address that the flow will be listening on for incoming content." + }, + "ingestPort": { + "type": "integer", + "description": "The port that the flow will be listening on for incoming content." + }, + "maxBitrate": { + "type": "integer", + "description": "The smoothing max bitrate for RIST, RTP, and RTP-FEC streams." + }, + "maxLatency": { + "type": "integer", + "description": "The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams." + }, + "maxSyncBuffer": { + "type": "integer", + "description": "The size of the buffer (in milliseconds) to use to sync incoming source data." + }, + "mediaStreamSourceConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediaconnect:FlowMediaStreamSourceConfiguration" + }, + "description": "The media stream that is associated with the source, and the parameters for that association." + }, + "minLatency": { + "type": "integer", + "description": "The minimum latency in milliseconds." + }, + "name": { + "type": "string", + "description": "The name of the source.", + "replaceOnChanges": true + }, + "protocol": { + "$ref": "#/types/aws-native:mediaconnect:FlowSourceProtocol", + "description": "The protocol that is used by the source." + }, + "senderControlPort": { + "type": "integer", + "description": "The port that the flow uses to send outbound requests to initiate connection with the sender for fujitsu-qos protocol." + }, + "senderIpAddress": { + "type": "string", + "description": "The IP address that the flow communicates with to initiate connection with the sender for fujitsu-qos protocol." + }, + "sourceArn": { + "type": "string", + "description": "The ARN of the source." + }, + "sourceIngestPort": { + "type": "string", + "description": "The port that the flow will be listening on for incoming content.(ReadOnly)" + }, + "sourceListenerAddress": { + "type": "string", + "description": "Source IP or domain name for SRT-caller protocol." + }, + "sourceListenerPort": { + "type": "integer", + "description": "Source port for SRT-caller protocol." + }, + "streamId": { + "type": "string", + "description": "The stream ID that you want to use for this transport. This parameter applies only to Zixi-based streams." + }, + "vpcInterfaceName": { + "type": "string", + "description": "The name of the VPC Interface this Source is configured with." + }, + "whitelistCidr": { + "type": "string", + "description": "The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16." + } + } + }, + "aws-native:mediaconnect:FlowSourceEncryption": { + "type": "object", + "properties": { + "algorithm": { + "$ref": "#/types/aws-native:mediaconnect:FlowSourceEncryptionAlgorithm", + "description": "The type of algorithm that is used for the encryption (such as aes128, aes192, or aes256)." + }, + "constantInitializationVector": { + "type": "string", + "description": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption." + }, + "deviceId": { + "type": "string", + "description": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption." + }, + "keyType": { + "$ref": "#/types/aws-native:mediaconnect:FlowSourceEncryptionKeyType", + "description": "The type of key that is used for the encryption. If no keyType is provided, the service will use the default setting (static-key)." + }, + "region": { + "type": "string", + "description": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption." + }, + "resourceId": { + "type": "string", + "description": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the role that you created during setup (when you set up AWS Elemental MediaConnect as a trusted entity)." + }, + "secretArn": { + "type": "string", + "description": " The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption." + }, + "url": { + "type": "string", + "description": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption." + } + } + }, + "aws-native:mediaconnect:FlowSourceEncryptionAlgorithm": { + "type": "string" + }, + "aws-native:mediaconnect:FlowSourceEncryptionKeyType": { + "type": "string" + }, + "aws-native:mediaconnect:FlowSourceGatewayBridgeSource": { + "type": "object", + "properties": { + "bridgeArn": { + "type": "string", + "description": "The ARN of the bridge feeding this flow." + }, + "vpcInterfaceAttachment": { + "$ref": "#/types/aws-native:mediaconnect:FlowSourceVpcInterfaceAttachment", + "description": "The name of the VPC interface attachment to use for this bridge source." + } + } + }, + "aws-native:mediaconnect:FlowSourceProtocol": { + "type": "string" + }, + "aws-native:mediaconnect:FlowSourceVpcInterfaceAttachment": { + "type": "object", + "properties": { + "vpcInterfaceName": { + "type": "string", + "description": "The name of the VPC interface to use for this resource." + } + } + }, + "aws-native:mediaconnect:FlowVpcInterface": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Immutable and has to be a unique against other VpcInterfaces in this Flow." + }, + "networkInterfaceIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "IDs of the network interfaces created in customer's account by MediaConnect." + }, + "networkInterfaceType": { + "$ref": "#/types/aws-native:mediaconnect:FlowVpcInterfaceNetworkInterfaceType", + "description": "The type of network adapter that you want MediaConnect to use on this interface. If you don't set this value, it defaults to ENA." + }, + "roleArn": { + "type": "string", + "description": "Role Arn MediaConnect can assume to create ENIs in customer's account." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Security Group IDs to be used on ENI." + }, + "subnetId": { + "type": "string", + "description": "Subnet must be in the AZ of the Flow" + } + } + }, + "aws-native:mediaconnect:FlowVpcInterfaceAttachment": { + "type": "object", + "properties": { + "vpcInterfaceName": { + "type": "string", + "description": "The name of the VPC interface to use for this resource." + } + } + }, + "aws-native:mediaconnect:FlowVpcInterfaceNetworkInterfaceType": { + "type": "string" + }, + "aws-native:mediaconnect:GatewayNetwork": { + "type": "object", + "properties": { + "cidrBlock": { + "type": "string", + "description": "A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16." + }, + "name": { + "type": "string", + "description": "The name of the network. This name is used to reference the network and must be unique among networks in this gateway." + } + } + }, + "aws-native:mediaconnect:GatewayState": { + "type": "string" + }, + "aws-native:medialive:MultiplexOutputDestination": { + "type": "object", + "properties": { + "multiplexMediaConnectOutputDestinationSettings": { + "$ref": "#/types/aws-native:medialive:MultiplexOutputDestinationMultiplexMediaConnectOutputDestinationSettingsProperties", + "description": "Multiplex MediaConnect output destination settings." + } + } + }, + "aws-native:medialive:MultiplexOutputDestinationMultiplexMediaConnectOutputDestinationSettingsProperties": { + "type": "object", + "properties": { + "entitlementArn": { + "type": "string", + "description": "The MediaConnect entitlement ARN available as a Flow source." + } + } + }, + "aws-native:medialive:MultiplexSettings": { + "type": "object", + "properties": { + "maximumVideoBufferDelayMilliseconds": { + "type": "integer", + "description": "Maximum video buffer delay in milliseconds." + }, + "transportStreamBitrate": { + "type": "integer", + "description": "Transport stream bit rate." + }, + "transportStreamId": { + "type": "integer", + "description": "Transport stream ID." + }, + "transportStreamReservedBitrate": { + "type": "integer", + "description": "Transport stream reserved bit rate." + } + } + }, + "aws-native:medialive:MultiplexState": { + "type": "string" + }, + "aws-native:medialive:MultiplexTags": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:medialive:MultiplexprogramMultiplexProgramPacketIdentifiersMap": { + "type": "object", + "properties": { + "audioPids": { + "type": "array", + "items": { + "type": "integer" + } + }, + "dvbSubPids": { + "type": "array", + "items": { + "type": "integer" + } + }, + "dvbTeletextPid": { + "type": "integer" + }, + "etvPlatformPid": { + "type": "integer" + }, + "etvSignalPid": { + "type": "integer" + }, + "klvDataPids": { + "type": "array", + "items": { + "type": "integer" + } + }, + "pcrPid": { + "type": "integer" + }, + "pmtPid": { + "type": "integer" + }, + "privateMetadataPid": { + "type": "integer" + }, + "scte27Pids": { + "type": "array", + "items": { + "type": "integer" + } + }, + "scte35Pid": { + "type": "integer" + }, + "timedMetadataPid": { + "type": "integer" + }, + "videoPid": { + "type": "integer" + } + }, + "irreversibleNames": { + "scte27Pids": "Scte27Pids", + "scte35Pid": "Scte35Pid" + } + }, + "aws-native:medialive:MultiplexprogramMultiplexProgramPipelineDetail": { + "type": "object", + "properties": { + "activeChannelPipeline": { + "type": "string", + "description": "Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex." + }, + "pipelineId": { + "type": "string", + "description": "Identifies a specific pipeline in the multiplex." + } + } + }, + "aws-native:medialive:MultiplexprogramMultiplexProgramServiceDescriptor": { + "type": "object", + "properties": { + "providerName": { + "type": "string", + "description": "Name of the provider." + }, + "serviceName": { + "type": "string", + "description": "Name of the service." + } + } + }, + "aws-native:medialive:MultiplexprogramMultiplexProgramSettings": { + "type": "object", + "properties": { + "preferredChannelPipeline": { + "$ref": "#/types/aws-native:medialive:MultiplexprogramPreferredChannelPipeline", + "description": "Indicates which pipeline is preferred by the multiplex for program ingest." + }, + "programNumber": { + "type": "integer", + "description": "Unique program number." + }, + "serviceDescriptor": { + "$ref": "#/types/aws-native:medialive:MultiplexprogramMultiplexProgramServiceDescriptor", + "description": "Transport stream service descriptor configuration for the Multiplex program." + }, + "videoSettings": { + "$ref": "#/types/aws-native:medialive:MultiplexprogramMultiplexVideoSettings", + "description": "Program video settings configuration." + } + } + }, + "aws-native:medialive:MultiplexprogramMultiplexVideoSettings": { + "type": "object" + }, + "aws-native:medialive:MultiplexprogramPreferredChannelPipeline": { + "type": "string" + }, + "aws-native:mediapackage:AssetEgressEndpoint": { + "type": "object", + "properties": { + "packagingConfigurationId": { + "type": "string", + "description": "The ID of the PackagingConfiguration being applied to the Asset." + }, + "url": { + "type": "string", + "description": "The URL of the parent manifest for the repackaged Asset." + } + } + }, + "aws-native:mediapackage:AssetTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediapackage:ChannelHlsIngest": { + "type": "object", + "properties": { + "ingestEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:ChannelIngestEndpoint" + }, + "description": "A list of endpoints to which the source stream should be sent." + } + } + }, + "aws-native:mediapackage:ChannelIngestEndpoint": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The system generated unique identifier for the IngestEndpoint" + }, + "password": { + "type": "string", + "description": "The system generated password for ingest authentication." + }, + "url": { + "type": "string", + "description": "The ingest URL to which the source stream should be sent." + }, + "username": { + "type": "string", + "description": "The system generated username for ingest authentication." + } + } + }, + "aws-native:mediapackage:ChannelLogConfiguration": { + "type": "object", + "properties": { + "logGroupName": { + "type": "string", + "description": "Sets a custom AWS CloudWatch log group name for access logs. If a log group name isn't specified, the defaults are used: /aws/MediaPackage/EgressAccessLogs for egress access logs and /aws/MediaPackage/IngressAccessLogs for ingress access logs." + } + } + }, + "aws-native:mediapackage:ChannelTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediapackage:OriginEndpointAdsOnDeliveryRestrictions": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointAuthorization": { + "type": "object", + "properties": { + "cdnIdentifierSecret": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the secret in Secrets Manager that your Content Distribution Network (CDN) uses for authorization to access your endpoint." + }, + "secretsRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the IAM role that allows MediaPackage to communicate with AWS Secrets Manager." + } + } + }, + "aws-native:mediapackage:OriginEndpointCmafEncryption": { + "type": "object", + "properties": { + "constantInitializationVector": { + "type": "string", + "description": "An optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV)." + }, + "encryptionMethod": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointCmafEncryptionEncryptionMethod", + "description": "The encryption method used" + }, + "keyRotationIntervalSeconds": { + "type": "integer", + "description": "Time (in seconds) between each encryption key rotation." + }, + "spekeKeyProvider": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointSpekeKeyProvider", + "description": "Parameters for the SPEKE key provider." + } + } + }, + "aws-native:mediapackage:OriginEndpointCmafEncryptionEncryptionMethod": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointCmafPackage": { + "type": "object", + "properties": { + "encryption": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointCmafEncryption", + "description": "Parameters for encrypting content." + }, + "hlsManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointHlsManifest" + }, + "description": "A list of HLS manifest configurations" + }, + "segmentDurationSeconds": { + "type": "integer", + "description": "Duration (in seconds) of each segment. Actual segments will be rounded to the nearest multiple of the source segment duration." + }, + "segmentPrefix": { + "type": "string", + "description": "An optional custom string that is prepended to the name of each segment. If not specified, it defaults to the ChannelId." + }, + "streamSelection": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointStreamSelection", + "description": "Limitations for outputs from the endpoint, based on the video bitrate." + } + } + }, + "aws-native:mediapackage:OriginEndpointDashEncryption": { + "type": "object", + "properties": { + "keyRotationIntervalSeconds": { + "type": "integer", + "description": "Time (in seconds) between each encryption key rotation." + }, + "spekeKeyProvider": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointSpekeKeyProvider", + "description": "Parameters for the SPEKE key provider." + } + } + }, + "aws-native:mediapackage:OriginEndpointDashPackage": { + "type": "object", + "properties": { + "adTriggers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointDashPackageAdTriggersItem" + }, + "description": "A list of SCTE-35 message types that are treated as ad markers in the output. If empty, no ad markers are output. Specify multiple items to create ad markers for all of the included message types." + }, + "adsOnDeliveryRestrictions": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointAdsOnDeliveryRestrictions", + "description": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) ." + }, + "encryption": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointDashEncryption", + "description": "Parameters for encrypting content." + }, + "includeIframeOnlyStream": { + "type": "boolean", + "description": "When enabled, an I-Frame only stream will be included in the output." + }, + "manifestLayout": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointDashPackageManifestLayout", + "description": "Determines the position of some tags in the Media Presentation Description (MPD). When set to FULL, elements like SegmentTemplate and ContentProtection are included in each Representation. When set to COMPACT, duplicate elements are combined and presented at the AdaptationSet level." + }, + "manifestWindowSeconds": { + "type": "integer", + "description": "Time window (in seconds) contained in each manifest." + }, + "minBufferTimeSeconds": { + "type": "integer", + "description": "Minimum duration (in seconds) that a player will buffer media before starting the presentation." + }, + "minUpdatePeriodSeconds": { + "type": "integer", + "description": "Minimum duration (in seconds) between potential changes to the Dynamic Adaptive Streaming over HTTP (DASH) Media Presentation Description (MPD)." + }, + "periodTriggers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointDashPackagePeriodTriggersItem" + }, + "description": "A list of triggers that controls when the outgoing Dynamic Adaptive Streaming over HTTP (DASH) Media Presentation Description (MPD) will be partitioned into multiple periods. If empty, the content will not be partitioned into more than one period. If the list contains \"ADS\", new periods will be created where the Channel source contains SCTE-35 ad markers." + }, + "profile": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointDashPackageProfile", + "description": "The Dynamic Adaptive Streaming over HTTP (DASH) profile type. When set to \"HBBTV_1_5\", HbbTV 1.5 compliant output is enabled." + }, + "segmentDurationSeconds": { + "type": "integer", + "description": "Duration (in seconds) of each segment. Actual segments will be rounded to the nearest multiple of the source segment duration." + }, + "segmentTemplateFormat": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointDashPackageSegmentTemplateFormat", + "description": "Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to NUMBER_WITH_TIMELINE, a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to TIME_WITH_TIMELINE, a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to NUMBER_WITH_DURATION, only a duration is included in each SegmentTemplate, with $Number$ media URLs." + }, + "streamSelection": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointStreamSelection", + "description": "Limitations for outputs from the endpoint, based on the video bitrate." + }, + "suggestedPresentationDelaySeconds": { + "type": "integer", + "description": "Duration (in seconds) to delay live content before presentation." + }, + "utcTiming": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointDashPackageUtcTiming", + "description": "Determines the type of UTCTiming included in the Media Presentation Description (MPD)" + }, + "utcTimingUri": { + "type": "string", + "description": "Specifies the value attribute of the UTCTiming field when utcTiming is set to HTTP-ISO, HTTP-HEAD or HTTP-XSDATE" + } + } + }, + "aws-native:mediapackage:OriginEndpointDashPackageAdTriggersItem": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointDashPackageManifestLayout": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointDashPackagePeriodTriggersItem": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointDashPackageProfile": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointDashPackageSegmentTemplateFormat": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointDashPackageUtcTiming": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointEncryptionContractConfiguration": { + "type": "object", + "properties": { + "presetSpeke20Audio": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointEncryptionContractConfigurationPresetSpeke20Audio", + "description": "A collection of audio encryption presets." + }, + "presetSpeke20Video": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointEncryptionContractConfigurationPresetSpeke20Video", + "description": "A collection of video encryption presets." + } + }, + "irreversibleNames": { + "presetSpeke20Audio": "PresetSpeke20Audio", + "presetSpeke20Video": "PresetSpeke20Video" + } + }, + "aws-native:mediapackage:OriginEndpointEncryptionContractConfigurationPresetSpeke20Audio": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointEncryptionContractConfigurationPresetSpeke20Video": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointHlsEncryption": { + "type": "object", + "properties": { + "constantInitializationVector": { + "type": "string", + "description": "A constant initialization vector for encryption (optional). When not specified the initialization vector will be periodically rotated." + }, + "encryptionMethod": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointHlsEncryptionEncryptionMethod", + "description": "The encryption method to use." + }, + "keyRotationIntervalSeconds": { + "type": "integer", + "description": "Interval (in seconds) between each encryption key rotation." + }, + "repeatExtXKey": { + "type": "boolean", + "description": "When enabled, the EXT-X-KEY tag will be repeated in output manifests." + }, + "spekeKeyProvider": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointSpekeKeyProvider", + "description": "Parameters for the SPEKE key provider." + } + } + }, + "aws-native:mediapackage:OriginEndpointHlsEncryptionEncryptionMethod": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointHlsManifest": { + "type": "object", + "properties": { + "adMarkers": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointHlsManifestAdMarkers", + "description": "This setting controls how ad markers are included in the packaged OriginEndpoint. \"NONE\" will omit all SCTE-35 ad markers from the output. \"PASSTHROUGH\" causes the manifest to contain a copy of the SCTE-35 ad markers (comments) taken directly from the input HTTP Live Streaming (HLS) manifest. \"SCTE35_ENHANCED\" generates ad markers and blackout tags based on SCTE-35 messages in the input source. \"DATERANGE\" inserts EXT-X-DATERANGE tags to signal ad and program transition events in HLS and CMAF manifests. For this option, you must set a programDateTimeIntervalSeconds value that is greater than 0." + }, + "adTriggers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointHlsManifestAdTriggersItem" + }, + "description": "A list of SCTE-35 message types that are treated as ad markers in the output. If empty, no ad markers are output. Specify multiple items to create ad markers for all of the included message types." + }, + "adsOnDeliveryRestrictions": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointAdsOnDeliveryRestrictions", + "description": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) ." + }, + "id": { + "type": "string", + "description": "The ID of the manifest. The ID must be unique within the OriginEndpoint and it cannot be changed after it is created." + }, + "includeIframeOnlyStream": { + "type": "boolean", + "description": "When enabled, an I-Frame only stream will be included in the output." + }, + "manifestName": { + "type": "string", + "description": "An optional short string appended to the end of the OriginEndpoint URL. If not specified, defaults to the manifestName for the OriginEndpoint." + }, + "playlistType": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointHlsManifestPlaylistType", + "description": "The HTTP Live Streaming (HLS) playlist type. When either \"EVENT\" or \"VOD\" is specified, a corresponding EXT-X-PLAYLIST-TYPE entry will be included in the media playlist." + }, + "playlistWindowSeconds": { + "type": "integer", + "description": "Time window (in seconds) contained in each parent manifest." + }, + "programDateTimeIntervalSeconds": { + "type": "integer", + "description": "The interval (in seconds) between each EXT-X-PROGRAM-DATE-TIME tag inserted into manifests. Additionally, when an interval is specified ID3Timed Metadata messages will be generated every 5 seconds using the ingest time of the content. If the interval is not specified, or set to 0, then no EXT-X-PROGRAM-DATE-TIME tags will be inserted into manifests and no ID3Timed Metadata messages will be generated. Note that irrespective of this parameter, if any ID3 Timed Metadata is found in HTTP Live Streaming (HLS) input, it will be passed through to HLS output." + }, + "url": { + "type": "string", + "description": "The URL of the packaged OriginEndpoint for consumption." + } + } + }, + "aws-native:mediapackage:OriginEndpointHlsManifestAdMarkers": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointHlsManifestAdTriggersItem": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointHlsManifestPlaylistType": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointHlsPackage": { + "type": "object", + "properties": { + "adMarkers": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointHlsPackageAdMarkers", + "description": "This setting controls how ad markers are included in the packaged OriginEndpoint. \"NONE\" will omit all SCTE-35 ad markers from the output. \"PASSTHROUGH\" causes the manifest to contain a copy of the SCTE-35 ad markers (comments) taken directly from the input HTTP Live Streaming (HLS) manifest. \"SCTE35_ENHANCED\" generates ad markers and blackout tags based on SCTE-35 messages in the input source. \"DATERANGE\" inserts EXT-X-DATERANGE tags to signal ad and program transition events in HLS and CMAF manifests. For this option, you must set a programDateTimeIntervalSeconds value that is greater than 0." + }, + "adTriggers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointHlsPackageAdTriggersItem" + }, + "description": "A list of SCTE-35 message types that are treated as ad markers in the output. If empty, no ad markers are output. Specify multiple items to create ad markers for all of the included message types." + }, + "adsOnDeliveryRestrictions": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointAdsOnDeliveryRestrictions", + "description": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) ." + }, + "encryption": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointHlsEncryption", + "description": "Parameters for encrypting content." + }, + "includeDvbSubtitles": { + "type": "boolean", + "description": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output." + }, + "includeIframeOnlyStream": { + "type": "boolean", + "description": "When enabled, an I-Frame only stream will be included in the output." + }, + "playlistType": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointHlsPackagePlaylistType", + "description": "The HTTP Live Streaming (HLS) playlist type. When either \"EVENT\" or \"VOD\" is specified, a corresponding EXT-X-PLAYLIST-TYPE entry will be included in the media playlist." + }, + "playlistWindowSeconds": { + "type": "integer", + "description": "Time window (in seconds) contained in each parent manifest." + }, + "programDateTimeIntervalSeconds": { + "type": "integer", + "description": "The interval (in seconds) between each EXT-X-PROGRAM-DATE-TIME tag inserted into manifests. Additionally, when an interval is specified ID3Timed Metadata messages will be generated every 5 seconds using the ingest time of the content. If the interval is not specified, or set to 0, then no EXT-X-PROGRAM-DATE-TIME tags will be inserted into manifests and no ID3Timed Metadata messages will be generated. Note that irrespective of this parameter, if any ID3 Timed Metadata is found in HTTP Live Streaming (HLS) input, it will be passed through to HLS output." + }, + "segmentDurationSeconds": { + "type": "integer", + "description": "Duration (in seconds) of each fragment. Actual fragments will be rounded to the nearest multiple of the source fragment duration." + }, + "streamSelection": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointStreamSelection", + "description": "Limitations for outputs from the endpoint, based on the video bitrate." + }, + "useAudioRenditionGroup": { + "type": "boolean", + "description": "When enabled, audio streams will be placed in rendition groups in the output." + } + } + }, + "aws-native:mediapackage:OriginEndpointHlsPackageAdMarkers": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointHlsPackageAdTriggersItem": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointHlsPackagePlaylistType": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointMssEncryption": { + "type": "object", + "properties": { + "spekeKeyProvider": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointSpekeKeyProvider", + "description": "Parameters for the SPEKE key provider." + } + } + }, + "aws-native:mediapackage:OriginEndpointMssPackage": { + "type": "object", + "properties": { + "encryption": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointMssEncryption", + "description": "Parameters for encrypting content." + }, + "manifestWindowSeconds": { + "type": "integer", + "description": "The time window (in seconds) contained in each manifest." + }, + "segmentDurationSeconds": { + "type": "integer", + "description": "The duration (in seconds) of each segment." + }, + "streamSelection": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointStreamSelection", + "description": "Limitations for outputs from the endpoint, based on the video bitrate." + } + } + }, + "aws-native:mediapackage:OriginEndpointOrigination": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointSpekeKeyProvider": { + "type": "object", + "properties": { + "certificateArn": { + "type": "string", + "description": "An Amazon Resource Name (ARN) of a Certificate Manager certificate that MediaPackage will use for enforcing secure end-to-end data transfer with the key provider service." + }, + "encryptionContractConfiguration": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointEncryptionContractConfiguration", + "description": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use." + }, + "resourceId": { + "type": "string", + "description": "The resource ID to include in key requests." + }, + "roleArn": { + "type": "string", + "description": "An Amazon Resource Name (ARN) of an IAM role that AWS Elemental MediaPackage will assume when accessing the key provider service." + }, + "systemIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The system IDs to include in key requests." + }, + "url": { + "type": "string", + "description": "The URL of the external key provider service." + } + } + }, + "aws-native:mediapackage:OriginEndpointStreamSelection": { + "type": "object", + "properties": { + "maxVideoBitsPerSecond": { + "type": "integer", + "description": "The maximum video bitrate (bps) to include in output." + }, + "minVideoBitsPerSecond": { + "type": "integer", + "description": "The minimum video bitrate (bps) to include in output." + }, + "streamOrder": { + "$ref": "#/types/aws-native:mediapackage:OriginEndpointStreamSelectionStreamOrder", + "description": "A directive that determines the order of streams in the output." + } + } + }, + "aws-native:mediapackage:OriginEndpointStreamSelectionStreamOrder": { + "type": "string" + }, + "aws-native:mediapackage:OriginEndpointTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediapackage:PackagingConfigurationCmafEncryption": { + "type": "object", + "properties": { + "spekeKeyProvider": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationSpekeKeyProvider", + "description": "Parameters for the SPEKE key provider." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationCmafPackage": { + "type": "object", + "properties": { + "encryption": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationCmafEncryption", + "description": "Parameters for encrypting content." + }, + "hlsManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationHlsManifest" + }, + "description": "A list of HLS manifest configurations." + }, + "includeEncoderConfigurationInSegments": { + "type": "boolean", + "description": "When includeEncoderConfigurationInSegments is set to true, MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback." + }, + "segmentDurationSeconds": { + "type": "integer", + "description": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source fragment duration." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationDashEncryption": { + "type": "object", + "properties": { + "spekeKeyProvider": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationSpekeKeyProvider", + "description": "Parameters for the SPEKE key provider." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationDashManifest": { + "type": "object", + "properties": { + "manifestLayout": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationDashManifestManifestLayout", + "description": "Determines the position of some tags in the Media Presentation Description (MPD). When set to FULL, elements like SegmentTemplate and ContentProtection are included in each Representation. When set to COMPACT, duplicate elements are combined and presented at the AdaptationSet level." + }, + "manifestName": { + "type": "string", + "description": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration." + }, + "minBufferTimeSeconds": { + "type": "integer", + "description": "Minimum duration (in seconds) that a player will buffer media before starting the presentation." + }, + "profile": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationDashManifestProfile", + "description": "The Dynamic Adaptive Streaming over HTTP (DASH) profile type. When set to \"HBBTV_1_5\", HbbTV 1.5 compliant output is enabled." + }, + "scteMarkersSource": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationDashManifestScteMarkersSource", + "description": "The source of scte markers used. When set to SEGMENTS, the scte markers are sourced from the segments of the ingested content. When set to MANIFEST, the scte markers are sourced from the manifest of the ingested content." + }, + "streamSelection": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationStreamSelection", + "description": "Limitations for outputs from the endpoint, based on the video bitrate." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationDashManifestManifestLayout": { + "type": "string" + }, + "aws-native:mediapackage:PackagingConfigurationDashManifestProfile": { + "type": "string" + }, + "aws-native:mediapackage:PackagingConfigurationDashManifestScteMarkersSource": { + "type": "string" + }, + "aws-native:mediapackage:PackagingConfigurationDashPackage": { + "type": "object", + "properties": { + "dashManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationDashManifest" + }, + "description": "A list of DASH manifest configurations." + }, + "encryption": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationDashEncryption", + "description": "Parameters for encrypting content." + }, + "includeEncoderConfigurationInSegments": { + "type": "boolean", + "description": "When includeEncoderConfigurationInSegments is set to true, MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback." + }, + "includeIframeOnlyStream": { + "type": "boolean", + "description": "When enabled, an I-Frame only stream will be included in the output." + }, + "periodTriggers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationDashPackagePeriodTriggersItem" + }, + "description": "A list of triggers that controls when the outgoing Dynamic Adaptive Streaming over HTTP (DASH) Media Presentation Description (MPD) will be partitioned into multiple periods. If empty, the content will not be partitioned into more than one period. If the list contains \"ADS\", new periods will be created where the Asset contains SCTE-35 ad markers." + }, + "segmentDurationSeconds": { + "type": "integer", + "description": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source segment duration." + }, + "segmentTemplateFormat": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationDashPackageSegmentTemplateFormat", + "description": "Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to NUMBER_WITH_TIMELINE, a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to TIME_WITH_TIMELINE, a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to NUMBER_WITH_DURATION, only a duration is included in each SegmentTemplate, with $Number$ media URLs." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationDashPackagePeriodTriggersItem": { + "type": "string" + }, + "aws-native:mediapackage:PackagingConfigurationDashPackageSegmentTemplateFormat": { + "type": "string" + }, + "aws-native:mediapackage:PackagingConfigurationEncryptionContractConfiguration": { + "type": "object", + "properties": { + "presetSpeke20Audio": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationEncryptionContractConfigurationPresetSpeke20Audio", + "description": "A collection of audio encryption presets." + }, + "presetSpeke20Video": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationEncryptionContractConfigurationPresetSpeke20Video", + "description": "A collection of video encryption presets." + } + }, + "irreversibleNames": { + "presetSpeke20Audio": "PresetSpeke20Audio", + "presetSpeke20Video": "PresetSpeke20Video" + } + }, + "aws-native:mediapackage:PackagingConfigurationEncryptionContractConfigurationPresetSpeke20Audio": { + "type": "string" + }, + "aws-native:mediapackage:PackagingConfigurationEncryptionContractConfigurationPresetSpeke20Video": { + "type": "string" + }, + "aws-native:mediapackage:PackagingConfigurationHlsEncryption": { + "type": "object", + "properties": { + "constantInitializationVector": { + "type": "string", + "description": "An HTTP Live Streaming (HLS) encryption configuration." + }, + "encryptionMethod": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationHlsEncryptionEncryptionMethod", + "description": "The encryption method to use." + }, + "spekeKeyProvider": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationSpekeKeyProvider", + "description": "Parameters for the SPEKE key provider." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationHlsEncryptionEncryptionMethod": { + "type": "string" + }, + "aws-native:mediapackage:PackagingConfigurationHlsManifest": { + "type": "object", + "properties": { + "adMarkers": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationHlsManifestAdMarkers", + "description": "This setting controls how ad markers are included in the packaged OriginEndpoint. \"NONE\" will omit all SCTE-35 ad markers from the output. \"PASSTHROUGH\" causes the manifest to contain a copy of the SCTE-35 ad markers (comments) taken directly from the input HTTP Live Streaming (HLS) manifest. \"SCTE35_ENHANCED\" generates ad markers and blackout tags based on SCTE-35 messages in the input source." + }, + "includeIframeOnlyStream": { + "type": "boolean", + "description": "When enabled, an I-Frame only stream will be included in the output." + }, + "manifestName": { + "type": "string", + "description": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration." + }, + "programDateTimeIntervalSeconds": { + "type": "integer", + "description": "The interval (in seconds) between each EXT-X-PROGRAM-DATE-TIME tag inserted into manifests. Additionally, when an interval is specified ID3Timed Metadata messages will be generated every 5 seconds using the ingest time of the content. If the interval is not specified, or set to 0, then no EXT-X-PROGRAM-DATE-TIME tags will be inserted into manifests and no ID3Timed Metadata messages will be generated. Note that irrespective of this parameter, if any ID3 Timed Metadata is found in HTTP Live Streaming (HLS) input, it will be passed through to HLS output." + }, + "repeatExtXKey": { + "type": "boolean", + "description": "When enabled, the EXT-X-KEY tag will be repeated in output manifests." + }, + "streamSelection": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationStreamSelection", + "description": "Video bitrate limitations for outputs from this packaging configuration." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationHlsManifestAdMarkers": { + "type": "string" + }, + "aws-native:mediapackage:PackagingConfigurationHlsPackage": { + "type": "object", + "properties": { + "encryption": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationHlsEncryption", + "description": "Parameters for encrypting content." + }, + "hlsManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationHlsManifest" + }, + "description": "A list of HLS manifest configurations." + }, + "includeDvbSubtitles": { + "type": "boolean", + "description": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output." + }, + "segmentDurationSeconds": { + "type": "integer", + "description": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration." + }, + "useAudioRenditionGroup": { + "type": "boolean", + "description": "When enabled, audio streams will be placed in rendition groups in the output." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationMssEncryption": { + "type": "object", + "properties": { + "spekeKeyProvider": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationSpekeKeyProvider", + "description": "Parameters for the SPEKE key provider." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationMssManifest": { + "type": "object", + "properties": { + "manifestName": { + "type": "string", + "description": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration." + }, + "streamSelection": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationStreamSelection", + "description": "Video bitrate limitations for outputs from this packaging configuration." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationMssPackage": { + "type": "object", + "properties": { + "encryption": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationMssEncryption", + "description": "Parameters for encrypting content." + }, + "mssManifests": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationMssManifest" + }, + "description": "A list of MSS manifest configurations." + }, + "segmentDurationSeconds": { + "type": "integer", + "description": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationSpekeKeyProvider": { + "type": "object", + "properties": { + "encryptionContractConfiguration": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationEncryptionContractConfiguration", + "description": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use." + }, + "roleArn": { + "type": "string", + "description": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. Valid format: arn:aws:iam::{accountID}:role/{name}" + }, + "systemIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The system IDs to include in key requests." + }, + "url": { + "type": "string", + "description": "The URL of the external key provider service." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationStreamSelection": { + "type": "object", + "properties": { + "maxVideoBitsPerSecond": { + "type": "integer", + "description": "The maximum video bitrate (bps) to include in output." + }, + "minVideoBitsPerSecond": { + "type": "integer", + "description": "The minimum video bitrate (bps) to include in output." + }, + "streamOrder": { + "$ref": "#/types/aws-native:mediapackage:PackagingConfigurationStreamSelectionStreamOrder", + "description": "A directive that determines the order of streams in the output." + } + } + }, + "aws-native:mediapackage:PackagingConfigurationStreamSelectionStreamOrder": { + "type": "string" + }, + "aws-native:mediapackage:PackagingConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediapackage:PackagingGroupAuthorization": { + "type": "object", + "properties": { + "cdnIdentifierSecret": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization." + }, + "secretsRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the IAM role that allows MediaPackage to communicate with AWS Secrets Manager." + } + } + }, + "aws-native:mediapackage:PackagingGroupLogConfiguration": { + "type": "object", + "properties": { + "logGroupName": { + "type": "string", + "description": "Sets a custom AWS CloudWatch log group name for egress logs. If a log group name isn't specified, the default name is used: /aws/MediaPackage/VodEgressAccessLogs." + } + } + }, + "aws-native:mediapackage:PackagingGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediapackagev2:ChannelGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediapackagev2:ChannelIngestEndpoint": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "\u003cp\u003eThe system-generated unique identifier for the IngestEndpoint.\u003c/p\u003e" + }, + "url": { + "type": "string", + "description": "\u003cp\u003eThe ingest domain URL where the source stream should be sent.\u003c/p\u003e" + } + } + }, + "aws-native:mediapackagev2:ChannelInputType": { + "type": "string" + }, + "aws-native:mediapackagev2:ChannelTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediapackagev2:OriginEndpointAdMarkerDash": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointAdMarkerHls": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointCmafEncryptionMethod": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointContainerType": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointDashDrmSignaling": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointDashManifestConfiguration": { + "type": "object", + "properties": { + "drmSignaling": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointDashDrmSignaling" + }, + "filterConfiguration": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointFilterConfiguration" + }, + "manifestName": { + "type": "string", + "description": "\u003cp\u003eA short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, index. \u003c/p\u003e" + }, + "manifestWindowSeconds": { + "type": "integer", + "description": "\u003cp\u003eThe total duration (in seconds) of the manifest's content.\u003c/p\u003e" + }, + "minBufferTimeSeconds": { + "type": "integer", + "description": "\u003cp\u003eMinimum amount of content (in seconds) that a player must keep available in the buffer.\u003c/p\u003e" + }, + "minUpdatePeriodSeconds": { + "type": "integer", + "description": "\u003cp\u003eMinimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.\u003c/p\u003e" + }, + "periodTriggers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointDashPeriodTrigger" + }, + "description": "\u003cp\u003eA list of triggers that controls when AWS Elemental MediaPackage separates the MPEG-DASH manifest into multiple periods. Leave this value empty to indicate that the manifest is contained all in one period.\n For more information about periods in the DASH manifest, see \u003ca href=\"https://docs.aws.amazon.com/mediapackage/latest/userguide/multi-period.html\"\u003eMulti-period DASH in AWS Elemental MediaPackage\u003c/a\u003e.\u003c/p\u003e" + }, + "scteDash": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointScteDash" + }, + "segmentTemplateFormat": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointDashSegmentTemplateFormat" + }, + "suggestedPresentationDelaySeconds": { + "type": "integer", + "description": "\u003cp\u003eThe amount of time (in seconds) that the player should be from the end of the manifest.\u003c/p\u003e" + }, + "utcTiming": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointDashUtcTiming" + } + } + }, + "aws-native:mediapackagev2:OriginEndpointDashPeriodTrigger": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointDashSegmentTemplateFormat": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointDashUtcTiming": { + "type": "object", + "properties": { + "timingMode": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointDashUtcTimingMode", + "description": "The UTC timing mode." + }, + "timingSource": { + "type": "string", + "description": "\u003cp\u003eThe the method that the player uses to synchronize to coordinated universal time (UTC) wall clock time.\u003c/p\u003e" + } + } + }, + "aws-native:mediapackagev2:OriginEndpointDashUtcTimingMode": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointDrmSystem": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointEncryption": { + "type": "object", + "properties": { + "constantInitializationVector": { + "type": "string", + "description": "\u003cp\u003eA 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).\u003c/p\u003e" + }, + "encryptionMethod": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointEncryptionMethod", + "description": "The encryption method to use." + }, + "keyRotationIntervalSeconds": { + "type": "integer", + "description": "\u003cp\u003eThe frequency (in seconds) of key changes for live workflows, in which content is streamed real time. The service retrieves content keys before the live content begins streaming, and then retrieves them as needed over the lifetime of the workflow. By default, key rotation is set to 300 seconds (5 minutes), the minimum rotation interval, which is equivalent to setting it to 300. If you don't enter an interval, content keys aren't rotated.\u003c/p\u003e\n \u003cp\u003eThe following example setting causes the service to rotate keys every thirty minutes: \u003ccode\u003e1800\u003c/code\u003e\n \u003c/p\u003e" + }, + "spekeKeyProvider": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointSpekeKeyProvider", + "description": "The SPEKE key provider to use for encryption." + } + } + }, + "aws-native:mediapackagev2:OriginEndpointEncryptionContractConfiguration": { + "type": "object", + "properties": { + "presetSpeke20Audio": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointPresetSpeke20Audio", + "description": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream." + }, + "presetSpeke20Video": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointPresetSpeke20Video", + "description": "The SPEKE Version 2.0 preset video associated with the encryption contract configuration of the origin endpoint." + } + }, + "irreversibleNames": { + "presetSpeke20Audio": "PresetSpeke20Audio", + "presetSpeke20Video": "PresetSpeke20Video" + } + }, + "aws-native:mediapackagev2:OriginEndpointEncryptionMethod": { + "type": "object", + "properties": { + "cmafEncryptionMethod": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointCmafEncryptionMethod", + "description": "The encryption method to use." + }, + "tsEncryptionMethod": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointTsEncryptionMethod", + "description": "The encryption method to use." + } + } + }, + "aws-native:mediapackagev2:OriginEndpointEndpointErrorCondition": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointFilterConfiguration": { + "type": "object", + "properties": { + "end": { + "type": "string", + "description": "\u003cp\u003eOptionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.\u003c/p\u003e" + }, + "manifestFilter": { + "type": "string", + "description": "\u003cp\u003eOptionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.\u003c/p\u003e" + }, + "start": { + "type": "string", + "description": "\u003cp\u003eOptionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.\u003c/p\u003e" + }, + "timeDelaySeconds": { + "type": "integer", + "description": "\u003cp\u003eOptionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.\u003c/p\u003e" + } + } + }, + "aws-native:mediapackagev2:OriginEndpointForceEndpointErrorConfiguration": { + "type": "object", + "properties": { + "endpointErrorConditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointEndpointErrorCondition" + }, + "description": "\u003cp\u003eThe failover settings for the endpoint. The options are:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003e\n \u003cp\u003e\n \u003ccode\u003eSTALE_MANIFEST\u003c/code\u003e - The manifest stalled and there a no new segments or parts.\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003e\n \u003ccode\u003eINCOMPLETE_MANIFEST\u003c/code\u003e - There is a gap in the manifest.\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003e\n \u003ccode\u003eMISSING_DRM_KEY\u003c/code\u003e - Key rotation is enabled but we're unable to fetch the key for the current key period.\u003c/p\u003e\n \u003c/li\u003e\n \u003c/ul\u003e" + } + } + }, + "aws-native:mediapackagev2:OriginEndpointHlsManifestConfiguration": { + "type": "object", + "properties": { + "childManifestName": { + "type": "string", + "description": "\u003cp\u003eA short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default child manifest name, index_1. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.\u003c/p\u003e" + }, + "filterConfiguration": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointFilterConfiguration" + }, + "manifestName": { + "type": "string", + "description": "\u003cp\u003eA short short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, index. MediaPackage automatically inserts the format extension, such as .m3u8. You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.\u003c/p\u003e" + }, + "manifestWindowSeconds": { + "type": "integer", + "description": "\u003cp\u003eThe total duration (in seconds) of the manifest's content.\u003c/p\u003e" + }, + "programDateTimeIntervalSeconds": { + "type": "integer", + "description": "\u003cp\u003eInserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval, \n EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest. \n The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player. \n ID3Timed metadata messages generate every 5 seconds whenever the content is ingested.\u003c/p\u003e\n \u003cp\u003eIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\u003c/p\u003e" + }, + "scteHls": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointScteHls", + "description": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration." + }, + "url": { + "type": "string", + "description": "\u003cp\u003eThe egress domain URL for stream delivery from MediaPackage.\u003c/p\u003e" + } + } + }, + "aws-native:mediapackagev2:OriginEndpointLowLatencyHlsManifestConfiguration": { + "type": "object", + "properties": { + "childManifestName": { + "type": "string", + "description": "\u003cp\u003eA short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default child manifest name, index_1. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.\u003c/p\u003e" + }, + "filterConfiguration": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointFilterConfiguration" + }, + "manifestName": { + "type": "string", + "description": "\u003cp\u003eA short short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, index. MediaPackage automatically inserts the format extension, such as .m3u8. You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.\u003c/p\u003e" + }, + "manifestWindowSeconds": { + "type": "integer", + "description": "\u003cp\u003eThe total duration (in seconds) of the manifest's content.\u003c/p\u003e" + }, + "programDateTimeIntervalSeconds": { + "type": "integer", + "description": "\u003cp\u003eInserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval, \n EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest. \n The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player. \n ID3Timed metadata messages generate every 5 seconds whenever the content is ingested.\u003c/p\u003e\n \u003cp\u003eIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\u003c/p\u003e" + }, + "scteHls": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointScteHls", + "description": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint." + }, + "url": { + "type": "string", + "description": "\u003cp\u003eThe egress domain URL for stream delivery from MediaPackage.\u003c/p\u003e" + } + } + }, + "aws-native:mediapackagev2:OriginEndpointPresetSpeke20Audio": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointPresetSpeke20Video": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointScte": { + "type": "object", + "properties": { + "scteFilter": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointScteFilter" + }, + "description": "\u003cp\u003eThe SCTE-35 message types that you want to be treated as ad markers in the output.\u003c/p\u003e" + } + } + }, + "aws-native:mediapackagev2:OriginEndpointScteDash": { + "type": "object", + "properties": { + "adMarkerDash": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointAdMarkerDash", + "description": "Choose how ad markers are included in the packaged content. If you include ad markers in the content stream in your upstream encoders, then you need to inform MediaPackage what to do with the ad markers in the output.\n\nValue description:\n\n- `Binary` - The SCTE-35 marker is expressed as a hex-string (Base64 string) rather than full XML.\n- `XML` - The SCTE marker is expressed fully in XML." + } + } + }, + "aws-native:mediapackagev2:OriginEndpointScteFilter": { + "type": "string" + }, + "aws-native:mediapackagev2:OriginEndpointScteHls": { + "type": "object", + "properties": { + "adMarkerHls": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointAdMarkerHls", + "description": "The SCTE-35 HLS ad-marker configuration." + } + } + }, + "aws-native:mediapackagev2:OriginEndpointSegment": { + "type": "object", + "properties": { + "encryption": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointEncryption", + "description": "Whether to use encryption for the segment." + }, + "includeIframeOnlyStreams": { + "type": "boolean", + "description": "\u003cp\u003eWhen selected, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included. MediaPackage generates an I-frame only stream from the first rendition in the manifest. The service inserts EXT-I-FRAMES-ONLY tags in the output manifest, and then generates and includes an I-frames only playlist in the stream. This playlist permits player functionality like fast forward and rewind.\u003c/p\u003e" + }, + "scte": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointScte", + "description": "The SCTE-35 configuration associated with the segment." + }, + "segmentDurationSeconds": { + "type": "integer", + "description": "\u003cp\u003eThe duration (in seconds) of each segment. Enter a value equal to, or a multiple of, the input segment duration. If the value that you enter is different from the input segment duration, MediaPackage rounds segments to the nearest multiple of the input segment duration.\u003c/p\u003e" + }, + "segmentName": { + "type": "string", + "description": "\u003cp\u003eThe name that describes the segment. The name is the base name of the segment used in all content manifests inside of the endpoint. You can't use spaces in the name.\u003c/p\u003e" + }, + "tsIncludeDvbSubtitles": { + "type": "boolean", + "description": "\u003cp\u003eBy default, MediaPackage excludes all digital video broadcasting (DVB) subtitles from the output. When selected, MediaPackage passes through DVB subtitles into the output.\u003c/p\u003e" + }, + "tsUseAudioRenditionGroup": { + "type": "boolean", + "description": "\u003cp\u003eWhen selected, MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.\u003c/p\u003e" + } + } + }, + "aws-native:mediapackagev2:OriginEndpointSpekeKeyProvider": { + "type": "object", + "properties": { + "drmSystems": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointDrmSystem" + }, + "description": "\u003cp\u003eThe DRM solution provider you're using to protect your content during distribution.\u003c/p\u003e" + }, + "encryptionContractConfiguration": { + "$ref": "#/types/aws-native:mediapackagev2:OriginEndpointEncryptionContractConfiguration", + "description": "The encryption contract configuration associated with the SPEKE key provider." + }, + "resourceId": { + "type": "string", + "description": "\u003cp\u003eThe unique identifier for the content. The service sends this to the key server to identify the current endpoint. How unique you make this depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.\u003c/p\u003e\n \u003cp\u003eThe following example shows a resource ID: \u003ccode\u003eMovieNight20171126093045\u003c/code\u003e\n \u003c/p\u003e" + }, + "roleArn": { + "type": "string", + "description": "\u003cp\u003eThe ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.\u003c/p\u003e\n \u003cp\u003eValid format: \u003ccode\u003earn:aws:iam::{accountID}:role/{name}\u003c/code\u003e. The following example shows a role ARN: \u003ccode\u003earn:aws:iam::444455556666:role/SpekeAccess\u003c/code\u003e\n \u003c/p\u003e" + }, + "url": { + "type": "string", + "description": "\u003cp\u003eThe URL of the API Gateway proxy that you set up to talk to your key server. The API Gateway proxy must reside in the same AWS Region as MediaPackage and must start with https://.\u003c/p\u003e\n \u003cp\u003eThe following example shows a URL: \u003ccode\u003ehttps://1wm2dx1f33.execute-api.us-west-2.amazonaws.com/SpekeSample/copyProtection\u003c/code\u003e\n \u003c/p\u003e" + } + } + }, + "aws-native:mediapackagev2:OriginEndpointTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediapackagev2:OriginEndpointTsEncryptionMethod": { + "type": "string" + }, + "aws-native:mediatailor:ChannelAdMarkupType": { + "type": "string" + }, + "aws-native:mediatailor:ChannelDashPlaylistSettings": { + "type": "object", + "properties": { + "manifestWindowSeconds": { + "type": "number", + "description": "\u003cp\u003eThe total duration (in seconds) of each manifest. Minimum value: \u003ccode\u003e30\u003c/code\u003e seconds. Maximum value: \u003ccode\u003e3600\u003c/code\u003e seconds.\u003c/p\u003e" + }, + "minBufferTimeSeconds": { + "type": "number", + "description": "\u003cp\u003eMinimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: \u003ccode\u003e2\u003c/code\u003e seconds. Maximum value: \u003ccode\u003e60\u003c/code\u003e seconds.\u003c/p\u003e" + }, + "minUpdatePeriodSeconds": { + "type": "number", + "description": "\u003cp\u003eMinimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: \u003ccode\u003e2\u003c/code\u003e seconds. Maximum value: \u003ccode\u003e60\u003c/code\u003e seconds.\u003c/p\u003e" + }, + "suggestedPresentationDelaySeconds": { + "type": "number", + "description": "\u003cp\u003eAmount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: \u003ccode\u003e2\u003c/code\u003e seconds. Maximum value: \u003ccode\u003e60\u003c/code\u003e seconds.\u003c/p\u003e" + } + } + }, + "aws-native:mediatailor:ChannelHlsPlaylistSettings": { + "type": "object", + "properties": { + "adMarkupType": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediatailor:ChannelAdMarkupType" + }, + "description": "\u003cp\u003eDetermines the type of SCTE 35 tags to use in ad markup. Specify \u003ccode\u003eDATERANGE\u003c/code\u003e to use \u003ccode\u003eDATERANGE\u003c/code\u003e tags (for live or VOD content). Specify \u003ccode\u003eSCTE35_ENHANCED\u003c/code\u003e to use \u003ccode\u003eEXT-X-CUE-OUT\u003c/code\u003e and \u003ccode\u003eEXT-X-CUE-IN\u003c/code\u003e tags (for VOD content only).\u003c/p\u003e" + }, + "manifestWindowSeconds": { + "type": "number", + "description": "\u003cp\u003eThe total duration (in seconds) of each manifest. Minimum value: \u003ccode\u003e30\u003c/code\u003e seconds. Maximum value: \u003ccode\u003e3600\u003c/code\u003e seconds.\u003c/p\u003e" + } + } + }, + "aws-native:mediatailor:ChannelLogConfigurationForChannel": { + "type": "object", + "properties": { + "logTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:mediatailor:ChannelLogType" + }, + "description": "\u003cp\u003eThe log types.\u003c/p\u003e" + } + } + }, + "aws-native:mediatailor:ChannelLogType": { + "type": "string" + }, + "aws-native:mediatailor:ChannelPlaybackMode": { + "type": "string" + }, + "aws-native:mediatailor:ChannelRequestOutputItem": { + "type": "object", + "properties": { + "dashPlaylistSettings": { + "$ref": "#/types/aws-native:mediatailor:ChannelDashPlaylistSettings", + "description": "DASH manifest configuration parameters." + }, + "hlsPlaylistSettings": { + "$ref": "#/types/aws-native:mediatailor:ChannelHlsPlaylistSettings", + "description": "HLS playlist configuration parameters." + }, + "manifestName": { + "type": "string", + "description": "\u003cp\u003eThe name of the manifest for the channel. The name appears in the \u003ccode\u003ePlaybackUrl\u003c/code\u003e.\u003c/p\u003e" + }, + "sourceGroup": { + "type": "string", + "description": "\u003cp\u003eA string used to match which \u003ccode\u003eHttpPackageConfiguration\u003c/code\u003e is used for each \u003ccode\u003eVodSource\u003c/code\u003e.\u003c/p\u003e" + } + } + }, + "aws-native:mediatailor:ChannelSlateSource": { + "type": "object", + "properties": { + "sourceLocationName": { + "type": "string", + "description": "\u003cp\u003eThe name of the source location where the slate VOD source is stored.\u003c/p\u003e" + }, + "vodSourceName": { + "type": "string", + "description": "\u003cp\u003eThe slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.\u003c/p\u003e" + } + } + }, + "aws-native:mediatailor:ChannelTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediatailor:ChannelTier": { + "type": "string" + }, + "aws-native:mediatailor:ChannelTimeShiftConfiguration": { + "type": "object", + "properties": { + "maxTimeDelaySeconds": { + "type": "number", + "description": "\u003cp\u003eThe maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).\u003c/p\u003e" + } + } + }, + "aws-native:mediatailor:LiveSourceHttpPackageConfiguration": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "\u003cp\u003eThe relative path to the URL for this VOD source. This is combined with \u003ccode\u003eSourceLocation::HttpConfiguration::BaseUrl\u003c/code\u003e to form a valid URL.\u003c/p\u003e" + }, + "sourceGroup": { + "type": "string", + "description": "\u003cp\u003eThe name of the source group. This has to match one of the \u003ccode\u003eChannel::Outputs::SourceGroup\u003c/code\u003e.\u003c/p\u003e" + }, + "type": { + "$ref": "#/types/aws-native:mediatailor:LiveSourceType", + "description": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` ." + } + } + }, + "aws-native:mediatailor:LiveSourceTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediatailor:LiveSourceType": { + "type": "string" + }, + "aws-native:mediatailor:PlaybackConfigurationAdMarkerPassthrough": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enables ad marker passthrough for your configuration." + } + } + }, + "aws-native:mediatailor:PlaybackConfigurationAvailSuppression": { + "type": "object", + "properties": { + "fillPolicy": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationAvailSuppressionFillPolicy", + "description": "Defines the policy to apply to the avail suppression mode. BEHIND_LIVE_EDGE will always use the full avail suppression policy. AFTER_LIVE_EDGE mode can be used to invoke partial ad break fills when a session starts mid-break. Valid values are FULL_AVAIL_ONLY and PARTIAL_AVAIL" + }, + "mode": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationAvailSuppressionMode", + "description": "Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to BEHIND_LIVE_EDGE, ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to AFTER_LIVE_EDGE, ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value." + }, + "value": { + "type": "string", + "description": "A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge." + } + } + }, + "aws-native:mediatailor:PlaybackConfigurationAvailSuppressionFillPolicy": { + "type": "string" + }, + "aws-native:mediatailor:PlaybackConfigurationAvailSuppressionMode": { + "type": "string" + }, + "aws-native:mediatailor:PlaybackConfigurationBumper": { + "type": "object", + "properties": { + "endUrl": { + "type": "string", + "description": "The URL for the end bumper asset." + }, + "startUrl": { + "type": "string", + "description": "The URL for the start bumper asset." + } + } + }, + "aws-native:mediatailor:PlaybackConfigurationCdnConfiguration": { + "type": "object", + "properties": { + "adSegmentUrlPrefix": { + "type": "string", + "description": "A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor.\u0026lt;region\u003e.amazonaws.com. Then specify the rule's name in this AdSegmentUrlPrefix. When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments." + }, + "contentSegmentUrlPrefix": { + "type": "string", + "description": "A content delivery network (CDN) to cache content segments, so that content requests don't always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this ContentSegmentUrlPrefix. When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments." + } + } + }, + "aws-native:mediatailor:PlaybackConfigurationDashConfiguration": { + "type": "object", + "properties": { + "manifestEndpointPrefix": { + "type": "string", + "description": "The URL generated by MediaTailor to initiate a DASH playback session. The session uses server-side reporting." + }, + "mpdLocation": { + "type": "string", + "description": "The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are DISABLED and EMT_DEFAULT. The EMT_DEFAULT setting enables the inclusion of the tag and is the default value." + }, + "originManifestType": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationDashConfigurationOriginManifestType", + "description": "The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to SINGLE_PERIOD. The default setting is MULTI_PERIOD. For multi-period manifests, omit this setting or set it to MULTI_PERIOD." + } + } + }, + "aws-native:mediatailor:PlaybackConfigurationDashConfigurationOriginManifestType": { + "type": "string" + }, + "aws-native:mediatailor:PlaybackConfigurationHlsConfiguration": { + "type": "object", + "properties": { + "manifestEndpointPrefix": { + "type": "string", + "description": "The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting." + } + } + }, + "aws-native:mediatailor:PlaybackConfigurationLivePreRollConfiguration": { + "type": "object", + "properties": { + "adDecisionServerUrl": { + "type": "string", + "description": "The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters." + }, + "maxDurationSeconds": { + "type": "integer", + "description": "The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns." + } + } + }, + "aws-native:mediatailor:PlaybackConfigurationManifestProcessingRules": { + "type": "object", + "properties": { + "adMarkerPassthrough": { + "$ref": "#/types/aws-native:mediatailor:PlaybackConfigurationAdMarkerPassthrough", + "description": "For HLS, when set to true, MediaTailor passes through EXT-X-CUE-IN, EXT-X-CUE-OUT, and EXT-X-SPLICEPOINT-SCTE35 ad markers from the origin manifest to the MediaTailor personalized manifest. No logic is applied to these ad markers. For example, if EXT-X-CUE-OUT has a value of 60, but no ads are filled for that ad break, MediaTailor will not set the value to 0." + } + } + }, + "aws-native:mediatailor:PlaybackConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediatailor:SourceLocationAccessConfiguration": { + "type": "object", + "properties": { + "accessType": { + "$ref": "#/types/aws-native:mediatailor:SourceLocationAccessType", + "description": "The type of authentication used to access content from `HttpConfiguration::BaseUrl` on your source location. Accepted value: `S3_SIGV4` .\n\n`S3_SIGV4` - AWS Signature Version 4 authentication for Amazon S3 hosted virtual-style access. If your source location base URL is an Amazon S3 bucket, MediaTailor can use AWS Signature Version 4 (SigV4) authentication to access the bucket where your source content is stored. Your MediaTailor source location baseURL must follow the S3 virtual hosted-style request URL format. For example, https://bucket-name.s3.Region.amazonaws.com/key-name.\n\nBefore you can use `S3_SIGV4` , you must meet these requirements:\n\n• You must allow MediaTailor to access your S3 bucket by granting mediatailor.amazonaws.com principal access in IAM. For information about configuring access in IAM, see Access management in the IAM User Guide.\n\n• The mediatailor.amazonaws.com service principal must have permissions to read all top level manifests referenced by the VodSource packaging configurations.\n\n• The caller of the API must have s3:GetObject IAM permissions to read all top level manifests referenced by your MediaTailor VodSource packaging configurations." + }, + "secretsManagerAccessTokenConfiguration": { + "$ref": "#/types/aws-native:mediatailor:SourceLocationSecretsManagerAccessTokenConfiguration", + "description": "AWS Secrets Manager access token configuration parameters." + } + } + }, + "aws-native:mediatailor:SourceLocationAccessType": { + "type": "string" + }, + "aws-native:mediatailor:SourceLocationDefaultSegmentDeliveryConfiguration": { + "type": "object", + "properties": { + "baseUrl": { + "type": "string", + "description": "\u003cp\u003eThe hostname of the server that will be used to serve segments. This string must include the protocol, such as \u003cb\u003ehttps://\u003c/b\u003e.\u003c/p\u003e" + } + } + }, + "aws-native:mediatailor:SourceLocationHttpConfiguration": { + "type": "object", + "properties": { + "baseUrl": { + "type": "string", + "description": "\u003cp\u003eThe base URL for the source location host server. This string must include the protocol, such as \u003cb\u003ehttps://\u003c/b\u003e.\u003c/p\u003e" + } + } + }, + "aws-native:mediatailor:SourceLocationSecretsManagerAccessTokenConfiguration": { + "type": "object", + "properties": { + "headerName": { + "type": "string", + "description": "\u003cp\u003eThe name of the HTTP header used to supply the access token in requests to the source location.\u003c/p\u003e" + }, + "secretArn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.\u003c/p\u003e" + }, + "secretStringKey": { + "type": "string", + "description": "\u003cp\u003eThe AWS Secrets Manager \u003ca href=\"https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html#SecretsManager-CreateSecret-request-SecretString.html\"\u003eSecretString\u003c/a\u003e key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.\u003c/p\u003e" + } + } + }, + "aws-native:mediatailor:SourceLocationSegmentDeliveryConfiguration": { + "type": "object", + "properties": { + "baseUrl": { + "type": "string", + "description": "\u003cp\u003eThe base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as \u003ccode\u003ehttps://example.com/some/path\u003c/code\u003e. To use a relative URL specify the relative path, such as \u003ccode\u003e/some/path*\u003c/code\u003e.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eA unique identifier used to distinguish between multiple segment delivery configurations in a source location.\u003c/p\u003e" + } + } + }, + "aws-native:mediatailor:SourceLocationTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediatailor:VodSourceHttpPackageConfiguration": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "\u003cp\u003eThe relative path to the URL for this VOD source. This is combined with \u003ccode\u003eSourceLocation::HttpConfiguration::BaseUrl\u003c/code\u003e to form a valid URL.\u003c/p\u003e" + }, + "sourceGroup": { + "type": "string", + "description": "\u003cp\u003eThe name of the source group. This has to match one of the \u003ccode\u003eChannel::Outputs::SourceGroup\u003c/code\u003e.\u003c/p\u003e" + }, + "type": { + "$ref": "#/types/aws-native:mediatailor:VodSourceType", + "description": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` ." + } + } + }, + "aws-native:mediatailor:VodSourceTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:mediatailor:VodSourceType": { + "type": "string" + }, + "aws-native:memorydb:AclTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with 'aws:'. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:memorydb:AuthenticationModeProperties": { + "type": "object", + "properties": { + "passwords": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Passwords used for this user account. You can create up to two passwords for each user." + }, + "type": { + "$ref": "#/types/aws-native:memorydb:UserAuthenticationModePropertiesType", + "description": "Type of authentication strategy for this user." + } + } + }, + "aws-native:memorydb:ClusterDataTieringStatus": { + "type": "string" + }, + "aws-native:memorydb:ClusterEndpoint": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "The DNS address of the primary read-write node." + }, + "port": { + "type": "integer", + "description": "The port number that the engine is listening on. " + } + } + }, + "aws-native:memorydb:ClusterTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag. May not be null." + }, + "value": { + "type": "string", + "description": "The tag's value. May be null." + } + } + }, + "aws-native:memorydb:ParameterGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag. May not be null." + }, + "value": { + "type": "string", + "description": "The tag's value. May be null." + } + } + }, + "aws-native:memorydb:SubnetGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag. May not be null." + }, + "value": { + "type": "string", + "description": "The tag's value. May be null." + } + } + }, + "aws-native:memorydb:UserAuthenticationModePropertiesType": { + "type": "string" + }, + "aws-native:memorydb:UserTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with 'aws:'. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:msk:ClusterBrokerLogs": { + "type": "object", + "properties": { + "cloudWatchLogs": { + "$ref": "#/types/aws-native:msk:ClusterCloudWatchLogs", + "description": "Details of the CloudWatch Logs destination for broker logs." + }, + "firehose": { + "$ref": "#/types/aws-native:msk:ClusterFirehose", + "description": "Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs." + }, + "s3": { + "$ref": "#/types/aws-native:msk:ClusterS3", + "description": "Details of the Amazon S3 destination for broker logs." + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:msk:ClusterBrokerNodeGroupInfo": { + "type": "object", + "properties": { + "brokerAzDistribution": { + "type": "string", + "description": "This parameter is currently not in use.", + "replaceOnChanges": true + }, + "clientSubnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces inside these subnets. Client applications use elastic network interfaces to produce and consume data.\n\nIf you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.\n\nClient subnets can't occupy the Availability Zone with ID `use1-az3` .", + "replaceOnChanges": true + }, + "connectivityInfo": { + "$ref": "#/types/aws-native:msk:ClusterConnectivityInfo", + "description": "Information about the cluster's connectivity setting." + }, + "instanceType": { + "type": "string", + "description": "The type of Amazon EC2 instances to use for brokers. The following instance types are allowed: kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge, and kafka.t3.small." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security groups to associate with the elastic network interfaces in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission.", + "replaceOnChanges": true + }, + "storageInfo": { + "$ref": "#/types/aws-native:msk:ClusterStorageInfo", + "description": "Contains information about storage volumes attached to Amazon MSK broker nodes." + } + }, + "irreversibleNames": { + "brokerAzDistribution": "BrokerAZDistribution" + } + }, + "aws-native:msk:ClusterClientAuthentication": { + "type": "object", + "properties": { + "sasl": { + "$ref": "#/types/aws-native:msk:ClusterSasl", + "description": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true." + }, + "tls": { + "$ref": "#/types/aws-native:msk:ClusterTls", + "description": "Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS` ." + }, + "unauthenticated": { + "$ref": "#/types/aws-native:msk:ClusterUnauthenticated", + "description": "Details for ClientAuthentication using no authentication." + } + } + }, + "aws-native:msk:ClusterCloudWatchLogs": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Specifies whether broker logs get sent to the specified CloudWatch Logs destination." + }, + "logGroup": { + "type": "string", + "description": "The CloudWatch log group that is the destination for broker logs." + } + } + }, + "aws-native:msk:ClusterConfigurationInfo": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "ARN of the configuration to use." + }, + "revision": { + "type": "integer", + "description": "The revision of the configuration to use." + } + } + }, + "aws-native:msk:ClusterConnectivityInfo": { + "type": "object", + "properties": { + "publicAccess": { + "$ref": "#/types/aws-native:msk:ClusterPublicAccess", + "description": "Access control settings for the cluster's brokers." + }, + "vpcConnectivity": { + "$ref": "#/types/aws-native:msk:ClusterVpcConnectivity", + "description": "VPC connection control settings for brokers" + } + } + }, + "aws-native:msk:ClusterEbsStorageInfo": { + "type": "object", + "properties": { + "provisionedThroughput": { + "$ref": "#/types/aws-native:msk:ClusterProvisionedThroughput", + "description": "EBS volume provisioned throughput information." + }, + "volumeSize": { + "type": "integer", + "description": "The size in GiB of the EBS volume for the data drive on each broker node." + } + } + }, + "aws-native:msk:ClusterEncryptionAtRest": { + "type": "object", + "properties": { + "dataVolumeKmsKeyId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it." + } + }, + "irreversibleNames": { + "dataVolumeKmsKeyId": "DataVolumeKMSKeyId" + } + }, + "aws-native:msk:ClusterEncryptionInTransit": { + "type": "object", + "properties": { + "clientBroker": { + "$ref": "#/types/aws-native:msk:ClusterEncryptionInTransitClientBroker", + "description": "Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.\n\n`TLS` means that client-broker communication is enabled with TLS only.\n\n`TLS_PLAINTEXT` means that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.\n\n`PLAINTEXT` means that client-broker communication is enabled in plaintext only.\n\nThe default value is `TLS` ." + }, + "inCluster": { + "type": "boolean", + "description": "When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.\n\nThe default value is true.", + "replaceOnChanges": true + } + } + }, + "aws-native:msk:ClusterEncryptionInTransitClientBroker": { + "type": "string" + }, + "aws-native:msk:ClusterEncryptionInfo": { + "type": "object", + "properties": { + "encryptionAtRest": { + "$ref": "#/types/aws-native:msk:ClusterEncryptionAtRest", + "description": "The data-volume encryption details.", + "replaceOnChanges": true + }, + "encryptionInTransit": { + "$ref": "#/types/aws-native:msk:ClusterEncryptionInTransit", + "description": "The details for encryption in transit." + } + } + }, + "aws-native:msk:ClusterEnhancedMonitoring": { + "type": "string" + }, + "aws-native:msk:ClusterFirehose": { + "type": "object", + "properties": { + "deliveryStream": { + "type": "string", + "description": "The Kinesis Data Firehose delivery stream that is the destination for broker logs." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether broker logs get sent to the specified Kinesis Data Firehose delivery stream." + } + } + }, + "aws-native:msk:ClusterIam": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "SASL/IAM authentication is enabled or not." + } + } + }, + "aws-native:msk:ClusterJmxExporter": { + "type": "object", + "properties": { + "enabledInBroker": { + "type": "boolean", + "description": "Indicates whether you want to enable or disable the JMX Exporter." + } + } + }, + "aws-native:msk:ClusterLoggingInfo": { + "type": "object", + "properties": { + "brokerLogs": { + "$ref": "#/types/aws-native:msk:ClusterBrokerLogs", + "description": "You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations." + } + } + }, + "aws-native:msk:ClusterNodeExporter": { + "type": "object", + "properties": { + "enabledInBroker": { + "type": "boolean", + "description": "Indicates whether you want to enable or disable the Node Exporter." + } + } + }, + "aws-native:msk:ClusterOpenMonitoring": { + "type": "object", + "properties": { + "prometheus": { + "$ref": "#/types/aws-native:msk:ClusterPrometheus", + "description": "Prometheus exporter settings." + } + } + }, + "aws-native:msk:ClusterPrometheus": { + "type": "object", + "properties": { + "jmxExporter": { + "$ref": "#/types/aws-native:msk:ClusterJmxExporter", + "description": "Indicates whether you want to enable or disable the JMX Exporter." + }, + "nodeExporter": { + "$ref": "#/types/aws-native:msk:ClusterNodeExporter", + "description": "Indicates whether you want to enable or disable the Node Exporter." + } + } + }, + "aws-native:msk:ClusterProvisionedThroughput": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Provisioned throughput is enabled or not." + }, + "volumeThroughput": { + "type": "integer", + "description": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second." + } + } + }, + "aws-native:msk:ClusterPublicAccess": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on." + } + } + }, + "aws-native:msk:ClusterS3": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the S3 bucket that is the destination for broker logs." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether broker logs get sent to the specified Amazon S3 destination." + }, + "prefix": { + "type": "string", + "description": "The S3 prefix that is the destination for broker logs." + } + } + }, + "aws-native:msk:ClusterSasl": { + "type": "object", + "properties": { + "iam": { + "$ref": "#/types/aws-native:msk:ClusterIam", + "description": "Details for ClientAuthentication using IAM." + }, + "scram": { + "$ref": "#/types/aws-native:msk:ClusterScram", + "description": "Details for SASL/SCRAM client authentication." + } + } + }, + "aws-native:msk:ClusterScram": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "SASL/SCRAM authentication is enabled or not." + } + } + }, + "aws-native:msk:ClusterStorageInfo": { + "type": "object", + "properties": { + "ebsStorageInfo": { + "$ref": "#/types/aws-native:msk:ClusterEbsStorageInfo", + "description": "EBS volume information." + } + }, + "irreversibleNames": { + "ebsStorageInfo": "EBSStorageInfo" + } + }, + "aws-native:msk:ClusterStorageMode": { + "type": "string" + }, + "aws-native:msk:ClusterTls": { + "type": "object", + "properties": { + "certificateAuthorityArnList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of AWS Private CA Amazon Resource Name (ARN)s." + }, + "enabled": { + "type": "boolean", + "description": "TLS authentication is enabled or not." + } + } + }, + "aws-native:msk:ClusterUnauthenticated": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Unauthenticated is enabled or not." + } + } + }, + "aws-native:msk:ClusterVpcConnectivity": { + "type": "object", + "properties": { + "clientAuthentication": { + "$ref": "#/types/aws-native:msk:ClusterVpcConnectivityClientAuthentication", + "description": "VPC connection control settings for brokers." + } + } + }, + "aws-native:msk:ClusterVpcConnectivityClientAuthentication": { + "type": "object", + "properties": { + "sasl": { + "$ref": "#/types/aws-native:msk:ClusterVpcConnectivitySasl", + "description": "Details for VpcConnectivity ClientAuthentication using SASL." + }, + "tls": { + "$ref": "#/types/aws-native:msk:ClusterVpcConnectivityTls", + "description": "Details for VpcConnectivity ClientAuthentication using TLS." + } + } + }, + "aws-native:msk:ClusterVpcConnectivityIam": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "SASL/IAM authentication is enabled or not." + } + } + }, + "aws-native:msk:ClusterVpcConnectivitySasl": { + "type": "object", + "properties": { + "iam": { + "$ref": "#/types/aws-native:msk:ClusterVpcConnectivityIam", + "description": "Details for ClientAuthentication using IAM for VpcConnectivity." + }, + "scram": { + "$ref": "#/types/aws-native:msk:ClusterVpcConnectivityScram", + "description": "Details for SASL/SCRAM client authentication for VpcConnectivity." + } + } + }, + "aws-native:msk:ClusterVpcConnectivityScram": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "SASL/SCRAM authentication is enabled or not." + } + } + }, + "aws-native:msk:ClusterVpcConnectivityTls": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "TLS authentication is enabled or not." + } + } + }, + "aws-native:msk:ConfigurationLatestRevision": { + "type": "object", + "properties": { + "creationTime": { + "type": "string" + }, + "description": { + "type": "string" + }, + "revision": { + "type": "integer" + } + } + }, + "aws-native:msk:ReplicatorAmazonMskCluster": { + "type": "object", + "properties": { + "mskClusterArn": { + "type": "string", + "description": "The ARN of an Amazon MSK cluster." + } + } + }, + "aws-native:msk:ReplicatorConsumerGroupReplication": { + "type": "object", + "properties": { + "consumerGroupsToExclude": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of regular expression patterns indicating the consumer groups that should not be replicated." + }, + "consumerGroupsToReplicate": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of regular expression patterns indicating the consumer groups to copy." + }, + "detectAndCopyNewConsumerGroups": { + "type": "boolean", + "description": "Whether to periodically check for new consumer groups." + }, + "synchroniseConsumerGroupOffsets": { + "type": "boolean", + "description": "Whether to periodically write the translated offsets to __consumer_offsets topic in target cluster." + } + } + }, + "aws-native:msk:ReplicatorKafkaCluster": { + "type": "object", + "properties": { + "amazonMskCluster": { + "$ref": "#/types/aws-native:msk:ReplicatorAmazonMskCluster", + "description": "Details of an Amazon MSK cluster. Exactly one of AmazonMskCluster is required." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:msk:ReplicatorKafkaClusterClientVpcConfig", + "description": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster." + } + } + }, + "aws-native:msk:ReplicatorKafkaClusterClientVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The AWS security groups to associate with the elastic network interfaces in order to specify what the replicator has access to. If a security group is not specified, the default security group associated with the VPC is used." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of subnets to connect to in the virtual private cloud (VPC). AWS creates elastic network interfaces inside these subnets." + } + } + }, + "aws-native:msk:ReplicatorReplicationInfo": { + "type": "object", + "properties": { + "consumerGroupReplication": { + "$ref": "#/types/aws-native:msk:ReplicatorConsumerGroupReplication", + "description": "Configuration relating to consumer group replication." + }, + "sourceKafkaClusterArn": { + "type": "string", + "description": "Amazon Resource Name of the source Kafka cluster." + }, + "targetCompressionType": { + "$ref": "#/types/aws-native:msk:ReplicatorReplicationInfoTargetCompressionType", + "description": "The type of compression to use writing records to target Kafka cluster." + }, + "targetKafkaClusterArn": { + "type": "string", + "description": "Amazon Resource Name of the target Kafka cluster." + }, + "topicReplication": { + "$ref": "#/types/aws-native:msk:ReplicatorTopicReplication", + "description": "Configuration relating to topic replication." + } + } + }, + "aws-native:msk:ReplicatorReplicationInfoTargetCompressionType": { + "type": "string" + }, + "aws-native:msk:ReplicatorReplicationStartingPosition": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:msk:ReplicatorReplicationStartingPositionType" + } + } + }, + "aws-native:msk:ReplicatorReplicationStartingPositionType": { + "type": "string" + }, + "aws-native:msk:ReplicatorTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:msk:ReplicatorTopicReplication": { + "type": "object", + "properties": { + "copyAccessControlListsForTopics": { + "type": "boolean", + "description": "Whether to periodically configure remote topic ACLs to match their corresponding upstream topics." + }, + "copyTopicConfigurations": { + "type": "boolean", + "description": "Whether to periodically configure remote topics to match their corresponding upstream topics." + }, + "detectAndCopyNewTopics": { + "type": "boolean", + "description": "Whether to periodically check for new topics and partitions." + }, + "startingPosition": { + "$ref": "#/types/aws-native:msk:ReplicatorReplicationStartingPosition", + "description": "Configuration for specifying the position in the topics to start replicating from." + }, + "topicsToExclude": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of regular expression patterns indicating the topics that should not be replicated." + }, + "topicsToReplicate": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of regular expression patterns indicating the topics to copy." + } + } + }, + "aws-native:msk:ServerlessClusterClientAuthentication": { + "type": "object", + "properties": { + "sasl": { + "$ref": "#/types/aws-native:msk:ServerlessClusterSasl", + "description": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true." + } + } + }, + "aws-native:msk:ServerlessClusterIam": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "SASL/IAM authentication is enabled or not." + } + } + }, + "aws-native:msk:ServerlessClusterSasl": { + "type": "object", + "properties": { + "iam": { + "$ref": "#/types/aws-native:msk:ServerlessClusterIam", + "description": "Details for ClientAuthentication using IAM." + } + } + }, + "aws-native:msk:ServerlessClusterVpcConfig": { + "type": "object", + "properties": { + "securityGroups": { + "type": "array", + "items": { + "type": "string" + } + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:msk:VpcConnectionAuthentication": { + "type": "string" + }, + "aws-native:mwaa:EnvironmentEndpointManagement": { + "type": "string" + }, + "aws-native:mwaa:EnvironmentLoggingConfiguration": { + "type": "object", + "properties": { + "dagProcessingLogs": { + "$ref": "#/types/aws-native:mwaa:EnvironmentModuleLoggingConfiguration", + "description": "Defines the processing logs sent to CloudWatch Logs and the logging level to send." + }, + "schedulerLogs": { + "$ref": "#/types/aws-native:mwaa:EnvironmentModuleLoggingConfiguration", + "description": "Defines the scheduler logs sent to CloudWatch Logs and the logging level to send." + }, + "taskLogs": { + "$ref": "#/types/aws-native:mwaa:EnvironmentModuleLoggingConfiguration", + "description": "Defines the task logs sent to CloudWatch Logs and the logging level to send." + }, + "webserverLogs": { + "$ref": "#/types/aws-native:mwaa:EnvironmentModuleLoggingConfiguration", + "description": "Defines the web server logs sent to CloudWatch Logs and the logging level to send." + }, + "workerLogs": { + "$ref": "#/types/aws-native:mwaa:EnvironmentModuleLoggingConfiguration", + "description": "Defines the worker logs sent to CloudWatch Logs and the logging level to send." + } + } + }, + "aws-native:mwaa:EnvironmentLoggingLevel": { + "type": "string" + }, + "aws-native:mwaa:EnvironmentModuleLoggingConfiguration": { + "type": "object", + "properties": { + "cloudWatchLogGroupArn": { + "type": "string", + "description": "The ARN of the CloudWatch Logs log group for each type of Apache Airflow log type that you have enabled.\n\n\u003e `CloudWatchLogGroupArn` is available only as a return value, accessible when specified as an attribute in the [`Fn:GetAtt`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#aws-resource-mwaa-environment-return-values) intrinsic function. Any value you provide for `CloudWatchLogGroupArn` is discarded by Amazon MWAA." + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether to enable the Apache Airflow log type (e.g. `DagProcessingLogs` ) in CloudWatch Logs." + }, + "logLevel": { + "$ref": "#/types/aws-native:mwaa:EnvironmentLoggingLevel", + "description": "Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. Valid values: `CRITICAL` , `ERROR` , `WARNING` , `INFO` ." + } + } + }, + "aws-native:mwaa:EnvironmentNetworkConfiguration": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security groups to use for the environment." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of subnets to use for the environment. These must be private subnets, in the same VPC, in two different availability zones.", + "replaceOnChanges": true + } + } + }, + "aws-native:mwaa:EnvironmentWebserverAccessMode": { + "type": "string" + }, + "aws-native:neptune:DbClusterDbClusterRole": { + "type": "object", + "properties": { + "featureName": { + "type": "string", + "description": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. For the list of supported feature names, see DBEngineVersion in the Amazon Neptune API Reference." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster." + } + } + }, + "aws-native:neptune:DbClusterServerlessScalingConfiguration": { + "type": "object", + "properties": { + "maxCapacity": { + "type": "number", + "description": "The maximum number of Neptune capacity units (NCUs) for a DB instance in an Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on. The smallest value you can use is 2.5, whereas the largest is 128." + }, + "minCapacity": { + "type": "number", + "description": "The minimum number of Neptune capacity units (NCUs) for a DB instance in an Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on. The smallest value you can use is 1, whereas the largest is 128." + } + } + }, + "aws-native:neptune:DbClusterTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:neptunegraph:GraphTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:neptunegraph:GraphVectorSearchConfiguration": { + "type": "object", + "properties": { + "vectorSearchDimension": { + "type": "integer", + "description": "The vector search dimension" + } + } + }, + "aws-native:networkfirewall:FirewallPolicy": { + "type": "object", + "properties": { + "policyVariables": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyPolicyVariablesProperties", + "description": "Contains variables that you can use to override default Suricata settings in your firewall policy." + }, + "statefulDefaultActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order.\n\nValid values of the stateful default action:\n\n- aws:drop_strict\n- aws:drop_established\n- aws:alert_strict\n- aws:alert_established\n\nFor more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* ." + }, + "statefulEngineOptions": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyStatefulEngineOptions", + "description": "Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings." + }, + "statefulRuleGroupReferences": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyStatefulRuleGroupReference" + }, + "description": "References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules." + }, + "statelessCustomActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyCustomAction" + }, + "description": "The custom action definitions that are available for use in the firewall policy's `StatelessDefaultActions` setting. You name each custom action that you define, and then you can use it by name in your default actions specifications." + }, + "statelessDefaultActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions to take on a packet if it doesn't match any of the stateless rules in the policy. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \"customActionName\"]` . For information about compatibility, see the custom action descriptions." + }, + "statelessFragmentDefaultActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. If you want non-matching fragmented packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \"customActionName\"]` . For information about compatibility, see the custom action descriptions." + }, + "statelessRuleGroupReferences": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyStatelessRuleGroupReference" + }, + "description": "References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules." + }, + "tlsInspectionConfigurationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the TLS inspection configuration." + } + }, + "irreversibleNames": { + "tlsInspectionConfigurationArn": "TLSInspectionConfigurationArn" + } + }, + "aws-native:networkfirewall:FirewallPolicyActionDefinition": { + "type": "object", + "properties": { + "publishMetricAction": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyPublishMetricAction", + "description": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it." + } + } + }, + "aws-native:networkfirewall:FirewallPolicyCustomAction": { + "type": "object", + "properties": { + "actionDefinition": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyActionDefinition", + "description": "The custom action associated with the action name." + }, + "actionName": { + "type": "string", + "description": "The descriptive name of the custom action. You can't change the name of a custom action after you create it." + } + } + }, + "aws-native:networkfirewall:FirewallPolicyDimension": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "The value to use in the custom metric dimension." + } + } + }, + "aws-native:networkfirewall:FirewallPolicyIpSet": { + "type": "object", + "properties": { + "definition": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of IP addresses and address ranges, in CIDR notation." + } + } + }, + "aws-native:networkfirewall:FirewallPolicyOverrideAction": { + "type": "string" + }, + "aws-native:networkfirewall:FirewallPolicyPolicyVariablesProperties": { + "type": "object", + "properties": { + "ruleVariables": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyIpSet" + } + } + } + }, + "aws-native:networkfirewall:FirewallPolicyPublishMetricAction": { + "type": "object", + "properties": { + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyDimension" + } + } + } + }, + "aws-native:networkfirewall:FirewallPolicyRuleOrder": { + "type": "string" + }, + "aws-native:networkfirewall:FirewallPolicyStatefulEngineOptions": { + "type": "object", + "properties": { + "ruleOrder": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyRuleOrder", + "description": "Indicates how to manage the order of stateful rule evaluation for the policy. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* ." + }, + "streamExceptionPolicy": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyStreamExceptionPolicy", + "description": "Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.\n\n- `DROP` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.\n- `CONTINUE` - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to `drop http` traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent—a TCP-layer rule using a `flow:stateless` rule would still match, as would the `aws:drop_strict` default action.\n- `REJECT` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic." + } + } + }, + "aws-native:networkfirewall:FirewallPolicyStatefulRuleGroupOverride": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyOverrideAction", + "description": "The action that changes the rule group from `DROP` to `ALERT` . This only applies to managed rule groups." + } + } + }, + "aws-native:networkfirewall:FirewallPolicyStatefulRuleGroupReference": { + "type": "object", + "properties": { + "override": { + "$ref": "#/types/aws-native:networkfirewall:FirewallPolicyStatefulRuleGroupOverride", + "description": "The action that allows the policy owner to override the behavior of the rule group within a policy." + }, + "priority": { + "type": "integer", + "description": "An integer setting that indicates the order in which to run the stateful rule groups in a single `FirewallPolicy` . This setting only applies to firewall policies that specify the `STRICT_ORDER` rule order in the stateful engine options settings.\n\nNetwork Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.\n\nYou can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on." + }, + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the stateful rule group." + } + } + }, + "aws-native:networkfirewall:FirewallPolicyStatelessRuleGroupReference": { + "type": "object", + "properties": { + "priority": { + "type": "integer", + "description": "An integer setting that indicates the order in which to run the stateless rule groups in a single `FirewallPolicy` . Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy." + }, + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the stateless rule group." + } + } + }, + "aws-native:networkfirewall:FirewallPolicyStreamExceptionPolicy": { + "type": "string" + }, + "aws-native:networkfirewall:FirewallPolicyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "The part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:networkfirewall:FirewallSubnetMapping": { + "type": "object", + "properties": { + "ipAddressType": { + "type": "string", + "description": "A IPAddressType" + }, + "subnetId": { + "type": "string", + "description": "A SubnetId." + } + }, + "irreversibleNames": { + "ipAddressType": "IPAddressType" + } + }, + "aws-native:networkfirewall:FirewallTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "The part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:networkfirewall:LoggingConfiguration": { + "type": "object", + "properties": { + "logDestinationConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:LoggingConfigurationLogDestinationConfig" + }, + "description": "Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups." + } + } + }, + "aws-native:networkfirewall:LoggingConfigurationLogDestinationConfig": { + "type": "object", + "properties": { + "logDestination": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "A key-value pair to configure the logDestinations." + }, + "logDestinationType": { + "$ref": "#/types/aws-native:networkfirewall:LoggingConfigurationLogDestinationConfigLogDestinationType", + "description": "The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream." + }, + "logType": { + "$ref": "#/types/aws-native:networkfirewall:LoggingConfigurationLogDestinationConfigLogType", + "description": "The type of log to record. You can record the following types of logs from your Network Firewall stateful engine.\n\n- `ALERT` - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see the `StatefulRule` property.\n- `FLOW` - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group.\n- `TLS` - Logs for events that are related to TLS inspection. For more information, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-configurations.html) in the *Network Firewall Developer Guide* ." + } + } + }, + "aws-native:networkfirewall:LoggingConfigurationLogDestinationConfigLogDestinationType": { + "type": "string" + }, + "aws-native:networkfirewall:LoggingConfigurationLogDestinationConfigLogType": { + "type": "string" + }, + "aws-native:networkfirewall:RuleGroup": { + "type": "object", + "properties": { + "referenceSets": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupReferenceSets", + "description": "The reference sets for the stateful rule group." + }, + "ruleVariables": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupRuleVariables", + "description": "Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups." + }, + "rulesSource": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupRulesSource", + "description": "The stateful rules or stateless rules for the rule group." + }, + "statefulRuleOptions": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupStatefulRuleOptions", + "description": "Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *AWS Network Firewall Developer Guide* ." + } + } + }, + "aws-native:networkfirewall:RuleGroupActionDefinition": { + "type": "object", + "properties": { + "publishMetricAction": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupPublishMetricAction", + "description": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it." + } + } + }, + "aws-native:networkfirewall:RuleGroupAddress": { + "type": "object", + "properties": { + "addressDefinition": { + "type": "string", + "description": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) ." + } + } + }, + "aws-native:networkfirewall:RuleGroupCustomAction": { + "type": "object", + "properties": { + "actionDefinition": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupActionDefinition", + "description": "The custom action associated with the action name." + }, + "actionName": { + "type": "string", + "description": "The descriptive name of the custom action. You can't change the name of a custom action after you create it." + } + } + }, + "aws-native:networkfirewall:RuleGroupDimension": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "The value to use in the custom metric dimension." + } + } + }, + "aws-native:networkfirewall:RuleGroupGeneratedRulesType": { + "type": "string" + }, + "aws-native:networkfirewall:RuleGroupHeader": { + "type": "object", + "properties": { + "destination": { + "type": "string", + "description": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) ." + }, + "destinationPort": { + "type": "string", + "description": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` ." + }, + "direction": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupHeaderDirection", + "description": "The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination." + }, + "protocol": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupHeaderProtocol", + "description": "The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP." + }, + "source": { + "type": "string", + "description": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) ." + }, + "sourcePort": { + "type": "string", + "description": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` ." + } + } + }, + "aws-native:networkfirewall:RuleGroupHeaderDirection": { + "type": "string" + }, + "aws-native:networkfirewall:RuleGroupHeaderProtocol": { + "type": "string" + }, + "aws-native:networkfirewall:RuleGroupIpSet": { + "type": "object", + "properties": { + "definition": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:networkfirewall:RuleGroupIpSetReference": { + "type": "object", + "properties": { + "referenceArn": { + "type": "string" + } + } + }, + "aws-native:networkfirewall:RuleGroupMatchAttributes": { + "type": "object", + "properties": { + "destinationPorts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupPortRange" + }, + "description": "The destination ports to inspect for. If not specified, this matches with any destination port. This setting is only used for protocols 6 (TCP) and 17 (UDP).\n\nYou can specify individual ports, for example `1994` and you can specify port ranges, for example `1990:1994` ." + }, + "destinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupAddress" + }, + "description": "The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address." + }, + "protocols": { + "type": "array", + "items": { + "type": "integer" + }, + "description": "The protocols to inspect for, specified using each protocol's assigned internet protocol number (IANA). If not specified, this matches with any protocol." + }, + "sourcePorts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupPortRange" + }, + "description": "The source ports to inspect for. If not specified, this matches with any source port. This setting is only used for protocols 6 (TCP) and 17 (UDP).\n\nYou can specify individual ports, for example `1994` and you can specify port ranges, for example `1990:1994` ." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupAddress" + }, + "description": "The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address." + }, + "tcpFlags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupTcpFlagField" + }, + "description": "The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP)." + } + }, + "irreversibleNames": { + "tcpFlags": "TCPFlags" + } + }, + "aws-native:networkfirewall:RuleGroupPortRange": { + "type": "object", + "properties": { + "fromPort": { + "type": "integer", + "description": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification." + }, + "toPort": { + "type": "integer", + "description": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification." + } + } + }, + "aws-native:networkfirewall:RuleGroupPortSet": { + "type": "object", + "properties": { + "definition": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:networkfirewall:RuleGroupPublishMetricAction": { + "type": "object", + "properties": { + "dimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupDimension" + } + } + } + }, + "aws-native:networkfirewall:RuleGroupReferenceSets": { + "type": "object", + "properties": { + "ipSetReferences": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupIpSetReference" + }, + "description": "The IP set references to use in the stateful rule group." + } + }, + "irreversibleNames": { + "ipSetReferences": "IPSetReferences" + } + }, + "aws-native:networkfirewall:RuleGroupRuleDefinition": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action and you can add custom actions.\n\n\u003e Network Firewall only forwards a packet for stateful rule inspection if you specify `aws:forward_to_sfe` for a rule that the packet matches, or if the packet doesn't match any stateless rule and you specify `aws:forward_to_sfe` for the `StatelessDefaultActions` setting for the `FirewallPolicy` . \n\nFor every rule, you must specify exactly one of the following standard actions.\n\n- *aws:pass* - Discontinues all inspection of the packet and permits it to go to its intended destination.\n- *aws:drop* - Discontinues all inspection of the packet and blocks it from going to its intended destination.\n- *aws:forward_to_sfe* - Discontinues stateless inspection of the packet and forwards it to the stateful rule engine for inspection.\n\nAdditionally, you can specify a custom action. To do this, you define a custom action by name and type, then provide the name you've assigned to the action in this `Actions` setting.\n\nTo provide more than one action in this setting, separate the settings with a comma. For example, if you have a publish metrics custom action that you've named `MyMetricsAction` , then you could specify the standard action `aws:pass` combined with the custom action using `[\"aws:pass\", \"MyMetricsAction\"]` ." + }, + "matchAttributes": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupMatchAttributes", + "description": "Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags." + } + } + }, + "aws-native:networkfirewall:RuleGroupRuleOption": { + "type": "object", + "properties": { + "keyword": { + "type": "string", + "description": "The Suricata rule option keywords. For Network Firewall , the keyword signature ID (sid) is required in the format `sid:112233` . The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) ." + }, + "settings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number` . For information about Suricata rule option settings, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) ." + } + } + }, + "aws-native:networkfirewall:RuleGroupRuleOrder": { + "type": "string" + }, + "aws-native:networkfirewall:RuleGroupRuleVariables": { + "type": "object", + "properties": { + "ipSets": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupIpSet" + }, + "description": "A list of IP addresses and address ranges, in CIDR notation." + }, + "portSets": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupPortSet" + }, + "description": "A list of port ranges." + } + }, + "irreversibleNames": { + "ipSets": "IPSets" + } + }, + "aws-native:networkfirewall:RuleGroupRulesSource": { + "type": "object", + "properties": { + "rulesSourceList": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupRulesSourceList", + "description": "Stateful inspection criteria for a domain list rule group." + }, + "rulesString": { + "type": "string", + "description": "Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.\n\nThese rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.\n\n\u003e You can't use the `priority` keyword if the `RuleOrder` option in `StatefulRuleOptions` is set to `STRICT_ORDER` ." + }, + "statefulRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupStatefulRule" + }, + "description": "An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata `Rules` format, see [Rules Format](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html) ." + }, + "statelessRulesAndCustomActions": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupStatelessRulesAndCustomActions", + "description": "Stateless inspection criteria to be used in a stateless rule group." + } + } + }, + "aws-native:networkfirewall:RuleGroupRulesSourceList": { + "type": "object", + "properties": { + "generatedRulesType": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupGeneratedRulesType", + "description": "Whether you want to allow or deny access to the domains in your target list." + }, + "targetTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupTargetType" + }, + "description": "The types of targets to inspect for. Valid values are `TLS_SNI` and `HTTP_HOST` ." + }, + "targets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:\n\n- Explicit names. For example, `abc.example.com` matches only the domain `abc.example.com` .\n- Names that use a domain wildcard, which you indicate with an initial ' `.` '. For example, `.example.com` matches `example.com` and matches all subdomains of `example.com` , such as `abc.example.com` and `www.example.com` ." + } + } + }, + "aws-native:networkfirewall:RuleGroupStatefulRule": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupStatefulRuleAction", + "description": "Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.\n\nThe actions for a stateful rule are defined as follows:\n\n- *PASS* - Permits the packets to go to the intended destination.\n- *DROP* - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n- *REJECT* - Drops traffic that matches the conditions of the stateful rule and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. `REJECT` is available only for TCP traffic.\n- *ALERT* - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\nYou can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with `ALERT` action, verify in the logs that the rule is filtering as you want, then change the action to `DROP` .\n- *REJECT* - Drops TCP traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. Also sends an alert log mesage if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\n`REJECT` isn't currently available for use with IMAP and FTP protocols." + }, + "header": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupHeader", + "description": "The stateful inspection criteria for this rule, used to inspect traffic flows." + }, + "ruleOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupRuleOption" + }, + "description": "Additional settings for a stateful rule, provided as keywords and settings." + } + } + }, + "aws-native:networkfirewall:RuleGroupStatefulRuleAction": { + "type": "string" + }, + "aws-native:networkfirewall:RuleGroupStatefulRuleOptions": { + "type": "object", + "properties": { + "ruleOrder": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupRuleOrder", + "description": "Indicates how to manage the order of the rule evaluation for the rule group. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* ." + } + } + }, + "aws-native:networkfirewall:RuleGroupStatelessRule": { + "type": "object", + "properties": { + "priority": { + "type": "integer", + "description": "Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group.\n\nEach stateless rule group uses exactly one `StatelessRulesAndCustomActions` object, and each `StatelessRulesAndCustomActions` contains exactly one `StatelessRules` object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single `StatelessRules` object.\n\nYou can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on." + }, + "ruleDefinition": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupRuleDefinition", + "description": "Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria." + } + } + }, + "aws-native:networkfirewall:RuleGroupStatelessRulesAndCustomActions": { + "type": "object", + "properties": { + "customActions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupCustomAction" + }, + "description": "Defines an array of individual custom action definitions that are available for use by the stateless rules in this `StatelessRulesAndCustomActions` specification. You name each custom action that you define, and then you can use it by name in your stateless rule `RuleGroup.RuleDefinition` `Actions` specification." + }, + "statelessRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupStatelessRule" + }, + "description": "Defines the set of stateless rules for use in a stateless rule group." + } + } + }, + "aws-native:networkfirewall:RuleGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "The part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:networkfirewall:RuleGroupTargetType": { + "type": "string" + }, + "aws-native:networkfirewall:RuleGroupTcpFlag": { + "type": "string" + }, + "aws-native:networkfirewall:RuleGroupTcpFlagField": { + "type": "object", + "properties": { + "flags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupTcpFlag" + }, + "description": "Used in conjunction with the `Masks` setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the `Masks` setting.\n\nFor the flags that are specified in the masks setting, the following must be true for the packet to match:\n\n- The ones that are set in this flags setting must be set in the packet.\n- The ones that are not set in this flags setting must also not be set in the packet." + }, + "masks": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:RuleGroupTcpFlag" + }, + "description": "The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting." + } + } + }, + "aws-native:networkfirewall:RuleGroupTypeEnum": { + "type": "string" + }, + "aws-native:networkfirewall:TlsInspectionConfigurationAddress": { + "type": "object", + "properties": { + "addressDefinition": { + "type": "string", + "description": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) ." + } + } + }, + "aws-native:networkfirewall:TlsInspectionConfigurationPortRange": { + "type": "object", + "properties": { + "fromPort": { + "type": "integer", + "description": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification." + }, + "toPort": { + "type": "integer", + "description": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification." + } + } + }, + "aws-native:networkfirewall:TlsInspectionConfigurationRevokedStatusAction": { + "type": "string" + }, + "aws-native:networkfirewall:TlsInspectionConfigurationServerCertificate": { + "type": "object", + "properties": { + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection." + } + } + }, + "aws-native:networkfirewall:TlsInspectionConfigurationServerCertificateConfiguration": { + "type": "object", + "properties": { + "certificateAuthorityArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* ." + }, + "checkCertificateRevocationStatus": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusProperties", + "description": "When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) ." + }, + "scopes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationServerCertificateScope" + }, + "description": "A list of scopes." + }, + "serverCertificates": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationServerCertificate" + }, + "description": "The list of server certificates to use for inbound SSL/TLS inspection." + } + } + }, + "aws-native:networkfirewall:TlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusProperties": { + "type": "object", + "properties": { + "revokedStatusAction": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationRevokedStatusAction" + }, + "unknownStatusAction": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationUnknownStatusAction" + } + } + }, + "aws-native:networkfirewall:TlsInspectionConfigurationServerCertificateScope": { + "type": "object", + "properties": { + "destinationPorts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationPortRange" + }, + "description": "The destination ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any destination port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` ." + }, + "destinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationAddress" + }, + "description": "The destination IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any destination address." + }, + "protocols": { + "type": "array", + "items": { + "type": "integer" + }, + "description": "The protocols to decrypt for inspection, specified using each protocol's assigned internet protocol number\n(IANA). Network Firewall currently supports only TCP." + }, + "sourcePorts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationPortRange" + }, + "description": "The source ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any source port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` ." + }, + "sources": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationAddress" + }, + "description": "The source IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any source address." + } + } + }, + "aws-native:networkfirewall:TlsInspectionConfigurationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "The part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:networkfirewall:TlsInspectionConfigurationTlsInspectionConfiguration": { + "type": "object", + "properties": { + "serverCertificateConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkfirewall:TlsInspectionConfigurationServerCertificateConfiguration" + }, + "description": "Lists the server certificate configurations that are associated with the TLS configuration." + } + } + }, + "aws-native:networkfirewall:TlsInspectionConfigurationUnknownStatusAction": { + "type": "string" + }, + "aws-native:networkmanager:ConnectAttachmentOptions": { + "type": "object", + "properties": { + "protocol": { + "type": "string", + "description": "Tunnel protocol for connect attachment" + } + } + }, + "aws-native:networkmanager:ConnectAttachmentProposedSegmentChange": { + "type": "object", + "properties": { + "attachmentPolicyRuleNumber": { + "type": "integer", + "description": "The rule number in the policy document that applies to this change." + }, + "segmentName": { + "type": "string", + "description": "The name of the segment to change." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkmanager:ConnectAttachmentTag" + }, + "description": "The list of key-value tags that changed for the segment." + } + } + }, + "aws-native:networkmanager:ConnectAttachmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:networkmanager:ConnectPeerBgpConfiguration": { + "type": "object", + "properties": { + "coreNetworkAddress": { + "type": "string", + "description": "The address of a core network." + }, + "coreNetworkAsn": { + "type": "number", + "description": "The ASN of the Coret Network." + }, + "peerAddress": { + "type": "string", + "description": "The address of a core network Connect peer." + }, + "peerAsn": { + "type": "number", + "description": "The ASN of the Connect peer." + } + } + }, + "aws-native:networkmanager:ConnectPeerBgpOptions": { + "type": "object", + "properties": { + "peerAsn": { + "type": "number", + "description": "The Peer ASN of the BGP." + } + } + }, + "aws-native:networkmanager:ConnectPeerConfiguration": { + "type": "object", + "properties": { + "bgpConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkmanager:ConnectPeerBgpConfiguration" + }, + "description": "The Connect peer BGP configurations." + }, + "coreNetworkAddress": { + "type": "string", + "description": "The IP address of a core network." + }, + "insideCidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The inside IP addresses used for a Connect peer configuration." + }, + "peerAddress": { + "type": "string", + "description": "The IP address of the Connect peer." + }, + "protocol": { + "type": "string", + "description": "The protocol used for a Connect peer configuration." + } + } + }, + "aws-native:networkmanager:ConnectPeerTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:networkmanager:CoreNetworkEdge": { + "type": "object", + "properties": { + "asn": { + "type": "number", + "description": "The ASN of a core network edge." + }, + "edgeLocation": { + "type": "string", + "description": "The Region where a core network edge is located." + }, + "insideCidrBlocks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The inside IP addresses used for core network edges." + } + } + }, + "aws-native:networkmanager:CoreNetworkSegment": { + "type": "object", + "properties": { + "edgeLocations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Regions where the edges are located." + }, + "name": { + "type": "string", + "description": "Name of segment" + }, + "sharedSegments": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The shared segments of a core network." + } + } + }, + "aws-native:networkmanager:CoreNetworkTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:networkmanager:DeviceAwsLocation": { + "type": "object", + "properties": { + "subnetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the subnet that the device is located in." + }, + "zone": { + "type": "string", + "description": "The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost." + } + } + }, + "aws-native:networkmanager:DeviceLocation": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "The physical address." + }, + "latitude": { + "type": "string", + "description": "The latitude." + }, + "longitude": { + "type": "string", + "description": "The longitude." + } + } + }, + "aws-native:networkmanager:DeviceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:networkmanager:GlobalNetworkTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:networkmanager:LinkBandwidth": { + "type": "object", + "properties": { + "downloadSpeed": { + "type": "integer", + "description": "Download speed in Mbps." + }, + "uploadSpeed": { + "type": "integer", + "description": "Upload speed in Mbps." + } + } + }, + "aws-native:networkmanager:LinkTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:networkmanager:SiteLocation": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "The physical address." + }, + "latitude": { + "type": "string", + "description": "The latitude." + }, + "longitude": { + "type": "string", + "description": "The longitude." + } + } + }, + "aws-native:networkmanager:SiteTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:networkmanager:SiteToSiteVpnAttachmentProposedSegmentChange": { + "type": "object", + "properties": { + "attachmentPolicyRuleNumber": { + "type": "integer", + "description": "The rule number in the policy document that applies to this change." + }, + "segmentName": { + "type": "string", + "description": "The name of the segment to change." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkmanager:SiteToSiteVpnAttachmentTag" + }, + "description": "The key-value tags that changed for the segment." + } + } + }, + "aws-native:networkmanager:SiteToSiteVpnAttachmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:networkmanager:TransitGatewayPeeringTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:networkmanager:TransitGatewayRouteTableAttachmentProposedSegmentChange": { + "type": "object", + "properties": { + "attachmentPolicyRuleNumber": { + "type": "integer", + "description": "The rule number in the policy document that applies to this change." + }, + "segmentName": { + "type": "string", + "description": "The name of the segment to change." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkmanager:TransitGatewayRouteTableAttachmentTag" + }, + "description": "The key-value tags that changed for the segment." + } + } + }, + "aws-native:networkmanager:TransitGatewayRouteTableAttachmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:networkmanager:VpcAttachmentProposedSegmentChange": { + "type": "object", + "properties": { + "attachmentPolicyRuleNumber": { + "type": "integer", + "description": "The rule number in the policy document that applies to this change." + }, + "segmentName": { + "type": "string", + "description": "The name of the segment to change." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:networkmanager:VpcAttachmentTag" + }, + "description": "The key-value tags that changed for the segment." + } + } + }, + "aws-native:networkmanager:VpcAttachmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:networkmanager:VpcAttachmentVpcOptions": { + "type": "object", + "properties": { + "applianceModeSupport": { + "type": "boolean", + "description": "Indicates whether to enable ApplianceModeSupport Support for Vpc Attachment. Valid Values: true | false" + }, + "ipv6Support": { + "type": "boolean", + "description": "Indicates whether to enable Ipv6 Support for Vpc Attachment. Valid Values: enable | disable" + } + } + }, + "aws-native:nimblestudio:LaunchProfileAutomaticTerminationMode": { + "type": "string" + }, + "aws-native:nimblestudio:LaunchProfileSessionBackupMode": { + "type": "string" + }, + "aws-native:nimblestudio:LaunchProfileSessionPersistenceMode": { + "type": "string" + }, + "aws-native:nimblestudio:LaunchProfileStreamConfiguration": { + "type": "object", + "properties": { + "automaticTerminationMode": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileAutomaticTerminationMode", + "description": "Indicates if a streaming session created from this launch profile should be terminated automatically or retained without termination after being in a `STOPPED` state.\n\n- When `ACTIVATED` , the streaming session is scheduled for termination after being in the `STOPPED` state for the time specified in `maxStoppedSessionLengthInMinutes` .\n- When `DEACTIVATED` , the streaming session can remain in the `STOPPED` state indefinitely.\n\nThis parameter is only allowed when `sessionPersistenceMode` is `ACTIVATED` . When allowed, the default value for this parameter is `DEACTIVATED` ." + }, + "clipboardMode": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileStreamingClipboardMode", + "description": "Allows or deactivates the use of the system clipboard to copy and paste between the streaming session and streaming client." + }, + "ec2InstanceTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileStreamingInstanceType" + }, + "description": "\u003cp\u003eThe EC2 instance types that users can select from when launching a streaming session\n with this launch profile.\u003c/p\u003e" + }, + "maxSessionLengthInMinutes": { + "type": "number", + "description": "\u003cp\u003eThe length of time, in minutes, that a streaming session can be active before it is\n stopped or terminated. After this point, Nimble Studio automatically terminates or\n stops the session. The default length of time is 690 minutes, and the maximum length of\n time is 30 days.\u003c/p\u003e" + }, + "maxStoppedSessionLengthInMinutes": { + "type": "number", + "description": "\u003cp\u003eInteger that determines if you can start and stop your sessions and how long a session\n can stay in the \u003ccode\u003eSTOPPED\u003c/code\u003e state. The default value is 0. The maximum value is\n 5760.\u003c/p\u003e\n \u003cp\u003eThis field is allowed only when \u003ccode\u003esessionPersistenceMode\u003c/code\u003e is\n \u003ccode\u003eACTIVATED\u003c/code\u003e and \u003ccode\u003eautomaticTerminationMode\u003c/code\u003e is\n \u003ccode\u003eACTIVATED\u003c/code\u003e.\u003c/p\u003e\n \u003cp\u003eIf the value is set to 0, your sessions can’t be \u003ccode\u003eSTOPPED\u003c/code\u003e. If you then\n call \u003ccode\u003eStopStreamingSession\u003c/code\u003e, the session fails. If the time that a session\n stays in the \u003ccode\u003eREADY\u003c/code\u003e state exceeds the \u003ccode\u003emaxSessionLengthInMinutes\u003c/code\u003e\n value, the session will automatically be terminated (instead of\n \u003ccode\u003eSTOPPED\u003c/code\u003e).\u003c/p\u003e\n \u003cp\u003eIf the value is set to a positive number, the session can be stopped. You can call\n \u003ccode\u003eStopStreamingSession\u003c/code\u003e to stop sessions in the \u003ccode\u003eREADY\u003c/code\u003e state.\n If the time that a session stays in the \u003ccode\u003eREADY\u003c/code\u003e state exceeds the\n \u003ccode\u003emaxSessionLengthInMinutes\u003c/code\u003e value, the session will automatically be\n stopped (instead of terminated).\u003c/p\u003e" + }, + "sessionBackup": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileStreamConfigurationSessionBackup", + "description": "Information about the streaming session backup." + }, + "sessionPersistenceMode": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileSessionPersistenceMode", + "description": "Determine if a streaming session created from this launch profile can configure persistent storage. This means that `volumeConfiguration` and `automaticTerminationMode` are configured." + }, + "sessionStorage": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileStreamConfigurationSessionStorage", + "description": "The upload storage for a streaming session." + }, + "streamingImageIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe streaming images that users can select from when launching a streaming session\n with this launch profile.\u003c/p\u003e" + }, + "volumeConfiguration": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileVolumeConfiguration", + "description": "Custom volume configuration for the root volumes that are attached to streaming sessions.\n\nThis parameter is only allowed when `sessionPersistenceMode` is `ACTIVATED` ." + } + } + }, + "aws-native:nimblestudio:LaunchProfileStreamConfigurationSessionBackup": { + "type": "object", + "properties": { + "maxBackupsToRetain": { + "type": "number", + "description": "\u003cp\u003eThe maximum number of backups that each streaming session created from this launch\n profile can have.\u003c/p\u003e" + }, + "mode": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileSessionBackupMode", + "description": "Specifies how artists sessions are backed up.\n\nConfigures backups for streaming sessions launched with this launch profile. The default value is `DEACTIVATED` , which means that backups are deactivated. To allow backups, set this value to `AUTOMATIC` ." + } + } + }, + "aws-native:nimblestudio:LaunchProfileStreamConfigurationSessionStorage": { + "type": "object", + "properties": { + "mode": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileStreamingSessionStorageMode" + }, + "description": "\u003cp\u003eAllows artists to upload files to their workstations. The only valid option is\n \u003ccode\u003eUPLOAD\u003c/code\u003e.\u003c/p\u003e" + }, + "root": { + "$ref": "#/types/aws-native:nimblestudio:LaunchProfileStreamingSessionStorageRoot", + "description": "The configuration for the upload storage root of the streaming session." + } + } + }, + "aws-native:nimblestudio:LaunchProfileStreamingClipboardMode": { + "type": "string" + }, + "aws-native:nimblestudio:LaunchProfileStreamingInstanceType": { + "type": "string" + }, + "aws-native:nimblestudio:LaunchProfileStreamingSessionStorageMode": { + "type": "string" + }, + "aws-native:nimblestudio:LaunchProfileStreamingSessionStorageRoot": { + "type": "object", + "properties": { + "linux": { + "type": "string", + "description": "\u003cp\u003eThe folder path in Linux workstations where files are uploaded.\u003c/p\u003e" + }, + "windows": { + "type": "string", + "description": "\u003cp\u003eThe folder path in Windows workstations where files are uploaded.\u003c/p\u003e" + } + } + }, + "aws-native:nimblestudio:LaunchProfileVolumeConfiguration": { + "type": "object", + "properties": { + "iops": { + "type": "number", + "description": "\u003cp\u003eThe number of I/O operations per second for the root volume that is attached to\n streaming session.\u003c/p\u003e" + }, + "size": { + "type": "number", + "description": "\u003cp\u003eThe size of the root volume that is attached to the streaming session. The root volume\n size is measured in GiBs.\u003c/p\u003e" + }, + "throughput": { + "type": "number", + "description": "\u003cp\u003eThe throughput to provision for the root volume that is attached to the streaming\n session. The throughput is measured in MiB/s.\u003c/p\u003e" + } + } + }, + "aws-native:nimblestudio:StreamingImageEncryptionConfiguration": { + "type": "object", + "properties": { + "keyArn": { + "type": "string", + "description": "\u003cp\u003eThe ARN for a KMS key that is used to encrypt studio data.\u003c/p\u003e" + }, + "keyType": { + "$ref": "#/types/aws-native:nimblestudio:StreamingImageEncryptionConfigurationKeyType", + "description": "The type of KMS key that is used to encrypt studio data." + } + } + }, + "aws-native:nimblestudio:StreamingImageEncryptionConfigurationKeyType": { + "type": "string" + }, + "aws-native:nimblestudio:StudioComponentActiveDirectoryComputerAttribute": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eThe name for the LDAP attribute.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eThe value for the LDAP attribute.\u003c/p\u003e" + } + } + }, + "aws-native:nimblestudio:StudioComponentActiveDirectoryConfiguration": { + "type": "object", + "properties": { + "computerAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentActiveDirectoryComputerAttribute" + }, + "description": "\u003cp\u003eA collection of custom attributes for an Active Directory computer.\u003c/p\u003e" + }, + "directoryId": { + "type": "string", + "description": "\u003cp\u003eThe directory ID of the Directory Service for Microsoft Active Directory to access\n using this studio component.\u003c/p\u003e" + }, + "organizationalUnitDistinguishedName": { + "type": "string", + "description": "\u003cp\u003eThe distinguished name (DN) and organizational unit (OU) of an Active Directory\n computer.\u003c/p\u003e" + } + } + }, + "aws-native:nimblestudio:StudioComponentComputeFarmConfiguration": { + "type": "object", + "properties": { + "activeDirectoryUser": { + "type": "string", + "description": "\u003cp\u003eThe name of an Active Directory user that is used on ComputeFarm worker\n instances.\u003c/p\u003e" + }, + "endpoint": { + "type": "string", + "description": "\u003cp\u003eThe endpoint of the ComputeFarm that is accessed by the studio component\n resource.\u003c/p\u003e" + } + } + }, + "aws-native:nimblestudio:StudioComponentConfiguration0Properties": { + "type": "object", + "properties": { + "activeDirectoryConfiguration": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentActiveDirectoryConfiguration" + } + } + }, + "aws-native:nimblestudio:StudioComponentConfiguration1Properties": { + "type": "object", + "properties": { + "computeFarmConfiguration": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentComputeFarmConfiguration" + } + } + }, + "aws-native:nimblestudio:StudioComponentConfiguration2Properties": { + "type": "object", + "properties": { + "licenseServiceConfiguration": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentLicenseServiceConfiguration" + } + } + }, + "aws-native:nimblestudio:StudioComponentConfiguration3Properties": { + "type": "object", + "properties": { + "sharedFileSystemConfiguration": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentSharedFileSystemConfiguration" + } + } + }, + "aws-native:nimblestudio:StudioComponentInitializationScript": { + "type": "object", + "properties": { + "launchProfileProtocolVersion": { + "type": "string", + "description": "\u003cp\u003eThe version number of the protocol that is used by the launch profile. The only valid\n version is \"2021-03-31\".\u003c/p\u003e" + }, + "platform": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentLaunchProfilePlatform", + "description": "The platform of the initialization script, either Windows or Linux." + }, + "runContext": { + "$ref": "#/types/aws-native:nimblestudio:StudioComponentInitializationScriptRunContext", + "description": "The method to use when running the initialization script." + }, + "script": { + "type": "string", + "description": "\u003cp\u003eThe initialization script.\u003c/p\u003e" + } + } + }, + "aws-native:nimblestudio:StudioComponentInitializationScriptRunContext": { + "type": "string" + }, + "aws-native:nimblestudio:StudioComponentLaunchProfilePlatform": { + "type": "string" + }, + "aws-native:nimblestudio:StudioComponentLicenseServiceConfiguration": { + "type": "object", + "properties": { + "endpoint": { + "type": "string", + "description": "\u003cp\u003eThe endpoint of the license service that is accessed by the studio component\n resource.\u003c/p\u003e" + } + } + }, + "aws-native:nimblestudio:StudioComponentScriptParameterKeyValue": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eA script parameter key.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eA script parameter value.\u003c/p\u003e" + } + } + }, + "aws-native:nimblestudio:StudioComponentSharedFileSystemConfiguration": { + "type": "object", + "properties": { + "endpoint": { + "type": "string", + "description": "\u003cp\u003eThe endpoint of the shared file system that is accessed by the studio component\n resource.\u003c/p\u003e" + }, + "fileSystemId": { + "type": "string", + "description": "\u003cp\u003eThe unique identifier for a file system.\u003c/p\u003e" + }, + "linuxMountPoint": { + "type": "string", + "description": "\u003cp\u003eThe mount location for a shared file system on a Linux virtual workstation.\u003c/p\u003e" + }, + "shareName": { + "type": "string", + "description": "\u003cp\u003eThe name of the file share.\u003c/p\u003e" + }, + "windowsMountDrive": { + "type": "string", + "description": "\u003cp\u003eThe mount location for a shared file system on a Windows virtual workstation.\u003c/p\u003e" + } + } + }, + "aws-native:nimblestudio:StudioComponentSubtype": { + "type": "string" + }, + "aws-native:nimblestudio:StudioComponentType": { + "type": "string" + }, + "aws-native:nimblestudio:StudioEncryptionConfiguration": { + "type": "object", + "properties": { + "keyArn": { + "type": "string", + "description": "\u003cp\u003eThe ARN for a KMS key that is used to encrypt studio data.\u003c/p\u003e" + }, + "keyType": { + "$ref": "#/types/aws-native:nimblestudio:StudioEncryptionConfigurationKeyType", + "description": "The type of KMS key that is used to encrypt studio data." + } + } + }, + "aws-native:nimblestudio:StudioEncryptionConfigurationKeyType": { + "type": "string" + }, + "aws-native:oam:LinkConfiguration": { + "type": "object", + "properties": { + "logGroupConfiguration": { + "$ref": "#/types/aws-native:oam:LinkFilter", + "description": "Use this structure to filter which log groups are to share log events from this source account to the monitoring account." + }, + "metricConfiguration": { + "$ref": "#/types/aws-native:oam:LinkFilter", + "description": "Use this structure to filter which metric namespaces are to be shared from the source account to the monitoring account." + } + } + }, + "aws-native:oam:LinkFilter": { + "type": "object", + "properties": { + "filter": { + "type": "string", + "description": "When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account\n\nWhen used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands.\n\nUse single quotation marks (') around log group names and metric namespaces.\n\nThe matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` .\n\n- `=` and `!=`\n- `AND`\n- `OR`\n- `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include.\n- `IN` and `NOT IN` , using parentheses `( )`\n\nExamples:\n\n- `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces.\n- `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces.\n- `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces.\n- `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` .\n- `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` .\n- `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` .\n\n\u003e If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account." + } + } + }, + "aws-native:oam:LinkResourceType": { + "type": "string" + }, + "aws-native:omics:AnnotationStoreAnnotationType": { + "type": "string" + }, + "aws-native:omics:AnnotationStoreEncryptionType": { + "type": "string" + }, + "aws-native:omics:AnnotationStoreReferenceItem": { + "type": "object", + "properties": { + "referenceArn": { + "type": "string", + "description": "The reference's ARN." + } + } + }, + "aws-native:omics:AnnotationStoreSchemaValueType": { + "type": "string" + }, + "aws-native:omics:AnnotationStoreSseConfig": { + "type": "object", + "properties": { + "keyArn": { + "type": "string", + "description": "An encryption key ARN." + }, + "type": { + "$ref": "#/types/aws-native:omics:AnnotationStoreEncryptionType", + "description": "The encryption type." + } + } + }, + "aws-native:omics:AnnotationStoreStoreFormat": { + "type": "string" + }, + "aws-native:omics:AnnotationStoreStoreOptions0Properties": { + "type": "object", + "properties": { + "tsvStoreOptions": { + "$ref": "#/types/aws-native:omics:AnnotationStoreTsvStoreOptions" + } + } + }, + "aws-native:omics:AnnotationStoreStoreOptionsProperties": { + "type": "object", + "properties": { + "tsvStoreOptions": { + "$ref": "#/types/aws-native:omics:AnnotationStoreTsvStoreOptions" + } + } + }, + "aws-native:omics:AnnotationStoreStoreStatus": { + "type": "string" + }, + "aws-native:omics:AnnotationStoreTsvStoreOptions": { + "type": "object", + "properties": { + "annotationType": { + "$ref": "#/types/aws-native:omics:AnnotationStoreAnnotationType" + }, + "formatToHeader": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "schema": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:omics:AnnotationStoreSchemaValueType" + } + } + } + } + }, + "aws-native:omics:ReferenceStoreEncryptionType": { + "type": "string" + }, + "aws-native:omics:ReferenceStoreSseConfig": { + "type": "object", + "properties": { + "keyArn": { + "type": "string", + "description": "An encryption key ARN." + }, + "type": { + "$ref": "#/types/aws-native:omics:ReferenceStoreEncryptionType", + "description": "The encryption type." + } + } + }, + "aws-native:omics:SequenceStoreEncryptionType": { + "type": "string" + }, + "aws-native:omics:SequenceStoreSseConfig": { + "type": "object", + "properties": { + "keyArn": { + "type": "string", + "description": "An encryption key ARN." + }, + "type": { + "$ref": "#/types/aws-native:omics:SequenceStoreEncryptionType", + "description": "The encryption type." + } + } + }, + "aws-native:omics:VariantStoreEncryptionType": { + "type": "string" + }, + "aws-native:omics:VariantStoreReferenceItem": { + "type": "object", + "properties": { + "referenceArn": { + "type": "string", + "description": "The reference's ARN." + } + } + }, + "aws-native:omics:VariantStoreSseConfig": { + "type": "object", + "properties": { + "keyArn": { + "type": "string", + "description": "An encryption key ARN." + }, + "type": { + "$ref": "#/types/aws-native:omics:VariantStoreEncryptionType", + "description": "The encryption type." + } + } + }, + "aws-native:omics:VariantStoreStoreStatus": { + "type": "string" + }, + "aws-native:omics:WorkflowAccelerators": { + "type": "string" + }, + "aws-native:omics:WorkflowEngine": { + "type": "string" + }, + "aws-native:omics:WorkflowParameter": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The parameter's description." + }, + "optional": { + "type": "boolean", + "description": "Whether the parameter is optional." + } + } + }, + "aws-native:omics:WorkflowStatus": { + "type": "string" + }, + "aws-native:omics:WorkflowType": { + "type": "string" + }, + "aws-native:opensearchserverless:AccessPolicyType": { + "type": "string" + }, + "aws-native:opensearchserverless:CollectionStandbyReplicas": { + "type": "string" + }, + "aws-native:opensearchserverless:CollectionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key in the key-value pair" + }, + "value": { + "type": "string", + "description": "The value in the key-value pair" + } + } + }, + "aws-native:opensearchserverless:CollectionType": { + "type": "string" + }, + "aws-native:opensearchserverless:LifecyclePolicyType": { + "type": "string" + }, + "aws-native:opensearchserverless:SecurityConfigSamlConfigOptions": { + "type": "object", + "properties": { + "groupAttribute": { + "type": "string", + "description": "Group attribute for this saml integration" + }, + "metadata": { + "type": "string", + "description": "The XML saml provider metadata document that you want to use" + }, + "sessionTimeout": { + "type": "integer", + "description": "Defines the session timeout in minutes" + }, + "userAttribute": { + "type": "string", + "description": "Custom attribute for this saml integration" + } + } + }, + "aws-native:opensearchserverless:SecurityConfigType": { + "type": "string" + }, + "aws-native:opensearchserverless:SecurityPolicyType": { + "type": "string" + }, + "aws-native:opensearchservice:DomainAdvancedSecurityOptionsInput": { + "type": "object", + "properties": { + "anonymousAuthDisableDate": { + "type": "string", + "description": "Date and time when the migration period will be disabled. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) ." + }, + "anonymousAuthEnabled": { + "type": "boolean", + "description": "True to enable a 30-day migration period during which administrators can create role mappings. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) ." + }, + "enabled": { + "type": "boolean", + "description": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption. See [Fine-grained access control in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html) ." + }, + "internalUserDatabaseEnabled": { + "type": "boolean", + "description": "True to enable the internal user database." + }, + "masterUserOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainMasterUserOptions", + "description": "Specifies information about the master user." + }, + "samlOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainSamlOptions", + "description": "Container for information about the SAML configuration for OpenSearch Dashboards." + } + }, + "irreversibleNames": { + "samlOptions": "SAMLOptions" + } + }, + "aws-native:opensearchservice:DomainClusterConfig": { + "type": "object", + "properties": { + "coldStorageOptions": { + "$ref": "#/types/aws-native:opensearchservice:DomainColdStorageOptions", + "description": "Container for cold storage configuration options." + }, + "dedicatedMasterCount": { + "type": "integer", + "description": "The number of instances to use for the master node. If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property." + }, + "dedicatedMasterEnabled": { + "type": "boolean", + "description": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) ." + }, + "dedicatedMasterType": { + "type": "string", + "description": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.search` . If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) ." + }, + "instanceCount": { + "type": "integer", + "description": "The number of data nodes (instances) to use in the OpenSearch Service domain." + }, + "instanceType": { + "type": "string", + "description": "The instance type for your data nodes, such as `m3.medium.search` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) ." + }, + "multiAzWithStandbyEnabled": { + "type": "boolean", + "description": "Indicates whether Multi-AZ with Standby deployment option is enabled. For more information, see [Multi-AZ with Standby](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html#managedomains-za-standby) ." + }, + "warmCount": { + "type": "integer", + "description": "The number of warm nodes in the cluster." + }, + "warmEnabled": { + "type": "boolean", + "description": "Whether to enable UltraWarm storage for the cluster. See [UltraWarm storage for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html) ." + }, + "warmType": { + "type": "string", + "description": "The instance type for the cluster's warm nodes." + }, + "zoneAwarenessConfig": { + "$ref": "#/types/aws-native:opensearchservice:DomainZoneAwarenessConfig", + "description": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` ." + }, + "zoneAwarenessEnabled": { + "type": "boolean", + "description": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) ." + } + }, + "irreversibleNames": { + "multiAzWithStandbyEnabled": "MultiAZWithStandbyEnabled" + } + }, + "aws-native:opensearchservice:DomainCognitoOptions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) ." + }, + "identityPoolId": { + "type": "string", + "description": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards." + }, + "roleArn": { + "type": "string", + "description": "The `AmazonOpenSearchServiceCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards." + }, + "userPoolId": { + "type": "string", + "description": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards." + } + } + }, + "aws-native:opensearchservice:DomainColdStorageOptions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage to enable cold storage." + } + } + }, + "aws-native:opensearchservice:DomainEbsOptions": { + "type": "object", + "properties": { + "ebsEnabled": { + "type": "boolean", + "description": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain." + }, + "iops": { + "type": "integer", + "description": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to the `gp3` and provisioned IOPS EBS volume types." + }, + "throughput": { + "type": "integer", + "description": "The throughput (in MiB/s) of the EBS volumes attached to data nodes. Applies only to the `gp3` volume type." + }, + "volumeSize": { + "type": "integer", + "description": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* ." + }, + "volumeType": { + "type": "string", + "description": "The EBS volume type to use with the OpenSearch Service domain. If you choose `gp3` , you must also specify values for `Iops` and `Throughput` . For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* ." + } + }, + "irreversibleNames": { + "ebsEnabled": "EBSEnabled" + } + }, + "aws-native:opensearchservice:DomainEncryptionAtRestOptions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Specify `true` to enable encryption at rest. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property." + }, + "kmsKeyId": { + "type": "string", + "description": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.\n\nYou can also use `keyAlias` as a value.\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property." + } + } + }, + "aws-native:opensearchservice:DomainEndpointOptions": { + "type": "object", + "properties": { + "customEndpoint": { + "type": "string", + "description": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain." + }, + "customEndpointCertificateArn": { + "type": "string", + "description": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain." + }, + "customEndpointEnabled": { + "type": "boolean", + "description": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` ." + }, + "enforceHttps": { + "type": "boolean", + "description": "True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in [AdvancedSecurityOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) ." + }, + "tlsSecurityPolicy": { + "type": "string", + "description": "The minimum TLS version required for traffic to the domain. The policy can be one of the following values:\n\n- *Policy-Min-TLS-1-0-2019-07:* TLS security policy that supports TLS version 1.0 to TLS version 1.2\n- *Policy-Min-TLS-1-2-2019-07:* TLS security policy that supports only TLS version 1.2\n- *Policy-Min-TLS-1-2-PFS-2023-10:* TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites" + } + }, + "irreversibleNames": { + "enforceHttps": "EnforceHTTPS", + "tlsSecurityPolicy": "TLSSecurityPolicy" + } + }, + "aws-native:opensearchservice:DomainIdp": { + "type": "object", + "properties": { + "entityId": { + "type": "string", + "description": "The unique entity ID of the application in the SAML identity provider." + }, + "metadataContent": { + "type": "string", + "description": "The metadata of the SAML application, in XML format." + } + } + }, + "aws-native:opensearchservice:DomainLogPublishingOption": { + "type": "object", + "properties": { + "cloudWatchLogsLogGroupArn": { + "type": "string" + }, + "enabled": { + "type": "boolean" + } + } + }, + "aws-native:opensearchservice:DomainMasterUserOptions": { + "type": "object", + "properties": { + "masterUserArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) for the master user. The ARN can point to an IAM user or role. This property is required for Amazon Cognito to work, and it must match the role configured for Cognito. Only specify if `InternalUserDatabaseEnabled` is false in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) ." + }, + "masterUserName": { + "type": "string", + "description": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead." + }, + "masterUserPassword": { + "type": "string", + "description": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead." + } + }, + "irreversibleNames": { + "masterUserArn": "MasterUserARN" + } + }, + "aws-native:opensearchservice:DomainNodeToNodeEncryptionOptions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) ." + } + } + }, + "aws-native:opensearchservice:DomainOffPeakWindow": { + "type": "object", + "properties": { + "windowStartTime": { + "$ref": "#/types/aws-native:opensearchservice:DomainWindowStartTime", + "description": "The desired start time for an off-peak maintenance window." + } + } + }, + "aws-native:opensearchservice:DomainOffPeakWindowOptions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Specifies whether off-peak window settings are enabled for the domain." + }, + "offPeakWindow": { + "$ref": "#/types/aws-native:opensearchservice:DomainOffPeakWindow", + "description": "Off-peak window settings for the domain." + } + } + }, + "aws-native:opensearchservice:DomainSamlOptions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "True to enable SAML authentication for a domain." + }, + "idp": { + "$ref": "#/types/aws-native:opensearchservice:DomainIdp", + "description": "The SAML Identity Provider's information." + }, + "masterBackendRole": { + "type": "string", + "description": "The backend role that the SAML master user is mapped to." + }, + "masterUserName": { + "type": "string", + "description": "The SAML master user name, which is stored in the domain's internal user database." + }, + "rolesKey": { + "type": "string", + "description": "Element of the SAML assertion to use for backend roles. Default is `roles` ." + }, + "sessionTimeoutMinutes": { + "type": "integer", + "description": "The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60." + }, + "subjectKey": { + "type": "string", + "description": "Element of the SAML assertion to use for the user name. Default is `NameID` ." + } + } + }, + "aws-native:opensearchservice:DomainServiceSoftwareOptions": { + "type": "object", + "properties": { + "automatedUpdateDate": { + "type": "string", + "description": "The timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software." + }, + "cancellable": { + "type": "boolean", + "description": "True if you're able to cancel your service software version update. False if you can't cancel your service software update." + }, + "currentVersion": { + "type": "string", + "description": "The current service software version present on the domain." + }, + "description": { + "type": "string", + "description": "A description of the service software update status." + }, + "newVersion": { + "type": "string", + "description": "The new service software version, if one is available." + }, + "optionalDeployment": { + "type": "boolean", + "description": "True if a service software is never automatically updated. False if a service software is automatically updated after the automated update date." + }, + "updateAvailable": { + "type": "boolean", + "description": "True if you're able to update your service software version. False if you can't update your service software version." + }, + "updateStatus": { + "type": "string", + "description": "The status of your service software update." + } + } + }, + "aws-native:opensearchservice:DomainSnapshotOptions": { + "type": "object", + "properties": { + "automatedSnapshotStartHour": { + "type": "integer", + "description": "The hour in UTC during which the service takes an automated daily snapshot of the indexes in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23." + } + } + }, + "aws-native:opensearchservice:DomainSoftwareUpdateOptions": { + "type": "object", + "properties": { + "autoSoftwareUpdateEnabled": { + "type": "boolean", + "description": "Specifies whether automatic service software updates are enabled for the domain." + } + } + }, + "aws-native:opensearchservice:DomainTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The value of the tag." + }, + "value": { + "type": "string", + "description": "The key of the tag." + } + } + }, + "aws-native:opensearchservice:DomainVpcOptions": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* ." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nIf you specify more than one subnet, you must also configure `ZoneAwarenessEnabled` and `ZoneAwarenessConfig` within [ClusterConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-clusterconfig.html) , otherwise you'll see the error \"You must specify exactly one subnet\" during template creation." + } + } + }, + "aws-native:opensearchservice:DomainWindowStartTime": { + "type": "object", + "properties": { + "hours": { + "type": "integer", + "description": "The start hour of the window in Coordinated Universal Time (UTC), using 24-hour time. For example, 17 refers to 5:00 P.M. UTC. The minimum value is 0 and the maximum value is 23." + }, + "minutes": { + "type": "integer", + "description": "The start minute of the window, in UTC. The minimum value is 0 and the maximum value is 59." + } + } + }, + "aws-native:opensearchservice:DomainZoneAwarenessConfig": { + "type": "object", + "properties": { + "availabilityZoneCount": { + "type": "integer", + "description": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2." + } + } + }, + "aws-native:opsworkscm:ServerEngineAttribute": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the engine attribute.\n\n*Attribute name for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_ADMIN_PASSWORD`\n\n*Attribute names for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD`\n- `PUPPET_R10K_REMOTE`\n- `PUPPET_R10K_PRIVATE_KEY`" + }, + "value": { + "type": "string", + "description": "The value of the engine attribute.\n\n*Attribute value for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. You can generate this key by running the following [OpenSSL](https://docs.aws.amazon.com/https://www.openssl.org/) command on Linux-based computers.\n\n`openssl genrsa -out *pivotal_key_file_name* .pem 2048`\n\nOn Windows-based computers, you can use the PuTTYgen utility to generate a base64-encoded RSA private key. For more information, see [PuTTYgen - Key Generator for PuTTY on Windows](https://docs.aws.amazon.com/https://www.ssh.com/ssh/putty/windows/puttygen) on SSH.com.\n\n*Attribute values for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD` : An administrator password that you can use to sign in to the Puppet Enterprise console webpage after the server is online. The password must use between 8 and 32 ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add `PUPPET_R10K_PRIVATE_KEY` to specify a PEM-encoded private SSH key." + } + } + }, + "aws-native:opsworkscm:ServerTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A tag key, such as `Stage` or `Name` . A tag key cannot be empty. The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`" + }, + "value": { + "type": "string", + "description": "An optional tag value, such as `Production` or `test-owcm-server` . The value can be a maximum of 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`" + } + } + }, + "aws-native:organizations:AccountJoinedMethod": { + "type": "string" + }, + "aws-native:organizations:AccountStatus": { + "type": "string" + }, + "aws-native:organizations:AccountTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key identifier, or name, of the tag." + }, + "value": { + "type": "string", + "description": "The string value that's associated with the key of the tag. You can set the value of a tag to an empty string, but you can't set the value of a tag to null." + } + } + }, + "aws-native:organizations:OrganizationFeatureSet": { + "type": "string" + }, + "aws-native:organizations:OrganizationalUnitTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key identifier, or name, of the tag." + }, + "value": { + "type": "string", + "description": "The string value that's associated with the key of the tag. You can set the value of a tag to an empty string, but you can't set the value of a tag to null." + } + } + }, + "aws-native:organizations:PolicyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key identifier, or name, of the tag." + }, + "value": { + "type": "string", + "description": "The string value that's associated with the key of the tag. You can set the value of a tag to an empty string, but you can't set the value of a tag to null." + } + } + }, + "aws-native:organizations:PolicyType": { + "type": "string" + }, + "aws-native:organizations:ResourcePolicyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key identifier, or name, of the tag." + }, + "value": { + "type": "string", + "description": "The string value that's associated with the key of the tag. You can set the value of a tag to an empty string, but you can't set the value of a tag to null." + } + } + }, + "aws-native:osis:PipelineBufferOptions": { + "type": "object", + "properties": { + "persistentBufferEnabled": { + "type": "boolean", + "description": "Whether persistent buffering should be enabled." + } + } + }, + "aws-native:osis:PipelineEncryptionAtRestOptions": { + "type": "object", + "properties": { + "kmsKeyArn": { + "type": "string", + "description": "The KMS key to use for encrypting data. By default an AWS owned key is used" + } + } + }, + "aws-native:osis:PipelineLogPublishingOptions": { + "type": "object", + "properties": { + "cloudWatchLogDestination": { + "$ref": "#/types/aws-native:osis:PipelineLogPublishingOptionsCloudWatchLogDestinationProperties", + "description": "The destination for OpenSearch Ingestion Service logs sent to Amazon CloudWatch." + }, + "isLoggingEnabled": { + "type": "boolean", + "description": "Whether logs should be published." + } + } + }, + "aws-native:osis:PipelineLogPublishingOptionsCloudWatchLogDestinationProperties": { + "type": "object", + "properties": { + "logGroup": { + "type": "string" + } + } + }, + "aws-native:osis:PipelineTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:osis:PipelineVpcEndpoint": { + "type": "object", + "properties": { + "vpcEndpointId": { + "type": "string", + "description": "The unique identifier of the endpoint." + }, + "vpcId": { + "type": "string", + "description": "The ID for your VPC. AWS Privatelink generates this value when you create a VPC." + }, + "vpcOptions": { + "$ref": "#/types/aws-native:osis:PipelineVpcOptions", + "description": "Information about the VPC, including associated subnets and security groups." + } + } + }, + "aws-native:osis:PipelineVpcOptions": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security groups associated with the VPC endpoint." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of subnet IDs associated with the VPC endpoint." + }, + "vpcAttachmentOptions": { + "$ref": "#/types/aws-native:osis:PipelineVpcOptionsVpcAttachmentOptionsProperties", + "description": "Options for attaching a VPC to the pipeline." + }, + "vpcEndpointManagement": { + "$ref": "#/types/aws-native:osis:PipelineVpcOptionsVpcEndpointManagement", + "description": "Defines whether you or Amazon OpenSearch Ingestion service create and manage the VPC endpoint configured for the pipeline." + } + } + }, + "aws-native:osis:PipelineVpcOptionsVpcAttachmentOptionsProperties": { + "type": "object", + "properties": { + "attachToVpc": { + "type": "boolean", + "description": "Whether the pipeline should be attached to the provided VPC" + }, + "cidrBlock": { + "type": "string", + "description": "The CIDR block to be reserved for OpenSearch Ingestion to create elastic network interfaces (ENIs)." + } + } + }, + "aws-native:osis:PipelineVpcOptionsVpcEndpointManagement": { + "type": "string" + }, + "aws-native:panorama:ApplicationInstanceHealthStatus": { + "type": "string" + }, + "aws-native:panorama:ApplicationInstanceManifestOverridesPayload": { + "type": "object", + "properties": { + "payloadData": { + "type": "string", + "description": "The overrides document." + } + } + }, + "aws-native:panorama:ApplicationInstanceManifestPayload": { + "type": "object", + "properties": { + "payloadData": { + "type": "string", + "description": "The application manifest." + } + } + }, + "aws-native:panorama:ApplicationInstanceStatus": { + "type": "string" + }, + "aws-native:panorama:ApplicationInstanceTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:panorama:PackageStorageLocation": { + "type": "object", + "properties": { + "binaryPrefixLocation": { + "type": "string", + "description": "The location's binary prefix." + }, + "bucket": { + "type": "string", + "description": "The location's bucket." + }, + "generatedPrefixLocation": { + "type": "string", + "description": "The location's generated prefix." + }, + "manifestPrefixLocation": { + "type": "string", + "description": "The location's manifest prefix." + }, + "repoPrefixLocation": { + "type": "string", + "description": "The location's repo prefix." + } + } + }, + "aws-native:panorama:PackageTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:panorama:PackageVersionStatus": { + "type": "string" + }, + "aws-native:paymentcryptography:KeyAlgorithm": { + "type": "string" + }, + "aws-native:paymentcryptography:KeyAttributes": { + "type": "object", + "properties": { + "keyAlgorithm": { + "$ref": "#/types/aws-native:paymentcryptography:KeyAlgorithm", + "description": "The key algorithm to be use during creation of an AWS Payment Cryptography key.\n\nFor symmetric keys, AWS Payment Cryptography supports `AES` and `TDES` algorithms. For asymmetric keys, AWS Payment Cryptography supports `RSA` and `ECC_NIST` algorithms." + }, + "keyClass": { + "$ref": "#/types/aws-native:paymentcryptography:KeyClass", + "description": "The type of AWS Payment Cryptography key to create, which determines the classification of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair." + }, + "keyModesOfUse": { + "$ref": "#/types/aws-native:paymentcryptography:KeyModesOfUse", + "description": "The list of cryptographic operations that you can perform using the key." + }, + "keyUsage": { + "$ref": "#/types/aws-native:paymentcryptography:KeyUsage", + "description": "The cryptographic usage of an AWS Payment Cryptography key as defined in section A.5.2 of the TR-31 spec." + } + } + }, + "aws-native:paymentcryptography:KeyCheckValueAlgorithm": { + "type": "string" + }, + "aws-native:paymentcryptography:KeyClass": { + "type": "string" + }, + "aws-native:paymentcryptography:KeyModesOfUse": { + "type": "object", + "properties": { + "decrypt": { + "type": "boolean", + "description": "Specifies whether an AWS Payment Cryptography key can be used to decrypt data." + }, + "deriveKey": { + "type": "boolean", + "description": "Specifies whether an AWS Payment Cryptography key can be used to derive new keys." + }, + "encrypt": { + "type": "boolean", + "description": "Specifies whether an AWS Payment Cryptography key can be used to encrypt data." + }, + "generate": { + "type": "boolean", + "description": "Specifies whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys." + }, + "noRestrictions": { + "type": "boolean", + "description": "Specifies whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by `KeyUsage` ." + }, + "sign": { + "type": "boolean", + "description": "Specifies whether an AWS Payment Cryptography key can be used for signing." + }, + "unwrap": { + "type": "boolean" + }, + "verify": { + "type": "boolean", + "description": "Specifies whether an AWS Payment Cryptography key can be used to verify signatures." + }, + "wrap": { + "type": "boolean", + "description": "Specifies whether an AWS Payment Cryptography key can be used to wrap other keys." + } + } + }, + "aws-native:paymentcryptography:KeyOrigin": { + "type": "string" + }, + "aws-native:paymentcryptography:KeyState": { + "type": "string" + }, + "aws-native:paymentcryptography:KeyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:paymentcryptography:KeyUsage": { + "type": "string" + }, + "aws-native:pcaconnectorad:ConnectorVpcInformation": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security groups used with the connector. You can use a maximum of 4 security groups with a connector." + } + } + }, + "aws-native:pcaconnectorad:TemplateApplicationPolicies": { + "type": "object", + "properties": { + "critical": { + "type": "boolean" + }, + "policies": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateApplicationPolicy0Properties" + }, + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateApplicationPolicy1Properties" + } + ] + } + } + } + }, + "aws-native:pcaconnectorad:TemplateApplicationPolicy0Properties": { + "type": "object", + "properties": { + "policyType": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateApplicationPolicyType" + } + } + }, + "aws-native:pcaconnectorad:TemplateApplicationPolicy1Properties": { + "type": "object", + "properties": { + "policyObjectIdentifier": { + "type": "string" + } + } + }, + "aws-native:pcaconnectorad:TemplateApplicationPolicyType": { + "type": "string" + }, + "aws-native:pcaconnectorad:TemplateCertificateValidity": { + "type": "object", + "properties": { + "renewalPeriod": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateValidityPeriod" + }, + "validityPeriod": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateValidityPeriod" + } + } + }, + "aws-native:pcaconnectorad:TemplateClientCompatibilityV2": { + "type": "string" + }, + "aws-native:pcaconnectorad:TemplateClientCompatibilityV3": { + "type": "string" + }, + "aws-native:pcaconnectorad:TemplateClientCompatibilityV4": { + "type": "string" + }, + "aws-native:pcaconnectorad:TemplateDefinition0Properties": { + "type": "object", + "properties": { + "templateV2": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateV2" + } + }, + "irreversibleNames": { + "templateV2": "TemplateV2" + } + }, + "aws-native:pcaconnectorad:TemplateDefinition1Properties": { + "type": "object", + "properties": { + "templateV3": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateV3" + } + }, + "irreversibleNames": { + "templateV3": "TemplateV3" + } + }, + "aws-native:pcaconnectorad:TemplateDefinition2Properties": { + "type": "object", + "properties": { + "templateV4": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateV4" + } + }, + "irreversibleNames": { + "templateV4": "TemplateV4" + } + }, + "aws-native:pcaconnectorad:TemplateEnrollmentFlagsV2": { + "type": "object", + "properties": { + "enableKeyReuseOnNtTokenKeysetStorageFull": { + "type": "boolean" + }, + "includeSymmetricAlgorithms": { + "type": "boolean" + }, + "noSecurityExtension": { + "type": "boolean" + }, + "removeInvalidCertificateFromPersonalStore": { + "type": "boolean" + }, + "userInteractionRequired": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateEnrollmentFlagsV3": { + "type": "object", + "properties": { + "enableKeyReuseOnNtTokenKeysetStorageFull": { + "type": "boolean" + }, + "includeSymmetricAlgorithms": { + "type": "boolean" + }, + "noSecurityExtension": { + "type": "boolean" + }, + "removeInvalidCertificateFromPersonalStore": { + "type": "boolean" + }, + "userInteractionRequired": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateEnrollmentFlagsV4": { + "type": "object", + "properties": { + "enableKeyReuseOnNtTokenKeysetStorageFull": { + "type": "boolean" + }, + "includeSymmetricAlgorithms": { + "type": "boolean" + }, + "noSecurityExtension": { + "type": "boolean" + }, + "removeInvalidCertificateFromPersonalStore": { + "type": "boolean" + }, + "userInteractionRequired": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateExtensionsV2": { + "type": "object", + "properties": { + "applicationPolicies": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateApplicationPolicies" + }, + "keyUsage": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeyUsage" + } + } + }, + "aws-native:pcaconnectorad:TemplateExtensionsV3": { + "type": "object", + "properties": { + "applicationPolicies": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateApplicationPolicies" + }, + "keyUsage": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeyUsage" + } + } + }, + "aws-native:pcaconnectorad:TemplateExtensionsV4": { + "type": "object", + "properties": { + "applicationPolicies": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateApplicationPolicies" + }, + "keyUsage": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeyUsage" + } + } + }, + "aws-native:pcaconnectorad:TemplateGeneralFlagsV2": { + "type": "object", + "properties": { + "autoEnrollment": { + "type": "boolean" + }, + "machineType": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateGeneralFlagsV3": { + "type": "object", + "properties": { + "autoEnrollment": { + "type": "boolean" + }, + "machineType": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateGeneralFlagsV4": { + "type": "object", + "properties": { + "autoEnrollment": { + "type": "boolean" + }, + "machineType": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateGroupAccessControlEntryAccessRight": { + "type": "string" + }, + "aws-native:pcaconnectorad:TemplateGroupAccessControlEntryAccessRights": { + "type": "object", + "properties": { + "autoEnroll": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateGroupAccessControlEntryAccessRight", + "description": "Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment" + }, + "enroll": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateGroupAccessControlEntryAccessRight", + "description": "Allow or deny an Active Directory group from enrolling certificates issued against a template." + } + } + }, + "aws-native:pcaconnectorad:TemplateHashAlgorithm": { + "type": "string" + }, + "aws-native:pcaconnectorad:TemplateKeySpec": { + "type": "string" + }, + "aws-native:pcaconnectorad:TemplateKeyUsage": { + "type": "object", + "properties": { + "critical": { + "type": "boolean" + }, + "usageFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeyUsageFlags" + } + } + }, + "aws-native:pcaconnectorad:TemplateKeyUsageFlags": { + "type": "object", + "properties": { + "dataEncipherment": { + "type": "boolean" + }, + "digitalSignature": { + "type": "boolean" + }, + "keyAgreement": { + "type": "boolean" + }, + "keyEncipherment": { + "type": "boolean" + }, + "nonRepudiation": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateKeyUsageProperty0Properties": { + "type": "object", + "properties": { + "propertyType": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeyUsagePropertyType" + } + } + }, + "aws-native:pcaconnectorad:TemplateKeyUsageProperty1Properties": { + "type": "object", + "properties": { + "propertyFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeyUsagePropertyFlags" + } + } + }, + "aws-native:pcaconnectorad:TemplateKeyUsagePropertyFlags": { + "type": "object", + "properties": { + "decrypt": { + "type": "boolean" + }, + "keyAgreement": { + "type": "boolean" + }, + "sign": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateKeyUsagePropertyType": { + "type": "string" + }, + "aws-native:pcaconnectorad:TemplatePrivateKeyAlgorithm": { + "type": "string" + }, + "aws-native:pcaconnectorad:TemplatePrivateKeyAttributesV2": { + "type": "object", + "properties": { + "cryptoProviders": { + "type": "array", + "items": { + "type": "string" + } + }, + "keySpec": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeySpec" + }, + "minimalKeyLength": { + "type": "number" + } + } + }, + "aws-native:pcaconnectorad:TemplatePrivateKeyAttributesV3": { + "type": "object", + "properties": { + "algorithm": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplatePrivateKeyAlgorithm" + }, + "cryptoProviders": { + "type": "array", + "items": { + "type": "string" + } + }, + "keySpec": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeySpec" + }, + "keyUsageProperty": { + "oneOf": [ + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeyUsageProperty0Properties" + }, + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeyUsageProperty1Properties" + } + ] + }, + "minimalKeyLength": { + "type": "number" + } + } + }, + "aws-native:pcaconnectorad:TemplatePrivateKeyAttributesV4": { + "type": "object", + "properties": { + "algorithm": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplatePrivateKeyAlgorithm" + }, + "cryptoProviders": { + "type": "array", + "items": { + "type": "string" + } + }, + "keySpec": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeySpec" + }, + "keyUsageProperty": { + "oneOf": [ + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeyUsageProperty0Properties" + }, + { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateKeyUsageProperty1Properties" + } + ] + }, + "minimalKeyLength": { + "type": "number" + } + } + }, + "aws-native:pcaconnectorad:TemplatePrivateKeyFlagsV2": { + "type": "object", + "properties": { + "clientVersion": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateClientCompatibilityV2" + }, + "exportableKey": { + "type": "boolean" + }, + "strongKeyProtectionRequired": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplatePrivateKeyFlagsV3": { + "type": "object", + "properties": { + "clientVersion": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateClientCompatibilityV3" + }, + "exportableKey": { + "type": "boolean" + }, + "requireAlternateSignatureAlgorithm": { + "type": "boolean" + }, + "strongKeyProtectionRequired": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplatePrivateKeyFlagsV4": { + "type": "object", + "properties": { + "clientVersion": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateClientCompatibilityV4" + }, + "exportableKey": { + "type": "boolean" + }, + "requireAlternateSignatureAlgorithm": { + "type": "boolean" + }, + "requireSameKeyRenewal": { + "type": "boolean" + }, + "strongKeyProtectionRequired": { + "type": "boolean" + }, + "useLegacyProvider": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateSubjectNameFlagsV2": { + "type": "object", + "properties": { + "requireCommonName": { + "type": "boolean" + }, + "requireDirectoryPath": { + "type": "boolean" + }, + "requireDnsAsCn": { + "type": "boolean" + }, + "requireEmail": { + "type": "boolean" + }, + "sanRequireDirectoryGuid": { + "type": "boolean" + }, + "sanRequireDns": { + "type": "boolean" + }, + "sanRequireDomainDns": { + "type": "boolean" + }, + "sanRequireEmail": { + "type": "boolean" + }, + "sanRequireSpn": { + "type": "boolean" + }, + "sanRequireUpn": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateSubjectNameFlagsV3": { + "type": "object", + "properties": { + "requireCommonName": { + "type": "boolean" + }, + "requireDirectoryPath": { + "type": "boolean" + }, + "requireDnsAsCn": { + "type": "boolean" + }, + "requireEmail": { + "type": "boolean" + }, + "sanRequireDirectoryGuid": { + "type": "boolean" + }, + "sanRequireDns": { + "type": "boolean" + }, + "sanRequireDomainDns": { + "type": "boolean" + }, + "sanRequireEmail": { + "type": "boolean" + }, + "sanRequireSpn": { + "type": "boolean" + }, + "sanRequireUpn": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateSubjectNameFlagsV4": { + "type": "object", + "properties": { + "requireCommonName": { + "type": "boolean" + }, + "requireDirectoryPath": { + "type": "boolean" + }, + "requireDnsAsCn": { + "type": "boolean" + }, + "requireEmail": { + "type": "boolean" + }, + "sanRequireDirectoryGuid": { + "type": "boolean" + }, + "sanRequireDns": { + "type": "boolean" + }, + "sanRequireDomainDns": { + "type": "boolean" + }, + "sanRequireEmail": { + "type": "boolean" + }, + "sanRequireSpn": { + "type": "boolean" + }, + "sanRequireUpn": { + "type": "boolean" + } + } + }, + "aws-native:pcaconnectorad:TemplateV2": { + "type": "object", + "properties": { + "certificateValidity": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateCertificateValidity" + }, + "enrollmentFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateEnrollmentFlagsV2" + }, + "extensions": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateExtensionsV2" + }, + "generalFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateGeneralFlagsV2" + }, + "privateKeyAttributes": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplatePrivateKeyAttributesV2" + }, + "privateKeyFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplatePrivateKeyFlagsV2" + }, + "subjectNameFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateSubjectNameFlagsV2" + }, + "supersededTemplates": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:pcaconnectorad:TemplateV3": { + "type": "object", + "properties": { + "certificateValidity": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateCertificateValidity" + }, + "enrollmentFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateEnrollmentFlagsV3" + }, + "extensions": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateExtensionsV3" + }, + "generalFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateGeneralFlagsV3" + }, + "hashAlgorithm": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateHashAlgorithm" + }, + "privateKeyAttributes": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplatePrivateKeyAttributesV3" + }, + "privateKeyFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplatePrivateKeyFlagsV3" + }, + "subjectNameFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateSubjectNameFlagsV3" + }, + "supersededTemplates": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:pcaconnectorad:TemplateV4": { + "type": "object", + "properties": { + "certificateValidity": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateCertificateValidity" + }, + "enrollmentFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateEnrollmentFlagsV4" + }, + "extensions": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateExtensionsV4" + }, + "generalFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateGeneralFlagsV4" + }, + "hashAlgorithm": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateHashAlgorithm" + }, + "privateKeyAttributes": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplatePrivateKeyAttributesV4" + }, + "privateKeyFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplatePrivateKeyFlagsV4" + }, + "subjectNameFlags": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateSubjectNameFlagsV4" + }, + "supersededTemplates": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:pcaconnectorad:TemplateValidityPeriod": { + "type": "object", + "properties": { + "period": { + "type": "number" + }, + "periodType": { + "$ref": "#/types/aws-native:pcaconnectorad:TemplateValidityPeriodType" + } + } + }, + "aws-native:pcaconnectorad:TemplateValidityPeriodType": { + "type": "string" + }, + "aws-native:personalize:DatasetGroupDomain": { + "type": "string" + }, + "aws-native:personalize:DatasetImportJob": { + "type": "object", + "properties": { + "dataSource": { + "$ref": "#/types/aws-native:personalize:DatasetImportJobDataSourceProperties", + "description": "The Amazon S3 bucket that contains the training data to import." + }, + "datasetArn": { + "type": "string", + "description": "The ARN of the dataset that receives the imported data" + }, + "datasetImportJobArn": { + "type": "string", + "description": "The ARN of the dataset import job" + }, + "jobName": { + "type": "string", + "description": "The name for the dataset import job." + }, + "roleArn": { + "type": "string", + "description": "The ARN of the IAM role that has permissions to read from the Amazon S3 data source." + } + } + }, + "aws-native:personalize:DatasetImportJobDataSourceProperties": { + "type": "object", + "properties": { + "dataLocation": { + "type": "string", + "description": "The path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored." + } + } + }, + "aws-native:personalize:DatasetType": { + "type": "string" + }, + "aws-native:personalize:SchemaDomain": { + "type": "string" + }, + "aws-native:personalize:SolutionCategoricalHyperParameterRange": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the hyperparameter." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the categories for the hyperparameter." + } + } + }, + "aws-native:personalize:SolutionConfig": { + "type": "object", + "properties": { + "algorithmHyperParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Lists the hyperparameter names and ranges." + }, + "autoMlConfig": { + "$ref": "#/types/aws-native:personalize:SolutionConfigAutoMlConfigProperties", + "description": "The AutoMLConfig object containing a list of recipes to search when AutoML is performed." + }, + "eventValueThreshold": { + "type": "string", + "description": "Only events with a value greater than or equal to this threshold are used for training a model." + }, + "featureTransformationParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Lists the feature transformation parameters." + }, + "hpoConfig": { + "$ref": "#/types/aws-native:personalize:SolutionConfigHpoConfigProperties", + "description": "Describes the properties for hyperparameter optimization (HPO)" + } + }, + "irreversibleNames": { + "autoMlConfig": "AutoMLConfig" + } + }, + "aws-native:personalize:SolutionConfigAutoMlConfigProperties": { + "type": "object", + "properties": { + "metricName": { + "type": "string", + "description": "The metric to optimize." + }, + "recipeList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of candidate recipes." + } + } + }, + "aws-native:personalize:SolutionConfigHpoConfigProperties": { + "type": "object", + "properties": { + "algorithmHyperParameterRanges": { + "$ref": "#/types/aws-native:personalize:SolutionConfigHpoConfigPropertiesAlgorithmHyperParameterRangesProperties", + "description": "The hyperparameters and their allowable ranges" + }, + "hpoObjective": { + "$ref": "#/types/aws-native:personalize:SolutionConfigHpoConfigPropertiesHpoObjectiveProperties", + "description": "The metric to optimize during HPO." + }, + "hpoResourceConfig": { + "$ref": "#/types/aws-native:personalize:SolutionConfigHpoConfigPropertiesHpoResourceConfigProperties", + "description": "Describes the resource configuration for hyperparameter optimization (HPO)." + } + } + }, + "aws-native:personalize:SolutionConfigHpoConfigPropertiesAlgorithmHyperParameterRangesProperties": { + "type": "object", + "properties": { + "categoricalHyperParameterRanges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:personalize:SolutionCategoricalHyperParameterRange" + }, + "description": "The categorical hyperparameters and their ranges." + }, + "continuousHyperParameterRanges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:personalize:SolutionContinuousHyperParameterRange" + }, + "description": "The continuous hyperparameters and their ranges." + }, + "integerHyperParameterRanges": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:personalize:SolutionIntegerHyperParameterRange" + }, + "description": "The integer hyperparameters and their ranges." + } + } + }, + "aws-native:personalize:SolutionConfigHpoConfigPropertiesHpoObjectiveProperties": { + "type": "object", + "properties": { + "metricName": { + "type": "string", + "description": "The name of the metric" + }, + "metricRegex": { + "type": "string", + "description": "A regular expression for finding the metric in the training job logs." + }, + "type": { + "$ref": "#/types/aws-native:personalize:SolutionConfigHpoConfigPropertiesHpoObjectivePropertiesType", + "description": "The type of the metric. Valid values are Maximize and Minimize." + } + } + }, + "aws-native:personalize:SolutionConfigHpoConfigPropertiesHpoObjectivePropertiesType": { + "type": "string" + }, + "aws-native:personalize:SolutionConfigHpoConfigPropertiesHpoResourceConfigProperties": { + "type": "object", + "properties": { + "maxNumberOfTrainingJobs": { + "type": "string", + "description": "The maximum number of training jobs when you create a solution version. The maximum value for maxNumberOfTrainingJobs is 40." + }, + "maxParallelTrainingJobs": { + "type": "string", + "description": "The maximum number of parallel training jobs when you create a solution version. The maximum value for maxParallelTrainingJobs is 10." + } + } + }, + "aws-native:personalize:SolutionContinuousHyperParameterRange": { + "type": "object", + "properties": { + "maxValue": { + "type": "number", + "description": "The maximum allowable value for the hyperparameter." + }, + "minValue": { + "type": "number", + "description": "The minimum allowable value for the hyperparameter." + }, + "name": { + "type": "string", + "description": "The name of the hyperparameter." + } + } + }, + "aws-native:personalize:SolutionIntegerHyperParameterRange": { + "type": "object", + "properties": { + "maxValue": { + "type": "integer", + "description": "The maximum allowable value for the hyperparameter." + }, + "minValue": { + "type": "integer", + "description": "The minimum allowable value for the hyperparameter." + }, + "name": { + "type": "string", + "description": "The name of the hyperparameter." + } + } + }, + "aws-native:pinpoint:InAppTemplateAlignment": { + "type": "string" + }, + "aws-native:pinpoint:InAppTemplateBodyConfig": { + "type": "object", + "properties": { + "alignment": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateAlignment", + "description": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` ." + }, + "body": { + "type": "string", + "description": "The main body text of the message." + }, + "textColor": { + "type": "string", + "description": "The color of the body text, expressed as a hex color code (such as #000000 for black)." + } + } + }, + "aws-native:pinpoint:InAppTemplateButtonAction": { + "type": "string" + }, + "aws-native:pinpoint:InAppTemplateButtonConfig": { + "type": "object", + "properties": { + "android": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateOverrideButtonConfiguration", + "description": "Optional button configuration to use for in-app messages sent to Android devices. This button configuration overrides the default button configuration." + }, + "defaultConfig": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateDefaultButtonConfiguration", + "description": "Specifies the default behavior of a button that appears in an in-app message. You can optionally add button configurations that specifically apply to iOS, Android, or web browser users." + }, + "ios": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateOverrideButtonConfiguration", + "description": "Optional button configuration to use for in-app messages sent to iOS devices. This button configuration overrides the default button configuration." + }, + "web": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateOverrideButtonConfiguration", + "description": "Optional button configuration to use for in-app messages sent to web applications. This button configuration overrides the default button configuration." + } + }, + "irreversibleNames": { + "ios": "IOS" + } + }, + "aws-native:pinpoint:InAppTemplateDefaultButtonConfiguration": { + "type": "object", + "properties": { + "backgroundColor": { + "type": "string", + "description": "The background color of a button, expressed as a hex color code (such as #000000 for black)." + }, + "borderRadius": { + "type": "integer", + "description": "The border radius of a button." + }, + "buttonAction": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateButtonAction", + "description": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` – A link to a web destination.\n- `DEEP_LINK` – A link to a specific page in an application.\n- `CLOSE` – Dismisses the message." + }, + "link": { + "type": "string", + "description": "The destination (such as a URL) for a button." + }, + "text": { + "type": "string", + "description": "The text that appears on a button in an in-app message." + }, + "textColor": { + "type": "string", + "description": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black)." + } + } + }, + "aws-native:pinpoint:InAppTemplateHeaderConfig": { + "type": "object", + "properties": { + "alignment": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateAlignment", + "description": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` ." + }, + "header": { + "type": "string", + "description": "The title text of the in-app message." + }, + "textColor": { + "type": "string", + "description": "The color of the title text, expressed as a hex color code (such as #000000 for black)." + } + } + }, + "aws-native:pinpoint:InAppTemplateInAppMessageContent": { + "type": "object", + "properties": { + "backgroundColor": { + "type": "string", + "description": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black)." + }, + "bodyConfig": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateBodyConfig", + "description": "An object that contains configuration information about the header or title text of the in-app message." + }, + "headerConfig": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateHeaderConfig", + "description": "An object that contains configuration information about the header or title text of the in-app message." + }, + "imageUrl": { + "type": "string", + "description": "The URL of the image that appears on an in-app message banner." + }, + "primaryBtn": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateButtonConfig", + "description": "An object that contains configuration information about the primary button in an in-app message." + }, + "secondaryBtn": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateButtonConfig", + "description": "An object that contains configuration information about the secondary button in an in-app message." + } + } + }, + "aws-native:pinpoint:InAppTemplateLayout": { + "type": "string" + }, + "aws-native:pinpoint:InAppTemplateOverrideButtonConfiguration": { + "type": "object", + "properties": { + "buttonAction": { + "$ref": "#/types/aws-native:pinpoint:InAppTemplateButtonAction", + "description": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` – A link to a web destination.\n- `DEEP_LINK` – A link to a specific page in an application.\n- `CLOSE` – Dismisses the message." + }, + "link": { + "type": "string", + "description": "The destination (such as a URL) for a button." + } + } + }, + "aws-native:pipes:PipeAssignPublicIp": { + "type": "string" + }, + "aws-native:pipes:PipeAwsVpcConfiguration": { + "type": "object", + "properties": { + "assignPublicIp": { + "$ref": "#/types/aws-native:pipes:PipeAssignPublicIp", + "description": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` ." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets." + } + } + }, + "aws-native:pipes:PipeBatchArrayProperties": { + "type": "object", + "properties": { + "size": { + "type": "integer", + "description": "The size of the array, if this is an array batch job." + } + } + }, + "aws-native:pipes:PipeBatchContainerOverrides": { + "type": "object", + "properties": { + "command": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The command to send to the container that overrides the default command from the Docker image or the task definition." + }, + "environment": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeBatchEnvironmentVariable" + }, + "description": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition.\n\n\u003e Environment variables cannot start with \" `AWS Batch` \". This naming convention is reserved for variables that AWS Batch sets." + }, + "instanceType": { + "type": "string", + "description": "The instance type to use for a multi-node parallel job.\n\n\u003e This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided." + }, + "resourceRequirements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeBatchResourceRequirement" + }, + "description": "The type and amount of resources to assign to a container. This overrides the settings in the job definition. The supported resources include `GPU` , `MEMORY` , and `VCPU` ." + } + } + }, + "aws-native:pipes:PipeBatchEnvironmentVariable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the key-value pair. For environment variables, this is the name of the environment variable." + }, + "value": { + "type": "string", + "description": "The value of the key-value pair. For environment variables, this is the value of the environment variable." + } + } + }, + "aws-native:pipes:PipeBatchJobDependency": { + "type": "object", + "properties": { + "jobId": { + "type": "string", + "description": "The job ID of the AWS Batch job that's associated with this dependency." + }, + "type": { + "$ref": "#/types/aws-native:pipes:PipeBatchJobDependencyType", + "description": "The type of the job dependency." + } + } + }, + "aws-native:pipes:PipeBatchJobDependencyType": { + "type": "string" + }, + "aws-native:pipes:PipeBatchResourceRequirement": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:pipes:PipeBatchResourceRequirementType", + "description": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` ." + }, + "value": { + "type": "string", + "description": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n\u003e GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n\u003e If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, 4, or 8\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880" + } + } + }, + "aws-native:pipes:PipeBatchResourceRequirementType": { + "type": "string" + }, + "aws-native:pipes:PipeBatchRetryStrategy": { + "type": "object", + "properties": { + "attempts": { + "type": "integer", + "description": "The number of times to move a job to the `RUNNABLE` status. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value." + } + } + }, + "aws-native:pipes:PipeCapacityProviderStrategyItem": { + "type": "object", + "properties": { + "base": { + "type": "integer", + "description": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used." + }, + "capacityProvider": { + "type": "string", + "description": "The short name of the capacity provider." + }, + "weight": { + "type": "integer", + "description": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied." + } + } + }, + "aws-native:pipes:PipeCloudwatchLogsLogDestination": { + "type": "object", + "properties": { + "logGroupArn": { + "type": "string", + "description": "The AWS Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records." + } + } + }, + "aws-native:pipes:PipeDeadLetterConfig": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The ARN of the specified target for the dead-letter queue.\n\nFor Amazon Kinesis stream and Amazon DynamoDB stream sources, specify either an Amazon SNS topic or Amazon SQS queue ARN." + } + } + }, + "aws-native:pipes:PipeDimensionMapping": { + "type": "object", + "properties": { + "dimensionName": { + "type": "string", + "description": "The metadata attributes of the time series. For example, the name and Availability Zone of an Amazon EC2 instance or the name of the manufacturer of a wind turbine are dimensions." + }, + "dimensionValue": { + "type": "string", + "description": "Dynamic path to the dimension value in the source event." + }, + "dimensionValueType": { + "$ref": "#/types/aws-native:pipes:PipeDimensionValueType", + "description": "The data type of the dimension for the time-series data." + } + } + }, + "aws-native:pipes:PipeDimensionValueType": { + "type": "string" + }, + "aws-native:pipes:PipeDynamoDbStreamStartPosition": { + "type": "string" + }, + "aws-native:pipes:PipeEcsContainerOverride": { + "type": "object", + "properties": { + "command": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The command to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name." + }, + "cpu": { + "type": "integer", + "description": "The number of `cpu` units reserved for the container, instead of the default value from the task definition. You must also specify a container name." + }, + "environment": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeEcsEnvironmentVariable" + }, + "description": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name." + }, + "environmentFiles": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeEcsEnvironmentFile" + }, + "description": "A list of files containing the environment variables to pass to a container, instead of the value from the container definition." + }, + "memory": { + "type": "integer", + "description": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name." + }, + "memoryReservation": { + "type": "integer", + "description": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name." + }, + "name": { + "type": "string", + "description": "The name of the container that receives the override. This parameter is required if any override is specified." + }, + "resourceRequirements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeEcsResourceRequirement" + }, + "description": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU." + } + } + }, + "aws-native:pipes:PipeEcsEnvironmentFile": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:pipes:PipeEcsEnvironmentFileType", + "description": "The file type to use. The only supported value is `s3` ." + }, + "value": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file." + } + } + }, + "aws-native:pipes:PipeEcsEnvironmentFileType": { + "type": "string" + }, + "aws-native:pipes:PipeEcsEnvironmentVariable": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the key-value pair. For environment variables, this is the name of the environment variable." + }, + "value": { + "type": "string", + "description": "The value of the key-value pair. For environment variables, this is the value of the environment variable." + } + } + }, + "aws-native:pipes:PipeEcsEphemeralStorage": { + "type": "object", + "properties": { + "sizeInGiB": { + "type": "integer", + "description": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB." + } + } + }, + "aws-native:pipes:PipeEcsInferenceAcceleratorOverride": { + "type": "object", + "properties": { + "deviceName": { + "type": "string", + "description": "The Elastic Inference accelerator device name to override for the task. This parameter must match a `deviceName` specified in the task definition." + }, + "deviceType": { + "type": "string", + "description": "The Elastic Inference accelerator type to use." + } + } + }, + "aws-native:pipes:PipeEcsResourceRequirement": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:pipes:PipeEcsResourceRequirementType", + "description": "The type of resource to assign to a container. The supported values are `GPU` or `InferenceAccelerator` ." + }, + "value": { + "type": "string", + "description": "The value for the specified resource type.\n\nIf the `GPU` type is used, the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nIf the `InferenceAccelerator` type is used, the `value` matches the `deviceName` for an InferenceAccelerator specified in a task definition." + } + } + }, + "aws-native:pipes:PipeEcsResourceRequirementType": { + "type": "string" + }, + "aws-native:pipes:PipeEcsTaskOverride": { + "type": "object", + "properties": { + "containerOverrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeEcsContainerOverride" + }, + "description": "One or more container overrides that are sent to a task." + }, + "cpu": { + "type": "string", + "description": "The cpu override for the task." + }, + "ephemeralStorage": { + "$ref": "#/types/aws-native:pipes:PipeEcsEphemeralStorage", + "description": "The ephemeral storage setting override for the task.\n\n\u003e This parameter is only supported for tasks hosted on Fargate that use the following platform versions:\n\u003e \n\u003e - Linux platform version `1.4.0` or later.\n\u003e - Windows platform version `1.0.0` or later." + }, + "executionRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "inferenceAcceleratorOverrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeEcsInferenceAcceleratorOverride" + }, + "description": "The Elastic Inference accelerator override for the task." + }, + "memory": { + "type": "string", + "description": "The memory override for the task." + }, + "taskRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role. For more information, see [IAM Role for Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* ." + } + } + }, + "aws-native:pipes:PipeEnrichmentHttpParameters": { + "type": "object", + "properties": { + "headerParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination." + }, + "pathParameterValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\")." + }, + "queryStringParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination." + } + } + }, + "aws-native:pipes:PipeEnrichmentParameters": { + "type": "object", + "properties": { + "httpParameters": { + "$ref": "#/types/aws-native:pipes:PipeEnrichmentHttpParameters", + "description": "Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence." + }, + "inputTemplate": { + "type": "string", + "description": "Valid JSON text passed to the enrichment. In this case, nothing from the event itself is passed to the enrichment. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string." + } + } + }, + "aws-native:pipes:PipeEpochTimeUnit": { + "type": "string" + }, + "aws-native:pipes:PipeFilter": { + "type": "object", + "properties": { + "pattern": { + "type": "string", + "description": "The event pattern." + } + } + }, + "aws-native:pipes:PipeFilterCriteria": { + "type": "object", + "properties": { + "filters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeFilter" + }, + "description": "The event patterns." + } + } + }, + "aws-native:pipes:PipeFirehoseLogDestination": { + "type": "object", + "properties": { + "deliveryStreamArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Firehose delivery stream to which EventBridge delivers the pipe log records." + } + } + }, + "aws-native:pipes:PipeIncludeExecutionDataOption": { + "type": "string" + }, + "aws-native:pipes:PipeKinesisStreamStartPosition": { + "type": "string" + }, + "aws-native:pipes:PipeLaunchType": { + "type": "string" + }, + "aws-native:pipes:PipeLogConfiguration": { + "type": "object", + "properties": { + "cloudwatchLogsLogDestination": { + "$ref": "#/types/aws-native:pipes:PipeCloudwatchLogsLogDestination", + "description": "The logging configuration settings for the pipe." + }, + "firehoseLogDestination": { + "$ref": "#/types/aws-native:pipes:PipeFirehoseLogDestination", + "description": "The Amazon Data Firehose logging configuration settings for the pipe." + }, + "includeExecutionData": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeIncludeExecutionDataOption" + }, + "description": "Whether the execution data (specifically, the `payload` , `awsRequest` , and `awsResponse` fields) is included in the log messages for this pipe.\n\nThis applies to all log destinations for the pipe.\n\nFor more information, see [Including execution data in logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-logs.html#eb-pipes-logs-execution-data) in the *Amazon EventBridge User Guide* .\n\n*Allowed values:* `ALL`" + }, + "level": { + "$ref": "#/types/aws-native:pipes:PipeLogLevel", + "description": "The level of logging detail to include. This applies to all log destinations for the pipe." + }, + "s3LogDestination": { + "$ref": "#/types/aws-native:pipes:PipeS3LogDestination", + "description": "The Amazon S3 logging configuration settings for the pipe." + } + }, + "irreversibleNames": { + "s3LogDestination": "S3LogDestination" + } + }, + "aws-native:pipes:PipeLogLevel": { + "type": "string" + }, + "aws-native:pipes:PipeMeasureValueType": { + "type": "string" + }, + "aws-native:pipes:PipeMqBrokerAccessCredentials0Properties": { + "type": "object", + "properties": { + "basicAuth": { + "type": "string", + "description": "Optional SecretManager ARN which stores the database credentials" + } + } + }, + "aws-native:pipes:PipeMqBrokerAccessCredentialsProperties": { + "type": "object", + "properties": { + "basicAuth": { + "type": "string", + "description": "Optional SecretManager ARN which stores the database credentials" + } + } + }, + "aws-native:pipes:PipeMskAccessCredentials0Properties": { + "type": "object", + "properties": { + "saslScram512Auth": { + "type": "string", + "description": "Optional SecretManager ARN which stores the database credentials" + } + }, + "irreversibleNames": { + "saslScram512Auth": "SaslScram512Auth" + } + }, + "aws-native:pipes:PipeMskAccessCredentials1Properties": { + "type": "object", + "properties": { + "clientCertificateTlsAuth": { + "type": "string", + "description": "Optional SecretManager ARN which stores the database credentials" + } + } + }, + "aws-native:pipes:PipeMskStartPosition": { + "type": "string" + }, + "aws-native:pipes:PipeMultiMeasureAttributeMapping": { + "type": "object", + "properties": { + "measureValue": { + "type": "string", + "description": "Dynamic path to the measurement attribute in the source event." + }, + "measureValueType": { + "$ref": "#/types/aws-native:pipes:PipeMeasureValueType", + "description": "Data type of the measurement attribute in the source event." + }, + "multiMeasureAttributeName": { + "type": "string", + "description": "Target measure name to be used." + } + } + }, + "aws-native:pipes:PipeMultiMeasureMapping": { + "type": "object", + "properties": { + "multiMeasureAttributeMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeMultiMeasureAttributeMapping" + }, + "description": "Mappings that represent multiple source event fields mapped to measures in the same Timestream for LiveAnalytics record." + }, + "multiMeasureName": { + "type": "string", + "description": "The name of the multiple measurements per record (multi-measure)." + } + } + }, + "aws-native:pipes:PipeNetworkConfiguration": { + "type": "object", + "properties": { + "awsvpcConfiguration": { + "$ref": "#/types/aws-native:pipes:PipeAwsVpcConfiguration", + "description": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode." + } + } + }, + "aws-native:pipes:PipeOnPartialBatchItemFailureStreams": { + "type": "string" + }, + "aws-native:pipes:PipePlacementConstraint": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide." + }, + "type": { + "$ref": "#/types/aws-native:pipes:PipePlacementConstraintType", + "description": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates." + } + } + }, + "aws-native:pipes:PipePlacementConstraintType": { + "type": "string" + }, + "aws-native:pipes:PipePlacementStrategy": { + "type": "object", + "properties": { + "field": { + "type": "string", + "description": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used." + }, + "type": { + "$ref": "#/types/aws-native:pipes:PipePlacementStrategyType", + "description": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task)." + } + } + }, + "aws-native:pipes:PipePlacementStrategyType": { + "type": "string" + }, + "aws-native:pipes:PipePropagateTags": { + "type": "string" + }, + "aws-native:pipes:PipeRequestedPipeState": { + "type": "string" + }, + "aws-native:pipes:PipeS3LogDestination": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe." + }, + "bucketOwner": { + "type": "string", + "description": "The AWS account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe." + }, + "outputFormat": { + "$ref": "#/types/aws-native:pipes:PipeS3OutputFormat", + "description": "The format EventBridge uses for the log records.\n\nEventBridge currently only supports `json` formatting." + }, + "prefix": { + "type": "string", + "description": "The prefix text with which to begin Amazon S3 log object names.\n\nFor more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* ." + } + } + }, + "aws-native:pipes:PipeS3OutputFormat": { + "type": "string" + }, + "aws-native:pipes:PipeSageMakerPipelineParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of parameter to start execution of a SageMaker Model Building Pipeline." + }, + "value": { + "type": "string", + "description": "Value of parameter to start execution of a SageMaker Model Building Pipeline." + } + } + }, + "aws-native:pipes:PipeSelfManagedKafkaAccessConfigurationCredentials0Properties": { + "type": "object", + "properties": { + "basicAuth": { + "type": "string", + "description": "Optional SecretManager ARN which stores the database credentials" + } + } + }, + "aws-native:pipes:PipeSelfManagedKafkaAccessConfigurationCredentials1Properties": { + "type": "object", + "properties": { + "saslScram512Auth": { + "type": "string", + "description": "Optional SecretManager ARN which stores the database credentials" + } + }, + "irreversibleNames": { + "saslScram512Auth": "SaslScram512Auth" + } + }, + "aws-native:pipes:PipeSelfManagedKafkaAccessConfigurationCredentials2Properties": { + "type": "object", + "properties": { + "saslScram256Auth": { + "type": "string", + "description": "Optional SecretManager ARN which stores the database credentials" + } + }, + "irreversibleNames": { + "saslScram256Auth": "SaslScram256Auth" + } + }, + "aws-native:pipes:PipeSelfManagedKafkaAccessConfigurationCredentials3Properties": { + "type": "object", + "properties": { + "clientCertificateTlsAuth": { + "type": "string", + "description": "Optional SecretManager ARN which stores the database credentials" + } + } + }, + "aws-native:pipes:PipeSelfManagedKafkaAccessConfigurationVpc": { + "type": "object", + "properties": { + "securityGroup": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of SecurityGroupId." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of SubnetId." + } + } + }, + "aws-native:pipes:PipeSelfManagedKafkaStartPosition": { + "type": "string" + }, + "aws-native:pipes:PipeSingleMeasureMapping": { + "type": "object", + "properties": { + "measureName": { + "type": "string", + "description": "Target measure name for the measurement attribute in the Timestream table." + }, + "measureValue": { + "type": "string", + "description": "Dynamic path of the source field to map to the measure in the record." + }, + "measureValueType": { + "$ref": "#/types/aws-native:pipes:PipeMeasureValueType", + "description": "Data type of the source field." + } + } + }, + "aws-native:pipes:PipeSourceActiveMqBrokerParameters": { + "type": "object", + "properties": { + "batchSize": { + "type": "integer", + "description": "The maximum number of records to include in each batch." + }, + "credentials": { + "$ref": "#/types/aws-native:pipes:PipeMqBrokerAccessCredentialsProperties", + "description": "The credentials needed to access the resource." + }, + "maximumBatchingWindowInSeconds": { + "type": "integer", + "description": "The maximum length of a time to wait for events." + }, + "queueName": { + "type": "string", + "description": "The name of the destination queue to consume.", + "replaceOnChanges": true + } + } + }, + "aws-native:pipes:PipeSourceDynamoDbStreamParameters": { + "type": "object", + "properties": { + "batchSize": { + "type": "integer", + "description": "The maximum number of records to include in each batch." + }, + "deadLetterConfig": { + "$ref": "#/types/aws-native:pipes:PipeDeadLetterConfig", + "description": "Define the target queue to send dead-letter queue events to." + }, + "maximumBatchingWindowInSeconds": { + "type": "integer", + "description": "The maximum length of a time to wait for events." + }, + "maximumRecordAgeInSeconds": { + "type": "integer", + "description": "(Streams only) Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records." + }, + "maximumRetryAttempts": { + "type": "integer", + "description": "(Streams only) Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source." + }, + "onPartialBatchItemFailure": { + "$ref": "#/types/aws-native:pipes:PipeOnPartialBatchItemFailureStreams", + "description": "(Streams only) Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch." + }, + "parallelizationFactor": { + "type": "integer", + "description": "(Streams only) The number of batches to process concurrently from each shard. The default value is 1." + }, + "startingPosition": { + "$ref": "#/types/aws-native:pipes:PipeDynamoDbStreamStartPosition", + "description": "(Streams only) The position in a stream from which to start reading.\n\n*Valid values* : `TRIM_HORIZON | LATEST`", + "replaceOnChanges": true + } + } + }, + "aws-native:pipes:PipeSourceKinesisStreamParameters": { + "type": "object", + "properties": { + "batchSize": { + "type": "integer", + "description": "The maximum number of records to include in each batch." + }, + "deadLetterConfig": { + "$ref": "#/types/aws-native:pipes:PipeDeadLetterConfig", + "description": "Define the target queue to send dead-letter queue events to." + }, + "maximumBatchingWindowInSeconds": { + "type": "integer", + "description": "The maximum length of a time to wait for events." + }, + "maximumRecordAgeInSeconds": { + "type": "integer", + "description": "(Streams only) Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records." + }, + "maximumRetryAttempts": { + "type": "integer", + "description": "(Streams only) Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source." + }, + "onPartialBatchItemFailure": { + "$ref": "#/types/aws-native:pipes:PipeOnPartialBatchItemFailureStreams", + "description": "(Streams only) Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch." + }, + "parallelizationFactor": { + "type": "integer", + "description": "(Streams only) The number of batches to process concurrently from each shard. The default value is 1." + }, + "startingPosition": { + "$ref": "#/types/aws-native:pipes:PipeKinesisStreamStartPosition", + "description": "(Streams only) The position in a stream from which to start reading.", + "replaceOnChanges": true + }, + "startingPositionTimestamp": { + "type": "string", + "description": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds.", + "replaceOnChanges": true + } + } + }, + "aws-native:pipes:PipeSourceManagedStreamingKafkaParameters": { + "type": "object", + "properties": { + "batchSize": { + "type": "integer", + "description": "The maximum number of records to include in each batch." + }, + "consumerGroupId": { + "type": "string", + "description": "The name of the destination queue to consume.", + "replaceOnChanges": true + }, + "credentials": { + "oneOf": [ + { + "$ref": "#/types/aws-native:pipes:PipeMskAccessCredentials0Properties" + }, + { + "$ref": "#/types/aws-native:pipes:PipeMskAccessCredentials1Properties" + } + ], + "description": "The credentials needed to access the resource." + }, + "maximumBatchingWindowInSeconds": { + "type": "integer", + "description": "The maximum length of a time to wait for events." + }, + "startingPosition": { + "$ref": "#/types/aws-native:pipes:PipeMskStartPosition", + "description": "(Streams only) The position in a stream from which to start reading.", + "replaceOnChanges": true + }, + "topicName": { + "type": "string", + "description": "The name of the topic that the pipe will read from.", + "replaceOnChanges": true + } + }, + "irreversibleNames": { + "consumerGroupId": "ConsumerGroupID" + } + }, + "aws-native:pipes:PipeSourceParameters": { + "type": "object", + "properties": { + "activeMqBrokerParameters": { + "$ref": "#/types/aws-native:pipes:PipeSourceActiveMqBrokerParameters", + "description": "The parameters for using an Active MQ broker as a source." + }, + "dynamoDbStreamParameters": { + "$ref": "#/types/aws-native:pipes:PipeSourceDynamoDbStreamParameters", + "description": "The parameters for using a DynamoDB stream as a source." + }, + "filterCriteria": { + "$ref": "#/types/aws-native:pipes:PipeFilterCriteria", + "description": "The collection of event patterns used to filter events.\n\nTo remove a filter, specify a `FilterCriteria` object with an empty array of `Filter` objects.\n\nFor more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide* ." + }, + "kinesisStreamParameters": { + "$ref": "#/types/aws-native:pipes:PipeSourceKinesisStreamParameters", + "description": "The parameters for using a Kinesis stream as a source." + }, + "managedStreamingKafkaParameters": { + "$ref": "#/types/aws-native:pipes:PipeSourceManagedStreamingKafkaParameters", + "description": "The parameters for using an MSK stream as a source." + }, + "rabbitMqBrokerParameters": { + "$ref": "#/types/aws-native:pipes:PipeSourceRabbitMqBrokerParameters", + "description": "The parameters for using a Rabbit MQ broker as a source." + }, + "selfManagedKafkaParameters": { + "$ref": "#/types/aws-native:pipes:PipeSourceSelfManagedKafkaParameters", + "description": "The parameters for using a self-managed Apache Kafka stream as a source.\n\nA *self managed* cluster refers to any Apache Kafka cluster not hosted by AWS . This includes both clusters you manage yourself, as well as those hosted by a third-party provider, such as [Confluent Cloud](https://docs.aws.amazon.com/https://www.confluent.io/) , [CloudKarafka](https://docs.aws.amazon.com/https://www.cloudkarafka.com/) , or [Redpanda](https://docs.aws.amazon.com/https://redpanda.com/) . For more information, see [Apache Kafka streams as a source](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) in the *Amazon EventBridge User Guide* ." + }, + "sqsQueueParameters": { + "$ref": "#/types/aws-native:pipes:PipeSourceSqsQueueParameters", + "description": "The parameters for using a Amazon SQS stream as a source." + } + }, + "irreversibleNames": { + "activeMqBrokerParameters": "ActiveMQBrokerParameters", + "dynamoDbStreamParameters": "DynamoDBStreamParameters", + "rabbitMqBrokerParameters": "RabbitMQBrokerParameters" + } + }, + "aws-native:pipes:PipeSourceRabbitMqBrokerParameters": { + "type": "object", + "properties": { + "batchSize": { + "type": "integer", + "description": "The maximum number of records to include in each batch." + }, + "credentials": { + "$ref": "#/types/aws-native:pipes:PipeMqBrokerAccessCredentialsProperties", + "description": "The credentials needed to access the resource." + }, + "maximumBatchingWindowInSeconds": { + "type": "integer", + "description": "The maximum length of a time to wait for events." + }, + "queueName": { + "type": "string", + "description": "The name of the destination queue to consume.", + "replaceOnChanges": true + }, + "virtualHost": { + "type": "string", + "description": "The name of the virtual host associated with the source broker.", + "replaceOnChanges": true + } + } + }, + "aws-native:pipes:PipeSourceSelfManagedKafkaParameters": { + "type": "object", + "properties": { + "additionalBootstrapServers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of server URLs." + }, + "batchSize": { + "type": "integer", + "description": "The maximum number of records to include in each batch." + }, + "consumerGroupId": { + "type": "string", + "description": "The name of the destination queue to consume." + }, + "credentials": { + "oneOf": [ + { + "$ref": "#/types/aws-native:pipes:PipeSelfManagedKafkaAccessConfigurationCredentials0Properties" + }, + { + "$ref": "#/types/aws-native:pipes:PipeSelfManagedKafkaAccessConfigurationCredentials1Properties" + }, + { + "$ref": "#/types/aws-native:pipes:PipeSelfManagedKafkaAccessConfigurationCredentials2Properties" + }, + { + "$ref": "#/types/aws-native:pipes:PipeSelfManagedKafkaAccessConfigurationCredentials3Properties" + } + ], + "description": "The credentials needed to access the resource." + }, + "maximumBatchingWindowInSeconds": { + "type": "integer", + "description": "The maximum length of a time to wait for events." + }, + "serverRootCaCertificate": { + "type": "string", + "description": "Optional SecretManager ARN which stores the database credentials" + }, + "startingPosition": { + "$ref": "#/types/aws-native:pipes:PipeSelfManagedKafkaStartPosition", + "description": "(Streams only) The position in a stream from which to start reading." + }, + "topicName": { + "type": "string", + "description": "The name of the topic that the pipe will read from." + }, + "vpc": { + "$ref": "#/types/aws-native:pipes:PipeSelfManagedKafkaAccessConfigurationVpc", + "description": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used." + } + }, + "irreversibleNames": { + "consumerGroupId": "ConsumerGroupID" + } + }, + "aws-native:pipes:PipeSourceSqsQueueParameters": { + "type": "object", + "properties": { + "batchSize": { + "type": "integer", + "description": "The maximum number of records to include in each batch." + }, + "maximumBatchingWindowInSeconds": { + "type": "integer", + "description": "The maximum length of a time to wait for events." + } + } + }, + "aws-native:pipes:PipeState": { + "type": "string" + }, + "aws-native:pipes:PipeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the key-value pair." + }, + "value": { + "type": "string", + "description": "The value of the key-value pair." + } + } + }, + "aws-native:pipes:PipeTargetBatchJobParameters": { + "type": "object", + "properties": { + "arrayProperties": { + "$ref": "#/types/aws-native:pipes:PipeBatchArrayProperties", + "description": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job." + }, + "containerOverrides": { + "$ref": "#/types/aws-native:pipes:PipeBatchContainerOverrides", + "description": "The overrides that are sent to a container." + }, + "dependsOn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeBatchJobDependency" + }, + "description": "A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a `SEQUENTIAL` type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an `N_TO_N` type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin." + }, + "jobDefinition": { + "type": "string", + "description": "The job definition used by this job. This value can be one of `name` , `name:revision` , or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used." + }, + "jobName": { + "type": "string", + "description": "The name of the job. It can be up to 128 letters long. The first character must be alphanumeric, can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_)." + }, + "parameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition." + }, + "retryStrategy": { + "$ref": "#/types/aws-native:pipes:PipeBatchRetryStrategy", + "description": "The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition." + } + } + }, + "aws-native:pipes:PipeTargetCloudWatchLogsParameters": { + "type": "object", + "properties": { + "logStreamName": { + "type": "string", + "description": "The name of the log stream." + }, + "timestamp": { + "type": "string", + "description": "The time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC." + } + } + }, + "aws-native:pipes:PipeTargetEcsTaskParameters": { + "type": "object", + "properties": { + "capacityProviderStrategy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeCapacityProviderStrategyItem" + }, + "description": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used." + }, + "enableEcsManagedTags": { + "type": "boolean", + "description": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide." + }, + "enableExecuteCommand": { + "type": "boolean", + "description": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task." + }, + "group": { + "type": "string", + "description": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters." + }, + "launchType": { + "$ref": "#/types/aws-native:pipes:PipeLaunchType", + "description": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:pipes:PipeNetworkConfiguration", + "description": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails." + }, + "overrides": { + "$ref": "#/types/aws-native:pipes:PipeEcsTaskOverride", + "description": "The overrides that are associated with a task." + }, + "placementConstraints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipePlacementConstraint" + }, + "description": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime)." + }, + "placementStrategy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipePlacementStrategy" + }, + "description": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task." + }, + "platformVersion": { + "type": "string", + "description": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* ." + }, + "propagateTags": { + "$ref": "#/types/aws-native:pipes:PipePropagateTags", + "description": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the `TagResource` API action." + }, + "referenceId": { + "type": "string", + "description": "The reference ID to use for the task." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeTag" + }, + "description": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference." + }, + "taskCount": { + "type": "integer", + "description": "The number of tasks to create based on `TaskDefinition` . The default is 1." + }, + "taskDefinitionArn": { + "type": "string", + "description": "The ARN of the task definition to use if the event target is an Amazon ECS task." + } + }, + "irreversibleNames": { + "enableEcsManagedTags": "EnableECSManagedTags" + } + }, + "aws-native:pipes:PipeTargetEventBridgeEventBusParameters": { + "type": "object", + "properties": { + "detailType": { + "type": "string", + "description": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail." + }, + "endpointId": { + "type": "string", + "description": "The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is `abcde.veo` ." + }, + "resources": { + "type": "array", + "items": { + "type": "string" + }, + "description": "AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present." + }, + "source": { + "type": "string", + "description": "The source of the event." + }, + "time": { + "type": "string", + "description": "The time stamp of the event, per [RFC3339](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc3339.txt) . If no time stamp is provided, the time stamp of the [PutEvents](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) call is used." + } + } + }, + "aws-native:pipes:PipeTargetHttpParameters": { + "type": "object", + "properties": { + "headerParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination." + }, + "pathParameterValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\")." + }, + "queryStringParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination." + } + } + }, + "aws-native:pipes:PipeTargetInvocationType": { + "type": "string" + }, + "aws-native:pipes:PipeTargetKinesisStreamParameters": { + "type": "object", + "properties": { + "partitionKey": { + "type": "string", + "description": "Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream." + } + } + }, + "aws-native:pipes:PipeTargetLambdaFunctionParameters": { + "type": "object", + "properties": { + "invocationType": { + "$ref": "#/types/aws-native:pipes:PipeTargetInvocationType", + "description": "Specify whether to invoke the function synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. This corresponds to the `RequestResponse` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n- `FIRE_AND_FORGET` - Invoke asynchronously. This corresponds to the `Event` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* ." + } + } + }, + "aws-native:pipes:PipeTargetParameters": { + "type": "object", + "properties": { + "batchJobParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetBatchJobParameters", + "description": "The parameters for using an AWS Batch job as a target." + }, + "cloudWatchLogsParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetCloudWatchLogsParameters", + "description": "The parameters for using an CloudWatch Logs log stream as a target." + }, + "ecsTaskParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetEcsTaskParameters", + "description": "The parameters for using an Amazon ECS task as a target." + }, + "eventBridgeEventBusParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetEventBridgeEventBusParameters", + "description": "The parameters for using an EventBridge event bus as a target." + }, + "httpParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetHttpParameters", + "description": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations." + }, + "inputTemplate": { + "type": "string", + "description": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string." + }, + "kinesisStreamParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetKinesisStreamParameters", + "description": "The parameters for using a Kinesis stream as a target." + }, + "lambdaFunctionParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetLambdaFunctionParameters", + "description": "The parameters for using a Lambda function as a target." + }, + "redshiftDataParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetRedshiftDataParameters", + "description": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement." + }, + "sageMakerPipelineParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetSageMakerPipelineParameters", + "description": "The parameters for using a SageMaker pipeline as a target." + }, + "sqsQueueParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetSqsQueueParameters", + "description": "The parameters for using a Amazon SQS stream as a target." + }, + "stepFunctionStateMachineParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetStateMachineParameters", + "description": "The parameters for using a Step Functions state machine as a target." + }, + "timestreamParameters": { + "$ref": "#/types/aws-native:pipes:PipeTargetTimestreamParameters", + "description": "The parameters for using a Timestream for LiveAnalytics table as a target." + } + } + }, + "aws-native:pipes:PipeTargetRedshiftDataParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "Redshift Database" + }, + "dbUser": { + "type": "string", + "description": "Database user name" + }, + "secretManagerArn": { + "type": "string", + "description": "Optional SecretManager ARN which stores the database credentials" + }, + "sqls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of SQLs." + }, + "statementName": { + "type": "string", + "description": "A name for Redshift DataAPI statement which can be used as filter of ListStatement." + }, + "withEvent": { + "type": "boolean", + "description": "Indicates whether to send an event back to EventBridge after the SQL statement runs." + } + } + }, + "aws-native:pipes:PipeTargetSageMakerPipelineParameters": { + "type": "object", + "properties": { + "pipelineParameterList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeSageMakerPipelineParameter" + }, + "description": "List of Parameter names and values for SageMaker Model Building Pipeline execution." + } + } + }, + "aws-native:pipes:PipeTargetSqsQueueParameters": { + "type": "object", + "properties": { + "messageDeduplicationId": { + "type": "string", + "description": "This parameter applies only to FIFO (first-in-first-out) queues.\n\nThe token used for deduplication of sent messages." + }, + "messageGroupId": { + "type": "string", + "description": "The FIFO message group ID to use as the target." + } + } + }, + "aws-native:pipes:PipeTargetStateMachineParameters": { + "type": "object", + "properties": { + "invocationType": { + "$ref": "#/types/aws-native:pipes:PipeTargetInvocationType", + "description": "Specify whether to invoke the Step Functions state machine synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. For more information, see [StartSyncExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html) in the *AWS Step Functions API Reference* .\n\n\u003e `REQUEST_RESPONSE` is not supported for `STANDARD` state machine workflows.\n- `FIRE_AND_FORGET` - Invoke asynchronously. For more information, see [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) in the *AWS Step Functions API Reference* .\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* ." + } + } + }, + "aws-native:pipes:PipeTargetTimestreamParameters": { + "type": "object", + "properties": { + "dimensionMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeDimensionMapping" + }, + "description": "Map source data to dimensions in the target Timestream for LiveAnalytics table.\n\nFor more information, see [Amazon Timestream for LiveAnalytics concepts](https://docs.aws.amazon.com/timestream/latest/developerguide/concepts.html)" + }, + "epochTimeUnit": { + "$ref": "#/types/aws-native:pipes:PipeEpochTimeUnit", + "description": "The granularity of the time units used. Default is `MILLISECONDS` .\n\nRequired if `TimeFieldType` is specified as `EPOCH` ." + }, + "multiMeasureMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeMultiMeasureMapping" + }, + "description": "Maps multiple measures from the source event to the same record in the specified Timestream for LiveAnalytics table." + }, + "singleMeasureMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:pipes:PipeSingleMeasureMapping" + }, + "description": "Mappings of single source data fields to individual records in the specified Timestream for LiveAnalytics table." + }, + "timeFieldType": { + "$ref": "#/types/aws-native:pipes:PipeTimeFieldType", + "description": "The type of time value used.\n\nThe default is `EPOCH` ." + }, + "timeValue": { + "type": "string", + "description": "Dynamic path to the source data field that represents the time value for your data." + }, + "timestampFormat": { + "type": "string", + "description": "How to format the timestamps. For example, `YYYY-MM-DDThh:mm:ss.sssTZD` .\n\nRequired if `TimeFieldType` is specified as `TIMESTAMP_FORMAT` ." + }, + "versionValue": { + "type": "string", + "description": "64 bit version value or source data field that represents the version value for your data.\n\nWrite requests with a higher version number will update the existing measure values of the record and version. In cases where the measure value is the same, the version will still be updated.\n\nDefault value is 1.\n\nTimestream for LiveAnalytics does not support updating partial measure values in a record.\n\nWrite requests for duplicate data with a higher version number will update the existing measure value and version. In cases where the measure value is the same, `Version` will still be updated. Default value is `1` .\n\n\u003e `Version` must be `1` or greater, or you will receive a `ValidationException` error." + } + } + }, + "aws-native:pipes:PipeTimeFieldType": { + "type": "string" + }, + "aws-native:proton:EnvironmentAccountConnectionStatus": { + "type": "string" + }, + "aws-native:proton:EnvironmentAccountConnectionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eThe key of the resource tag.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eThe value of the resource tag.\u003c/p\u003e" + } + } + }, + "aws-native:proton:EnvironmentTemplateProvisioning": { + "type": "string" + }, + "aws-native:proton:EnvironmentTemplateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eThe key of the resource tag.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eThe value of the resource tag.\u003c/p\u003e" + } + } + }, + "aws-native:proton:ServiceTemplateProvisioning": { + "type": "string" + }, + "aws-native:proton:ServiceTemplateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eThe key of the resource tag.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eThe value of the resource tag.\u003c/p\u003e" + } + } + }, + "aws-native:qbusiness:ApplicationAttachmentsConfiguration": { + "type": "object", + "properties": { + "attachmentsControlMode": { + "$ref": "#/types/aws-native:qbusiness:ApplicationAttachmentsControlMode", + "description": "Status information about whether file upload functionality is activated or deactivated for your end user." + } + } + }, + "aws-native:qbusiness:ApplicationAttachmentsControlMode": { + "type": "string" + }, + "aws-native:qbusiness:ApplicationEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The identifier of the AWS KMS key. Amazon Q Business doesn't support asymmetric keys." + } + } + }, + "aws-native:qbusiness:ApplicationQAppsConfiguration": { + "type": "object", + "properties": { + "qAppsControlMode": { + "$ref": "#/types/aws-native:qbusiness:ApplicationQAppsControlMode", + "description": "Status information about whether end users can create and use Amazon Q Apps in the web experience." + } + } + }, + "aws-native:qbusiness:ApplicationQAppsControlMode": { + "type": "string" + }, + "aws-native:qbusiness:ApplicationStatus": { + "type": "string" + }, + "aws-native:qbusiness:ApplicationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag. Keys are not case sensitive and must be unique for the Amazon Q Business application or data source." + }, + "value": { + "type": "string", + "description": "The value associated with the tag. The value may be an empty string but it can't be null." + } + } + }, + "aws-native:qbusiness:DataSourceAttributeValueOperator": { + "type": "string" + }, + "aws-native:qbusiness:DataSourceDocumentAttributeCondition": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Q Business currently doesn't support `_document_body` as an attribute key used for the condition." + }, + "operator": { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentEnrichmentConditionOperator", + "description": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Q Business currently does not support `_document_body` as an attribute key used for the condition." + }, + "value": { + "oneOf": [ + { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentAttributeValue0Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentAttributeValue1Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentAttributeValue2Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentAttributeValue3Properties" + } + ], + "description": "The value of a document attribute. You can only provide one value for a document attribute." + } + } + }, + "aws-native:qbusiness:DataSourceDocumentAttributeTarget": { + "type": "object", + "properties": { + "attributeValueOperator": { + "$ref": "#/types/aws-native:qbusiness:DataSourceAttributeValueOperator", + "description": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` ." + }, + "key": { + "type": "string", + "description": "The identifier of the target document attribute or metadata field. For example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents." + }, + "value": { + "oneOf": [ + { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentAttributeValue0Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentAttributeValue1Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentAttributeValue2Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentAttributeValue3Properties" + } + ], + "description": "The value of a document attribute. You can only provide one value for a document attribute." + } + } + }, + "aws-native:qbusiness:DataSourceDocumentAttributeValue0Properties": { + "type": "object", + "properties": { + "stringValue": { + "type": "string" + } + } + }, + "aws-native:qbusiness:DataSourceDocumentAttributeValue1Properties": { + "type": "object", + "properties": { + "stringListValue": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:qbusiness:DataSourceDocumentAttributeValue2Properties": { + "type": "object", + "properties": { + "longValue": { + "type": "number" + } + } + }, + "aws-native:qbusiness:DataSourceDocumentAttributeValue3Properties": { + "type": "object", + "properties": { + "dateValue": { + "type": "string" + } + } + }, + "aws-native:qbusiness:DataSourceDocumentContentOperator": { + "type": "string" + }, + "aws-native:qbusiness:DataSourceDocumentEnrichmentConditionOperator": { + "type": "string" + }, + "aws-native:qbusiness:DataSourceDocumentEnrichmentConfiguration": { + "type": "object", + "properties": { + "inlineConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:qbusiness:DataSourceInlineDocumentEnrichmentConfiguration" + }, + "description": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Q Business." + }, + "postExtractionHookConfiguration": { + "$ref": "#/types/aws-native:qbusiness:DataSourceHookConfiguration", + "description": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) ." + }, + "preExtractionHookConfiguration": { + "$ref": "#/types/aws-native:qbusiness:DataSourceHookConfiguration", + "description": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) ." + } + } + }, + "aws-native:qbusiness:DataSourceHookConfiguration": { + "type": "object", + "properties": { + "invocationCondition": { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentAttributeCondition", + "description": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Q Business should invoke a function that inserts the current date-time." + }, + "lambdaArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of a role with permission to run a Lambda function during ingestion. For more information, see [IAM roles for Custom Document Enrichment (CDE)](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/iam-roles.html#cde-iam-role) ." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of a role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process." + }, + "s3BucketName": { + "type": "string", + "description": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html#cde-lambda-operations-data-contracts) ." + } + }, + "irreversibleNames": { + "s3BucketName": "S3BucketName" + } + }, + "aws-native:qbusiness:DataSourceInlineDocumentEnrichmentConfiguration": { + "type": "object", + "properties": { + "condition": { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentAttributeCondition", + "description": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Q Business ." + }, + "documentContentOperator": { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentContentOperator", + "description": "`TRUE` to delete content if the condition used for the target attribute is met." + }, + "target": { + "$ref": "#/types/aws-native:qbusiness:DataSourceDocumentAttributeTarget", + "description": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Q Business . You can also include a value." + } + } + }, + "aws-native:qbusiness:DataSourceStatus": { + "type": "string" + }, + "aws-native:qbusiness:DataSourceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag. Keys are not case sensitive and must be unique for the Amazon Q Business application or data source." + }, + "value": { + "type": "string", + "description": "The value associated with the tag. The value may be an empty string but it can't be null." + } + } + }, + "aws-native:qbusiness:DataSourceVpcConfiguration": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Q Business to connect to the data source." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device." + } + } + }, + "aws-native:qbusiness:IndexAttributeType": { + "type": "string" + }, + "aws-native:qbusiness:IndexCapacityConfiguration": { + "type": "object", + "properties": { + "units": { + "type": "number", + "description": "The number of storage units configured for an Amazon Q Business index." + } + } + }, + "aws-native:qbusiness:IndexDocumentAttributeConfiguration": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the document attribute." + }, + "search": { + "$ref": "#/types/aws-native:qbusiness:QBusinessIndexStatus", + "description": "Information about whether the document attribute can be used by an end user to search for information on their web experience." + }, + "type": { + "$ref": "#/types/aws-native:qbusiness:IndexAttributeType", + "description": "The type of document attribute." + } + } + }, + "aws-native:qbusiness:IndexStatistics": { + "type": "object", + "properties": { + "textDocumentStatistics": { + "$ref": "#/types/aws-native:qbusiness:IndexTextDocumentStatistics", + "description": "The number of documents indexed." + } + } + }, + "aws-native:qbusiness:IndexStatus": { + "type": "string" + }, + "aws-native:qbusiness:IndexTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag. Keys are not case sensitive and must be unique for the Amazon Q Business application or data source." + }, + "value": { + "type": "string", + "description": "The value associated with the tag. The value may be an empty string but it can't be null." + } + } + }, + "aws-native:qbusiness:IndexTextDocumentStatistics": { + "type": "object", + "properties": { + "indexedTextBytes": { + "type": "number", + "description": "The total size, in bytes, of the indexed documents." + }, + "indexedTextDocumentCount": { + "type": "number", + "description": "The number of text documents indexed." + } + } + }, + "aws-native:qbusiness:IndexType": { + "type": "string" + }, + "aws-native:qbusiness:PluginApiSchema0Properties": { + "type": "object", + "properties": { + "payload": { + "type": "string" + } + } + }, + "aws-native:qbusiness:PluginApiSchema1Properties": { + "type": "object", + "properties": { + "s3": { + "$ref": "#/types/aws-native:qbusiness:PluginS3" + } + }, + "irreversibleNames": { + "s3": "S3" + } + }, + "aws-native:qbusiness:PluginApiSchemaType": { + "type": "string" + }, + "aws-native:qbusiness:PluginAuthConfiguration0Properties": { + "type": "object", + "properties": { + "basicAuthConfiguration": { + "$ref": "#/types/aws-native:qbusiness:PluginBasicAuthConfiguration" + } + } + }, + "aws-native:qbusiness:PluginAuthConfiguration1Properties": { + "type": "object", + "properties": { + "oAuth2ClientCredentialConfiguration": { + "$ref": "#/types/aws-native:qbusiness:PluginOAuth2ClientCredentialConfiguration" + } + } + }, + "aws-native:qbusiness:PluginAuthConfiguration2Properties": { + "type": "object", + "properties": { + "noAuthConfiguration": { + "$ref": "#/types/aws-native:qbusiness:PluginNoAuthConfiguration" + } + } + }, + "aws-native:qbusiness:PluginBasicAuthConfiguration": { + "type": "object", + "properties": { + "roleArn": { + "type": "string" + }, + "secretArn": { + "type": "string" + } + } + }, + "aws-native:qbusiness:PluginBuildStatus": { + "type": "string" + }, + "aws-native:qbusiness:PluginCustomPluginConfiguration": { + "type": "object", + "properties": { + "apiSchema": { + "oneOf": [ + { + "$ref": "#/types/aws-native:qbusiness:PluginApiSchema0Properties" + }, + { + "$ref": "#/types/aws-native:qbusiness:PluginApiSchema1Properties" + } + ], + "description": "Contains either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema." + }, + "apiSchemaType": { + "$ref": "#/types/aws-native:qbusiness:PluginApiSchemaType", + "description": "The type of OpenAPI schema to use." + }, + "description": { + "type": "string", + "description": "A description for your custom plugin configuration." + } + } + }, + "aws-native:qbusiness:PluginNoAuthConfiguration": { + "type": "object" + }, + "aws-native:qbusiness:PluginOAuth2ClientCredentialConfiguration": { + "type": "object", + "properties": { + "roleArn": { + "type": "string" + }, + "secretArn": { + "type": "string" + } + } + }, + "aws-native:qbusiness:PluginS3": { + "type": "object", + "properties": { + "bucket": { + "type": "string" + }, + "key": { + "type": "string" + } + } + }, + "aws-native:qbusiness:PluginState": { + "type": "string" + }, + "aws-native:qbusiness:PluginTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag. Keys are not case sensitive and must be unique for the Amazon Q Business application or data source." + }, + "value": { + "type": "string", + "description": "The value associated with the tag. The value may be an empty string but it can't be null." + } + } + }, + "aws-native:qbusiness:PluginType": { + "type": "string" + }, + "aws-native:qbusiness:QBusinessIndexStatus": { + "type": "string" + }, + "aws-native:qbusiness:RetrieverConfiguration0Properties": { + "type": "object", + "properties": { + "nativeIndexConfiguration": { + "$ref": "#/types/aws-native:qbusiness:RetrieverNativeIndexConfiguration" + } + } + }, + "aws-native:qbusiness:RetrieverConfiguration1Properties": { + "type": "object", + "properties": { + "kendraIndexConfiguration": { + "$ref": "#/types/aws-native:qbusiness:RetrieverKendraIndexConfiguration" + } + } + }, + "aws-native:qbusiness:RetrieverKendraIndexConfiguration": { + "type": "object", + "properties": { + "indexId": { + "type": "string" + } + } + }, + "aws-native:qbusiness:RetrieverNativeIndexConfiguration": { + "type": "object", + "properties": { + "indexId": { + "type": "string" + } + } + }, + "aws-native:qbusiness:RetrieverStatus": { + "type": "string" + }, + "aws-native:qbusiness:RetrieverTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag. Keys are not case sensitive and must be unique for the Amazon Q Business application or data source." + }, + "value": { + "type": "string", + "description": "The value associated with the tag. The value may be an empty string but it can't be null." + } + } + }, + "aws-native:qbusiness:RetrieverType": { + "type": "string" + }, + "aws-native:qbusiness:WebExperienceSamplePromptsControlMode": { + "type": "string" + }, + "aws-native:qbusiness:WebExperienceStatus": { + "type": "string" + }, + "aws-native:qbusiness:WebExperienceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag. Keys are not case sensitive and must be unique for the Amazon Q Business application or data source." + }, + "value": { + "type": "string", + "description": "The value associated with the tag. The value may be an empty string but it can't be null." + } + } + }, + "aws-native:qldb:StreamKinesisConfiguration": { + "type": "object", + "properties": { + "aggregationEnabled": { + "type": "boolean", + "description": "Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call.\n\nDefault: `True`\n\n\u003e Record aggregation has important implications for processing records and requires de-aggregation in your stream consumer. To learn more, see [KPL Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) and [Consumer De-aggregation](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html) in the *Amazon Kinesis Data Streams Developer Guide* ." + }, + "streamArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Kinesis Data Streams resource." + } + } + }, + "aws-native:qldb:StreamTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:quicksight:AnalysisAggregationFunction": { + "type": "object", + "properties": { + "attributeAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisAttributeAggregationFunction", + "description": "Aggregation for attributes." + }, + "categoricalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoricalAggregationFunction", + "description": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values." + }, + "dateAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateAggregationFunction", + "description": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value." + }, + "numericalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericalAggregationFunction", + "description": "Aggregation for numerical values." + } + } + }, + "aws-native:quicksight:AnalysisAggregationSortConfiguration": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisAggregationFunction", + "description": "The function that aggregates the values in `Column` ." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that determines the sort order of aggregated values." + }, + "sortDirection": { + "$ref": "#/types/aws-native:quicksight:AnalysisSortDirection", + "description": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order." + } + } + }, + "aws-native:quicksight:AnalysisAllSheetsFilterScopeConfiguration": { + "type": "object" + }, + "aws-native:quicksight:AnalysisAnchorDateConfiguration": { + "type": "object", + "properties": { + "anchorOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisAnchorOption", + "description": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`" + }, + "parameterName": { + "type": "string", + "description": "The name of the parameter that is used for the anchor date configuration." + } + } + }, + "aws-native:quicksight:AnalysisAnchorOption": { + "type": "string" + }, + "aws-native:quicksight:AnalysisArcAxisConfiguration": { + "type": "object", + "properties": { + "range": { + "$ref": "#/types/aws-native:quicksight:AnalysisArcAxisDisplayRange", + "description": "The arc axis range of a `GaugeChartVisual` ." + }, + "reserveRange": { + "type": "number", + "description": "The reserved range of the arc axis." + } + } + }, + "aws-native:quicksight:AnalysisArcAxisDisplayRange": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum value of the arc axis range." + }, + "min": { + "type": "number", + "description": "The minimum value of the arc axis range." + } + } + }, + "aws-native:quicksight:AnalysisArcConfiguration": { + "type": "object", + "properties": { + "arcAngle": { + "type": "number", + "description": "The option that determines the arc angle of a `GaugeChartVisual` ." + }, + "arcThickness": { + "$ref": "#/types/aws-native:quicksight:AnalysisArcThicknessOptions", + "description": "The options that determine the arc thickness of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisArcOptions": { + "type": "object", + "properties": { + "arcThickness": { + "$ref": "#/types/aws-native:quicksight:AnalysisArcThickness", + "description": "The arc thickness of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisArcThickness": { + "type": "string" + }, + "aws-native:quicksight:AnalysisArcThicknessOptions": { + "type": "string" + }, + "aws-native:quicksight:AnalysisAssetOptions": { + "type": "object", + "properties": { + "timezone": { + "type": "string", + "description": "Determines the timezone for the analysis." + }, + "weekStart": { + "$ref": "#/types/aws-native:quicksight:AnalysisDayOfTheWeek", + "description": "Determines the week start day for an analysis." + } + } + }, + "aws-native:quicksight:AnalysisAttributeAggregationFunction": { + "type": "object", + "properties": { + "simpleAttributeAggregation": { + "$ref": "#/types/aws-native:quicksight:AnalysisSimpleAttributeAggregationFunction", + "description": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields." + }, + "valueForMultipleValues": { + "type": "string", + "description": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'." + } + } + }, + "aws-native:quicksight:AnalysisAxisBinding": { + "type": "string" + }, + "aws-native:quicksight:AnalysisAxisDataOptions": { + "type": "object", + "properties": { + "dateAxisOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateAxisOptions", + "description": "The options for an axis with a date field." + }, + "numericAxisOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericAxisOptions", + "description": "The options for an axis with a numeric field." + } + } + }, + "aws-native:quicksight:AnalysisAxisDisplayDataDrivenRange": { + "type": "object" + }, + "aws-native:quicksight:AnalysisAxisDisplayMinMaxRange": { + "type": "object", + "properties": { + "maximum": { + "type": "number", + "description": "The maximum setup for an axis display range." + }, + "minimum": { + "type": "number", + "description": "The minimum setup for an axis display range." + } + } + }, + "aws-native:quicksight:AnalysisAxisDisplayOptions": { + "type": "object", + "properties": { + "axisLineVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines whether or not the axis line is visible." + }, + "axisOffset": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "dataOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDataOptions", + "description": "The data options for an axis." + }, + "gridLineVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines whether or not the grid line is visible." + }, + "scrollbarOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisScrollBarOptions", + "description": "The scroll bar options for an axis." + }, + "tickLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisTickLabelOptions", + "description": "The tick label options of an axis." + } + } + }, + "aws-native:quicksight:AnalysisAxisDisplayRange": { + "type": "object", + "properties": { + "dataDriven": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayDataDrivenRange", + "description": "The data-driven setup of an axis display range." + }, + "minMax": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayMinMaxRange", + "description": "The minimum and maximum setup of an axis display range." + } + } + }, + "aws-native:quicksight:AnalysisAxisLabelOptions": { + "type": "object", + "properties": { + "applyTo": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisLabelReferenceOptions", + "description": "The options that indicate which field the label belongs to." + }, + "customLabel": { + "type": "string", + "description": "The text for the axis label." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontConfiguration", + "description": "The font configuration of the axis label." + } + } + }, + "aws-native:quicksight:AnalysisAxisLabelReferenceOptions": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the axis label is targeted to." + }, + "fieldId": { + "type": "string", + "description": "The field that the axis label is targeted to." + } + } + }, + "aws-native:quicksight:AnalysisAxisLinearScale": { + "type": "object", + "properties": { + "stepCount": { + "type": "number", + "description": "The step count setup of a linear axis." + }, + "stepSize": { + "type": "number", + "description": "The step size setup of a linear axis." + } + } + }, + "aws-native:quicksight:AnalysisAxisLogarithmicScale": { + "type": "object", + "properties": { + "base": { + "type": "number", + "description": "The base setup of a logarithmic axis scale." + } + } + }, + "aws-native:quicksight:AnalysisAxisScale": { + "type": "object", + "properties": { + "linear": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisLinearScale", + "description": "The linear axis scale setup." + }, + "logarithmic": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisLogarithmicScale", + "description": "The logarithmic axis scale setup." + } + } + }, + "aws-native:quicksight:AnalysisAxisTickLabelOptions": { + "type": "object", + "properties": { + "labelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisLabelOptions", + "description": "Determines whether or not the axis ticks are visible." + }, + "rotationAngle": { + "type": "number", + "description": "The rotation angle of the axis tick labels." + } + } + }, + "aws-native:quicksight:AnalysisBarChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The category (y-axis) field well of a bar chart." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The color (group/color) field well of a bar chart." + }, + "smallMultiples": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The small multiples field well of a bar chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The value field wells of a bar chart. Values are aggregated by category." + } + } + }, + "aws-native:quicksight:AnalysisBarChartConfiguration": { + "type": "object", + "properties": { + "barsArrangement": { + "$ref": "#/types/aws-native:quicksight:AnalysisBarsArrangement", + "description": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual." + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) for bar chart category." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) for a bar chart." + }, + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart." + }, + "contributionAnalysisDefaults": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisContributionAnalysisDefault" + }, + "description": "The contribution analysis (anomaly configuration) setup of the visual." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisBarChartFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions", + "description": "The legend display setup of the visual." + }, + "orientation": { + "$ref": "#/types/aws-native:quicksight:AnalysisBarChartOrientation", + "description": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLine" + }, + "description": "The reference line setup of the visual." + }, + "smallMultiplesOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSmallMultiplesOptions", + "description": "The small multiples setup for the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisBarChartSortConfiguration", + "description": "The sort configuration of a `BarChartVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "valueAxis": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) for a bar chart value." + }, + "valueLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) for a bar chart value." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:AnalysisBarChartFieldWells": { + "type": "object", + "properties": { + "barChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisBarChartAggregatedFieldWells", + "description": "The aggregated field wells of a bar chart." + } + } + }, + "aws-native:quicksight:AnalysisBarChartOrientation": { + "type": "string" + }, + "aws-native:quicksight:AnalysisBarChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of categories displayed in a bar chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of category fields." + }, + "colorItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of values displayed in a bar chart." + }, + "colorSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of color fields in a bar chart." + }, + "smallMultiplesLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of small multiples panels that are displayed." + }, + "smallMultiplesSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the small multiples field." + } + } + }, + "aws-native:quicksight:AnalysisBarChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisBarChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisBarsArrangement": { + "type": "string" + }, + "aws-native:quicksight:AnalysisBaseMapStyleType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisBinCountOptions": { + "type": "object", + "properties": { + "value": { + "type": "number", + "description": "The options that determine the bin count value." + } + } + }, + "aws-native:quicksight:AnalysisBinWidthOptions": { + "type": "object", + "properties": { + "binCountLimit": { + "type": "number", + "description": "The options that determine the bin count limit." + }, + "value": { + "type": "number", + "description": "The options that determine the bin width value." + } + } + }, + "aws-native:quicksight:AnalysisBodySectionConfiguration": { + "type": "object", + "properties": { + "content": { + "$ref": "#/types/aws-native:quicksight:AnalysisBodySectionContent", + "description": "The configuration of content in a body section." + }, + "pageBreakConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisSectionPageBreakConfiguration", + "description": "The configuration of a page break for a section." + }, + "sectionId": { + "type": "string", + "description": "The unique identifier of a body section." + }, + "style": { + "$ref": "#/types/aws-native:quicksight:AnalysisSectionStyle", + "description": "The style options of a body section." + } + } + }, + "aws-native:quicksight:AnalysisBodySectionContent": { + "type": "object", + "properties": { + "layout": { + "$ref": "#/types/aws-native:quicksight:AnalysisSectionLayoutConfiguration", + "description": "The layout configuration of a body section." + } + } + }, + "aws-native:quicksight:AnalysisBoxPlotAggregatedFieldWells": { + "type": "object", + "properties": { + "groupBy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The group by field well of a box plot chart. Values are grouped based on group by fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The value field well of a box plot chart. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:AnalysisBoxPlotChartConfiguration": { + "type": "object", + "properties": { + "boxPlotOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisBoxPlotOptions", + "description": "The box plot chart options for a box plot visual" + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) of a box plot category." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort Icon visibility) of a box plot category." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisBoxPlotFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions" + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) of a box plot category." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) of a box plot value." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLine" + }, + "description": "The reference line setup of the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisBoxPlotSortConfiguration", + "description": "The sort configuration of a `BoxPlotVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:AnalysisBoxPlotFieldWells": { + "type": "object", + "properties": { + "boxPlotAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisBoxPlotAggregatedFieldWells", + "description": "The aggregated field wells of a box plot." + } + } + }, + "aws-native:quicksight:AnalysisBoxPlotFillStyle": { + "type": "string" + }, + "aws-native:quicksight:AnalysisBoxPlotOptions": { + "type": "object", + "properties": { + "allDataPointsVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines the visibility of all data points of the box plot." + }, + "outlierVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines the visibility of the outlier in a box plot." + }, + "styleOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisBoxPlotStyleOptions", + "description": "The style options of the box plot." + } + } + }, + "aws-native:quicksight:AnalysisBoxPlotSortConfiguration": { + "type": "object", + "properties": { + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of a group by fields." + }, + "paginationConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisPaginationConfiguration", + "description": "The pagination configuration of a table visual or box plot." + } + } + }, + "aws-native:quicksight:AnalysisBoxPlotStyleOptions": { + "type": "object", + "properties": { + "fillStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisBoxPlotFillStyle", + "description": "The fill styles (solid, transparent) of the box plot." + } + } + }, + "aws-native:quicksight:AnalysisBoxPlotVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisBoxPlotChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:AnalysisCalculatedField": { + "type": "object", + "properties": { + "dataSetIdentifier": { + "type": "string", + "description": "The data set that is used in this calculated field." + }, + "expression": { + "type": "string", + "description": "The expression of the calculated field." + }, + "name": { + "type": "string", + "description": "The name of the calculated field." + } + } + }, + "aws-native:quicksight:AnalysisCalculatedMeasureField": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "The expression in the table calculation." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + } + } + }, + "aws-native:quicksight:AnalysisCascadingControlConfiguration": { + "type": "object", + "properties": { + "sourceControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisCascadingControlSource" + }, + "description": "A list of source controls that determine the values that are used in the current control." + } + } + }, + "aws-native:quicksight:AnalysisCascadingControlSource": { + "type": "object", + "properties": { + "columnToMatch": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column identifier that determines which column to look up for the source sheet control." + }, + "sourceSheetControlId": { + "type": "string", + "description": "The source sheet control ID of a `CascadingControlSource` ." + } + } + }, + "aws-native:quicksight:AnalysisCategoricalAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:AnalysisCategoricalDimensionField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that is used in the `CategoricalDimensionField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisStringFormatConfiguration", + "description": "The format configuration of the field." + }, + "hierarchyId": { + "type": "string", + "description": "The custom hierarchy ID." + } + } + }, + "aws-native:quicksight:AnalysisCategoricalMeasureField": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoricalAggregationFunction", + "description": "The aggregation function of the measure field." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that is used in the `CategoricalMeasureField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisStringFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:AnalysisCategoryDrillDownFilter": { + "type": "object", + "properties": { + "categoryValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the string inputs that are the values of the category drill down filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the filter is applied to." + } + } + }, + "aws-native:quicksight:AnalysisCategoryFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "configuration": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoryFilterConfiguration", + "description": "The configuration for a `CategoryFilter` ." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + } + } + }, + "aws-native:quicksight:AnalysisCategoryFilterConfiguration": { + "type": "object", + "properties": { + "customFilterConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomFilterConfiguration", + "description": "A custom filter that filters based on a single value. This filter can be partially matched." + }, + "customFilterListConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomFilterListConfiguration", + "description": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list." + }, + "filterListConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterListConfiguration", + "description": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list." + } + } + }, + "aws-native:quicksight:AnalysisCategoryFilterMatchOperator": { + "type": "string" + }, + "aws-native:quicksight:AnalysisCategoryFilterSelectAllOptions": { + "type": "string" + }, + "aws-native:quicksight:AnalysisChartAxisLabelOptions": { + "type": "object", + "properties": { + "axisLabelOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisLabelOptions" + }, + "description": "The label options for a chart axis." + }, + "sortIconVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility configuration of the sort icon on a chart's axis label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis." + } + } + }, + "aws-native:quicksight:AnalysisClusterMarker": { + "type": "object", + "properties": { + "simpleClusterMarker": { + "$ref": "#/types/aws-native:quicksight:AnalysisSimpleClusterMarker", + "description": "The simple cluster marker of the cluster marker." + } + } + }, + "aws-native:quicksight:AnalysisClusterMarkerConfiguration": { + "type": "object", + "properties": { + "clusterMarker": { + "$ref": "#/types/aws-native:quicksight:AnalysisClusterMarker", + "description": "The cluster marker that is a part of the cluster marker configuration." + } + } + }, + "aws-native:quicksight:AnalysisColorFillType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisColorScale": { + "type": "object", + "properties": { + "colorFillType": { + "$ref": "#/types/aws-native:quicksight:AnalysisColorFillType", + "description": "Determines the color fill type." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataColor" + }, + "description": "Determines the list of colors that are applied to the visual." + }, + "nullValueColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataColor", + "description": "Determines the color that is applied to null values." + } + } + }, + "aws-native:quicksight:AnalysisColorsConfiguration": { + "type": "object", + "properties": { + "customColors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomColor" + }, + "description": "A list of up to 50 custom colors." + } + } + }, + "aws-native:quicksight:AnalysisColumnConfiguration": { + "type": "object", + "properties": { + "colorsConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisColorsConfiguration", + "description": "The color configurations of the column." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFormatConfiguration", + "description": "The format configuration of a column." + }, + "role": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnRole", + "description": "The role of the column." + } + } + }, + "aws-native:quicksight:AnalysisColumnHierarchy": { + "type": "object", + "properties": { + "dateTimeHierarchy": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateTimeHierarchy", + "description": "The option that determines the hierarchy of any `DateTime` fields." + }, + "explicitHierarchy": { + "$ref": "#/types/aws-native:quicksight:AnalysisExplicitHierarchy", + "description": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals." + }, + "predefinedHierarchy": { + "$ref": "#/types/aws-native:quicksight:AnalysisPredefinedHierarchy", + "description": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source." + } + } + }, + "aws-native:quicksight:AnalysisColumnIdentifier": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "The name of the column." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The data set that the column belongs to." + } + } + }, + "aws-native:quicksight:AnalysisColumnRole": { + "type": "string" + }, + "aws-native:quicksight:AnalysisColumnSort": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisAggregationFunction", + "description": "The aggregation function that is defined in the column sort." + }, + "direction": { + "$ref": "#/types/aws-native:quicksight:AnalysisSortDirection", + "description": "The sort direction." + }, + "sortBy": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier" + } + } + }, + "aws-native:quicksight:AnalysisColumnTooltipItem": { + "type": "object", + "properties": { + "aggregation": { + "$ref": "#/types/aws-native:quicksight:AnalysisAggregationFunction", + "description": "The aggregation function of the column tooltip item." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The target column of the tooltip item." + }, + "label": { + "type": "string", + "description": "The label of the tooltip item." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the tooltip item." + } + } + }, + "aws-native:quicksight:AnalysisComboChartAggregatedFieldWells": { + "type": "object", + "properties": { + "barValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The aggregated `BarValues` field well of a combo chart." + }, + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The aggregated category field wells of a combo chart." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The aggregated colors field well of a combo chart." + }, + "lineValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The aggregated `LineValues` field well of a combo chart." + } + } + }, + "aws-native:quicksight:AnalysisComboChartConfiguration": { + "type": "object", + "properties": { + "barDataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart." + }, + "barsArrangement": { + "$ref": "#/types/aws-native:quicksight:AnalysisBarsArrangement", + "description": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error." + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The category axis of a combo chart." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well." + }, + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisComboChartFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions", + "description": "The legend display setup of the visual." + }, + "lineDataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart." + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLine" + }, + "description": "The reference line setup of the visual." + }, + "secondaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well." + }, + "secondaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisComboChartSortConfiguration", + "description": "The sort configuration of a `ComboChartVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The legend display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:AnalysisComboChartFieldWells": { + "type": "object", + "properties": { + "comboChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisComboChartAggregatedFieldWells", + "description": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category." + } + } + }, + "aws-native:quicksight:AnalysisComboChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The item limit configuration for the category field well of a combo chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the category field well in a combo chart." + }, + "colorItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The item limit configuration of the color field well in a combo chart." + }, + "colorSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the color field well in a combo chart." + } + } + }, + "aws-native:quicksight:AnalysisComboChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisComboChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisComparisonConfiguration": { + "type": "object", + "properties": { + "comparisonFormat": { + "$ref": "#/types/aws-native:quicksight:AnalysisComparisonFormatConfiguration", + "description": "The format of the comparison." + }, + "comparisonMethod": { + "$ref": "#/types/aws-native:quicksight:AnalysisComparisonMethod", + "description": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`" + } + } + }, + "aws-native:quicksight:AnalysisComparisonFormatConfiguration": { + "type": "object", + "properties": { + "numberDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumberDisplayFormatConfiguration", + "description": "The number display format." + }, + "percentageDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisPercentageDisplayFormatConfiguration", + "description": "The percentage display format." + } + } + }, + "aws-native:quicksight:AnalysisComparisonMethod": { + "type": "string" + }, + "aws-native:quicksight:AnalysisComputation": { + "type": "object", + "properties": { + "forecast": { + "$ref": "#/types/aws-native:quicksight:AnalysisForecastComputation", + "description": "The forecast computation configuration." + }, + "growthRate": { + "$ref": "#/types/aws-native:quicksight:AnalysisGrowthRateComputation", + "description": "The growth rate computation configuration." + }, + "maximumMinimum": { + "$ref": "#/types/aws-native:quicksight:AnalysisMaximumMinimumComputation", + "description": "The maximum and minimum computation configuration." + }, + "metricComparison": { + "$ref": "#/types/aws-native:quicksight:AnalysisMetricComparisonComputation", + "description": "The metric comparison computation configuration." + }, + "periodOverPeriod": { + "$ref": "#/types/aws-native:quicksight:AnalysisPeriodOverPeriodComputation", + "description": "The period over period computation configuration." + }, + "periodToDate": { + "$ref": "#/types/aws-native:quicksight:AnalysisPeriodToDateComputation", + "description": "The period to `DataSetIdentifier` computation configuration." + }, + "topBottomMovers": { + "$ref": "#/types/aws-native:quicksight:AnalysisTopBottomMoversComputation", + "description": "The top movers and bottom movers computation configuration." + }, + "topBottomRanked": { + "$ref": "#/types/aws-native:quicksight:AnalysisTopBottomRankedComputation", + "description": "The top ranked and bottom ranked computation configuration." + }, + "totalAggregation": { + "$ref": "#/types/aws-native:quicksight:AnalysisTotalAggregationComputation", + "description": "The total aggregation computation configuration." + }, + "uniqueValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisUniqueValuesComputation", + "description": "The unique values computation configuration." + } + } + }, + "aws-native:quicksight:AnalysisConditionalFormattingColor": { + "type": "object", + "properties": { + "gradient": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingGradientColor", + "description": "Formatting configuration for gradient color." + }, + "solid": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingSolidColor", + "description": "Formatting configuration for solid color." + } + } + }, + "aws-native:quicksight:AnalysisConditionalFormattingCustomIconCondition": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "Determines the color of the icon." + }, + "displayConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingIconDisplayConfiguration", + "description": "Determines the icon display configuration." + }, + "expression": { + "type": "string", + "description": "The expression that determines the condition of the icon set." + }, + "iconOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingCustomIconOptions", + "description": "Custom icon options for an icon set." + } + } + }, + "aws-native:quicksight:AnalysisConditionalFormattingCustomIconOptions": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:AnalysisIcon", + "description": "Determines the type of icon." + }, + "unicodeIcon": { + "type": "string", + "description": "Determines the Unicode icon type." + } + } + }, + "aws-native:quicksight:AnalysisConditionalFormattingGradientColor": { + "type": "object", + "properties": { + "color": { + "$ref": "#/types/aws-native:quicksight:AnalysisGradientColor", + "description": "Determines the color." + }, + "expression": { + "type": "string", + "description": "The expression that determines the formatting configuration for gradient color." + } + } + }, + "aws-native:quicksight:AnalysisConditionalFormattingIcon": { + "type": "object", + "properties": { + "customCondition": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingCustomIconCondition", + "description": "Determines the custom condition for an icon set." + }, + "iconSet": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingIconSet", + "description": "Formatting configuration for icon set." + } + } + }, + "aws-native:quicksight:AnalysisConditionalFormattingIconDisplayConfiguration": { + "type": "object", + "properties": { + "iconDisplayOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingIconDisplayOption", + "description": "Determines the icon display configuration." + } + } + }, + "aws-native:quicksight:AnalysisConditionalFormattingIconDisplayOption": { + "type": "string" + }, + "aws-native:quicksight:AnalysisConditionalFormattingIconSet": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "The expression that determines the formatting configuration for the icon set." + }, + "iconSetType": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingIconSetType", + "description": "Determines the icon set type." + } + } + }, + "aws-native:quicksight:AnalysisConditionalFormattingIconSetType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisConditionalFormattingSolidColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "Determines the color." + }, + "expression": { + "type": "string", + "description": "The expression that determines the formatting configuration for solid color." + } + } + }, + "aws-native:quicksight:AnalysisContributionAnalysisDefault": { + "type": "object", + "properties": { + "contributorDimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier" + }, + "description": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` ." + }, + "measureFieldId": { + "type": "string", + "description": "The measure field that is used in the contribution analysis." + } + } + }, + "aws-native:quicksight:AnalysisCrossDatasetTypes": { + "type": "string" + }, + "aws-native:quicksight:AnalysisCurrencyDisplayFormatConfiguration": { + "type": "object", + "properties": { + "decimalPlacesConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDecimalPlacesConfiguration", + "description": "The option that determines the decimal places configuration." + }, + "negativeValueConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNegativeValueConfiguration", + "description": "The options that determine the negative value configuration." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numberScale": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumberScale", + "description": "Determines the number scale value for the currency format." + }, + "prefix": { + "type": "string", + "description": "Determines the prefix value of the currency format." + }, + "separatorConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericSeparatorConfiguration", + "description": "The options that determine the numeric separator configuration." + }, + "suffix": { + "type": "string", + "description": "Determines the suffix value of the currency format." + }, + "symbol": { + "type": "string", + "description": "Determines the symbol for the currency format." + } + } + }, + "aws-native:quicksight:AnalysisCustomActionFilterOperation": { + "type": "object", + "properties": { + "selectedFieldsConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterOperationSelectedFieldsConfiguration", + "description": "The configuration that chooses the fields to be filtered." + }, + "targetVisualsConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterOperationTargetVisualsConfiguration", + "description": "The configuration that chooses the target visuals to be filtered." + } + } + }, + "aws-native:quicksight:AnalysisCustomActionNavigationOperation": { + "type": "object", + "properties": { + "localNavigationConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisLocalNavigationConfiguration", + "description": "The configuration that chooses the navigation target." + } + } + }, + "aws-native:quicksight:AnalysisCustomActionSetParametersOperation": { + "type": "object", + "properties": { + "parameterValueConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisSetParameterValueConfiguration" + }, + "description": "The parameter that determines the value configuration." + } + } + }, + "aws-native:quicksight:AnalysisCustomActionUrlOperation": { + "type": "object", + "properties": { + "urlTarget": { + "$ref": "#/types/aws-native:quicksight:AnalysisUrlTargetConfiguration", + "description": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab." + }, + "urlTemplate": { + "type": "string", + "description": "THe URL link of the `CustomActionURLOperation` ." + } + }, + "irreversibleNames": { + "urlTarget": "URLTarget", + "urlTemplate": "URLTemplate" + } + }, + "aws-native:quicksight:AnalysisCustomColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color that is applied to the data value." + }, + "fieldValue": { + "type": "string", + "description": "The data value that the color is applied to." + }, + "specialValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisSpecialValue", + "description": "The value of a special data value." + } + } + }, + "aws-native:quicksight:AnalysisCustomContentConfiguration": { + "type": "object", + "properties": { + "contentType": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomContentType", + "description": "The content type of the custom content visual. You can use this to have the visual render as an image." + }, + "contentUrl": { + "type": "string", + "description": "The input URL that links to the custom content that you want in the custom visual." + }, + "imageScaling": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomContentImageScalingConfiguration", + "description": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` ." + } + } + }, + "aws-native:quicksight:AnalysisCustomContentImageScalingConfiguration": { + "type": "string" + }, + "aws-native:quicksight:AnalysisCustomContentType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisCustomContentVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomContentConfiguration", + "description": "The configuration of a `CustomContentVisual` ." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisCustomFilterConfiguration": { + "type": "object", + "properties": { + "categoryValue": { + "type": "string", + "description": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` ." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoryFilterMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` ." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoryFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:AnalysisCustomFilterListConfiguration": { + "type": "object", + "properties": { + "categoryValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of category values for the filter." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoryFilterMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoryFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:AnalysisCustomNarrativeOptions": { + "type": "object", + "properties": { + "narrative": { + "type": "string", + "description": "The string input of custom narrative." + } + } + }, + "aws-native:quicksight:AnalysisCustomParameterValues": { + "type": "object", + "properties": { + "dateTimeValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of datetime-type parameter values." + }, + "decimalValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "A list of decimal-type parameter values." + }, + "integerValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "A list of integer-type parameter values." + }, + "stringValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of string-type parameter values." + } + } + }, + "aws-native:quicksight:AnalysisCustomValuesConfiguration": { + "type": "object", + "properties": { + "customValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomParameterValues" + }, + "includeNullValue": { + "type": "boolean", + "description": "Includes the null value in custom action parameter values." + } + } + }, + "aws-native:quicksight:AnalysisDataBarsOptions": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID for the data bars options." + }, + "negativeColor": { + "type": "string", + "description": "The color of the negative data bar." + }, + "positiveColor": { + "type": "string", + "description": "The color of the positive data bar." + } + } + }, + "aws-native:quicksight:AnalysisDataColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color that is applied to the data value." + }, + "dataValue": { + "type": "number", + "description": "The data value that the color is applied to." + } + } + }, + "aws-native:quicksight:AnalysisDataFieldSeriesItem": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisBinding", + "description": "The axis that you are binding the field to." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the field that you are setting the axis binding to." + }, + "fieldValue": { + "type": "string", + "description": "The field value of the field that you are setting the axis binding to." + }, + "settings": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartSeriesSettings", + "description": "The options that determine the presentation of line series associated to the field." + } + } + }, + "aws-native:quicksight:AnalysisDataLabelContent": { + "type": "string" + }, + "aws-native:quicksight:AnalysisDataLabelOptions": { + "type": "object", + "properties": { + "categoryLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines the visibility of the category field labels." + }, + "dataLabelTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelType" + }, + "description": "The option that determines the data label type." + }, + "labelColor": { + "type": "string", + "description": "Determines the color of the data labels." + }, + "labelContent": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelContent", + "description": "Determines the content of the data labels." + }, + "labelFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontConfiguration", + "description": "Determines the font configuration of the data labels." + }, + "measureLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines the visibility of the measure field labels." + }, + "overlap": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOverlap", + "description": "Determines whether overlap is enabled or disabled for the data labels." + }, + "position": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelPosition", + "description": "Determines the position of the data labels." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines the visibility of the total." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines the visibility of the data labels." + } + } + }, + "aws-native:quicksight:AnalysisDataLabelOverlap": { + "type": "string" + }, + "aws-native:quicksight:AnalysisDataLabelPosition": { + "type": "string" + }, + "aws-native:quicksight:AnalysisDataLabelType": { + "type": "object", + "properties": { + "dataPathLabelType": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataPathLabelType", + "description": "The option that specifies individual data values for labels." + }, + "fieldLabelType": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldLabelType", + "description": "Determines the label configuration for the entire field." + }, + "maximumLabelType": { + "$ref": "#/types/aws-native:quicksight:AnalysisMaximumLabelType", + "description": "Determines the label configuration for the maximum value in a visual." + }, + "minimumLabelType": { + "$ref": "#/types/aws-native:quicksight:AnalysisMinimumLabelType", + "description": "Determines the label configuration for the minimum value in a visual." + }, + "rangeEndsLabelType": { + "$ref": "#/types/aws-native:quicksight:AnalysisRangeEndsLabelType", + "description": "Determines the label configuration for range end value in a visual." + } + } + }, + "aws-native:quicksight:AnalysisDataPathColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color that needs to be applied to the element." + }, + "element": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataPathValue", + "description": "The element that the color needs to be applied to." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeGranularity", + "description": "The time granularity of the field that the color needs to be applied to." + } + } + }, + "aws-native:quicksight:AnalysisDataPathLabelType": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the field that the data label needs to be applied to." + }, + "fieldValue": { + "type": "string", + "description": "The actual value of the field that is labeled." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the data label." + } + } + }, + "aws-native:quicksight:AnalysisDataPathSort": { + "type": "object", + "properties": { + "direction": { + "$ref": "#/types/aws-native:quicksight:AnalysisSortDirection", + "description": "Determines the sort direction." + }, + "sortPaths": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataPathValue" + }, + "description": "The list of data paths that need to be sorted." + } + } + }, + "aws-native:quicksight:AnalysisDataPathType": { + "type": "object", + "properties": { + "pivotTableDataPathType": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableDataPathType", + "description": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` ." + } + } + }, + "aws-native:quicksight:AnalysisDataPathValue": { + "type": "object", + "properties": { + "dataPathType": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataPathType", + "description": "The type configuration of the field." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the field that needs to be sorted." + }, + "fieldValue": { + "type": "string", + "description": "The actual value of the field that needs to be sorted." + } + } + }, + "aws-native:quicksight:AnalysisDataSetIdentifierDeclaration": { + "type": "object", + "properties": { + "dataSetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the data set." + }, + "identifier": { + "type": "string", + "description": "The identifier of the data set, typically the data set's name." + } + } + }, + "aws-native:quicksight:AnalysisDataSetReference": { + "type": "object", + "properties": { + "dataSetArn": { + "type": "string", + "description": "\u003cp\u003eDataset Amazon Resource Name (ARN).\u003c/p\u003e" + }, + "dataSetPlaceholder": { + "type": "string", + "description": "\u003cp\u003eDataset placeholder.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:AnalysisDateAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:AnalysisDateAxisOptions": { + "type": "object", + "properties": { + "missingDateVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines whether or not missing dates are displayed." + } + } + }, + "aws-native:quicksight:AnalysisDateDimensionField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that is used in the `DateDimensionField` ." + }, + "dateGranularity": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeGranularity", + "description": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`" + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateTimeFormatConfiguration", + "description": "The format configuration of the field." + }, + "hierarchyId": { + "type": "string", + "description": "The custom hierarchy ID." + } + } + }, + "aws-native:quicksight:AnalysisDateMeasureField": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateAggregationFunction", + "description": "The aggregation function of the measure field." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that is used in the `DateMeasureField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateTimeFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:AnalysisDateTimeDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisDynamicDefaultValue", + "description": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping." + }, + "rollingDate": { + "$ref": "#/types/aws-native:quicksight:AnalysisRollingDateConfiguration", + "description": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression." + }, + "staticValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The static values of the `DataTimeDefaultValues` ." + } + } + }, + "aws-native:quicksight:AnalysisDateTimeFormatConfiguration": { + "type": "object", + "properties": { + "dateTimeFormat": { + "type": "string", + "description": "Determines the `DateTime` format." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numericFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericFormatConfiguration", + "description": "The formatting configuration for numeric `DateTime` fields." + } + } + }, + "aws-native:quicksight:AnalysisDateTimeHierarchy": { + "type": "object", + "properties": { + "drillDownFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDrillDownFilter" + }, + "description": "The option that determines the drill down filters for the `DateTime` hierarchy." + }, + "hierarchyId": { + "type": "string", + "description": "The hierarchy ID of the `DateTime` hierarchy." + } + } + }, + "aws-native:quicksight:AnalysisDateTimeParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eA display name for the date-time parameter.\u003c/p\u003e" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe values for the date-time parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:AnalysisDateTimeParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateTimeDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateTimeValueWhenUnsetConfiguration", + "description": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set." + } + } + }, + "aws-native:quicksight:AnalysisDateTimePickerControlDisplayOptions": { + "type": "object", + "properties": { + "dateTimeFormat": { + "type": "string", + "description": "Customize how dates are formatted in controls." + }, + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:AnalysisDateTimeValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "string", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:AnalysisDayOfTheWeek": { + "type": "string" + }, + "aws-native:quicksight:AnalysisDecimalDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisDynamicDefaultValue", + "description": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping." + }, + "staticValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "The static values of the `DecimalDefaultValues` ." + } + } + }, + "aws-native:quicksight:AnalysisDecimalParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eA display name for the decimal parameter.\u003c/p\u003e" + }, + "values": { + "type": "array", + "items": { + "type": "number" + }, + "description": "\u003cp\u003eThe values for the decimal parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:AnalysisDecimalParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisDecimalDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "parameterValueType": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterValueType", + "description": "The value type determines whether the parameter is a single-value or multi-value parameter." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:AnalysisDecimalValueWhenUnsetConfiguration", + "description": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set." + } + } + }, + "aws-native:quicksight:AnalysisDecimalPlacesConfiguration": { + "type": "object", + "properties": { + "decimalPlaces": { + "type": "number", + "description": "The values of the decimal places." + } + } + }, + "aws-native:quicksight:AnalysisDecimalValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "number", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:AnalysisDefaultDateTimePickerControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateTimePickerControlDisplayOptions", + "description": "The display options of a control." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlDateTimePickerType", + "description": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range." + } + } + }, + "aws-native:quicksight:AnalysisDefaultFilterControlConfiguration": { + "type": "object", + "properties": { + "controlOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultFilterControlOptions", + "description": "The control option for the `DefaultFilterControlConfiguration` ." + }, + "title": { + "type": "string", + "description": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter." + } + } + }, + "aws-native:quicksight:AnalysisDefaultFilterControlOptions": { + "type": "object", + "properties": { + "defaultDateTimePickerOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultDateTimePickerControlOptions", + "description": "The default options that correspond to the filter control type of a `DateTimePicker` ." + }, + "defaultDropdownOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultFilterDropDownControlOptions", + "description": "The default options that correspond to the `Dropdown` filter control type." + }, + "defaultListOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultFilterListControlOptions", + "description": "The default options that correspond to the `List` filter control type." + }, + "defaultRelativeDateTimeOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultRelativeDateTimeControlOptions", + "description": "The default options that correspond to the `RelativeDateTime` filter control type." + }, + "defaultSliderOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultSliderControlOptions", + "description": "The default options that correspond to the `Slider` filter control type." + }, + "defaultTextAreaOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultTextAreaControlOptions", + "description": "The default options that correspond to the `TextArea` filter control type." + }, + "defaultTextFieldOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultTextFieldControlOptions", + "description": "The default options that correspond to the `TextField` filter control type." + } + } + }, + "aws-native:quicksight:AnalysisDefaultFilterDropDownControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDropDownControlDisplayOptions", + "description": "The display options of a control." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlListType", + "description": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu." + } + } + }, + "aws-native:quicksight:AnalysisDefaultFilterListControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisListControlDisplayOptions", + "description": "The display options of a control." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlListType", + "description": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list." + } + } + }, + "aws-native:quicksight:AnalysisDefaultFreeFormLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisFreeFormLayoutCanvasSizeOptions", + "description": "Determines the screen canvas size options for a free-form layout." + } + } + }, + "aws-native:quicksight:AnalysisDefaultGridLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisGridLayoutCanvasSizeOptions", + "description": "Determines the screen canvas size options for a grid layout." + } + } + }, + "aws-native:quicksight:AnalysisDefaultInteractiveLayoutConfiguration": { + "type": "object", + "properties": { + "freeForm": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultFreeFormLayoutConfiguration", + "description": "The options that determine the default settings of a free-form layout configuration." + }, + "grid": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultGridLayoutConfiguration", + "description": "The options that determine the default settings for a grid layout configuration." + } + } + }, + "aws-native:quicksight:AnalysisDefaultNewSheetConfiguration": { + "type": "object", + "properties": { + "interactiveLayoutConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultInteractiveLayoutConfiguration", + "description": "The options that determine the default settings for interactive layout configuration." + }, + "paginatedLayoutConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultPaginatedLayoutConfiguration", + "description": "The options that determine the default settings for a paginated layout configuration." + }, + "sheetContentType": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetContentType", + "description": "The option that determines the sheet content type." + } + } + }, + "aws-native:quicksight:AnalysisDefaultPaginatedLayoutConfiguration": { + "type": "object", + "properties": { + "sectionBased": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultSectionBasedLayoutConfiguration", + "description": "The options that determine the default settings for a section-based layout configuration." + } + } + }, + "aws-native:quicksight:AnalysisDefaultRelativeDateTimeControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisRelativeDateTimeControlDisplayOptions", + "description": "The display options of a control." + } + } + }, + "aws-native:quicksight:AnalysisDefaultSectionBasedLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSectionBasedLayoutCanvasSizeOptions", + "description": "Determines the screen canvas size options for a section-based layout." + } + } + }, + "aws-native:quicksight:AnalysisDefaultSliderControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSliderControlDisplayOptions", + "description": "The display options of a control." + }, + "maximumValue": { + "type": "number", + "description": "The larger value that is displayed at the right of the slider." + }, + "minimumValue": { + "type": "number", + "description": "The smaller value that is displayed at the left of the slider." + }, + "stepSize": { + "type": "number", + "description": "The number of increments that the slider bar is divided into." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlSliderType", + "description": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range." + } + } + }, + "aws-native:quicksight:AnalysisDefaultTextAreaControlOptions": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "The delimiter that is used to separate the lines in text." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTextAreaControlDisplayOptions", + "description": "The display options of a control." + } + } + }, + "aws-native:quicksight:AnalysisDefaultTextFieldControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTextFieldControlDisplayOptions", + "description": "The display options of a control." + } + } + }, + "aws-native:quicksight:AnalysisDefaults": { + "type": "object", + "properties": { + "defaultNewSheetConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultNewSheetConfiguration", + "description": "The configuration for default new sheet settings." + } + } + }, + "aws-native:quicksight:AnalysisDefinition": { + "type": "object", + "properties": { + "analysisDefaults": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaults" + }, + "calculatedFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisCalculatedField" + }, + "description": "An array of calculated field definitions for the analysis." + }, + "columnConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnConfiguration" + }, + "description": "An array of analysis-level column configurations. Column configurations can be used to set default formatting for a column to be used throughout an analysis." + }, + "dataSetIdentifierDeclarations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataSetIdentifierDeclaration" + }, + "description": "An array of dataset identifier declarations. This mapping allows the usage of dataset identifiers instead of dataset ARNs throughout analysis sub-structures." + }, + "filterGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterGroup" + }, + "description": "Filter definitions for an analysis.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* ." + }, + "options": { + "$ref": "#/types/aws-native:quicksight:AnalysisAssetOptions", + "description": "An array of option definitions for an analysis." + }, + "parameterDeclarations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterDeclaration" + }, + "description": "An array of parameter declarations for an analysis.\n\nParameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* ." + }, + "sheets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetDefinition" + }, + "description": "An array of sheet definitions for an analysis. Each `SheetDefinition` provides detailed information about a sheet within this analysis." + } + } + }, + "aws-native:quicksight:AnalysisDestinationParameterValueConfiguration": { + "type": "object", + "properties": { + "customValuesConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomValuesConfiguration", + "description": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` ." + }, + "selectAllValueOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSelectAllValueOptions", + "description": "The configuration that selects all options." + }, + "sourceColumn": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier" + }, + "sourceField": { + "type": "string", + "description": "The source field ID of the destination parameter." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the destination parameter." + } + } + }, + "aws-native:quicksight:AnalysisDimensionField": { + "type": "object", + "properties": { + "categoricalDimensionField": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoricalDimensionField", + "description": "The dimension type field with categorical type columns." + }, + "dateDimensionField": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateDimensionField", + "description": "The dimension type field with date type columns." + }, + "numericalDimensionField": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericalDimensionField", + "description": "The dimension type field with numerical type columns." + } + } + }, + "aws-native:quicksight:AnalysisDonutCenterOptions": { + "type": "object", + "properties": { + "labelVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` ." + } + } + }, + "aws-native:quicksight:AnalysisDonutOptions": { + "type": "object", + "properties": { + "arcOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisArcOptions", + "description": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart" + }, + "donutCenterOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDonutCenterOptions", + "description": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts." + } + } + }, + "aws-native:quicksight:AnalysisDrillDownFilter": { + "type": "object", + "properties": { + "categoryFilter": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoryDrillDownFilter", + "description": "The category type drill down filter. This filter is used for string type columns." + }, + "numericEqualityFilter": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericEqualityDrillDownFilter", + "description": "The numeric equality type drill down filter. This filter is used for number type columns." + }, + "timeRangeFilter": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeRangeDrillDownFilter", + "description": "The time range drill down filter. This filter is used for date time columns." + } + } + }, + "aws-native:quicksight:AnalysisDropDownControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisListControlSelectAllOptions", + "description": "The configuration of the `Select all` options in a dropdown control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:AnalysisDynamicDefaultValue": { + "type": "object", + "properties": { + "defaultValueColumn": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that contains the default value of each user or group." + }, + "groupNameColumn": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that contains the group name." + }, + "userNameColumn": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that contains the username." + } + } + }, + "aws-native:quicksight:AnalysisEmptyVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The data set that is used in the empty visual. Every visual requires a dataset to render." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisEntity": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree." + } + } + }, + "aws-native:quicksight:AnalysisError": { + "type": "object", + "properties": { + "message": { + "type": "string", + "description": "\u003cp\u003eThe message associated with the analysis error.\u003c/p\u003e" + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisErrorType", + "description": "The type of the analysis error." + }, + "violatedEntities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisEntity" + }, + "description": "\u003cp\u003eLists the violated entities that caused the analysis error\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:AnalysisErrorType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisExcludePeriodConfiguration": { + "type": "object", + "properties": { + "amount": { + "type": "number", + "description": "The amount or number of the exclude period." + }, + "granularity": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeGranularity", + "description": "The granularity or unit (day, month, year) of the exclude period." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:AnalysisWidgetStatus", + "description": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`" + } + } + }, + "aws-native:quicksight:AnalysisExplicitHierarchy": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier" + }, + "description": "The list of columns that define the explicit hierarchy." + }, + "drillDownFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDrillDownFilter" + }, + "description": "The option that determines the drill down filters for the explicit hierarchy." + }, + "hierarchyId": { + "type": "string", + "description": "The hierarchy ID of the explicit hierarchy." + } + } + }, + "aws-native:quicksight:AnalysisFieldBasedTooltip": { + "type": "object", + "properties": { + "aggregationVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of `Show aggregations` ." + }, + "tooltipFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipItem" + }, + "description": "The fields configuration in the tooltip." + }, + "tooltipTitleType": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipTitleType", + "description": "The type for the \u003etooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title." + } + } + }, + "aws-native:quicksight:AnalysisFieldLabelType": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "Indicates the field that is targeted by the field label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the field label." + } + } + }, + "aws-native:quicksight:AnalysisFieldSeriesItem": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisBinding", + "description": "The axis that you are binding the field to." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the field for which you are setting the axis binding." + }, + "settings": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartSeriesSettings", + "description": "The options that determine the presentation of line series associated to the field." + } + } + }, + "aws-native:quicksight:AnalysisFieldSort": { + "type": "object", + "properties": { + "direction": { + "$ref": "#/types/aws-native:quicksight:AnalysisSortDirection", + "description": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending" + }, + "fieldId": { + "type": "string", + "description": "The sort configuration target field." + } + } + }, + "aws-native:quicksight:AnalysisFieldSortOptions": { + "type": "object", + "properties": { + "columnSort": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnSort", + "description": "The sort configuration for a column that is not used in a field well." + }, + "fieldSort": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSort", + "description": "The sort configuration for a field in a field well." + } + } + }, + "aws-native:quicksight:AnalysisFieldTooltipItem": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The unique ID of the field that is targeted by the tooltip." + }, + "label": { + "type": "string", + "description": "The label of the tooltip item." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the tooltip item." + } + } + }, + "aws-native:quicksight:AnalysisFilledMapAggregatedFieldWells": { + "type": "object", + "properties": { + "geospatial": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The aggregated location field well of the filled map. Values are grouped by location fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The aggregated color field well of a filled map. Values are aggregated based on location fields." + } + } + }, + "aws-native:quicksight:AnalysisFilledMapConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilledMapConditionalFormattingOption" + }, + "description": "Conditional formatting options of a `FilledMapVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisFilledMapConditionalFormattingOption": { + "type": "object", + "properties": { + "shape": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilledMapShapeConditionalFormatting", + "description": "The conditional formatting that determines the shape of the filled map." + } + } + }, + "aws-native:quicksight:AnalysisFilledMapConfiguration": { + "type": "object", + "properties": { + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilledMapFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions", + "description": "The legend display setup of the visual." + }, + "mapStyleOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialMapStyleOptions", + "description": "The map style options of the filled map visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilledMapSortConfiguration", + "description": "The sort configuration of a `FilledMapVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "windowOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialWindowOptions", + "description": "The window options of the filled map visual." + } + } + }, + "aws-native:quicksight:AnalysisFilledMapFieldWells": { + "type": "object", + "properties": { + "filledMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilledMapAggregatedFieldWells", + "description": "The aggregated field well of the filled map." + } + } + }, + "aws-native:quicksight:AnalysisFilledMapShapeConditionalFormatting": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the filled map shape." + }, + "format": { + "$ref": "#/types/aws-native:quicksight:AnalysisShapeConditionalFormat", + "description": "The conditional formatting that determines the background color of a filled map's shape." + } + } + }, + "aws-native:quicksight:AnalysisFilledMapSortConfiguration": { + "type": "object", + "properties": { + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the location fields." + } + } + }, + "aws-native:quicksight:AnalysisFilledMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilledMapConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilledMapConditionalFormatting", + "description": "The conditional formatting of a `FilledMapVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:AnalysisFilter": { + "type": "object", + "properties": { + "categoryFilter": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoryFilter", + "description": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* ." + }, + "numericEqualityFilter": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericEqualityFilter", + "description": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value." + }, + "numericRangeFilter": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericRangeFilter", + "description": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range." + }, + "relativeDatesFilter": { + "$ref": "#/types/aws-native:quicksight:AnalysisRelativeDatesFilter", + "description": "A `RelativeDatesFilter` filters date values that are relative to a given date." + }, + "timeEqualityFilter": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeEqualityFilter", + "description": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value." + }, + "timeRangeFilter": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeRangeFilter", + "description": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range." + }, + "topBottomFilter": { + "$ref": "#/types/aws-native:quicksight:AnalysisTopBottomFilter", + "description": "A `TopBottomFilter` filters data to the top or bottom values for a given column." + } + } + }, + "aws-native:quicksight:AnalysisFilterControl": { + "type": "object", + "properties": { + "crossSheet": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterCrossSheetControl", + "description": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet" + }, + "dateTimePicker": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterDateTimePickerControl", + "description": "A control from a date filter that is used to specify date and time." + }, + "dropdown": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterDropDownControl", + "description": "A control to display a dropdown list with buttons that are used to select a single value." + }, + "list": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterListControl", + "description": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values." + }, + "relativeDateTime": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterRelativeDateTimeControl", + "description": "A control from a date filter that is used to specify the relative date." + }, + "slider": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterSliderControl", + "description": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle." + }, + "textArea": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterTextAreaControl", + "description": "A control to display a text box that is used to enter multiple entries." + }, + "textField": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterTextFieldControl", + "description": "A control to display a text box that is used to enter a single entry." + } + } + }, + "aws-native:quicksight:AnalysisFilterCrossSheetControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterCrossSheetControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterCrossSheetControl` ." + } + } + }, + "aws-native:quicksight:AnalysisFilterDateTimePickerControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateTimePickerControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterDateTimePickerControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterDateTimePickerControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterDateTimePickerControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlDateTimePickerType", + "description": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu." + } + } + }, + "aws-native:quicksight:AnalysisFilterDropDownControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDropDownControlDisplayOptions", + "description": "The display options of the `FilterDropDownControl` ." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterDropDownControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterDropDownControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterDropDownControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlListType", + "description": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu." + } + } + }, + "aws-native:quicksight:AnalysisFilterGroup": { + "type": "object", + "properties": { + "crossDataset": { + "$ref": "#/types/aws-native:quicksight:AnalysisCrossDatasetTypes", + "description": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`" + }, + "filterGroupId": { + "type": "string", + "description": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis." + }, + "filters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilter" + }, + "description": "The list of filters that are present in a `FilterGroup` ." + }, + "scopeConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterScopeConfiguration", + "description": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:AnalysisWidgetStatus", + "description": "The status of the `FilterGroup` ." + } + } + }, + "aws-native:quicksight:AnalysisFilterListConfiguration": { + "type": "object", + "properties": { + "categoryValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of category values for the filter." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoryFilterMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoryFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:AnalysisFilterListControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisListControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterListControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterListControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterListControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlListType", + "description": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list." + } + } + }, + "aws-native:quicksight:AnalysisFilterNullOption": { + "type": "string" + }, + "aws-native:quicksight:AnalysisFilterOperationSelectedFieldsConfiguration": { + "type": "object", + "properties": { + "selectedColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier" + }, + "description": "\u003cp\u003eThe selected columns of a dataset.\u003c/p\u003e" + }, + "selectedFieldOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSelectedFieldOptions", + "description": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields." + }, + "selectedFields": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Chooses the fields that are filtered in `CustomActionFilterOperation` ." + } + } + }, + "aws-native:quicksight:AnalysisFilterOperationTargetVisualsConfiguration": { + "type": "object", + "properties": { + "sameSheetTargetVisualConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisSameSheetTargetVisualConfiguration", + "description": "The configuration of the same-sheet target visuals that you want to be filtered." + } + } + }, + "aws-native:quicksight:AnalysisFilterRelativeDateTimeControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisRelativeDateTimeControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterTextAreaControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterTextAreaControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterTextAreaControl` ." + } + } + }, + "aws-native:quicksight:AnalysisFilterScopeConfiguration": { + "type": "object", + "properties": { + "allSheets": { + "$ref": "#/types/aws-native:quicksight:AnalysisAllSheetsFilterScopeConfiguration", + "description": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen." + }, + "selectedSheets": { + "$ref": "#/types/aws-native:quicksight:AnalysisSelectedSheetsFilterScopeConfiguration", + "description": "The configuration for applying a filter to specific sheets." + } + } + }, + "aws-native:quicksight:AnalysisFilterSelectableValues": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The values that are used in the `FilterSelectableValues` ." + } + } + }, + "aws-native:quicksight:AnalysisFilterSliderControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSliderControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterSliderControl` ." + }, + "maximumValue": { + "type": "number", + "description": "The larger value that is displayed at the right of the slider." + }, + "minimumValue": { + "type": "number", + "description": "The smaller value that is displayed at the left of the slider." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterSliderControl` ." + }, + "stepSize": { + "type": "number", + "description": "The number of increments that the slider bar is divided into." + }, + "title": { + "type": "string", + "description": "The title of the `FilterSliderControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlSliderType", + "description": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range." + } + } + }, + "aws-native:quicksight:AnalysisFilterTextAreaControl": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "The delimiter that is used to separate the lines in text." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTextAreaControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterTextAreaControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterTextAreaControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterTextAreaControl` ." + } + } + }, + "aws-native:quicksight:AnalysisFilterTextFieldControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTextFieldControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterTextFieldControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterTextFieldControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterTextFieldControl` ." + } + } + }, + "aws-native:quicksight:AnalysisFilterVisualScope": { + "type": "string" + }, + "aws-native:quicksight:AnalysisFontConfiguration": { + "type": "object", + "properties": { + "fontColor": { + "type": "string", + "description": "Determines the color of the text." + }, + "fontDecoration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontDecoration", + "description": "Determines the appearance of decorative lines on the text." + }, + "fontSize": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontSize", + "description": "The option that determines the text display size." + }, + "fontStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontStyle", + "description": "Determines the text display face that is inherited by the given font family." + }, + "fontWeight": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontWeight", + "description": "The option that determines the text display weight, or boldness." + } + } + }, + "aws-native:quicksight:AnalysisFontDecoration": { + "type": "string" + }, + "aws-native:quicksight:AnalysisFontSize": { + "type": "object", + "properties": { + "relative": { + "$ref": "#/types/aws-native:quicksight:AnalysisRelativeFontSize", + "description": "The lexical name for the text size, proportional to its surrounding context." + } + } + }, + "aws-native:quicksight:AnalysisFontStyle": { + "type": "string" + }, + "aws-native:quicksight:AnalysisFontWeight": { + "type": "object", + "properties": { + "name": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontWeightName", + "description": "The lexical name for the level of boldness of the text display." + } + } + }, + "aws-native:quicksight:AnalysisFontWeightName": { + "type": "string" + }, + "aws-native:quicksight:AnalysisForecastComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "customSeasonalityValue": { + "type": "number", + "description": "The custom seasonality value setup of a forecast computation." + }, + "lowerBoundary": { + "type": "number", + "description": "The lower boundary setup of a forecast computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "periodsBackward": { + "type": "number", + "description": "The periods backward setup of a forecast computation." + }, + "periodsForward": { + "type": "number", + "description": "The periods forward setup of a forecast computation." + }, + "predictionInterval": { + "type": "number", + "description": "The prediction interval setup of a forecast computation." + }, + "seasonality": { + "$ref": "#/types/aws-native:quicksight:AnalysisForecastComputationSeasonality", + "description": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField", + "description": "The time field that is used in a computation." + }, + "upperBoundary": { + "type": "number", + "description": "The upper boundary setup of a forecast computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:AnalysisForecastComputationSeasonality": { + "type": "string" + }, + "aws-native:quicksight:AnalysisForecastConfiguration": { + "type": "object", + "properties": { + "forecastProperties": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeBasedForecastProperties", + "description": "The forecast properties setup of a forecast in the line chart." + }, + "scenario": { + "$ref": "#/types/aws-native:quicksight:AnalysisForecastScenario", + "description": "The forecast scenario of a forecast in the line chart." + } + } + }, + "aws-native:quicksight:AnalysisForecastScenario": { + "type": "object", + "properties": { + "whatIfPointScenario": { + "$ref": "#/types/aws-native:quicksight:AnalysisWhatIfPointScenario", + "description": "The what-if analysis forecast setup with the target date." + }, + "whatIfRangeScenario": { + "$ref": "#/types/aws-native:quicksight:AnalysisWhatIfRangeScenario", + "description": "The what-if analysis forecast setup with the date range." + } + } + }, + "aws-native:quicksight:AnalysisFormatConfiguration": { + "type": "object", + "properties": { + "dateTimeFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateTimeFormatConfiguration", + "description": "Formatting configuration for `DateTime` fields." + }, + "numberFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumberFormatConfiguration", + "description": "Formatting configuration for number fields." + }, + "stringFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisStringFormatConfiguration", + "description": "Formatting configuration for string fields." + } + } + }, + "aws-native:quicksight:AnalysisFreeFormLayoutCanvasSizeOptions": { + "type": "object", + "properties": { + "screenCanvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisFreeFormLayoutScreenCanvasSizeOptions", + "description": "The options that determine the sizing of the canvas used in a free-form layout." + } + } + }, + "aws-native:quicksight:AnalysisFreeFormLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisFreeFormLayoutCanvasSizeOptions" + }, + "elements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFreeFormLayoutElement" + }, + "description": "The elements that are included in a free-form layout." + } + } + }, + "aws-native:quicksight:AnalysisFreeFormLayoutElement": { + "type": "object", + "properties": { + "backgroundStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisFreeFormLayoutElementBackgroundStyle", + "description": "The background style configuration of a free-form layout element." + }, + "borderStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisFreeFormLayoutElementBorderStyle", + "description": "The border style configuration of a free-form layout element." + }, + "elementId": { + "type": "string", + "description": "A unique identifier for an element within a free-form layout." + }, + "elementType": { + "$ref": "#/types/aws-native:quicksight:AnalysisLayoutElementType", + "description": "The type of element." + }, + "height": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "loadingAnimation": { + "$ref": "#/types/aws-native:quicksight:AnalysisLoadingAnimation", + "description": "The loading animation configuration of a free-form layout element." + }, + "renderingRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetElementRenderingRule" + }, + "description": "The rendering rules that determine when an element should be displayed within a free-form layout." + }, + "selectedBorderStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisFreeFormLayoutElementBorderStyle", + "description": "The border style configuration of a free-form layout element. This border style is used when the element is selected." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of an element within a free-form layout." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "xAxisLocation": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "yAxisLocation": { + "type": "string", + "description": "String based length that is composed of value and unit in px with Integer.MAX_VALUE as maximum value" + } + } + }, + "aws-native:quicksight:AnalysisFreeFormLayoutElementBackgroundStyle": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The background color of a free-form layout element." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The background visibility of a free-form layout element." + } + } + }, + "aws-native:quicksight:AnalysisFreeFormLayoutElementBorderStyle": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The border color of a free-form layout element." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The border visibility of a free-form layout element." + } + } + }, + "aws-native:quicksight:AnalysisFreeFormLayoutScreenCanvasSizeOptions": { + "type": "object", + "properties": { + "optimizedViewPortWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:AnalysisFreeFormSectionLayoutConfiguration": { + "type": "object", + "properties": { + "elements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFreeFormLayoutElement" + }, + "description": "The elements that are included in the free-form layout." + } + } + }, + "aws-native:quicksight:AnalysisFunnelChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The category field wells of a funnel chart. Values are grouped by category fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The value field wells of a funnel chart. Values are aggregated based on categories." + } + } + }, + "aws-native:quicksight:AnalysisFunnelChartConfiguration": { + "type": "object", + "properties": { + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options of the categories that are displayed in a `FunnelChartVisual` ." + }, + "dataLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisFunnelChartDataLabelOptions", + "description": "The options that determine the presentation of the data labels." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisFunnelChartFieldWells", + "description": "The field well configuration of a `FunnelChartVisual` ." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFunnelChartSortConfiguration", + "description": "The sort configuration of a `FunnelChartVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The tooltip configuration of a `FunnelChartVisual` ." + }, + "valueLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options for the values that are displayed in a `FunnelChartVisual` ." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette", + "description": "The visual palette configuration of a `FunnelChartVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisFunnelChartDataLabelOptions": { + "type": "object", + "properties": { + "categoryLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the category labels within the data labels." + }, + "labelColor": { + "type": "string", + "description": "The color of the data label text." + }, + "labelFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontConfiguration", + "description": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels." + }, + "measureDataLabelStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisFunnelChartMeasureDataLabelStyle", + "description": "Determines the style of the metric labels." + }, + "measureLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the measure labels within the data labels." + }, + "position": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelPosition", + "description": "Determines the positioning of the data label relative to a section of the funnel." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility option that determines if data labels are displayed." + } + } + }, + "aws-native:quicksight:AnalysisFunnelChartFieldWells": { + "type": "object", + "properties": { + "funnelChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisFunnelChartAggregatedFieldWells", + "description": "The field well configuration of a `FunnelChartVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisFunnelChartMeasureDataLabelStyle": { + "type": "string" + }, + "aws-native:quicksight:AnalysisFunnelChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of categories displayed." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + } + } + }, + "aws-native:quicksight:AnalysisFunnelChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFunnelChartConfiguration", + "description": "The configuration of a `FunnelChartVisual` ." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:AnalysisGaugeChartArcConditionalFormatting": { + "type": "object", + "properties": { + "foregroundColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingColor", + "description": "The conditional formatting of the arc foreground color." + } + } + }, + "aws-native:quicksight:AnalysisGaugeChartConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisGaugeChartConditionalFormattingOption" + }, + "description": "Conditional formatting options of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisGaugeChartConditionalFormattingOption": { + "type": "object", + "properties": { + "arc": { + "$ref": "#/types/aws-native:quicksight:AnalysisGaugeChartArcConditionalFormatting", + "description": "The options that determine the presentation of the arc of a `GaugeChartVisual` ." + }, + "primaryValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisGaugeChartPrimaryValueConditionalFormatting", + "description": "The conditional formatting for the primary value of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisGaugeChartConfiguration": { + "type": "object", + "properties": { + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The data label configuration of a `GaugeChartVisual` ." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisGaugeChartFieldWells", + "description": "The field well configuration of a `GaugeChartVisual` ." + }, + "gaugeChartOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisGaugeChartOptions", + "description": "The options that determine the presentation of the `GaugeChartVisual` ." + }, + "tooltipOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The tooltip configuration of a `GaugeChartVisual` ." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette", + "description": "The visual palette configuration of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisGaugeChartFieldWells": { + "type": "object", + "properties": { + "targetValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The target value field wells of a `GaugeChartVisual` ." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The value field wells of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisGaugeChartOptions": { + "type": "object", + "properties": { + "arc": { + "$ref": "#/types/aws-native:quicksight:AnalysisArcConfiguration", + "description": "The arc configuration of a `GaugeChartVisual` ." + }, + "arcAxis": { + "$ref": "#/types/aws-native:quicksight:AnalysisArcAxisConfiguration", + "description": "The arc axis configuration of a `GaugeChartVisual` ." + }, + "comparison": { + "$ref": "#/types/aws-native:quicksight:AnalysisComparisonConfiguration", + "description": "The comparison configuration of a `GaugeChartVisual` ." + }, + "primaryValueDisplayType": { + "$ref": "#/types/aws-native:quicksight:AnalysisPrimaryValueDisplayType", + "description": "The options that determine the primary value display type." + }, + "primaryValueFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontConfiguration", + "description": "The options that determine the primary value font configuration." + } + } + }, + "aws-native:quicksight:AnalysisGaugeChartPrimaryValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingIcon", + "description": "The conditional formatting of the primary value icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingColor", + "description": "The conditional formatting of the primary value text color." + } + } + }, + "aws-native:quicksight:AnalysisGaugeChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisGaugeChartConfiguration", + "description": "The configuration of a `GaugeChartVisual` ." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:AnalysisGaugeChartConditionalFormatting", + "description": "The conditional formatting of a `GaugeChartVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisGeospatialCoordinateBounds": { + "type": "object", + "properties": { + "east": { + "type": "number", + "description": "The longitude of the east bound of the geospatial coordinate bounds." + }, + "north": { + "type": "number", + "description": "The latitude of the north bound of the geospatial coordinate bounds." + }, + "south": { + "type": "number", + "description": "The latitude of the south bound of the geospatial coordinate bounds." + }, + "west": { + "type": "number", + "description": "The longitude of the west bound of the geospatial coordinate bounds." + } + } + }, + "aws-native:quicksight:AnalysisGeospatialHeatmapColorScale": { + "type": "object", + "properties": { + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialHeatmapDataColor" + }, + "description": "The list of colors to be used in heatmap point style." + } + } + }, + "aws-native:quicksight:AnalysisGeospatialHeatmapConfiguration": { + "type": "object", + "properties": { + "heatmapColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialHeatmapColorScale", + "description": "The color scale specification for the heatmap point style." + } + } + }, + "aws-native:quicksight:AnalysisGeospatialHeatmapDataColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The hex color to be used in the heatmap point style." + } + } + }, + "aws-native:quicksight:AnalysisGeospatialMapAggregatedFieldWells": { + "type": "object", + "properties": { + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The color field wells of a geospatial map." + }, + "geospatial": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields." + } + } + }, + "aws-native:quicksight:AnalysisGeospatialMapConfiguration": { + "type": "object", + "properties": { + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialMapFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions", + "description": "The legend display setup of the visual." + }, + "mapStyleOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialMapStyleOptions", + "description": "The map style options of the geospatial map." + }, + "pointStyleOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialPointStyleOptions", + "description": "The point style options of the geospatial map." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette" + }, + "windowOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialWindowOptions", + "description": "The window options of the geospatial map." + } + } + }, + "aws-native:quicksight:AnalysisGeospatialMapFieldWells": { + "type": "object", + "properties": { + "geospatialMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialMapAggregatedFieldWells", + "description": "The aggregated field well for a geospatial map." + } + } + }, + "aws-native:quicksight:AnalysisGeospatialMapStyleOptions": { + "type": "object", + "properties": { + "baseMapStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisBaseMapStyleType", + "description": "The base map style of the geospatial map." + } + } + }, + "aws-native:quicksight:AnalysisGeospatialMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialMapConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:AnalysisGeospatialPointStyleOptions": { + "type": "object", + "properties": { + "clusterMarkerConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisClusterMarkerConfiguration", + "description": "The cluster marker configuration of the geospatial point style." + }, + "heatmapConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialHeatmapConfiguration", + "description": "The heatmap configuration of the geospatial point style." + }, + "selectedPointStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialSelectedPointStyle", + "description": "The selected point styles (point, cluster) of the geospatial map." + } + } + }, + "aws-native:quicksight:AnalysisGeospatialSelectedPointStyle": { + "type": "string" + }, + "aws-native:quicksight:AnalysisGeospatialWindowOptions": { + "type": "object", + "properties": { + "bounds": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialCoordinateBounds", + "description": "The bounds options (north, south, west, east) of the geospatial window options." + }, + "mapZoomMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisMapZoomMode", + "description": "The map zoom modes (manual, auto) of the geospatial window options." + } + } + }, + "aws-native:quicksight:AnalysisGlobalTableBorderOptions": { + "type": "object", + "properties": { + "sideSpecificBorder": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableSideBorderOptions", + "description": "Determines the options for side specific border." + }, + "uniformBorder": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableBorderOptions", + "description": "Determines the options for uniform border." + } + } + }, + "aws-native:quicksight:AnalysisGradientColor": { + "type": "object", + "properties": { + "stops": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisGradientStop" + }, + "description": "The list of gradient color stops." + } + } + }, + "aws-native:quicksight:AnalysisGradientStop": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "Determines the color." + }, + "dataValue": { + "type": "number", + "description": "Determines the data value." + }, + "gradientOffset": { + "type": "number", + "description": "Determines gradient offset value." + } + } + }, + "aws-native:quicksight:AnalysisGridLayoutCanvasSizeOptions": { + "type": "object", + "properties": { + "screenCanvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisGridLayoutScreenCanvasSizeOptions", + "description": "The options that determine the sizing of the canvas used in a grid layout." + } + } + }, + "aws-native:quicksight:AnalysisGridLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisGridLayoutCanvasSizeOptions" + }, + "elements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisGridLayoutElement" + }, + "description": "The elements that are included in a grid layout." + } + } + }, + "aws-native:quicksight:AnalysisGridLayoutElement": { + "type": "object", + "properties": { + "columnIndex": { + "type": "number", + "description": "The column index for the upper left corner of an element." + }, + "columnSpan": { + "type": "number", + "description": "The width of a grid element expressed as a number of grid columns." + }, + "elementId": { + "type": "string", + "description": "A unique identifier for an element within a grid layout." + }, + "elementType": { + "$ref": "#/types/aws-native:quicksight:AnalysisLayoutElementType", + "description": "The type of element." + }, + "rowIndex": { + "type": "number", + "description": "The row index for the upper left corner of an element." + }, + "rowSpan": { + "type": "number", + "description": "The height of a grid element expressed as a number of grid rows." + } + } + }, + "aws-native:quicksight:AnalysisGridLayoutScreenCanvasSizeOptions": { + "type": "object", + "properties": { + "optimizedViewPortWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "resizeOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisResizeOption", + "description": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` ." + } + } + }, + "aws-native:quicksight:AnalysisGrowthRateComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "periodSize": { + "type": "number", + "description": "The period size setup of a growth rate computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField", + "description": "The time field that is used in a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:AnalysisHeaderFooterSectionConfiguration": { + "type": "object", + "properties": { + "layout": { + "$ref": "#/types/aws-native:quicksight:AnalysisSectionLayoutConfiguration", + "description": "The layout configuration of the header or footer section." + }, + "sectionId": { + "type": "string", + "description": "The unique identifier of the header or footer section." + }, + "style": { + "$ref": "#/types/aws-native:quicksight:AnalysisSectionStyle", + "description": "The style options of a header or footer section." + } + } + }, + "aws-native:quicksight:AnalysisHeatMapAggregatedFieldWells": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The columns field well of a heat map." + }, + "rows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The rows field well of a heat map." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The values field well of a heat map." + } + } + }, + "aws-native:quicksight:AnalysisHeatMapConfiguration": { + "type": "object", + "properties": { + "colorScale": { + "$ref": "#/types/aws-native:quicksight:AnalysisColorScale", + "description": "The color options (gradient color, point of divergence) in a heat map." + }, + "columnLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options of the column that is displayed in a heat map." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisHeatMapFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions", + "description": "The legend display setup of the visual." + }, + "rowLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options of the row that is displayed in a `heat map` ." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisHeatMapSortConfiguration", + "description": "The sort configuration of a heat map." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The tooltip display setup of the visual." + } + } + }, + "aws-native:quicksight:AnalysisHeatMapFieldWells": { + "type": "object", + "properties": { + "heatMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisHeatMapAggregatedFieldWells", + "description": "The aggregated field wells of a heat map." + } + } + }, + "aws-native:quicksight:AnalysisHeatMapSortConfiguration": { + "type": "object", + "properties": { + "heatMapColumnItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of columns that are displayed in a heat map." + }, + "heatMapColumnSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The column sort configuration for heat map for columns that aren't a part of a field well." + }, + "heatMapRowItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of rows that are displayed in a heat map." + }, + "heatMapRowSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The field sort configuration of the rows fields." + } + } + }, + "aws-native:quicksight:AnalysisHeatMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisHeatMapConfiguration", + "description": "The configuration of a heat map." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisHistogramAggregatedFieldWells": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` ." + } + } + }, + "aws-native:quicksight:AnalysisHistogramBinOptions": { + "type": "object", + "properties": { + "binCount": { + "$ref": "#/types/aws-native:quicksight:AnalysisBinCountOptions", + "description": "The options that determine the bin count of a histogram." + }, + "binWidth": { + "$ref": "#/types/aws-native:quicksight:AnalysisBinWidthOptions", + "description": "The options that determine the bin width of a histogram." + }, + "selectedBinType": { + "$ref": "#/types/aws-native:quicksight:AnalysisHistogramBinType", + "description": "The options that determine the selected bin type." + }, + "startValue": { + "type": "number", + "description": "The options that determine the bin start value." + } + } + }, + "aws-native:quicksight:AnalysisHistogramBinType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisHistogramConfiguration": { + "type": "object", + "properties": { + "binOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisHistogramBinOptions", + "description": "The options that determine the presentation of histogram bins." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The data label configuration of a histogram." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisHistogramFieldWells", + "description": "The field well configuration of a histogram." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The tooltip configuration of a histogram." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette", + "description": "The visual palette configuration of a histogram." + }, + "xAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The options that determine the presentation of the x-axis." + }, + "xAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The options that determine the presentation of the x-axis label." + }, + "yAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The options that determine the presentation of the y-axis." + } + } + }, + "aws-native:quicksight:AnalysisHistogramFieldWells": { + "type": "object", + "properties": { + "histogramAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisHistogramAggregatedFieldWells", + "description": "The field well configuration of a histogram." + } + } + }, + "aws-native:quicksight:AnalysisHistogramVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisHistogramConfiguration", + "description": "The configuration for a `HistogramVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisHorizontalTextAlignment": { + "type": "string" + }, + "aws-native:quicksight:AnalysisIcon": { + "type": "string" + }, + "aws-native:quicksight:AnalysisInsightConfiguration": { + "type": "object", + "properties": { + "computations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisComputation" + }, + "description": "The computations configurations of the insight visual" + }, + "customNarrative": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomNarrativeOptions", + "description": "The custom narrative of the insight visual." + } + } + }, + "aws-native:quicksight:AnalysisInsightVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The dataset that is used in the insight visual." + }, + "insightConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisInsightConfiguration", + "description": "The configuration of an insight visual." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisIntegerDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisDynamicDefaultValue", + "description": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping." + }, + "staticValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "The static values of the `IntegerDefaultValues` ." + } + } + }, + "aws-native:quicksight:AnalysisIntegerParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of the integer parameter.\u003c/p\u003e" + }, + "values": { + "type": "array", + "items": { + "type": "number" + }, + "description": "\u003cp\u003eThe values for the integer parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:AnalysisIntegerParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisIntegerDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "parameterValueType": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterValueType", + "description": "The value type determines whether the parameter is a single-value or multi-value parameter." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:AnalysisIntegerValueWhenUnsetConfiguration", + "description": "A parameter declaration for the `Integer` data type." + } + } + }, + "aws-native:quicksight:AnalysisIntegerValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "number", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:AnalysisItemsLimitConfiguration": { + "type": "object", + "properties": { + "itemsLimit": { + "type": "number", + "description": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart." + }, + "otherCategories": { + "$ref": "#/types/aws-native:quicksight:AnalysisOtherCategories", + "description": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`" + } + } + }, + "aws-native:quicksight:AnalysisKpiActualValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingIcon", + "description": "The conditional formatting of the actual value's icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingColor", + "description": "The conditional formatting of the actual value's text color." + } + } + }, + "aws-native:quicksight:AnalysisKpiComparisonValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingIcon", + "description": "The conditional formatting of the comparison value's icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingColor", + "description": "The conditional formatting of the comparison value's text color." + } + } + }, + "aws-native:quicksight:AnalysisKpiConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiConditionalFormattingOption" + }, + "description": "The conditional formatting options of a KPI visual." + } + } + }, + "aws-native:quicksight:AnalysisKpiConditionalFormattingOption": { + "type": "object", + "properties": { + "actualValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiActualValueConditionalFormatting", + "description": "The conditional formatting for the actual value of a KPI visual." + }, + "comparisonValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiComparisonValueConditionalFormatting", + "description": "The conditional formatting for the comparison value of a KPI visual." + }, + "primaryValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiPrimaryValueConditionalFormatting", + "description": "The conditional formatting for the primary value of a KPI visual." + }, + "progressBar": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiProgressBarConditionalFormatting", + "description": "The conditional formatting for the progress bar of a KPI visual." + } + } + }, + "aws-native:quicksight:AnalysisKpiConfiguration": { + "type": "object", + "properties": { + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiFieldWells", + "description": "The field well configuration of a KPI visual." + }, + "kpiOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiOptions", + "description": "The options that determine the presentation of a KPI visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiSortConfiguration", + "description": "The sort configuration of a KPI visual." + } + }, + "irreversibleNames": { + "kpiOptions": "KPIOptions" + } + }, + "aws-native:quicksight:AnalysisKpiFieldWells": { + "type": "object", + "properties": { + "targetValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The target value field wells of a KPI visual." + }, + "trendGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The trend group field wells of a KPI visual." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The value field wells of a KPI visual." + } + } + }, + "aws-native:quicksight:AnalysisKpiOptions": { + "type": "object", + "properties": { + "comparison": { + "$ref": "#/types/aws-native:quicksight:AnalysisComparisonConfiguration", + "description": "The comparison configuration of a KPI visual." + }, + "primaryValueDisplayType": { + "$ref": "#/types/aws-native:quicksight:AnalysisPrimaryValueDisplayType", + "description": "The options that determine the primary value display type." + }, + "primaryValueFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontConfiguration", + "description": "The options that determine the primary value font configuration." + }, + "progressBar": { + "$ref": "#/types/aws-native:quicksight:AnalysisProgressBarOptions", + "description": "The options that determine the presentation of the progress bar of a KPI visual." + }, + "secondaryValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisSecondaryValueOptions", + "description": "The options that determine the presentation of the secondary value of a KPI visual." + }, + "secondaryValueFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontConfiguration", + "description": "The options that determine the secondary value font configuration." + }, + "sparkline": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiSparklineOptions", + "description": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual." + }, + "trendArrows": { + "$ref": "#/types/aws-native:quicksight:AnalysisTrendArrowOptions", + "description": "The options that determine the presentation of trend arrows in a KPI visual." + }, + "visualLayoutOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiVisualLayoutOptions", + "description": "The options that determine the layout a KPI visual." + } + } + }, + "aws-native:quicksight:AnalysisKpiPrimaryValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingIcon", + "description": "The conditional formatting of the primary value's icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingColor", + "description": "The conditional formatting of the primary value's text color." + } + } + }, + "aws-native:quicksight:AnalysisKpiProgressBarConditionalFormatting": { + "type": "object", + "properties": { + "foregroundColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingColor", + "description": "The conditional formatting of the progress bar's foreground color." + } + } + }, + "aws-native:quicksight:AnalysisKpiSortConfiguration": { + "type": "object", + "properties": { + "trendGroupSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the trend group fields." + } + } + }, + "aws-native:quicksight:AnalysisKpiSparklineOptions": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color of the sparkline." + }, + "tooltipVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The tooltip visibility of the sparkline." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiSparklineType", + "description": "The type of the sparkline." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the sparkline." + } + } + }, + "aws-native:quicksight:AnalysisKpiSparklineType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisKpiVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiConfiguration", + "description": "The configuration of a KPI visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiConditionalFormatting", + "description": "The conditional formatting of a KPI visual." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisKpiVisualLayoutOptions": { + "type": "object", + "properties": { + "standardLayout": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiVisualStandardLayout", + "description": "The standard layout of the KPI visual." + } + } + }, + "aws-native:quicksight:AnalysisKpiVisualStandardLayout": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiVisualStandardLayoutType", + "description": "The standard layout type." + } + } + }, + "aws-native:quicksight:AnalysisKpiVisualStandardLayoutType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisLabelOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The text for the label." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontConfiguration", + "description": "The font configuration of the label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines whether or not the label is visible." + } + } + }, + "aws-native:quicksight:AnalysisLayout": { + "type": "object", + "properties": { + "configuration": { + "$ref": "#/types/aws-native:quicksight:AnalysisLayoutConfiguration", + "description": "The configuration that determines what the type of layout for a sheet." + } + } + }, + "aws-native:quicksight:AnalysisLayoutConfiguration": { + "type": "object", + "properties": { + "freeFormLayout": { + "$ref": "#/types/aws-native:quicksight:AnalysisFreeFormLayoutConfiguration", + "description": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements." + }, + "gridLayout": { + "$ref": "#/types/aws-native:quicksight:AnalysisGridLayoutConfiguration", + "description": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` ." + }, + "sectionBasedLayout": { + "$ref": "#/types/aws-native:quicksight:AnalysisSectionBasedLayoutConfiguration", + "description": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break." + } + } + }, + "aws-native:quicksight:AnalysisLayoutElementType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisLegendOptions": { + "type": "object", + "properties": { + "height": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "position": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendPosition", + "description": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`" + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisLabelOptions", + "description": "The custom title for the legend." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines whether or not the legend is visible." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:AnalysisLegendPosition": { + "type": "string" + }, + "aws-native:quicksight:AnalysisLineChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The category field wells of a line chart. Values are grouped by category fields." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The color field wells of a line chart. Values are grouped by category fields." + }, + "smallMultiples": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The small multiples field well of a line chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The value field wells of a line chart. Values are aggregated based on categories." + } + } + }, + "aws-native:quicksight:AnalysisLineChartConfiguration": { + "type": "object", + "properties": { + "contributionAnalysisDefaults": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisContributionAnalysisDefault" + }, + "description": "The default configuration of a line chart's contribution analysis." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The data label configuration of a line chart." + }, + "defaultSeriesSettings": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartDefaultSeriesSettings", + "description": "The options that determine the default presentation of all line series in `LineChartVisual` ." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartFieldWells", + "description": "The field well configuration of a line chart." + }, + "forecastConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisForecastConfiguration" + }, + "description": "The forecast configuration of a line chart." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions", + "description": "The legend configuration of a line chart." + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineSeriesAxisDisplayOptions", + "description": "The series axis configuration of a line chart." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The options that determine the presentation of the y-axis label." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLine" + }, + "description": "The reference lines configuration of a line chart." + }, + "secondaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineSeriesAxisDisplayOptions", + "description": "The series axis configuration of a line chart." + }, + "secondaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The options that determine the presentation of the secondary y-axis label." + }, + "series": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisSeriesItem" + }, + "description": "The series item configuration of a line chart." + }, + "smallMultiplesOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSmallMultiplesOptions", + "description": "The small multiples setup for the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartSortConfiguration", + "description": "The sort configuration of a line chart." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The tooltip configuration of a line chart." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartType", + "description": "Determines the type of the line chart." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette", + "description": "The visual palette configuration of a line chart." + }, + "xAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The options that determine the presentation of the x-axis." + }, + "xAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The options that determine the presentation of the x-axis label." + } + } + }, + "aws-native:quicksight:AnalysisLineChartDefaultSeriesSettings": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisBinding", + "description": "The axis to which you are binding all line series to." + }, + "lineStyleSettings": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartLineStyleSettings", + "description": "Line styles options for all line series in the visual." + }, + "markerStyleSettings": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartMarkerStyleSettings", + "description": "Marker styles options for all line series in the visual." + } + } + }, + "aws-native:quicksight:AnalysisLineChartFieldWells": { + "type": "object", + "properties": { + "lineChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartAggregatedFieldWells", + "description": "The field well configuration of a line chart." + } + } + }, + "aws-native:quicksight:AnalysisLineChartLineStyle": { + "type": "string" + }, + "aws-native:quicksight:AnalysisLineChartLineStyleSettings": { + "type": "object", + "properties": { + "lineInterpolation": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineInterpolation", + "description": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line." + }, + "lineStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartLineStyle", + "description": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line." + }, + "lineVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Configuration option that determines whether to show the line for the series." + }, + "lineWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:AnalysisLineChartMarkerShape": { + "type": "string" + }, + "aws-native:quicksight:AnalysisLineChartMarkerStyleSettings": { + "type": "object", + "properties": { + "markerColor": { + "type": "string", + "description": "Color of marker in the series." + }, + "markerShape": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartMarkerShape", + "description": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square." + }, + "markerSize": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "markerVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Configuration option that determines whether to show the markers in the series." + } + } + }, + "aws-native:quicksight:AnalysisLineChartSeriesSettings": { + "type": "object", + "properties": { + "lineStyleSettings": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartLineStyleSettings", + "description": "Line styles options for a line series in `LineChartVisual` ." + }, + "markerStyleSettings": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartMarkerStyleSettings", + "description": "Marker styles options for a line series in `LineChartVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisLineChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of categories that are displayed in a line chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + }, + "colorItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of lines that are displayed in a line chart." + }, + "smallMultiplesLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of small multiples panels that are displayed." + }, + "smallMultiplesSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the small multiples field." + } + } + }, + "aws-native:quicksight:AnalysisLineChartType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisLineChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartConfiguration", + "description": "The configuration of a line chart." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisLineInterpolation": { + "type": "string" + }, + "aws-native:quicksight:AnalysisLineSeriesAxisDisplayOptions": { + "type": "object", + "properties": { + "axisOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The options that determine the presentation of the line series axis." + }, + "missingDataConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMissingDataConfiguration" + }, + "description": "The configuration options that determine how missing data is treated during the rendering of a line chart." + } + } + }, + "aws-native:quicksight:AnalysisListControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "searchOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisListControlSearchOptions", + "description": "The configuration of the search options in a list control." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisListControlSelectAllOptions", + "description": "The configuration of the `Select all` options in a list control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:AnalysisListControlSearchOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility configuration of the search options in a list control." + } + } + }, + "aws-native:quicksight:AnalysisListControlSelectAllOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility configuration of the `Select all` options in a list control." + } + } + }, + "aws-native:quicksight:AnalysisLoadingAnimation": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility configuration of `LoadingAnimation` ." + } + } + }, + "aws-native:quicksight:AnalysisLocalNavigationConfiguration": { + "type": "object", + "properties": { + "targetSheetId": { + "type": "string", + "description": "The sheet that is targeted for navigation in the same analysis." + } + } + }, + "aws-native:quicksight:AnalysisLongFormatText": { + "type": "object", + "properties": { + "plainText": { + "type": "string", + "description": "Plain text format." + }, + "richText": { + "type": "string", + "description": "Rich text. Examples of rich text include bold, underline, and italics." + } + } + }, + "aws-native:quicksight:AnalysisMapZoomMode": { + "type": "string" + }, + "aws-native:quicksight:AnalysisMappedDataSetParameter": { + "type": "object", + "properties": { + "dataSetIdentifier": { + "type": "string", + "description": "A unique name that identifies a dataset within the analysis or dashboard." + }, + "dataSetParameterName": { + "type": "string", + "description": "The name of the dataset parameter." + } + } + }, + "aws-native:quicksight:AnalysisMaximumLabelType": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the maximum label." + } + } + }, + "aws-native:quicksight:AnalysisMaximumMinimumComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField", + "description": "The time field that is used in a computation." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisMaximumMinimumComputationType", + "description": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:AnalysisMaximumMinimumComputationType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisMeasureField": { + "type": "object", + "properties": { + "calculatedMeasureField": { + "$ref": "#/types/aws-native:quicksight:AnalysisCalculatedMeasureField", + "description": "The calculated measure field only used in pivot tables." + }, + "categoricalMeasureField": { + "$ref": "#/types/aws-native:quicksight:AnalysisCategoricalMeasureField", + "description": "The measure type field with categorical type columns." + }, + "dateMeasureField": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateMeasureField", + "description": "The measure type field with date type columns." + }, + "numericalMeasureField": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericalMeasureField", + "description": "The measure type field with numerical type columns." + } + } + }, + "aws-native:quicksight:AnalysisMetricComparisonComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "fromValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField", + "description": "The field that is used in a metric comparison from value setup." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "targetValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField", + "description": "The field that is used in a metric comparison to value setup." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField", + "description": "The time field that is used in a computation." + } + } + }, + "aws-native:quicksight:AnalysisMinimumLabelType": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the minimum label." + } + } + }, + "aws-native:quicksight:AnalysisMissingDataConfiguration": { + "type": "object", + "properties": { + "treatmentOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisMissingDataTreatmentOption", + "description": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data." + } + } + }, + "aws-native:quicksight:AnalysisMissingDataTreatmentOption": { + "type": "string" + }, + "aws-native:quicksight:AnalysisNegativeValueConfiguration": { + "type": "object", + "properties": { + "displayMode": { + "$ref": "#/types/aws-native:quicksight:AnalysisNegativeValueDisplayMode", + "description": "Determines the display mode of the negative value configuration." + } + } + }, + "aws-native:quicksight:AnalysisNegativeValueDisplayMode": { + "type": "string" + }, + "aws-native:quicksight:AnalysisNullValueFormatConfiguration": { + "type": "object", + "properties": { + "nullString": { + "type": "string", + "description": "Determines the null string of null values." + } + } + }, + "aws-native:quicksight:AnalysisNumberDisplayFormatConfiguration": { + "type": "object", + "properties": { + "decimalPlacesConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDecimalPlacesConfiguration", + "description": "The option that determines the decimal places configuration." + }, + "negativeValueConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNegativeValueConfiguration", + "description": "The options that determine the negative value configuration." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numberScale": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumberScale", + "description": "Determines the number scale value of the number format." + }, + "prefix": { + "type": "string", + "description": "Determines the prefix value of the number format." + }, + "separatorConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericSeparatorConfiguration", + "description": "The options that determine the numeric separator configuration." + }, + "suffix": { + "type": "string", + "description": "Determines the suffix value of the number format." + } + } + }, + "aws-native:quicksight:AnalysisNumberFormatConfiguration": { + "type": "object", + "properties": { + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericFormatConfiguration", + "description": "The options that determine the numeric format configuration." + } + } + }, + "aws-native:quicksight:AnalysisNumberScale": { + "type": "string" + }, + "aws-native:quicksight:AnalysisNumericAxisOptions": { + "type": "object", + "properties": { + "range": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayRange", + "description": "The range setup of a numeric axis." + }, + "scale": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisScale", + "description": "The scale setup of a numeric axis." + } + } + }, + "aws-native:quicksight:AnalysisNumericEqualityDrillDownFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "value": { + "type": "number", + "description": "The value of the double input numeric drill down filter." + } + } + }, + "aws-native:quicksight:AnalysisNumericEqualityFilter": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisAggregationFunction", + "description": "The aggregation function of the filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericEqualityMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + }, + "value": { + "type": "number", + "description": "The input value." + } + } + }, + "aws-native:quicksight:AnalysisNumericEqualityMatchOperator": { + "type": "string" + }, + "aws-native:quicksight:AnalysisNumericFilterSelectAllOptions": { + "type": "string" + }, + "aws-native:quicksight:AnalysisNumericFormatConfiguration": { + "type": "object", + "properties": { + "currencyDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisCurrencyDisplayFormatConfiguration", + "description": "The options that determine the currency display format configuration." + }, + "numberDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumberDisplayFormatConfiguration", + "description": "The options that determine the number display format configuration." + }, + "percentageDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisPercentageDisplayFormatConfiguration", + "description": "The options that determine the percentage display format configuration." + } + } + }, + "aws-native:quicksight:AnalysisNumericRangeFilter": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisAggregationFunction", + "description": "The aggregation function of the filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "includeMaximum": { + "type": "boolean", + "description": "Determines whether the maximum value in the filter value range should be included in the filtered results." + }, + "includeMinimum": { + "type": "boolean", + "description": "Determines whether the minimum value in the filter value range should be included in the filtered results." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "rangeMaximum": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericRangeFilterValue", + "description": "The maximum value for the filter value range." + }, + "rangeMinimum": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericRangeFilterValue", + "description": "The minimum value for the filter value range." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:AnalysisNumericRangeFilterValue": { + "type": "object", + "properties": { + "parameter": { + "type": "string", + "description": "The parameter that is used in the numeric range." + }, + "staticValue": { + "type": "number", + "description": "The static value of the numeric range filter." + } + } + }, + "aws-native:quicksight:AnalysisNumericSeparatorConfiguration": { + "type": "object", + "properties": { + "decimalSeparator": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericSeparatorSymbol", + "description": "Determines the decimal separator." + }, + "thousandsSeparator": { + "$ref": "#/types/aws-native:quicksight:AnalysisThousandSeparatorOptions", + "description": "The options that determine the thousands separator configuration." + } + } + }, + "aws-native:quicksight:AnalysisNumericSeparatorSymbol": { + "type": "string" + }, + "aws-native:quicksight:AnalysisNumericalAggregationFunction": { + "type": "object", + "properties": { + "percentileAggregation": { + "$ref": "#/types/aws-native:quicksight:AnalysisPercentileAggregation", + "description": "An aggregation based on the percentile of values in a dimension or measure." + }, + "simpleNumericalAggregation": { + "$ref": "#/types/aws-native:quicksight:AnalysisSimpleNumericalAggregationFunction", + "description": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure." + } + } + }, + "aws-native:quicksight:AnalysisNumericalDimensionField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that is used in the `NumericalDimensionField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumberFormatConfiguration", + "description": "The format configuration of the field." + }, + "hierarchyId": { + "type": "string", + "description": "The custom hierarchy ID." + } + } + }, + "aws-native:quicksight:AnalysisNumericalMeasureField": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericalAggregationFunction", + "description": "The aggregation function of the measure field." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that is used in the `NumericalMeasureField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumberFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:AnalysisOtherCategories": { + "type": "string" + }, + "aws-native:quicksight:AnalysisPaginationConfiguration": { + "type": "object", + "properties": { + "pageNumber": { + "type": "number", + "description": "Indicates the page number." + }, + "pageSize": { + "type": "number", + "description": "Indicates how many items render in one page." + } + } + }, + "aws-native:quicksight:AnalysisPanelBorderStyle": { + "type": "string" + }, + "aws-native:quicksight:AnalysisPanelConfiguration": { + "type": "object", + "properties": { + "backgroundColor": { + "type": "string", + "description": "Sets the background color for each panel." + }, + "backgroundVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines whether or not a background for each small multiples panel is rendered." + }, + "borderColor": { + "type": "string", + "description": "Sets the line color of panel borders." + }, + "borderStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisPanelBorderStyle", + "description": "Sets the line style of panel borders." + }, + "borderThickness": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "borderVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines whether or not each panel displays a border." + }, + "gutterSpacing": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "gutterVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines whether or not negative space between sibling panels is rendered." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisPanelTitleOptions", + "description": "Configures the title display within each small multiples panel." + } + } + }, + "aws-native:quicksight:AnalysisPanelTitleOptions": { + "type": "object", + "properties": { + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontConfiguration" + }, + "horizontalTextAlignment": { + "$ref": "#/types/aws-native:quicksight:AnalysisHorizontalTextAlignment", + "description": "Sets the horizontal text alignment of the title within each panel." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines whether or not panel titles are displayed." + } + } + }, + "aws-native:quicksight:AnalysisPaperOrientation": { + "type": "string" + }, + "aws-native:quicksight:AnalysisPaperSize": { + "type": "string" + }, + "aws-native:quicksight:AnalysisParameterControl": { + "type": "object", + "properties": { + "dateTimePicker": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterDateTimePickerControl", + "description": "A control from a date parameter that specifies date and time." + }, + "dropdown": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterDropDownControl", + "description": "A control to display a dropdown list with buttons that are used to select a single value." + }, + "list": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterListControl", + "description": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values." + }, + "slider": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterSliderControl", + "description": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle." + }, + "textArea": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterTextAreaControl", + "description": "A control to display a text box that is used to enter multiple entries." + }, + "textField": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterTextFieldControl", + "description": "A control to display a text box that is used to enter a single entry." + } + } + }, + "aws-native:quicksight:AnalysisParameterDateTimePickerControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateTimePickerControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterDateTimePickerControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The name of the `ParameterDateTimePickerControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterDateTimePickerControl` ." + } + } + }, + "aws-native:quicksight:AnalysisParameterDeclaration": { + "type": "object", + "properties": { + "dateTimeParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateTimeParameterDeclaration", + "description": "A parameter declaration for the `DateTime` data type." + }, + "decimalParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDecimalParameterDeclaration", + "description": "A parameter declaration for the `Decimal` data type." + }, + "integerParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:AnalysisIntegerParameterDeclaration", + "description": "A parameter declaration for the `Integer` data type." + }, + "stringParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:AnalysisStringParameterDeclaration", + "description": "A parameter declaration for the `String` data type." + } + } + }, + "aws-native:quicksight:AnalysisParameterDropDownControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDropDownControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterDropDownControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterDropDownControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterDropDownControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlListType", + "description": "The type parameter name of the `ParameterDropDownControl` ." + } + } + }, + "aws-native:quicksight:AnalysisParameterListControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisListControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterListControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterListControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterListControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlListType", + "description": "The type of `ParameterListControl` ." + } + } + }, + "aws-native:quicksight:AnalysisParameterSelectableValues": { + "type": "object", + "properties": { + "linkToDataSetColumn": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column identifier that fetches values from the data set." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The values that are used in `ParameterSelectableValues` ." + } + } + }, + "aws-native:quicksight:AnalysisParameterSliderControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSliderControlDisplayOptions", + "description": "The display options of a control." + }, + "maximumValue": { + "type": "number", + "description": "The larger value that is displayed at the right of the slider." + }, + "minimumValue": { + "type": "number", + "description": "The smaller value that is displayed at the left of the slider." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterSliderControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterSliderControl` ." + }, + "stepSize": { + "type": "number", + "description": "The number of increments that the slider bar is divided into." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterSliderControl` ." + } + } + }, + "aws-native:quicksight:AnalysisParameterTextAreaControl": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "The delimiter that is used to separate the lines in text." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTextAreaControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterTextAreaControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterTextAreaControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterTextAreaControl` ." + } + } + }, + "aws-native:quicksight:AnalysisParameterTextFieldControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTextFieldControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterTextFieldControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterTextFieldControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterTextFieldControl` ." + } + } + }, + "aws-native:quicksight:AnalysisParameterValueType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisParameters": { + "type": "object", + "properties": { + "dateTimeParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDateTimeParameter" + }, + "description": "\u003cp\u003eThe parameters that have a data type of date-time.\u003c/p\u003e" + }, + "decimalParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDecimalParameter" + }, + "description": "\u003cp\u003eThe parameters that have a data type of decimal.\u003c/p\u003e" + }, + "integerParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisIntegerParameter" + }, + "description": "\u003cp\u003eThe parameters that have a data type of integer.\u003c/p\u003e" + }, + "stringParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisStringParameter" + }, + "description": "\u003cp\u003eThe parameters that have a data type of string.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:AnalysisPercentVisibleRange": { + "type": "object", + "properties": { + "from": { + "type": "number", + "description": "The lower bound of the range." + }, + "to": { + "type": "number", + "description": "The top bound of the range." + } + } + }, + "aws-native:quicksight:AnalysisPercentageDisplayFormatConfiguration": { + "type": "object", + "properties": { + "decimalPlacesConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDecimalPlacesConfiguration", + "description": "The option that determines the decimal places configuration." + }, + "negativeValueConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNegativeValueConfiguration", + "description": "The options that determine the negative value configuration." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "prefix": { + "type": "string", + "description": "Determines the prefix value of the percentage format." + }, + "separatorConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericSeparatorConfiguration", + "description": "The options that determine the numeric separator configuration." + }, + "suffix": { + "type": "string", + "description": "Determines the suffix value of the percentage format." + } + } + }, + "aws-native:quicksight:AnalysisPercentileAggregation": { + "type": "object", + "properties": { + "percentileValue": { + "type": "number", + "description": "The percentile value. This value can be any numeric constant 0–100. A percentile value of 50 computes the median value of the measure." + } + } + }, + "aws-native:quicksight:AnalysisPeriodOverPeriodComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField", + "description": "The time field that is used in a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:AnalysisPeriodToDateComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "periodTimeGranularity": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeGranularity", + "description": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField", + "description": "The time field that is used in a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:AnalysisPieChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The category (group/color) field wells of a pie chart." + }, + "smallMultiples": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The small multiples field well of a pie chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The value field wells of a pie chart. Values are aggregated based on categories." + } + } + }, + "aws-native:quicksight:AnalysisPieChartConfiguration": { + "type": "object", + "properties": { + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options of the group/color that is displayed in a pie chart." + }, + "contributionAnalysisDefaults": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisContributionAnalysisDefault" + }, + "description": "The contribution analysis (anomaly configuration) setup of the visual." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "donutOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisDonutOptions", + "description": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisPieChartFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions", + "description": "The legend display setup of the visual." + }, + "smallMultiplesOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSmallMultiplesOptions", + "description": "The small multiples setup for the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisPieChartSortConfiguration", + "description": "The sort configuration of a pie chart." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "valueLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options for the value that is displayed in a pie chart." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:AnalysisPieChartFieldWells": { + "type": "object", + "properties": { + "pieChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisPieChartAggregatedFieldWells", + "description": "The field well configuration of a pie chart." + } + } + }, + "aws-native:quicksight:AnalysisPieChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of categories that are displayed in a pie chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + }, + "smallMultiplesLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of small multiples panels that are displayed." + }, + "smallMultiplesSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the small multiples field." + } + } + }, + "aws-native:quicksight:AnalysisPieChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisPieChartConfiguration", + "description": "The configuration of a pie chart." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisPivotFieldSortOptions": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID for the field sort options." + }, + "sortBy": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableSortBy", + "description": "The sort by field for the field sort options." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableAggregatedFieldWells": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The columns field well for a pivot table. Values are grouped by columns fields." + }, + "rows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The rows field well for a pivot table. Values are grouped by rows fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The values field well for a pivot table. Values are aggregated based on rows and columns fields." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableCellConditionalFormatting": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the cell for conditional formatting." + }, + "scope": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableConditionalFormattingScope", + "description": "The scope of the cell for conditional formatting." + }, + "scopes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableConditionalFormattingScope" + }, + "description": "A list of cell scopes for conditional formatting." + }, + "textFormat": { + "$ref": "#/types/aws-native:quicksight:AnalysisTextConditionalFormat", + "description": "The text format of the cell for conditional formatting." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableConditionalFormattingOption" + }, + "description": "Conditional formatting options for a `PivotTableVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableConditionalFormattingOption": { + "type": "object", + "properties": { + "cell": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableCellConditionalFormatting", + "description": "The cell conditional formatting option for a pivot table." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableConditionalFormattingScope": { + "type": "object", + "properties": { + "role": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableConditionalFormattingScopeRole", + "description": "The role (field, field total, grand total) of the cell for conditional formatting." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableConditionalFormattingScopeRole": { + "type": "string" + }, + "aws-native:quicksight:AnalysisPivotTableConfiguration": { + "type": "object", + "properties": { + "fieldOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableFieldOptions", + "description": "The field options for a pivot table visual." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableFieldWells", + "description": "The field wells of the visual." + }, + "paginatedReportOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTablePaginatedReportOptions", + "description": "The paginated report options for a pivot table visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableSortConfiguration", + "description": "The sort configuration for a `PivotTableVisual` ." + }, + "tableOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableOptions", + "description": "The table options for a pivot table visual." + }, + "totalOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableTotalOptions", + "description": "The total options for a pivot table visual." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableDataPathOption": { + "type": "object", + "properties": { + "dataPathList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataPathValue" + }, + "description": "The list of data path values for the data path options." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:AnalysisPivotTableDataPathType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisPivotTableFieldCollapseState": { + "type": "string" + }, + "aws-native:quicksight:AnalysisPivotTableFieldCollapseStateOption": { + "type": "object", + "properties": { + "state": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableFieldCollapseState", + "description": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`" + }, + "target": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableFieldCollapseStateTarget", + "description": "A tagged-union object that sets the collapse state." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableFieldCollapseStateTarget": { + "type": "object", + "properties": { + "fieldDataPathValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataPathValue" + }, + "description": "The data path of the pivot table's header. Used to set the collapse state." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the pivot table that the collapse state needs to be set to." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableFieldOption": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label of the pivot table field." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the pivot table field." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the pivot table field." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableFieldOptions": { + "type": "object", + "properties": { + "collapseStateOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableFieldCollapseStateOption" + }, + "description": "The collapse state options for the pivot table field options." + }, + "dataPathOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableDataPathOption" + }, + "description": "The data path options for the pivot table field options." + }, + "selectedFieldOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableFieldOption" + }, + "description": "The selected field options for the pivot table field options." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableFieldSubtotalOptions": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the subtotal options." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableFieldWells": { + "type": "object", + "properties": { + "pivotTableAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableAggregatedFieldWells", + "description": "The aggregated field well for the pivot table." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableMetricPlacement": { + "type": "string" + }, + "aws-native:quicksight:AnalysisPivotTableOptions": { + "type": "object", + "properties": { + "cellStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The table cell style of cells." + }, + "collapsedRowDimensionsVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` ." + }, + "columnHeaderStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The table cell style of the column header." + }, + "columnNamesVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the column names." + }, + "defaultCellWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "metricPlacement": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableMetricPlacement", + "description": "The metric placement (row, column) options." + }, + "rowAlternateColorOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisRowAlternateColorOptions", + "description": "The row alternate color options (widget status, row alternate colors)." + }, + "rowFieldNamesStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The table cell style of row field names." + }, + "rowHeaderStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The table cell style of the row headers." + }, + "rowsLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableRowsLabelOptions", + "description": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` ." + }, + "rowsLayout": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableRowsLayout", + "description": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields." + }, + "singleMetricVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the single metric options." + }, + "toggleButtonsVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines the visibility of the pivot table." + } + } + }, + "aws-native:quicksight:AnalysisPivotTablePaginatedReportOptions": { + "type": "object", + "properties": { + "overflowColumnHeaderVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the repeating header rows on each page." + }, + "verticalOverflowVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the printing table overflow across pages." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableRowsLabelOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the rows label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the rows label." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableRowsLayout": { + "type": "string" + }, + "aws-native:quicksight:AnalysisPivotTableSortBy": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnSort", + "description": "The column sort (field id, direction) for the pivot table sort by options." + }, + "dataPath": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataPathSort", + "description": "The data path sort (data path value, direction) for the pivot table sort by options." + }, + "field": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSort", + "description": "The field sort (field id, direction) for the pivot table sort by options." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableSortConfiguration": { + "type": "object", + "properties": { + "fieldSortOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotFieldSortOptions" + }, + "description": "The field sort options for a pivot table sort configuration." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableSubtotalLevel": { + "type": "string" + }, + "aws-native:quicksight:AnalysisPivotTableTotalOptions": { + "type": "object", + "properties": { + "columnSubtotalOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSubtotalOptions", + "description": "The column subtotal options." + }, + "columnTotalOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTotalOptions", + "description": "The column total options." + }, + "rowSubtotalOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSubtotalOptions", + "description": "The row subtotal options." + }, + "rowTotalOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTotalOptions", + "description": "The row total options." + } + } + }, + "aws-native:quicksight:AnalysisPivotTableVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableConfiguration", + "description": "The configuration settings of the visual." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableConditionalFormatting", + "description": "The conditional formatting for a `PivotTableVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:AnalysisPivotTotalOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the total cells." + }, + "metricHeaderCellStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The cell styling options for the total of header cells." + }, + "placement": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableTotalsPlacement", + "description": "The placement (start, end) for the total cells." + }, + "scrollStatus": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableTotalsScrollStatus", + "description": "The scroll status (pinned, scrolled) for the total cells." + }, + "totalAggregationOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisTotalAggregationOption" + }, + "description": "The total aggregation options for each value field." + }, + "totalCellStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The cell styling options for the total cells." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility configuration for the total cells." + }, + "valueCellStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The cell styling options for the totals of value cells." + } + } + }, + "aws-native:quicksight:AnalysisPredefinedHierarchy": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier" + }, + "description": "The list of columns that define the predefined hierarchy." + }, + "drillDownFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDrillDownFilter" + }, + "description": "The option that determines the drill down filters for the predefined hierarchy." + }, + "hierarchyId": { + "type": "string", + "description": "The hierarchy ID of the predefined hierarchy." + } + } + }, + "aws-native:quicksight:AnalysisPrimaryValueDisplayType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisProgressBarOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the progress bar." + } + } + }, + "aws-native:quicksight:AnalysisRadarChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The aggregated field well categories of a radar chart." + }, + "color": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The color that are assigned to the aggregated field wells of a radar chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The values that are assigned to the aggregated field wells of a radar chart." + } + } + }, + "aws-native:quicksight:AnalysisRadarChartAreaStyleSettings": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility settings of a radar chart." + } + } + }, + "aws-native:quicksight:AnalysisRadarChartAxesRangeScale": { + "type": "string" + }, + "aws-native:quicksight:AnalysisRadarChartConfiguration": { + "type": "object", + "properties": { + "alternateBandColorsVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines the visibility of the colors of alternatign bands in a radar chart." + }, + "alternateBandEvenColor": { + "type": "string", + "description": "The color of the even-numbered alternate bands of a radar chart." + }, + "alternateBandOddColor": { + "type": "string", + "description": "The color of the odd-numbered alternate bands of a radar chart." + }, + "axesRangeScale": { + "$ref": "#/types/aws-native:quicksight:AnalysisRadarChartAxesRangeScale", + "description": "The axis behavior options of a radar chart." + }, + "baseSeriesSettings": { + "$ref": "#/types/aws-native:quicksight:AnalysisRadarChartSeriesSettings", + "description": "The base sreies settings of a radar chart." + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The category axis of a radar chart." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The category label options of a radar chart." + }, + "colorAxis": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The color axis of a radar chart." + }, + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The color label options of a radar chart." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisRadarChartFieldWells", + "description": "The field well configuration of a `RadarChartVisual` ." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions", + "description": "The legend display setup of the visual." + }, + "shape": { + "$ref": "#/types/aws-native:quicksight:AnalysisRadarChartShape", + "description": "The shape of the radar chart." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisRadarChartSortConfiguration", + "description": "The sort configuration of a `RadarChartVisual` ." + }, + "startAngle": { + "type": "number", + "description": "The start angle of a radar chart's axis." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:AnalysisRadarChartFieldWells": { + "type": "object", + "properties": { + "radarChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisRadarChartAggregatedFieldWells", + "description": "The aggregated field wells of a radar chart visual." + } + } + }, + "aws-native:quicksight:AnalysisRadarChartSeriesSettings": { + "type": "object", + "properties": { + "areaStyleSettings": { + "$ref": "#/types/aws-native:quicksight:AnalysisRadarChartAreaStyleSettings", + "description": "The area style settings of a radar chart." + } + } + }, + "aws-native:quicksight:AnalysisRadarChartShape": { + "type": "string" + }, + "aws-native:quicksight:AnalysisRadarChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The category items limit for a radar chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The category sort options of a radar chart." + }, + "colorItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The color items limit of a radar chart." + }, + "colorSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The color sort configuration of a radar chart." + } + } + }, + "aws-native:quicksight:AnalysisRadarChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisRadarChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisRangeEndsLabelType": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the range ends label." + } + } + }, + "aws-native:quicksight:AnalysisReferenceLine": { + "type": "object", + "properties": { + "dataConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLineDataConfiguration", + "description": "The data configuration of the reference line." + }, + "labelConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLineLabelConfiguration", + "description": "The label configuration of the reference line." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:AnalysisWidgetStatus", + "description": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`" + }, + "styleConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLineStyleConfiguration", + "description": "The style configuration of the reference line." + } + } + }, + "aws-native:quicksight:AnalysisReferenceLineCustomLabelConfiguration": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The string text of the custom label." + } + } + }, + "aws-native:quicksight:AnalysisReferenceLineDataConfiguration": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisBinding", + "description": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`" + }, + "dynamicConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLineDynamicDataConfiguration", + "description": "The dynamic configuration of the reference line data configuration." + }, + "seriesType": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLineSeriesType", + "description": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`" + }, + "staticConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLineStaticDataConfiguration", + "description": "The static data configuration of the reference line data configuration." + } + } + }, + "aws-native:quicksight:AnalysisReferenceLineDynamicDataConfiguration": { + "type": "object", + "properties": { + "calculation": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericalAggregationFunction", + "description": "The calculation that is used in the dynamic data." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the dynamic data targets." + }, + "measureAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisAggregationFunction", + "description": "The aggregation function that is used in the dynamic data." + } + } + }, + "aws-native:quicksight:AnalysisReferenceLineLabelConfiguration": { + "type": "object", + "properties": { + "customLabelConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLineCustomLabelConfiguration", + "description": "The custom label configuration of the label in a reference line." + }, + "fontColor": { + "type": "string", + "description": "The font color configuration of the label in a reference line." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontConfiguration", + "description": "The font configuration of the label in a reference line." + }, + "horizontalPosition": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLineLabelHorizontalPosition", + "description": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`" + }, + "valueLabelConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLineValueLabelConfiguration", + "description": "The value label configuration of the label in a reference line." + }, + "verticalPosition": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLineLabelVerticalPosition", + "description": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`" + } + } + }, + "aws-native:quicksight:AnalysisReferenceLineLabelHorizontalPosition": { + "type": "string" + }, + "aws-native:quicksight:AnalysisReferenceLineLabelVerticalPosition": { + "type": "string" + }, + "aws-native:quicksight:AnalysisReferenceLinePatternType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisReferenceLineSeriesType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisReferenceLineStaticDataConfiguration": { + "type": "object", + "properties": { + "value": { + "type": "number", + "description": "The double input of the static data." + } + } + }, + "aws-native:quicksight:AnalysisReferenceLineStyleConfiguration": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The hex color of the reference line." + }, + "pattern": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLinePatternType", + "description": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`" + } + } + }, + "aws-native:quicksight:AnalysisReferenceLineValueLabelConfiguration": { + "type": "object", + "properties": { + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericFormatConfiguration", + "description": "The format configuration of the value label." + }, + "relativePosition": { + "$ref": "#/types/aws-native:quicksight:AnalysisReferenceLineValueLabelRelativePosition", + "description": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`" + } + } + }, + "aws-native:quicksight:AnalysisReferenceLineValueLabelRelativePosition": { + "type": "string" + }, + "aws-native:quicksight:AnalysisRelativeDateTimeControlDisplayOptions": { + "type": "object", + "properties": { + "dateTimeFormat": { + "type": "string", + "description": "Customize how dates are formatted in controls." + }, + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:AnalysisRelativeDateType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisRelativeDatesFilter": { + "type": "object", + "properties": { + "anchorDateConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisAnchorDateConfiguration", + "description": "The date configuration of the filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "excludePeriodConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisExcludePeriodConfiguration", + "description": "The configuration for the exclude period of the filter." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "minimumGranularity": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeGranularity", + "description": "The minimum granularity (period granularity) of the relative dates filter." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value." + }, + "relativeDateType": { + "$ref": "#/types/aws-native:quicksight:AnalysisRelativeDateType", + "description": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`" + }, + "relativeDateValue": { + "type": "number", + "description": "The date value of the filter." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:AnalysisRelativeFontSize": { + "type": "string" + }, + "aws-native:quicksight:AnalysisResizeOption": { + "type": "string" + }, + "aws-native:quicksight:AnalysisResourcePermission": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe IAM action to grant or revoke permissions on.\u003c/p\u003e" + }, + "principal": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the principal. This can be one of the\n following:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight\n ARN. Use this option only to share resources (templates) across Amazon Web Services accounts.\n (This is less common.) \u003c/p\u003e\n \u003c/li\u003e\n \u003c/ul\u003e" + } + } + }, + "aws-native:quicksight:AnalysisResourceStatus": { + "type": "string" + }, + "aws-native:quicksight:AnalysisRollingDateConfiguration": { + "type": "object", + "properties": { + "dataSetIdentifier": { + "type": "string", + "description": "The data set that is used in the rolling date configuration." + }, + "expression": { + "type": "string", + "description": "The expression of the rolling date configuration." + } + } + }, + "aws-native:quicksight:AnalysisRowAlternateColorOptions": { + "type": "object", + "properties": { + "rowAlternateColors": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Determines the list of row alternate colors." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:AnalysisWidgetStatus", + "description": "Determines the widget status." + }, + "usePrimaryBackgroundColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisWidgetStatus", + "description": "The primary background color options for alternate rows." + } + } + }, + "aws-native:quicksight:AnalysisSameSheetTargetVisualConfiguration": { + "type": "object", + "properties": { + "targetVisualOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTargetVisualOptions", + "description": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet." + }, + "targetVisuals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the target visual IDs that are located in the same sheet of the analysis." + } + } + }, + "aws-native:quicksight:AnalysisSankeyDiagramAggregatedFieldWells": { + "type": "object", + "properties": { + "destination": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The destination field wells of a sankey diagram." + }, + "source": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The source field wells of a sankey diagram." + }, + "weight": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The weight field wells of a sankey diagram." + } + } + }, + "aws-native:quicksight:AnalysisSankeyDiagramChartConfiguration": { + "type": "object", + "properties": { + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The data label configuration of a sankey diagram." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisSankeyDiagramFieldWells", + "description": "The field well configuration of a sankey diagram." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisSankeyDiagramSortConfiguration", + "description": "The sort configuration of a sankey diagram." + } + } + }, + "aws-native:quicksight:AnalysisSankeyDiagramFieldWells": { + "type": "object", + "properties": { + "sankeyDiagramAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisSankeyDiagramAggregatedFieldWells", + "description": "The field well configuration of a sankey diagram." + } + } + }, + "aws-native:quicksight:AnalysisSankeyDiagramSortConfiguration": { + "type": "object", + "properties": { + "destinationItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of destination nodes that are displayed in a sankey diagram." + }, + "sourceItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of source nodes that are displayed in a sankey diagram." + }, + "weightSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the weight fields." + } + } + }, + "aws-native:quicksight:AnalysisSankeyDiagramVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisSankeyDiagramChartConfiguration", + "description": "The configuration of a sankey diagram." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisScatterPlotCategoricallyAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The category field well of a scatter plot." + }, + "label": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The label field well of a scatter plot." + }, + "size": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The size field well of a scatter plot." + }, + "xAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category." + }, + "yAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category." + } + } + }, + "aws-native:quicksight:AnalysisScatterPlotConfiguration": { + "type": "object", + "properties": { + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisScatterPlotFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions", + "description": "The legend display setup of the visual." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The legend display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette", + "description": "The palette (chart color) display setup of the visual." + }, + "xAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis." + }, + "xAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis." + }, + "yAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis." + }, + "yAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis." + } + } + }, + "aws-native:quicksight:AnalysisScatterPlotFieldWells": { + "type": "object", + "properties": { + "scatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisScatterPlotCategoricallyAggregatedFieldWells", + "description": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both." + }, + "scatterPlotUnaggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisScatterPlotUnaggregatedFieldWells", + "description": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated." + } + } + }, + "aws-native:quicksight:AnalysisScatterPlotUnaggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The category field well of a scatter plot." + }, + "label": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The label field well of a scatter plot." + }, + "size": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The size field well of a scatter plot." + }, + "xAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated." + }, + "yAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated." + } + } + }, + "aws-native:quicksight:AnalysisScatterPlotVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisScatterPlotConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisScrollBarOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the data zoom scroll bar." + }, + "visibleRange": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibleRangeOptions", + "description": "The visibility range for the data zoom scroll bar." + } + } + }, + "aws-native:quicksight:AnalysisSecondaryValueOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines the visibility of the secondary value." + } + } + }, + "aws-native:quicksight:AnalysisSectionAfterPageBreak": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:quicksight:AnalysisSectionPageBreakStatus", + "description": "The option that enables or disables a page break at the end of a section." + } + } + }, + "aws-native:quicksight:AnalysisSectionBasedLayoutCanvasSizeOptions": { + "type": "object", + "properties": { + "paperCanvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSectionBasedLayoutPaperCanvasSizeOptions", + "description": "The options for a paper canvas of a section-based layout." + } + } + }, + "aws-native:quicksight:AnalysisSectionBasedLayoutConfiguration": { + "type": "object", + "properties": { + "bodySections": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisBodySectionConfiguration" + }, + "description": "A list of body section configurations." + }, + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSectionBasedLayoutCanvasSizeOptions", + "description": "The options for the canvas of a section-based layout." + }, + "footerSections": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisHeaderFooterSectionConfiguration" + }, + "description": "A list of footer section configurations." + }, + "headerSections": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisHeaderFooterSectionConfiguration" + }, + "description": "A list of header section configurations." + } + } + }, + "aws-native:quicksight:AnalysisSectionBasedLayoutPaperCanvasSizeOptions": { + "type": "object", + "properties": { + "paperMargin": { + "$ref": "#/types/aws-native:quicksight:AnalysisSpacing", + "description": "Defines the spacing between the canvas content and the top, bottom, left, and right edges." + }, + "paperOrientation": { + "$ref": "#/types/aws-native:quicksight:AnalysisPaperOrientation", + "description": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE" + }, + "paperSize": { + "$ref": "#/types/aws-native:quicksight:AnalysisPaperSize", + "description": "The paper size that is used to define canvas dimensions." + } + } + }, + "aws-native:quicksight:AnalysisSectionLayoutConfiguration": { + "type": "object", + "properties": { + "freeFormLayout": { + "$ref": "#/types/aws-native:quicksight:AnalysisFreeFormSectionLayoutConfiguration", + "description": "The free-form layout configuration of a section." + } + } + }, + "aws-native:quicksight:AnalysisSectionPageBreakConfiguration": { + "type": "object", + "properties": { + "after": { + "$ref": "#/types/aws-native:quicksight:AnalysisSectionAfterPageBreak", + "description": "The configuration of a page break after a section." + } + } + }, + "aws-native:quicksight:AnalysisSectionPageBreakStatus": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSectionStyle": { + "type": "object", + "properties": { + "height": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "padding": { + "$ref": "#/types/aws-native:quicksight:AnalysisSpacing", + "description": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default." + } + } + }, + "aws-native:quicksight:AnalysisSelectAllValueOptions": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSelectedFieldOptions": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSelectedSheetsFilterScopeConfiguration": { + "type": "object", + "properties": { + "sheetVisualScopingConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetVisualScopingConfiguration" + }, + "description": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to." + } + } + }, + "aws-native:quicksight:AnalysisSelectedTooltipType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSeriesItem": { + "type": "object", + "properties": { + "dataFieldSeriesItem": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataFieldSeriesItem", + "description": "The data field series item configuration of a line chart." + }, + "fieldSeriesItem": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSeriesItem", + "description": "The field series item configuration of a line chart." + } + } + }, + "aws-native:quicksight:AnalysisSetParameterValueConfiguration": { + "type": "object", + "properties": { + "destinationParameterName": { + "type": "string", + "description": "The destination parameter name of the `SetParameterValueConfiguration` ." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:AnalysisDestinationParameterValueConfiguration" + } + } + }, + "aws-native:quicksight:AnalysisShapeConditionalFormat": { + "type": "object", + "properties": { + "backgroundColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingColor", + "description": "The conditional formatting for the shape background color of a filled map visual." + } + } + }, + "aws-native:quicksight:AnalysisSheet": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight\n console.\u003c/p\u003e" + }, + "sheetId": { + "type": "string", + "description": "\u003cp\u003eThe unique identifier associated with a sheet.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:AnalysisSheetContentType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSheetControlDateTimePickerType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSheetControlInfoIconLabelOptions": { + "type": "object", + "properties": { + "infoIconText": { + "type": "string", + "description": "The text content of info icon." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility configuration of info icon label options." + } + } + }, + "aws-native:quicksight:AnalysisSheetControlLayout": { + "type": "object", + "properties": { + "configuration": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlLayoutConfiguration", + "description": "The configuration that determines the elements and canvas size options of sheet control." + } + } + }, + "aws-native:quicksight:AnalysisSheetControlLayoutConfiguration": { + "type": "object", + "properties": { + "gridLayout": { + "$ref": "#/types/aws-native:quicksight:AnalysisGridLayoutConfiguration", + "description": "The configuration that determines the elements and canvas size options of sheet control." + } + } + }, + "aws-native:quicksight:AnalysisSheetControlListType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSheetControlSliderType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSheetDefinition": { + "type": "object", + "properties": { + "contentType": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetContentType", + "description": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard." + }, + "description": { + "type": "string", + "description": "A description of the sheet." + }, + "filterControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterControl" + }, + "description": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* ." + }, + "layouts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisLayout" + }, + "description": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* ." + }, + "name": { + "type": "string", + "description": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console." + }, + "parameterControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterControl" + }, + "description": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* ." + }, + "sheetControlLayouts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlLayout" + }, + "description": "The control layouts of the sheet." + }, + "sheetId": { + "type": "string", + "description": "The unique identifier of a sheet." + }, + "textBoxes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetTextBox" + }, + "description": "The text boxes that are on a sheet." + }, + "title": { + "type": "string", + "description": "The title of the sheet." + }, + "visuals": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisual" + }, + "description": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet." + } + } + }, + "aws-native:quicksight:AnalysisSheetElementConfigurationOverrides": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`" + } + } + }, + "aws-native:quicksight:AnalysisSheetElementRenderingRule": { + "type": "object", + "properties": { + "configurationOverrides": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetElementConfigurationOverrides", + "description": "The override configuration of the rendering rules of a sheet." + }, + "expression": { + "type": "string", + "description": "The expression of the rendering rules of a sheet." + } + } + }, + "aws-native:quicksight:AnalysisSheetTextBox": { + "type": "object", + "properties": { + "content": { + "type": "string", + "description": "The content that is displayed in the text box." + }, + "sheetTextBoxId": { + "type": "string", + "description": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers." + } + } + }, + "aws-native:quicksight:AnalysisSheetVisualScopingConfiguration": { + "type": "object", + "properties": { + "scope": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterVisualScope", + "description": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`" + }, + "sheetId": { + "type": "string", + "description": "The selected sheet that the filter is applied to." + }, + "visualIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The selected visuals that the filter is applied to." + } + } + }, + "aws-native:quicksight:AnalysisShortFormatText": { + "type": "object", + "properties": { + "plainText": { + "type": "string", + "description": "Plain text format." + }, + "richText": { + "type": "string", + "description": "Rich text. Examples of rich text include bold, underline, and italics." + } + } + }, + "aws-native:quicksight:AnalysisSimpleAttributeAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSimpleClusterMarker": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color of the simple cluster marker." + } + } + }, + "aws-native:quicksight:AnalysisSimpleNumericalAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSimpleTotalAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSliderControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:AnalysisSmallMultiplesAxisPlacement": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSmallMultiplesAxisProperties": { + "type": "object", + "properties": { + "placement": { + "$ref": "#/types/aws-native:quicksight:AnalysisSmallMultiplesAxisPlacement", + "description": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels." + }, + "scale": { + "$ref": "#/types/aws-native:quicksight:AnalysisSmallMultiplesAxisScale", + "description": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` ." + } + } + }, + "aws-native:quicksight:AnalysisSmallMultiplesAxisScale": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSmallMultiplesOptions": { + "type": "object", + "properties": { + "maxVisibleColumns": { + "type": "number", + "description": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart." + }, + "maxVisibleRows": { + "type": "number", + "description": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart." + }, + "panelConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisPanelConfiguration", + "description": "Configures the display options for each small multiples panel." + }, + "xAxis": { + "$ref": "#/types/aws-native:quicksight:AnalysisSmallMultiplesAxisProperties", + "description": "The properties of a small multiples X axis." + }, + "yAxis": { + "$ref": "#/types/aws-native:quicksight:AnalysisSmallMultiplesAxisProperties", + "description": "The properties of a small multiples Y axis." + } + } + }, + "aws-native:quicksight:AnalysisSortDirection": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSourceEntity": { + "type": "object", + "properties": { + "sourceTemplate": { + "$ref": "#/types/aws-native:quicksight:AnalysisSourceTemplate", + "description": "The source template for the source entity of the analysis." + } + } + }, + "aws-native:quicksight:AnalysisSourceTemplate": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the source template of an analysis.\u003c/p\u003e" + }, + "dataSetReferences": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataSetReference" + }, + "description": "\u003cp\u003eThe dataset references of the source template of an analysis.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:AnalysisSpacing": { + "type": "object", + "properties": { + "bottom": { + "type": "string", + "description": "String based length that is composed of value and unit" + }, + "left": { + "type": "string", + "description": "String based length that is composed of value and unit" + }, + "right": { + "type": "string", + "description": "String based length that is composed of value and unit" + }, + "top": { + "type": "string", + "description": "String based length that is composed of value and unit" + } + } + }, + "aws-native:quicksight:AnalysisSpecialValue": { + "type": "string" + }, + "aws-native:quicksight:AnalysisStringDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisDynamicDefaultValue", + "description": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping." + }, + "staticValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The static values of the `DecimalDefaultValues` ." + } + } + }, + "aws-native:quicksight:AnalysisStringFormatConfiguration": { + "type": "object", + "properties": { + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numericFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericFormatConfiguration", + "description": "The formatting configuration for numeric strings." + } + } + }, + "aws-native:quicksight:AnalysisStringParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eA display name for a string parameter.\u003c/p\u003e" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe values of a string parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:AnalysisStringParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:AnalysisStringDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "parameterValueType": { + "$ref": "#/types/aws-native:quicksight:AnalysisParameterValueType", + "description": "The value type determines whether the parameter is a single-value or multi-value parameter." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:AnalysisStringValueWhenUnsetConfiguration", + "description": "The configuration that defines the default value of a `String` parameter when a value has not been set." + } + } + }, + "aws-native:quicksight:AnalysisStringValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "string", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:AnalysisStyledCellType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisSubtotalOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the subtotal cells." + }, + "fieldLevel": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableSubtotalLevel", + "description": "The field level (all, custom, last) for the subtotal cells." + }, + "fieldLevelOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableFieldSubtotalOptions" + }, + "description": "The optional configuration of subtotal cells." + }, + "metricHeaderCellStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The cell styling options for the subtotals of header cells." + }, + "styleTargets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableStyleTarget" + }, + "description": "The style targets options for subtotals." + }, + "totalCellStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The cell styling options for the subtotal cells." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility configuration for the subtotal cells." + }, + "valueCellStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The cell styling options for the subtotals of value cells." + } + } + }, + "aws-native:quicksight:AnalysisTableAggregatedFieldWells": { + "type": "object", + "properties": { + "groupBy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The group by field well for a pivot table. Values are grouped by group by fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The values field well for a pivot table. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:AnalysisTableBorderOptions": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color of a table border." + }, + "style": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableBorderStyle", + "description": "The style (none, solid) of a table border." + }, + "thickness": { + "type": "number", + "description": "The thickness of a table border." + } + } + }, + "aws-native:quicksight:AnalysisTableBorderStyle": { + "type": "string" + }, + "aws-native:quicksight:AnalysisTableCellConditionalFormatting": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the cell for conditional formatting." + }, + "textFormat": { + "$ref": "#/types/aws-native:quicksight:AnalysisTextConditionalFormat", + "description": "The text format of the cell for conditional formatting." + } + } + }, + "aws-native:quicksight:AnalysisTableCellImageScalingConfiguration": { + "type": "string" + }, + "aws-native:quicksight:AnalysisTableCellImageSizingConfiguration": { + "type": "object", + "properties": { + "tableCellImageScalingConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellImageScalingConfiguration", + "description": "The cell scaling configuration of the sizing options for the table image configuration." + } + } + }, + "aws-native:quicksight:AnalysisTableCellStyle": { + "type": "object", + "properties": { + "backgroundColor": { + "type": "string", + "description": "The background color for the table cells." + }, + "border": { + "$ref": "#/types/aws-native:quicksight:AnalysisGlobalTableBorderOptions", + "description": "The borders for the table cells." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontConfiguration", + "description": "The font configuration of the table cells." + }, + "height": { + "type": "number", + "description": "The height color for the table cells." + }, + "horizontalTextAlignment": { + "$ref": "#/types/aws-native:quicksight:AnalysisHorizontalTextAlignment", + "description": "The horizontal text alignment (left, center, right, auto) for the table cells." + }, + "textWrap": { + "$ref": "#/types/aws-native:quicksight:AnalysisTextWrap", + "description": "The text wrap (none, wrap) for the table cells." + }, + "verticalTextAlignment": { + "$ref": "#/types/aws-native:quicksight:AnalysisVerticalTextAlignment", + "description": "The vertical text alignment (top, middle, bottom) for the table cells." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the table cells." + } + } + }, + "aws-native:quicksight:AnalysisTableConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableConditionalFormattingOption" + }, + "description": "Conditional formatting options for a `PivotTableVisual` ." + } + } + }, + "aws-native:quicksight:AnalysisTableConditionalFormattingOption": { + "type": "object", + "properties": { + "cell": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellConditionalFormatting", + "description": "The cell conditional formatting option for a table." + }, + "row": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableRowConditionalFormatting", + "description": "The row conditional formatting option for a table." + } + } + }, + "aws-native:quicksight:AnalysisTableConfiguration": { + "type": "object", + "properties": { + "fieldOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableFieldOptions", + "description": "The field options for a table visual." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableFieldWells", + "description": "The field wells of the visual." + }, + "paginatedReportOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTablePaginatedReportOptions", + "description": "The paginated report options for a table visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableSortConfiguration", + "description": "The sort configuration for a `TableVisual` ." + }, + "tableInlineVisualizations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableInlineVisualization" + }, + "description": "A collection of inline visualizations to display within a chart." + }, + "tableOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableOptions", + "description": "The table options for a table visual." + }, + "totalOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTotalOptions", + "description": "The total options for a table visual." + } + } + }, + "aws-native:quicksight:AnalysisTableFieldCustomIconContent": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableFieldIconSetType", + "description": "The icon set type (link) of the custom icon content for table URL link content." + } + } + }, + "aws-native:quicksight:AnalysisTableFieldCustomTextContent": { + "type": "object", + "properties": { + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFontConfiguration", + "description": "The font configuration of the custom text content for the table URL link content." + }, + "value": { + "type": "string", + "description": "The string value of the custom text content for the table URL link content." + } + } + }, + "aws-native:quicksight:AnalysisTableFieldIconSetType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisTableFieldImageConfiguration": { + "type": "object", + "properties": { + "sizingOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellImageSizingConfiguration", + "description": "The sizing options for the table image configuration." + } + } + }, + "aws-native:quicksight:AnalysisTableFieldLinkConfiguration": { + "type": "object", + "properties": { + "content": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableFieldLinkContentConfiguration", + "description": "The URL content (text, icon) for the table link configuration." + }, + "target": { + "$ref": "#/types/aws-native:quicksight:AnalysisUrlTargetConfiguration", + "description": "The URL target (new tab, new window, same tab) for the table link configuration." + } + } + }, + "aws-native:quicksight:AnalysisTableFieldLinkContentConfiguration": { + "type": "object", + "properties": { + "customIconContent": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableFieldCustomIconContent", + "description": "The custom icon content for the table link content configuration." + }, + "customTextContent": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableFieldCustomTextContent", + "description": "The custom text content (value, font configuration) for the table link content configuration." + } + } + }, + "aws-native:quicksight:AnalysisTableFieldOption": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label for a table field." + }, + "fieldId": { + "type": "string", + "description": "The field ID for a table field." + }, + "urlStyling": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableFieldUrlConfiguration", + "description": "The URL configuration for a table field." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of a table field." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + }, + "irreversibleNames": { + "urlStyling": "URLStyling" + } + }, + "aws-native:quicksight:AnalysisTableFieldOptions": { + "type": "object", + "properties": { + "order": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The order of the field IDs that are configured as field options for a table visual." + }, + "pinnedFieldOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTablePinnedFieldOptions", + "description": "The settings for the pinned columns of a table visual." + }, + "selectedFieldOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableFieldOption" + }, + "description": "The field options to be configured to a table." + } + } + }, + "aws-native:quicksight:AnalysisTableFieldUrlConfiguration": { + "type": "object", + "properties": { + "imageConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableFieldImageConfiguration", + "description": "The image configuration of a table field URL." + }, + "linkConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableFieldLinkConfiguration", + "description": "The link configuration of a table field URL." + } + } + }, + "aws-native:quicksight:AnalysisTableFieldWells": { + "type": "object", + "properties": { + "tableAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableAggregatedFieldWells", + "description": "The aggregated field well for the table." + }, + "tableUnaggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableUnaggregatedFieldWells", + "description": "The unaggregated field well for the table." + } + } + }, + "aws-native:quicksight:AnalysisTableInlineVisualization": { + "type": "object", + "properties": { + "dataBars": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataBarsOptions", + "description": "The configuration of the inline visualization of the data bars within a chart." + } + } + }, + "aws-native:quicksight:AnalysisTableOptions": { + "type": "object", + "properties": { + "cellStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The table cell style of table cells." + }, + "headerStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "The table cell style of a table header." + }, + "orientation": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableOrientation", + "description": "The orientation (vertical, horizontal) for a table." + }, + "rowAlternateColorOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisRowAlternateColorOptions", + "description": "The row alternate color options (widget status, row alternate colors) for a table." + } + } + }, + "aws-native:quicksight:AnalysisTableOrientation": { + "type": "string" + }, + "aws-native:quicksight:AnalysisTablePaginatedReportOptions": { + "type": "object", + "properties": { + "overflowColumnHeaderVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of repeating header rows on each page." + }, + "verticalOverflowVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of printing table overflow across pages." + } + } + }, + "aws-native:quicksight:AnalysisTablePinnedFieldOptions": { + "type": "object", + "properties": { + "pinnedLeftFields": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of columns to be pinned to the left of a table visual." + } + } + }, + "aws-native:quicksight:AnalysisTableRowConditionalFormatting": { + "type": "object", + "properties": { + "backgroundColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingColor", + "description": "The conditional formatting color (solid, gradient) of the background for a table row." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingColor", + "description": "The conditional formatting color (solid, gradient) of the text for a table row." + } + } + }, + "aws-native:quicksight:AnalysisTableSideBorderOptions": { + "type": "object", + "properties": { + "bottom": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableBorderOptions", + "description": "The table border options of the bottom border." + }, + "innerHorizontal": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableBorderOptions", + "description": "The table border options of the inner horizontal border." + }, + "innerVertical": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableBorderOptions", + "description": "The table border options of the inner vertical border." + }, + "left": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableBorderOptions", + "description": "The table border options of the left border." + }, + "right": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableBorderOptions", + "description": "The table border options of the right border." + }, + "top": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableBorderOptions", + "description": "The table border options of the top border." + } + } + }, + "aws-native:quicksight:AnalysisTableSortConfiguration": { + "type": "object", + "properties": { + "paginationConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisPaginationConfiguration", + "description": "The pagination configuration (page size, page number) for the table." + }, + "rowSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The field sort options for rows in the table." + } + } + }, + "aws-native:quicksight:AnalysisTableStyleTarget": { + "type": "object", + "properties": { + "cellType": { + "$ref": "#/types/aws-native:quicksight:AnalysisStyledCellType", + "description": "The cell type of the table style target." + } + } + }, + "aws-native:quicksight:AnalysisTableTotalsPlacement": { + "type": "string" + }, + "aws-native:quicksight:AnalysisTableTotalsScrollStatus": { + "type": "string" + }, + "aws-native:quicksight:AnalysisTableUnaggregatedFieldWells": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisUnaggregatedField" + }, + "description": "The values field well for a pivot table. Values are unaggregated for an unaggregated table." + } + } + }, + "aws-native:quicksight:AnalysisTableVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableConfiguration", + "description": "The configuration settings of the visual." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableConditionalFormatting", + "description": "The conditional formatting for a `PivotTableVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:AnalysisTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eTag key.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eTag value.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:AnalysisTargetVisualOptions": { + "type": "string" + }, + "aws-native:quicksight:AnalysisTextAreaControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "placeholderOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTextControlPlaceholderOptions", + "description": "The configuration of the placeholder options in a text area control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:AnalysisTextConditionalFormat": { + "type": "object", + "properties": { + "backgroundColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingColor", + "description": "The conditional formatting for the text background color." + }, + "icon": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingIcon", + "description": "The conditional formatting for the icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:AnalysisConditionalFormattingColor", + "description": "The conditional formatting for the text color." + } + } + }, + "aws-native:quicksight:AnalysisTextControlPlaceholderOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility configuration of the placeholder options in a text control." + } + } + }, + "aws-native:quicksight:AnalysisTextFieldControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "placeholderOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisTextControlPlaceholderOptions", + "description": "The configuration of the placeholder options in a text field control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:AnalysisTextWrap": { + "type": "string" + }, + "aws-native:quicksight:AnalysisThousandSeparatorOptions": { + "type": "object", + "properties": { + "symbol": { + "$ref": "#/types/aws-native:quicksight:AnalysisNumericSeparatorSymbol", + "description": "Determines the thousands separator symbol." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines the visibility of the thousands separator." + } + } + }, + "aws-native:quicksight:AnalysisTimeBasedForecastProperties": { + "type": "object", + "properties": { + "lowerBoundary": { + "type": "number", + "description": "The lower boundary setup of a forecast computation." + }, + "periodsBackward": { + "type": "number", + "description": "The periods backward setup of a forecast computation." + }, + "periodsForward": { + "type": "number", + "description": "The periods forward setup of a forecast computation." + }, + "predictionInterval": { + "type": "number", + "description": "The prediction interval setup of a forecast computation." + }, + "seasonality": { + "type": "number", + "description": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value." + }, + "upperBoundary": { + "type": "number", + "description": "The upper boundary setup of a forecast computation." + } + } + }, + "aws-native:quicksight:AnalysisTimeEqualityFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` ." + }, + "rollingDate": { + "$ref": "#/types/aws-native:quicksight:AnalysisRollingDateConfiguration", + "description": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` ." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + }, + "value": { + "type": "string", + "description": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` ." + } + } + }, + "aws-native:quicksight:AnalysisTimeGranularity": { + "type": "string" + }, + "aws-native:quicksight:AnalysisTimeRangeDrillDownFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "rangeMaximum": { + "type": "string", + "description": "The maximum value for the filter value range." + }, + "rangeMinimum": { + "type": "string", + "description": "The minimum value for the filter value range." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:AnalysisTimeRangeFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "excludePeriodConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisExcludePeriodConfiguration", + "description": "The exclude period of the time range filter." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "includeMaximum": { + "type": "boolean", + "description": "Determines whether the maximum value in the filter value range should be included in the filtered results." + }, + "includeMinimum": { + "type": "boolean", + "description": "Determines whether the minimum value in the filter value range should be included in the filtered results." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "rangeMaximumValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeRangeFilterValue", + "description": "The maximum value for the filter value range." + }, + "rangeMinimumValue": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeRangeFilterValue", + "description": "The minimum value for the filter value range." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:AnalysisTimeRangeFilterValue": { + "type": "object", + "properties": { + "parameter": { + "type": "string", + "description": "The parameter type input value." + }, + "rollingDate": { + "$ref": "#/types/aws-native:quicksight:AnalysisRollingDateConfiguration", + "description": "The rolling date input value." + }, + "staticValue": { + "type": "string", + "description": "The static input value." + } + } + }, + "aws-native:quicksight:AnalysisTooltipItem": { + "type": "object", + "properties": { + "columnTooltipItem": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnTooltipItem", + "description": "The tooltip item for the columns that are not part of a field well." + }, + "fieldTooltipItem": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldTooltipItem", + "description": "The tooltip item for the fields." + } + } + }, + "aws-native:quicksight:AnalysisTooltipOptions": { + "type": "object", + "properties": { + "fieldBasedTooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldBasedTooltip", + "description": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type." + }, + "selectedTooltipType": { + "$ref": "#/types/aws-native:quicksight:AnalysisSelectedTooltipType", + "description": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip." + }, + "tooltipVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "Determines whether or not the tooltip is visible." + } + } + }, + "aws-native:quicksight:AnalysisTooltipTitleType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisTopBottomComputationType": { + "type": "string" + }, + "aws-native:quicksight:AnalysisTopBottomFilter": { + "type": "object", + "properties": { + "aggregationSortConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisAggregationSortConfiguration" + }, + "description": "The aggregation and sort configuration of the top bottom filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "limit": { + "type": "number", + "description": "The number of items to include in the top bottom filter results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:AnalysisTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:AnalysisTopBottomMoversComputation": { + "type": "object", + "properties": { + "category": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField", + "description": "The category field that is used in a computation." + }, + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "moverSize": { + "type": "number", + "description": "The mover size setup of the top and bottom movers computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "sortOrder": { + "$ref": "#/types/aws-native:quicksight:AnalysisTopBottomSortOrder", + "description": "The sort order setup of the top and bottom movers computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField", + "description": "The time field that is used in a computation." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisTopBottomComputationType", + "description": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:AnalysisTopBottomRankedComputation": { + "type": "object", + "properties": { + "category": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField", + "description": "The category field that is used in a computation." + }, + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "resultSize": { + "type": "number", + "description": "The result size of a top and bottom ranked computation." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:AnalysisTopBottomComputationType", + "description": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:AnalysisTopBottomSortOrder": { + "type": "string" + }, + "aws-native:quicksight:AnalysisTotalAggregationComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:AnalysisTotalAggregationFunction": { + "type": "object", + "properties": { + "simpleTotalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisSimpleTotalAggregationFunction", + "description": "A built in aggregation function for total values." + } + } + }, + "aws-native:quicksight:AnalysisTotalAggregationOption": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field id that's associated with the total aggregation option." + }, + "totalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:AnalysisTotalAggregationFunction", + "description": "The total aggregation function that you want to set for a specified field id." + } + } + }, + "aws-native:quicksight:AnalysisTotalOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the total cells." + }, + "placement": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableTotalsPlacement", + "description": "The placement (start, end) for the total cells." + }, + "scrollStatus": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableTotalsScrollStatus", + "description": "The scroll status (pinned, scrolled) for the total cells." + }, + "totalAggregationOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisTotalAggregationOption" + }, + "description": "The total aggregation settings for each value field." + }, + "totalCellStyle": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableCellStyle", + "description": "Cell styling options for the total cells." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility configuration for the total cells." + } + } + }, + "aws-native:quicksight:AnalysisTreeMapAggregatedFieldWells": { + "type": "object", + "properties": { + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The color field well of a tree map. Values are grouped by aggregations based on group by fields." + }, + "groups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The group by field well of a tree map. Values are grouped based on group by fields." + }, + "sizes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The size field well of a tree map. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:AnalysisTreeMapConfiguration": { + "type": "object", + "properties": { + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility) for the colors displayed in a tree map." + }, + "colorScale": { + "$ref": "#/types/aws-native:quicksight:AnalysisColorScale", + "description": "The color options (gradient color, point of divergence) of a tree map." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisTreeMapFieldWells", + "description": "The field wells of the visual." + }, + "groupLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility) of the groups that are displayed in a tree map." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions", + "description": "The legend display setup of the visual." + }, + "sizeLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility) of the sizes that are displayed in a tree map." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisTreeMapSortConfiguration", + "description": "The sort configuration of a tree map." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:AnalysisTooltipOptions", + "description": "The tooltip display setup of the visual." + } + } + }, + "aws-native:quicksight:AnalysisTreeMapFieldWells": { + "type": "object", + "properties": { + "treeMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisTreeMapAggregatedFieldWells", + "description": "The aggregated field wells of a tree map." + } + } + }, + "aws-native:quicksight:AnalysisTreeMapSortConfiguration": { + "type": "object", + "properties": { + "treeMapGroupItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of groups that are displayed." + }, + "treeMapSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of group by fields." + } + } + }, + "aws-native:quicksight:AnalysisTreeMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisTreeMapConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:AnalysisTrendArrowOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the trend arrows." + } + } + }, + "aws-native:quicksight:AnalysisUnaggregatedField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnIdentifier", + "description": "The column that is used in the `UnaggregatedField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:AnalysisUniqueValuesComputation": { + "type": "object", + "properties": { + "category": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField", + "description": "The category field that is used in a computation." + }, + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + } + } + }, + "aws-native:quicksight:AnalysisUrlTargetConfiguration": { + "type": "string" + }, + "aws-native:quicksight:AnalysisValidationStrategy": { + "type": "object", + "properties": { + "mode": { + "$ref": "#/types/aws-native:quicksight:AnalysisValidationStrategyMode", + "description": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors." + } + } + }, + "aws-native:quicksight:AnalysisValidationStrategyMode": { + "type": "string" + }, + "aws-native:quicksight:AnalysisValueWhenUnsetOption": { + "type": "string" + }, + "aws-native:quicksight:AnalysisVerticalTextAlignment": { + "type": "string" + }, + "aws-native:quicksight:AnalysisVisibility": { + "type": "string" + }, + "aws-native:quicksight:AnalysisVisibleRangeOptions": { + "type": "object", + "properties": { + "percentRange": { + "$ref": "#/types/aws-native:quicksight:AnalysisPercentVisibleRange", + "description": "The percent range in the visible range." + } + } + }, + "aws-native:quicksight:AnalysisVisual": { + "type": "object", + "properties": { + "barChartVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisBarChartVisual", + "description": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "boxPlotVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisBoxPlotVisual", + "description": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* ." + }, + "comboChartVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisComboChartVisual", + "description": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "customContentVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomContentVisual", + "description": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* ." + }, + "emptyVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisEmptyVisual", + "description": "An empty visual." + }, + "filledMapVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisFilledMapVisual", + "description": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* ." + }, + "funnelChartVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisFunnelChartVisual", + "description": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* ." + }, + "gaugeChartVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisGaugeChartVisual", + "description": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "geospatialMapVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisGeospatialMapVisual", + "description": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* ." + }, + "heatMapVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisHeatMapVisual", + "description": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* ." + }, + "histogramVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisHistogramVisual", + "description": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "insightVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisInsightVisual", + "description": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* ." + }, + "kpiVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisKpiVisual", + "description": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* ." + }, + "lineChartVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisLineChartVisual", + "description": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "pieChartVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisPieChartVisual", + "description": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "pivotTableVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisPivotTableVisual", + "description": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* ." + }, + "radarChartVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisRadarChartVisual", + "description": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "sankeyDiagramVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisSankeyDiagramVisual", + "description": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* ." + }, + "scatterPlotVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisScatterPlotVisual", + "description": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* ." + }, + "tableVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisTableVisual", + "description": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* ." + }, + "treeMapVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisTreeMapVisual", + "description": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* ." + }, + "waterfallVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisWaterfallVisual", + "description": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "wordCloudVisual": { + "$ref": "#/types/aws-native:quicksight:AnalysisWordCloudVisual", + "description": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* ." + } + }, + "irreversibleNames": { + "kpiVisual": "KPIVisual" + } + }, + "aws-native:quicksight:AnalysisVisualCustomAction": { + "type": "object", + "properties": { + "actionOperations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomActionOperation" + }, + "description": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined." + }, + "customActionId": { + "type": "string", + "description": "The ID of the `VisualCustomAction` ." + }, + "name": { + "type": "string", + "description": "The name of the `VisualCustomAction` ." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:AnalysisWidgetStatus", + "description": "The status of the `VisualCustomAction` ." + }, + "trigger": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomActionTrigger", + "description": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu." + } + } + }, + "aws-native:quicksight:AnalysisVisualCustomActionOperation": { + "type": "object", + "properties": { + "filterOperation": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomActionFilterOperation", + "description": "The filter operation that filters data included in a visual or in an entire sheet." + }, + "navigationOperation": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomActionNavigationOperation", + "description": "The navigation operation that navigates between different sheets in the same analysis." + }, + "setParametersOperation": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomActionSetParametersOperation", + "description": "The set parameter operation that sets parameters in custom action." + }, + "urlOperation": { + "$ref": "#/types/aws-native:quicksight:AnalysisCustomActionUrlOperation", + "description": "The URL operation that opens a link to another webpage." + } + }, + "irreversibleNames": { + "urlOperation": "URLOperation" + } + }, + "aws-native:quicksight:AnalysisVisualCustomActionTrigger": { + "type": "string" + }, + "aws-native:quicksight:AnalysisVisualPalette": { + "type": "object", + "properties": { + "chartColor": { + "type": "string", + "description": "The chart color options for the visual palette." + }, + "colorMap": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataPathColor" + }, + "description": "The color map options for the visual palette." + } + } + }, + "aws-native:quicksight:AnalysisVisualSubtitleLabelOptions": { + "type": "object", + "properties": { + "formatText": { + "$ref": "#/types/aws-native:quicksight:AnalysisLongFormatText", + "description": "The long text format of the subtitle label, such as plain text or rich text." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the subtitle label." + } + } + }, + "aws-native:quicksight:AnalysisVisualTitleLabelOptions": { + "type": "object", + "properties": { + "formatText": { + "$ref": "#/types/aws-native:quicksight:AnalysisShortFormatText", + "description": "The short text format of the title label, such as plain text or rich text." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisibility", + "description": "The visibility of the title label." + } + } + }, + "aws-native:quicksight:AnalysisWaterfallChartAggregatedFieldWells": { + "type": "object", + "properties": { + "breakdowns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The breakdown field wells of a waterfall visual." + }, + "categories": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The category field wells of a waterfall visual." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The value field wells of a waterfall visual." + } + } + }, + "aws-native:quicksight:AnalysisWaterfallChartColorConfiguration": { + "type": "object", + "properties": { + "groupColorConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisWaterfallChartGroupColorConfiguration", + "description": "The color configuration for individual groups within a waterfall visual." + } + } + }, + "aws-native:quicksight:AnalysisWaterfallChartConfiguration": { + "type": "object", + "properties": { + "categoryAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The options that determine the presentation of the category axis." + }, + "categoryAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The options that determine the presentation of the category axis label." + }, + "colorConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisWaterfallChartColorConfiguration", + "description": "The color configuration of a waterfall visual." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:AnalysisDataLabelOptions", + "description": "The data label configuration of a waterfall visual." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisWaterfallChartFieldWells", + "description": "The field well configuration of a waterfall visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:AnalysisLegendOptions", + "description": "The legend configuration of a waterfall visual." + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisAxisDisplayOptions", + "description": "The options that determine the presentation of the y-axis." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The options that determine the presentation of the y-axis label." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisWaterfallChartSortConfiguration", + "description": "The sort configuration of a waterfall visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualPalette", + "description": "The visual palette configuration of a waterfall visual." + }, + "waterfallChartOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisWaterfallChartOptions", + "description": "The options that determine the presentation of a waterfall visual." + } + } + }, + "aws-native:quicksight:AnalysisWaterfallChartFieldWells": { + "type": "object", + "properties": { + "waterfallChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisWaterfallChartAggregatedFieldWells", + "description": "The field well configuration of a waterfall visual." + } + } + }, + "aws-native:quicksight:AnalysisWaterfallChartGroupColorConfiguration": { + "type": "object", + "properties": { + "negativeBarColor": { + "type": "string", + "description": "Defines the color for the negative bars of a waterfall chart." + }, + "positiveBarColor": { + "type": "string", + "description": "Defines the color for the positive bars of a waterfall chart." + }, + "totalBarColor": { + "type": "string", + "description": "Defines the color for the total bars of a waterfall chart." + } + } + }, + "aws-native:quicksight:AnalysisWaterfallChartOptions": { + "type": "object", + "properties": { + "totalBarLabel": { + "type": "string", + "description": "This option determines the total bar label of a waterfall visual." + } + } + }, + "aws-native:quicksight:AnalysisWaterfallChartSortConfiguration": { + "type": "object", + "properties": { + "breakdownItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of bar groups that are displayed." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + } + } + }, + "aws-native:quicksight:AnalysisWaterfallVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisWaterfallChartConfiguration", + "description": "The configuration for a waterfall visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:AnalysisWhatIfPointScenario": { + "type": "object", + "properties": { + "date": { + "type": "string", + "description": "The date that you need the forecast results for." + }, + "value": { + "type": "number", + "description": "The target value that you want to meet for the provided date." + } + } + }, + "aws-native:quicksight:AnalysisWhatIfRangeScenario": { + "type": "object", + "properties": { + "endDate": { + "type": "string", + "description": "The end date in the date range that you need the forecast results for." + }, + "startDate": { + "type": "string", + "description": "The start date in the date range that you need the forecast results for." + }, + "value": { + "type": "number", + "description": "The target value that you want to meet for the provided date range." + } + } + }, + "aws-native:quicksight:AnalysisWidgetStatus": { + "type": "string" + }, + "aws-native:quicksight:AnalysisWordCloudAggregatedFieldWells": { + "type": "object", + "properties": { + "groupBy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisDimensionField" + }, + "description": "The group by field well of a word cloud. Values are grouped by group by fields." + }, + "size": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisMeasureField" + }, + "description": "The size field well of a word cloud. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:AnalysisWordCloudChartConfiguration": { + "type": "object", + "properties": { + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisWordCloudFieldWells", + "description": "The field wells of the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisWordCloudSortConfiguration", + "description": "The sort configuration of a word cloud visual." + }, + "wordCloudOptions": { + "$ref": "#/types/aws-native:quicksight:AnalysisWordCloudOptions", + "description": "The options for a word cloud visual." + } + } + }, + "aws-native:quicksight:AnalysisWordCloudCloudLayout": { + "type": "string" + }, + "aws-native:quicksight:AnalysisWordCloudFieldWells": { + "type": "object", + "properties": { + "wordCloudAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:AnalysisWordCloudAggregatedFieldWells", + "description": "The aggregated field wells of a word cloud." + } + } + }, + "aws-native:quicksight:AnalysisWordCloudOptions": { + "type": "object", + "properties": { + "cloudLayout": { + "$ref": "#/types/aws-native:quicksight:AnalysisWordCloudCloudLayout", + "description": "The cloud layout options (fluid, normal) of a word cloud." + }, + "maximumStringLength": { + "type": "number", + "description": "The length limit of each word from 1-100." + }, + "wordCasing": { + "$ref": "#/types/aws-native:quicksight:AnalysisWordCloudWordCasing", + "description": "The word casing options (lower_case, existing_case) for the words in a word cloud." + }, + "wordOrientation": { + "$ref": "#/types/aws-native:quicksight:AnalysisWordCloudWordOrientation", + "description": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud." + }, + "wordPadding": { + "$ref": "#/types/aws-native:quicksight:AnalysisWordCloudWordPadding", + "description": "The word padding options (none, small, medium, large) for the words in a word cloud." + }, + "wordScaling": { + "$ref": "#/types/aws-native:quicksight:AnalysisWordCloudWordScaling", + "description": "The word scaling options (emphasize, normal) for the words in a word cloud." + } + } + }, + "aws-native:quicksight:AnalysisWordCloudSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:AnalysisItemsLimitConfiguration", + "description": "The limit on the number of groups that are displayed in a word cloud." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisFieldSortOptions" + }, + "description": "The sort configuration of group by fields." + } + } + }, + "aws-native:quicksight:AnalysisWordCloudVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:AnalysisWordCloudChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:AnalysisColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:AnalysisVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:AnalysisWordCloudWordCasing": { + "type": "string" + }, + "aws-native:quicksight:AnalysisWordCloudWordOrientation": { + "type": "string" + }, + "aws-native:quicksight:AnalysisWordCloudWordPadding": { + "type": "string" + }, + "aws-native:quicksight:AnalysisWordCloudWordScaling": { + "type": "string" + }, + "aws-native:quicksight:DashboardAdHocFilteringOption": { + "type": "object", + "properties": { + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardBehavior", + "description": "Availability status." + } + } + }, + "aws-native:quicksight:DashboardAggregationFunction": { + "type": "object", + "properties": { + "attributeAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardAttributeAggregationFunction", + "description": "Aggregation for attributes." + }, + "categoricalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoricalAggregationFunction", + "description": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values." + }, + "dateAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardDateAggregationFunction", + "description": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value." + }, + "numericalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericalAggregationFunction", + "description": "Aggregation for numerical values." + } + } + }, + "aws-native:quicksight:DashboardAggregationSortConfiguration": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardAggregationFunction", + "description": "The function that aggregates the values in `Column` ." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that determines the sort order of aggregated values." + }, + "sortDirection": { + "$ref": "#/types/aws-native:quicksight:DashboardSortDirection", + "description": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order." + } + } + }, + "aws-native:quicksight:DashboardAllSheetsFilterScopeConfiguration": { + "type": "object" + }, + "aws-native:quicksight:DashboardAnalysisDefaults": { + "type": "object", + "properties": { + "defaultNewSheetConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultNewSheetConfiguration", + "description": "The configuration for default new sheet settings." + } + } + }, + "aws-native:quicksight:DashboardAnchorDateConfiguration": { + "type": "object", + "properties": { + "anchorOption": { + "$ref": "#/types/aws-native:quicksight:DashboardAnchorOption", + "description": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`" + }, + "parameterName": { + "type": "string", + "description": "The name of the parameter that is used for the anchor date configuration." + } + } + }, + "aws-native:quicksight:DashboardAnchorOption": { + "type": "string" + }, + "aws-native:quicksight:DashboardArcAxisConfiguration": { + "type": "object", + "properties": { + "range": { + "$ref": "#/types/aws-native:quicksight:DashboardArcAxisDisplayRange", + "description": "The arc axis range of a `GaugeChartVisual` ." + }, + "reserveRange": { + "type": "number", + "description": "The reserved range of the arc axis." + } + } + }, + "aws-native:quicksight:DashboardArcAxisDisplayRange": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum value of the arc axis range." + }, + "min": { + "type": "number", + "description": "The minimum value of the arc axis range." + } + } + }, + "aws-native:quicksight:DashboardArcConfiguration": { + "type": "object", + "properties": { + "arcAngle": { + "type": "number", + "description": "The option that determines the arc angle of a `GaugeChartVisual` ." + }, + "arcThickness": { + "$ref": "#/types/aws-native:quicksight:DashboardArcThicknessOptions", + "description": "The options that determine the arc thickness of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:DashboardArcOptions": { + "type": "object", + "properties": { + "arcThickness": { + "$ref": "#/types/aws-native:quicksight:DashboardArcThickness", + "description": "The arc thickness of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:DashboardArcThickness": { + "type": "string" + }, + "aws-native:quicksight:DashboardArcThicknessOptions": { + "type": "string" + }, + "aws-native:quicksight:DashboardAssetOptions": { + "type": "object", + "properties": { + "timezone": { + "type": "string", + "description": "Determines the timezone for the analysis." + }, + "weekStart": { + "$ref": "#/types/aws-native:quicksight:DashboardDayOfTheWeek", + "description": "Determines the week start day for an analysis." + } + } + }, + "aws-native:quicksight:DashboardAttributeAggregationFunction": { + "type": "object", + "properties": { + "simpleAttributeAggregation": { + "$ref": "#/types/aws-native:quicksight:DashboardSimpleAttributeAggregationFunction", + "description": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields." + }, + "valueForMultipleValues": { + "type": "string", + "description": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'." + } + } + }, + "aws-native:quicksight:DashboardAxisBinding": { + "type": "string" + }, + "aws-native:quicksight:DashboardAxisDataOptions": { + "type": "object", + "properties": { + "dateAxisOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDateAxisOptions", + "description": "The options for an axis with a date field." + }, + "numericAxisOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericAxisOptions", + "description": "The options for an axis with a numeric field." + } + } + }, + "aws-native:quicksight:DashboardAxisDisplayDataDrivenRange": { + "type": "object" + }, + "aws-native:quicksight:DashboardAxisDisplayMinMaxRange": { + "type": "object", + "properties": { + "maximum": { + "type": "number", + "description": "The maximum setup for an axis display range." + }, + "minimum": { + "type": "number", + "description": "The minimum setup for an axis display range." + } + } + }, + "aws-native:quicksight:DashboardAxisDisplayOptions": { + "type": "object", + "properties": { + "axisLineVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines whether or not the axis line is visible." + }, + "axisOffset": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "dataOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDataOptions", + "description": "The data options for an axis." + }, + "gridLineVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines whether or not the grid line is visible." + }, + "scrollbarOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardScrollBarOptions", + "description": "The scroll bar options for an axis." + }, + "tickLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisTickLabelOptions", + "description": "The tick label options of an axis." + } + } + }, + "aws-native:quicksight:DashboardAxisDisplayRange": { + "type": "object", + "properties": { + "dataDriven": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayDataDrivenRange", + "description": "The data-driven setup of an axis display range." + }, + "minMax": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayMinMaxRange", + "description": "The minimum and maximum setup of an axis display range." + } + } + }, + "aws-native:quicksight:DashboardAxisLabelOptions": { + "type": "object", + "properties": { + "applyTo": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisLabelReferenceOptions", + "description": "The options that indicate which field the label belongs to." + }, + "customLabel": { + "type": "string", + "description": "The text for the axis label." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontConfiguration", + "description": "The font configuration of the axis label." + } + } + }, + "aws-native:quicksight:DashboardAxisLabelReferenceOptions": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the axis label is targeted to." + }, + "fieldId": { + "type": "string", + "description": "The field that the axis label is targeted to." + } + } + }, + "aws-native:quicksight:DashboardAxisLinearScale": { + "type": "object", + "properties": { + "stepCount": { + "type": "number", + "description": "The step count setup of a linear axis." + }, + "stepSize": { + "type": "number", + "description": "The step size setup of a linear axis." + } + } + }, + "aws-native:quicksight:DashboardAxisLogarithmicScale": { + "type": "object", + "properties": { + "base": { + "type": "number", + "description": "The base setup of a logarithmic axis scale." + } + } + }, + "aws-native:quicksight:DashboardAxisScale": { + "type": "object", + "properties": { + "linear": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisLinearScale", + "description": "The linear axis scale setup." + }, + "logarithmic": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisLogarithmicScale", + "description": "The logarithmic axis scale setup." + } + } + }, + "aws-native:quicksight:DashboardAxisTickLabelOptions": { + "type": "object", + "properties": { + "labelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardLabelOptions", + "description": "Determines whether or not the axis ticks are visible." + }, + "rotationAngle": { + "type": "number", + "description": "The rotation angle of the axis tick labels." + } + } + }, + "aws-native:quicksight:DashboardBarChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The category (y-axis) field well of a bar chart." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The color (group/color) field well of a bar chart." + }, + "smallMultiples": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The small multiples field well of a bar chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The value field wells of a bar chart. Values are aggregated by category." + } + } + }, + "aws-native:quicksight:DashboardBarChartConfiguration": { + "type": "object", + "properties": { + "barsArrangement": { + "$ref": "#/types/aws-native:quicksight:DashboardBarsArrangement", + "description": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual." + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) for bar chart category." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) for a bar chart." + }, + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart." + }, + "contributionAnalysisDefaults": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardContributionAnalysisDefault" + }, + "description": "The contribution analysis (anomaly configuration) setup of the visual." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardBarChartFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions", + "description": "The legend display setup of the visual." + }, + "orientation": { + "$ref": "#/types/aws-native:quicksight:DashboardBarChartOrientation", + "description": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLine" + }, + "description": "The reference line setup of the visual." + }, + "smallMultiplesOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSmallMultiplesOptions", + "description": "The small multiples setup for the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardBarChartSortConfiguration", + "description": "The sort configuration of a `BarChartVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "valueAxis": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) for a bar chart value." + }, + "valueLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) for a bar chart value." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:DashboardBarChartFieldWells": { + "type": "object", + "properties": { + "barChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardBarChartAggregatedFieldWells", + "description": "The aggregated field wells of a bar chart." + } + } + }, + "aws-native:quicksight:DashboardBarChartOrientation": { + "type": "string" + }, + "aws-native:quicksight:DashboardBarChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of categories displayed in a bar chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of category fields." + }, + "colorItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of values displayed in a bar chart." + }, + "colorSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of color fields in a bar chart." + }, + "smallMultiplesLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of small multiples panels that are displayed." + }, + "smallMultiplesSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the small multiples field." + } + } + }, + "aws-native:quicksight:DashboardBarChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardBarChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardBarsArrangement": { + "type": "string" + }, + "aws-native:quicksight:DashboardBaseMapStyleType": { + "type": "string" + }, + "aws-native:quicksight:DashboardBehavior": { + "type": "string" + }, + "aws-native:quicksight:DashboardBinCountOptions": { + "type": "object", + "properties": { + "value": { + "type": "number", + "description": "The options that determine the bin count value." + } + } + }, + "aws-native:quicksight:DashboardBinWidthOptions": { + "type": "object", + "properties": { + "binCountLimit": { + "type": "number", + "description": "The options that determine the bin count limit." + }, + "value": { + "type": "number", + "description": "The options that determine the bin width value." + } + } + }, + "aws-native:quicksight:DashboardBodySectionConfiguration": { + "type": "object", + "properties": { + "content": { + "$ref": "#/types/aws-native:quicksight:DashboardBodySectionContent", + "description": "The configuration of content in a body section." + }, + "pageBreakConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardSectionPageBreakConfiguration", + "description": "The configuration of a page break for a section." + }, + "sectionId": { + "type": "string", + "description": "The unique identifier of a body section." + }, + "style": { + "$ref": "#/types/aws-native:quicksight:DashboardSectionStyle", + "description": "The style options of a body section." + } + } + }, + "aws-native:quicksight:DashboardBodySectionContent": { + "type": "object", + "properties": { + "layout": { + "$ref": "#/types/aws-native:quicksight:DashboardSectionLayoutConfiguration", + "description": "The layout configuration of a body section." + } + } + }, + "aws-native:quicksight:DashboardBoxPlotAggregatedFieldWells": { + "type": "object", + "properties": { + "groupBy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The group by field well of a box plot chart. Values are grouped based on group by fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The value field well of a box plot chart. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:DashboardBoxPlotChartConfiguration": { + "type": "object", + "properties": { + "boxPlotOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardBoxPlotOptions", + "description": "The box plot chart options for a box plot visual" + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) of a box plot category." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort Icon visibility) of a box plot category." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardBoxPlotFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions" + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) of a box plot category." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) of a box plot value." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLine" + }, + "description": "The reference line setup of the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardBoxPlotSortConfiguration", + "description": "The sort configuration of a `BoxPlotVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:DashboardBoxPlotFieldWells": { + "type": "object", + "properties": { + "boxPlotAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardBoxPlotAggregatedFieldWells", + "description": "The aggregated field wells of a box plot." + } + } + }, + "aws-native:quicksight:DashboardBoxPlotFillStyle": { + "type": "string" + }, + "aws-native:quicksight:DashboardBoxPlotOptions": { + "type": "object", + "properties": { + "allDataPointsVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines the visibility of all data points of the box plot." + }, + "outlierVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines the visibility of the outlier in a box plot." + }, + "styleOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardBoxPlotStyleOptions", + "description": "The style options of the box plot." + } + } + }, + "aws-native:quicksight:DashboardBoxPlotSortConfiguration": { + "type": "object", + "properties": { + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of a group by fields." + }, + "paginationConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardPaginationConfiguration", + "description": "The pagination configuration of a table visual or box plot." + } + } + }, + "aws-native:quicksight:DashboardBoxPlotStyleOptions": { + "type": "object", + "properties": { + "fillStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardBoxPlotFillStyle", + "description": "The fill styles (solid, transparent) of the box plot." + } + } + }, + "aws-native:quicksight:DashboardBoxPlotVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardBoxPlotChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:DashboardCalculatedField": { + "type": "object", + "properties": { + "dataSetIdentifier": { + "type": "string", + "description": "The data set that is used in this calculated field." + }, + "expression": { + "type": "string", + "description": "The expression of the calculated field." + }, + "name": { + "type": "string", + "description": "The name of the calculated field." + } + } + }, + "aws-native:quicksight:DashboardCalculatedMeasureField": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "The expression in the table calculation." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + } + } + }, + "aws-native:quicksight:DashboardCascadingControlConfiguration": { + "type": "object", + "properties": { + "sourceControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardCascadingControlSource" + }, + "description": "A list of source controls that determine the values that are used in the current control." + } + } + }, + "aws-native:quicksight:DashboardCascadingControlSource": { + "type": "object", + "properties": { + "columnToMatch": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column identifier that determines which column to look up for the source sheet control." + }, + "sourceSheetControlId": { + "type": "string", + "description": "The source sheet control ID of a `CascadingControlSource` ." + } + } + }, + "aws-native:quicksight:DashboardCategoricalAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:DashboardCategoricalDimensionField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that is used in the `CategoricalDimensionField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardStringFormatConfiguration", + "description": "The format configuration of the field." + }, + "hierarchyId": { + "type": "string", + "description": "The custom hierarchy ID." + } + } + }, + "aws-native:quicksight:DashboardCategoricalMeasureField": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoricalAggregationFunction", + "description": "The aggregation function of the measure field." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that is used in the `CategoricalMeasureField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardStringFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:DashboardCategoryDrillDownFilter": { + "type": "object", + "properties": { + "categoryValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the string inputs that are the values of the category drill down filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the filter is applied to." + } + } + }, + "aws-native:quicksight:DashboardCategoryFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "configuration": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoryFilterConfiguration", + "description": "The configuration for a `CategoryFilter` ." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + } + } + }, + "aws-native:quicksight:DashboardCategoryFilterConfiguration": { + "type": "object", + "properties": { + "customFilterConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomFilterConfiguration", + "description": "A custom filter that filters based on a single value. This filter can be partially matched." + }, + "customFilterListConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomFilterListConfiguration", + "description": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list." + }, + "filterListConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterListConfiguration", + "description": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list." + } + } + }, + "aws-native:quicksight:DashboardCategoryFilterMatchOperator": { + "type": "string" + }, + "aws-native:quicksight:DashboardCategoryFilterSelectAllOptions": { + "type": "string" + }, + "aws-native:quicksight:DashboardChartAxisLabelOptions": { + "type": "object", + "properties": { + "axisLabelOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisLabelOptions" + }, + "description": "The label options for a chart axis." + }, + "sortIconVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility configuration of the sort icon on a chart's axis label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis." + } + } + }, + "aws-native:quicksight:DashboardClusterMarker": { + "type": "object", + "properties": { + "simpleClusterMarker": { + "$ref": "#/types/aws-native:quicksight:DashboardSimpleClusterMarker", + "description": "The simple cluster marker of the cluster marker." + } + } + }, + "aws-native:quicksight:DashboardClusterMarkerConfiguration": { + "type": "object", + "properties": { + "clusterMarker": { + "$ref": "#/types/aws-native:quicksight:DashboardClusterMarker", + "description": "The cluster marker that is a part of the cluster marker configuration." + } + } + }, + "aws-native:quicksight:DashboardColorFillType": { + "type": "string" + }, + "aws-native:quicksight:DashboardColorScale": { + "type": "object", + "properties": { + "colorFillType": { + "$ref": "#/types/aws-native:quicksight:DashboardColorFillType", + "description": "Determines the color fill type." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDataColor" + }, + "description": "Determines the list of colors that are applied to the visual." + }, + "nullValueColor": { + "$ref": "#/types/aws-native:quicksight:DashboardDataColor", + "description": "Determines the color that is applied to null values." + } + } + }, + "aws-native:quicksight:DashboardColorsConfiguration": { + "type": "object", + "properties": { + "customColors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomColor" + }, + "description": "A list of up to 50 custom colors." + } + } + }, + "aws-native:quicksight:DashboardColumnConfiguration": { + "type": "object", + "properties": { + "colorsConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardColorsConfiguration", + "description": "The color configurations of the column." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFormatConfiguration", + "description": "The format configuration of a column." + }, + "role": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnRole", + "description": "The role of the column." + } + } + }, + "aws-native:quicksight:DashboardColumnHierarchy": { + "type": "object", + "properties": { + "dateTimeHierarchy": { + "$ref": "#/types/aws-native:quicksight:DashboardDateTimeHierarchy", + "description": "The option that determines the hierarchy of any `DateTime` fields." + }, + "explicitHierarchy": { + "$ref": "#/types/aws-native:quicksight:DashboardExplicitHierarchy", + "description": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals." + }, + "predefinedHierarchy": { + "$ref": "#/types/aws-native:quicksight:DashboardPredefinedHierarchy", + "description": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source." + } + } + }, + "aws-native:quicksight:DashboardColumnIdentifier": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "The name of the column." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The data set that the column belongs to." + } + } + }, + "aws-native:quicksight:DashboardColumnRole": { + "type": "string" + }, + "aws-native:quicksight:DashboardColumnSort": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardAggregationFunction", + "description": "The aggregation function that is defined in the column sort." + }, + "direction": { + "$ref": "#/types/aws-native:quicksight:DashboardSortDirection", + "description": "The sort direction." + }, + "sortBy": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier" + } + } + }, + "aws-native:quicksight:DashboardColumnTooltipItem": { + "type": "object", + "properties": { + "aggregation": { + "$ref": "#/types/aws-native:quicksight:DashboardAggregationFunction", + "description": "The aggregation function of the column tooltip item." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The target column of the tooltip item." + }, + "label": { + "type": "string", + "description": "The label of the tooltip item." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the tooltip item." + } + } + }, + "aws-native:quicksight:DashboardComboChartAggregatedFieldWells": { + "type": "object", + "properties": { + "barValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The aggregated `BarValues` field well of a combo chart." + }, + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The aggregated category field wells of a combo chart." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The aggregated colors field well of a combo chart." + }, + "lineValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The aggregated `LineValues` field well of a combo chart." + } + } + }, + "aws-native:quicksight:DashboardComboChartConfiguration": { + "type": "object", + "properties": { + "barDataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart." + }, + "barsArrangement": { + "$ref": "#/types/aws-native:quicksight:DashboardBarsArrangement", + "description": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error." + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The category axis of a combo chart." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well." + }, + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardComboChartFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions", + "description": "The legend display setup of the visual." + }, + "lineDataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart." + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLine" + }, + "description": "The reference line setup of the visual." + }, + "secondaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well." + }, + "secondaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardComboChartSortConfiguration", + "description": "The sort configuration of a `ComboChartVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The legend display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:DashboardComboChartFieldWells": { + "type": "object", + "properties": { + "comboChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardComboChartAggregatedFieldWells", + "description": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category." + } + } + }, + "aws-native:quicksight:DashboardComboChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The item limit configuration for the category field well of a combo chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the category field well in a combo chart." + }, + "colorItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The item limit configuration of the color field well in a combo chart." + }, + "colorSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the color field well in a combo chart." + } + } + }, + "aws-native:quicksight:DashboardComboChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardComboChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardComparisonConfiguration": { + "type": "object", + "properties": { + "comparisonFormat": { + "$ref": "#/types/aws-native:quicksight:DashboardComparisonFormatConfiguration", + "description": "The format of the comparison." + }, + "comparisonMethod": { + "$ref": "#/types/aws-native:quicksight:DashboardComparisonMethod", + "description": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`" + } + } + }, + "aws-native:quicksight:DashboardComparisonFormatConfiguration": { + "type": "object", + "properties": { + "numberDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumberDisplayFormatConfiguration", + "description": "The number display format." + }, + "percentageDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardPercentageDisplayFormatConfiguration", + "description": "The percentage display format." + } + } + }, + "aws-native:quicksight:DashboardComparisonMethod": { + "type": "string" + }, + "aws-native:quicksight:DashboardComputation": { + "type": "object", + "properties": { + "forecast": { + "$ref": "#/types/aws-native:quicksight:DashboardForecastComputation", + "description": "The forecast computation configuration." + }, + "growthRate": { + "$ref": "#/types/aws-native:quicksight:DashboardGrowthRateComputation", + "description": "The growth rate computation configuration." + }, + "maximumMinimum": { + "$ref": "#/types/aws-native:quicksight:DashboardMaximumMinimumComputation", + "description": "The maximum and minimum computation configuration." + }, + "metricComparison": { + "$ref": "#/types/aws-native:quicksight:DashboardMetricComparisonComputation", + "description": "The metric comparison computation configuration." + }, + "periodOverPeriod": { + "$ref": "#/types/aws-native:quicksight:DashboardPeriodOverPeriodComputation", + "description": "The period over period computation configuration." + }, + "periodToDate": { + "$ref": "#/types/aws-native:quicksight:DashboardPeriodToDateComputation", + "description": "The period to `DataSetIdentifier` computation configuration." + }, + "topBottomMovers": { + "$ref": "#/types/aws-native:quicksight:DashboardTopBottomMoversComputation", + "description": "The top movers and bottom movers computation configuration." + }, + "topBottomRanked": { + "$ref": "#/types/aws-native:quicksight:DashboardTopBottomRankedComputation", + "description": "The top ranked and bottom ranked computation configuration." + }, + "totalAggregation": { + "$ref": "#/types/aws-native:quicksight:DashboardTotalAggregationComputation", + "description": "The total aggregation computation configuration." + }, + "uniqueValues": { + "$ref": "#/types/aws-native:quicksight:DashboardUniqueValuesComputation", + "description": "The unique values computation configuration." + } + } + }, + "aws-native:quicksight:DashboardConditionalFormattingColor": { + "type": "object", + "properties": { + "gradient": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingGradientColor", + "description": "Formatting configuration for gradient color." + }, + "solid": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingSolidColor", + "description": "Formatting configuration for solid color." + } + } + }, + "aws-native:quicksight:DashboardConditionalFormattingCustomIconCondition": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "Determines the color of the icon." + }, + "displayConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingIconDisplayConfiguration", + "description": "Determines the icon display configuration." + }, + "expression": { + "type": "string", + "description": "The expression that determines the condition of the icon set." + }, + "iconOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingCustomIconOptions", + "description": "Custom icon options for an icon set." + } + } + }, + "aws-native:quicksight:DashboardConditionalFormattingCustomIconOptions": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:DashboardIcon", + "description": "Determines the type of icon." + }, + "unicodeIcon": { + "type": "string", + "description": "Determines the Unicode icon type." + } + } + }, + "aws-native:quicksight:DashboardConditionalFormattingGradientColor": { + "type": "object", + "properties": { + "color": { + "$ref": "#/types/aws-native:quicksight:DashboardGradientColor", + "description": "Determines the color." + }, + "expression": { + "type": "string", + "description": "The expression that determines the formatting configuration for gradient color." + } + } + }, + "aws-native:quicksight:DashboardConditionalFormattingIcon": { + "type": "object", + "properties": { + "customCondition": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingCustomIconCondition", + "description": "Determines the custom condition for an icon set." + }, + "iconSet": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingIconSet", + "description": "Formatting configuration for icon set." + } + } + }, + "aws-native:quicksight:DashboardConditionalFormattingIconDisplayConfiguration": { + "type": "object", + "properties": { + "iconDisplayOption": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingIconDisplayOption", + "description": "Determines the icon display configuration." + } + } + }, + "aws-native:quicksight:DashboardConditionalFormattingIconDisplayOption": { + "type": "string" + }, + "aws-native:quicksight:DashboardConditionalFormattingIconSet": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "The expression that determines the formatting configuration for the icon set." + }, + "iconSetType": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingIconSetType", + "description": "Determines the icon set type." + } + } + }, + "aws-native:quicksight:DashboardConditionalFormattingIconSetType": { + "type": "string" + }, + "aws-native:quicksight:DashboardConditionalFormattingSolidColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "Determines the color." + }, + "expression": { + "type": "string", + "description": "The expression that determines the formatting configuration for solid color." + } + } + }, + "aws-native:quicksight:DashboardContributionAnalysisDefault": { + "type": "object", + "properties": { + "contributorDimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier" + }, + "description": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` ." + }, + "measureFieldId": { + "type": "string", + "description": "The measure field that is used in the contribution analysis." + } + } + }, + "aws-native:quicksight:DashboardCrossDatasetTypes": { + "type": "string" + }, + "aws-native:quicksight:DashboardCurrencyDisplayFormatConfiguration": { + "type": "object", + "properties": { + "decimalPlacesConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDecimalPlacesConfiguration", + "description": "The option that determines the decimal places configuration." + }, + "negativeValueConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNegativeValueConfiguration", + "description": "The options that determine the negative value configuration." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numberScale": { + "$ref": "#/types/aws-native:quicksight:DashboardNumberScale", + "description": "Determines the number scale value for the currency format." + }, + "prefix": { + "type": "string", + "description": "Determines the prefix value of the currency format." + }, + "separatorConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericSeparatorConfiguration", + "description": "The options that determine the numeric separator configuration." + }, + "suffix": { + "type": "string", + "description": "Determines the suffix value of the currency format." + }, + "symbol": { + "type": "string", + "description": "Determines the symbol for the currency format." + } + } + }, + "aws-native:quicksight:DashboardCustomActionFilterOperation": { + "type": "object", + "properties": { + "selectedFieldsConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterOperationSelectedFieldsConfiguration", + "description": "The configuration that chooses the fields to be filtered." + }, + "targetVisualsConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterOperationTargetVisualsConfiguration", + "description": "The configuration that chooses the target visuals to be filtered." + } + } + }, + "aws-native:quicksight:DashboardCustomActionNavigationOperation": { + "type": "object", + "properties": { + "localNavigationConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardLocalNavigationConfiguration", + "description": "The configuration that chooses the navigation target." + } + } + }, + "aws-native:quicksight:DashboardCustomActionSetParametersOperation": { + "type": "object", + "properties": { + "parameterValueConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardSetParameterValueConfiguration" + }, + "description": "The parameter that determines the value configuration." + } + } + }, + "aws-native:quicksight:DashboardCustomActionUrlOperation": { + "type": "object", + "properties": { + "urlTarget": { + "$ref": "#/types/aws-native:quicksight:DashboardUrlTargetConfiguration", + "description": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab." + }, + "urlTemplate": { + "type": "string", + "description": "THe URL link of the `CustomActionURLOperation` ." + } + }, + "irreversibleNames": { + "urlTarget": "URLTarget", + "urlTemplate": "URLTemplate" + } + }, + "aws-native:quicksight:DashboardCustomColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color that is applied to the data value." + }, + "fieldValue": { + "type": "string", + "description": "The data value that the color is applied to." + }, + "specialValue": { + "$ref": "#/types/aws-native:quicksight:DashboardSpecialValue", + "description": "The value of a special data value." + } + } + }, + "aws-native:quicksight:DashboardCustomContentConfiguration": { + "type": "object", + "properties": { + "contentType": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomContentType", + "description": "The content type of the custom content visual. You can use this to have the visual render as an image." + }, + "contentUrl": { + "type": "string", + "description": "The input URL that links to the custom content that you want in the custom visual." + }, + "imageScaling": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomContentImageScalingConfiguration", + "description": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` ." + } + } + }, + "aws-native:quicksight:DashboardCustomContentImageScalingConfiguration": { + "type": "string" + }, + "aws-native:quicksight:DashboardCustomContentType": { + "type": "string" + }, + "aws-native:quicksight:DashboardCustomContentVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomContentConfiguration", + "description": "The configuration of a `CustomContentVisual` ." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardCustomFilterConfiguration": { + "type": "object", + "properties": { + "categoryValue": { + "type": "string", + "description": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` ." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoryFilterMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` ." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoryFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:DashboardCustomFilterListConfiguration": { + "type": "object", + "properties": { + "categoryValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of category values for the filter." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoryFilterMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoryFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:DashboardCustomNarrativeOptions": { + "type": "object", + "properties": { + "narrative": { + "type": "string", + "description": "The string input of custom narrative." + } + } + }, + "aws-native:quicksight:DashboardCustomParameterValues": { + "type": "object", + "properties": { + "dateTimeValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of datetime-type parameter values." + }, + "decimalValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "A list of decimal-type parameter values." + }, + "integerValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "A list of integer-type parameter values." + }, + "stringValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of string-type parameter values." + } + } + }, + "aws-native:quicksight:DashboardCustomValuesConfiguration": { + "type": "object", + "properties": { + "customValues": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomParameterValues" + }, + "includeNullValue": { + "type": "boolean", + "description": "Includes the null value in custom action parameter values." + } + } + }, + "aws-native:quicksight:DashboardDataBarsOptions": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID for the data bars options." + }, + "negativeColor": { + "type": "string", + "description": "The color of the negative data bar." + }, + "positiveColor": { + "type": "string", + "description": "The color of the positive data bar." + } + } + }, + "aws-native:quicksight:DashboardDataColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color that is applied to the data value." + }, + "dataValue": { + "type": "number", + "description": "The data value that the color is applied to." + } + } + }, + "aws-native:quicksight:DashboardDataFieldSeriesItem": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisBinding", + "description": "The axis that you are binding the field to." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the field that you are setting the axis binding to." + }, + "fieldValue": { + "type": "string", + "description": "The field value of the field that you are setting the axis binding to." + }, + "settings": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartSeriesSettings", + "description": "The options that determine the presentation of line series associated to the field." + } + } + }, + "aws-native:quicksight:DashboardDataLabelContent": { + "type": "string" + }, + "aws-native:quicksight:DashboardDataLabelOptions": { + "type": "object", + "properties": { + "categoryLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines the visibility of the category field labels." + }, + "dataLabelTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelType" + }, + "description": "The option that determines the data label type." + }, + "labelColor": { + "type": "string", + "description": "Determines the color of the data labels." + }, + "labelContent": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelContent", + "description": "Determines the content of the data labels." + }, + "labelFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontConfiguration", + "description": "Determines the font configuration of the data labels." + }, + "measureLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines the visibility of the measure field labels." + }, + "overlap": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOverlap", + "description": "Determines whether overlap is enabled or disabled for the data labels." + }, + "position": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelPosition", + "description": "Determines the position of the data labels." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines the visibility of the total." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines the visibility of the data labels." + } + } + }, + "aws-native:quicksight:DashboardDataLabelOverlap": { + "type": "string" + }, + "aws-native:quicksight:DashboardDataLabelPosition": { + "type": "string" + }, + "aws-native:quicksight:DashboardDataLabelType": { + "type": "object", + "properties": { + "dataPathLabelType": { + "$ref": "#/types/aws-native:quicksight:DashboardDataPathLabelType", + "description": "The option that specifies individual data values for labels." + }, + "fieldLabelType": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldLabelType", + "description": "Determines the label configuration for the entire field." + }, + "maximumLabelType": { + "$ref": "#/types/aws-native:quicksight:DashboardMaximumLabelType", + "description": "Determines the label configuration for the maximum value in a visual." + }, + "minimumLabelType": { + "$ref": "#/types/aws-native:quicksight:DashboardMinimumLabelType", + "description": "Determines the label configuration for the minimum value in a visual." + }, + "rangeEndsLabelType": { + "$ref": "#/types/aws-native:quicksight:DashboardRangeEndsLabelType", + "description": "Determines the label configuration for range end value in a visual." + } + } + }, + "aws-native:quicksight:DashboardDataPathColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color that needs to be applied to the element." + }, + "element": { + "$ref": "#/types/aws-native:quicksight:DashboardDataPathValue", + "description": "The element that the color needs to be applied to." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeGranularity", + "description": "The time granularity of the field that the color needs to be applied to." + } + } + }, + "aws-native:quicksight:DashboardDataPathLabelType": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the field that the data label needs to be applied to." + }, + "fieldValue": { + "type": "string", + "description": "The actual value of the field that is labeled." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the data label." + } + } + }, + "aws-native:quicksight:DashboardDataPathSort": { + "type": "object", + "properties": { + "direction": { + "$ref": "#/types/aws-native:quicksight:DashboardSortDirection", + "description": "Determines the sort direction." + }, + "sortPaths": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDataPathValue" + }, + "description": "The list of data paths that need to be sorted." + } + } + }, + "aws-native:quicksight:DashboardDataPathType": { + "type": "object", + "properties": { + "pivotTableDataPathType": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableDataPathType", + "description": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` ." + } + } + }, + "aws-native:quicksight:DashboardDataPathValue": { + "type": "object", + "properties": { + "dataPathType": { + "$ref": "#/types/aws-native:quicksight:DashboardDataPathType", + "description": "The type configuration of the field." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the field that needs to be sorted." + }, + "fieldValue": { + "type": "string", + "description": "The actual value of the field that needs to be sorted." + } + } + }, + "aws-native:quicksight:DashboardDataPointDrillUpDownOption": { + "type": "object", + "properties": { + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardBehavior", + "description": "The status of the drill down options of data points." + } + } + }, + "aws-native:quicksight:DashboardDataPointMenuLabelOption": { + "type": "object", + "properties": { + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardBehavior", + "description": "The status of the data point menu options." + } + } + }, + "aws-native:quicksight:DashboardDataPointTooltipOption": { + "type": "object", + "properties": { + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardBehavior", + "description": "The status of the data point tool tip options." + } + } + }, + "aws-native:quicksight:DashboardDataSetIdentifierDeclaration": { + "type": "object", + "properties": { + "dataSetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the data set." + }, + "identifier": { + "type": "string", + "description": "The identifier of the data set, typically the data set's name." + } + } + }, + "aws-native:quicksight:DashboardDataSetReference": { + "type": "object", + "properties": { + "dataSetArn": { + "type": "string", + "description": "\u003cp\u003eDataset Amazon Resource Name (ARN).\u003c/p\u003e" + }, + "dataSetPlaceholder": { + "type": "string", + "description": "\u003cp\u003eDataset placeholder.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DashboardDateAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:DashboardDateAxisOptions": { + "type": "object", + "properties": { + "missingDateVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines whether or not missing dates are displayed." + } + } + }, + "aws-native:quicksight:DashboardDateDimensionField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that is used in the `DateDimensionField` ." + }, + "dateGranularity": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeGranularity", + "description": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`" + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDateTimeFormatConfiguration", + "description": "The format configuration of the field." + }, + "hierarchyId": { + "type": "string", + "description": "The custom hierarchy ID." + } + } + }, + "aws-native:quicksight:DashboardDateMeasureField": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardDateAggregationFunction", + "description": "The aggregation function of the measure field." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that is used in the `DateMeasureField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDateTimeFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:DashboardDateTimeDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:DashboardDynamicDefaultValue", + "description": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping." + }, + "rollingDate": { + "$ref": "#/types/aws-native:quicksight:DashboardRollingDateConfiguration", + "description": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression." + }, + "staticValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The static values of the `DataTimeDefaultValues` ." + } + } + }, + "aws-native:quicksight:DashboardDateTimeFormatConfiguration": { + "type": "object", + "properties": { + "dateTimeFormat": { + "type": "string", + "description": "Determines the `DateTime` format." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numericFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericFormatConfiguration", + "description": "The formatting configuration for numeric `DateTime` fields." + } + } + }, + "aws-native:quicksight:DashboardDateTimeHierarchy": { + "type": "object", + "properties": { + "drillDownFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDrillDownFilter" + }, + "description": "The option that determines the drill down filters for the `DateTime` hierarchy." + }, + "hierarchyId": { + "type": "string", + "description": "The hierarchy ID of the `DateTime` hierarchy." + } + } + }, + "aws-native:quicksight:DashboardDateTimeParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eA display name for the date-time parameter.\u003c/p\u003e" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe values for the date-time parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DashboardDateTimeParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:DashboardDateTimeDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:DashboardDateTimeValueWhenUnsetConfiguration", + "description": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set." + } + } + }, + "aws-native:quicksight:DashboardDateTimePickerControlDisplayOptions": { + "type": "object", + "properties": { + "dateTimeFormat": { + "type": "string", + "description": "Customize how dates are formatted in controls." + }, + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:DashboardDateTimeValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "string", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:DashboardValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:DashboardDayOfTheWeek": { + "type": "string" + }, + "aws-native:quicksight:DashboardDecimalDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:DashboardDynamicDefaultValue", + "description": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping." + }, + "staticValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "The static values of the `DecimalDefaultValues` ." + } + } + }, + "aws-native:quicksight:DashboardDecimalParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eA display name for the decimal parameter.\u003c/p\u003e" + }, + "values": { + "type": "array", + "items": { + "type": "number" + }, + "description": "\u003cp\u003eThe values for the decimal parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DashboardDecimalParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:DashboardDecimalDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "parameterValueType": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterValueType", + "description": "The value type determines whether the parameter is a single-value or multi-value parameter." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:DashboardDecimalValueWhenUnsetConfiguration", + "description": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set." + } + } + }, + "aws-native:quicksight:DashboardDecimalPlacesConfiguration": { + "type": "object", + "properties": { + "decimalPlaces": { + "type": "number", + "description": "The values of the decimal places." + } + } + }, + "aws-native:quicksight:DashboardDecimalValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "number", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:DashboardValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:DashboardDefaultDateTimePickerControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDateTimePickerControlDisplayOptions", + "description": "The display options of a control." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlDateTimePickerType", + "description": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range." + } + } + }, + "aws-native:quicksight:DashboardDefaultFilterControlConfiguration": { + "type": "object", + "properties": { + "controlOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultFilterControlOptions", + "description": "The control option for the `DefaultFilterControlConfiguration` ." + }, + "title": { + "type": "string", + "description": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter." + } + } + }, + "aws-native:quicksight:DashboardDefaultFilterControlOptions": { + "type": "object", + "properties": { + "defaultDateTimePickerOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultDateTimePickerControlOptions", + "description": "The default options that correspond to the filter control type of a `DateTimePicker` ." + }, + "defaultDropdownOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultFilterDropDownControlOptions", + "description": "The default options that correspond to the `Dropdown` filter control type." + }, + "defaultListOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultFilterListControlOptions", + "description": "The default options that correspond to the `List` filter control type." + }, + "defaultRelativeDateTimeOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultRelativeDateTimeControlOptions", + "description": "The default options that correspond to the `RelativeDateTime` filter control type." + }, + "defaultSliderOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultSliderControlOptions", + "description": "The default options that correspond to the `Slider` filter control type." + }, + "defaultTextAreaOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultTextAreaControlOptions", + "description": "The default options that correspond to the `TextArea` filter control type." + }, + "defaultTextFieldOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultTextFieldControlOptions", + "description": "The default options that correspond to the `TextField` filter control type." + } + } + }, + "aws-native:quicksight:DashboardDefaultFilterDropDownControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDropDownControlDisplayOptions", + "description": "The display options of a control." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlListType", + "description": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu." + } + } + }, + "aws-native:quicksight:DashboardDefaultFilterListControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardListControlDisplayOptions", + "description": "The display options of a control." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlListType", + "description": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list." + } + } + }, + "aws-native:quicksight:DashboardDefaultFreeFormLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardFreeFormLayoutCanvasSizeOptions", + "description": "Determines the screen canvas size options for a free-form layout." + } + } + }, + "aws-native:quicksight:DashboardDefaultGridLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardGridLayoutCanvasSizeOptions", + "description": "Determines the screen canvas size options for a grid layout." + } + } + }, + "aws-native:quicksight:DashboardDefaultInteractiveLayoutConfiguration": { + "type": "object", + "properties": { + "freeForm": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultFreeFormLayoutConfiguration", + "description": "The options that determine the default settings of a free-form layout configuration." + }, + "grid": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultGridLayoutConfiguration", + "description": "The options that determine the default settings for a grid layout configuration." + } + } + }, + "aws-native:quicksight:DashboardDefaultNewSheetConfiguration": { + "type": "object", + "properties": { + "interactiveLayoutConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultInteractiveLayoutConfiguration", + "description": "The options that determine the default settings for interactive layout configuration." + }, + "paginatedLayoutConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultPaginatedLayoutConfiguration", + "description": "The options that determine the default settings for a paginated layout configuration." + }, + "sheetContentType": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetContentType", + "description": "The option that determines the sheet content type." + } + } + }, + "aws-native:quicksight:DashboardDefaultPaginatedLayoutConfiguration": { + "type": "object", + "properties": { + "sectionBased": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultSectionBasedLayoutConfiguration", + "description": "The options that determine the default settings for a section-based layout configuration." + } + } + }, + "aws-native:quicksight:DashboardDefaultRelativeDateTimeControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardRelativeDateTimeControlDisplayOptions", + "description": "The display options of a control." + } + } + }, + "aws-native:quicksight:DashboardDefaultSectionBasedLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSectionBasedLayoutCanvasSizeOptions", + "description": "Determines the screen canvas size options for a section-based layout." + } + } + }, + "aws-native:quicksight:DashboardDefaultSliderControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSliderControlDisplayOptions", + "description": "The display options of a control." + }, + "maximumValue": { + "type": "number", + "description": "The larger value that is displayed at the right of the slider." + }, + "minimumValue": { + "type": "number", + "description": "The smaller value that is displayed at the left of the slider." + }, + "stepSize": { + "type": "number", + "description": "The number of increments that the slider bar is divided into." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlSliderType", + "description": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range." + } + } + }, + "aws-native:quicksight:DashboardDefaultTextAreaControlOptions": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "The delimiter that is used to separate the lines in text." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTextAreaControlDisplayOptions", + "description": "The display options of a control." + } + } + }, + "aws-native:quicksight:DashboardDefaultTextFieldControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTextFieldControlDisplayOptions", + "description": "The display options of a control." + } + } + }, + "aws-native:quicksight:DashboardDestinationParameterValueConfiguration": { + "type": "object", + "properties": { + "customValuesConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomValuesConfiguration", + "description": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` ." + }, + "selectAllValueOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSelectAllValueOptions", + "description": "The configuration that selects all options." + }, + "sourceColumn": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier" + }, + "sourceField": { + "type": "string", + "description": "The source field ID of the destination parameter." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the destination parameter." + } + } + }, + "aws-native:quicksight:DashboardDimensionField": { + "type": "object", + "properties": { + "categoricalDimensionField": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoricalDimensionField", + "description": "The dimension type field with categorical type columns." + }, + "dateDimensionField": { + "$ref": "#/types/aws-native:quicksight:DashboardDateDimensionField", + "description": "The dimension type field with date type columns." + }, + "numericalDimensionField": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericalDimensionField", + "description": "The dimension type field with numerical type columns." + } + } + }, + "aws-native:quicksight:DashboardDonutCenterOptions": { + "type": "object", + "properties": { + "labelVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` ." + } + } + }, + "aws-native:quicksight:DashboardDonutOptions": { + "type": "object", + "properties": { + "arcOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardArcOptions", + "description": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart" + }, + "donutCenterOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDonutCenterOptions", + "description": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts." + } + } + }, + "aws-native:quicksight:DashboardDrillDownFilter": { + "type": "object", + "properties": { + "categoryFilter": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoryDrillDownFilter", + "description": "The category type drill down filter. This filter is used for string type columns." + }, + "numericEqualityFilter": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericEqualityDrillDownFilter", + "description": "The numeric equality type drill down filter. This filter is used for number type columns." + }, + "timeRangeFilter": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeRangeDrillDownFilter", + "description": "The time range drill down filter. This filter is used for date time columns." + } + } + }, + "aws-native:quicksight:DashboardDropDownControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardListControlSelectAllOptions", + "description": "The configuration of the `Select all` options in a dropdown control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:DashboardDynamicDefaultValue": { + "type": "object", + "properties": { + "defaultValueColumn": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that contains the default value of each user or group." + }, + "groupNameColumn": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that contains the group name." + }, + "userNameColumn": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that contains the username." + } + } + }, + "aws-native:quicksight:DashboardEmptyVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The data set that is used in the empty visual. Every visual requires a dataset to render." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardEntity": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree." + } + } + }, + "aws-native:quicksight:DashboardError": { + "type": "object", + "properties": { + "message": { + "type": "string", + "description": "\u003cp\u003eMessage.\u003c/p\u003e" + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardErrorType", + "description": "Type." + }, + "violatedEntities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardEntity" + }, + "description": "\u003cp\u003eLists the violated entities that caused the dashboard error.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DashboardErrorType": { + "type": "string" + }, + "aws-native:quicksight:DashboardExcludePeriodConfiguration": { + "type": "object", + "properties": { + "amount": { + "type": "number", + "description": "The amount or number of the exclude period." + }, + "granularity": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeGranularity", + "description": "The granularity or unit (day, month, year) of the exclude period." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:DashboardWidgetStatus", + "description": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`" + } + } + }, + "aws-native:quicksight:DashboardExplicitHierarchy": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier" + }, + "description": "The list of columns that define the explicit hierarchy." + }, + "drillDownFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDrillDownFilter" + }, + "description": "The option that determines the drill down filters for the explicit hierarchy." + }, + "hierarchyId": { + "type": "string", + "description": "The hierarchy ID of the explicit hierarchy." + } + } + }, + "aws-native:quicksight:DashboardExportHiddenFieldsOption": { + "type": "object", + "properties": { + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardBehavior", + "description": "The status of the export hidden fields options of a dashbaord." + } + } + }, + "aws-native:quicksight:DashboardExportToCsvOption": { + "type": "object", + "properties": { + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardBehavior", + "description": "Availability status." + } + } + }, + "aws-native:quicksight:DashboardExportWithHiddenFieldsOption": { + "type": "object", + "properties": { + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardBehavior", + "description": "The status of the export with hidden fields options." + } + } + }, + "aws-native:quicksight:DashboardFieldBasedTooltip": { + "type": "object", + "properties": { + "aggregationVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of `Show aggregations` ." + }, + "tooltipFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipItem" + }, + "description": "The fields configuration in the tooltip." + }, + "tooltipTitleType": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipTitleType", + "description": "The type for the \u003etooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title." + } + } + }, + "aws-native:quicksight:DashboardFieldLabelType": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "Indicates the field that is targeted by the field label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the field label." + } + } + }, + "aws-native:quicksight:DashboardFieldSeriesItem": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisBinding", + "description": "The axis that you are binding the field to." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the field for which you are setting the axis binding." + }, + "settings": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartSeriesSettings", + "description": "The options that determine the presentation of line series associated to the field." + } + } + }, + "aws-native:quicksight:DashboardFieldSort": { + "type": "object", + "properties": { + "direction": { + "$ref": "#/types/aws-native:quicksight:DashboardSortDirection", + "description": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending" + }, + "fieldId": { + "type": "string", + "description": "The sort configuration target field." + } + } + }, + "aws-native:quicksight:DashboardFieldSortOptions": { + "type": "object", + "properties": { + "columnSort": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnSort", + "description": "The sort configuration for a column that is not used in a field well." + }, + "fieldSort": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSort", + "description": "The sort configuration for a field in a field well." + } + } + }, + "aws-native:quicksight:DashboardFieldTooltipItem": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The unique ID of the field that is targeted by the tooltip." + }, + "label": { + "type": "string", + "description": "The label of the tooltip item." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the tooltip item." + } + } + }, + "aws-native:quicksight:DashboardFilledMapAggregatedFieldWells": { + "type": "object", + "properties": { + "geospatial": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The aggregated location field well of the filled map. Values are grouped by location fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The aggregated color field well of a filled map. Values are aggregated based on location fields." + } + } + }, + "aws-native:quicksight:DashboardFilledMapConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFilledMapConditionalFormattingOption" + }, + "description": "Conditional formatting options of a `FilledMapVisual` ." + } + } + }, + "aws-native:quicksight:DashboardFilledMapConditionalFormattingOption": { + "type": "object", + "properties": { + "shape": { + "$ref": "#/types/aws-native:quicksight:DashboardFilledMapShapeConditionalFormatting", + "description": "The conditional formatting that determines the shape of the filled map." + } + } + }, + "aws-native:quicksight:DashboardFilledMapConfiguration": { + "type": "object", + "properties": { + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardFilledMapFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions", + "description": "The legend display setup of the visual." + }, + "mapStyleOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialMapStyleOptions", + "description": "The map style options of the filled map visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFilledMapSortConfiguration", + "description": "The sort configuration of a `FilledMapVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "windowOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialWindowOptions", + "description": "The window options of the filled map visual." + } + } + }, + "aws-native:quicksight:DashboardFilledMapFieldWells": { + "type": "object", + "properties": { + "filledMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardFilledMapAggregatedFieldWells", + "description": "The aggregated field well of the filled map." + } + } + }, + "aws-native:quicksight:DashboardFilledMapShapeConditionalFormatting": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the filled map shape." + }, + "format": { + "$ref": "#/types/aws-native:quicksight:DashboardShapeConditionalFormat", + "description": "The conditional formatting that determines the background color of a filled map's shape." + } + } + }, + "aws-native:quicksight:DashboardFilledMapSortConfiguration": { + "type": "object", + "properties": { + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the location fields." + } + } + }, + "aws-native:quicksight:DashboardFilledMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFilledMapConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:DashboardFilledMapConditionalFormatting", + "description": "The conditional formatting of a `FilledMapVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:DashboardFilter": { + "type": "object", + "properties": { + "categoryFilter": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoryFilter", + "description": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* ." + }, + "numericEqualityFilter": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericEqualityFilter", + "description": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value." + }, + "numericRangeFilter": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericRangeFilter", + "description": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range." + }, + "relativeDatesFilter": { + "$ref": "#/types/aws-native:quicksight:DashboardRelativeDatesFilter", + "description": "A `RelativeDatesFilter` filters date values that are relative to a given date." + }, + "timeEqualityFilter": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeEqualityFilter", + "description": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value." + }, + "timeRangeFilter": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeRangeFilter", + "description": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range." + }, + "topBottomFilter": { + "$ref": "#/types/aws-native:quicksight:DashboardTopBottomFilter", + "description": "A `TopBottomFilter` filters data to the top or bottom values for a given column." + } + } + }, + "aws-native:quicksight:DashboardFilterControl": { + "type": "object", + "properties": { + "crossSheet": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterCrossSheetControl", + "description": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet" + }, + "dateTimePicker": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterDateTimePickerControl", + "description": "A control from a date filter that is used to specify date and time." + }, + "dropdown": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterDropDownControl", + "description": "A control to display a dropdown list with buttons that are used to select a single value." + }, + "list": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterListControl", + "description": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values." + }, + "relativeDateTime": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterRelativeDateTimeControl", + "description": "A control from a date filter that is used to specify the relative date." + }, + "slider": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterSliderControl", + "description": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle." + }, + "textArea": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterTextAreaControl", + "description": "A control to display a text box that is used to enter multiple entries." + }, + "textField": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterTextFieldControl", + "description": "A control to display a text box that is used to enter a single entry." + } + } + }, + "aws-native:quicksight:DashboardFilterCrossSheetControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterCrossSheetControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterCrossSheetControl` ." + } + } + }, + "aws-native:quicksight:DashboardFilterDateTimePickerControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDateTimePickerControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterDateTimePickerControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterDateTimePickerControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterDateTimePickerControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlDateTimePickerType", + "description": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu." + } + } + }, + "aws-native:quicksight:DashboardFilterDropDownControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDropDownControlDisplayOptions", + "description": "The display options of the `FilterDropDownControl` ." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterDropDownControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterDropDownControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterDropDownControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlListType", + "description": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu." + } + } + }, + "aws-native:quicksight:DashboardFilterGroup": { + "type": "object", + "properties": { + "crossDataset": { + "$ref": "#/types/aws-native:quicksight:DashboardCrossDatasetTypes", + "description": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`" + }, + "filterGroupId": { + "type": "string", + "description": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis." + }, + "filters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFilter" + }, + "description": "The list of filters that are present in a `FilterGroup` ." + }, + "scopeConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterScopeConfiguration", + "description": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:DashboardWidgetStatus", + "description": "The status of the `FilterGroup` ." + } + } + }, + "aws-native:quicksight:DashboardFilterListConfiguration": { + "type": "object", + "properties": { + "categoryValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of category values for the filter." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoryFilterMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoryFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:DashboardFilterListControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardListControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterListControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterListControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterListControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlListType", + "description": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list." + } + } + }, + "aws-native:quicksight:DashboardFilterNullOption": { + "type": "string" + }, + "aws-native:quicksight:DashboardFilterOperationSelectedFieldsConfiguration": { + "type": "object", + "properties": { + "selectedColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier" + }, + "description": "\u003cp\u003eThe selected columns of a dataset.\u003c/p\u003e" + }, + "selectedFieldOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSelectedFieldOptions", + "description": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields." + }, + "selectedFields": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Chooses the fields that are filtered in `CustomActionFilterOperation` ." + } + } + }, + "aws-native:quicksight:DashboardFilterOperationTargetVisualsConfiguration": { + "type": "object", + "properties": { + "sameSheetTargetVisualConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardSameSheetTargetVisualConfiguration", + "description": "The configuration of the same-sheet target visuals that you want to be filtered." + } + } + }, + "aws-native:quicksight:DashboardFilterRelativeDateTimeControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardRelativeDateTimeControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterTextAreaControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterTextAreaControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterTextAreaControl` ." + } + } + }, + "aws-native:quicksight:DashboardFilterScopeConfiguration": { + "type": "object", + "properties": { + "allSheets": { + "$ref": "#/types/aws-native:quicksight:DashboardAllSheetsFilterScopeConfiguration", + "description": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen." + }, + "selectedSheets": { + "$ref": "#/types/aws-native:quicksight:DashboardSelectedSheetsFilterScopeConfiguration", + "description": "The configuration for applying a filter to specific sheets." + } + } + }, + "aws-native:quicksight:DashboardFilterSelectableValues": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The values that are used in the `FilterSelectableValues` ." + } + } + }, + "aws-native:quicksight:DashboardFilterSliderControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSliderControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterSliderControl` ." + }, + "maximumValue": { + "type": "number", + "description": "The larger value that is displayed at the right of the slider." + }, + "minimumValue": { + "type": "number", + "description": "The smaller value that is displayed at the left of the slider." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterSliderControl` ." + }, + "stepSize": { + "type": "number", + "description": "The number of increments that the slider bar is divided into." + }, + "title": { + "type": "string", + "description": "The title of the `FilterSliderControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlSliderType", + "description": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range." + } + } + }, + "aws-native:quicksight:DashboardFilterTextAreaControl": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "The delimiter that is used to separate the lines in text." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTextAreaControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterTextAreaControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterTextAreaControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterTextAreaControl` ." + } + } + }, + "aws-native:quicksight:DashboardFilterTextFieldControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTextFieldControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterTextFieldControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterTextFieldControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterTextFieldControl` ." + } + } + }, + "aws-native:quicksight:DashboardFilterVisualScope": { + "type": "string" + }, + "aws-native:quicksight:DashboardFontConfiguration": { + "type": "object", + "properties": { + "fontColor": { + "type": "string", + "description": "Determines the color of the text." + }, + "fontDecoration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontDecoration", + "description": "Determines the appearance of decorative lines on the text." + }, + "fontSize": { + "$ref": "#/types/aws-native:quicksight:DashboardFontSize", + "description": "The option that determines the text display size." + }, + "fontStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardFontStyle", + "description": "Determines the text display face that is inherited by the given font family." + }, + "fontWeight": { + "$ref": "#/types/aws-native:quicksight:DashboardFontWeight", + "description": "The option that determines the text display weight, or boldness." + } + } + }, + "aws-native:quicksight:DashboardFontDecoration": { + "type": "string" + }, + "aws-native:quicksight:DashboardFontSize": { + "type": "object", + "properties": { + "relative": { + "$ref": "#/types/aws-native:quicksight:DashboardRelativeFontSize", + "description": "The lexical name for the text size, proportional to its surrounding context." + } + } + }, + "aws-native:quicksight:DashboardFontStyle": { + "type": "string" + }, + "aws-native:quicksight:DashboardFontWeight": { + "type": "object", + "properties": { + "name": { + "$ref": "#/types/aws-native:quicksight:DashboardFontWeightName", + "description": "The lexical name for the level of boldness of the text display." + } + } + }, + "aws-native:quicksight:DashboardFontWeightName": { + "type": "string" + }, + "aws-native:quicksight:DashboardForecastComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "customSeasonalityValue": { + "type": "number", + "description": "The custom seasonality value setup of a forecast computation." + }, + "lowerBoundary": { + "type": "number", + "description": "The lower boundary setup of a forecast computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "periodsBackward": { + "type": "number", + "description": "The periods backward setup of a forecast computation." + }, + "periodsForward": { + "type": "number", + "description": "The periods forward setup of a forecast computation." + }, + "predictionInterval": { + "type": "number", + "description": "The prediction interval setup of a forecast computation." + }, + "seasonality": { + "$ref": "#/types/aws-native:quicksight:DashboardForecastComputationSeasonality", + "description": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField", + "description": "The time field that is used in a computation." + }, + "upperBoundary": { + "type": "number", + "description": "The upper boundary setup of a forecast computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:DashboardForecastComputationSeasonality": { + "type": "string" + }, + "aws-native:quicksight:DashboardForecastConfiguration": { + "type": "object", + "properties": { + "forecastProperties": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeBasedForecastProperties", + "description": "The forecast properties setup of a forecast in the line chart." + }, + "scenario": { + "$ref": "#/types/aws-native:quicksight:DashboardForecastScenario", + "description": "The forecast scenario of a forecast in the line chart." + } + } + }, + "aws-native:quicksight:DashboardForecastScenario": { + "type": "object", + "properties": { + "whatIfPointScenario": { + "$ref": "#/types/aws-native:quicksight:DashboardWhatIfPointScenario", + "description": "The what-if analysis forecast setup with the target date." + }, + "whatIfRangeScenario": { + "$ref": "#/types/aws-native:quicksight:DashboardWhatIfRangeScenario", + "description": "The what-if analysis forecast setup with the date range." + } + } + }, + "aws-native:quicksight:DashboardFormatConfiguration": { + "type": "object", + "properties": { + "dateTimeFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDateTimeFormatConfiguration", + "description": "Formatting configuration for `DateTime` fields." + }, + "numberFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumberFormatConfiguration", + "description": "Formatting configuration for number fields." + }, + "stringFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardStringFormatConfiguration", + "description": "Formatting configuration for string fields." + } + } + }, + "aws-native:quicksight:DashboardFreeFormLayoutCanvasSizeOptions": { + "type": "object", + "properties": { + "screenCanvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardFreeFormLayoutScreenCanvasSizeOptions", + "description": "The options that determine the sizing of the canvas used in a free-form layout." + } + } + }, + "aws-native:quicksight:DashboardFreeFormLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardFreeFormLayoutCanvasSizeOptions" + }, + "elements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFreeFormLayoutElement" + }, + "description": "The elements that are included in a free-form layout." + } + } + }, + "aws-native:quicksight:DashboardFreeFormLayoutElement": { + "type": "object", + "properties": { + "backgroundStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardFreeFormLayoutElementBackgroundStyle", + "description": "The background style configuration of a free-form layout element." + }, + "borderStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardFreeFormLayoutElementBorderStyle", + "description": "The border style configuration of a free-form layout element." + }, + "elementId": { + "type": "string", + "description": "A unique identifier for an element within a free-form layout." + }, + "elementType": { + "$ref": "#/types/aws-native:quicksight:DashboardLayoutElementType", + "description": "The type of element." + }, + "height": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "loadingAnimation": { + "$ref": "#/types/aws-native:quicksight:DashboardLoadingAnimation", + "description": "The loading animation configuration of a free-form layout element." + }, + "renderingRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetElementRenderingRule" + }, + "description": "The rendering rules that determine when an element should be displayed within a free-form layout." + }, + "selectedBorderStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardFreeFormLayoutElementBorderStyle", + "description": "The border style configuration of a free-form layout element. This border style is used when the element is selected." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of an element within a free-form layout." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "xAxisLocation": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "yAxisLocation": { + "type": "string", + "description": "String based length that is composed of value and unit in px with Integer.MAX_VALUE as maximum value" + } + } + }, + "aws-native:quicksight:DashboardFreeFormLayoutElementBackgroundStyle": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The background color of a free-form layout element." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The background visibility of a free-form layout element." + } + } + }, + "aws-native:quicksight:DashboardFreeFormLayoutElementBorderStyle": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The border color of a free-form layout element." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The border visibility of a free-form layout element." + } + } + }, + "aws-native:quicksight:DashboardFreeFormLayoutScreenCanvasSizeOptions": { + "type": "object", + "properties": { + "optimizedViewPortWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:DashboardFreeFormSectionLayoutConfiguration": { + "type": "object", + "properties": { + "elements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFreeFormLayoutElement" + }, + "description": "The elements that are included in the free-form layout." + } + } + }, + "aws-native:quicksight:DashboardFunnelChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The category field wells of a funnel chart. Values are grouped by category fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The value field wells of a funnel chart. Values are aggregated based on categories." + } + } + }, + "aws-native:quicksight:DashboardFunnelChartConfiguration": { + "type": "object", + "properties": { + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options of the categories that are displayed in a `FunnelChartVisual` ." + }, + "dataLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardFunnelChartDataLabelOptions", + "description": "The options that determine the presentation of the data labels." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardFunnelChartFieldWells", + "description": "The field well configuration of a `FunnelChartVisual` ." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFunnelChartSortConfiguration", + "description": "The sort configuration of a `FunnelChartVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The tooltip configuration of a `FunnelChartVisual` ." + }, + "valueLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options for the values that are displayed in a `FunnelChartVisual` ." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette", + "description": "The visual palette configuration of a `FunnelChartVisual` ." + } + } + }, + "aws-native:quicksight:DashboardFunnelChartDataLabelOptions": { + "type": "object", + "properties": { + "categoryLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the category labels within the data labels." + }, + "labelColor": { + "type": "string", + "description": "The color of the data label text." + }, + "labelFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontConfiguration", + "description": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels." + }, + "measureDataLabelStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardFunnelChartMeasureDataLabelStyle", + "description": "Determines the style of the metric labels." + }, + "measureLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the measure labels within the data labels." + }, + "position": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelPosition", + "description": "Determines the positioning of the data label relative to a section of the funnel." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility option that determines if data labels are displayed." + } + } + }, + "aws-native:quicksight:DashboardFunnelChartFieldWells": { + "type": "object", + "properties": { + "funnelChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardFunnelChartAggregatedFieldWells", + "description": "The field well configuration of a `FunnelChartVisual` ." + } + } + }, + "aws-native:quicksight:DashboardFunnelChartMeasureDataLabelStyle": { + "type": "string" + }, + "aws-native:quicksight:DashboardFunnelChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of categories displayed." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + } + } + }, + "aws-native:quicksight:DashboardFunnelChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFunnelChartConfiguration", + "description": "The configuration of a `FunnelChartVisual` ." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:DashboardGaugeChartArcConditionalFormatting": { + "type": "object", + "properties": { + "foregroundColor": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingColor", + "description": "The conditional formatting of the arc foreground color." + } + } + }, + "aws-native:quicksight:DashboardGaugeChartConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardGaugeChartConditionalFormattingOption" + }, + "description": "Conditional formatting options of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:DashboardGaugeChartConditionalFormattingOption": { + "type": "object", + "properties": { + "arc": { + "$ref": "#/types/aws-native:quicksight:DashboardGaugeChartArcConditionalFormatting", + "description": "The options that determine the presentation of the arc of a `GaugeChartVisual` ." + }, + "primaryValue": { + "$ref": "#/types/aws-native:quicksight:DashboardGaugeChartPrimaryValueConditionalFormatting", + "description": "The conditional formatting for the primary value of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:DashboardGaugeChartConfiguration": { + "type": "object", + "properties": { + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The data label configuration of a `GaugeChartVisual` ." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardGaugeChartFieldWells", + "description": "The field well configuration of a `GaugeChartVisual` ." + }, + "gaugeChartOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardGaugeChartOptions", + "description": "The options that determine the presentation of the `GaugeChartVisual` ." + }, + "tooltipOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The tooltip configuration of a `GaugeChartVisual` ." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette", + "description": "The visual palette configuration of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:DashboardGaugeChartFieldWells": { + "type": "object", + "properties": { + "targetValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The target value field wells of a `GaugeChartVisual` ." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The value field wells of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:DashboardGaugeChartOptions": { + "type": "object", + "properties": { + "arc": { + "$ref": "#/types/aws-native:quicksight:DashboardArcConfiguration", + "description": "The arc configuration of a `GaugeChartVisual` ." + }, + "arcAxis": { + "$ref": "#/types/aws-native:quicksight:DashboardArcAxisConfiguration", + "description": "The arc axis configuration of a `GaugeChartVisual` ." + }, + "comparison": { + "$ref": "#/types/aws-native:quicksight:DashboardComparisonConfiguration", + "description": "The comparison configuration of a `GaugeChartVisual` ." + }, + "primaryValueDisplayType": { + "$ref": "#/types/aws-native:quicksight:DashboardPrimaryValueDisplayType", + "description": "The options that determine the primary value display type." + }, + "primaryValueFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontConfiguration", + "description": "The options that determine the primary value font configuration." + } + } + }, + "aws-native:quicksight:DashboardGaugeChartPrimaryValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingIcon", + "description": "The conditional formatting of the primary value icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingColor", + "description": "The conditional formatting of the primary value text color." + } + } + }, + "aws-native:quicksight:DashboardGaugeChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardGaugeChartConfiguration", + "description": "The configuration of a `GaugeChartVisual` ." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:DashboardGaugeChartConditionalFormatting", + "description": "The conditional formatting of a `GaugeChartVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardGeospatialCoordinateBounds": { + "type": "object", + "properties": { + "east": { + "type": "number", + "description": "The longitude of the east bound of the geospatial coordinate bounds." + }, + "north": { + "type": "number", + "description": "The latitude of the north bound of the geospatial coordinate bounds." + }, + "south": { + "type": "number", + "description": "The latitude of the south bound of the geospatial coordinate bounds." + }, + "west": { + "type": "number", + "description": "The longitude of the west bound of the geospatial coordinate bounds." + } + } + }, + "aws-native:quicksight:DashboardGeospatialHeatmapColorScale": { + "type": "object", + "properties": { + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialHeatmapDataColor" + }, + "description": "The list of colors to be used in heatmap point style." + } + } + }, + "aws-native:quicksight:DashboardGeospatialHeatmapConfiguration": { + "type": "object", + "properties": { + "heatmapColor": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialHeatmapColorScale", + "description": "The color scale specification for the heatmap point style." + } + } + }, + "aws-native:quicksight:DashboardGeospatialHeatmapDataColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The hex color to be used in the heatmap point style." + } + } + }, + "aws-native:quicksight:DashboardGeospatialMapAggregatedFieldWells": { + "type": "object", + "properties": { + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The color field wells of a geospatial map." + }, + "geospatial": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields." + } + } + }, + "aws-native:quicksight:DashboardGeospatialMapConfiguration": { + "type": "object", + "properties": { + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialMapFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions", + "description": "The legend display setup of the visual." + }, + "mapStyleOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialMapStyleOptions", + "description": "The map style options of the geospatial map." + }, + "pointStyleOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialPointStyleOptions", + "description": "The point style options of the geospatial map." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette" + }, + "windowOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialWindowOptions", + "description": "The window options of the geospatial map." + } + } + }, + "aws-native:quicksight:DashboardGeospatialMapFieldWells": { + "type": "object", + "properties": { + "geospatialMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialMapAggregatedFieldWells", + "description": "The aggregated field well for a geospatial map." + } + } + }, + "aws-native:quicksight:DashboardGeospatialMapStyleOptions": { + "type": "object", + "properties": { + "baseMapStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardBaseMapStyleType", + "description": "The base map style of the geospatial map." + } + } + }, + "aws-native:quicksight:DashboardGeospatialMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialMapConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:DashboardGeospatialPointStyleOptions": { + "type": "object", + "properties": { + "clusterMarkerConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardClusterMarkerConfiguration", + "description": "The cluster marker configuration of the geospatial point style." + }, + "heatmapConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialHeatmapConfiguration", + "description": "The heatmap configuration of the geospatial point style." + }, + "selectedPointStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialSelectedPointStyle", + "description": "The selected point styles (point, cluster) of the geospatial map." + } + } + }, + "aws-native:quicksight:DashboardGeospatialSelectedPointStyle": { + "type": "string" + }, + "aws-native:quicksight:DashboardGeospatialWindowOptions": { + "type": "object", + "properties": { + "bounds": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialCoordinateBounds", + "description": "The bounds options (north, south, west, east) of the geospatial window options." + }, + "mapZoomMode": { + "$ref": "#/types/aws-native:quicksight:DashboardMapZoomMode", + "description": "The map zoom modes (manual, auto) of the geospatial window options." + } + } + }, + "aws-native:quicksight:DashboardGlobalTableBorderOptions": { + "type": "object", + "properties": { + "sideSpecificBorder": { + "$ref": "#/types/aws-native:quicksight:DashboardTableSideBorderOptions", + "description": "Determines the options for side specific border." + }, + "uniformBorder": { + "$ref": "#/types/aws-native:quicksight:DashboardTableBorderOptions", + "description": "Determines the options for uniform border." + } + } + }, + "aws-native:quicksight:DashboardGradientColor": { + "type": "object", + "properties": { + "stops": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardGradientStop" + }, + "description": "The list of gradient color stops." + } + } + }, + "aws-native:quicksight:DashboardGradientStop": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "Determines the color." + }, + "dataValue": { + "type": "number", + "description": "Determines the data value." + }, + "gradientOffset": { + "type": "number", + "description": "Determines gradient offset value." + } + } + }, + "aws-native:quicksight:DashboardGridLayoutCanvasSizeOptions": { + "type": "object", + "properties": { + "screenCanvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardGridLayoutScreenCanvasSizeOptions", + "description": "The options that determine the sizing of the canvas used in a grid layout." + } + } + }, + "aws-native:quicksight:DashboardGridLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardGridLayoutCanvasSizeOptions" + }, + "elements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardGridLayoutElement" + }, + "description": "The elements that are included in a grid layout." + } + } + }, + "aws-native:quicksight:DashboardGridLayoutElement": { + "type": "object", + "properties": { + "columnIndex": { + "type": "number", + "description": "The column index for the upper left corner of an element." + }, + "columnSpan": { + "type": "number", + "description": "The width of a grid element expressed as a number of grid columns." + }, + "elementId": { + "type": "string", + "description": "A unique identifier for an element within a grid layout." + }, + "elementType": { + "$ref": "#/types/aws-native:quicksight:DashboardLayoutElementType", + "description": "The type of element." + }, + "rowIndex": { + "type": "number", + "description": "The row index for the upper left corner of an element." + }, + "rowSpan": { + "type": "number", + "description": "The height of a grid element expressed as a number of grid rows." + } + } + }, + "aws-native:quicksight:DashboardGridLayoutScreenCanvasSizeOptions": { + "type": "object", + "properties": { + "optimizedViewPortWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "resizeOption": { + "$ref": "#/types/aws-native:quicksight:DashboardResizeOption", + "description": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` ." + } + } + }, + "aws-native:quicksight:DashboardGrowthRateComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "periodSize": { + "type": "number", + "description": "The period size setup of a growth rate computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField", + "description": "The time field that is used in a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:DashboardHeaderFooterSectionConfiguration": { + "type": "object", + "properties": { + "layout": { + "$ref": "#/types/aws-native:quicksight:DashboardSectionLayoutConfiguration", + "description": "The layout configuration of the header or footer section." + }, + "sectionId": { + "type": "string", + "description": "The unique identifier of the header or footer section." + }, + "style": { + "$ref": "#/types/aws-native:quicksight:DashboardSectionStyle", + "description": "The style options of a header or footer section." + } + } + }, + "aws-native:quicksight:DashboardHeatMapAggregatedFieldWells": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The columns field well of a heat map." + }, + "rows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The rows field well of a heat map." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The values field well of a heat map." + } + } + }, + "aws-native:quicksight:DashboardHeatMapConfiguration": { + "type": "object", + "properties": { + "colorScale": { + "$ref": "#/types/aws-native:quicksight:DashboardColorScale", + "description": "The color options (gradient color, point of divergence) in a heat map." + }, + "columnLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options of the column that is displayed in a heat map." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardHeatMapFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions", + "description": "The legend display setup of the visual." + }, + "rowLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options of the row that is displayed in a `heat map` ." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardHeatMapSortConfiguration", + "description": "The sort configuration of a heat map." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The tooltip display setup of the visual." + } + } + }, + "aws-native:quicksight:DashboardHeatMapFieldWells": { + "type": "object", + "properties": { + "heatMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardHeatMapAggregatedFieldWells", + "description": "The aggregated field wells of a heat map." + } + } + }, + "aws-native:quicksight:DashboardHeatMapSortConfiguration": { + "type": "object", + "properties": { + "heatMapColumnItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of columns that are displayed in a heat map." + }, + "heatMapColumnSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The column sort configuration for heat map for columns that aren't a part of a field well." + }, + "heatMapRowItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of rows that are displayed in a heat map." + }, + "heatMapRowSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The field sort configuration of the rows fields." + } + } + }, + "aws-native:quicksight:DashboardHeatMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardHeatMapConfiguration", + "description": "The configuration of a heat map." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardHistogramAggregatedFieldWells": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` ." + } + } + }, + "aws-native:quicksight:DashboardHistogramBinOptions": { + "type": "object", + "properties": { + "binCount": { + "$ref": "#/types/aws-native:quicksight:DashboardBinCountOptions", + "description": "The options that determine the bin count of a histogram." + }, + "binWidth": { + "$ref": "#/types/aws-native:quicksight:DashboardBinWidthOptions", + "description": "The options that determine the bin width of a histogram." + }, + "selectedBinType": { + "$ref": "#/types/aws-native:quicksight:DashboardHistogramBinType", + "description": "The options that determine the selected bin type." + }, + "startValue": { + "type": "number", + "description": "The options that determine the bin start value." + } + } + }, + "aws-native:quicksight:DashboardHistogramBinType": { + "type": "string" + }, + "aws-native:quicksight:DashboardHistogramConfiguration": { + "type": "object", + "properties": { + "binOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardHistogramBinOptions", + "description": "The options that determine the presentation of histogram bins." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The data label configuration of a histogram." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardHistogramFieldWells", + "description": "The field well configuration of a histogram." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The tooltip configuration of a histogram." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette", + "description": "The visual palette configuration of a histogram." + }, + "xAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The options that determine the presentation of the x-axis." + }, + "xAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The options that determine the presentation of the x-axis label." + }, + "yAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The options that determine the presentation of the y-axis." + } + } + }, + "aws-native:quicksight:DashboardHistogramFieldWells": { + "type": "object", + "properties": { + "histogramAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardHistogramAggregatedFieldWells", + "description": "The field well configuration of a histogram." + } + } + }, + "aws-native:quicksight:DashboardHistogramVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardHistogramConfiguration", + "description": "The configuration for a `HistogramVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardHorizontalTextAlignment": { + "type": "string" + }, + "aws-native:quicksight:DashboardIcon": { + "type": "string" + }, + "aws-native:quicksight:DashboardInsightConfiguration": { + "type": "object", + "properties": { + "computations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardComputation" + }, + "description": "The computations configurations of the insight visual" + }, + "customNarrative": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomNarrativeOptions", + "description": "The custom narrative of the insight visual." + } + } + }, + "aws-native:quicksight:DashboardInsightVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The dataset that is used in the insight visual." + }, + "insightConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardInsightConfiguration", + "description": "The configuration of an insight visual." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardIntegerDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:DashboardDynamicDefaultValue", + "description": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping." + }, + "staticValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "The static values of the `IntegerDefaultValues` ." + } + } + }, + "aws-native:quicksight:DashboardIntegerParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of the integer parameter.\u003c/p\u003e" + }, + "values": { + "type": "array", + "items": { + "type": "number" + }, + "description": "\u003cp\u003eThe values for the integer parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DashboardIntegerParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:DashboardIntegerDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "parameterValueType": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterValueType", + "description": "The value type determines whether the parameter is a single-value or multi-value parameter." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:DashboardIntegerValueWhenUnsetConfiguration", + "description": "A parameter declaration for the `Integer` data type." + } + } + }, + "aws-native:quicksight:DashboardIntegerValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "number", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:DashboardValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:DashboardItemsLimitConfiguration": { + "type": "object", + "properties": { + "itemsLimit": { + "type": "number", + "description": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart." + }, + "otherCategories": { + "$ref": "#/types/aws-native:quicksight:DashboardOtherCategories", + "description": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`" + } + } + }, + "aws-native:quicksight:DashboardKpiActualValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingIcon", + "description": "The conditional formatting of the actual value's icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingColor", + "description": "The conditional formatting of the actual value's text color." + } + } + }, + "aws-native:quicksight:DashboardKpiComparisonValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingIcon", + "description": "The conditional formatting of the comparison value's icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingColor", + "description": "The conditional formatting of the comparison value's text color." + } + } + }, + "aws-native:quicksight:DashboardKpiConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiConditionalFormattingOption" + }, + "description": "The conditional formatting options of a KPI visual." + } + } + }, + "aws-native:quicksight:DashboardKpiConditionalFormattingOption": { + "type": "object", + "properties": { + "actualValue": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiActualValueConditionalFormatting", + "description": "The conditional formatting for the actual value of a KPI visual." + }, + "comparisonValue": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiComparisonValueConditionalFormatting", + "description": "The conditional formatting for the comparison value of a KPI visual." + }, + "primaryValue": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiPrimaryValueConditionalFormatting", + "description": "The conditional formatting for the primary value of a KPI visual." + }, + "progressBar": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiProgressBarConditionalFormatting", + "description": "The conditional formatting for the progress bar of a KPI visual." + } + } + }, + "aws-native:quicksight:DashboardKpiConfiguration": { + "type": "object", + "properties": { + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiFieldWells", + "description": "The field well configuration of a KPI visual." + }, + "kpiOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiOptions", + "description": "The options that determine the presentation of a KPI visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiSortConfiguration", + "description": "The sort configuration of a KPI visual." + } + }, + "irreversibleNames": { + "kpiOptions": "KPIOptions" + } + }, + "aws-native:quicksight:DashboardKpiFieldWells": { + "type": "object", + "properties": { + "targetValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The target value field wells of a KPI visual." + }, + "trendGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The trend group field wells of a KPI visual." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The value field wells of a KPI visual." + } + } + }, + "aws-native:quicksight:DashboardKpiOptions": { + "type": "object", + "properties": { + "comparison": { + "$ref": "#/types/aws-native:quicksight:DashboardComparisonConfiguration", + "description": "The comparison configuration of a KPI visual." + }, + "primaryValueDisplayType": { + "$ref": "#/types/aws-native:quicksight:DashboardPrimaryValueDisplayType", + "description": "The options that determine the primary value display type." + }, + "primaryValueFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontConfiguration", + "description": "The options that determine the primary value font configuration." + }, + "progressBar": { + "$ref": "#/types/aws-native:quicksight:DashboardProgressBarOptions", + "description": "The options that determine the presentation of the progress bar of a KPI visual." + }, + "secondaryValue": { + "$ref": "#/types/aws-native:quicksight:DashboardSecondaryValueOptions", + "description": "The options that determine the presentation of the secondary value of a KPI visual." + }, + "secondaryValueFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontConfiguration", + "description": "The options that determine the secondary value font configuration." + }, + "sparkline": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiSparklineOptions", + "description": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual." + }, + "trendArrows": { + "$ref": "#/types/aws-native:quicksight:DashboardTrendArrowOptions", + "description": "The options that determine the presentation of trend arrows in a KPI visual." + }, + "visualLayoutOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiVisualLayoutOptions", + "description": "The options that determine the layout a KPI visual." + } + } + }, + "aws-native:quicksight:DashboardKpiPrimaryValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingIcon", + "description": "The conditional formatting of the primary value's icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingColor", + "description": "The conditional formatting of the primary value's text color." + } + } + }, + "aws-native:quicksight:DashboardKpiProgressBarConditionalFormatting": { + "type": "object", + "properties": { + "foregroundColor": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingColor", + "description": "The conditional formatting of the progress bar's foreground color." + } + } + }, + "aws-native:quicksight:DashboardKpiSortConfiguration": { + "type": "object", + "properties": { + "trendGroupSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the trend group fields." + } + } + }, + "aws-native:quicksight:DashboardKpiSparklineOptions": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color of the sparkline." + }, + "tooltipVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The tooltip visibility of the sparkline." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiSparklineType", + "description": "The type of the sparkline." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the sparkline." + } + } + }, + "aws-native:quicksight:DashboardKpiSparklineType": { + "type": "string" + }, + "aws-native:quicksight:DashboardKpiVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiConfiguration", + "description": "The configuration of a KPI visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiConditionalFormatting", + "description": "The conditional formatting of a KPI visual." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardKpiVisualLayoutOptions": { + "type": "object", + "properties": { + "standardLayout": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiVisualStandardLayout", + "description": "The standard layout of the KPI visual." + } + } + }, + "aws-native:quicksight:DashboardKpiVisualStandardLayout": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiVisualStandardLayoutType", + "description": "The standard layout type." + } + } + }, + "aws-native:quicksight:DashboardKpiVisualStandardLayoutType": { + "type": "string" + }, + "aws-native:quicksight:DashboardLabelOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The text for the label." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontConfiguration", + "description": "The font configuration of the label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines whether or not the label is visible." + } + } + }, + "aws-native:quicksight:DashboardLayout": { + "type": "object", + "properties": { + "configuration": { + "$ref": "#/types/aws-native:quicksight:DashboardLayoutConfiguration", + "description": "The configuration that determines what the type of layout for a sheet." + } + } + }, + "aws-native:quicksight:DashboardLayoutConfiguration": { + "type": "object", + "properties": { + "freeFormLayout": { + "$ref": "#/types/aws-native:quicksight:DashboardFreeFormLayoutConfiguration", + "description": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements." + }, + "gridLayout": { + "$ref": "#/types/aws-native:quicksight:DashboardGridLayoutConfiguration", + "description": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` ." + }, + "sectionBasedLayout": { + "$ref": "#/types/aws-native:quicksight:DashboardSectionBasedLayoutConfiguration", + "description": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break." + } + } + }, + "aws-native:quicksight:DashboardLayoutElementType": { + "type": "string" + }, + "aws-native:quicksight:DashboardLegendOptions": { + "type": "object", + "properties": { + "height": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "position": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendPosition", + "description": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`" + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardLabelOptions", + "description": "The custom title for the legend." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines whether or not the legend is visible." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:DashboardLegendPosition": { + "type": "string" + }, + "aws-native:quicksight:DashboardLineChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The category field wells of a line chart. Values are grouped by category fields." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The color field wells of a line chart. Values are grouped by category fields." + }, + "smallMultiples": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The small multiples field well of a line chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The value field wells of a line chart. Values are aggregated based on categories." + } + } + }, + "aws-native:quicksight:DashboardLineChartConfiguration": { + "type": "object", + "properties": { + "contributionAnalysisDefaults": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardContributionAnalysisDefault" + }, + "description": "The default configuration of a line chart's contribution analysis." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The data label configuration of a line chart." + }, + "defaultSeriesSettings": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartDefaultSeriesSettings", + "description": "The options that determine the default presentation of all line series in `LineChartVisual` ." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartFieldWells", + "description": "The field well configuration of a line chart." + }, + "forecastConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardForecastConfiguration" + }, + "description": "The forecast configuration of a line chart." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions", + "description": "The legend configuration of a line chart." + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardLineSeriesAxisDisplayOptions", + "description": "The series axis configuration of a line chart." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The options that determine the presentation of the y-axis label." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLine" + }, + "description": "The reference lines configuration of a line chart." + }, + "secondaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardLineSeriesAxisDisplayOptions", + "description": "The series axis configuration of a line chart." + }, + "secondaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The options that determine the presentation of the secondary y-axis label." + }, + "series": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardSeriesItem" + }, + "description": "The series item configuration of a line chart." + }, + "smallMultiplesOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSmallMultiplesOptions", + "description": "The small multiples setup for the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartSortConfiguration", + "description": "The sort configuration of a line chart." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The tooltip configuration of a line chart." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartType", + "description": "Determines the type of the line chart." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette", + "description": "The visual palette configuration of a line chart." + }, + "xAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The options that determine the presentation of the x-axis." + }, + "xAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The options that determine the presentation of the x-axis label." + } + } + }, + "aws-native:quicksight:DashboardLineChartDefaultSeriesSettings": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisBinding", + "description": "The axis to which you are binding all line series to." + }, + "lineStyleSettings": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartLineStyleSettings", + "description": "Line styles options for all line series in the visual." + }, + "markerStyleSettings": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartMarkerStyleSettings", + "description": "Marker styles options for all line series in the visual." + } + } + }, + "aws-native:quicksight:DashboardLineChartFieldWells": { + "type": "object", + "properties": { + "lineChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartAggregatedFieldWells", + "description": "The field well configuration of a line chart." + } + } + }, + "aws-native:quicksight:DashboardLineChartLineStyle": { + "type": "string" + }, + "aws-native:quicksight:DashboardLineChartLineStyleSettings": { + "type": "object", + "properties": { + "lineInterpolation": { + "$ref": "#/types/aws-native:quicksight:DashboardLineInterpolation", + "description": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line." + }, + "lineStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartLineStyle", + "description": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line." + }, + "lineVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Configuration option that determines whether to show the line for the series." + }, + "lineWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:DashboardLineChartMarkerShape": { + "type": "string" + }, + "aws-native:quicksight:DashboardLineChartMarkerStyleSettings": { + "type": "object", + "properties": { + "markerColor": { + "type": "string", + "description": "Color of marker in the series." + }, + "markerShape": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartMarkerShape", + "description": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square." + }, + "markerSize": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "markerVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Configuration option that determines whether to show the markers in the series." + } + } + }, + "aws-native:quicksight:DashboardLineChartSeriesSettings": { + "type": "object", + "properties": { + "lineStyleSettings": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartLineStyleSettings", + "description": "Line styles options for a line series in `LineChartVisual` ." + }, + "markerStyleSettings": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartMarkerStyleSettings", + "description": "Marker styles options for a line series in `LineChartVisual` ." + } + } + }, + "aws-native:quicksight:DashboardLineChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of categories that are displayed in a line chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + }, + "colorItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of lines that are displayed in a line chart." + }, + "smallMultiplesLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of small multiples panels that are displayed." + }, + "smallMultiplesSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the small multiples field." + } + } + }, + "aws-native:quicksight:DashboardLineChartType": { + "type": "string" + }, + "aws-native:quicksight:DashboardLineChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartConfiguration", + "description": "The configuration of a line chart." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardLineInterpolation": { + "type": "string" + }, + "aws-native:quicksight:DashboardLineSeriesAxisDisplayOptions": { + "type": "object", + "properties": { + "axisOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The options that determine the presentation of the line series axis." + }, + "missingDataConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMissingDataConfiguration" + }, + "description": "The configuration options that determine how missing data is treated during the rendering of a line chart." + } + } + }, + "aws-native:quicksight:DashboardLinkSharingConfiguration": { + "type": "object", + "properties": { + "permissions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardResourcePermission" + }, + "description": "A structure that contains the permissions of a shareable link." + } + } + }, + "aws-native:quicksight:DashboardListControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "searchOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardListControlSearchOptions", + "description": "The configuration of the search options in a list control." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardListControlSelectAllOptions", + "description": "The configuration of the `Select all` options in a list control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:DashboardListControlSearchOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility configuration of the search options in a list control." + } + } + }, + "aws-native:quicksight:DashboardListControlSelectAllOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility configuration of the `Select all` options in a list control." + } + } + }, + "aws-native:quicksight:DashboardLoadingAnimation": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility configuration of `LoadingAnimation` ." + } + } + }, + "aws-native:quicksight:DashboardLocalNavigationConfiguration": { + "type": "object", + "properties": { + "targetSheetId": { + "type": "string", + "description": "The sheet that is targeted for navigation in the same analysis." + } + } + }, + "aws-native:quicksight:DashboardLongFormatText": { + "type": "object", + "properties": { + "plainText": { + "type": "string", + "description": "Plain text format." + }, + "richText": { + "type": "string", + "description": "Rich text. Examples of rich text include bold, underline, and italics." + } + } + }, + "aws-native:quicksight:DashboardMapZoomMode": { + "type": "string" + }, + "aws-native:quicksight:DashboardMappedDataSetParameter": { + "type": "object", + "properties": { + "dataSetIdentifier": { + "type": "string", + "description": "A unique name that identifies a dataset within the analysis or dashboard." + }, + "dataSetParameterName": { + "type": "string", + "description": "The name of the dataset parameter." + } + } + }, + "aws-native:quicksight:DashboardMaximumLabelType": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the maximum label." + } + } + }, + "aws-native:quicksight:DashboardMaximumMinimumComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField", + "description": "The time field that is used in a computation." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardMaximumMinimumComputationType", + "description": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:DashboardMaximumMinimumComputationType": { + "type": "string" + }, + "aws-native:quicksight:DashboardMeasureField": { + "type": "object", + "properties": { + "calculatedMeasureField": { + "$ref": "#/types/aws-native:quicksight:DashboardCalculatedMeasureField", + "description": "The calculated measure field only used in pivot tables." + }, + "categoricalMeasureField": { + "$ref": "#/types/aws-native:quicksight:DashboardCategoricalMeasureField", + "description": "The measure type field with categorical type columns." + }, + "dateMeasureField": { + "$ref": "#/types/aws-native:quicksight:DashboardDateMeasureField", + "description": "The measure type field with date type columns." + }, + "numericalMeasureField": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericalMeasureField", + "description": "The measure type field with numerical type columns." + } + } + }, + "aws-native:quicksight:DashboardMetricComparisonComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "fromValue": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField", + "description": "The field that is used in a metric comparison from value setup." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "targetValue": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField", + "description": "The field that is used in a metric comparison to value setup." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField", + "description": "The time field that is used in a computation." + } + } + }, + "aws-native:quicksight:DashboardMinimumLabelType": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the minimum label." + } + } + }, + "aws-native:quicksight:DashboardMissingDataConfiguration": { + "type": "object", + "properties": { + "treatmentOption": { + "$ref": "#/types/aws-native:quicksight:DashboardMissingDataTreatmentOption", + "description": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data." + } + } + }, + "aws-native:quicksight:DashboardMissingDataTreatmentOption": { + "type": "string" + }, + "aws-native:quicksight:DashboardNegativeValueConfiguration": { + "type": "object", + "properties": { + "displayMode": { + "$ref": "#/types/aws-native:quicksight:DashboardNegativeValueDisplayMode", + "description": "Determines the display mode of the negative value configuration." + } + } + }, + "aws-native:quicksight:DashboardNegativeValueDisplayMode": { + "type": "string" + }, + "aws-native:quicksight:DashboardNullValueFormatConfiguration": { + "type": "object", + "properties": { + "nullString": { + "type": "string", + "description": "Determines the null string of null values." + } + } + }, + "aws-native:quicksight:DashboardNumberDisplayFormatConfiguration": { + "type": "object", + "properties": { + "decimalPlacesConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDecimalPlacesConfiguration", + "description": "The option that determines the decimal places configuration." + }, + "negativeValueConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNegativeValueConfiguration", + "description": "The options that determine the negative value configuration." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numberScale": { + "$ref": "#/types/aws-native:quicksight:DashboardNumberScale", + "description": "Determines the number scale value of the number format." + }, + "prefix": { + "type": "string", + "description": "Determines the prefix value of the number format." + }, + "separatorConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericSeparatorConfiguration", + "description": "The options that determine the numeric separator configuration." + }, + "suffix": { + "type": "string", + "description": "Determines the suffix value of the number format." + } + } + }, + "aws-native:quicksight:DashboardNumberFormatConfiguration": { + "type": "object", + "properties": { + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericFormatConfiguration", + "description": "The options that determine the numeric format configuration." + } + } + }, + "aws-native:quicksight:DashboardNumberScale": { + "type": "string" + }, + "aws-native:quicksight:DashboardNumericAxisOptions": { + "type": "object", + "properties": { + "range": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayRange", + "description": "The range setup of a numeric axis." + }, + "scale": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisScale", + "description": "The scale setup of a numeric axis." + } + } + }, + "aws-native:quicksight:DashboardNumericEqualityDrillDownFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "value": { + "type": "number", + "description": "The value of the double input numeric drill down filter." + } + } + }, + "aws-native:quicksight:DashboardNumericEqualityFilter": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardAggregationFunction", + "description": "The aggregation function of the filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericEqualityMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + }, + "value": { + "type": "number", + "description": "The input value." + } + } + }, + "aws-native:quicksight:DashboardNumericEqualityMatchOperator": { + "type": "string" + }, + "aws-native:quicksight:DashboardNumericFilterSelectAllOptions": { + "type": "string" + }, + "aws-native:quicksight:DashboardNumericFormatConfiguration": { + "type": "object", + "properties": { + "currencyDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardCurrencyDisplayFormatConfiguration", + "description": "The options that determine the currency display format configuration." + }, + "numberDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumberDisplayFormatConfiguration", + "description": "The options that determine the number display format configuration." + }, + "percentageDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardPercentageDisplayFormatConfiguration", + "description": "The options that determine the percentage display format configuration." + } + } + }, + "aws-native:quicksight:DashboardNumericRangeFilter": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardAggregationFunction", + "description": "The aggregation function of the filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "includeMaximum": { + "type": "boolean", + "description": "Determines whether the maximum value in the filter value range should be included in the filtered results." + }, + "includeMinimum": { + "type": "boolean", + "description": "Determines whether the minimum value in the filter value range should be included in the filtered results." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "rangeMaximum": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericRangeFilterValue", + "description": "The maximum value for the filter value range." + }, + "rangeMinimum": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericRangeFilterValue", + "description": "The minimum value for the filter value range." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:DashboardNumericRangeFilterValue": { + "type": "object", + "properties": { + "parameter": { + "type": "string", + "description": "The parameter that is used in the numeric range." + }, + "staticValue": { + "type": "number", + "description": "The static value of the numeric range filter." + } + } + }, + "aws-native:quicksight:DashboardNumericSeparatorConfiguration": { + "type": "object", + "properties": { + "decimalSeparator": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericSeparatorSymbol", + "description": "Determines the decimal separator." + }, + "thousandsSeparator": { + "$ref": "#/types/aws-native:quicksight:DashboardThousandSeparatorOptions", + "description": "The options that determine the thousands separator configuration." + } + } + }, + "aws-native:quicksight:DashboardNumericSeparatorSymbol": { + "type": "string" + }, + "aws-native:quicksight:DashboardNumericalAggregationFunction": { + "type": "object", + "properties": { + "percentileAggregation": { + "$ref": "#/types/aws-native:quicksight:DashboardPercentileAggregation", + "description": "An aggregation based on the percentile of values in a dimension or measure." + }, + "simpleNumericalAggregation": { + "$ref": "#/types/aws-native:quicksight:DashboardSimpleNumericalAggregationFunction", + "description": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure." + } + } + }, + "aws-native:quicksight:DashboardNumericalDimensionField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that is used in the `NumericalDimensionField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumberFormatConfiguration", + "description": "The format configuration of the field." + }, + "hierarchyId": { + "type": "string", + "description": "The custom hierarchy ID." + } + } + }, + "aws-native:quicksight:DashboardNumericalMeasureField": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericalAggregationFunction", + "description": "The aggregation function of the measure field." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that is used in the `NumericalMeasureField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumberFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:DashboardOtherCategories": { + "type": "string" + }, + "aws-native:quicksight:DashboardPaginationConfiguration": { + "type": "object", + "properties": { + "pageNumber": { + "type": "number", + "description": "Indicates the page number." + }, + "pageSize": { + "type": "number", + "description": "Indicates how many items render in one page." + } + } + }, + "aws-native:quicksight:DashboardPanelBorderStyle": { + "type": "string" + }, + "aws-native:quicksight:DashboardPanelConfiguration": { + "type": "object", + "properties": { + "backgroundColor": { + "type": "string", + "description": "Sets the background color for each panel." + }, + "backgroundVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines whether or not a background for each small multiples panel is rendered." + }, + "borderColor": { + "type": "string", + "description": "Sets the line color of panel borders." + }, + "borderStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardPanelBorderStyle", + "description": "Sets the line style of panel borders." + }, + "borderThickness": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "borderVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines whether or not each panel displays a border." + }, + "gutterSpacing": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "gutterVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines whether or not negative space between sibling panels is rendered." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardPanelTitleOptions", + "description": "Configures the title display within each small multiples panel." + } + } + }, + "aws-native:quicksight:DashboardPanelTitleOptions": { + "type": "object", + "properties": { + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontConfiguration" + }, + "horizontalTextAlignment": { + "$ref": "#/types/aws-native:quicksight:DashboardHorizontalTextAlignment", + "description": "Sets the horizontal text alignment of the title within each panel." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines whether or not panel titles are displayed." + } + } + }, + "aws-native:quicksight:DashboardPaperOrientation": { + "type": "string" + }, + "aws-native:quicksight:DashboardPaperSize": { + "type": "string" + }, + "aws-native:quicksight:DashboardParameterControl": { + "type": "object", + "properties": { + "dateTimePicker": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterDateTimePickerControl", + "description": "A control from a date parameter that specifies date and time." + }, + "dropdown": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterDropDownControl", + "description": "A control to display a dropdown list with buttons that are used to select a single value." + }, + "list": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterListControl", + "description": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values." + }, + "slider": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterSliderControl", + "description": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle." + }, + "textArea": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterTextAreaControl", + "description": "A control to display a text box that is used to enter multiple entries." + }, + "textField": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterTextFieldControl", + "description": "A control to display a text box that is used to enter a single entry." + } + } + }, + "aws-native:quicksight:DashboardParameterDateTimePickerControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDateTimePickerControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterDateTimePickerControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The name of the `ParameterDateTimePickerControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterDateTimePickerControl` ." + } + } + }, + "aws-native:quicksight:DashboardParameterDeclaration": { + "type": "object", + "properties": { + "dateTimeParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:DashboardDateTimeParameterDeclaration", + "description": "A parameter declaration for the `DateTime` data type." + }, + "decimalParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:DashboardDecimalParameterDeclaration", + "description": "A parameter declaration for the `Decimal` data type." + }, + "integerParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:DashboardIntegerParameterDeclaration", + "description": "A parameter declaration for the `Integer` data type." + }, + "stringParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:DashboardStringParameterDeclaration", + "description": "A parameter declaration for the `String` data type." + } + } + }, + "aws-native:quicksight:DashboardParameterDropDownControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDropDownControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterDropDownControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterDropDownControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterDropDownControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlListType", + "description": "The type parameter name of the `ParameterDropDownControl` ." + } + } + }, + "aws-native:quicksight:DashboardParameterListControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardListControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterListControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterListControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterListControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlListType", + "description": "The type of `ParameterListControl` ." + } + } + }, + "aws-native:quicksight:DashboardParameterSelectableValues": { + "type": "object", + "properties": { + "linkToDataSetColumn": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column identifier that fetches values from the data set." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The values that are used in `ParameterSelectableValues` ." + } + } + }, + "aws-native:quicksight:DashboardParameterSliderControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSliderControlDisplayOptions", + "description": "The display options of a control." + }, + "maximumValue": { + "type": "number", + "description": "The larger value that is displayed at the right of the slider." + }, + "minimumValue": { + "type": "number", + "description": "The smaller value that is displayed at the left of the slider." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterSliderControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterSliderControl` ." + }, + "stepSize": { + "type": "number", + "description": "The number of increments that the slider bar is divided into." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterSliderControl` ." + } + } + }, + "aws-native:quicksight:DashboardParameterTextAreaControl": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "The delimiter that is used to separate the lines in text." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTextAreaControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterTextAreaControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterTextAreaControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterTextAreaControl` ." + } + } + }, + "aws-native:quicksight:DashboardParameterTextFieldControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTextFieldControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterTextFieldControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterTextFieldControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterTextFieldControl` ." + } + } + }, + "aws-native:quicksight:DashboardParameterValueType": { + "type": "string" + }, + "aws-native:quicksight:DashboardParameters": { + "type": "object", + "properties": { + "dateTimeParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDateTimeParameter" + }, + "description": "\u003cp\u003eThe parameters that have a data type of date-time.\u003c/p\u003e" + }, + "decimalParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDecimalParameter" + }, + "description": "\u003cp\u003eThe parameters that have a data type of decimal.\u003c/p\u003e" + }, + "integerParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardIntegerParameter" + }, + "description": "\u003cp\u003eThe parameters that have a data type of integer.\u003c/p\u003e" + }, + "stringParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardStringParameter" + }, + "description": "\u003cp\u003eThe parameters that have a data type of string.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DashboardPercentVisibleRange": { + "type": "object", + "properties": { + "from": { + "type": "number", + "description": "The lower bound of the range." + }, + "to": { + "type": "number", + "description": "The top bound of the range." + } + } + }, + "aws-native:quicksight:DashboardPercentageDisplayFormatConfiguration": { + "type": "object", + "properties": { + "decimalPlacesConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDecimalPlacesConfiguration", + "description": "The option that determines the decimal places configuration." + }, + "negativeValueConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNegativeValueConfiguration", + "description": "The options that determine the negative value configuration." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "prefix": { + "type": "string", + "description": "Determines the prefix value of the percentage format." + }, + "separatorConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericSeparatorConfiguration", + "description": "The options that determine the numeric separator configuration." + }, + "suffix": { + "type": "string", + "description": "Determines the suffix value of the percentage format." + } + } + }, + "aws-native:quicksight:DashboardPercentileAggregation": { + "type": "object", + "properties": { + "percentileValue": { + "type": "number", + "description": "The percentile value. This value can be any numeric constant 0–100. A percentile value of 50 computes the median value of the measure." + } + } + }, + "aws-native:quicksight:DashboardPeriodOverPeriodComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField", + "description": "The time field that is used in a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:DashboardPeriodToDateComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "periodTimeGranularity": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeGranularity", + "description": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField", + "description": "The time field that is used in a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:DashboardPieChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The category (group/color) field wells of a pie chart." + }, + "smallMultiples": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The small multiples field well of a pie chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The value field wells of a pie chart. Values are aggregated based on categories." + } + } + }, + "aws-native:quicksight:DashboardPieChartConfiguration": { + "type": "object", + "properties": { + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options of the group/color that is displayed in a pie chart." + }, + "contributionAnalysisDefaults": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardContributionAnalysisDefault" + }, + "description": "The contribution analysis (anomaly configuration) setup of the visual." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "donutOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardDonutOptions", + "description": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardPieChartFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions", + "description": "The legend display setup of the visual." + }, + "smallMultiplesOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSmallMultiplesOptions", + "description": "The small multiples setup for the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardPieChartSortConfiguration", + "description": "The sort configuration of a pie chart." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "valueLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options for the value that is displayed in a pie chart." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:DashboardPieChartFieldWells": { + "type": "object", + "properties": { + "pieChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardPieChartAggregatedFieldWells", + "description": "The field well configuration of a pie chart." + } + } + }, + "aws-native:quicksight:DashboardPieChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of categories that are displayed in a pie chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + }, + "smallMultiplesLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of small multiples panels that are displayed." + }, + "smallMultiplesSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the small multiples field." + } + } + }, + "aws-native:quicksight:DashboardPieChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardPieChartConfiguration", + "description": "The configuration of a pie chart." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardPivotFieldSortOptions": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID for the field sort options." + }, + "sortBy": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableSortBy", + "description": "The sort by field for the field sort options." + } + } + }, + "aws-native:quicksight:DashboardPivotTableAggregatedFieldWells": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The columns field well for a pivot table. Values are grouped by columns fields." + }, + "rows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The rows field well for a pivot table. Values are grouped by rows fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The values field well for a pivot table. Values are aggregated based on rows and columns fields." + } + } + }, + "aws-native:quicksight:DashboardPivotTableCellConditionalFormatting": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the cell for conditional formatting." + }, + "scope": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableConditionalFormattingScope", + "description": "The scope of the cell for conditional formatting." + }, + "scopes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableConditionalFormattingScope" + }, + "description": "A list of cell scopes for conditional formatting." + }, + "textFormat": { + "$ref": "#/types/aws-native:quicksight:DashboardTextConditionalFormat", + "description": "The text format of the cell for conditional formatting." + } + } + }, + "aws-native:quicksight:DashboardPivotTableConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableConditionalFormattingOption" + }, + "description": "Conditional formatting options for a `PivotTableVisual` ." + } + } + }, + "aws-native:quicksight:DashboardPivotTableConditionalFormattingOption": { + "type": "object", + "properties": { + "cell": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableCellConditionalFormatting", + "description": "The cell conditional formatting option for a pivot table." + } + } + }, + "aws-native:quicksight:DashboardPivotTableConditionalFormattingScope": { + "type": "object", + "properties": { + "role": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableConditionalFormattingScopeRole", + "description": "The role (field, field total, grand total) of the cell for conditional formatting." + } + } + }, + "aws-native:quicksight:DashboardPivotTableConditionalFormattingScopeRole": { + "type": "string" + }, + "aws-native:quicksight:DashboardPivotTableConfiguration": { + "type": "object", + "properties": { + "fieldOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableFieldOptions", + "description": "The field options for a pivot table visual." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableFieldWells", + "description": "The field wells of the visual." + }, + "paginatedReportOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTablePaginatedReportOptions", + "description": "The paginated report options for a pivot table visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableSortConfiguration", + "description": "The sort configuration for a `PivotTableVisual` ." + }, + "tableOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableOptions", + "description": "The table options for a pivot table visual." + }, + "totalOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableTotalOptions", + "description": "The total options for a pivot table visual." + } + } + }, + "aws-native:quicksight:DashboardPivotTableDataPathOption": { + "type": "object", + "properties": { + "dataPathList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDataPathValue" + }, + "description": "The list of data path values for the data path options." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:DashboardPivotTableDataPathType": { + "type": "string" + }, + "aws-native:quicksight:DashboardPivotTableFieldCollapseState": { + "type": "string" + }, + "aws-native:quicksight:DashboardPivotTableFieldCollapseStateOption": { + "type": "object", + "properties": { + "state": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableFieldCollapseState", + "description": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`" + }, + "target": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableFieldCollapseStateTarget", + "description": "A tagged-union object that sets the collapse state." + } + } + }, + "aws-native:quicksight:DashboardPivotTableFieldCollapseStateTarget": { + "type": "object", + "properties": { + "fieldDataPathValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDataPathValue" + }, + "description": "The data path of the pivot table's header. Used to set the collapse state." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the pivot table that the collapse state needs to be set to." + } + } + }, + "aws-native:quicksight:DashboardPivotTableFieldOption": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label of the pivot table field." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the pivot table field." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the pivot table field." + } + } + }, + "aws-native:quicksight:DashboardPivotTableFieldOptions": { + "type": "object", + "properties": { + "collapseStateOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableFieldCollapseStateOption" + }, + "description": "The collapse state options for the pivot table field options." + }, + "dataPathOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableDataPathOption" + }, + "description": "The data path options for the pivot table field options." + }, + "selectedFieldOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableFieldOption" + }, + "description": "The selected field options for the pivot table field options." + } + } + }, + "aws-native:quicksight:DashboardPivotTableFieldSubtotalOptions": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the subtotal options." + } + } + }, + "aws-native:quicksight:DashboardPivotTableFieldWells": { + "type": "object", + "properties": { + "pivotTableAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableAggregatedFieldWells", + "description": "The aggregated field well for the pivot table." + } + } + }, + "aws-native:quicksight:DashboardPivotTableMetricPlacement": { + "type": "string" + }, + "aws-native:quicksight:DashboardPivotTableOptions": { + "type": "object", + "properties": { + "cellStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The table cell style of cells." + }, + "collapsedRowDimensionsVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` ." + }, + "columnHeaderStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The table cell style of the column header." + }, + "columnNamesVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the column names." + }, + "defaultCellWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "metricPlacement": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableMetricPlacement", + "description": "The metric placement (row, column) options." + }, + "rowAlternateColorOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardRowAlternateColorOptions", + "description": "The row alternate color options (widget status, row alternate colors)." + }, + "rowFieldNamesStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The table cell style of row field names." + }, + "rowHeaderStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The table cell style of the row headers." + }, + "rowsLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableRowsLabelOptions", + "description": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` ." + }, + "rowsLayout": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableRowsLayout", + "description": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields." + }, + "singleMetricVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the single metric options." + }, + "toggleButtonsVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines the visibility of the pivot table." + } + } + }, + "aws-native:quicksight:DashboardPivotTablePaginatedReportOptions": { + "type": "object", + "properties": { + "overflowColumnHeaderVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the repeating header rows on each page." + }, + "verticalOverflowVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the printing table overflow across pages." + } + } + }, + "aws-native:quicksight:DashboardPivotTableRowsLabelOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the rows label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the rows label." + } + } + }, + "aws-native:quicksight:DashboardPivotTableRowsLayout": { + "type": "string" + }, + "aws-native:quicksight:DashboardPivotTableSortBy": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnSort", + "description": "The column sort (field id, direction) for the pivot table sort by options." + }, + "dataPath": { + "$ref": "#/types/aws-native:quicksight:DashboardDataPathSort", + "description": "The data path sort (data path value, direction) for the pivot table sort by options." + }, + "field": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSort", + "description": "The field sort (field id, direction) for the pivot table sort by options." + } + } + }, + "aws-native:quicksight:DashboardPivotTableSortConfiguration": { + "type": "object", + "properties": { + "fieldSortOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotFieldSortOptions" + }, + "description": "The field sort options for a pivot table sort configuration." + } + } + }, + "aws-native:quicksight:DashboardPivotTableSubtotalLevel": { + "type": "string" + }, + "aws-native:quicksight:DashboardPivotTableTotalOptions": { + "type": "object", + "properties": { + "columnSubtotalOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSubtotalOptions", + "description": "The column subtotal options." + }, + "columnTotalOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTotalOptions", + "description": "The column total options." + }, + "rowSubtotalOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSubtotalOptions", + "description": "The row subtotal options." + }, + "rowTotalOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTotalOptions", + "description": "The row total options." + } + } + }, + "aws-native:quicksight:DashboardPivotTableVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableConfiguration", + "description": "The configuration settings of the visual." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableConditionalFormatting", + "description": "The conditional formatting for a `PivotTableVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:DashboardPivotTotalOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the total cells." + }, + "metricHeaderCellStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The cell styling options for the total of header cells." + }, + "placement": { + "$ref": "#/types/aws-native:quicksight:DashboardTableTotalsPlacement", + "description": "The placement (start, end) for the total cells." + }, + "scrollStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardTableTotalsScrollStatus", + "description": "The scroll status (pinned, scrolled) for the total cells." + }, + "totalAggregationOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardTotalAggregationOption" + }, + "description": "The total aggregation options for each value field." + }, + "totalCellStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The cell styling options for the total cells." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility configuration for the total cells." + }, + "valueCellStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The cell styling options for the totals of value cells." + } + } + }, + "aws-native:quicksight:DashboardPredefinedHierarchy": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier" + }, + "description": "The list of columns that define the predefined hierarchy." + }, + "drillDownFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDrillDownFilter" + }, + "description": "The option that determines the drill down filters for the predefined hierarchy." + }, + "hierarchyId": { + "type": "string", + "description": "The hierarchy ID of the predefined hierarchy." + } + } + }, + "aws-native:quicksight:DashboardPrimaryValueDisplayType": { + "type": "string" + }, + "aws-native:quicksight:DashboardProgressBarOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the progress bar." + } + } + }, + "aws-native:quicksight:DashboardPublishOptions": { + "type": "object", + "properties": { + "adHocFilteringOption": { + "$ref": "#/types/aws-native:quicksight:DashboardAdHocFilteringOption", + "description": "Ad hoc (one-time) filtering option." + }, + "dataPointDrillUpDownOption": { + "$ref": "#/types/aws-native:quicksight:DashboardDataPointDrillUpDownOption", + "description": "The drill-down options of data points in a dashboard." + }, + "dataPointMenuLabelOption": { + "$ref": "#/types/aws-native:quicksight:DashboardDataPointMenuLabelOption", + "description": "The data point menu label options of a dashboard." + }, + "dataPointTooltipOption": { + "$ref": "#/types/aws-native:quicksight:DashboardDataPointTooltipOption", + "description": "The data point tool tip options of a dashboard." + }, + "exportToCsvOption": { + "$ref": "#/types/aws-native:quicksight:DashboardExportToCsvOption", + "description": "Export to .csv option." + }, + "exportWithHiddenFieldsOption": { + "$ref": "#/types/aws-native:quicksight:DashboardExportWithHiddenFieldsOption", + "description": "Determines if hidden fields are exported with a dashboard." + }, + "sheetControlsOption": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlsOption", + "description": "Sheet controls option." + }, + "sheetLayoutElementMaximizationOption": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetLayoutElementMaximizationOption", + "description": "The sheet layout maximization options of a dashbaord." + }, + "visualAxisSortOption": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualAxisSortOption", + "description": "The axis sort options of a dashboard." + }, + "visualMenuOption": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualMenuOption", + "description": "The menu options of a visual in a dashboard." + }, + "visualPublishOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPublishOptions", + "description": "The visual publish options of a visual in a dashboard." + } + }, + "irreversibleNames": { + "exportToCsvOption": "ExportToCSVOption" + } + }, + "aws-native:quicksight:DashboardRadarChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The aggregated field well categories of a radar chart." + }, + "color": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The color that are assigned to the aggregated field wells of a radar chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The values that are assigned to the aggregated field wells of a radar chart." + } + } + }, + "aws-native:quicksight:DashboardRadarChartAreaStyleSettings": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility settings of a radar chart." + } + } + }, + "aws-native:quicksight:DashboardRadarChartAxesRangeScale": { + "type": "string" + }, + "aws-native:quicksight:DashboardRadarChartConfiguration": { + "type": "object", + "properties": { + "alternateBandColorsVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines the visibility of the colors of alternatign bands in a radar chart." + }, + "alternateBandEvenColor": { + "type": "string", + "description": "The color of the even-numbered alternate bands of a radar chart." + }, + "alternateBandOddColor": { + "type": "string", + "description": "The color of the odd-numbered alternate bands of a radar chart." + }, + "axesRangeScale": { + "$ref": "#/types/aws-native:quicksight:DashboardRadarChartAxesRangeScale", + "description": "The axis behavior options of a radar chart." + }, + "baseSeriesSettings": { + "$ref": "#/types/aws-native:quicksight:DashboardRadarChartSeriesSettings", + "description": "The base sreies settings of a radar chart." + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The category axis of a radar chart." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The category label options of a radar chart." + }, + "colorAxis": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The color axis of a radar chart." + }, + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The color label options of a radar chart." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardRadarChartFieldWells", + "description": "The field well configuration of a `RadarChartVisual` ." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions", + "description": "The legend display setup of the visual." + }, + "shape": { + "$ref": "#/types/aws-native:quicksight:DashboardRadarChartShape", + "description": "The shape of the radar chart." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardRadarChartSortConfiguration", + "description": "The sort configuration of a `RadarChartVisual` ." + }, + "startAngle": { + "type": "number", + "description": "The start angle of a radar chart's axis." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:DashboardRadarChartFieldWells": { + "type": "object", + "properties": { + "radarChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardRadarChartAggregatedFieldWells", + "description": "The aggregated field wells of a radar chart visual." + } + } + }, + "aws-native:quicksight:DashboardRadarChartSeriesSettings": { + "type": "object", + "properties": { + "areaStyleSettings": { + "$ref": "#/types/aws-native:quicksight:DashboardRadarChartAreaStyleSettings", + "description": "The area style settings of a radar chart." + } + } + }, + "aws-native:quicksight:DashboardRadarChartShape": { + "type": "string" + }, + "aws-native:quicksight:DashboardRadarChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The category items limit for a radar chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The category sort options of a radar chart." + }, + "colorItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The color items limit of a radar chart." + }, + "colorSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The color sort configuration of a radar chart." + } + } + }, + "aws-native:quicksight:DashboardRadarChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardRadarChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardRangeEndsLabelType": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the range ends label." + } + } + }, + "aws-native:quicksight:DashboardReferenceLine": { + "type": "object", + "properties": { + "dataConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLineDataConfiguration", + "description": "The data configuration of the reference line." + }, + "labelConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLineLabelConfiguration", + "description": "The label configuration of the reference line." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:DashboardWidgetStatus", + "description": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`" + }, + "styleConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLineStyleConfiguration", + "description": "The style configuration of the reference line." + } + } + }, + "aws-native:quicksight:DashboardReferenceLineCustomLabelConfiguration": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The string text of the custom label." + } + } + }, + "aws-native:quicksight:DashboardReferenceLineDataConfiguration": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisBinding", + "description": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`" + }, + "dynamicConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLineDynamicDataConfiguration", + "description": "The dynamic configuration of the reference line data configuration." + }, + "seriesType": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLineSeriesType", + "description": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`" + }, + "staticConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLineStaticDataConfiguration", + "description": "The static data configuration of the reference line data configuration." + } + } + }, + "aws-native:quicksight:DashboardReferenceLineDynamicDataConfiguration": { + "type": "object", + "properties": { + "calculation": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericalAggregationFunction", + "description": "The calculation that is used in the dynamic data." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the dynamic data targets." + }, + "measureAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardAggregationFunction", + "description": "The aggregation function that is used in the dynamic data." + } + } + }, + "aws-native:quicksight:DashboardReferenceLineLabelConfiguration": { + "type": "object", + "properties": { + "customLabelConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLineCustomLabelConfiguration", + "description": "The custom label configuration of the label in a reference line." + }, + "fontColor": { + "type": "string", + "description": "The font color configuration of the label in a reference line." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontConfiguration", + "description": "The font configuration of the label in a reference line." + }, + "horizontalPosition": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLineLabelHorizontalPosition", + "description": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`" + }, + "valueLabelConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLineValueLabelConfiguration", + "description": "The value label configuration of the label in a reference line." + }, + "verticalPosition": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLineLabelVerticalPosition", + "description": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`" + } + } + }, + "aws-native:quicksight:DashboardReferenceLineLabelHorizontalPosition": { + "type": "string" + }, + "aws-native:quicksight:DashboardReferenceLineLabelVerticalPosition": { + "type": "string" + }, + "aws-native:quicksight:DashboardReferenceLinePatternType": { + "type": "string" + }, + "aws-native:quicksight:DashboardReferenceLineSeriesType": { + "type": "string" + }, + "aws-native:quicksight:DashboardReferenceLineStaticDataConfiguration": { + "type": "object", + "properties": { + "value": { + "type": "number", + "description": "The double input of the static data." + } + } + }, + "aws-native:quicksight:DashboardReferenceLineStyleConfiguration": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The hex color of the reference line." + }, + "pattern": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLinePatternType", + "description": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`" + } + } + }, + "aws-native:quicksight:DashboardReferenceLineValueLabelConfiguration": { + "type": "object", + "properties": { + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericFormatConfiguration", + "description": "The format configuration of the value label." + }, + "relativePosition": { + "$ref": "#/types/aws-native:quicksight:DashboardReferenceLineValueLabelRelativePosition", + "description": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`" + } + } + }, + "aws-native:quicksight:DashboardReferenceLineValueLabelRelativePosition": { + "type": "string" + }, + "aws-native:quicksight:DashboardRelativeDateTimeControlDisplayOptions": { + "type": "object", + "properties": { + "dateTimeFormat": { + "type": "string", + "description": "Customize how dates are formatted in controls." + }, + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:DashboardRelativeDateType": { + "type": "string" + }, + "aws-native:quicksight:DashboardRelativeDatesFilter": { + "type": "object", + "properties": { + "anchorDateConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardAnchorDateConfiguration", + "description": "The date configuration of the filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "excludePeriodConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardExcludePeriodConfiguration", + "description": "The configuration for the exclude period of the filter." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "minimumGranularity": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeGranularity", + "description": "The minimum granularity (period granularity) of the relative dates filter." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value." + }, + "relativeDateType": { + "$ref": "#/types/aws-native:quicksight:DashboardRelativeDateType", + "description": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`" + }, + "relativeDateValue": { + "type": "number", + "description": "The date value of the filter." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:DashboardRelativeFontSize": { + "type": "string" + }, + "aws-native:quicksight:DashboardResizeOption": { + "type": "string" + }, + "aws-native:quicksight:DashboardResourcePermission": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe IAM action to grant or revoke permissions on.\u003c/p\u003e" + }, + "principal": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the principal. This can be one of the\n following:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight\n ARN. Use this option only to share resources (templates) across Amazon Web Services accounts.\n (This is less common.) \u003c/p\u003e\n \u003c/li\u003e\n \u003c/ul\u003e" + } + } + }, + "aws-native:quicksight:DashboardResourceStatus": { + "type": "string" + }, + "aws-native:quicksight:DashboardRollingDateConfiguration": { + "type": "object", + "properties": { + "dataSetIdentifier": { + "type": "string", + "description": "The data set that is used in the rolling date configuration." + }, + "expression": { + "type": "string", + "description": "The expression of the rolling date configuration." + } + } + }, + "aws-native:quicksight:DashboardRowAlternateColorOptions": { + "type": "object", + "properties": { + "rowAlternateColors": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Determines the list of row alternate colors." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:DashboardWidgetStatus", + "description": "Determines the widget status." + }, + "usePrimaryBackgroundColor": { + "$ref": "#/types/aws-native:quicksight:DashboardWidgetStatus", + "description": "The primary background color options for alternate rows." + } + } + }, + "aws-native:quicksight:DashboardSameSheetTargetVisualConfiguration": { + "type": "object", + "properties": { + "targetVisualOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTargetVisualOptions", + "description": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet." + }, + "targetVisuals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the target visual IDs that are located in the same sheet of the analysis." + } + } + }, + "aws-native:quicksight:DashboardSankeyDiagramAggregatedFieldWells": { + "type": "object", + "properties": { + "destination": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The destination field wells of a sankey diagram." + }, + "source": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The source field wells of a sankey diagram." + }, + "weight": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The weight field wells of a sankey diagram." + } + } + }, + "aws-native:quicksight:DashboardSankeyDiagramChartConfiguration": { + "type": "object", + "properties": { + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The data label configuration of a sankey diagram." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardSankeyDiagramFieldWells", + "description": "The field well configuration of a sankey diagram." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardSankeyDiagramSortConfiguration", + "description": "The sort configuration of a sankey diagram." + } + } + }, + "aws-native:quicksight:DashboardSankeyDiagramFieldWells": { + "type": "object", + "properties": { + "sankeyDiagramAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardSankeyDiagramAggregatedFieldWells", + "description": "The field well configuration of a sankey diagram." + } + } + }, + "aws-native:quicksight:DashboardSankeyDiagramSortConfiguration": { + "type": "object", + "properties": { + "destinationItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of destination nodes that are displayed in a sankey diagram." + }, + "sourceItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of source nodes that are displayed in a sankey diagram." + }, + "weightSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the weight fields." + } + } + }, + "aws-native:quicksight:DashboardSankeyDiagramVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardSankeyDiagramChartConfiguration", + "description": "The configuration of a sankey diagram." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardScatterPlotCategoricallyAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The category field well of a scatter plot." + }, + "label": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The label field well of a scatter plot." + }, + "size": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The size field well of a scatter plot." + }, + "xAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category." + }, + "yAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category." + } + } + }, + "aws-native:quicksight:DashboardScatterPlotConfiguration": { + "type": "object", + "properties": { + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardScatterPlotFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions", + "description": "The legend display setup of the visual." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The legend display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette", + "description": "The palette (chart color) display setup of the visual." + }, + "xAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis." + }, + "xAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis." + }, + "yAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis." + }, + "yAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis." + } + } + }, + "aws-native:quicksight:DashboardScatterPlotFieldWells": { + "type": "object", + "properties": { + "scatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardScatterPlotCategoricallyAggregatedFieldWells", + "description": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both." + }, + "scatterPlotUnaggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardScatterPlotUnaggregatedFieldWells", + "description": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated." + } + } + }, + "aws-native:quicksight:DashboardScatterPlotUnaggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The category field well of a scatter plot." + }, + "label": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The label field well of a scatter plot." + }, + "size": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The size field well of a scatter plot." + }, + "xAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated." + }, + "yAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated." + } + } + }, + "aws-native:quicksight:DashboardScatterPlotVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardScatterPlotConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardScrollBarOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the data zoom scroll bar." + }, + "visibleRange": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibleRangeOptions", + "description": "The visibility range for the data zoom scroll bar." + } + } + }, + "aws-native:quicksight:DashboardSecondaryValueOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines the visibility of the secondary value." + } + } + }, + "aws-native:quicksight:DashboardSectionAfterPageBreak": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:quicksight:DashboardSectionPageBreakStatus", + "description": "The option that enables or disables a page break at the end of a section." + } + } + }, + "aws-native:quicksight:DashboardSectionBasedLayoutCanvasSizeOptions": { + "type": "object", + "properties": { + "paperCanvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSectionBasedLayoutPaperCanvasSizeOptions", + "description": "The options for a paper canvas of a section-based layout." + } + } + }, + "aws-native:quicksight:DashboardSectionBasedLayoutConfiguration": { + "type": "object", + "properties": { + "bodySections": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardBodySectionConfiguration" + }, + "description": "A list of body section configurations." + }, + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSectionBasedLayoutCanvasSizeOptions", + "description": "The options for the canvas of a section-based layout." + }, + "footerSections": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardHeaderFooterSectionConfiguration" + }, + "description": "A list of footer section configurations." + }, + "headerSections": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardHeaderFooterSectionConfiguration" + }, + "description": "A list of header section configurations." + } + } + }, + "aws-native:quicksight:DashboardSectionBasedLayoutPaperCanvasSizeOptions": { + "type": "object", + "properties": { + "paperMargin": { + "$ref": "#/types/aws-native:quicksight:DashboardSpacing", + "description": "Defines the spacing between the canvas content and the top, bottom, left, and right edges." + }, + "paperOrientation": { + "$ref": "#/types/aws-native:quicksight:DashboardPaperOrientation", + "description": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE" + }, + "paperSize": { + "$ref": "#/types/aws-native:quicksight:DashboardPaperSize", + "description": "The paper size that is used to define canvas dimensions." + } + } + }, + "aws-native:quicksight:DashboardSectionLayoutConfiguration": { + "type": "object", + "properties": { + "freeFormLayout": { + "$ref": "#/types/aws-native:quicksight:DashboardFreeFormSectionLayoutConfiguration", + "description": "The free-form layout configuration of a section." + } + } + }, + "aws-native:quicksight:DashboardSectionPageBreakConfiguration": { + "type": "object", + "properties": { + "after": { + "$ref": "#/types/aws-native:quicksight:DashboardSectionAfterPageBreak", + "description": "The configuration of a page break after a section." + } + } + }, + "aws-native:quicksight:DashboardSectionPageBreakStatus": { + "type": "string" + }, + "aws-native:quicksight:DashboardSectionStyle": { + "type": "object", + "properties": { + "height": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "padding": { + "$ref": "#/types/aws-native:quicksight:DashboardSpacing", + "description": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default." + } + } + }, + "aws-native:quicksight:DashboardSelectAllValueOptions": { + "type": "string" + }, + "aws-native:quicksight:DashboardSelectedFieldOptions": { + "type": "string" + }, + "aws-native:quicksight:DashboardSelectedSheetsFilterScopeConfiguration": { + "type": "object", + "properties": { + "sheetVisualScopingConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetVisualScopingConfiguration" + }, + "description": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to." + } + } + }, + "aws-native:quicksight:DashboardSelectedTooltipType": { + "type": "string" + }, + "aws-native:quicksight:DashboardSeriesItem": { + "type": "object", + "properties": { + "dataFieldSeriesItem": { + "$ref": "#/types/aws-native:quicksight:DashboardDataFieldSeriesItem", + "description": "The data field series item configuration of a line chart." + }, + "fieldSeriesItem": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSeriesItem", + "description": "The field series item configuration of a line chart." + } + } + }, + "aws-native:quicksight:DashboardSetParameterValueConfiguration": { + "type": "object", + "properties": { + "destinationParameterName": { + "type": "string", + "description": "The destination parameter name of the `SetParameterValueConfiguration` ." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:DashboardDestinationParameterValueConfiguration" + } + } + }, + "aws-native:quicksight:DashboardShapeConditionalFormat": { + "type": "object", + "properties": { + "backgroundColor": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingColor", + "description": "The conditional formatting for the shape background color of a filled map visual." + } + } + }, + "aws-native:quicksight:DashboardSheet": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight\n console.\u003c/p\u003e" + }, + "sheetId": { + "type": "string", + "description": "\u003cp\u003eThe unique identifier associated with a sheet.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DashboardSheetContentType": { + "type": "string" + }, + "aws-native:quicksight:DashboardSheetControlDateTimePickerType": { + "type": "string" + }, + "aws-native:quicksight:DashboardSheetControlInfoIconLabelOptions": { + "type": "object", + "properties": { + "infoIconText": { + "type": "string", + "description": "The text content of info icon." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility configuration of info icon label options." + } + } + }, + "aws-native:quicksight:DashboardSheetControlLayout": { + "type": "object", + "properties": { + "configuration": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlLayoutConfiguration", + "description": "The configuration that determines the elements and canvas size options of sheet control." + } + } + }, + "aws-native:quicksight:DashboardSheetControlLayoutConfiguration": { + "type": "object", + "properties": { + "gridLayout": { + "$ref": "#/types/aws-native:quicksight:DashboardGridLayoutConfiguration", + "description": "The configuration that determines the elements and canvas size options of sheet control." + } + } + }, + "aws-native:quicksight:DashboardSheetControlListType": { + "type": "string" + }, + "aws-native:quicksight:DashboardSheetControlSliderType": { + "type": "string" + }, + "aws-native:quicksight:DashboardSheetControlsOption": { + "type": "object", + "properties": { + "visibilityState": { + "$ref": "#/types/aws-native:quicksight:DashboardUiState", + "description": "Visibility state." + } + } + }, + "aws-native:quicksight:DashboardSheetDefinition": { + "type": "object", + "properties": { + "contentType": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetContentType", + "description": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard." + }, + "description": { + "type": "string", + "description": "A description of the sheet." + }, + "filterControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterControl" + }, + "description": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* ." + }, + "layouts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardLayout" + }, + "description": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* ." + }, + "name": { + "type": "string", + "description": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console." + }, + "parameterControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterControl" + }, + "description": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* ." + }, + "sheetControlLayouts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlLayout" + }, + "description": "The control layouts of the sheet." + }, + "sheetId": { + "type": "string", + "description": "The unique identifier of a sheet." + }, + "textBoxes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetTextBox" + }, + "description": "The text boxes that are on a sheet." + }, + "title": { + "type": "string", + "description": "The title of the sheet." + }, + "visuals": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisual" + }, + "description": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet." + } + } + }, + "aws-native:quicksight:DashboardSheetElementConfigurationOverrides": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`" + } + } + }, + "aws-native:quicksight:DashboardSheetElementRenderingRule": { + "type": "object", + "properties": { + "configurationOverrides": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetElementConfigurationOverrides", + "description": "The override configuration of the rendering rules of a sheet." + }, + "expression": { + "type": "string", + "description": "The expression of the rendering rules of a sheet." + } + } + }, + "aws-native:quicksight:DashboardSheetLayoutElementMaximizationOption": { + "type": "object", + "properties": { + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardBehavior", + "description": "The status of the sheet layout maximization options of a dashbaord." + } + } + }, + "aws-native:quicksight:DashboardSheetTextBox": { + "type": "object", + "properties": { + "content": { + "type": "string", + "description": "The content that is displayed in the text box." + }, + "sheetTextBoxId": { + "type": "string", + "description": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers." + } + } + }, + "aws-native:quicksight:DashboardSheetVisualScopingConfiguration": { + "type": "object", + "properties": { + "scope": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterVisualScope", + "description": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`" + }, + "sheetId": { + "type": "string", + "description": "The selected sheet that the filter is applied to." + }, + "visualIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The selected visuals that the filter is applied to." + } + } + }, + "aws-native:quicksight:DashboardShortFormatText": { + "type": "object", + "properties": { + "plainText": { + "type": "string", + "description": "Plain text format." + }, + "richText": { + "type": "string", + "description": "Rich text. Examples of rich text include bold, underline, and italics." + } + } + }, + "aws-native:quicksight:DashboardSimpleAttributeAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:DashboardSimpleClusterMarker": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color of the simple cluster marker." + } + } + }, + "aws-native:quicksight:DashboardSimpleNumericalAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:DashboardSimpleTotalAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:DashboardSliderControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:DashboardSmallMultiplesAxisPlacement": { + "type": "string" + }, + "aws-native:quicksight:DashboardSmallMultiplesAxisProperties": { + "type": "object", + "properties": { + "placement": { + "$ref": "#/types/aws-native:quicksight:DashboardSmallMultiplesAxisPlacement", + "description": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels." + }, + "scale": { + "$ref": "#/types/aws-native:quicksight:DashboardSmallMultiplesAxisScale", + "description": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` ." + } + } + }, + "aws-native:quicksight:DashboardSmallMultiplesAxisScale": { + "type": "string" + }, + "aws-native:quicksight:DashboardSmallMultiplesOptions": { + "type": "object", + "properties": { + "maxVisibleColumns": { + "type": "number", + "description": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart." + }, + "maxVisibleRows": { + "type": "number", + "description": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart." + }, + "panelConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardPanelConfiguration", + "description": "Configures the display options for each small multiples panel." + }, + "xAxis": { + "$ref": "#/types/aws-native:quicksight:DashboardSmallMultiplesAxisProperties", + "description": "The properties of a small multiples X axis." + }, + "yAxis": { + "$ref": "#/types/aws-native:quicksight:DashboardSmallMultiplesAxisProperties", + "description": "The properties of a small multiples Y axis." + } + } + }, + "aws-native:quicksight:DashboardSortDirection": { + "type": "string" + }, + "aws-native:quicksight:DashboardSourceEntity": { + "type": "object", + "properties": { + "sourceTemplate": { + "$ref": "#/types/aws-native:quicksight:DashboardSourceTemplate", + "description": "Source template." + } + } + }, + "aws-native:quicksight:DashboardSourceTemplate": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the resource.\u003c/p\u003e" + }, + "dataSetReferences": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDataSetReference" + }, + "description": "\u003cp\u003eDataset references.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DashboardSpacing": { + "type": "object", + "properties": { + "bottom": { + "type": "string", + "description": "String based length that is composed of value and unit" + }, + "left": { + "type": "string", + "description": "String based length that is composed of value and unit" + }, + "right": { + "type": "string", + "description": "String based length that is composed of value and unit" + }, + "top": { + "type": "string", + "description": "String based length that is composed of value and unit" + } + } + }, + "aws-native:quicksight:DashboardSpecialValue": { + "type": "string" + }, + "aws-native:quicksight:DashboardStringDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:DashboardDynamicDefaultValue", + "description": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping." + }, + "staticValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The static values of the `DecimalDefaultValues` ." + } + } + }, + "aws-native:quicksight:DashboardStringFormatConfiguration": { + "type": "object", + "properties": { + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numericFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericFormatConfiguration", + "description": "The formatting configuration for numeric strings." + } + } + }, + "aws-native:quicksight:DashboardStringParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eA display name for a string parameter.\u003c/p\u003e" + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe values of a string parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DashboardStringParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:DashboardStringDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "parameterValueType": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterValueType", + "description": "The value type determines whether the parameter is a single-value or multi-value parameter." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:DashboardStringValueWhenUnsetConfiguration", + "description": "The configuration that defines the default value of a `String` parameter when a value has not been set." + } + } + }, + "aws-native:quicksight:DashboardStringValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "string", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:DashboardValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:DashboardStyledCellType": { + "type": "string" + }, + "aws-native:quicksight:DashboardSubtotalOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the subtotal cells." + }, + "fieldLevel": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableSubtotalLevel", + "description": "The field level (all, custom, last) for the subtotal cells." + }, + "fieldLevelOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableFieldSubtotalOptions" + }, + "description": "The optional configuration of subtotal cells." + }, + "metricHeaderCellStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The cell styling options for the subtotals of header cells." + }, + "styleTargets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardTableStyleTarget" + }, + "description": "The style targets options for subtotals." + }, + "totalCellStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The cell styling options for the subtotal cells." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility configuration for the subtotal cells." + }, + "valueCellStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The cell styling options for the subtotals of value cells." + } + } + }, + "aws-native:quicksight:DashboardTableAggregatedFieldWells": { + "type": "object", + "properties": { + "groupBy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The group by field well for a pivot table. Values are grouped by group by fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The values field well for a pivot table. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:DashboardTableBorderOptions": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color of a table border." + }, + "style": { + "$ref": "#/types/aws-native:quicksight:DashboardTableBorderStyle", + "description": "The style (none, solid) of a table border." + }, + "thickness": { + "type": "number", + "description": "The thickness of a table border." + } + } + }, + "aws-native:quicksight:DashboardTableBorderStyle": { + "type": "string" + }, + "aws-native:quicksight:DashboardTableCellConditionalFormatting": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the cell for conditional formatting." + }, + "textFormat": { + "$ref": "#/types/aws-native:quicksight:DashboardTextConditionalFormat", + "description": "The text format of the cell for conditional formatting." + } + } + }, + "aws-native:quicksight:DashboardTableCellImageScalingConfiguration": { + "type": "string" + }, + "aws-native:quicksight:DashboardTableCellImageSizingConfiguration": { + "type": "object", + "properties": { + "tableCellImageScalingConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellImageScalingConfiguration", + "description": "The cell scaling configuration of the sizing options for the table image configuration." + } + } + }, + "aws-native:quicksight:DashboardTableCellStyle": { + "type": "object", + "properties": { + "backgroundColor": { + "type": "string", + "description": "The background color for the table cells." + }, + "border": { + "$ref": "#/types/aws-native:quicksight:DashboardGlobalTableBorderOptions", + "description": "The borders for the table cells." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontConfiguration", + "description": "The font configuration of the table cells." + }, + "height": { + "type": "number", + "description": "The height color for the table cells." + }, + "horizontalTextAlignment": { + "$ref": "#/types/aws-native:quicksight:DashboardHorizontalTextAlignment", + "description": "The horizontal text alignment (left, center, right, auto) for the table cells." + }, + "textWrap": { + "$ref": "#/types/aws-native:quicksight:DashboardTextWrap", + "description": "The text wrap (none, wrap) for the table cells." + }, + "verticalTextAlignment": { + "$ref": "#/types/aws-native:quicksight:DashboardVerticalTextAlignment", + "description": "The vertical text alignment (top, middle, bottom) for the table cells." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the table cells." + } + } + }, + "aws-native:quicksight:DashboardTableConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardTableConditionalFormattingOption" + }, + "description": "Conditional formatting options for a `PivotTableVisual` ." + } + } + }, + "aws-native:quicksight:DashboardTableConditionalFormattingOption": { + "type": "object", + "properties": { + "cell": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellConditionalFormatting", + "description": "The cell conditional formatting option for a table." + }, + "row": { + "$ref": "#/types/aws-native:quicksight:DashboardTableRowConditionalFormatting", + "description": "The row conditional formatting option for a table." + } + } + }, + "aws-native:quicksight:DashboardTableConfiguration": { + "type": "object", + "properties": { + "fieldOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTableFieldOptions", + "description": "The field options for a table visual." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardTableFieldWells", + "description": "The field wells of the visual." + }, + "paginatedReportOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTablePaginatedReportOptions", + "description": "The paginated report options for a table visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardTableSortConfiguration", + "description": "The sort configuration for a `TableVisual` ." + }, + "tableInlineVisualizations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardTableInlineVisualization" + }, + "description": "A collection of inline visualizations to display within a chart." + }, + "tableOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTableOptions", + "description": "The table options for a table visual." + }, + "totalOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTotalOptions", + "description": "The total options for a table visual." + } + } + }, + "aws-native:quicksight:DashboardTableFieldCustomIconContent": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:DashboardTableFieldIconSetType", + "description": "The icon set type (link) of the custom icon content for table URL link content." + } + } + }, + "aws-native:quicksight:DashboardTableFieldCustomTextContent": { + "type": "object", + "properties": { + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFontConfiguration", + "description": "The font configuration of the custom text content for the table URL link content." + }, + "value": { + "type": "string", + "description": "The string value of the custom text content for the table URL link content." + } + } + }, + "aws-native:quicksight:DashboardTableFieldIconSetType": { + "type": "string" + }, + "aws-native:quicksight:DashboardTableFieldImageConfiguration": { + "type": "object", + "properties": { + "sizingOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellImageSizingConfiguration", + "description": "The sizing options for the table image configuration." + } + } + }, + "aws-native:quicksight:DashboardTableFieldLinkConfiguration": { + "type": "object", + "properties": { + "content": { + "$ref": "#/types/aws-native:quicksight:DashboardTableFieldLinkContentConfiguration", + "description": "The URL content (text, icon) for the table link configuration." + }, + "target": { + "$ref": "#/types/aws-native:quicksight:DashboardUrlTargetConfiguration", + "description": "The URL target (new tab, new window, same tab) for the table link configuration." + } + } + }, + "aws-native:quicksight:DashboardTableFieldLinkContentConfiguration": { + "type": "object", + "properties": { + "customIconContent": { + "$ref": "#/types/aws-native:quicksight:DashboardTableFieldCustomIconContent", + "description": "The custom icon content for the table link content configuration." + }, + "customTextContent": { + "$ref": "#/types/aws-native:quicksight:DashboardTableFieldCustomTextContent", + "description": "The custom text content (value, font configuration) for the table link content configuration." + } + } + }, + "aws-native:quicksight:DashboardTableFieldOption": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label for a table field." + }, + "fieldId": { + "type": "string", + "description": "The field ID for a table field." + }, + "urlStyling": { + "$ref": "#/types/aws-native:quicksight:DashboardTableFieldUrlConfiguration", + "description": "The URL configuration for a table field." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of a table field." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + }, + "irreversibleNames": { + "urlStyling": "URLStyling" + } + }, + "aws-native:quicksight:DashboardTableFieldOptions": { + "type": "object", + "properties": { + "order": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The order of the field IDs that are configured as field options for a table visual." + }, + "pinnedFieldOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTablePinnedFieldOptions", + "description": "The settings for the pinned columns of a table visual." + }, + "selectedFieldOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardTableFieldOption" + }, + "description": "The field options to be configured to a table." + } + } + }, + "aws-native:quicksight:DashboardTableFieldUrlConfiguration": { + "type": "object", + "properties": { + "imageConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardTableFieldImageConfiguration", + "description": "The image configuration of a table field URL." + }, + "linkConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardTableFieldLinkConfiguration", + "description": "The link configuration of a table field URL." + } + } + }, + "aws-native:quicksight:DashboardTableFieldWells": { + "type": "object", + "properties": { + "tableAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardTableAggregatedFieldWells", + "description": "The aggregated field well for the table." + }, + "tableUnaggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardTableUnaggregatedFieldWells", + "description": "The unaggregated field well for the table." + } + } + }, + "aws-native:quicksight:DashboardTableInlineVisualization": { + "type": "object", + "properties": { + "dataBars": { + "$ref": "#/types/aws-native:quicksight:DashboardDataBarsOptions", + "description": "The configuration of the inline visualization of the data bars within a chart." + } + } + }, + "aws-native:quicksight:DashboardTableOptions": { + "type": "object", + "properties": { + "cellStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The table cell style of table cells." + }, + "headerStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "The table cell style of a table header." + }, + "orientation": { + "$ref": "#/types/aws-native:quicksight:DashboardTableOrientation", + "description": "The orientation (vertical, horizontal) for a table." + }, + "rowAlternateColorOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardRowAlternateColorOptions", + "description": "The row alternate color options (widget status, row alternate colors) for a table." + } + } + }, + "aws-native:quicksight:DashboardTableOrientation": { + "type": "string" + }, + "aws-native:quicksight:DashboardTablePaginatedReportOptions": { + "type": "object", + "properties": { + "overflowColumnHeaderVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of repeating header rows on each page." + }, + "verticalOverflowVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of printing table overflow across pages." + } + } + }, + "aws-native:quicksight:DashboardTablePinnedFieldOptions": { + "type": "object", + "properties": { + "pinnedLeftFields": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of columns to be pinned to the left of a table visual." + } + } + }, + "aws-native:quicksight:DashboardTableRowConditionalFormatting": { + "type": "object", + "properties": { + "backgroundColor": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingColor", + "description": "The conditional formatting color (solid, gradient) of the background for a table row." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingColor", + "description": "The conditional formatting color (solid, gradient) of the text for a table row." + } + } + }, + "aws-native:quicksight:DashboardTableSideBorderOptions": { + "type": "object", + "properties": { + "bottom": { + "$ref": "#/types/aws-native:quicksight:DashboardTableBorderOptions", + "description": "The table border options of the bottom border." + }, + "innerHorizontal": { + "$ref": "#/types/aws-native:quicksight:DashboardTableBorderOptions", + "description": "The table border options of the inner horizontal border." + }, + "innerVertical": { + "$ref": "#/types/aws-native:quicksight:DashboardTableBorderOptions", + "description": "The table border options of the inner vertical border." + }, + "left": { + "$ref": "#/types/aws-native:quicksight:DashboardTableBorderOptions", + "description": "The table border options of the left border." + }, + "right": { + "$ref": "#/types/aws-native:quicksight:DashboardTableBorderOptions", + "description": "The table border options of the right border." + }, + "top": { + "$ref": "#/types/aws-native:quicksight:DashboardTableBorderOptions", + "description": "The table border options of the top border." + } + } + }, + "aws-native:quicksight:DashboardTableSortConfiguration": { + "type": "object", + "properties": { + "paginationConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardPaginationConfiguration", + "description": "The pagination configuration (page size, page number) for the table." + }, + "rowSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The field sort options for rows in the table." + } + } + }, + "aws-native:quicksight:DashboardTableStyleTarget": { + "type": "object", + "properties": { + "cellType": { + "$ref": "#/types/aws-native:quicksight:DashboardStyledCellType", + "description": "The cell type of the table style target." + } + } + }, + "aws-native:quicksight:DashboardTableTotalsPlacement": { + "type": "string" + }, + "aws-native:quicksight:DashboardTableTotalsScrollStatus": { + "type": "string" + }, + "aws-native:quicksight:DashboardTableUnaggregatedFieldWells": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardUnaggregatedField" + }, + "description": "The values field well for a pivot table. Values are unaggregated for an unaggregated table." + } + } + }, + "aws-native:quicksight:DashboardTableVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardTableConfiguration", + "description": "The configuration settings of the visual." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:DashboardTableConditionalFormatting", + "description": "The conditional formatting for a `PivotTableVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:DashboardTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eTag key.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eTag value.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DashboardTargetVisualOptions": { + "type": "string" + }, + "aws-native:quicksight:DashboardTextAreaControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "placeholderOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTextControlPlaceholderOptions", + "description": "The configuration of the placeholder options in a text area control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:DashboardTextConditionalFormat": { + "type": "object", + "properties": { + "backgroundColor": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingColor", + "description": "The conditional formatting for the text background color." + }, + "icon": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingIcon", + "description": "The conditional formatting for the icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:DashboardConditionalFormattingColor", + "description": "The conditional formatting for the text color." + } + } + }, + "aws-native:quicksight:DashboardTextControlPlaceholderOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility configuration of the placeholder options in a text control." + } + } + }, + "aws-native:quicksight:DashboardTextFieldControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "placeholderOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardTextControlPlaceholderOptions", + "description": "The configuration of the placeholder options in a text field control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:DashboardTextWrap": { + "type": "string" + }, + "aws-native:quicksight:DashboardThousandSeparatorOptions": { + "type": "object", + "properties": { + "symbol": { + "$ref": "#/types/aws-native:quicksight:DashboardNumericSeparatorSymbol", + "description": "Determines the thousands separator symbol." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines the visibility of the thousands separator." + } + } + }, + "aws-native:quicksight:DashboardTimeBasedForecastProperties": { + "type": "object", + "properties": { + "lowerBoundary": { + "type": "number", + "description": "The lower boundary setup of a forecast computation." + }, + "periodsBackward": { + "type": "number", + "description": "The periods backward setup of a forecast computation." + }, + "periodsForward": { + "type": "number", + "description": "The periods forward setup of a forecast computation." + }, + "predictionInterval": { + "type": "number", + "description": "The prediction interval setup of a forecast computation." + }, + "seasonality": { + "type": "number", + "description": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value." + }, + "upperBoundary": { + "type": "number", + "description": "The upper boundary setup of a forecast computation." + } + } + }, + "aws-native:quicksight:DashboardTimeEqualityFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` ." + }, + "rollingDate": { + "$ref": "#/types/aws-native:quicksight:DashboardRollingDateConfiguration", + "description": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` ." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + }, + "value": { + "type": "string", + "description": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` ." + } + } + }, + "aws-native:quicksight:DashboardTimeGranularity": { + "type": "string" + }, + "aws-native:quicksight:DashboardTimeRangeDrillDownFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "rangeMaximum": { + "type": "string", + "description": "The maximum value for the filter value range." + }, + "rangeMinimum": { + "type": "string", + "description": "The minimum value for the filter value range." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:DashboardTimeRangeFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "excludePeriodConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardExcludePeriodConfiguration", + "description": "The exclude period of the time range filter." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "includeMaximum": { + "type": "boolean", + "description": "Determines whether the maximum value in the filter value range should be included in the filtered results." + }, + "includeMinimum": { + "type": "boolean", + "description": "Determines whether the minimum value in the filter value range should be included in the filtered results." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "rangeMaximumValue": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeRangeFilterValue", + "description": "The maximum value for the filter value range." + }, + "rangeMinimumValue": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeRangeFilterValue", + "description": "The minimum value for the filter value range." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:DashboardTimeRangeFilterValue": { + "type": "object", + "properties": { + "parameter": { + "type": "string", + "description": "The parameter type input value." + }, + "rollingDate": { + "$ref": "#/types/aws-native:quicksight:DashboardRollingDateConfiguration", + "description": "The rolling date input value." + }, + "staticValue": { + "type": "string", + "description": "The static input value." + } + } + }, + "aws-native:quicksight:DashboardTooltipItem": { + "type": "object", + "properties": { + "columnTooltipItem": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnTooltipItem", + "description": "The tooltip item for the columns that are not part of a field well." + }, + "fieldTooltipItem": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldTooltipItem", + "description": "The tooltip item for the fields." + } + } + }, + "aws-native:quicksight:DashboardTooltipOptions": { + "type": "object", + "properties": { + "fieldBasedTooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldBasedTooltip", + "description": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type." + }, + "selectedTooltipType": { + "$ref": "#/types/aws-native:quicksight:DashboardSelectedTooltipType", + "description": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip." + }, + "tooltipVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "Determines whether or not the tooltip is visible." + } + } + }, + "aws-native:quicksight:DashboardTooltipTitleType": { + "type": "string" + }, + "aws-native:quicksight:DashboardTopBottomComputationType": { + "type": "string" + }, + "aws-native:quicksight:DashboardTopBottomFilter": { + "type": "object", + "properties": { + "aggregationSortConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardAggregationSortConfiguration" + }, + "description": "The aggregation and sort configuration of the top bottom filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "limit": { + "type": "number", + "description": "The number of items to include in the top bottom filter results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:DashboardTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:DashboardTopBottomMoversComputation": { + "type": "object", + "properties": { + "category": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField", + "description": "The category field that is used in a computation." + }, + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "moverSize": { + "type": "number", + "description": "The mover size setup of the top and bottom movers computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "sortOrder": { + "$ref": "#/types/aws-native:quicksight:DashboardTopBottomSortOrder", + "description": "The sort order setup of the top and bottom movers computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField", + "description": "The time field that is used in a computation." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardTopBottomComputationType", + "description": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:DashboardTopBottomRankedComputation": { + "type": "object", + "properties": { + "category": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField", + "description": "The category field that is used in a computation." + }, + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "resultSize": { + "type": "number", + "description": "The result size of a top and bottom ranked computation." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DashboardTopBottomComputationType", + "description": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:DashboardTopBottomSortOrder": { + "type": "string" + }, + "aws-native:quicksight:DashboardTotalAggregationComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:DashboardTotalAggregationFunction": { + "type": "object", + "properties": { + "simpleTotalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardSimpleTotalAggregationFunction", + "description": "A built in aggregation function for total values." + } + } + }, + "aws-native:quicksight:DashboardTotalAggregationOption": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field id that's associated with the total aggregation option." + }, + "totalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:DashboardTotalAggregationFunction", + "description": "The total aggregation function that you want to set for a specified field id." + } + } + }, + "aws-native:quicksight:DashboardTotalOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the total cells." + }, + "placement": { + "$ref": "#/types/aws-native:quicksight:DashboardTableTotalsPlacement", + "description": "The placement (start, end) for the total cells." + }, + "scrollStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardTableTotalsScrollStatus", + "description": "The scroll status (pinned, scrolled) for the total cells." + }, + "totalAggregationOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardTotalAggregationOption" + }, + "description": "The total aggregation settings for each value field." + }, + "totalCellStyle": { + "$ref": "#/types/aws-native:quicksight:DashboardTableCellStyle", + "description": "Cell styling options for the total cells." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility configuration for the total cells." + } + } + }, + "aws-native:quicksight:DashboardTreeMapAggregatedFieldWells": { + "type": "object", + "properties": { + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The color field well of a tree map. Values are grouped by aggregations based on group by fields." + }, + "groups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The group by field well of a tree map. Values are grouped based on group by fields." + }, + "sizes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The size field well of a tree map. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:DashboardTreeMapConfiguration": { + "type": "object", + "properties": { + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility) for the colors displayed in a tree map." + }, + "colorScale": { + "$ref": "#/types/aws-native:quicksight:DashboardColorScale", + "description": "The color options (gradient color, point of divergence) of a tree map." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardTreeMapFieldWells", + "description": "The field wells of the visual." + }, + "groupLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility) of the groups that are displayed in a tree map." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions", + "description": "The legend display setup of the visual." + }, + "sizeLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility) of the sizes that are displayed in a tree map." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardTreeMapSortConfiguration", + "description": "The sort configuration of a tree map." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:DashboardTooltipOptions", + "description": "The tooltip display setup of the visual." + } + } + }, + "aws-native:quicksight:DashboardTreeMapFieldWells": { + "type": "object", + "properties": { + "treeMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardTreeMapAggregatedFieldWells", + "description": "The aggregated field wells of a tree map." + } + } + }, + "aws-native:quicksight:DashboardTreeMapSortConfiguration": { + "type": "object", + "properties": { + "treeMapGroupItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of groups that are displayed." + }, + "treeMapSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of group by fields." + } + } + }, + "aws-native:quicksight:DashboardTreeMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardTreeMapConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:DashboardTrendArrowOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the trend arrows." + } + } + }, + "aws-native:quicksight:DashboardUiState": { + "type": "string" + }, + "aws-native:quicksight:DashboardUnaggregatedField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnIdentifier", + "description": "The column that is used in the `UnaggregatedField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:DashboardUniqueValuesComputation": { + "type": "object", + "properties": { + "category": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField", + "description": "The category field that is used in a computation." + }, + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + } + } + }, + "aws-native:quicksight:DashboardUrlTargetConfiguration": { + "type": "string" + }, + "aws-native:quicksight:DashboardValidationStrategy": { + "type": "object", + "properties": { + "mode": { + "$ref": "#/types/aws-native:quicksight:DashboardValidationStrategyMode", + "description": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors." + } + } + }, + "aws-native:quicksight:DashboardValidationStrategyMode": { + "type": "string" + }, + "aws-native:quicksight:DashboardValueWhenUnsetOption": { + "type": "string" + }, + "aws-native:quicksight:DashboardVersion": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the resource.\u003c/p\u003e" + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe time that this dashboard version was created.\u003c/p\u003e" + }, + "dataSetArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe Amazon Resource Numbers (ARNs) for the datasets that are associated with this\n version of the dashboard.\u003c/p\u003e" + }, + "description": { + "type": "string", + "description": "\u003cp\u003eDescription.\u003c/p\u003e" + }, + "errors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardError" + }, + "description": "\u003cp\u003eErrors associated with this dashboard version.\u003c/p\u003e" + }, + "sheets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardSheet" + }, + "description": "\u003cp\u003eA list of the associated sheets with the unique identifier and name of each sheet.\u003c/p\u003e" + }, + "sourceEntityArn": { + "type": "string", + "description": "\u003cp\u003eSource entity ARN.\u003c/p\u003e" + }, + "status": { + "$ref": "#/types/aws-native:quicksight:DashboardResourceStatus", + "description": "The HTTP status of the request." + }, + "themeArn": { + "type": "string", + "description": "\u003cp\u003eThe ARN of the theme associated with a version of the dashboard.\u003c/p\u003e" + }, + "versionNumber": { + "type": "number", + "description": "\u003cp\u003eVersion number for this version of the dashboard.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DashboardVersionDefinition": { + "type": "object", + "properties": { + "analysisDefaults": { + "$ref": "#/types/aws-native:quicksight:DashboardAnalysisDefaults" + }, + "calculatedFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardCalculatedField" + }, + "description": "An array of calculated field definitions for the dashboard." + }, + "columnConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnConfiguration" + }, + "description": "An array of dashboard-level column configurations. Column configurations are used to set the default formatting for a column that is used throughout a dashboard." + }, + "dataSetIdentifierDeclarations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDataSetIdentifierDeclaration" + }, + "description": "An array of dataset identifier declarations. With this mapping,you can use dataset identifiers instead of dataset Amazon Resource Names (ARNs) throughout the dashboard's sub-structures." + }, + "filterGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFilterGroup" + }, + "description": "The filter definitions for a dashboard.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* ." + }, + "options": { + "$ref": "#/types/aws-native:quicksight:DashboardAssetOptions", + "description": "An array of option definitions for a dashboard." + }, + "parameterDeclarations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardParameterDeclaration" + }, + "description": "The parameter declarations for a dashboard. Parameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* ." + }, + "sheets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardSheetDefinition" + }, + "description": "An array of sheet definitions for a dashboard." + } + } + }, + "aws-native:quicksight:DashboardVerticalTextAlignment": { + "type": "string" + }, + "aws-native:quicksight:DashboardVisibility": { + "type": "string" + }, + "aws-native:quicksight:DashboardVisibleRangeOptions": { + "type": "object", + "properties": { + "percentRange": { + "$ref": "#/types/aws-native:quicksight:DashboardPercentVisibleRange", + "description": "The percent range in the visible range." + } + } + }, + "aws-native:quicksight:DashboardVisual": { + "type": "object", + "properties": { + "barChartVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardBarChartVisual", + "description": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "boxPlotVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardBoxPlotVisual", + "description": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* ." + }, + "comboChartVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardComboChartVisual", + "description": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "customContentVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomContentVisual", + "description": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* ." + }, + "emptyVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardEmptyVisual", + "description": "An empty visual." + }, + "filledMapVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardFilledMapVisual", + "description": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* ." + }, + "funnelChartVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardFunnelChartVisual", + "description": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* ." + }, + "gaugeChartVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardGaugeChartVisual", + "description": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "geospatialMapVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardGeospatialMapVisual", + "description": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* ." + }, + "heatMapVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardHeatMapVisual", + "description": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* ." + }, + "histogramVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardHistogramVisual", + "description": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "insightVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardInsightVisual", + "description": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* ." + }, + "kpiVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardKpiVisual", + "description": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* ." + }, + "lineChartVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardLineChartVisual", + "description": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "pieChartVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardPieChartVisual", + "description": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "pivotTableVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardPivotTableVisual", + "description": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* ." + }, + "radarChartVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardRadarChartVisual", + "description": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "sankeyDiagramVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardSankeyDiagramVisual", + "description": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* ." + }, + "scatterPlotVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardScatterPlotVisual", + "description": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* ." + }, + "tableVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardTableVisual", + "description": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* ." + }, + "treeMapVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardTreeMapVisual", + "description": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* ." + }, + "waterfallVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardWaterfallVisual", + "description": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "wordCloudVisual": { + "$ref": "#/types/aws-native:quicksight:DashboardWordCloudVisual", + "description": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* ." + } + }, + "irreversibleNames": { + "kpiVisual": "KPIVisual" + } + }, + "aws-native:quicksight:DashboardVisualAxisSortOption": { + "type": "object", + "properties": { + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardBehavior", + "description": "The availaiblity status of a visual's axis sort options." + } + } + }, + "aws-native:quicksight:DashboardVisualCustomAction": { + "type": "object", + "properties": { + "actionOperations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomActionOperation" + }, + "description": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined." + }, + "customActionId": { + "type": "string", + "description": "The ID of the `VisualCustomAction` ." + }, + "name": { + "type": "string", + "description": "The name of the `VisualCustomAction` ." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:DashboardWidgetStatus", + "description": "The status of the `VisualCustomAction` ." + }, + "trigger": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomActionTrigger", + "description": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu." + } + } + }, + "aws-native:quicksight:DashboardVisualCustomActionOperation": { + "type": "object", + "properties": { + "filterOperation": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomActionFilterOperation", + "description": "The filter operation that filters data included in a visual or in an entire sheet." + }, + "navigationOperation": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomActionNavigationOperation", + "description": "The navigation operation that navigates between different sheets in the same analysis." + }, + "setParametersOperation": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomActionSetParametersOperation", + "description": "The set parameter operation that sets parameters in custom action." + }, + "urlOperation": { + "$ref": "#/types/aws-native:quicksight:DashboardCustomActionUrlOperation", + "description": "The URL operation that opens a link to another webpage." + } + }, + "irreversibleNames": { + "urlOperation": "URLOperation" + } + }, + "aws-native:quicksight:DashboardVisualCustomActionTrigger": { + "type": "string" + }, + "aws-native:quicksight:DashboardVisualMenuOption": { + "type": "object", + "properties": { + "availabilityStatus": { + "$ref": "#/types/aws-native:quicksight:DashboardBehavior", + "description": "The availaiblity status of a visual's menu options." + } + } + }, + "aws-native:quicksight:DashboardVisualPalette": { + "type": "object", + "properties": { + "chartColor": { + "type": "string", + "description": "The chart color options for the visual palette." + }, + "colorMap": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDataPathColor" + }, + "description": "The color map options for the visual palette." + } + } + }, + "aws-native:quicksight:DashboardVisualPublishOptions": { + "type": "object", + "properties": { + "exportHiddenFieldsOption": { + "$ref": "#/types/aws-native:quicksight:DashboardExportHiddenFieldsOption", + "description": "Determines if hidden fields are included in an exported dashboard." + } + } + }, + "aws-native:quicksight:DashboardVisualSubtitleLabelOptions": { + "type": "object", + "properties": { + "formatText": { + "$ref": "#/types/aws-native:quicksight:DashboardLongFormatText", + "description": "The long text format of the subtitle label, such as plain text or rich text." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the subtitle label." + } + } + }, + "aws-native:quicksight:DashboardVisualTitleLabelOptions": { + "type": "object", + "properties": { + "formatText": { + "$ref": "#/types/aws-native:quicksight:DashboardShortFormatText", + "description": "The short text format of the title label, such as plain text or rich text." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:DashboardVisibility", + "description": "The visibility of the title label." + } + } + }, + "aws-native:quicksight:DashboardWaterfallChartAggregatedFieldWells": { + "type": "object", + "properties": { + "breakdowns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The breakdown field wells of a waterfall visual." + }, + "categories": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The category field wells of a waterfall visual." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The value field wells of a waterfall visual." + } + } + }, + "aws-native:quicksight:DashboardWaterfallChartColorConfiguration": { + "type": "object", + "properties": { + "groupColorConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardWaterfallChartGroupColorConfiguration", + "description": "The color configuration for individual groups within a waterfall visual." + } + } + }, + "aws-native:quicksight:DashboardWaterfallChartConfiguration": { + "type": "object", + "properties": { + "categoryAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The options that determine the presentation of the category axis." + }, + "categoryAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The options that determine the presentation of the category axis label." + }, + "colorConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardWaterfallChartColorConfiguration", + "description": "The color configuration of a waterfall visual." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:DashboardDataLabelOptions", + "description": "The data label configuration of a waterfall visual." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardWaterfallChartFieldWells", + "description": "The field well configuration of a waterfall visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:DashboardLegendOptions", + "description": "The legend configuration of a waterfall visual." + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardAxisDisplayOptions", + "description": "The options that determine the presentation of the y-axis." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The options that determine the presentation of the y-axis label." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardWaterfallChartSortConfiguration", + "description": "The sort configuration of a waterfall visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualPalette", + "description": "The visual palette configuration of a waterfall visual." + }, + "waterfallChartOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardWaterfallChartOptions", + "description": "The options that determine the presentation of a waterfall visual." + } + } + }, + "aws-native:quicksight:DashboardWaterfallChartFieldWells": { + "type": "object", + "properties": { + "waterfallChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardWaterfallChartAggregatedFieldWells", + "description": "The field well configuration of a waterfall visual." + } + } + }, + "aws-native:quicksight:DashboardWaterfallChartGroupColorConfiguration": { + "type": "object", + "properties": { + "negativeBarColor": { + "type": "string", + "description": "Defines the color for the negative bars of a waterfall chart." + }, + "positiveBarColor": { + "type": "string", + "description": "Defines the color for the positive bars of a waterfall chart." + }, + "totalBarColor": { + "type": "string", + "description": "Defines the color for the total bars of a waterfall chart." + } + } + }, + "aws-native:quicksight:DashboardWaterfallChartOptions": { + "type": "object", + "properties": { + "totalBarLabel": { + "type": "string", + "description": "This option determines the total bar label of a waterfall visual." + } + } + }, + "aws-native:quicksight:DashboardWaterfallChartSortConfiguration": { + "type": "object", + "properties": { + "breakdownItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of bar groups that are displayed." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + } + } + }, + "aws-native:quicksight:DashboardWaterfallVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardWaterfallChartConfiguration", + "description": "The configuration for a waterfall visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:DashboardWhatIfPointScenario": { + "type": "object", + "properties": { + "date": { + "type": "string", + "description": "The date that you need the forecast results for." + }, + "value": { + "type": "number", + "description": "The target value that you want to meet for the provided date." + } + } + }, + "aws-native:quicksight:DashboardWhatIfRangeScenario": { + "type": "object", + "properties": { + "endDate": { + "type": "string", + "description": "The end date in the date range that you need the forecast results for." + }, + "startDate": { + "type": "string", + "description": "The start date in the date range that you need the forecast results for." + }, + "value": { + "type": "number", + "description": "The target value that you want to meet for the provided date range." + } + } + }, + "aws-native:quicksight:DashboardWidgetStatus": { + "type": "string" + }, + "aws-native:quicksight:DashboardWordCloudAggregatedFieldWells": { + "type": "object", + "properties": { + "groupBy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardDimensionField" + }, + "description": "The group by field well of a word cloud. Values are grouped by group by fields." + }, + "size": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardMeasureField" + }, + "description": "The size field well of a word cloud. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:DashboardWordCloudChartConfiguration": { + "type": "object", + "properties": { + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardWordCloudFieldWells", + "description": "The field wells of the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardWordCloudSortConfiguration", + "description": "The sort configuration of a word cloud visual." + }, + "wordCloudOptions": { + "$ref": "#/types/aws-native:quicksight:DashboardWordCloudOptions", + "description": "The options for a word cloud visual." + } + } + }, + "aws-native:quicksight:DashboardWordCloudCloudLayout": { + "type": "string" + }, + "aws-native:quicksight:DashboardWordCloudFieldWells": { + "type": "object", + "properties": { + "wordCloudAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:DashboardWordCloudAggregatedFieldWells", + "description": "The aggregated field wells of a word cloud." + } + } + }, + "aws-native:quicksight:DashboardWordCloudOptions": { + "type": "object", + "properties": { + "cloudLayout": { + "$ref": "#/types/aws-native:quicksight:DashboardWordCloudCloudLayout", + "description": "The cloud layout options (fluid, normal) of a word cloud." + }, + "maximumStringLength": { + "type": "number", + "description": "The length limit of each word from 1-100." + }, + "wordCasing": { + "$ref": "#/types/aws-native:quicksight:DashboardWordCloudWordCasing", + "description": "The word casing options (lower_case, existing_case) for the words in a word cloud." + }, + "wordOrientation": { + "$ref": "#/types/aws-native:quicksight:DashboardWordCloudWordOrientation", + "description": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud." + }, + "wordPadding": { + "$ref": "#/types/aws-native:quicksight:DashboardWordCloudWordPadding", + "description": "The word padding options (none, small, medium, large) for the words in a word cloud." + }, + "wordScaling": { + "$ref": "#/types/aws-native:quicksight:DashboardWordCloudWordScaling", + "description": "The word scaling options (emphasize, normal) for the words in a word cloud." + } + } + }, + "aws-native:quicksight:DashboardWordCloudSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:DashboardItemsLimitConfiguration", + "description": "The limit on the number of groups that are displayed in a word cloud." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardFieldSortOptions" + }, + "description": "The sort configuration of group by fields." + } + } + }, + "aws-native:quicksight:DashboardWordCloudVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:DashboardWordCloudChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DashboardColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:DashboardVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:DashboardWordCloudWordCasing": { + "type": "string" + }, + "aws-native:quicksight:DashboardWordCloudWordOrientation": { + "type": "string" + }, + "aws-native:quicksight:DashboardWordCloudWordPadding": { + "type": "string" + }, + "aws-native:quicksight:DashboardWordCloudWordScaling": { + "type": "string" + }, + "aws-native:quicksight:DataSetCalculatedColumn": { + "type": "object", + "properties": { + "columnId": { + "type": "string", + "description": "\u003cp\u003eA unique ID to identify a calculated column. During a dataset update, if the column ID\n of a calculated column matches that of an existing calculated column, Amazon QuickSight\n preserves the existing calculated column.\u003c/p\u003e" + }, + "columnName": { + "type": "string", + "description": "\u003cp\u003eColumn name.\u003c/p\u003e" + }, + "expression": { + "type": "string", + "description": "\u003cp\u003eAn expression that defines the calculated column.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetCastColumnTypeOperation": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "\u003cp\u003eColumn name.\u003c/p\u003e" + }, + "format": { + "type": "string", + "description": "\u003cp\u003eWhen casting a column from string to datetime type, you can supply a string in a\n format supported by Amazon QuickSight to denote the source data format.\u003c/p\u003e" + }, + "newColumnType": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnDataType", + "description": "New column data type." + }, + "subType": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnDataSubType", + "description": "The sub data type of the new column. Sub types are only available for decimal columns that are part of a SPICE dataset." + } + } + }, + "aws-native:quicksight:DataSetColumnDataSubType": { + "type": "string" + }, + "aws-native:quicksight:DataSetColumnDataType": { + "type": "string" + }, + "aws-native:quicksight:DataSetColumnDescription": { + "type": "object", + "properties": { + "text": { + "type": "string", + "description": "\u003cp\u003eThe text of a description for a column.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetColumnGroup": { + "type": "object", + "properties": { + "geoSpatialColumnGroup": { + "$ref": "#/types/aws-native:quicksight:DataSetGeoSpatialColumnGroup", + "description": "Geospatial column group that denotes a hierarchy." + } + } + }, + "aws-native:quicksight:DataSetColumnLevelPermissionRule": { + "type": "object", + "properties": { + "columnNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eAn array of column names.\u003c/p\u003e" + }, + "principals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eAn array of Amazon Resource Names (ARNs) for Amazon QuickSight users or groups.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetColumnTag": { + "type": "object", + "properties": { + "columnDescription": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnDescription", + "description": "A description for a column." + }, + "columnGeographicRole": { + "$ref": "#/types/aws-native:quicksight:DataSetGeoSpatialDataRole", + "description": "A geospatial role for a column." + } + } + }, + "aws-native:quicksight:DataSetColumnTagName": { + "type": "string" + }, + "aws-native:quicksight:DataSetCreateColumnsOperation": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetCalculatedColumn" + }, + "description": "\u003cp\u003eCalculated columns to create.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetCustomSql": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetInputColumn" + }, + "description": "\u003cp\u003eThe column schema from the SQL query result set.\u003c/p\u003e" + }, + "dataSourceArn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the data source.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eA display name for the SQL query result.\u003c/p\u003e" + }, + "sqlQuery": { + "type": "string", + "description": "\u003cp\u003eThe SQL query.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetDatasetParameter": { + "type": "object", + "properties": { + "dateTimeDatasetParameter": { + "$ref": "#/types/aws-native:quicksight:DataSetDateTimeDatasetParameter", + "description": "A date time parameter that is created in the dataset." + }, + "decimalDatasetParameter": { + "$ref": "#/types/aws-native:quicksight:DataSetDecimalDatasetParameter", + "description": "A decimal parameter that is created in the dataset." + }, + "integerDatasetParameter": { + "$ref": "#/types/aws-native:quicksight:DataSetIntegerDatasetParameter", + "description": "An integer parameter that is created in the dataset." + }, + "stringDatasetParameter": { + "$ref": "#/types/aws-native:quicksight:DataSetStringDatasetParameter", + "description": "A string parameter that is created in the dataset." + } + } + }, + "aws-native:quicksight:DataSetDatasetParameterValueType": { + "type": "string" + }, + "aws-native:quicksight:DataSetDateTimeDatasetParameter": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:DataSetDateTimeDatasetParameterDefaultValues", + "description": "A list of default values for a given date time parameter. This structure only accepts static values." + }, + "id": { + "type": "string", + "description": "\u003cp\u003eAn identifier for the parameter that is created in the dataset.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of the date time parameter that is created in the dataset.\u003c/p\u003e" + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:DataSetTimeGranularity", + "description": "The time granularity of the date time parameter." + }, + "valueType": { + "$ref": "#/types/aws-native:quicksight:DataSetDatasetParameterValueType", + "description": "The value type of the dataset parameter. Valid values are `single value` or `multi value` ." + } + } + }, + "aws-native:quicksight:DataSetDateTimeDatasetParameterDefaultValues": { + "type": "object", + "properties": { + "staticValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eA list of static default values for a given date time parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetDecimalDatasetParameter": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:DataSetDecimalDatasetParameterDefaultValues", + "description": "A list of default values for a given decimal parameter. This structure only accepts static values." + }, + "id": { + "type": "string", + "description": "\u003cp\u003eAn identifier for the decimal parameter created in the dataset.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of the decimal parameter that is created in the dataset.\u003c/p\u003e" + }, + "valueType": { + "$ref": "#/types/aws-native:quicksight:DataSetDatasetParameterValueType", + "description": "The value type of the dataset parameter. Valid values are `single value` or `multi value` ." + } + } + }, + "aws-native:quicksight:DataSetDecimalDatasetParameterDefaultValues": { + "type": "object", + "properties": { + "staticValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "\u003cp\u003eA list of static default values for a given decimal parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetFieldFolder": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eA folder has a list of columns. A column can only be in one folder.\u003c/p\u003e" + }, + "description": { + "type": "string", + "description": "\u003cp\u003eThe description for a field folder.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetFileFormat": { + "type": "string" + }, + "aws-native:quicksight:DataSetFilterOperation": { + "type": "object", + "properties": { + "conditionExpression": { + "type": "string", + "description": "\u003cp\u003eAn expression that must evaluate to a Boolean value. Rows for which the expression\n evaluates to true are kept in the dataset.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetGeoSpatialColumnGroup": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eColumns in this hierarchy.\u003c/p\u003e" + }, + "countryCode": { + "$ref": "#/types/aws-native:quicksight:DataSetGeoSpatialCountryCode", + "description": "Country code." + }, + "name": { + "type": "string", + "description": "\u003cp\u003eA display name for the hierarchy.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetGeoSpatialCountryCode": { + "type": "string" + }, + "aws-native:quicksight:DataSetGeoSpatialDataRole": { + "type": "string" + }, + "aws-native:quicksight:DataSetImportMode": { + "type": "string" + }, + "aws-native:quicksight:DataSetIncrementalRefresh": { + "type": "object", + "properties": { + "lookbackWindow": { + "$ref": "#/types/aws-native:quicksight:DataSetLookbackWindow", + "description": "The lookback window setup for an incremental refresh configuration." + } + } + }, + "aws-native:quicksight:DataSetIngestionWaitPolicy": { + "type": "object", + "properties": { + "ingestionWaitTimeInHours": { + "type": "number", + "description": "\u003cp\u003eThe maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours.\n Applicable only when DataSetImportMode mode is set to SPICE and WaitForSpiceIngestion is set to true.\u003c/p\u003e" + }, + "waitForSpiceIngestion": { + "type": "boolean", + "description": "\u003cp\u003eWait for SPICE ingestion to finish to mark dataset creation/update successful. Default (true).\n Applicable only when DataSetImportMode mode is set to SPICE.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetInputColumn": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of this column in the underlying data source.\u003c/p\u003e" + }, + "subType": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnDataSubType", + "description": "The sub data type of the column. Sub types are only available for decimal columns that are part of a SPICE dataset." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DataSetInputColumnDataType", + "description": "The data type of the column." + } + } + }, + "aws-native:quicksight:DataSetInputColumnDataType": { + "type": "string" + }, + "aws-native:quicksight:DataSetIntegerDatasetParameter": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:DataSetIntegerDatasetParameterDefaultValues", + "description": "A list of default values for a given integer parameter. This structure only accepts static values." + }, + "id": { + "type": "string", + "description": "\u003cp\u003eAn identifier for the integer parameter created in the dataset.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of the integer parameter that is created in the dataset.\u003c/p\u003e" + }, + "valueType": { + "$ref": "#/types/aws-native:quicksight:DataSetDatasetParameterValueType", + "description": "The value type of the dataset parameter. Valid values are `single value` or `multi value` ." + } + } + }, + "aws-native:quicksight:DataSetIntegerDatasetParameterDefaultValues": { + "type": "object", + "properties": { + "staticValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "\u003cp\u003eA list of static default values for a given integer parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetJoinInstruction": { + "type": "object", + "properties": { + "leftJoinKeyProperties": { + "$ref": "#/types/aws-native:quicksight:DataSetJoinKeyProperties", + "description": "Join key properties of the left operand." + }, + "leftOperand": { + "type": "string", + "description": "\u003cp\u003eThe operand on the left side of a join.\u003c/p\u003e" + }, + "onClause": { + "type": "string", + "description": "\u003cp\u003eThe join instructions provided in the \u003ccode\u003eON\u003c/code\u003e clause of a join.\u003c/p\u003e" + }, + "rightJoinKeyProperties": { + "$ref": "#/types/aws-native:quicksight:DataSetJoinKeyProperties", + "description": "Join key properties of the right operand." + }, + "rightOperand": { + "type": "string", + "description": "\u003cp\u003eThe operand on the right side of a join.\u003c/p\u003e" + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DataSetJoinType", + "description": "The type of join that it is." + } + } + }, + "aws-native:quicksight:DataSetJoinKeyProperties": { + "type": "object", + "properties": { + "uniqueKey": { + "type": "boolean", + "description": "\u003cp\u003eA value that indicates that a row in a table is uniquely identified by the columns in\n a join key. This is used by Amazon QuickSight to optimize query performance.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetJoinType": { + "type": "string" + }, + "aws-native:quicksight:DataSetLogicalTable": { + "type": "object", + "properties": { + "alias": { + "type": "string", + "description": "\u003cp\u003eA display name for the logical table.\u003c/p\u003e" + }, + "dataTransforms": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetTransformOperation" + }, + "description": "\u003cp\u003eTransform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null. \u003c/p\u003e" + }, + "source": { + "$ref": "#/types/aws-native:quicksight:DataSetLogicalTableSource", + "description": "Source of this logical table." + } + } + }, + "aws-native:quicksight:DataSetLogicalTableSource": { + "type": "object", + "properties": { + "dataSetArn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Number (ARN) of the parent dataset.\u003c/p\u003e" + }, + "joinInstruction": { + "$ref": "#/types/aws-native:quicksight:DataSetJoinInstruction", + "description": "Specifies the result of a join of two logical tables." + }, + "physicalTableId": { + "type": "string", + "description": "\u003cp\u003ePhysical table ID.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetLookbackWindow": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "\u003cp\u003eThe name of the lookback window column.\u003c/p\u003e" + }, + "size": { + "type": "number", + "description": "\u003cp\u003eThe lookback window column size.\u003c/p\u003e" + }, + "sizeUnit": { + "$ref": "#/types/aws-native:quicksight:DataSetLookbackWindowSizeUnit", + "description": "The size unit that is used for the lookback window column. Valid values for this structure are `HOUR` , `DAY` , and `WEEK` ." + } + } + }, + "aws-native:quicksight:DataSetLookbackWindowSizeUnit": { + "type": "string" + }, + "aws-native:quicksight:DataSetNewDefaultValues": { + "type": "object", + "properties": { + "dateTimeStaticValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eA list of static default values for a given date time parameter.\u003c/p\u003e" + }, + "decimalStaticValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "\u003cp\u003eA list of static default values for a given decimal parameter.\u003c/p\u003e" + }, + "integerStaticValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "\u003cp\u003eA list of static default values for a given integer parameter.\u003c/p\u003e" + }, + "stringStaticValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eA list of static default values for a given string parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetOutputColumn": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "\u003cp\u003eA description for a column.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe display name of the column..\u003c/p\u003e" + }, + "subType": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnDataSubType", + "description": "The sub data type of the column." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnDataType", + "description": "The data type of the column." + } + } + }, + "aws-native:quicksight:DataSetOverrideDatasetParameterOperation": { + "type": "object", + "properties": { + "newDefaultValues": { + "$ref": "#/types/aws-native:quicksight:DataSetNewDefaultValues", + "description": "The new default values for the parameter." + }, + "newParameterName": { + "type": "string", + "description": "\u003cp\u003eThe new name for the parameter.\u003c/p\u003e" + }, + "parameterName": { + "type": "string", + "description": "\u003cp\u003eThe name of the parameter to be overridden with different values.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetPhysicalTable": { + "type": "object", + "properties": { + "customSql": { + "$ref": "#/types/aws-native:quicksight:DataSetCustomSql", + "description": "A physical table type built from the results of the custom SQL query." + }, + "relationalTable": { + "$ref": "#/types/aws-native:quicksight:DataSetRelationalTable", + "description": "A physical table type for relational data sources." + }, + "s3Source": { + "$ref": "#/types/aws-native:quicksight:DataSetS3Source", + "description": "A physical table type for as S3 data source." + } + }, + "irreversibleNames": { + "s3Source": "S3Source" + } + }, + "aws-native:quicksight:DataSetProjectOperation": { + "type": "object", + "properties": { + "projectedColumns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eProjected columns.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetRefreshConfiguration": { + "type": "object", + "properties": { + "incrementalRefresh": { + "$ref": "#/types/aws-native:quicksight:DataSetIncrementalRefresh", + "description": "The incremental refresh for the dataset." + } + } + }, + "aws-native:quicksight:DataSetRefreshProperties": { + "type": "object", + "properties": { + "refreshConfiguration": { + "$ref": "#/types/aws-native:quicksight:DataSetRefreshConfiguration", + "description": "The refresh configuration for a dataset." + } + } + }, + "aws-native:quicksight:DataSetRelationalTable": { + "type": "object", + "properties": { + "catalog": { + "type": "string", + "description": "\u003cp\u003eThe catalog associated with a table.\u003c/p\u003e" + }, + "dataSourceArn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) for the data source.\u003c/p\u003e" + }, + "inputColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetInputColumn" + }, + "description": "\u003cp\u003eThe column schema of the table.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of the relational table.\u003c/p\u003e" + }, + "schema": { + "type": "string", + "description": "\u003cp\u003eThe schema name. This name applies to certain relational database engines.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetRenameColumnOperation": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "\u003cp\u003eThe name of the column to be renamed.\u003c/p\u003e" + }, + "newColumnName": { + "type": "string", + "description": "\u003cp\u003eThe new name for the column.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetResourcePermission": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe IAM action to grant or revoke permissions on.\u003c/p\u003e" + }, + "principal": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the principal. This can be one of the\n following:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight\n ARN. Use this option only to share resources (templates) across Amazon Web Services accounts.\n (This is less common.) \u003c/p\u003e\n \u003c/li\u003e\n \u003c/ul\u003e" + } + } + }, + "aws-native:quicksight:DataSetRowLevelPermissionDataSet": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.\u003c/p\u003e" + }, + "formatVersion": { + "$ref": "#/types/aws-native:quicksight:DataSetRowLevelPermissionFormatVersion", + "description": "The user or group rules associated with the dataset that contains permissions for RLS.\n\nBy default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist." + }, + "namespace": { + "type": "string", + "description": "\u003cp\u003eThe namespace associated with the dataset that contains permissions for RLS.\u003c/p\u003e" + }, + "permissionPolicy": { + "$ref": "#/types/aws-native:quicksight:DataSetRowLevelPermissionPolicy", + "description": "The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:DataSetStatus", + "description": "The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` ." + } + } + }, + "aws-native:quicksight:DataSetRowLevelPermissionFormatVersion": { + "type": "string" + }, + "aws-native:quicksight:DataSetRowLevelPermissionPolicy": { + "type": "string" + }, + "aws-native:quicksight:DataSetRowLevelPermissionTagConfiguration": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:quicksight:DataSetStatus", + "description": "The status of row-level security tags. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` ." + }, + "tagRuleConfigurations": { + "type": "array", + "items": { + "type": "array", + "items": { + "type": "string" + } + }, + "description": "\u003cp\u003eA list of tag configuration rules to apply to a dataset. All tag configurations have the OR condition. Tags within each tile will be joined (AND). At least one rule in this structure must have all tag values assigned to it to apply Row-level security (RLS) to the dataset.\u003c/p\u003e" + }, + "tagRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetRowLevelPermissionTagRule" + }, + "description": "\u003cp\u003eA set of rules associated with row-level security, such as the tag names and columns that they are assigned to.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetRowLevelPermissionTagRule": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "\u003cp\u003eThe column name that a tag key is assigned to.\u003c/p\u003e" + }, + "matchAllValue": { + "type": "string", + "description": "\u003cp\u003eA string that you want to use to filter by all the values in a column in the dataset and don’t want to list the values one by one. For example, you can use an asterisk as your match all value.\u003c/p\u003e" + }, + "tagKey": { + "type": "string", + "description": "\u003cp\u003eThe unique key for a tag.\u003c/p\u003e" + }, + "tagMultiValueDelimiter": { + "type": "string", + "description": "\u003cp\u003eA string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetS3Source": { + "type": "object", + "properties": { + "dataSourceArn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) for the data source.\u003c/p\u003e" + }, + "inputColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetInputColumn" + }, + "description": "\u003cp\u003eA physical table type for an S3 data source.\u003c/p\u003e\n \u003cnote\u003e\n \u003cp\u003eFor files that aren't JSON, only \u003ccode\u003eSTRING\u003c/code\u003e data types are supported in input columns.\u003c/p\u003e\n \u003c/note\u003e" + }, + "uploadSettings": { + "$ref": "#/types/aws-native:quicksight:DataSetUploadSettings", + "description": "Information about the format for the S3 source file or files." + } + } + }, + "aws-native:quicksight:DataSetStatus": { + "type": "string" + }, + "aws-native:quicksight:DataSetStringDatasetParameter": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:DataSetStringDatasetParameterDefaultValues", + "description": "A list of default values for a given string dataset parameter type. This structure only accepts static values." + }, + "id": { + "type": "string", + "description": "\u003cp\u003eAn identifier for the string parameter that is created in the dataset.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of the string parameter that is created in the dataset.\u003c/p\u003e" + }, + "valueType": { + "$ref": "#/types/aws-native:quicksight:DataSetDatasetParameterValueType", + "description": "The value type of the dataset parameter. Valid values are `single value` or `multi value` ." + } + } + }, + "aws-native:quicksight:DataSetStringDatasetParameterDefaultValues": { + "type": "object", + "properties": { + "staticValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eA list of static default values for a given string parameter.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eTag key.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eTag value.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetTagColumnOperation": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "\u003cp\u003eThe column that this operation acts on.\u003c/p\u003e" + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnTag" + }, + "description": "\u003cp\u003eThe dataset column tag, currently only used for geospatial type tagging.\u003c/p\u003e\n \u003cnote\u003e\n \u003cp\u003eThis is not tags for the Amazon Web Services tagging feature.\u003c/p\u003e\n \u003c/note\u003e" + } + } + }, + "aws-native:quicksight:DataSetTextQualifier": { + "type": "string" + }, + "aws-native:quicksight:DataSetTimeGranularity": { + "type": "string" + }, + "aws-native:quicksight:DataSetTransformOperation": { + "type": "object", + "properties": { + "castColumnTypeOperation": { + "$ref": "#/types/aws-native:quicksight:DataSetCastColumnTypeOperation", + "description": "A transform operation that casts a column to a different type." + }, + "createColumnsOperation": { + "$ref": "#/types/aws-native:quicksight:DataSetCreateColumnsOperation", + "description": "An operation that creates calculated columns. Columns created in one such operation form a lexical closure." + }, + "filterOperation": { + "$ref": "#/types/aws-native:quicksight:DataSetFilterOperation", + "description": "An operation that filters rows based on some condition." + }, + "overrideDatasetParameterOperation": { + "$ref": "#/types/aws-native:quicksight:DataSetOverrideDatasetParameterOperation" + }, + "projectOperation": { + "$ref": "#/types/aws-native:quicksight:DataSetProjectOperation", + "description": "An operation that projects columns. Operations that come after a projection can only refer to projected columns." + }, + "renameColumnOperation": { + "$ref": "#/types/aws-native:quicksight:DataSetRenameColumnOperation", + "description": "An operation that renames a column." + }, + "tagColumnOperation": { + "$ref": "#/types/aws-native:quicksight:DataSetTagColumnOperation", + "description": "An operation that tags a column with additional information." + }, + "untagColumnOperation": { + "$ref": "#/types/aws-native:quicksight:DataSetUntagColumnOperation" + } + } + }, + "aws-native:quicksight:DataSetUntagColumnOperation": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "\u003cp\u003eThe column that this operation acts on.\u003c/p\u003e" + }, + "tagNames": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSetColumnTagName" + }, + "description": "\u003cp\u003eThe column tags to remove from this column.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSetUploadSettings": { + "type": "object", + "properties": { + "containsHeader": { + "type": "boolean", + "description": "\u003cp\u003eWhether the file has a header row, or the files each have a header row.\u003c/p\u003e" + }, + "delimiter": { + "type": "string", + "description": "\u003cp\u003eThe delimiter between values in the file.\u003c/p\u003e" + }, + "format": { + "$ref": "#/types/aws-native:quicksight:DataSetFileFormat", + "description": "File format." + }, + "startFromRow": { + "type": "number", + "description": "\u003cp\u003eA row number to start reading data from.\u003c/p\u003e" + }, + "textQualifier": { + "$ref": "#/types/aws-native:quicksight:DataSetTextQualifier", + "description": "Text qualifier." + } + } + }, + "aws-native:quicksight:DataSetUsageConfiguration": { + "type": "object", + "properties": { + "disableUseAsDirectQuerySource": { + "type": "boolean", + "description": "\u003cp\u003eAn option that controls whether a child dataset of a direct query can use this dataset as a source.\u003c/p\u003e" + }, + "disableUseAsImportedSource": { + "type": "boolean", + "description": "\u003cp\u003eAn option that controls whether a child dataset that's stored in QuickSight can use this dataset as a source.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceAmazonElasticsearchParameters": { + "type": "object", + "properties": { + "domain": { + "type": "string", + "description": "\u003cp\u003eThe OpenSearch domain.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceAmazonOpenSearchParameters": { + "type": "object", + "properties": { + "domain": { + "type": "string", + "description": "\u003cp\u003eThe OpenSearch domain.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceAthenaParameters": { + "type": "object", + "properties": { + "roleArn": { + "type": "string", + "description": "\u003cp\u003eUse the \u003ccode\u003eRoleArn\u003c/code\u003e structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use \u003ccode\u003eRoleArn\u003c/code\u003e to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.\u003c/p\u003e" + }, + "workGroup": { + "type": "string", + "description": "\u003cp\u003eThe workgroup that Amazon Athena uses.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceAuroraParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "\u003cp\u003eDatabase.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eHost.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003ePort.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceAuroraPostgreSqlParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Aurora PostgreSQL database to connect to.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Aurora PostgreSQL-Compatible host to connect to.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003eThe port that Amazon Aurora PostgreSQL is listening on.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceCredentialPair": { + "type": "object", + "properties": { + "alternateDataSourceParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:DataSourceParameters" + }, + "description": "\u003cp\u003eA set of alternate data source parameters that you want to share for these\n credentials. The credentials are applied in tandem with the data source parameters when\n you copy a data source by using a create or update request. The API operation compares\n the \u003ccode\u003eDataSourceParameters\u003c/code\u003e structure that's in the request with the\n structures in the \u003ccode\u003eAlternateDataSourceParameters\u003c/code\u003e allow list. If the\n structures are an exact match, the request is allowed to use the new data source with\n the existing credentials. If the \u003ccode\u003eAlternateDataSourceParameters\u003c/code\u003e list is\n null, the \u003ccode\u003eDataSourceParameters\u003c/code\u003e originally used with these\n \u003ccode\u003eCredentials\u003c/code\u003e is automatically allowed.\u003c/p\u003e" + }, + "password": { + "type": "string", + "description": "\u003cp\u003ePassword.\u003c/p\u003e" + }, + "username": { + "type": "string", + "description": "\u003cp\u003eUser name.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceCredentials": { + "type": "object", + "properties": { + "copySourceArn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of a data source that has the credential pair that you\n want to use. When \u003ccode\u003eCopySourceArn\u003c/code\u003e is not null, the credential pair from the\n data source in the ARN is used as the credentials for the\n \u003ccode\u003eDataSourceCredentials\u003c/code\u003e structure.\u003c/p\u003e" + }, + "credentialPair": { + "$ref": "#/types/aws-native:quicksight:DataSourceCredentialPair", + "description": "Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` ." + }, + "secretArn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the secret associated with the data source in Amazon Secrets Manager.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceDatabricksParameters": { + "type": "object", + "properties": { + "host": { + "type": "string", + "description": "\u003cp\u003eThe host name of the Databricks data source.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003eThe port for the Databricks data source.\u003c/p\u003e" + }, + "sqlEndpointPath": { + "type": "string", + "description": "\u003cp\u003eThe HTTP path of the Databricks data source.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceErrorInfo": { + "type": "object", + "properties": { + "message": { + "type": "string", + "description": "\u003cp\u003eError message.\u003c/p\u003e" + }, + "type": { + "$ref": "#/types/aws-native:quicksight:DataSourceErrorInfoType", + "description": "Error type." + } + } + }, + "aws-native:quicksight:DataSourceErrorInfoType": { + "type": "string" + }, + "aws-native:quicksight:DataSourceIdentityCenterConfiguration": { + "type": "object", + "properties": { + "enableIdentityPropagation": { + "type": "boolean", + "description": "\u003cp\u003eA Boolean option that controls whether Trusted Identity Propagation should be used.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceManifestFileLocation": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "\u003cp\u003eAmazon S3 bucket.\u003c/p\u003e" + }, + "key": { + "type": "string", + "description": "\u003cp\u003eAmazon S3 key that identifies an object.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceMariaDbParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "\u003cp\u003eDatabase.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eHost.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003ePort.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceMySqlParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "\u003cp\u003eDatabase.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eHost.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003ePort.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceOracleParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "\u003cp\u003eThe database.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eAn Oracle host.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003eThe port.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceParameters": { + "type": "object", + "properties": { + "amazonElasticsearchParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceAmazonElasticsearchParameters", + "description": "The parameters for OpenSearch." + }, + "amazonOpenSearchParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceAmazonOpenSearchParameters", + "description": "The parameters for OpenSearch." + }, + "athenaParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceAthenaParameters", + "description": "The parameters for Amazon Athena." + }, + "auroraParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceAuroraParameters", + "description": "The parameters for Amazon Aurora MySQL." + }, + "auroraPostgreSqlParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceAuroraPostgreSqlParameters", + "description": "The parameters for Amazon Aurora." + }, + "databricksParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceDatabricksParameters", + "description": "The required parameters that are needed to connect to a Databricks data source." + }, + "mariaDbParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceMariaDbParameters", + "description": "The parameters for MariaDB." + }, + "mySqlParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceMySqlParameters", + "description": "The parameters for MySQL." + }, + "oracleParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceOracleParameters", + "description": "Oracle parameters." + }, + "postgreSqlParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourcePostgreSqlParameters", + "description": "The parameters for PostgreSQL." + }, + "prestoParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourcePrestoParameters", + "description": "The parameters for Presto." + }, + "rdsParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceRdsParameters", + "description": "The parameters for Amazon RDS." + }, + "redshiftParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceRedshiftParameters", + "description": "The parameters for Amazon Redshift." + }, + "s3Parameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceS3Parameters", + "description": "The parameters for S3." + }, + "snowflakeParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceSnowflakeParameters", + "description": "The parameters for Snowflake." + }, + "sparkParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceSparkParameters", + "description": "The parameters for Spark." + }, + "sqlServerParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceSqlServerParameters", + "description": "The parameters for SQL Server." + }, + "starburstParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceStarburstParameters", + "description": "The parameters that are required to connect to a Starburst data source." + }, + "teradataParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceTeradataParameters", + "description": "The parameters for Teradata." + }, + "trinoParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceTrinoParameters", + "description": "The parameters that are required to connect to a Trino data source." + } + }, + "irreversibleNames": { + "s3Parameters": "S3Parameters" + } + }, + "aws-native:quicksight:DataSourcePostgreSqlParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "\u003cp\u003eDatabase.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eHost.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003ePort.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourcePrestoParameters": { + "type": "object", + "properties": { + "catalog": { + "type": "string", + "description": "\u003cp\u003eCatalog.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eHost.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003ePort.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceRdsParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "\u003cp\u003eDatabase.\u003c/p\u003e" + }, + "instanceId": { + "type": "string", + "description": "\u003cp\u003eInstance ID.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceRedshiftIamParameters": { + "type": "object", + "properties": { + "autoCreateDatabaseUser": { + "type": "boolean", + "description": "\u003cp\u003eAutomatically creates a database user. If your database doesn't have a \u003ccode\u003eDatabaseUser\u003c/code\u003e, set this parameter to \u003ccode\u003eTrue\u003c/code\u003e. If there is no \u003ccode\u003eDatabaseUser\u003c/code\u003e, Amazon QuickSight can't connect to your cluster. The \u003ccode\u003eRoleArn\u003c/code\u003e that you use for this operation must grant access to \u003ccode\u003eredshift:CreateClusterUser\u003c/code\u003e to successfully create the user.\u003c/p\u003e" + }, + "databaseGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eA list of groups whose permissions will be granted to Amazon QuickSight to access the cluster. These permissions are combined with the permissions granted to Amazon QuickSight by the \u003ccode\u003eDatabaseUser\u003c/code\u003e. If you choose to include this parameter, the \u003ccode\u003eRoleArn\u003c/code\u003e must grant access to \u003ccode\u003eredshift:JoinGroup\u003c/code\u003e.\u003c/p\u003e" + }, + "databaseUser": { + "type": "string", + "description": "\u003cp\u003eThe user whose permissions and group memberships will be used by Amazon QuickSight to access the cluster. If this user already exists in your database, Amazon QuickSight is granted the same permissions that the user has. If the user doesn't exist, set the value of \u003ccode\u003eAutoCreateDatabaseUser\u003c/code\u003e to \u003ccode\u003eTrue\u003c/code\u003e to create a new user with PUBLIC permissions.\u003c/p\u003e" + }, + "roleArn": { + "type": "string", + "description": "\u003cp\u003eUse the \u003ccode\u003eRoleArn\u003c/code\u003e structure to allow Amazon QuickSight to call \u003ccode\u003eredshift:GetClusterCredentials\u003c/code\u003e on your cluster. The calling principal must have \u003ccode\u003eiam:PassRole\u003c/code\u003e access to pass the role to Amazon QuickSight. The role's trust policy must allow the Amazon QuickSight service principal to assume the role.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceRedshiftParameters": { + "type": "object", + "properties": { + "clusterId": { + "type": "string", + "description": "\u003cp\u003eCluster ID. This field can be blank if the \u003ccode\u003eHost\u003c/code\u003e and \u003ccode\u003ePort\u003c/code\u003e are\n provided.\u003c/p\u003e" + }, + "database": { + "type": "string", + "description": "\u003cp\u003eDatabase.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eHost. This field can be blank if \u003ccode\u003eClusterId\u003c/code\u003e is provided.\u003c/p\u003e" + }, + "iamParameters": { + "$ref": "#/types/aws-native:quicksight:DataSourceRedshiftIamParameters", + "description": "An optional parameter that uses IAM authentication to grant Amazon QuickSight access to your cluster. This parameter can be used instead of [DataSourceCredentials](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DataSourceCredentials.html) ." + }, + "identityCenterConfiguration": { + "$ref": "#/types/aws-native:quicksight:DataSourceIdentityCenterConfiguration", + "description": "An optional parameter that configures IAM Identity Center authentication to grant Amazon QuickSight access to your cluster.\n\nThis parameter can only be specified if your Amazon QuickSight account is configured with IAM Identity Center." + }, + "port": { + "type": "number", + "description": "\u003cp\u003ePort. This field can be blank if the \u003ccode\u003eClusterId\u003c/code\u003e is provided.\u003c/p\u003e" + } + }, + "irreversibleNames": { + "iamParameters": "IAMParameters" + } + }, + "aws-native:quicksight:DataSourceResourcePermission": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe IAM action to grant or revoke permissions on.\u003c/p\u003e" + }, + "principal": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the principal. This can be one of the\n following:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight\n ARN. Use this option only to share resources (templates) across Amazon Web Services accounts.\n (This is less common.) \u003c/p\u003e\n \u003c/li\u003e\n \u003c/ul\u003e" + }, + "resource": { + "type": "string" + } + } + }, + "aws-native:quicksight:DataSourceResourceStatus": { + "type": "string" + }, + "aws-native:quicksight:DataSourceS3Parameters": { + "type": "object", + "properties": { + "manifestFileLocation": { + "$ref": "#/types/aws-native:quicksight:DataSourceManifestFileLocation", + "description": "Location of the Amazon S3 manifest file. This is NULL if the manifest file was uploaded into Amazon QuickSight." + }, + "roleArn": { + "type": "string", + "description": "\u003cp\u003eUse the \u003ccode\u003eRoleArn\u003c/code\u003e structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use \u003ccode\u003eRoleArn\u003c/code\u003e to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceSnowflakeParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "\u003cp\u003eDatabase.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eHost.\u003c/p\u003e" + }, + "warehouse": { + "type": "string", + "description": "\u003cp\u003eWarehouse.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceSparkParameters": { + "type": "object", + "properties": { + "host": { + "type": "string", + "description": "\u003cp\u003eHost.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003ePort.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceSqlServerParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "\u003cp\u003eDatabase.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eHost.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003ePort.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceSslProperties": { + "type": "object", + "properties": { + "disableSsl": { + "type": "boolean", + "description": "\u003cp\u003eA Boolean option to control whether SSL should be disabled.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceStarburstParameters": { + "type": "object", + "properties": { + "catalog": { + "type": "string", + "description": "\u003cp\u003eThe catalog name for the Starburst data source.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eThe host name of the Starburst data source.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003eThe port for the Starburst data source.\u003c/p\u003e" + }, + "productType": { + "$ref": "#/types/aws-native:quicksight:DataSourceStarburstProductType", + "description": "The product type for the Starburst data source." + } + } + }, + "aws-native:quicksight:DataSourceStarburstProductType": { + "type": "string" + }, + "aws-native:quicksight:DataSourceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eTag key.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eTag value.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceTeradataParameters": { + "type": "object", + "properties": { + "database": { + "type": "string", + "description": "\u003cp\u003eDatabase.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eHost.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003ePort.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceTrinoParameters": { + "type": "object", + "properties": { + "catalog": { + "type": "string", + "description": "\u003cp\u003eThe catalog name for the Trino data source.\u003c/p\u003e" + }, + "host": { + "type": "string", + "description": "\u003cp\u003eThe host name of the Trino data source.\u003c/p\u003e" + }, + "port": { + "type": "number", + "description": "\u003cp\u003eThe port for the Trino data source.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:DataSourceType": { + "type": "string" + }, + "aws-native:quicksight:DataSourceVpcConnectionProperties": { + "type": "object", + "properties": { + "vpcConnectionArn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) for the VPC connection.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:RefreshScheduleMap": { + "type": "object", + "properties": { + "refreshType": { + "$ref": "#/types/aws-native:quicksight:RefreshScheduleMapRefreshType", + "description": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *Amazon QuickSight User Guide* ." + }, + "scheduleFrequency": { + "$ref": "#/types/aws-native:quicksight:RefreshScheduleMapScheduleFrequencyProperties", + "description": "\u003cp\u003eInformation about the schedule frequency.\u003c/p\u003e" + }, + "scheduleId": { + "type": "string", + "description": "\u003cp\u003eAn unique identifier for the refresh schedule.\u003c/p\u003e", + "replaceOnChanges": true + }, + "startAfterDateTime": { + "type": "string", + "description": "\u003cp\u003eThe date time after which refresh is to be scheduled\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:RefreshScheduleMapRefreshType": { + "type": "string" + }, + "aws-native:quicksight:RefreshScheduleMapScheduleFrequencyProperties": { + "type": "object", + "properties": { + "interval": { + "$ref": "#/types/aws-native:quicksight:RefreshScheduleMapScheduleFrequencyPropertiesInterval" + }, + "refreshOnDay": { + "$ref": "#/types/aws-native:quicksight:RefreshScheduleMapScheduleFrequencyPropertiesRefreshOnDayProperties", + "description": "\u003cp\u003eThe day scheduled for refresh.\u003c/p\u003e" + }, + "timeOfTheDay": { + "type": "string", + "description": "\u003cp\u003eThe time of the day for scheduled refresh.\u003c/p\u003e" + }, + "timeZone": { + "type": "string", + "description": "\u003cp\u003eThe timezone for scheduled refresh.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:RefreshScheduleMapScheduleFrequencyPropertiesInterval": { + "type": "string" + }, + "aws-native:quicksight:RefreshScheduleMapScheduleFrequencyPropertiesRefreshOnDayProperties": { + "type": "object", + "properties": { + "dayOfMonth": { + "type": "string", + "description": "\u003cp\u003eThe Day Of Month for scheduled refresh.\u003c/p\u003e" + }, + "dayOfWeek": { + "$ref": "#/types/aws-native:quicksight:RefreshScheduleMapScheduleFrequencyPropertiesRefreshOnDayPropertiesDayOfWeek" + } + } + }, + "aws-native:quicksight:RefreshScheduleMapScheduleFrequencyPropertiesRefreshOnDayPropertiesDayOfWeek": { + "type": "string" + }, + "aws-native:quicksight:TemplateAggregationFunction": { + "type": "object", + "properties": { + "attributeAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateAttributeAggregationFunction", + "description": "Aggregation for attributes." + }, + "categoricalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoricalAggregationFunction", + "description": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values." + }, + "dateAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateDateAggregationFunction", + "description": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value." + }, + "numericalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericalAggregationFunction", + "description": "Aggregation for numerical values." + } + } + }, + "aws-native:quicksight:TemplateAggregationSortConfiguration": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateAggregationFunction", + "description": "The function that aggregates the values in `Column` ." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that determines the sort order of aggregated values." + }, + "sortDirection": { + "$ref": "#/types/aws-native:quicksight:TemplateSortDirection", + "description": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order." + } + } + }, + "aws-native:quicksight:TemplateAllSheetsFilterScopeConfiguration": { + "type": "object" + }, + "aws-native:quicksight:TemplateAnalysisDefaults": { + "type": "object", + "properties": { + "defaultNewSheetConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultNewSheetConfiguration", + "description": "The configuration for default new sheet settings." + } + } + }, + "aws-native:quicksight:TemplateAnchorDateConfiguration": { + "type": "object", + "properties": { + "anchorOption": { + "$ref": "#/types/aws-native:quicksight:TemplateAnchorOption", + "description": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`" + }, + "parameterName": { + "type": "string", + "description": "The name of the parameter that is used for the anchor date configuration." + } + } + }, + "aws-native:quicksight:TemplateAnchorOption": { + "type": "string" + }, + "aws-native:quicksight:TemplateArcAxisConfiguration": { + "type": "object", + "properties": { + "range": { + "$ref": "#/types/aws-native:quicksight:TemplateArcAxisDisplayRange", + "description": "The arc axis range of a `GaugeChartVisual` ." + }, + "reserveRange": { + "type": "number", + "description": "The reserved range of the arc axis." + } + } + }, + "aws-native:quicksight:TemplateArcAxisDisplayRange": { + "type": "object", + "properties": { + "max": { + "type": "number", + "description": "The maximum value of the arc axis range." + }, + "min": { + "type": "number", + "description": "The minimum value of the arc axis range." + } + } + }, + "aws-native:quicksight:TemplateArcConfiguration": { + "type": "object", + "properties": { + "arcAngle": { + "type": "number", + "description": "The option that determines the arc angle of a `GaugeChartVisual` ." + }, + "arcThickness": { + "$ref": "#/types/aws-native:quicksight:TemplateArcThicknessOptions", + "description": "The options that determine the arc thickness of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:TemplateArcOptions": { + "type": "object", + "properties": { + "arcThickness": { + "$ref": "#/types/aws-native:quicksight:TemplateArcThickness", + "description": "The arc thickness of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:TemplateArcThickness": { + "type": "string" + }, + "aws-native:quicksight:TemplateArcThicknessOptions": { + "type": "string" + }, + "aws-native:quicksight:TemplateAssetOptions": { + "type": "object", + "properties": { + "timezone": { + "type": "string", + "description": "Determines the timezone for the analysis." + }, + "weekStart": { + "$ref": "#/types/aws-native:quicksight:TemplateDayOfTheWeek", + "description": "Determines the week start day for an analysis." + } + } + }, + "aws-native:quicksight:TemplateAttributeAggregationFunction": { + "type": "object", + "properties": { + "simpleAttributeAggregation": { + "$ref": "#/types/aws-native:quicksight:TemplateSimpleAttributeAggregationFunction", + "description": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields." + }, + "valueForMultipleValues": { + "type": "string", + "description": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'." + } + } + }, + "aws-native:quicksight:TemplateAxisBinding": { + "type": "string" + }, + "aws-native:quicksight:TemplateAxisDataOptions": { + "type": "object", + "properties": { + "dateAxisOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDateAxisOptions", + "description": "The options for an axis with a date field." + }, + "numericAxisOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericAxisOptions", + "description": "The options for an axis with a numeric field." + } + } + }, + "aws-native:quicksight:TemplateAxisDisplayDataDrivenRange": { + "type": "object" + }, + "aws-native:quicksight:TemplateAxisDisplayMinMaxRange": { + "type": "object", + "properties": { + "maximum": { + "type": "number", + "description": "The maximum setup for an axis display range." + }, + "minimum": { + "type": "number", + "description": "The minimum setup for an axis display range." + } + } + }, + "aws-native:quicksight:TemplateAxisDisplayOptions": { + "type": "object", + "properties": { + "axisLineVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines whether or not the axis line is visible." + }, + "axisOffset": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "dataOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDataOptions", + "description": "The data options for an axis." + }, + "gridLineVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines whether or not the grid line is visible." + }, + "scrollbarOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateScrollBarOptions", + "description": "The scroll bar options for an axis." + }, + "tickLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisTickLabelOptions", + "description": "The tick label options of an axis." + } + } + }, + "aws-native:quicksight:TemplateAxisDisplayRange": { + "type": "object", + "properties": { + "dataDriven": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayDataDrivenRange", + "description": "The data-driven setup of an axis display range." + }, + "minMax": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayMinMaxRange", + "description": "The minimum and maximum setup of an axis display range." + } + } + }, + "aws-native:quicksight:TemplateAxisLabelOptions": { + "type": "object", + "properties": { + "applyTo": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisLabelReferenceOptions", + "description": "The options that indicate which field the label belongs to." + }, + "customLabel": { + "type": "string", + "description": "The text for the axis label." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontConfiguration", + "description": "The font configuration of the axis label." + } + } + }, + "aws-native:quicksight:TemplateAxisLabelReferenceOptions": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the axis label is targeted to." + }, + "fieldId": { + "type": "string", + "description": "The field that the axis label is targeted to." + } + } + }, + "aws-native:quicksight:TemplateAxisLinearScale": { + "type": "object", + "properties": { + "stepCount": { + "type": "number", + "description": "The step count setup of a linear axis." + }, + "stepSize": { + "type": "number", + "description": "The step size setup of a linear axis." + } + } + }, + "aws-native:quicksight:TemplateAxisLogarithmicScale": { + "type": "object", + "properties": { + "base": { + "type": "number", + "description": "The base setup of a logarithmic axis scale." + } + } + }, + "aws-native:quicksight:TemplateAxisScale": { + "type": "object", + "properties": { + "linear": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisLinearScale", + "description": "The linear axis scale setup." + }, + "logarithmic": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisLogarithmicScale", + "description": "The logarithmic axis scale setup." + } + } + }, + "aws-native:quicksight:TemplateAxisTickLabelOptions": { + "type": "object", + "properties": { + "labelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateLabelOptions", + "description": "Determines whether or not the axis ticks are visible." + }, + "rotationAngle": { + "type": "number", + "description": "The rotation angle of the axis tick labels." + } + } + }, + "aws-native:quicksight:TemplateBarChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The category (y-axis) field well of a bar chart." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The color (group/color) field well of a bar chart." + }, + "smallMultiples": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The small multiples field well of a bar chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The value field wells of a bar chart. Values are aggregated by category." + } + } + }, + "aws-native:quicksight:TemplateBarChartConfiguration": { + "type": "object", + "properties": { + "barsArrangement": { + "$ref": "#/types/aws-native:quicksight:TemplateBarsArrangement", + "description": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual." + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) for bar chart category." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) for a bar chart." + }, + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart." + }, + "contributionAnalysisDefaults": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateContributionAnalysisDefault" + }, + "description": "The contribution analysis (anomaly configuration) setup of the visual." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateBarChartFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions", + "description": "The legend display setup of the visual." + }, + "orientation": { + "$ref": "#/types/aws-native:quicksight:TemplateBarChartOrientation", + "description": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLine" + }, + "description": "The reference line setup of the visual." + }, + "smallMultiplesOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSmallMultiplesOptions", + "description": "The small multiples setup for the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateBarChartSortConfiguration", + "description": "The sort configuration of a `BarChartVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "valueAxis": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) for a bar chart value." + }, + "valueLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) for a bar chart value." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:TemplateBarChartFieldWells": { + "type": "object", + "properties": { + "barChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateBarChartAggregatedFieldWells", + "description": "The aggregated field wells of a bar chart." + } + } + }, + "aws-native:quicksight:TemplateBarChartOrientation": { + "type": "string" + }, + "aws-native:quicksight:TemplateBarChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of categories displayed in a bar chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of category fields." + }, + "colorItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of values displayed in a bar chart." + }, + "colorSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of color fields in a bar chart." + }, + "smallMultiplesLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of small multiples panels that are displayed." + }, + "smallMultiplesSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the small multiples field." + } + } + }, + "aws-native:quicksight:TemplateBarChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateBarChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateBarsArrangement": { + "type": "string" + }, + "aws-native:quicksight:TemplateBaseMapStyleType": { + "type": "string" + }, + "aws-native:quicksight:TemplateBinCountOptions": { + "type": "object", + "properties": { + "value": { + "type": "number", + "description": "The options that determine the bin count value." + } + } + }, + "aws-native:quicksight:TemplateBinWidthOptions": { + "type": "object", + "properties": { + "binCountLimit": { + "type": "number", + "description": "The options that determine the bin count limit." + }, + "value": { + "type": "number", + "description": "The options that determine the bin width value." + } + } + }, + "aws-native:quicksight:TemplateBodySectionConfiguration": { + "type": "object", + "properties": { + "content": { + "$ref": "#/types/aws-native:quicksight:TemplateBodySectionContent", + "description": "The configuration of content in a body section." + }, + "pageBreakConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateSectionPageBreakConfiguration", + "description": "The configuration of a page break for a section." + }, + "sectionId": { + "type": "string", + "description": "The unique identifier of a body section." + }, + "style": { + "$ref": "#/types/aws-native:quicksight:TemplateSectionStyle", + "description": "The style options of a body section." + } + } + }, + "aws-native:quicksight:TemplateBodySectionContent": { + "type": "object", + "properties": { + "layout": { + "$ref": "#/types/aws-native:quicksight:TemplateSectionLayoutConfiguration", + "description": "The layout configuration of a body section." + } + } + }, + "aws-native:quicksight:TemplateBoxPlotAggregatedFieldWells": { + "type": "object", + "properties": { + "groupBy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The group by field well of a box plot chart. Values are grouped based on group by fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The value field well of a box plot chart. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:TemplateBoxPlotChartConfiguration": { + "type": "object", + "properties": { + "boxPlotOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateBoxPlotOptions", + "description": "The box plot chart options for a box plot visual" + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) of a box plot category." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort Icon visibility) of a box plot category." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateBoxPlotFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions" + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) of a box plot category." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility and sort icon visibility) of a box plot value." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLine" + }, + "description": "The reference line setup of the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateBoxPlotSortConfiguration", + "description": "The sort configuration of a `BoxPlotVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:TemplateBoxPlotFieldWells": { + "type": "object", + "properties": { + "boxPlotAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateBoxPlotAggregatedFieldWells", + "description": "The aggregated field wells of a box plot." + } + } + }, + "aws-native:quicksight:TemplateBoxPlotFillStyle": { + "type": "string" + }, + "aws-native:quicksight:TemplateBoxPlotOptions": { + "type": "object", + "properties": { + "allDataPointsVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines the visibility of all data points of the box plot." + }, + "outlierVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines the visibility of the outlier in a box plot." + }, + "styleOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateBoxPlotStyleOptions", + "description": "The style options of the box plot." + } + } + }, + "aws-native:quicksight:TemplateBoxPlotSortConfiguration": { + "type": "object", + "properties": { + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of a group by fields." + }, + "paginationConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplatePaginationConfiguration", + "description": "The pagination configuration of a table visual or box plot." + } + } + }, + "aws-native:quicksight:TemplateBoxPlotStyleOptions": { + "type": "object", + "properties": { + "fillStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateBoxPlotFillStyle", + "description": "The fill styles (solid, transparent) of the box plot." + } + } + }, + "aws-native:quicksight:TemplateBoxPlotVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateBoxPlotChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:TemplateCalculatedField": { + "type": "object", + "properties": { + "dataSetIdentifier": { + "type": "string", + "description": "The data set that is used in this calculated field." + }, + "expression": { + "type": "string", + "description": "The expression of the calculated field." + }, + "name": { + "type": "string", + "description": "The name of the calculated field." + } + } + }, + "aws-native:quicksight:TemplateCalculatedMeasureField": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "The expression in the table calculation." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + } + } + }, + "aws-native:quicksight:TemplateCascadingControlConfiguration": { + "type": "object", + "properties": { + "sourceControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateCascadingControlSource" + }, + "description": "A list of source controls that determine the values that are used in the current control." + } + } + }, + "aws-native:quicksight:TemplateCascadingControlSource": { + "type": "object", + "properties": { + "columnToMatch": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column identifier that determines which column to look up for the source sheet control." + }, + "sourceSheetControlId": { + "type": "string", + "description": "The source sheet control ID of a `CascadingControlSource` ." + } + } + }, + "aws-native:quicksight:TemplateCategoricalAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:TemplateCategoricalDimensionField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that is used in the `CategoricalDimensionField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateStringFormatConfiguration", + "description": "The format configuration of the field." + }, + "hierarchyId": { + "type": "string", + "description": "The custom hierarchy ID." + } + } + }, + "aws-native:quicksight:TemplateCategoricalMeasureField": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoricalAggregationFunction", + "description": "The aggregation function of the measure field." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that is used in the `CategoricalMeasureField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateStringFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:TemplateCategoryDrillDownFilter": { + "type": "object", + "properties": { + "categoryValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the string inputs that are the values of the category drill down filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the filter is applied to." + } + } + }, + "aws-native:quicksight:TemplateCategoryFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "configuration": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoryFilterConfiguration", + "description": "The configuration for a `CategoryFilter` ." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + } + } + }, + "aws-native:quicksight:TemplateCategoryFilterConfiguration": { + "type": "object", + "properties": { + "customFilterConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomFilterConfiguration", + "description": "A custom filter that filters based on a single value. This filter can be partially matched." + }, + "customFilterListConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomFilterListConfiguration", + "description": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list." + }, + "filterListConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterListConfiguration", + "description": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list." + } + } + }, + "aws-native:quicksight:TemplateCategoryFilterMatchOperator": { + "type": "string" + }, + "aws-native:quicksight:TemplateCategoryFilterSelectAllOptions": { + "type": "string" + }, + "aws-native:quicksight:TemplateChartAxisLabelOptions": { + "type": "object", + "properties": { + "axisLabelOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisLabelOptions" + }, + "description": "The label options for a chart axis." + }, + "sortIconVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility configuration of the sort icon on a chart's axis label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis." + } + } + }, + "aws-native:quicksight:TemplateClusterMarker": { + "type": "object", + "properties": { + "simpleClusterMarker": { + "$ref": "#/types/aws-native:quicksight:TemplateSimpleClusterMarker", + "description": "The simple cluster marker of the cluster marker." + } + } + }, + "aws-native:quicksight:TemplateClusterMarkerConfiguration": { + "type": "object", + "properties": { + "clusterMarker": { + "$ref": "#/types/aws-native:quicksight:TemplateClusterMarker", + "description": "The cluster marker that is a part of the cluster marker configuration." + } + } + }, + "aws-native:quicksight:TemplateColorFillType": { + "type": "string" + }, + "aws-native:quicksight:TemplateColorScale": { + "type": "object", + "properties": { + "colorFillType": { + "$ref": "#/types/aws-native:quicksight:TemplateColorFillType", + "description": "Determines the color fill type." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDataColor" + }, + "description": "Determines the list of colors that are applied to the visual." + }, + "nullValueColor": { + "$ref": "#/types/aws-native:quicksight:TemplateDataColor", + "description": "Determines the color that is applied to null values." + } + } + }, + "aws-native:quicksight:TemplateColorsConfiguration": { + "type": "object", + "properties": { + "customColors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomColor" + }, + "description": "A list of up to 50 custom colors." + } + } + }, + "aws-native:quicksight:TemplateColumnConfiguration": { + "type": "object", + "properties": { + "colorsConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateColorsConfiguration", + "description": "The color configurations of the column." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFormatConfiguration", + "description": "The format configuration of a column." + }, + "role": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnRole", + "description": "The role of the column." + } + } + }, + "aws-native:quicksight:TemplateColumnGroupColumnSchema": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of the column group's column schema.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateColumnGroupSchema": { + "type": "object", + "properties": { + "columnGroupColumnSchemaList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnGroupColumnSchema" + }, + "description": "\u003cp\u003eA structure containing the list of schemas for column group columns.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of the column group schema.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateColumnHierarchy": { + "type": "object", + "properties": { + "dateTimeHierarchy": { + "$ref": "#/types/aws-native:quicksight:TemplateDateTimeHierarchy", + "description": "The option that determines the hierarchy of any `DateTime` fields." + }, + "explicitHierarchy": { + "$ref": "#/types/aws-native:quicksight:TemplateExplicitHierarchy", + "description": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals." + }, + "predefinedHierarchy": { + "$ref": "#/types/aws-native:quicksight:TemplatePredefinedHierarchy", + "description": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source." + } + } + }, + "aws-native:quicksight:TemplateColumnIdentifier": { + "type": "object", + "properties": { + "columnName": { + "type": "string", + "description": "The name of the column." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The data set that the column belongs to." + } + } + }, + "aws-native:quicksight:TemplateColumnRole": { + "type": "string" + }, + "aws-native:quicksight:TemplateColumnSchema": { + "type": "object", + "properties": { + "dataType": { + "type": "string", + "description": "\u003cp\u003eThe data type of the column schema.\u003c/p\u003e" + }, + "geographicRole": { + "type": "string", + "description": "\u003cp\u003eThe geographic role of the column schema.\u003c/p\u003e" + }, + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of the column schema.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateColumnSort": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateAggregationFunction", + "description": "The aggregation function that is defined in the column sort." + }, + "direction": { + "$ref": "#/types/aws-native:quicksight:TemplateSortDirection", + "description": "The sort direction." + }, + "sortBy": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier" + } + } + }, + "aws-native:quicksight:TemplateColumnTooltipItem": { + "type": "object", + "properties": { + "aggregation": { + "$ref": "#/types/aws-native:quicksight:TemplateAggregationFunction", + "description": "The aggregation function of the column tooltip item." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The target column of the tooltip item." + }, + "label": { + "type": "string", + "description": "The label of the tooltip item." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the tooltip item." + } + } + }, + "aws-native:quicksight:TemplateComboChartAggregatedFieldWells": { + "type": "object", + "properties": { + "barValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The aggregated `BarValues` field well of a combo chart." + }, + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The aggregated category field wells of a combo chart." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The aggregated colors field well of a combo chart." + }, + "lineValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The aggregated `LineValues` field well of a combo chart." + } + } + }, + "aws-native:quicksight:TemplateComboChartConfiguration": { + "type": "object", + "properties": { + "barDataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart." + }, + "barsArrangement": { + "$ref": "#/types/aws-native:quicksight:TemplateBarsArrangement", + "description": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error." + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The category axis of a combo chart." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well." + }, + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateComboChartFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions", + "description": "The legend display setup of the visual." + }, + "lineDataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart." + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLine" + }, + "description": "The reference line setup of the visual." + }, + "secondaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well." + }, + "secondaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateComboChartSortConfiguration", + "description": "The sort configuration of a `ComboChartVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The legend display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:TemplateComboChartFieldWells": { + "type": "object", + "properties": { + "comboChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateComboChartAggregatedFieldWells", + "description": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category." + } + } + }, + "aws-native:quicksight:TemplateComboChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The item limit configuration for the category field well of a combo chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the category field well in a combo chart." + }, + "colorItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The item limit configuration of the color field well in a combo chart." + }, + "colorSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the color field well in a combo chart." + } + } + }, + "aws-native:quicksight:TemplateComboChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateComboChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateComparisonConfiguration": { + "type": "object", + "properties": { + "comparisonFormat": { + "$ref": "#/types/aws-native:quicksight:TemplateComparisonFormatConfiguration", + "description": "The format of the comparison." + }, + "comparisonMethod": { + "$ref": "#/types/aws-native:quicksight:TemplateComparisonMethod", + "description": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`" + } + } + }, + "aws-native:quicksight:TemplateComparisonFormatConfiguration": { + "type": "object", + "properties": { + "numberDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumberDisplayFormatConfiguration", + "description": "The number display format." + }, + "percentageDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplatePercentageDisplayFormatConfiguration", + "description": "The percentage display format." + } + } + }, + "aws-native:quicksight:TemplateComparisonMethod": { + "type": "string" + }, + "aws-native:quicksight:TemplateComputation": { + "type": "object", + "properties": { + "forecast": { + "$ref": "#/types/aws-native:quicksight:TemplateForecastComputation", + "description": "The forecast computation configuration." + }, + "growthRate": { + "$ref": "#/types/aws-native:quicksight:TemplateGrowthRateComputation", + "description": "The growth rate computation configuration." + }, + "maximumMinimum": { + "$ref": "#/types/aws-native:quicksight:TemplateMaximumMinimumComputation", + "description": "The maximum and minimum computation configuration." + }, + "metricComparison": { + "$ref": "#/types/aws-native:quicksight:TemplateMetricComparisonComputation", + "description": "The metric comparison computation configuration." + }, + "periodOverPeriod": { + "$ref": "#/types/aws-native:quicksight:TemplatePeriodOverPeriodComputation", + "description": "The period over period computation configuration." + }, + "periodToDate": { + "$ref": "#/types/aws-native:quicksight:TemplatePeriodToDateComputation", + "description": "The period to `DataSetIdentifier` computation configuration." + }, + "topBottomMovers": { + "$ref": "#/types/aws-native:quicksight:TemplateTopBottomMoversComputation", + "description": "The top movers and bottom movers computation configuration." + }, + "topBottomRanked": { + "$ref": "#/types/aws-native:quicksight:TemplateTopBottomRankedComputation", + "description": "The top ranked and bottom ranked computation configuration." + }, + "totalAggregation": { + "$ref": "#/types/aws-native:quicksight:TemplateTotalAggregationComputation", + "description": "The total aggregation computation configuration." + }, + "uniqueValues": { + "$ref": "#/types/aws-native:quicksight:TemplateUniqueValuesComputation", + "description": "The unique values computation configuration." + } + } + }, + "aws-native:quicksight:TemplateConditionalFormattingColor": { + "type": "object", + "properties": { + "gradient": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingGradientColor", + "description": "Formatting configuration for gradient color." + }, + "solid": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingSolidColor", + "description": "Formatting configuration for solid color." + } + } + }, + "aws-native:quicksight:TemplateConditionalFormattingCustomIconCondition": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "Determines the color of the icon." + }, + "displayConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingIconDisplayConfiguration", + "description": "Determines the icon display configuration." + }, + "expression": { + "type": "string", + "description": "The expression that determines the condition of the icon set." + }, + "iconOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingCustomIconOptions", + "description": "Custom icon options for an icon set." + } + } + }, + "aws-native:quicksight:TemplateConditionalFormattingCustomIconOptions": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:TemplateIcon", + "description": "Determines the type of icon." + }, + "unicodeIcon": { + "type": "string", + "description": "Determines the Unicode icon type." + } + } + }, + "aws-native:quicksight:TemplateConditionalFormattingGradientColor": { + "type": "object", + "properties": { + "color": { + "$ref": "#/types/aws-native:quicksight:TemplateGradientColor", + "description": "Determines the color." + }, + "expression": { + "type": "string", + "description": "The expression that determines the formatting configuration for gradient color." + } + } + }, + "aws-native:quicksight:TemplateConditionalFormattingIcon": { + "type": "object", + "properties": { + "customCondition": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingCustomIconCondition", + "description": "Determines the custom condition for an icon set." + }, + "iconSet": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingIconSet", + "description": "Formatting configuration for icon set." + } + } + }, + "aws-native:quicksight:TemplateConditionalFormattingIconDisplayConfiguration": { + "type": "object", + "properties": { + "iconDisplayOption": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingIconDisplayOption", + "description": "Determines the icon display configuration." + } + } + }, + "aws-native:quicksight:TemplateConditionalFormattingIconDisplayOption": { + "type": "string" + }, + "aws-native:quicksight:TemplateConditionalFormattingIconSet": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "The expression that determines the formatting configuration for the icon set." + }, + "iconSetType": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingIconSetType", + "description": "Determines the icon set type." + } + } + }, + "aws-native:quicksight:TemplateConditionalFormattingIconSetType": { + "type": "string" + }, + "aws-native:quicksight:TemplateConditionalFormattingSolidColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "Determines the color." + }, + "expression": { + "type": "string", + "description": "The expression that determines the formatting configuration for solid color." + } + } + }, + "aws-native:quicksight:TemplateContributionAnalysisDefault": { + "type": "object", + "properties": { + "contributorDimensions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier" + }, + "description": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` ." + }, + "measureFieldId": { + "type": "string", + "description": "The measure field that is used in the contribution analysis." + } + } + }, + "aws-native:quicksight:TemplateCrossDatasetTypes": { + "type": "string" + }, + "aws-native:quicksight:TemplateCurrencyDisplayFormatConfiguration": { + "type": "object", + "properties": { + "decimalPlacesConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDecimalPlacesConfiguration", + "description": "The option that determines the decimal places configuration." + }, + "negativeValueConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNegativeValueConfiguration", + "description": "The options that determine the negative value configuration." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numberScale": { + "$ref": "#/types/aws-native:quicksight:TemplateNumberScale", + "description": "Determines the number scale value for the currency format." + }, + "prefix": { + "type": "string", + "description": "Determines the prefix value of the currency format." + }, + "separatorConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericSeparatorConfiguration", + "description": "The options that determine the numeric separator configuration." + }, + "suffix": { + "type": "string", + "description": "Determines the suffix value of the currency format." + }, + "symbol": { + "type": "string", + "description": "Determines the symbol for the currency format." + } + } + }, + "aws-native:quicksight:TemplateCustomActionFilterOperation": { + "type": "object", + "properties": { + "selectedFieldsConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterOperationSelectedFieldsConfiguration", + "description": "The configuration that chooses the fields to be filtered." + }, + "targetVisualsConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterOperationTargetVisualsConfiguration", + "description": "The configuration that chooses the target visuals to be filtered." + } + } + }, + "aws-native:quicksight:TemplateCustomActionNavigationOperation": { + "type": "object", + "properties": { + "localNavigationConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateLocalNavigationConfiguration", + "description": "The configuration that chooses the navigation target." + } + } + }, + "aws-native:quicksight:TemplateCustomActionSetParametersOperation": { + "type": "object", + "properties": { + "parameterValueConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateSetParameterValueConfiguration" + }, + "description": "The parameter that determines the value configuration." + } + } + }, + "aws-native:quicksight:TemplateCustomActionUrlOperation": { + "type": "object", + "properties": { + "urlTarget": { + "$ref": "#/types/aws-native:quicksight:TemplateUrlTargetConfiguration", + "description": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab." + }, + "urlTemplate": { + "type": "string", + "description": "THe URL link of the `CustomActionURLOperation` ." + } + }, + "irreversibleNames": { + "urlTarget": "URLTarget", + "urlTemplate": "URLTemplate" + } + }, + "aws-native:quicksight:TemplateCustomColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color that is applied to the data value." + }, + "fieldValue": { + "type": "string", + "description": "The data value that the color is applied to." + }, + "specialValue": { + "$ref": "#/types/aws-native:quicksight:TemplateSpecialValue", + "description": "The value of a special data value." + } + } + }, + "aws-native:quicksight:TemplateCustomContentConfiguration": { + "type": "object", + "properties": { + "contentType": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomContentType", + "description": "The content type of the custom content visual. You can use this to have the visual render as an image." + }, + "contentUrl": { + "type": "string", + "description": "The input URL that links to the custom content that you want in the custom visual." + }, + "imageScaling": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomContentImageScalingConfiguration", + "description": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` ." + } + } + }, + "aws-native:quicksight:TemplateCustomContentImageScalingConfiguration": { + "type": "string" + }, + "aws-native:quicksight:TemplateCustomContentType": { + "type": "string" + }, + "aws-native:quicksight:TemplateCustomContentVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomContentConfiguration", + "description": "The configuration of a `CustomContentVisual` ." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateCustomFilterConfiguration": { + "type": "object", + "properties": { + "categoryValue": { + "type": "string", + "description": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` ." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoryFilterMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` ." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoryFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:TemplateCustomFilterListConfiguration": { + "type": "object", + "properties": { + "categoryValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of category values for the filter." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoryFilterMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoryFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:TemplateCustomNarrativeOptions": { + "type": "object", + "properties": { + "narrative": { + "type": "string", + "description": "The string input of custom narrative." + } + } + }, + "aws-native:quicksight:TemplateCustomParameterValues": { + "type": "object", + "properties": { + "dateTimeValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of datetime-type parameter values." + }, + "decimalValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "A list of decimal-type parameter values." + }, + "integerValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "A list of integer-type parameter values." + }, + "stringValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of string-type parameter values." + } + } + }, + "aws-native:quicksight:TemplateCustomValuesConfiguration": { + "type": "object", + "properties": { + "customValues": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomParameterValues" + }, + "includeNullValue": { + "type": "boolean", + "description": "Includes the null value in custom action parameter values." + } + } + }, + "aws-native:quicksight:TemplateDataBarsOptions": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID for the data bars options." + }, + "negativeColor": { + "type": "string", + "description": "The color of the negative data bar." + }, + "positiveColor": { + "type": "string", + "description": "The color of the positive data bar." + } + } + }, + "aws-native:quicksight:TemplateDataColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color that is applied to the data value." + }, + "dataValue": { + "type": "number", + "description": "The data value that the color is applied to." + } + } + }, + "aws-native:quicksight:TemplateDataFieldSeriesItem": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisBinding", + "description": "The axis that you are binding the field to." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the field that you are setting the axis binding to." + }, + "fieldValue": { + "type": "string", + "description": "The field value of the field that you are setting the axis binding to." + }, + "settings": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartSeriesSettings", + "description": "The options that determine the presentation of line series associated to the field." + } + } + }, + "aws-native:quicksight:TemplateDataLabelContent": { + "type": "string" + }, + "aws-native:quicksight:TemplateDataLabelOptions": { + "type": "object", + "properties": { + "categoryLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines the visibility of the category field labels." + }, + "dataLabelTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelType" + }, + "description": "The option that determines the data label type." + }, + "labelColor": { + "type": "string", + "description": "Determines the color of the data labels." + }, + "labelContent": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelContent", + "description": "Determines the content of the data labels." + }, + "labelFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontConfiguration", + "description": "Determines the font configuration of the data labels." + }, + "measureLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines the visibility of the measure field labels." + }, + "overlap": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOverlap", + "description": "Determines whether overlap is enabled or disabled for the data labels." + }, + "position": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelPosition", + "description": "Determines the position of the data labels." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines the visibility of the total." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines the visibility of the data labels." + } + } + }, + "aws-native:quicksight:TemplateDataLabelOverlap": { + "type": "string" + }, + "aws-native:quicksight:TemplateDataLabelPosition": { + "type": "string" + }, + "aws-native:quicksight:TemplateDataLabelType": { + "type": "object", + "properties": { + "dataPathLabelType": { + "$ref": "#/types/aws-native:quicksight:TemplateDataPathLabelType", + "description": "The option that specifies individual data values for labels." + }, + "fieldLabelType": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldLabelType", + "description": "Determines the label configuration for the entire field." + }, + "maximumLabelType": { + "$ref": "#/types/aws-native:quicksight:TemplateMaximumLabelType", + "description": "Determines the label configuration for the maximum value in a visual." + }, + "minimumLabelType": { + "$ref": "#/types/aws-native:quicksight:TemplateMinimumLabelType", + "description": "Determines the label configuration for the minimum value in a visual." + }, + "rangeEndsLabelType": { + "$ref": "#/types/aws-native:quicksight:TemplateRangeEndsLabelType", + "description": "Determines the label configuration for range end value in a visual." + } + } + }, + "aws-native:quicksight:TemplateDataPathColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color that needs to be applied to the element." + }, + "element": { + "$ref": "#/types/aws-native:quicksight:TemplateDataPathValue", + "description": "The element that the color needs to be applied to." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeGranularity", + "description": "The time granularity of the field that the color needs to be applied to." + } + } + }, + "aws-native:quicksight:TemplateDataPathLabelType": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the field that the data label needs to be applied to." + }, + "fieldValue": { + "type": "string", + "description": "The actual value of the field that is labeled." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the data label." + } + } + }, + "aws-native:quicksight:TemplateDataPathSort": { + "type": "object", + "properties": { + "direction": { + "$ref": "#/types/aws-native:quicksight:TemplateSortDirection", + "description": "Determines the sort direction." + }, + "sortPaths": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDataPathValue" + }, + "description": "The list of data paths that need to be sorted." + } + } + }, + "aws-native:quicksight:TemplateDataPathType": { + "type": "object", + "properties": { + "pivotTableDataPathType": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableDataPathType", + "description": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` ." + } + } + }, + "aws-native:quicksight:TemplateDataPathValue": { + "type": "object", + "properties": { + "dataPathType": { + "$ref": "#/types/aws-native:quicksight:TemplateDataPathType", + "description": "The type configuration of the field." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the field that needs to be sorted." + }, + "fieldValue": { + "type": "string", + "description": "The actual value of the field that needs to be sorted." + } + } + }, + "aws-native:quicksight:TemplateDataSetConfiguration": { + "type": "object", + "properties": { + "columnGroupSchemaList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnGroupSchema" + }, + "description": "\u003cp\u003eA structure containing the list of column group schemas.\u003c/p\u003e" + }, + "dataSetSchema": { + "$ref": "#/types/aws-native:quicksight:TemplateDataSetSchema", + "description": "Dataset schema." + }, + "placeholder": { + "type": "string", + "description": "\u003cp\u003ePlaceholder.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateDataSetReference": { + "type": "object", + "properties": { + "dataSetArn": { + "type": "string", + "description": "\u003cp\u003eDataset Amazon Resource Name (ARN).\u003c/p\u003e" + }, + "dataSetPlaceholder": { + "type": "string", + "description": "\u003cp\u003eDataset placeholder.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateDataSetSchema": { + "type": "object", + "properties": { + "columnSchemaList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnSchema" + }, + "description": "\u003cp\u003eA structure containing the list of column schemas.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateDateAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:TemplateDateAxisOptions": { + "type": "object", + "properties": { + "missingDateVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines whether or not missing dates are displayed." + } + } + }, + "aws-native:quicksight:TemplateDateDimensionField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that is used in the `DateDimensionField` ." + }, + "dateGranularity": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeGranularity", + "description": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`" + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDateTimeFormatConfiguration", + "description": "The format configuration of the field." + }, + "hierarchyId": { + "type": "string", + "description": "The custom hierarchy ID." + } + } + }, + "aws-native:quicksight:TemplateDateMeasureField": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateDateAggregationFunction", + "description": "The aggregation function of the measure field." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that is used in the `DateMeasureField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDateTimeFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:TemplateDateTimeDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:TemplateDynamicDefaultValue", + "description": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping." + }, + "rollingDate": { + "$ref": "#/types/aws-native:quicksight:TemplateRollingDateConfiguration", + "description": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression." + }, + "staticValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The static values of the `DataTimeDefaultValues` ." + } + } + }, + "aws-native:quicksight:TemplateDateTimeFormatConfiguration": { + "type": "object", + "properties": { + "dateTimeFormat": { + "type": "string", + "description": "Determines the `DateTime` format." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numericFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericFormatConfiguration", + "description": "The formatting configuration for numeric `DateTime` fields." + } + } + }, + "aws-native:quicksight:TemplateDateTimeHierarchy": { + "type": "object", + "properties": { + "drillDownFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDrillDownFilter" + }, + "description": "The option that determines the drill down filters for the `DateTime` hierarchy." + }, + "hierarchyId": { + "type": "string", + "description": "The hierarchy ID of the `DateTime` hierarchy." + } + } + }, + "aws-native:quicksight:TemplateDateTimeParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:TemplateDateTimeDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:TemplateDateTimeValueWhenUnsetConfiguration", + "description": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set." + } + } + }, + "aws-native:quicksight:TemplateDateTimePickerControlDisplayOptions": { + "type": "object", + "properties": { + "dateTimeFormat": { + "type": "string", + "description": "Customize how dates are formatted in controls." + }, + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:TemplateDateTimeValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "string", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:TemplateValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:TemplateDayOfTheWeek": { + "type": "string" + }, + "aws-native:quicksight:TemplateDecimalDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:TemplateDynamicDefaultValue", + "description": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping." + }, + "staticValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "The static values of the `DecimalDefaultValues` ." + } + } + }, + "aws-native:quicksight:TemplateDecimalParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:TemplateDecimalDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "parameterValueType": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterValueType", + "description": "The value type determines whether the parameter is a single-value or multi-value parameter." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:TemplateDecimalValueWhenUnsetConfiguration", + "description": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set." + } + } + }, + "aws-native:quicksight:TemplateDecimalPlacesConfiguration": { + "type": "object", + "properties": { + "decimalPlaces": { + "type": "number", + "description": "The values of the decimal places." + } + } + }, + "aws-native:quicksight:TemplateDecimalValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "number", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:TemplateValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:TemplateDefaultDateTimePickerControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDateTimePickerControlDisplayOptions", + "description": "The display options of a control." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlDateTimePickerType", + "description": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range." + } + } + }, + "aws-native:quicksight:TemplateDefaultFilterControlConfiguration": { + "type": "object", + "properties": { + "controlOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultFilterControlOptions", + "description": "The control option for the `DefaultFilterControlConfiguration` ." + }, + "title": { + "type": "string", + "description": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter." + } + } + }, + "aws-native:quicksight:TemplateDefaultFilterControlOptions": { + "type": "object", + "properties": { + "defaultDateTimePickerOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultDateTimePickerControlOptions", + "description": "The default options that correspond to the filter control type of a `DateTimePicker` ." + }, + "defaultDropdownOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultFilterDropDownControlOptions", + "description": "The default options that correspond to the `Dropdown` filter control type." + }, + "defaultListOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultFilterListControlOptions", + "description": "The default options that correspond to the `List` filter control type." + }, + "defaultRelativeDateTimeOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultRelativeDateTimeControlOptions", + "description": "The default options that correspond to the `RelativeDateTime` filter control type." + }, + "defaultSliderOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultSliderControlOptions", + "description": "The default options that correspond to the `Slider` filter control type." + }, + "defaultTextAreaOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultTextAreaControlOptions", + "description": "The default options that correspond to the `TextArea` filter control type." + }, + "defaultTextFieldOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultTextFieldControlOptions", + "description": "The default options that correspond to the `TextField` filter control type." + } + } + }, + "aws-native:quicksight:TemplateDefaultFilterDropDownControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDropDownControlDisplayOptions", + "description": "The display options of a control." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlListType", + "description": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu." + } + } + }, + "aws-native:quicksight:TemplateDefaultFilterListControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateListControlDisplayOptions", + "description": "The display options of a control." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlListType", + "description": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list." + } + } + }, + "aws-native:quicksight:TemplateDefaultFreeFormLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateFreeFormLayoutCanvasSizeOptions", + "description": "Determines the screen canvas size options for a free-form layout." + } + } + }, + "aws-native:quicksight:TemplateDefaultGridLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateGridLayoutCanvasSizeOptions", + "description": "Determines the screen canvas size options for a grid layout." + } + } + }, + "aws-native:quicksight:TemplateDefaultInteractiveLayoutConfiguration": { + "type": "object", + "properties": { + "freeForm": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultFreeFormLayoutConfiguration", + "description": "The options that determine the default settings of a free-form layout configuration." + }, + "grid": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultGridLayoutConfiguration", + "description": "The options that determine the default settings for a grid layout configuration." + } + } + }, + "aws-native:quicksight:TemplateDefaultNewSheetConfiguration": { + "type": "object", + "properties": { + "interactiveLayoutConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultInteractiveLayoutConfiguration", + "description": "The options that determine the default settings for interactive layout configuration." + }, + "paginatedLayoutConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultPaginatedLayoutConfiguration", + "description": "The options that determine the default settings for a paginated layout configuration." + }, + "sheetContentType": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetContentType", + "description": "The option that determines the sheet content type." + } + } + }, + "aws-native:quicksight:TemplateDefaultPaginatedLayoutConfiguration": { + "type": "object", + "properties": { + "sectionBased": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultSectionBasedLayoutConfiguration", + "description": "The options that determine the default settings for a section-based layout configuration." + } + } + }, + "aws-native:quicksight:TemplateDefaultRelativeDateTimeControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateRelativeDateTimeControlDisplayOptions", + "description": "The display options of a control." + } + } + }, + "aws-native:quicksight:TemplateDefaultSectionBasedLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSectionBasedLayoutCanvasSizeOptions", + "description": "Determines the screen canvas size options for a section-based layout." + } + } + }, + "aws-native:quicksight:TemplateDefaultSliderControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSliderControlDisplayOptions", + "description": "The display options of a control." + }, + "maximumValue": { + "type": "number", + "description": "The larger value that is displayed at the right of the slider." + }, + "minimumValue": { + "type": "number", + "description": "The smaller value that is displayed at the left of the slider." + }, + "stepSize": { + "type": "number", + "description": "The number of increments that the slider bar is divided into." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlSliderType", + "description": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range." + } + } + }, + "aws-native:quicksight:TemplateDefaultTextAreaControlOptions": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "The delimiter that is used to separate the lines in text." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTextAreaControlDisplayOptions", + "description": "The display options of a control." + } + } + }, + "aws-native:quicksight:TemplateDefaultTextFieldControlOptions": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTextFieldControlDisplayOptions", + "description": "The display options of a control." + } + } + }, + "aws-native:quicksight:TemplateDestinationParameterValueConfiguration": { + "type": "object", + "properties": { + "customValuesConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomValuesConfiguration", + "description": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` ." + }, + "selectAllValueOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSelectAllValueOptions", + "description": "The configuration that selects all options." + }, + "sourceColumn": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier" + }, + "sourceField": { + "type": "string", + "description": "The source field ID of the destination parameter." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the destination parameter." + } + } + }, + "aws-native:quicksight:TemplateDimensionField": { + "type": "object", + "properties": { + "categoricalDimensionField": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoricalDimensionField", + "description": "The dimension type field with categorical type columns." + }, + "dateDimensionField": { + "$ref": "#/types/aws-native:quicksight:TemplateDateDimensionField", + "description": "The dimension type field with date type columns." + }, + "numericalDimensionField": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericalDimensionField", + "description": "The dimension type field with numerical type columns." + } + } + }, + "aws-native:quicksight:TemplateDonutCenterOptions": { + "type": "object", + "properties": { + "labelVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` ." + } + } + }, + "aws-native:quicksight:TemplateDonutOptions": { + "type": "object", + "properties": { + "arcOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateArcOptions", + "description": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart" + }, + "donutCenterOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDonutCenterOptions", + "description": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts." + } + } + }, + "aws-native:quicksight:TemplateDrillDownFilter": { + "type": "object", + "properties": { + "categoryFilter": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoryDrillDownFilter", + "description": "The category type drill down filter. This filter is used for string type columns." + }, + "numericEqualityFilter": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericEqualityDrillDownFilter", + "description": "The numeric equality type drill down filter. This filter is used for number type columns." + }, + "timeRangeFilter": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeRangeDrillDownFilter", + "description": "The time range drill down filter. This filter is used for date time columns." + } + } + }, + "aws-native:quicksight:TemplateDropDownControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateListControlSelectAllOptions", + "description": "The configuration of the `Select all` options in a dropdown control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:TemplateDynamicDefaultValue": { + "type": "object", + "properties": { + "defaultValueColumn": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that contains the default value of each user or group." + }, + "groupNameColumn": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that contains the group name." + }, + "userNameColumn": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that contains the username." + } + } + }, + "aws-native:quicksight:TemplateEmptyVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The data set that is used in the empty visual. Every visual requires a dataset to render." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateEntity": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree." + } + } + }, + "aws-native:quicksight:TemplateError": { + "type": "object", + "properties": { + "message": { + "type": "string", + "description": "\u003cp\u003eDescription of the error type.\u003c/p\u003e" + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateErrorType", + "description": "Type of error." + }, + "violatedEntities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateEntity" + }, + "description": "\u003cp\u003eAn error path that shows which entities caused the template error.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateErrorType": { + "type": "string" + }, + "aws-native:quicksight:TemplateExcludePeriodConfiguration": { + "type": "object", + "properties": { + "amount": { + "type": "number", + "description": "The amount or number of the exclude period." + }, + "granularity": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeGranularity", + "description": "The granularity or unit (day, month, year) of the exclude period." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:TemplateWidgetStatus", + "description": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`" + } + } + }, + "aws-native:quicksight:TemplateExplicitHierarchy": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier" + }, + "description": "The list of columns that define the explicit hierarchy." + }, + "drillDownFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDrillDownFilter" + }, + "description": "The option that determines the drill down filters for the explicit hierarchy." + }, + "hierarchyId": { + "type": "string", + "description": "The hierarchy ID of the explicit hierarchy." + } + } + }, + "aws-native:quicksight:TemplateFieldBasedTooltip": { + "type": "object", + "properties": { + "aggregationVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of `Show aggregations` ." + }, + "tooltipFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipItem" + }, + "description": "The fields configuration in the tooltip." + }, + "tooltipTitleType": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipTitleType", + "description": "The type for the \u003etooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title." + } + } + }, + "aws-native:quicksight:TemplateFieldLabelType": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "Indicates the field that is targeted by the field label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the field label." + } + } + }, + "aws-native:quicksight:TemplateFieldSeriesItem": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisBinding", + "description": "The axis that you are binding the field to." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the field for which you are setting the axis binding." + }, + "settings": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartSeriesSettings", + "description": "The options that determine the presentation of line series associated to the field." + } + } + }, + "aws-native:quicksight:TemplateFieldSort": { + "type": "object", + "properties": { + "direction": { + "$ref": "#/types/aws-native:quicksight:TemplateSortDirection", + "description": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending" + }, + "fieldId": { + "type": "string", + "description": "The sort configuration target field." + } + } + }, + "aws-native:quicksight:TemplateFieldSortOptions": { + "type": "object", + "properties": { + "columnSort": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnSort", + "description": "The sort configuration for a column that is not used in a field well." + }, + "fieldSort": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSort", + "description": "The sort configuration for a field in a field well." + } + } + }, + "aws-native:quicksight:TemplateFieldTooltipItem": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The unique ID of the field that is targeted by the tooltip." + }, + "label": { + "type": "string", + "description": "The label of the tooltip item." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the tooltip item." + } + } + }, + "aws-native:quicksight:TemplateFilledMapAggregatedFieldWells": { + "type": "object", + "properties": { + "geospatial": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The aggregated location field well of the filled map. Values are grouped by location fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The aggregated color field well of a filled map. Values are aggregated based on location fields." + } + } + }, + "aws-native:quicksight:TemplateFilledMapConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFilledMapConditionalFormattingOption" + }, + "description": "Conditional formatting options of a `FilledMapVisual` ." + } + } + }, + "aws-native:quicksight:TemplateFilledMapConditionalFormattingOption": { + "type": "object", + "properties": { + "shape": { + "$ref": "#/types/aws-native:quicksight:TemplateFilledMapShapeConditionalFormatting", + "description": "The conditional formatting that determines the shape of the filled map." + } + } + }, + "aws-native:quicksight:TemplateFilledMapConfiguration": { + "type": "object", + "properties": { + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateFilledMapFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions", + "description": "The legend display setup of the visual." + }, + "mapStyleOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialMapStyleOptions", + "description": "The map style options of the filled map visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFilledMapSortConfiguration", + "description": "The sort configuration of a `FilledMapVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "windowOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialWindowOptions", + "description": "The window options of the filled map visual." + } + } + }, + "aws-native:quicksight:TemplateFilledMapFieldWells": { + "type": "object", + "properties": { + "filledMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateFilledMapAggregatedFieldWells", + "description": "The aggregated field well of the filled map." + } + } + }, + "aws-native:quicksight:TemplateFilledMapShapeConditionalFormatting": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the filled map shape." + }, + "format": { + "$ref": "#/types/aws-native:quicksight:TemplateShapeConditionalFormat", + "description": "The conditional formatting that determines the background color of a filled map's shape." + } + } + }, + "aws-native:quicksight:TemplateFilledMapSortConfiguration": { + "type": "object", + "properties": { + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the location fields." + } + } + }, + "aws-native:quicksight:TemplateFilledMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFilledMapConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:TemplateFilledMapConditionalFormatting", + "description": "The conditional formatting of a `FilledMapVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:TemplateFilter": { + "type": "object", + "properties": { + "categoryFilter": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoryFilter", + "description": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* ." + }, + "numericEqualityFilter": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericEqualityFilter", + "description": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value." + }, + "numericRangeFilter": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericRangeFilter", + "description": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range." + }, + "relativeDatesFilter": { + "$ref": "#/types/aws-native:quicksight:TemplateRelativeDatesFilter", + "description": "A `RelativeDatesFilter` filters date values that are relative to a given date." + }, + "timeEqualityFilter": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeEqualityFilter", + "description": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value." + }, + "timeRangeFilter": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeRangeFilter", + "description": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range." + }, + "topBottomFilter": { + "$ref": "#/types/aws-native:quicksight:TemplateTopBottomFilter", + "description": "A `TopBottomFilter` filters data to the top or bottom values for a given column." + } + } + }, + "aws-native:quicksight:TemplateFilterControl": { + "type": "object", + "properties": { + "crossSheet": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterCrossSheetControl", + "description": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet" + }, + "dateTimePicker": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterDateTimePickerControl", + "description": "A control from a date filter that is used to specify date and time." + }, + "dropdown": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterDropDownControl", + "description": "A control to display a dropdown list with buttons that are used to select a single value." + }, + "list": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterListControl", + "description": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values." + }, + "relativeDateTime": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterRelativeDateTimeControl", + "description": "A control from a date filter that is used to specify the relative date." + }, + "slider": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterSliderControl", + "description": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle." + }, + "textArea": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterTextAreaControl", + "description": "A control to display a text box that is used to enter multiple entries." + }, + "textField": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterTextFieldControl", + "description": "A control to display a text box that is used to enter a single entry." + } + } + }, + "aws-native:quicksight:TemplateFilterCrossSheetControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterCrossSheetControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterCrossSheetControl` ." + } + } + }, + "aws-native:quicksight:TemplateFilterDateTimePickerControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDateTimePickerControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterDateTimePickerControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterDateTimePickerControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterDateTimePickerControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlDateTimePickerType", + "description": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu." + } + } + }, + "aws-native:quicksight:TemplateFilterDropDownControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDropDownControlDisplayOptions", + "description": "The display options of the `FilterDropDownControl` ." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterDropDownControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterDropDownControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterDropDownControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlListType", + "description": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu." + } + } + }, + "aws-native:quicksight:TemplateFilterGroup": { + "type": "object", + "properties": { + "crossDataset": { + "$ref": "#/types/aws-native:quicksight:TemplateCrossDatasetTypes", + "description": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`" + }, + "filterGroupId": { + "type": "string", + "description": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis." + }, + "filters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFilter" + }, + "description": "The list of filters that are present in a `FilterGroup` ." + }, + "scopeConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterScopeConfiguration", + "description": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:TemplateWidgetStatus", + "description": "The status of the `FilterGroup` ." + } + } + }, + "aws-native:quicksight:TemplateFilterListConfiguration": { + "type": "object", + "properties": { + "categoryValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of category values for the filter." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoryFilterMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoryFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:TemplateFilterListControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateListControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterListControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterListControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterListControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlListType", + "description": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list." + } + } + }, + "aws-native:quicksight:TemplateFilterNullOption": { + "type": "string" + }, + "aws-native:quicksight:TemplateFilterOperationSelectedFieldsConfiguration": { + "type": "object", + "properties": { + "selectedColumns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier" + }, + "description": "\u003cp\u003eThe selected columns of a dataset.\u003c/p\u003e" + }, + "selectedFieldOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSelectedFieldOptions", + "description": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields." + }, + "selectedFields": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Chooses the fields that are filtered in `CustomActionFilterOperation` ." + } + } + }, + "aws-native:quicksight:TemplateFilterOperationTargetVisualsConfiguration": { + "type": "object", + "properties": { + "sameSheetTargetVisualConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateSameSheetTargetVisualConfiguration", + "description": "The configuration of the same-sheet target visuals that you want to be filtered." + } + } + }, + "aws-native:quicksight:TemplateFilterRelativeDateTimeControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateRelativeDateTimeControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterTextAreaControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterTextAreaControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterTextAreaControl` ." + } + } + }, + "aws-native:quicksight:TemplateFilterScopeConfiguration": { + "type": "object", + "properties": { + "allSheets": { + "$ref": "#/types/aws-native:quicksight:TemplateAllSheetsFilterScopeConfiguration", + "description": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen." + }, + "selectedSheets": { + "$ref": "#/types/aws-native:quicksight:TemplateSelectedSheetsFilterScopeConfiguration", + "description": "The configuration for applying a filter to specific sheets." + } + } + }, + "aws-native:quicksight:TemplateFilterSelectableValues": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The values that are used in the `FilterSelectableValues` ." + } + } + }, + "aws-native:quicksight:TemplateFilterSliderControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSliderControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterSliderControl` ." + }, + "maximumValue": { + "type": "number", + "description": "The larger value that is displayed at the right of the slider." + }, + "minimumValue": { + "type": "number", + "description": "The smaller value that is displayed at the left of the slider." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterSliderControl` ." + }, + "stepSize": { + "type": "number", + "description": "The number of increments that the slider bar is divided into." + }, + "title": { + "type": "string", + "description": "The title of the `FilterSliderControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlSliderType", + "description": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range." + } + } + }, + "aws-native:quicksight:TemplateFilterTextAreaControl": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "The delimiter that is used to separate the lines in text." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTextAreaControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterTextAreaControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterTextAreaControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterTextAreaControl` ." + } + } + }, + "aws-native:quicksight:TemplateFilterTextFieldControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTextFieldControlDisplayOptions", + "description": "The display options of a control." + }, + "filterControlId": { + "type": "string", + "description": "The ID of the `FilterTextFieldControl` ." + }, + "sourceFilterId": { + "type": "string", + "description": "The source filter ID of the `FilterTextFieldControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `FilterTextFieldControl` ." + } + } + }, + "aws-native:quicksight:TemplateFilterVisualScope": { + "type": "string" + }, + "aws-native:quicksight:TemplateFontConfiguration": { + "type": "object", + "properties": { + "fontColor": { + "type": "string", + "description": "Determines the color of the text." + }, + "fontDecoration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontDecoration", + "description": "Determines the appearance of decorative lines on the text." + }, + "fontSize": { + "$ref": "#/types/aws-native:quicksight:TemplateFontSize", + "description": "The option that determines the text display size." + }, + "fontStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateFontStyle", + "description": "Determines the text display face that is inherited by the given font family." + }, + "fontWeight": { + "$ref": "#/types/aws-native:quicksight:TemplateFontWeight", + "description": "The option that determines the text display weight, or boldness." + } + } + }, + "aws-native:quicksight:TemplateFontDecoration": { + "type": "string" + }, + "aws-native:quicksight:TemplateFontSize": { + "type": "object", + "properties": { + "relative": { + "$ref": "#/types/aws-native:quicksight:TemplateRelativeFontSize", + "description": "The lexical name for the text size, proportional to its surrounding context." + } + } + }, + "aws-native:quicksight:TemplateFontStyle": { + "type": "string" + }, + "aws-native:quicksight:TemplateFontWeight": { + "type": "object", + "properties": { + "name": { + "$ref": "#/types/aws-native:quicksight:TemplateFontWeightName", + "description": "The lexical name for the level of boldness of the text display." + } + } + }, + "aws-native:quicksight:TemplateFontWeightName": { + "type": "string" + }, + "aws-native:quicksight:TemplateForecastComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "customSeasonalityValue": { + "type": "number", + "description": "The custom seasonality value setup of a forecast computation." + }, + "lowerBoundary": { + "type": "number", + "description": "The lower boundary setup of a forecast computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "periodsBackward": { + "type": "number", + "description": "The periods backward setup of a forecast computation." + }, + "periodsForward": { + "type": "number", + "description": "The periods forward setup of a forecast computation." + }, + "predictionInterval": { + "type": "number", + "description": "The prediction interval setup of a forecast computation." + }, + "seasonality": { + "$ref": "#/types/aws-native:quicksight:TemplateForecastComputationSeasonality", + "description": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField", + "description": "The time field that is used in a computation." + }, + "upperBoundary": { + "type": "number", + "description": "The upper boundary setup of a forecast computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:TemplateForecastComputationSeasonality": { + "type": "string" + }, + "aws-native:quicksight:TemplateForecastConfiguration": { + "type": "object", + "properties": { + "forecastProperties": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeBasedForecastProperties", + "description": "The forecast properties setup of a forecast in the line chart." + }, + "scenario": { + "$ref": "#/types/aws-native:quicksight:TemplateForecastScenario", + "description": "The forecast scenario of a forecast in the line chart." + } + } + }, + "aws-native:quicksight:TemplateForecastScenario": { + "type": "object", + "properties": { + "whatIfPointScenario": { + "$ref": "#/types/aws-native:quicksight:TemplateWhatIfPointScenario", + "description": "The what-if analysis forecast setup with the target date." + }, + "whatIfRangeScenario": { + "$ref": "#/types/aws-native:quicksight:TemplateWhatIfRangeScenario", + "description": "The what-if analysis forecast setup with the date range." + } + } + }, + "aws-native:quicksight:TemplateFormatConfiguration": { + "type": "object", + "properties": { + "dateTimeFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDateTimeFormatConfiguration", + "description": "Formatting configuration for `DateTime` fields." + }, + "numberFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumberFormatConfiguration", + "description": "Formatting configuration for number fields." + }, + "stringFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateStringFormatConfiguration", + "description": "Formatting configuration for string fields." + } + } + }, + "aws-native:quicksight:TemplateFreeFormLayoutCanvasSizeOptions": { + "type": "object", + "properties": { + "screenCanvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateFreeFormLayoutScreenCanvasSizeOptions", + "description": "The options that determine the sizing of the canvas used in a free-form layout." + } + } + }, + "aws-native:quicksight:TemplateFreeFormLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateFreeFormLayoutCanvasSizeOptions" + }, + "elements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFreeFormLayoutElement" + }, + "description": "The elements that are included in a free-form layout." + } + } + }, + "aws-native:quicksight:TemplateFreeFormLayoutElement": { + "type": "object", + "properties": { + "backgroundStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateFreeFormLayoutElementBackgroundStyle", + "description": "The background style configuration of a free-form layout element." + }, + "borderStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateFreeFormLayoutElementBorderStyle", + "description": "The border style configuration of a free-form layout element." + }, + "elementId": { + "type": "string", + "description": "A unique identifier for an element within a free-form layout." + }, + "elementType": { + "$ref": "#/types/aws-native:quicksight:TemplateLayoutElementType", + "description": "The type of element." + }, + "height": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "loadingAnimation": { + "$ref": "#/types/aws-native:quicksight:TemplateLoadingAnimation", + "description": "The loading animation configuration of a free-form layout element." + }, + "renderingRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetElementRenderingRule" + }, + "description": "The rendering rules that determine when an element should be displayed within a free-form layout." + }, + "selectedBorderStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateFreeFormLayoutElementBorderStyle", + "description": "The border style configuration of a free-form layout element. This border style is used when the element is selected." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of an element within a free-form layout." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "xAxisLocation": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "yAxisLocation": { + "type": "string", + "description": "String based length that is composed of value and unit in px with Integer.MAX_VALUE as maximum value" + } + } + }, + "aws-native:quicksight:TemplateFreeFormLayoutElementBackgroundStyle": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The background color of a free-form layout element." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The background visibility of a free-form layout element." + } + } + }, + "aws-native:quicksight:TemplateFreeFormLayoutElementBorderStyle": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The border color of a free-form layout element." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The border visibility of a free-form layout element." + } + } + }, + "aws-native:quicksight:TemplateFreeFormLayoutScreenCanvasSizeOptions": { + "type": "object", + "properties": { + "optimizedViewPortWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:TemplateFreeFormSectionLayoutConfiguration": { + "type": "object", + "properties": { + "elements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFreeFormLayoutElement" + }, + "description": "The elements that are included in the free-form layout." + } + } + }, + "aws-native:quicksight:TemplateFunnelChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The category field wells of a funnel chart. Values are grouped by category fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The value field wells of a funnel chart. Values are aggregated based on categories." + } + } + }, + "aws-native:quicksight:TemplateFunnelChartConfiguration": { + "type": "object", + "properties": { + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options of the categories that are displayed in a `FunnelChartVisual` ." + }, + "dataLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateFunnelChartDataLabelOptions", + "description": "The options that determine the presentation of the data labels." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateFunnelChartFieldWells", + "description": "The field well configuration of a `FunnelChartVisual` ." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFunnelChartSortConfiguration", + "description": "The sort configuration of a `FunnelChartVisual` ." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The tooltip configuration of a `FunnelChartVisual` ." + }, + "valueLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options for the values that are displayed in a `FunnelChartVisual` ." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette", + "description": "The visual palette configuration of a `FunnelChartVisual` ." + } + } + }, + "aws-native:quicksight:TemplateFunnelChartDataLabelOptions": { + "type": "object", + "properties": { + "categoryLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the category labels within the data labels." + }, + "labelColor": { + "type": "string", + "description": "The color of the data label text." + }, + "labelFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontConfiguration", + "description": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels." + }, + "measureDataLabelStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateFunnelChartMeasureDataLabelStyle", + "description": "Determines the style of the metric labels." + }, + "measureLabelVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the measure labels within the data labels." + }, + "position": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelPosition", + "description": "Determines the positioning of the data label relative to a section of the funnel." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility option that determines if data labels are displayed." + } + } + }, + "aws-native:quicksight:TemplateFunnelChartFieldWells": { + "type": "object", + "properties": { + "funnelChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateFunnelChartAggregatedFieldWells", + "description": "The field well configuration of a `FunnelChartVisual` ." + } + } + }, + "aws-native:quicksight:TemplateFunnelChartMeasureDataLabelStyle": { + "type": "string" + }, + "aws-native:quicksight:TemplateFunnelChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of categories displayed." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + } + } + }, + "aws-native:quicksight:TemplateFunnelChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFunnelChartConfiguration", + "description": "The configuration of a `FunnelChartVisual` ." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:TemplateGaugeChartArcConditionalFormatting": { + "type": "object", + "properties": { + "foregroundColor": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingColor", + "description": "The conditional formatting of the arc foreground color." + } + } + }, + "aws-native:quicksight:TemplateGaugeChartConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateGaugeChartConditionalFormattingOption" + }, + "description": "Conditional formatting options of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:TemplateGaugeChartConditionalFormattingOption": { + "type": "object", + "properties": { + "arc": { + "$ref": "#/types/aws-native:quicksight:TemplateGaugeChartArcConditionalFormatting", + "description": "The options that determine the presentation of the arc of a `GaugeChartVisual` ." + }, + "primaryValue": { + "$ref": "#/types/aws-native:quicksight:TemplateGaugeChartPrimaryValueConditionalFormatting", + "description": "The conditional formatting for the primary value of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:TemplateGaugeChartConfiguration": { + "type": "object", + "properties": { + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The data label configuration of a `GaugeChartVisual` ." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateGaugeChartFieldWells", + "description": "The field well configuration of a `GaugeChartVisual` ." + }, + "gaugeChartOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateGaugeChartOptions", + "description": "The options that determine the presentation of the `GaugeChartVisual` ." + }, + "tooltipOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The tooltip configuration of a `GaugeChartVisual` ." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette", + "description": "The visual palette configuration of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:TemplateGaugeChartFieldWells": { + "type": "object", + "properties": { + "targetValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The target value field wells of a `GaugeChartVisual` ." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The value field wells of a `GaugeChartVisual` ." + } + } + }, + "aws-native:quicksight:TemplateGaugeChartOptions": { + "type": "object", + "properties": { + "arc": { + "$ref": "#/types/aws-native:quicksight:TemplateArcConfiguration", + "description": "The arc configuration of a `GaugeChartVisual` ." + }, + "arcAxis": { + "$ref": "#/types/aws-native:quicksight:TemplateArcAxisConfiguration", + "description": "The arc axis configuration of a `GaugeChartVisual` ." + }, + "comparison": { + "$ref": "#/types/aws-native:quicksight:TemplateComparisonConfiguration", + "description": "The comparison configuration of a `GaugeChartVisual` ." + }, + "primaryValueDisplayType": { + "$ref": "#/types/aws-native:quicksight:TemplatePrimaryValueDisplayType", + "description": "The options that determine the primary value display type." + }, + "primaryValueFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontConfiguration", + "description": "The options that determine the primary value font configuration." + } + } + }, + "aws-native:quicksight:TemplateGaugeChartPrimaryValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingIcon", + "description": "The conditional formatting of the primary value icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingColor", + "description": "The conditional formatting of the primary value text color." + } + } + }, + "aws-native:quicksight:TemplateGaugeChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateGaugeChartConfiguration", + "description": "The configuration of a `GaugeChartVisual` ." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:TemplateGaugeChartConditionalFormatting", + "description": "The conditional formatting of a `GaugeChartVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateGeospatialCoordinateBounds": { + "type": "object", + "properties": { + "east": { + "type": "number", + "description": "The longitude of the east bound of the geospatial coordinate bounds." + }, + "north": { + "type": "number", + "description": "The latitude of the north bound of the geospatial coordinate bounds." + }, + "south": { + "type": "number", + "description": "The latitude of the south bound of the geospatial coordinate bounds." + }, + "west": { + "type": "number", + "description": "The longitude of the west bound of the geospatial coordinate bounds." + } + } + }, + "aws-native:quicksight:TemplateGeospatialHeatmapColorScale": { + "type": "object", + "properties": { + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialHeatmapDataColor" + }, + "description": "The list of colors to be used in heatmap point style." + } + } + }, + "aws-native:quicksight:TemplateGeospatialHeatmapConfiguration": { + "type": "object", + "properties": { + "heatmapColor": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialHeatmapColorScale", + "description": "The color scale specification for the heatmap point style." + } + } + }, + "aws-native:quicksight:TemplateGeospatialHeatmapDataColor": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The hex color to be used in the heatmap point style." + } + } + }, + "aws-native:quicksight:TemplateGeospatialMapAggregatedFieldWells": { + "type": "object", + "properties": { + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The color field wells of a geospatial map." + }, + "geospatial": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields." + } + } + }, + "aws-native:quicksight:TemplateGeospatialMapConfiguration": { + "type": "object", + "properties": { + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialMapFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions", + "description": "The legend display setup of the visual." + }, + "mapStyleOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialMapStyleOptions", + "description": "The map style options of the geospatial map." + }, + "pointStyleOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialPointStyleOptions", + "description": "The point style options of the geospatial map." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette" + }, + "windowOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialWindowOptions", + "description": "The window options of the geospatial map." + } + } + }, + "aws-native:quicksight:TemplateGeospatialMapFieldWells": { + "type": "object", + "properties": { + "geospatialMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialMapAggregatedFieldWells", + "description": "The aggregated field well for a geospatial map." + } + } + }, + "aws-native:quicksight:TemplateGeospatialMapStyleOptions": { + "type": "object", + "properties": { + "baseMapStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateBaseMapStyleType", + "description": "The base map style of the geospatial map." + } + } + }, + "aws-native:quicksight:TemplateGeospatialMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialMapConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:TemplateGeospatialPointStyleOptions": { + "type": "object", + "properties": { + "clusterMarkerConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateClusterMarkerConfiguration", + "description": "The cluster marker configuration of the geospatial point style." + }, + "heatmapConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialHeatmapConfiguration", + "description": "The heatmap configuration of the geospatial point style." + }, + "selectedPointStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialSelectedPointStyle", + "description": "The selected point styles (point, cluster) of the geospatial map." + } + } + }, + "aws-native:quicksight:TemplateGeospatialSelectedPointStyle": { + "type": "string" + }, + "aws-native:quicksight:TemplateGeospatialWindowOptions": { + "type": "object", + "properties": { + "bounds": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialCoordinateBounds", + "description": "The bounds options (north, south, west, east) of the geospatial window options." + }, + "mapZoomMode": { + "$ref": "#/types/aws-native:quicksight:TemplateMapZoomMode", + "description": "The map zoom modes (manual, auto) of the geospatial window options." + } + } + }, + "aws-native:quicksight:TemplateGlobalTableBorderOptions": { + "type": "object", + "properties": { + "sideSpecificBorder": { + "$ref": "#/types/aws-native:quicksight:TemplateTableSideBorderOptions", + "description": "Determines the options for side specific border." + }, + "uniformBorder": { + "$ref": "#/types/aws-native:quicksight:TemplateTableBorderOptions", + "description": "Determines the options for uniform border." + } + } + }, + "aws-native:quicksight:TemplateGradientColor": { + "type": "object", + "properties": { + "stops": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateGradientStop" + }, + "description": "The list of gradient color stops." + } + } + }, + "aws-native:quicksight:TemplateGradientStop": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "Determines the color." + }, + "dataValue": { + "type": "number", + "description": "Determines the data value." + }, + "gradientOffset": { + "type": "number", + "description": "Determines gradient offset value." + } + } + }, + "aws-native:quicksight:TemplateGridLayoutCanvasSizeOptions": { + "type": "object", + "properties": { + "screenCanvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateGridLayoutScreenCanvasSizeOptions", + "description": "The options that determine the sizing of the canvas used in a grid layout." + } + } + }, + "aws-native:quicksight:TemplateGridLayoutConfiguration": { + "type": "object", + "properties": { + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateGridLayoutCanvasSizeOptions" + }, + "elements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateGridLayoutElement" + }, + "description": "The elements that are included in a grid layout." + } + } + }, + "aws-native:quicksight:TemplateGridLayoutElement": { + "type": "object", + "properties": { + "columnIndex": { + "type": "number", + "description": "The column index for the upper left corner of an element." + }, + "columnSpan": { + "type": "number", + "description": "The width of a grid element expressed as a number of grid columns." + }, + "elementId": { + "type": "string", + "description": "A unique identifier for an element within a grid layout." + }, + "elementType": { + "$ref": "#/types/aws-native:quicksight:TemplateLayoutElementType", + "description": "The type of element." + }, + "rowIndex": { + "type": "number", + "description": "The row index for the upper left corner of an element." + }, + "rowSpan": { + "type": "number", + "description": "The height of a grid element expressed as a number of grid rows." + } + } + }, + "aws-native:quicksight:TemplateGridLayoutScreenCanvasSizeOptions": { + "type": "object", + "properties": { + "optimizedViewPortWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "resizeOption": { + "$ref": "#/types/aws-native:quicksight:TemplateResizeOption", + "description": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` ." + } + } + }, + "aws-native:quicksight:TemplateGrowthRateComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "periodSize": { + "type": "number", + "description": "The period size setup of a growth rate computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField", + "description": "The time field that is used in a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:TemplateHeaderFooterSectionConfiguration": { + "type": "object", + "properties": { + "layout": { + "$ref": "#/types/aws-native:quicksight:TemplateSectionLayoutConfiguration", + "description": "The layout configuration of the header or footer section." + }, + "sectionId": { + "type": "string", + "description": "The unique identifier of the header or footer section." + }, + "style": { + "$ref": "#/types/aws-native:quicksight:TemplateSectionStyle", + "description": "The style options of a header or footer section." + } + } + }, + "aws-native:quicksight:TemplateHeatMapAggregatedFieldWells": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The columns field well of a heat map." + }, + "rows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The rows field well of a heat map." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The values field well of a heat map." + } + } + }, + "aws-native:quicksight:TemplateHeatMapConfiguration": { + "type": "object", + "properties": { + "colorScale": { + "$ref": "#/types/aws-native:quicksight:TemplateColorScale", + "description": "The color options (gradient color, point of divergence) in a heat map." + }, + "columnLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options of the column that is displayed in a heat map." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateHeatMapFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions", + "description": "The legend display setup of the visual." + }, + "rowLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options of the row that is displayed in a `heat map` ." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateHeatMapSortConfiguration", + "description": "The sort configuration of a heat map." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The tooltip display setup of the visual." + } + } + }, + "aws-native:quicksight:TemplateHeatMapFieldWells": { + "type": "object", + "properties": { + "heatMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateHeatMapAggregatedFieldWells", + "description": "The aggregated field wells of a heat map." + } + } + }, + "aws-native:quicksight:TemplateHeatMapSortConfiguration": { + "type": "object", + "properties": { + "heatMapColumnItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of columns that are displayed in a heat map." + }, + "heatMapColumnSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The column sort configuration for heat map for columns that aren't a part of a field well." + }, + "heatMapRowItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of rows that are displayed in a heat map." + }, + "heatMapRowSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The field sort configuration of the rows fields." + } + } + }, + "aws-native:quicksight:TemplateHeatMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateHeatMapConfiguration", + "description": "The configuration of a heat map." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateHistogramAggregatedFieldWells": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` ." + } + } + }, + "aws-native:quicksight:TemplateHistogramBinOptions": { + "type": "object", + "properties": { + "binCount": { + "$ref": "#/types/aws-native:quicksight:TemplateBinCountOptions", + "description": "The options that determine the bin count of a histogram." + }, + "binWidth": { + "$ref": "#/types/aws-native:quicksight:TemplateBinWidthOptions", + "description": "The options that determine the bin width of a histogram." + }, + "selectedBinType": { + "$ref": "#/types/aws-native:quicksight:TemplateHistogramBinType", + "description": "The options that determine the selected bin type." + }, + "startValue": { + "type": "number", + "description": "The options that determine the bin start value." + } + } + }, + "aws-native:quicksight:TemplateHistogramBinType": { + "type": "string" + }, + "aws-native:quicksight:TemplateHistogramConfiguration": { + "type": "object", + "properties": { + "binOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateHistogramBinOptions", + "description": "The options that determine the presentation of histogram bins." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The data label configuration of a histogram." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateHistogramFieldWells", + "description": "The field well configuration of a histogram." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The tooltip configuration of a histogram." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette", + "description": "The visual palette configuration of a histogram." + }, + "xAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The options that determine the presentation of the x-axis." + }, + "xAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The options that determine the presentation of the x-axis label." + }, + "yAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The options that determine the presentation of the y-axis." + } + } + }, + "aws-native:quicksight:TemplateHistogramFieldWells": { + "type": "object", + "properties": { + "histogramAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateHistogramAggregatedFieldWells", + "description": "The field well configuration of a histogram." + } + } + }, + "aws-native:quicksight:TemplateHistogramVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateHistogramConfiguration", + "description": "The configuration for a `HistogramVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateHorizontalTextAlignment": { + "type": "string" + }, + "aws-native:quicksight:TemplateIcon": { + "type": "string" + }, + "aws-native:quicksight:TemplateInsightConfiguration": { + "type": "object", + "properties": { + "computations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateComputation" + }, + "description": "The computations configurations of the insight visual" + }, + "customNarrative": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomNarrativeOptions", + "description": "The custom narrative of the insight visual." + } + } + }, + "aws-native:quicksight:TemplateInsightVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "dataSetIdentifier": { + "type": "string", + "description": "The dataset that is used in the insight visual." + }, + "insightConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateInsightConfiguration", + "description": "The configuration of an insight visual." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateIntegerDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:TemplateDynamicDefaultValue", + "description": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping." + }, + "staticValues": { + "type": "array", + "items": { + "type": "number" + }, + "description": "The static values of the `IntegerDefaultValues` ." + } + } + }, + "aws-native:quicksight:TemplateIntegerParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:TemplateIntegerDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "parameterValueType": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterValueType", + "description": "The value type determines whether the parameter is a single-value or multi-value parameter." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:TemplateIntegerValueWhenUnsetConfiguration", + "description": "A parameter declaration for the `Integer` data type." + } + } + }, + "aws-native:quicksight:TemplateIntegerValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "number", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:TemplateValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:TemplateItemsLimitConfiguration": { + "type": "object", + "properties": { + "itemsLimit": { + "type": "number", + "description": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart." + }, + "otherCategories": { + "$ref": "#/types/aws-native:quicksight:TemplateOtherCategories", + "description": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`" + } + } + }, + "aws-native:quicksight:TemplateKpiActualValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingIcon", + "description": "The conditional formatting of the actual value's icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingColor", + "description": "The conditional formatting of the actual value's text color." + } + } + }, + "aws-native:quicksight:TemplateKpiComparisonValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingIcon", + "description": "The conditional formatting of the comparison value's icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingColor", + "description": "The conditional formatting of the comparison value's text color." + } + } + }, + "aws-native:quicksight:TemplateKpiConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiConditionalFormattingOption" + }, + "description": "The conditional formatting options of a KPI visual." + } + } + }, + "aws-native:quicksight:TemplateKpiConditionalFormattingOption": { + "type": "object", + "properties": { + "actualValue": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiActualValueConditionalFormatting", + "description": "The conditional formatting for the actual value of a KPI visual." + }, + "comparisonValue": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiComparisonValueConditionalFormatting", + "description": "The conditional formatting for the comparison value of a KPI visual." + }, + "primaryValue": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiPrimaryValueConditionalFormatting", + "description": "The conditional formatting for the primary value of a KPI visual." + }, + "progressBar": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiProgressBarConditionalFormatting", + "description": "The conditional formatting for the progress bar of a KPI visual." + } + } + }, + "aws-native:quicksight:TemplateKpiConfiguration": { + "type": "object", + "properties": { + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiFieldWells", + "description": "The field well configuration of a KPI visual." + }, + "kpiOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiOptions", + "description": "The options that determine the presentation of a KPI visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiSortConfiguration", + "description": "The sort configuration of a KPI visual." + } + }, + "irreversibleNames": { + "kpiOptions": "KPIOptions" + } + }, + "aws-native:quicksight:TemplateKpiFieldWells": { + "type": "object", + "properties": { + "targetValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The target value field wells of a KPI visual." + }, + "trendGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The trend group field wells of a KPI visual." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The value field wells of a KPI visual." + } + } + }, + "aws-native:quicksight:TemplateKpiOptions": { + "type": "object", + "properties": { + "comparison": { + "$ref": "#/types/aws-native:quicksight:TemplateComparisonConfiguration", + "description": "The comparison configuration of a KPI visual." + }, + "primaryValueDisplayType": { + "$ref": "#/types/aws-native:quicksight:TemplatePrimaryValueDisplayType", + "description": "The options that determine the primary value display type." + }, + "primaryValueFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontConfiguration", + "description": "The options that determine the primary value font configuration." + }, + "progressBar": { + "$ref": "#/types/aws-native:quicksight:TemplateProgressBarOptions", + "description": "The options that determine the presentation of the progress bar of a KPI visual." + }, + "secondaryValue": { + "$ref": "#/types/aws-native:quicksight:TemplateSecondaryValueOptions", + "description": "The options that determine the presentation of the secondary value of a KPI visual." + }, + "secondaryValueFontConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontConfiguration", + "description": "The options that determine the secondary value font configuration." + }, + "sparkline": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiSparklineOptions", + "description": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual." + }, + "trendArrows": { + "$ref": "#/types/aws-native:quicksight:TemplateTrendArrowOptions", + "description": "The options that determine the presentation of trend arrows in a KPI visual." + }, + "visualLayoutOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiVisualLayoutOptions", + "description": "The options that determine the layout a KPI visual." + } + } + }, + "aws-native:quicksight:TemplateKpiPrimaryValueConditionalFormatting": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingIcon", + "description": "The conditional formatting of the primary value's icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingColor", + "description": "The conditional formatting of the primary value's text color." + } + } + }, + "aws-native:quicksight:TemplateKpiProgressBarConditionalFormatting": { + "type": "object", + "properties": { + "foregroundColor": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingColor", + "description": "The conditional formatting of the progress bar's foreground color." + } + } + }, + "aws-native:quicksight:TemplateKpiSortConfiguration": { + "type": "object", + "properties": { + "trendGroupSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the trend group fields." + } + } + }, + "aws-native:quicksight:TemplateKpiSparklineOptions": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color of the sparkline." + }, + "tooltipVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The tooltip visibility of the sparkline." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiSparklineType", + "description": "The type of the sparkline." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the sparkline." + } + } + }, + "aws-native:quicksight:TemplateKpiSparklineType": { + "type": "string" + }, + "aws-native:quicksight:TemplateKpiVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiConfiguration", + "description": "The configuration of a KPI visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiConditionalFormatting", + "description": "The conditional formatting of a KPI visual." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateKpiVisualLayoutOptions": { + "type": "object", + "properties": { + "standardLayout": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiVisualStandardLayout", + "description": "The standard layout of the KPI visual." + } + } + }, + "aws-native:quicksight:TemplateKpiVisualStandardLayout": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiVisualStandardLayoutType", + "description": "The standard layout type." + } + } + }, + "aws-native:quicksight:TemplateKpiVisualStandardLayoutType": { + "type": "string" + }, + "aws-native:quicksight:TemplateLabelOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The text for the label." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontConfiguration", + "description": "The font configuration of the label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines whether or not the label is visible." + } + } + }, + "aws-native:quicksight:TemplateLayout": { + "type": "object", + "properties": { + "configuration": { + "$ref": "#/types/aws-native:quicksight:TemplateLayoutConfiguration", + "description": "The configuration that determines what the type of layout for a sheet." + } + } + }, + "aws-native:quicksight:TemplateLayoutConfiguration": { + "type": "object", + "properties": { + "freeFormLayout": { + "$ref": "#/types/aws-native:quicksight:TemplateFreeFormLayoutConfiguration", + "description": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements." + }, + "gridLayout": { + "$ref": "#/types/aws-native:quicksight:TemplateGridLayoutConfiguration", + "description": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` ." + }, + "sectionBasedLayout": { + "$ref": "#/types/aws-native:quicksight:TemplateSectionBasedLayoutConfiguration", + "description": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break." + } + } + }, + "aws-native:quicksight:TemplateLayoutElementType": { + "type": "string" + }, + "aws-native:quicksight:TemplateLegendOptions": { + "type": "object", + "properties": { + "height": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "position": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendPosition", + "description": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`" + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateLabelOptions", + "description": "The custom title for the legend." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines whether or not the legend is visible." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:TemplateLegendPosition": { + "type": "string" + }, + "aws-native:quicksight:TemplateLineChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The category field wells of a line chart. Values are grouped by category fields." + }, + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The color field wells of a line chart. Values are grouped by category fields." + }, + "smallMultiples": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The small multiples field well of a line chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The value field wells of a line chart. Values are aggregated based on categories." + } + } + }, + "aws-native:quicksight:TemplateLineChartConfiguration": { + "type": "object", + "properties": { + "contributionAnalysisDefaults": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateContributionAnalysisDefault" + }, + "description": "The default configuration of a line chart's contribution analysis." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The data label configuration of a line chart." + }, + "defaultSeriesSettings": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartDefaultSeriesSettings", + "description": "The options that determine the default presentation of all line series in `LineChartVisual` ." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartFieldWells", + "description": "The field well configuration of a line chart." + }, + "forecastConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateForecastConfiguration" + }, + "description": "The forecast configuration of a line chart." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions", + "description": "The legend configuration of a line chart." + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateLineSeriesAxisDisplayOptions", + "description": "The series axis configuration of a line chart." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The options that determine the presentation of the y-axis label." + }, + "referenceLines": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLine" + }, + "description": "The reference lines configuration of a line chart." + }, + "secondaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateLineSeriesAxisDisplayOptions", + "description": "The series axis configuration of a line chart." + }, + "secondaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The options that determine the presentation of the secondary y-axis label." + }, + "series": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateSeriesItem" + }, + "description": "The series item configuration of a line chart." + }, + "smallMultiplesOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSmallMultiplesOptions", + "description": "The small multiples setup for the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartSortConfiguration", + "description": "The sort configuration of a line chart." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The tooltip configuration of a line chart." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartType", + "description": "Determines the type of the line chart." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette", + "description": "The visual palette configuration of a line chart." + }, + "xAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The options that determine the presentation of the x-axis." + }, + "xAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The options that determine the presentation of the x-axis label." + } + } + }, + "aws-native:quicksight:TemplateLineChartDefaultSeriesSettings": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisBinding", + "description": "The axis to which you are binding all line series to." + }, + "lineStyleSettings": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartLineStyleSettings", + "description": "Line styles options for all line series in the visual." + }, + "markerStyleSettings": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartMarkerStyleSettings", + "description": "Marker styles options for all line series in the visual." + } + } + }, + "aws-native:quicksight:TemplateLineChartFieldWells": { + "type": "object", + "properties": { + "lineChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartAggregatedFieldWells", + "description": "The field well configuration of a line chart." + } + } + }, + "aws-native:quicksight:TemplateLineChartLineStyle": { + "type": "string" + }, + "aws-native:quicksight:TemplateLineChartLineStyleSettings": { + "type": "object", + "properties": { + "lineInterpolation": { + "$ref": "#/types/aws-native:quicksight:TemplateLineInterpolation", + "description": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line." + }, + "lineStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartLineStyle", + "description": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line." + }, + "lineVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Configuration option that determines whether to show the line for the series." + }, + "lineWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:TemplateLineChartMarkerShape": { + "type": "string" + }, + "aws-native:quicksight:TemplateLineChartMarkerStyleSettings": { + "type": "object", + "properties": { + "markerColor": { + "type": "string", + "description": "Color of marker in the series." + }, + "markerShape": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartMarkerShape", + "description": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square." + }, + "markerSize": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "markerVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Configuration option that determines whether to show the markers in the series." + } + } + }, + "aws-native:quicksight:TemplateLineChartSeriesSettings": { + "type": "object", + "properties": { + "lineStyleSettings": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartLineStyleSettings", + "description": "Line styles options for a line series in `LineChartVisual` ." + }, + "markerStyleSettings": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartMarkerStyleSettings", + "description": "Marker styles options for a line series in `LineChartVisual` ." + } + } + }, + "aws-native:quicksight:TemplateLineChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of categories that are displayed in a line chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + }, + "colorItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of lines that are displayed in a line chart." + }, + "smallMultiplesLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of small multiples panels that are displayed." + }, + "smallMultiplesSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the small multiples field." + } + } + }, + "aws-native:quicksight:TemplateLineChartType": { + "type": "string" + }, + "aws-native:quicksight:TemplateLineChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartConfiguration", + "description": "The configuration of a line chart." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateLineInterpolation": { + "type": "string" + }, + "aws-native:quicksight:TemplateLineSeriesAxisDisplayOptions": { + "type": "object", + "properties": { + "axisOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The options that determine the presentation of the line series axis." + }, + "missingDataConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMissingDataConfiguration" + }, + "description": "The configuration options that determine how missing data is treated during the rendering of a line chart." + } + } + }, + "aws-native:quicksight:TemplateListControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "searchOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateListControlSearchOptions", + "description": "The configuration of the search options in a list control." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateListControlSelectAllOptions", + "description": "The configuration of the `Select all` options in a list control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:TemplateListControlSearchOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility configuration of the search options in a list control." + } + } + }, + "aws-native:quicksight:TemplateListControlSelectAllOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility configuration of the `Select all` options in a list control." + } + } + }, + "aws-native:quicksight:TemplateLoadingAnimation": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility configuration of `LoadingAnimation` ." + } + } + }, + "aws-native:quicksight:TemplateLocalNavigationConfiguration": { + "type": "object", + "properties": { + "targetSheetId": { + "type": "string", + "description": "The sheet that is targeted for navigation in the same analysis." + } + } + }, + "aws-native:quicksight:TemplateLongFormatText": { + "type": "object", + "properties": { + "plainText": { + "type": "string", + "description": "Plain text format." + }, + "richText": { + "type": "string", + "description": "Rich text. Examples of rich text include bold, underline, and italics." + } + } + }, + "aws-native:quicksight:TemplateMapZoomMode": { + "type": "string" + }, + "aws-native:quicksight:TemplateMappedDataSetParameter": { + "type": "object", + "properties": { + "dataSetIdentifier": { + "type": "string", + "description": "A unique name that identifies a dataset within the analysis or dashboard." + }, + "dataSetParameterName": { + "type": "string", + "description": "The name of the dataset parameter." + } + } + }, + "aws-native:quicksight:TemplateMaximumLabelType": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the maximum label." + } + } + }, + "aws-native:quicksight:TemplateMaximumMinimumComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField", + "description": "The time field that is used in a computation." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateMaximumMinimumComputationType", + "description": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:TemplateMaximumMinimumComputationType": { + "type": "string" + }, + "aws-native:quicksight:TemplateMeasureField": { + "type": "object", + "properties": { + "calculatedMeasureField": { + "$ref": "#/types/aws-native:quicksight:TemplateCalculatedMeasureField", + "description": "The calculated measure field only used in pivot tables." + }, + "categoricalMeasureField": { + "$ref": "#/types/aws-native:quicksight:TemplateCategoricalMeasureField", + "description": "The measure type field with categorical type columns." + }, + "dateMeasureField": { + "$ref": "#/types/aws-native:quicksight:TemplateDateMeasureField", + "description": "The measure type field with date type columns." + }, + "numericalMeasureField": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericalMeasureField", + "description": "The measure type field with numerical type columns." + } + } + }, + "aws-native:quicksight:TemplateMetricComparisonComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "fromValue": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField", + "description": "The field that is used in a metric comparison from value setup." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "targetValue": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField", + "description": "The field that is used in a metric comparison to value setup." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField", + "description": "The time field that is used in a computation." + } + } + }, + "aws-native:quicksight:TemplateMinimumLabelType": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the minimum label." + } + } + }, + "aws-native:quicksight:TemplateMissingDataConfiguration": { + "type": "object", + "properties": { + "treatmentOption": { + "$ref": "#/types/aws-native:quicksight:TemplateMissingDataTreatmentOption", + "description": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data." + } + } + }, + "aws-native:quicksight:TemplateMissingDataTreatmentOption": { + "type": "string" + }, + "aws-native:quicksight:TemplateNegativeValueConfiguration": { + "type": "object", + "properties": { + "displayMode": { + "$ref": "#/types/aws-native:quicksight:TemplateNegativeValueDisplayMode", + "description": "Determines the display mode of the negative value configuration." + } + } + }, + "aws-native:quicksight:TemplateNegativeValueDisplayMode": { + "type": "string" + }, + "aws-native:quicksight:TemplateNullValueFormatConfiguration": { + "type": "object", + "properties": { + "nullString": { + "type": "string", + "description": "Determines the null string of null values." + } + } + }, + "aws-native:quicksight:TemplateNumberDisplayFormatConfiguration": { + "type": "object", + "properties": { + "decimalPlacesConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDecimalPlacesConfiguration", + "description": "The option that determines the decimal places configuration." + }, + "negativeValueConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNegativeValueConfiguration", + "description": "The options that determine the negative value configuration." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numberScale": { + "$ref": "#/types/aws-native:quicksight:TemplateNumberScale", + "description": "Determines the number scale value of the number format." + }, + "prefix": { + "type": "string", + "description": "Determines the prefix value of the number format." + }, + "separatorConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericSeparatorConfiguration", + "description": "The options that determine the numeric separator configuration." + }, + "suffix": { + "type": "string", + "description": "Determines the suffix value of the number format." + } + } + }, + "aws-native:quicksight:TemplateNumberFormatConfiguration": { + "type": "object", + "properties": { + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericFormatConfiguration", + "description": "The options that determine the numeric format configuration." + } + } + }, + "aws-native:quicksight:TemplateNumberScale": { + "type": "string" + }, + "aws-native:quicksight:TemplateNumericAxisOptions": { + "type": "object", + "properties": { + "range": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayRange", + "description": "The range setup of a numeric axis." + }, + "scale": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisScale", + "description": "The scale setup of a numeric axis." + } + } + }, + "aws-native:quicksight:TemplateNumericEqualityDrillDownFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "value": { + "type": "number", + "description": "The value of the double input numeric drill down filter." + } + } + }, + "aws-native:quicksight:TemplateNumericEqualityFilter": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateAggregationFunction", + "description": "The aggregation function of the filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "matchOperator": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericEqualityMatchOperator", + "description": "The match operator that is used to determine if a filter should be applied." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + }, + "value": { + "type": "number", + "description": "The input value." + } + } + }, + "aws-native:quicksight:TemplateNumericEqualityMatchOperator": { + "type": "string" + }, + "aws-native:quicksight:TemplateNumericFilterSelectAllOptions": { + "type": "string" + }, + "aws-native:quicksight:TemplateNumericFormatConfiguration": { + "type": "object", + "properties": { + "currencyDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateCurrencyDisplayFormatConfiguration", + "description": "The options that determine the currency display format configuration." + }, + "numberDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumberDisplayFormatConfiguration", + "description": "The options that determine the number display format configuration." + }, + "percentageDisplayFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplatePercentageDisplayFormatConfiguration", + "description": "The options that determine the percentage display format configuration." + } + } + }, + "aws-native:quicksight:TemplateNumericRangeFilter": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateAggregationFunction", + "description": "The aggregation function of the filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "includeMaximum": { + "type": "boolean", + "description": "Determines whether the maximum value in the filter value range should be included in the filtered results." + }, + "includeMinimum": { + "type": "boolean", + "description": "Determines whether the minimum value in the filter value range should be included in the filtered results." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "rangeMaximum": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericRangeFilterValue", + "description": "The maximum value for the filter value range." + }, + "rangeMinimum": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericRangeFilterValue", + "description": "The minimum value for the filter value range." + }, + "selectAllOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericFilterSelectAllOptions", + "description": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`" + } + } + }, + "aws-native:quicksight:TemplateNumericRangeFilterValue": { + "type": "object", + "properties": { + "parameter": { + "type": "string", + "description": "The parameter that is used in the numeric range." + }, + "staticValue": { + "type": "number", + "description": "The static value of the numeric range filter." + } + } + }, + "aws-native:quicksight:TemplateNumericSeparatorConfiguration": { + "type": "object", + "properties": { + "decimalSeparator": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericSeparatorSymbol", + "description": "Determines the decimal separator." + }, + "thousandsSeparator": { + "$ref": "#/types/aws-native:quicksight:TemplateThousandSeparatorOptions", + "description": "The options that determine the thousands separator configuration." + } + } + }, + "aws-native:quicksight:TemplateNumericSeparatorSymbol": { + "type": "string" + }, + "aws-native:quicksight:TemplateNumericalAggregationFunction": { + "type": "object", + "properties": { + "percentileAggregation": { + "$ref": "#/types/aws-native:quicksight:TemplatePercentileAggregation", + "description": "An aggregation based on the percentile of values in a dimension or measure." + }, + "simpleNumericalAggregation": { + "$ref": "#/types/aws-native:quicksight:TemplateSimpleNumericalAggregationFunction", + "description": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure." + } + } + }, + "aws-native:quicksight:TemplateNumericalDimensionField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that is used in the `NumericalDimensionField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumberFormatConfiguration", + "description": "The format configuration of the field." + }, + "hierarchyId": { + "type": "string", + "description": "The custom hierarchy ID." + } + } + }, + "aws-native:quicksight:TemplateNumericalMeasureField": { + "type": "object", + "properties": { + "aggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericalAggregationFunction", + "description": "The aggregation function of the measure field." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that is used in the `NumericalMeasureField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumberFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:TemplateOtherCategories": { + "type": "string" + }, + "aws-native:quicksight:TemplatePaginationConfiguration": { + "type": "object", + "properties": { + "pageNumber": { + "type": "number", + "description": "Indicates the page number." + }, + "pageSize": { + "type": "number", + "description": "Indicates how many items render in one page." + } + } + }, + "aws-native:quicksight:TemplatePanelBorderStyle": { + "type": "string" + }, + "aws-native:quicksight:TemplatePanelConfiguration": { + "type": "object", + "properties": { + "backgroundColor": { + "type": "string", + "description": "Sets the background color for each panel." + }, + "backgroundVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines whether or not a background for each small multiples panel is rendered." + }, + "borderColor": { + "type": "string", + "description": "Sets the line color of panel borders." + }, + "borderStyle": { + "$ref": "#/types/aws-native:quicksight:TemplatePanelBorderStyle", + "description": "Sets the line style of panel borders." + }, + "borderThickness": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "borderVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines whether or not each panel displays a border." + }, + "gutterSpacing": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "gutterVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines whether or not negative space between sibling panels is rendered." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplatePanelTitleOptions", + "description": "Configures the title display within each small multiples panel." + } + } + }, + "aws-native:quicksight:TemplatePanelTitleOptions": { + "type": "object", + "properties": { + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontConfiguration" + }, + "horizontalTextAlignment": { + "$ref": "#/types/aws-native:quicksight:TemplateHorizontalTextAlignment", + "description": "Sets the horizontal text alignment of the title within each panel." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines whether or not panel titles are displayed." + } + } + }, + "aws-native:quicksight:TemplatePaperOrientation": { + "type": "string" + }, + "aws-native:quicksight:TemplatePaperSize": { + "type": "string" + }, + "aws-native:quicksight:TemplateParameterControl": { + "type": "object", + "properties": { + "dateTimePicker": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterDateTimePickerControl", + "description": "A control from a date parameter that specifies date and time." + }, + "dropdown": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterDropDownControl", + "description": "A control to display a dropdown list with buttons that are used to select a single value." + }, + "list": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterListControl", + "description": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values." + }, + "slider": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterSliderControl", + "description": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle." + }, + "textArea": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterTextAreaControl", + "description": "A control to display a text box that is used to enter multiple entries." + }, + "textField": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterTextFieldControl", + "description": "A control to display a text box that is used to enter a single entry." + } + } + }, + "aws-native:quicksight:TemplateParameterDateTimePickerControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDateTimePickerControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterDateTimePickerControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The name of the `ParameterDateTimePickerControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterDateTimePickerControl` ." + } + } + }, + "aws-native:quicksight:TemplateParameterDeclaration": { + "type": "object", + "properties": { + "dateTimeParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:TemplateDateTimeParameterDeclaration", + "description": "A parameter declaration for the `DateTime` data type." + }, + "decimalParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:TemplateDecimalParameterDeclaration", + "description": "A parameter declaration for the `Decimal` data type." + }, + "integerParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:TemplateIntegerParameterDeclaration", + "description": "A parameter declaration for the `Integer` data type." + }, + "stringParameterDeclaration": { + "$ref": "#/types/aws-native:quicksight:TemplateStringParameterDeclaration", + "description": "A parameter declaration for the `String` data type." + } + } + }, + "aws-native:quicksight:TemplateParameterDropDownControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDropDownControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterDropDownControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterDropDownControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterDropDownControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlListType", + "description": "The type parameter name of the `ParameterDropDownControl` ." + } + } + }, + "aws-native:quicksight:TemplateParameterListControl": { + "type": "object", + "properties": { + "cascadingControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateCascadingControlConfiguration", + "description": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateListControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterListControl` ." + }, + "selectableValues": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterSelectableValues", + "description": "A list of selectable values that are used in a control." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterListControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterListControl` ." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlListType", + "description": "The type of `ParameterListControl` ." + } + } + }, + "aws-native:quicksight:TemplateParameterSelectableValues": { + "type": "object", + "properties": { + "linkToDataSetColumn": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column identifier that fetches values from the data set." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The values that are used in `ParameterSelectableValues` ." + } + } + }, + "aws-native:quicksight:TemplateParameterSliderControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSliderControlDisplayOptions", + "description": "The display options of a control." + }, + "maximumValue": { + "type": "number", + "description": "The larger value that is displayed at the right of the slider." + }, + "minimumValue": { + "type": "number", + "description": "The smaller value that is displayed at the left of the slider." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterSliderControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterSliderControl` ." + }, + "stepSize": { + "type": "number", + "description": "The number of increments that the slider bar is divided into." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterSliderControl` ." + } + } + }, + "aws-native:quicksight:TemplateParameterTextAreaControl": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "The delimiter that is used to separate the lines in text." + }, + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTextAreaControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterTextAreaControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterTextAreaControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterTextAreaControl` ." + } + } + }, + "aws-native:quicksight:TemplateParameterTextFieldControl": { + "type": "object", + "properties": { + "displayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTextFieldControlDisplayOptions", + "description": "The display options of a control." + }, + "parameterControlId": { + "type": "string", + "description": "The ID of the `ParameterTextFieldControl` ." + }, + "sourceParameterName": { + "type": "string", + "description": "The source parameter name of the `ParameterTextFieldControl` ." + }, + "title": { + "type": "string", + "description": "The title of the `ParameterTextFieldControl` ." + } + } + }, + "aws-native:quicksight:TemplateParameterValueType": { + "type": "string" + }, + "aws-native:quicksight:TemplatePercentVisibleRange": { + "type": "object", + "properties": { + "from": { + "type": "number", + "description": "The lower bound of the range." + }, + "to": { + "type": "number", + "description": "The top bound of the range." + } + } + }, + "aws-native:quicksight:TemplatePercentageDisplayFormatConfiguration": { + "type": "object", + "properties": { + "decimalPlacesConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDecimalPlacesConfiguration", + "description": "The option that determines the decimal places configuration." + }, + "negativeValueConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNegativeValueConfiguration", + "description": "The options that determine the negative value configuration." + }, + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "prefix": { + "type": "string", + "description": "Determines the prefix value of the percentage format." + }, + "separatorConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericSeparatorConfiguration", + "description": "The options that determine the numeric separator configuration." + }, + "suffix": { + "type": "string", + "description": "Determines the suffix value of the percentage format." + } + } + }, + "aws-native:quicksight:TemplatePercentileAggregation": { + "type": "object", + "properties": { + "percentileValue": { + "type": "number", + "description": "The percentile value. This value can be any numeric constant 0–100. A percentile value of 50 computes the median value of the measure." + } + } + }, + "aws-native:quicksight:TemplatePeriodOverPeriodComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField", + "description": "The time field that is used in a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:TemplatePeriodToDateComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "periodTimeGranularity": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeGranularity", + "description": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField", + "description": "The time field that is used in a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:TemplatePieChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The category (group/color) field wells of a pie chart." + }, + "smallMultiples": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The small multiples field well of a pie chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The value field wells of a pie chart. Values are aggregated based on categories." + } + } + }, + "aws-native:quicksight:TemplatePieChartConfiguration": { + "type": "object", + "properties": { + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options of the group/color that is displayed in a pie chart." + }, + "contributionAnalysisDefaults": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateContributionAnalysisDefault" + }, + "description": "The contribution analysis (anomaly configuration) setup of the visual." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "donutOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateDonutOptions", + "description": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplatePieChartFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions", + "description": "The legend display setup of the visual." + }, + "smallMultiplesOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSmallMultiplesOptions", + "description": "The small multiples setup for the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplatePieChartSortConfiguration", + "description": "The sort configuration of a pie chart." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The tooltip display setup of the visual." + }, + "valueLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options for the value that is displayed in a pie chart." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:TemplatePieChartFieldWells": { + "type": "object", + "properties": { + "pieChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplatePieChartAggregatedFieldWells", + "description": "The field well configuration of a pie chart." + } + } + }, + "aws-native:quicksight:TemplatePieChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of categories that are displayed in a pie chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + }, + "smallMultiplesLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of small multiples panels that are displayed." + }, + "smallMultiplesSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the small multiples field." + } + } + }, + "aws-native:quicksight:TemplatePieChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplatePieChartConfiguration", + "description": "The configuration of a pie chart." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplatePivotFieldSortOptions": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID for the field sort options." + }, + "sortBy": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableSortBy", + "description": "The sort by field for the field sort options." + } + } + }, + "aws-native:quicksight:TemplatePivotTableAggregatedFieldWells": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The columns field well for a pivot table. Values are grouped by columns fields." + }, + "rows": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The rows field well for a pivot table. Values are grouped by rows fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The values field well for a pivot table. Values are aggregated based on rows and columns fields." + } + } + }, + "aws-native:quicksight:TemplatePivotTableCellConditionalFormatting": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the cell for conditional formatting." + }, + "scope": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableConditionalFormattingScope", + "description": "The scope of the cell for conditional formatting." + }, + "scopes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableConditionalFormattingScope" + }, + "description": "A list of cell scopes for conditional formatting." + }, + "textFormat": { + "$ref": "#/types/aws-native:quicksight:TemplateTextConditionalFormat", + "description": "The text format of the cell for conditional formatting." + } + } + }, + "aws-native:quicksight:TemplatePivotTableConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableConditionalFormattingOption" + }, + "description": "Conditional formatting options for a `PivotTableVisual` ." + } + } + }, + "aws-native:quicksight:TemplatePivotTableConditionalFormattingOption": { + "type": "object", + "properties": { + "cell": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableCellConditionalFormatting", + "description": "The cell conditional formatting option for a pivot table." + } + } + }, + "aws-native:quicksight:TemplatePivotTableConditionalFormattingScope": { + "type": "object", + "properties": { + "role": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableConditionalFormattingScopeRole", + "description": "The role (field, field total, grand total) of the cell for conditional formatting." + } + } + }, + "aws-native:quicksight:TemplatePivotTableConditionalFormattingScopeRole": { + "type": "string" + }, + "aws-native:quicksight:TemplatePivotTableConfiguration": { + "type": "object", + "properties": { + "fieldOptions": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableFieldOptions", + "description": "The field options for a pivot table visual." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableFieldWells", + "description": "The field wells of the visual." + }, + "paginatedReportOptions": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTablePaginatedReportOptions", + "description": "The paginated report options for a pivot table visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableSortConfiguration", + "description": "The sort configuration for a `PivotTableVisual` ." + }, + "tableOptions": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableOptions", + "description": "The table options for a pivot table visual." + }, + "totalOptions": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableTotalOptions", + "description": "The total options for a pivot table visual." + } + } + }, + "aws-native:quicksight:TemplatePivotTableDataPathOption": { + "type": "object", + "properties": { + "dataPathList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDataPathValue" + }, + "description": "The list of data path values for the data path options." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + } + }, + "aws-native:quicksight:TemplatePivotTableDataPathType": { + "type": "string" + }, + "aws-native:quicksight:TemplatePivotTableFieldCollapseState": { + "type": "string" + }, + "aws-native:quicksight:TemplatePivotTableFieldCollapseStateOption": { + "type": "object", + "properties": { + "state": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableFieldCollapseState", + "description": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`" + }, + "target": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableFieldCollapseStateTarget", + "description": "A tagged-union object that sets the collapse state." + } + } + }, + "aws-native:quicksight:TemplatePivotTableFieldCollapseStateTarget": { + "type": "object", + "properties": { + "fieldDataPathValues": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDataPathValue" + }, + "description": "The data path of the pivot table's header. Used to set the collapse state." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the pivot table that the collapse state needs to be set to." + } + } + }, + "aws-native:quicksight:TemplatePivotTableFieldOption": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label of the pivot table field." + }, + "fieldId": { + "type": "string", + "description": "The field ID of the pivot table field." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the pivot table field." + } + } + }, + "aws-native:quicksight:TemplatePivotTableFieldOptions": { + "type": "object", + "properties": { + "collapseStateOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableFieldCollapseStateOption" + }, + "description": "The collapse state options for the pivot table field options." + }, + "dataPathOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableDataPathOption" + }, + "description": "The data path options for the pivot table field options." + }, + "selectedFieldOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableFieldOption" + }, + "description": "The selected field options for the pivot table field options." + } + } + }, + "aws-native:quicksight:TemplatePivotTableFieldSubtotalOptions": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the subtotal options." + } + } + }, + "aws-native:quicksight:TemplatePivotTableFieldWells": { + "type": "object", + "properties": { + "pivotTableAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableAggregatedFieldWells", + "description": "The aggregated field well for the pivot table." + } + } + }, + "aws-native:quicksight:TemplatePivotTableMetricPlacement": { + "type": "string" + }, + "aws-native:quicksight:TemplatePivotTableOptions": { + "type": "object", + "properties": { + "cellStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The table cell style of cells." + }, + "collapsedRowDimensionsVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` ." + }, + "columnHeaderStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The table cell style of the column header." + }, + "columnNamesVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the column names." + }, + "defaultCellWidth": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "metricPlacement": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableMetricPlacement", + "description": "The metric placement (row, column) options." + }, + "rowAlternateColorOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateRowAlternateColorOptions", + "description": "The row alternate color options (widget status, row alternate colors)." + }, + "rowFieldNamesStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The table cell style of row field names." + }, + "rowHeaderStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The table cell style of the row headers." + }, + "rowsLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableRowsLabelOptions", + "description": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` ." + }, + "rowsLayout": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableRowsLayout", + "description": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields." + }, + "singleMetricVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the single metric options." + }, + "toggleButtonsVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines the visibility of the pivot table." + } + } + }, + "aws-native:quicksight:TemplatePivotTablePaginatedReportOptions": { + "type": "object", + "properties": { + "overflowColumnHeaderVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the repeating header rows on each page." + }, + "verticalOverflowVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the printing table overflow across pages." + } + } + }, + "aws-native:quicksight:TemplatePivotTableRowsLabelOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the rows label." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the rows label." + } + } + }, + "aws-native:quicksight:TemplatePivotTableRowsLayout": { + "type": "string" + }, + "aws-native:quicksight:TemplatePivotTableSortBy": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnSort", + "description": "The column sort (field id, direction) for the pivot table sort by options." + }, + "dataPath": { + "$ref": "#/types/aws-native:quicksight:TemplateDataPathSort", + "description": "The data path sort (data path value, direction) for the pivot table sort by options." + }, + "field": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSort", + "description": "The field sort (field id, direction) for the pivot table sort by options." + } + } + }, + "aws-native:quicksight:TemplatePivotTableSortConfiguration": { + "type": "object", + "properties": { + "fieldSortOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotFieldSortOptions" + }, + "description": "The field sort options for a pivot table sort configuration." + } + } + }, + "aws-native:quicksight:TemplatePivotTableSubtotalLevel": { + "type": "string" + }, + "aws-native:quicksight:TemplatePivotTableTotalOptions": { + "type": "object", + "properties": { + "columnSubtotalOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSubtotalOptions", + "description": "The column subtotal options." + }, + "columnTotalOptions": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTotalOptions", + "description": "The column total options." + }, + "rowSubtotalOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSubtotalOptions", + "description": "The row subtotal options." + }, + "rowTotalOptions": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTotalOptions", + "description": "The row total options." + } + } + }, + "aws-native:quicksight:TemplatePivotTableVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableConfiguration", + "description": "The configuration settings of the visual." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableConditionalFormatting", + "description": "The conditional formatting for a `PivotTableVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:TemplatePivotTotalOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the total cells." + }, + "metricHeaderCellStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The cell styling options for the total of header cells." + }, + "placement": { + "$ref": "#/types/aws-native:quicksight:TemplateTableTotalsPlacement", + "description": "The placement (start, end) for the total cells." + }, + "scrollStatus": { + "$ref": "#/types/aws-native:quicksight:TemplateTableTotalsScrollStatus", + "description": "The scroll status (pinned, scrolled) for the total cells." + }, + "totalAggregationOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateTotalAggregationOption" + }, + "description": "The total aggregation options for each value field." + }, + "totalCellStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The cell styling options for the total cells." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility configuration for the total cells." + }, + "valueCellStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The cell styling options for the totals of value cells." + } + } + }, + "aws-native:quicksight:TemplatePredefinedHierarchy": { + "type": "object", + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier" + }, + "description": "The list of columns that define the predefined hierarchy." + }, + "drillDownFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDrillDownFilter" + }, + "description": "The option that determines the drill down filters for the predefined hierarchy." + }, + "hierarchyId": { + "type": "string", + "description": "The hierarchy ID of the predefined hierarchy." + } + } + }, + "aws-native:quicksight:TemplatePrimaryValueDisplayType": { + "type": "string" + }, + "aws-native:quicksight:TemplateProgressBarOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the progress bar." + } + } + }, + "aws-native:quicksight:TemplateRadarChartAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The aggregated field well categories of a radar chart." + }, + "color": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The color that are assigned to the aggregated field wells of a radar chart." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The values that are assigned to the aggregated field wells of a radar chart." + } + } + }, + "aws-native:quicksight:TemplateRadarChartAreaStyleSettings": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility settings of a radar chart." + } + } + }, + "aws-native:quicksight:TemplateRadarChartAxesRangeScale": { + "type": "string" + }, + "aws-native:quicksight:TemplateRadarChartConfiguration": { + "type": "object", + "properties": { + "alternateBandColorsVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines the visibility of the colors of alternatign bands in a radar chart." + }, + "alternateBandEvenColor": { + "type": "string", + "description": "The color of the even-numbered alternate bands of a radar chart." + }, + "alternateBandOddColor": { + "type": "string", + "description": "The color of the odd-numbered alternate bands of a radar chart." + }, + "axesRangeScale": { + "$ref": "#/types/aws-native:quicksight:TemplateRadarChartAxesRangeScale", + "description": "The axis behavior options of a radar chart." + }, + "baseSeriesSettings": { + "$ref": "#/types/aws-native:quicksight:TemplateRadarChartSeriesSettings", + "description": "The base sreies settings of a radar chart." + }, + "categoryAxis": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The category axis of a radar chart." + }, + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The category label options of a radar chart." + }, + "colorAxis": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The color axis of a radar chart." + }, + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The color label options of a radar chart." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateRadarChartFieldWells", + "description": "The field well configuration of a `RadarChartVisual` ." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions", + "description": "The legend display setup of the visual." + }, + "shape": { + "$ref": "#/types/aws-native:quicksight:TemplateRadarChartShape", + "description": "The shape of the radar chart." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateRadarChartSortConfiguration", + "description": "The sort configuration of a `RadarChartVisual` ." + }, + "startAngle": { + "type": "number", + "description": "The start angle of a radar chart's axis." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette", + "description": "The palette (chart color) display setup of the visual." + } + } + }, + "aws-native:quicksight:TemplateRadarChartFieldWells": { + "type": "object", + "properties": { + "radarChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateRadarChartAggregatedFieldWells", + "description": "The aggregated field wells of a radar chart visual." + } + } + }, + "aws-native:quicksight:TemplateRadarChartSeriesSettings": { + "type": "object", + "properties": { + "areaStyleSettings": { + "$ref": "#/types/aws-native:quicksight:TemplateRadarChartAreaStyleSettings", + "description": "The area style settings of a radar chart." + } + } + }, + "aws-native:quicksight:TemplateRadarChartShape": { + "type": "string" + }, + "aws-native:quicksight:TemplateRadarChartSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The category items limit for a radar chart." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The category sort options of a radar chart." + }, + "colorItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The color items limit of a radar chart." + }, + "colorSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The color sort configuration of a radar chart." + } + } + }, + "aws-native:quicksight:TemplateRadarChartVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateRadarChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateRangeEndsLabelType": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the range ends label." + } + } + }, + "aws-native:quicksight:TemplateReferenceLine": { + "type": "object", + "properties": { + "dataConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLineDataConfiguration", + "description": "The data configuration of the reference line." + }, + "labelConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLineLabelConfiguration", + "description": "The label configuration of the reference line." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:TemplateWidgetStatus", + "description": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`" + }, + "styleConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLineStyleConfiguration", + "description": "The style configuration of the reference line." + } + } + }, + "aws-native:quicksight:TemplateReferenceLineCustomLabelConfiguration": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The string text of the custom label." + } + } + }, + "aws-native:quicksight:TemplateReferenceLineDataConfiguration": { + "type": "object", + "properties": { + "axisBinding": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisBinding", + "description": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`" + }, + "dynamicConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLineDynamicDataConfiguration", + "description": "The dynamic configuration of the reference line data configuration." + }, + "seriesType": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLineSeriesType", + "description": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`" + }, + "staticConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLineStaticDataConfiguration", + "description": "The static data configuration of the reference line data configuration." + } + } + }, + "aws-native:quicksight:TemplateReferenceLineDynamicDataConfiguration": { + "type": "object", + "properties": { + "calculation": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericalAggregationFunction", + "description": "The calculation that is used in the dynamic data." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the dynamic data targets." + }, + "measureAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateAggregationFunction", + "description": "The aggregation function that is used in the dynamic data." + } + } + }, + "aws-native:quicksight:TemplateReferenceLineLabelConfiguration": { + "type": "object", + "properties": { + "customLabelConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLineCustomLabelConfiguration", + "description": "The custom label configuration of the label in a reference line." + }, + "fontColor": { + "type": "string", + "description": "The font color configuration of the label in a reference line." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontConfiguration", + "description": "The font configuration of the label in a reference line." + }, + "horizontalPosition": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLineLabelHorizontalPosition", + "description": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`" + }, + "valueLabelConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLineValueLabelConfiguration", + "description": "The value label configuration of the label in a reference line." + }, + "verticalPosition": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLineLabelVerticalPosition", + "description": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`" + } + } + }, + "aws-native:quicksight:TemplateReferenceLineLabelHorizontalPosition": { + "type": "string" + }, + "aws-native:quicksight:TemplateReferenceLineLabelVerticalPosition": { + "type": "string" + }, + "aws-native:quicksight:TemplateReferenceLinePatternType": { + "type": "string" + }, + "aws-native:quicksight:TemplateReferenceLineSeriesType": { + "type": "string" + }, + "aws-native:quicksight:TemplateReferenceLineStaticDataConfiguration": { + "type": "object", + "properties": { + "value": { + "type": "number", + "description": "The double input of the static data." + } + } + }, + "aws-native:quicksight:TemplateReferenceLineStyleConfiguration": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The hex color of the reference line." + }, + "pattern": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLinePatternType", + "description": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`" + } + } + }, + "aws-native:quicksight:TemplateReferenceLineValueLabelConfiguration": { + "type": "object", + "properties": { + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericFormatConfiguration", + "description": "The format configuration of the value label." + }, + "relativePosition": { + "$ref": "#/types/aws-native:quicksight:TemplateReferenceLineValueLabelRelativePosition", + "description": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`" + } + } + }, + "aws-native:quicksight:TemplateReferenceLineValueLabelRelativePosition": { + "type": "string" + }, + "aws-native:quicksight:TemplateRelativeDateTimeControlDisplayOptions": { + "type": "object", + "properties": { + "dateTimeFormat": { + "type": "string", + "description": "Customize how dates are formatted in controls." + }, + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:TemplateRelativeDateType": { + "type": "string" + }, + "aws-native:quicksight:TemplateRelativeDatesFilter": { + "type": "object", + "properties": { + "anchorDateConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateAnchorDateConfiguration", + "description": "The date configuration of the filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "excludePeriodConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateExcludePeriodConfiguration", + "description": "The configuration for the exclude period of the filter." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "minimumGranularity": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeGranularity", + "description": "The minimum granularity (period granularity) of the relative dates filter." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value." + }, + "relativeDateType": { + "$ref": "#/types/aws-native:quicksight:TemplateRelativeDateType", + "description": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`" + }, + "relativeDateValue": { + "type": "number", + "description": "The date value of the filter." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:TemplateRelativeFontSize": { + "type": "string" + }, + "aws-native:quicksight:TemplateResizeOption": { + "type": "string" + }, + "aws-native:quicksight:TemplateResourcePermission": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe IAM action to grant or revoke permissions on.\u003c/p\u003e" + }, + "principal": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the principal. This can be one of the\n following:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight\n ARN. Use this option only to share resources (templates) across Amazon Web Services accounts.\n (This is less common.) \u003c/p\u003e\n \u003c/li\u003e\n \u003c/ul\u003e" + } + } + }, + "aws-native:quicksight:TemplateResourceStatus": { + "type": "string" + }, + "aws-native:quicksight:TemplateRollingDateConfiguration": { + "type": "object", + "properties": { + "dataSetIdentifier": { + "type": "string", + "description": "The data set that is used in the rolling date configuration." + }, + "expression": { + "type": "string", + "description": "The expression of the rolling date configuration." + } + } + }, + "aws-native:quicksight:TemplateRowAlternateColorOptions": { + "type": "object", + "properties": { + "rowAlternateColors": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Determines the list of row alternate colors." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:TemplateWidgetStatus", + "description": "Determines the widget status." + }, + "usePrimaryBackgroundColor": { + "$ref": "#/types/aws-native:quicksight:TemplateWidgetStatus", + "description": "The primary background color options for alternate rows." + } + } + }, + "aws-native:quicksight:TemplateSameSheetTargetVisualConfiguration": { + "type": "object", + "properties": { + "targetVisualOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTargetVisualOptions", + "description": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet." + }, + "targetVisuals": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the target visual IDs that are located in the same sheet of the analysis." + } + } + }, + "aws-native:quicksight:TemplateSankeyDiagramAggregatedFieldWells": { + "type": "object", + "properties": { + "destination": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The destination field wells of a sankey diagram." + }, + "source": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The source field wells of a sankey diagram." + }, + "weight": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The weight field wells of a sankey diagram." + } + } + }, + "aws-native:quicksight:TemplateSankeyDiagramChartConfiguration": { + "type": "object", + "properties": { + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The data label configuration of a sankey diagram." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateSankeyDiagramFieldWells", + "description": "The field well configuration of a sankey diagram." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateSankeyDiagramSortConfiguration", + "description": "The sort configuration of a sankey diagram." + } + } + }, + "aws-native:quicksight:TemplateSankeyDiagramFieldWells": { + "type": "object", + "properties": { + "sankeyDiagramAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateSankeyDiagramAggregatedFieldWells", + "description": "The field well configuration of a sankey diagram." + } + } + }, + "aws-native:quicksight:TemplateSankeyDiagramSortConfiguration": { + "type": "object", + "properties": { + "destinationItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of destination nodes that are displayed in a sankey diagram." + }, + "sourceItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of source nodes that are displayed in a sankey diagram." + }, + "weightSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the weight fields." + } + } + }, + "aws-native:quicksight:TemplateSankeyDiagramVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateSankeyDiagramChartConfiguration", + "description": "The configuration of a sankey diagram." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateScatterPlotCategoricallyAggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The category field well of a scatter plot." + }, + "label": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The label field well of a scatter plot." + }, + "size": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The size field well of a scatter plot." + }, + "xAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category." + }, + "yAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category." + } + } + }, + "aws-native:quicksight:TemplateScatterPlotConfiguration": { + "type": "object", + "properties": { + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateScatterPlotFieldWells", + "description": "The field wells of the visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions", + "description": "The legend display setup of the visual." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The legend display setup of the visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette", + "description": "The palette (chart color) display setup of the visual." + }, + "xAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis." + }, + "xAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis." + }, + "yAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis." + }, + "yAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis." + } + } + }, + "aws-native:quicksight:TemplateScatterPlotFieldWells": { + "type": "object", + "properties": { + "scatterPlotCategoricallyAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateScatterPlotCategoricallyAggregatedFieldWells", + "description": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both." + }, + "scatterPlotUnaggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateScatterPlotUnaggregatedFieldWells", + "description": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated." + } + } + }, + "aws-native:quicksight:TemplateScatterPlotUnaggregatedFieldWells": { + "type": "object", + "properties": { + "category": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The category field well of a scatter plot." + }, + "label": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The label field well of a scatter plot." + }, + "size": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The size field well of a scatter plot." + }, + "xAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated." + }, + "yAxis": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated." + } + } + }, + "aws-native:quicksight:TemplateScatterPlotVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateScatterPlotConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateScrollBarOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the data zoom scroll bar." + }, + "visibleRange": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibleRangeOptions", + "description": "The visibility range for the data zoom scroll bar." + } + } + }, + "aws-native:quicksight:TemplateSecondaryValueOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines the visibility of the secondary value." + } + } + }, + "aws-native:quicksight:TemplateSectionAfterPageBreak": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:quicksight:TemplateSectionPageBreakStatus", + "description": "The option that enables or disables a page break at the end of a section." + } + } + }, + "aws-native:quicksight:TemplateSectionBasedLayoutCanvasSizeOptions": { + "type": "object", + "properties": { + "paperCanvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSectionBasedLayoutPaperCanvasSizeOptions", + "description": "The options for a paper canvas of a section-based layout." + } + } + }, + "aws-native:quicksight:TemplateSectionBasedLayoutConfiguration": { + "type": "object", + "properties": { + "bodySections": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateBodySectionConfiguration" + }, + "description": "A list of body section configurations." + }, + "canvasSizeOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSectionBasedLayoutCanvasSizeOptions", + "description": "The options for the canvas of a section-based layout." + }, + "footerSections": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateHeaderFooterSectionConfiguration" + }, + "description": "A list of footer section configurations." + }, + "headerSections": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateHeaderFooterSectionConfiguration" + }, + "description": "A list of header section configurations." + } + } + }, + "aws-native:quicksight:TemplateSectionBasedLayoutPaperCanvasSizeOptions": { + "type": "object", + "properties": { + "paperMargin": { + "$ref": "#/types/aws-native:quicksight:TemplateSpacing", + "description": "Defines the spacing between the canvas content and the top, bottom, left, and right edges." + }, + "paperOrientation": { + "$ref": "#/types/aws-native:quicksight:TemplatePaperOrientation", + "description": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE" + }, + "paperSize": { + "$ref": "#/types/aws-native:quicksight:TemplatePaperSize", + "description": "The paper size that is used to define canvas dimensions." + } + } + }, + "aws-native:quicksight:TemplateSectionLayoutConfiguration": { + "type": "object", + "properties": { + "freeFormLayout": { + "$ref": "#/types/aws-native:quicksight:TemplateFreeFormSectionLayoutConfiguration", + "description": "The free-form layout configuration of a section." + } + } + }, + "aws-native:quicksight:TemplateSectionPageBreakConfiguration": { + "type": "object", + "properties": { + "after": { + "$ref": "#/types/aws-native:quicksight:TemplateSectionAfterPageBreak", + "description": "The configuration of a page break after a section." + } + } + }, + "aws-native:quicksight:TemplateSectionPageBreakStatus": { + "type": "string" + }, + "aws-native:quicksight:TemplateSectionStyle": { + "type": "object", + "properties": { + "height": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + }, + "padding": { + "$ref": "#/types/aws-native:quicksight:TemplateSpacing", + "description": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default." + } + } + }, + "aws-native:quicksight:TemplateSelectAllValueOptions": { + "type": "string" + }, + "aws-native:quicksight:TemplateSelectedFieldOptions": { + "type": "string" + }, + "aws-native:quicksight:TemplateSelectedSheetsFilterScopeConfiguration": { + "type": "object", + "properties": { + "sheetVisualScopingConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetVisualScopingConfiguration" + }, + "description": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to." + } + } + }, + "aws-native:quicksight:TemplateSelectedTooltipType": { + "type": "string" + }, + "aws-native:quicksight:TemplateSeriesItem": { + "type": "object", + "properties": { + "dataFieldSeriesItem": { + "$ref": "#/types/aws-native:quicksight:TemplateDataFieldSeriesItem", + "description": "The data field series item configuration of a line chart." + }, + "fieldSeriesItem": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSeriesItem", + "description": "The field series item configuration of a line chart." + } + } + }, + "aws-native:quicksight:TemplateSetParameterValueConfiguration": { + "type": "object", + "properties": { + "destinationParameterName": { + "type": "string", + "description": "The destination parameter name of the `SetParameterValueConfiguration` ." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:TemplateDestinationParameterValueConfiguration" + } + } + }, + "aws-native:quicksight:TemplateShapeConditionalFormat": { + "type": "object", + "properties": { + "backgroundColor": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingColor", + "description": "The conditional formatting for the shape background color of a filled map visual." + } + } + }, + "aws-native:quicksight:TemplateSheet": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "\u003cp\u003eThe name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight\n console.\u003c/p\u003e" + }, + "sheetId": { + "type": "string", + "description": "\u003cp\u003eThe unique identifier associated with a sheet.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateSheetContentType": { + "type": "string" + }, + "aws-native:quicksight:TemplateSheetControlDateTimePickerType": { + "type": "string" + }, + "aws-native:quicksight:TemplateSheetControlInfoIconLabelOptions": { + "type": "object", + "properties": { + "infoIconText": { + "type": "string", + "description": "The text content of info icon." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility configuration of info icon label options." + } + } + }, + "aws-native:quicksight:TemplateSheetControlLayout": { + "type": "object", + "properties": { + "configuration": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlLayoutConfiguration", + "description": "The configuration that determines the elements and canvas size options of sheet control." + } + } + }, + "aws-native:quicksight:TemplateSheetControlLayoutConfiguration": { + "type": "object", + "properties": { + "gridLayout": { + "$ref": "#/types/aws-native:quicksight:TemplateGridLayoutConfiguration", + "description": "The configuration that determines the elements and canvas size options of sheet control." + } + } + }, + "aws-native:quicksight:TemplateSheetControlListType": { + "type": "string" + }, + "aws-native:quicksight:TemplateSheetControlSliderType": { + "type": "string" + }, + "aws-native:quicksight:TemplateSheetDefinition": { + "type": "object", + "properties": { + "contentType": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetContentType", + "description": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard." + }, + "description": { + "type": "string", + "description": "A description of the sheet." + }, + "filterControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterControl" + }, + "description": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* ." + }, + "layouts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateLayout" + }, + "description": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* ." + }, + "name": { + "type": "string", + "description": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console." + }, + "parameterControls": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterControl" + }, + "description": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* ." + }, + "sheetControlLayouts": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlLayout" + }, + "description": "The control layouts of the sheet." + }, + "sheetId": { + "type": "string", + "description": "The unique identifier of a sheet." + }, + "textBoxes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetTextBox" + }, + "description": "The text boxes that are on a sheet." + }, + "title": { + "type": "string", + "description": "The title of the sheet." + }, + "visuals": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisual" + }, + "description": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet." + } + } + }, + "aws-native:quicksight:TemplateSheetElementConfigurationOverrides": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`" + } + } + }, + "aws-native:quicksight:TemplateSheetElementRenderingRule": { + "type": "object", + "properties": { + "configurationOverrides": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetElementConfigurationOverrides", + "description": "The override configuration of the rendering rules of a sheet." + }, + "expression": { + "type": "string", + "description": "The expression of the rendering rules of a sheet." + } + } + }, + "aws-native:quicksight:TemplateSheetTextBox": { + "type": "object", + "properties": { + "content": { + "type": "string", + "description": "The content that is displayed in the text box." + }, + "sheetTextBoxId": { + "type": "string", + "description": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers." + } + } + }, + "aws-native:quicksight:TemplateSheetVisualScopingConfiguration": { + "type": "object", + "properties": { + "scope": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterVisualScope", + "description": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`" + }, + "sheetId": { + "type": "string", + "description": "The selected sheet that the filter is applied to." + }, + "visualIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The selected visuals that the filter is applied to." + } + } + }, + "aws-native:quicksight:TemplateShortFormatText": { + "type": "object", + "properties": { + "plainText": { + "type": "string", + "description": "Plain text format." + }, + "richText": { + "type": "string", + "description": "Rich text. Examples of rich text include bold, underline, and italics." + } + } + }, + "aws-native:quicksight:TemplateSimpleAttributeAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:TemplateSimpleClusterMarker": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color of the simple cluster marker." + } + } + }, + "aws-native:quicksight:TemplateSimpleNumericalAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:TemplateSimpleTotalAggregationFunction": { + "type": "string" + }, + "aws-native:quicksight:TemplateSliderControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:TemplateSmallMultiplesAxisPlacement": { + "type": "string" + }, + "aws-native:quicksight:TemplateSmallMultiplesAxisProperties": { + "type": "object", + "properties": { + "placement": { + "$ref": "#/types/aws-native:quicksight:TemplateSmallMultiplesAxisPlacement", + "description": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels." + }, + "scale": { + "$ref": "#/types/aws-native:quicksight:TemplateSmallMultiplesAxisScale", + "description": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` ." + } + } + }, + "aws-native:quicksight:TemplateSmallMultiplesAxisScale": { + "type": "string" + }, + "aws-native:quicksight:TemplateSmallMultiplesOptions": { + "type": "object", + "properties": { + "maxVisibleColumns": { + "type": "number", + "description": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart." + }, + "maxVisibleRows": { + "type": "number", + "description": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart." + }, + "panelConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplatePanelConfiguration", + "description": "Configures the display options for each small multiples panel." + }, + "xAxis": { + "$ref": "#/types/aws-native:quicksight:TemplateSmallMultiplesAxisProperties", + "description": "The properties of a small multiples X axis." + }, + "yAxis": { + "$ref": "#/types/aws-native:quicksight:TemplateSmallMultiplesAxisProperties", + "description": "The properties of a small multiples Y axis." + } + } + }, + "aws-native:quicksight:TemplateSortDirection": { + "type": "string" + }, + "aws-native:quicksight:TemplateSourceAnalysis": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the resource.\u003c/p\u003e" + }, + "dataSetReferences": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDataSetReference" + }, + "description": "\u003cp\u003eA structure containing information about the dataset references used as placeholders\n in the template.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateSourceEntity": { + "type": "object", + "properties": { + "sourceAnalysis": { + "$ref": "#/types/aws-native:quicksight:TemplateSourceAnalysis", + "description": "The source analysis, if it is based on an analysis." + }, + "sourceTemplate": { + "$ref": "#/types/aws-native:quicksight:TemplateSourceTemplate", + "description": "The source template, if it is based on an template." + } + } + }, + "aws-native:quicksight:TemplateSourceTemplate": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the resource.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateSpacing": { + "type": "object", + "properties": { + "bottom": { + "type": "string", + "description": "String based length that is composed of value and unit" + }, + "left": { + "type": "string", + "description": "String based length that is composed of value and unit" + }, + "right": { + "type": "string", + "description": "String based length that is composed of value and unit" + }, + "top": { + "type": "string", + "description": "String based length that is composed of value and unit" + } + } + }, + "aws-native:quicksight:TemplateSpecialValue": { + "type": "string" + }, + "aws-native:quicksight:TemplateStringDefaultValues": { + "type": "object", + "properties": { + "dynamicValue": { + "$ref": "#/types/aws-native:quicksight:TemplateDynamicDefaultValue", + "description": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping." + }, + "staticValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The static values of the `DecimalDefaultValues` ." + } + } + }, + "aws-native:quicksight:TemplateStringFormatConfiguration": { + "type": "object", + "properties": { + "nullValueFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNullValueFormatConfiguration", + "description": "The options that determine the null value format configuration." + }, + "numericFormatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericFormatConfiguration", + "description": "The formatting configuration for numeric strings." + } + } + }, + "aws-native:quicksight:TemplateStringParameterDeclaration": { + "type": "object", + "properties": { + "defaultValues": { + "$ref": "#/types/aws-native:quicksight:TemplateStringDefaultValues", + "description": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided." + }, + "mappedDataSetParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMappedDataSetParameter" + } + }, + "name": { + "type": "string", + "description": "The name of the parameter that is being declared." + }, + "parameterValueType": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterValueType", + "description": "The value type determines whether the parameter is a single-value or multi-value parameter." + }, + "valueWhenUnset": { + "$ref": "#/types/aws-native:quicksight:TemplateStringValueWhenUnsetConfiguration", + "description": "The configuration that defines the default value of a `String` parameter when a value has not been set." + } + } + }, + "aws-native:quicksight:TemplateStringValueWhenUnsetConfiguration": { + "type": "object", + "properties": { + "customValue": { + "type": "string", + "description": "A custom value that's used when the value of a parameter isn't set." + }, + "valueWhenUnsetOption": { + "$ref": "#/types/aws-native:quicksight:TemplateValueWhenUnsetOption", + "description": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value." + } + } + }, + "aws-native:quicksight:TemplateStyledCellType": { + "type": "string" + }, + "aws-native:quicksight:TemplateSubtotalOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the subtotal cells." + }, + "fieldLevel": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableSubtotalLevel", + "description": "The field level (all, custom, last) for the subtotal cells." + }, + "fieldLevelOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableFieldSubtotalOptions" + }, + "description": "The optional configuration of subtotal cells." + }, + "metricHeaderCellStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The cell styling options for the subtotals of header cells." + }, + "styleTargets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateTableStyleTarget" + }, + "description": "The style targets options for subtotals." + }, + "totalCellStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The cell styling options for the subtotal cells." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility configuration for the subtotal cells." + }, + "valueCellStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The cell styling options for the subtotals of value cells." + } + } + }, + "aws-native:quicksight:TemplateTableAggregatedFieldWells": { + "type": "object", + "properties": { + "groupBy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The group by field well for a pivot table. Values are grouped by group by fields." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The values field well for a pivot table. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:TemplateTableBorderOptions": { + "type": "object", + "properties": { + "color": { + "type": "string", + "description": "The color of a table border." + }, + "style": { + "$ref": "#/types/aws-native:quicksight:TemplateTableBorderStyle", + "description": "The style (none, solid) of a table border." + }, + "thickness": { + "type": "number", + "description": "The thickness of a table border." + } + } + }, + "aws-native:quicksight:TemplateTableBorderStyle": { + "type": "string" + }, + "aws-native:quicksight:TemplateTableCellConditionalFormatting": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field ID of the cell for conditional formatting." + }, + "textFormat": { + "$ref": "#/types/aws-native:quicksight:TemplateTextConditionalFormat", + "description": "The text format of the cell for conditional formatting." + } + } + }, + "aws-native:quicksight:TemplateTableCellImageScalingConfiguration": { + "type": "string" + }, + "aws-native:quicksight:TemplateTableCellImageSizingConfiguration": { + "type": "object", + "properties": { + "tableCellImageScalingConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellImageScalingConfiguration", + "description": "The cell scaling configuration of the sizing options for the table image configuration." + } + } + }, + "aws-native:quicksight:TemplateTableCellStyle": { + "type": "object", + "properties": { + "backgroundColor": { + "type": "string", + "description": "The background color for the table cells." + }, + "border": { + "$ref": "#/types/aws-native:quicksight:TemplateGlobalTableBorderOptions", + "description": "The borders for the table cells." + }, + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontConfiguration", + "description": "The font configuration of the table cells." + }, + "height": { + "type": "number", + "description": "The height color for the table cells." + }, + "horizontalTextAlignment": { + "$ref": "#/types/aws-native:quicksight:TemplateHorizontalTextAlignment", + "description": "The horizontal text alignment (left, center, right, auto) for the table cells." + }, + "textWrap": { + "$ref": "#/types/aws-native:quicksight:TemplateTextWrap", + "description": "The text wrap (none, wrap) for the table cells." + }, + "verticalTextAlignment": { + "$ref": "#/types/aws-native:quicksight:TemplateVerticalTextAlignment", + "description": "The vertical text alignment (top, middle, bottom) for the table cells." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the table cells." + } + } + }, + "aws-native:quicksight:TemplateTableConditionalFormatting": { + "type": "object", + "properties": { + "conditionalFormattingOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateTableConditionalFormattingOption" + }, + "description": "Conditional formatting options for a `PivotTableVisual` ." + } + } + }, + "aws-native:quicksight:TemplateTableConditionalFormattingOption": { + "type": "object", + "properties": { + "cell": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellConditionalFormatting", + "description": "The cell conditional formatting option for a table." + }, + "row": { + "$ref": "#/types/aws-native:quicksight:TemplateTableRowConditionalFormatting", + "description": "The row conditional formatting option for a table." + } + } + }, + "aws-native:quicksight:TemplateTableConfiguration": { + "type": "object", + "properties": { + "fieldOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTableFieldOptions", + "description": "The field options for a table visual." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateTableFieldWells", + "description": "The field wells of the visual." + }, + "paginatedReportOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTablePaginatedReportOptions", + "description": "The paginated report options for a table visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateTableSortConfiguration", + "description": "The sort configuration for a `TableVisual` ." + }, + "tableInlineVisualizations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateTableInlineVisualization" + }, + "description": "A collection of inline visualizations to display within a chart." + }, + "tableOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTableOptions", + "description": "The table options for a table visual." + }, + "totalOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTotalOptions", + "description": "The total options for a table visual." + } + } + }, + "aws-native:quicksight:TemplateTableFieldCustomIconContent": { + "type": "object", + "properties": { + "icon": { + "$ref": "#/types/aws-native:quicksight:TemplateTableFieldIconSetType", + "description": "The icon set type (link) of the custom icon content for table URL link content." + } + } + }, + "aws-native:quicksight:TemplateTableFieldCustomTextContent": { + "type": "object", + "properties": { + "fontConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFontConfiguration", + "description": "The font configuration of the custom text content for the table URL link content." + }, + "value": { + "type": "string", + "description": "The string value of the custom text content for the table URL link content." + } + } + }, + "aws-native:quicksight:TemplateTableFieldIconSetType": { + "type": "string" + }, + "aws-native:quicksight:TemplateTableFieldImageConfiguration": { + "type": "object", + "properties": { + "sizingOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellImageSizingConfiguration", + "description": "The sizing options for the table image configuration." + } + } + }, + "aws-native:quicksight:TemplateTableFieldLinkConfiguration": { + "type": "object", + "properties": { + "content": { + "$ref": "#/types/aws-native:quicksight:TemplateTableFieldLinkContentConfiguration", + "description": "The URL content (text, icon) for the table link configuration." + }, + "target": { + "$ref": "#/types/aws-native:quicksight:TemplateUrlTargetConfiguration", + "description": "The URL target (new tab, new window, same tab) for the table link configuration." + } + } + }, + "aws-native:quicksight:TemplateTableFieldLinkContentConfiguration": { + "type": "object", + "properties": { + "customIconContent": { + "$ref": "#/types/aws-native:quicksight:TemplateTableFieldCustomIconContent", + "description": "The custom icon content for the table link content configuration." + }, + "customTextContent": { + "$ref": "#/types/aws-native:quicksight:TemplateTableFieldCustomTextContent", + "description": "The custom text content (value, font configuration) for the table link content configuration." + } + } + }, + "aws-native:quicksight:TemplateTableFieldOption": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label for a table field." + }, + "fieldId": { + "type": "string", + "description": "The field ID for a table field." + }, + "urlStyling": { + "$ref": "#/types/aws-native:quicksight:TemplateTableFieldUrlConfiguration", + "description": "The URL configuration for a table field." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of a table field." + }, + "width": { + "type": "string", + "description": "String based length that is composed of value and unit in px" + } + }, + "irreversibleNames": { + "urlStyling": "URLStyling" + } + }, + "aws-native:quicksight:TemplateTableFieldOptions": { + "type": "object", + "properties": { + "order": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The order of the field IDs that are configured as field options for a table visual." + }, + "pinnedFieldOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTablePinnedFieldOptions", + "description": "The settings for the pinned columns of a table visual." + }, + "selectedFieldOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateTableFieldOption" + }, + "description": "The field options to be configured to a table." + } + } + }, + "aws-native:quicksight:TemplateTableFieldUrlConfiguration": { + "type": "object", + "properties": { + "imageConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateTableFieldImageConfiguration", + "description": "The image configuration of a table field URL." + }, + "linkConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateTableFieldLinkConfiguration", + "description": "The link configuration of a table field URL." + } + } + }, + "aws-native:quicksight:TemplateTableFieldWells": { + "type": "object", + "properties": { + "tableAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateTableAggregatedFieldWells", + "description": "The aggregated field well for the table." + }, + "tableUnaggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateTableUnaggregatedFieldWells", + "description": "The unaggregated field well for the table." + } + } + }, + "aws-native:quicksight:TemplateTableInlineVisualization": { + "type": "object", + "properties": { + "dataBars": { + "$ref": "#/types/aws-native:quicksight:TemplateDataBarsOptions", + "description": "The configuration of the inline visualization of the data bars within a chart." + } + } + }, + "aws-native:quicksight:TemplateTableOptions": { + "type": "object", + "properties": { + "cellStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The table cell style of table cells." + }, + "headerStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "The table cell style of a table header." + }, + "orientation": { + "$ref": "#/types/aws-native:quicksight:TemplateTableOrientation", + "description": "The orientation (vertical, horizontal) for a table." + }, + "rowAlternateColorOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateRowAlternateColorOptions", + "description": "The row alternate color options (widget status, row alternate colors) for a table." + } + } + }, + "aws-native:quicksight:TemplateTableOrientation": { + "type": "string" + }, + "aws-native:quicksight:TemplateTablePaginatedReportOptions": { + "type": "object", + "properties": { + "overflowColumnHeaderVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of repeating header rows on each page." + }, + "verticalOverflowVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of printing table overflow across pages." + } + } + }, + "aws-native:quicksight:TemplateTablePinnedFieldOptions": { + "type": "object", + "properties": { + "pinnedLeftFields": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of columns to be pinned to the left of a table visual." + } + } + }, + "aws-native:quicksight:TemplateTableRowConditionalFormatting": { + "type": "object", + "properties": { + "backgroundColor": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingColor", + "description": "The conditional formatting color (solid, gradient) of the background for a table row." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingColor", + "description": "The conditional formatting color (solid, gradient) of the text for a table row." + } + } + }, + "aws-native:quicksight:TemplateTableSideBorderOptions": { + "type": "object", + "properties": { + "bottom": { + "$ref": "#/types/aws-native:quicksight:TemplateTableBorderOptions", + "description": "The table border options of the bottom border." + }, + "innerHorizontal": { + "$ref": "#/types/aws-native:quicksight:TemplateTableBorderOptions", + "description": "The table border options of the inner horizontal border." + }, + "innerVertical": { + "$ref": "#/types/aws-native:quicksight:TemplateTableBorderOptions", + "description": "The table border options of the inner vertical border." + }, + "left": { + "$ref": "#/types/aws-native:quicksight:TemplateTableBorderOptions", + "description": "The table border options of the left border." + }, + "right": { + "$ref": "#/types/aws-native:quicksight:TemplateTableBorderOptions", + "description": "The table border options of the right border." + }, + "top": { + "$ref": "#/types/aws-native:quicksight:TemplateTableBorderOptions", + "description": "The table border options of the top border." + } + } + }, + "aws-native:quicksight:TemplateTableSortConfiguration": { + "type": "object", + "properties": { + "paginationConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplatePaginationConfiguration", + "description": "The pagination configuration (page size, page number) for the table." + }, + "rowSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The field sort options for rows in the table." + } + } + }, + "aws-native:quicksight:TemplateTableStyleTarget": { + "type": "object", + "properties": { + "cellType": { + "$ref": "#/types/aws-native:quicksight:TemplateStyledCellType", + "description": "The cell type of the table style target." + } + } + }, + "aws-native:quicksight:TemplateTableTotalsPlacement": { + "type": "string" + }, + "aws-native:quicksight:TemplateTableTotalsScrollStatus": { + "type": "string" + }, + "aws-native:quicksight:TemplateTableUnaggregatedFieldWells": { + "type": "object", + "properties": { + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateUnaggregatedField" + }, + "description": "The values field well for a pivot table. Values are unaggregated for an unaggregated table." + } + } + }, + "aws-native:quicksight:TemplateTableVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateTableConfiguration", + "description": "The configuration settings of the visual." + }, + "conditionalFormatting": { + "$ref": "#/types/aws-native:quicksight:TemplateTableConditionalFormatting", + "description": "The conditional formatting for a `PivotTableVisual` ." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:TemplateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eTag key.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eTag value.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateTargetVisualOptions": { + "type": "string" + }, + "aws-native:quicksight:TemplateTextAreaControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "placeholderOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTextControlPlaceholderOptions", + "description": "The configuration of the placeholder options in a text area control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:TemplateTextConditionalFormat": { + "type": "object", + "properties": { + "backgroundColor": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingColor", + "description": "The conditional formatting for the text background color." + }, + "icon": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingIcon", + "description": "The conditional formatting for the icon." + }, + "textColor": { + "$ref": "#/types/aws-native:quicksight:TemplateConditionalFormattingColor", + "description": "The conditional formatting for the text color." + } + } + }, + "aws-native:quicksight:TemplateTextControlPlaceholderOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility configuration of the placeholder options in a text control." + } + } + }, + "aws-native:quicksight:TemplateTextFieldControlDisplayOptions": { + "type": "object", + "properties": { + "infoIconLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetControlInfoIconLabelOptions", + "description": "The configuration of info icon label options." + }, + "placeholderOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateTextControlPlaceholderOptions", + "description": "The configuration of the placeholder options in a text field control." + }, + "titleOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateLabelOptions", + "description": "The options to configure the title visibility, name, and font size." + } + } + }, + "aws-native:quicksight:TemplateTextWrap": { + "type": "string" + }, + "aws-native:quicksight:TemplateThousandSeparatorOptions": { + "type": "object", + "properties": { + "symbol": { + "$ref": "#/types/aws-native:quicksight:TemplateNumericSeparatorSymbol", + "description": "Determines the thousands separator symbol." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines the visibility of the thousands separator." + } + } + }, + "aws-native:quicksight:TemplateTimeBasedForecastProperties": { + "type": "object", + "properties": { + "lowerBoundary": { + "type": "number", + "description": "The lower boundary setup of a forecast computation." + }, + "periodsBackward": { + "type": "number", + "description": "The periods backward setup of a forecast computation." + }, + "periodsForward": { + "type": "number", + "description": "The periods forward setup of a forecast computation." + }, + "predictionInterval": { + "type": "number", + "description": "The prediction interval setup of a forecast computation." + }, + "seasonality": { + "type": "number", + "description": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value." + }, + "upperBoundary": { + "type": "number", + "description": "The upper boundary setup of a forecast computation." + } + } + }, + "aws-native:quicksight:TemplateTimeEqualityFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` ." + }, + "rollingDate": { + "$ref": "#/types/aws-native:quicksight:TemplateRollingDateConfiguration", + "description": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` ." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + }, + "value": { + "type": "string", + "description": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` ." + } + } + }, + "aws-native:quicksight:TemplateTimeGranularity": { + "type": "string" + }, + "aws-native:quicksight:TemplateTimeRangeDrillDownFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "rangeMaximum": { + "type": "string", + "description": "The maximum value for the filter value range." + }, + "rangeMinimum": { + "type": "string", + "description": "The minimum value for the filter value range." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:TemplateTimeRangeFilter": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "excludePeriodConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateExcludePeriodConfiguration", + "description": "The exclude period of the time range filter." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "includeMaximum": { + "type": "boolean", + "description": "Determines whether the maximum value in the filter value range should be included in the filtered results." + }, + "includeMinimum": { + "type": "boolean", + "description": "Determines whether the minimum value in the filter value range should be included in the filtered results." + }, + "nullOption": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterNullOption", + "description": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results." + }, + "rangeMaximumValue": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeRangeFilterValue", + "description": "The maximum value for the filter value range." + }, + "rangeMinimumValue": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeRangeFilterValue", + "description": "The minimum value for the filter value range." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:TemplateTimeRangeFilterValue": { + "type": "object", + "properties": { + "parameter": { + "type": "string", + "description": "The parameter type input value." + }, + "rollingDate": { + "$ref": "#/types/aws-native:quicksight:TemplateRollingDateConfiguration", + "description": "The rolling date input value." + }, + "staticValue": { + "type": "string", + "description": "The static input value." + } + } + }, + "aws-native:quicksight:TemplateTooltipItem": { + "type": "object", + "properties": { + "columnTooltipItem": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnTooltipItem", + "description": "The tooltip item for the columns that are not part of a field well." + }, + "fieldTooltipItem": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldTooltipItem", + "description": "The tooltip item for the fields." + } + } + }, + "aws-native:quicksight:TemplateTooltipOptions": { + "type": "object", + "properties": { + "fieldBasedTooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldBasedTooltip", + "description": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type." + }, + "selectedTooltipType": { + "$ref": "#/types/aws-native:quicksight:TemplateSelectedTooltipType", + "description": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip." + }, + "tooltipVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "Determines whether or not the tooltip is visible." + } + } + }, + "aws-native:quicksight:TemplateTooltipTitleType": { + "type": "string" + }, + "aws-native:quicksight:TemplateTopBottomComputationType": { + "type": "string" + }, + "aws-native:quicksight:TemplateTopBottomFilter": { + "type": "object", + "properties": { + "aggregationSortConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateAggregationSortConfiguration" + }, + "description": "The aggregation and sort configuration of the top bottom filter." + }, + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that the filter is applied to." + }, + "defaultFilterControlConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateDefaultFilterControlConfiguration", + "description": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets." + }, + "filterId": { + "type": "string", + "description": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template." + }, + "limit": { + "type": "number", + "description": "The number of items to include in the top bottom filter results." + }, + "parameterName": { + "type": "string", + "description": "The parameter whose value should be used for the filter value." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:TemplateTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:TemplateTopBottomMoversComputation": { + "type": "object", + "properties": { + "category": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField", + "description": "The category field that is used in a computation." + }, + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "moverSize": { + "type": "number", + "description": "The mover size setup of the top and bottom movers computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "sortOrder": { + "$ref": "#/types/aws-native:quicksight:TemplateTopBottomSortOrder", + "description": "The sort order setup of the top and bottom movers computation." + }, + "time": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField", + "description": "The time field that is used in a computation." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateTopBottomComputationType", + "description": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:TemplateTopBottomRankedComputation": { + "type": "object", + "properties": { + "category": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField", + "description": "The category field that is used in a computation." + }, + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "resultSize": { + "type": "number", + "description": "The result size of a top and bottom ranked computation." + }, + "type": { + "$ref": "#/types/aws-native:quicksight:TemplateTopBottomComputationType", + "description": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:TemplateTopBottomSortOrder": { + "type": "string" + }, + "aws-native:quicksight:TemplateTotalAggregationComputation": { + "type": "object", + "properties": { + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + }, + "value": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField", + "description": "The value field that is used in a computation." + } + } + }, + "aws-native:quicksight:TemplateTotalAggregationFunction": { + "type": "object", + "properties": { + "simpleTotalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateSimpleTotalAggregationFunction", + "description": "A built in aggregation function for total values." + } + } + }, + "aws-native:quicksight:TemplateTotalAggregationOption": { + "type": "object", + "properties": { + "fieldId": { + "type": "string", + "description": "The field id that's associated with the total aggregation option." + }, + "totalAggregationFunction": { + "$ref": "#/types/aws-native:quicksight:TemplateTotalAggregationFunction", + "description": "The total aggregation function that you want to set for a specified field id." + } + } + }, + "aws-native:quicksight:TemplateTotalOptions": { + "type": "object", + "properties": { + "customLabel": { + "type": "string", + "description": "The custom label string for the total cells." + }, + "placement": { + "$ref": "#/types/aws-native:quicksight:TemplateTableTotalsPlacement", + "description": "The placement (start, end) for the total cells." + }, + "scrollStatus": { + "$ref": "#/types/aws-native:quicksight:TemplateTableTotalsScrollStatus", + "description": "The scroll status (pinned, scrolled) for the total cells." + }, + "totalAggregationOptions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateTotalAggregationOption" + }, + "description": "The total aggregation settings for each value field." + }, + "totalCellStyle": { + "$ref": "#/types/aws-native:quicksight:TemplateTableCellStyle", + "description": "Cell styling options for the total cells." + }, + "totalsVisibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility configuration for the total cells." + } + } + }, + "aws-native:quicksight:TemplateTreeMapAggregatedFieldWells": { + "type": "object", + "properties": { + "colors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The color field well of a tree map. Values are grouped by aggregations based on group by fields." + }, + "groups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The group by field well of a tree map. Values are grouped based on group by fields." + }, + "sizes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The size field well of a tree map. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:TemplateTreeMapConfiguration": { + "type": "object", + "properties": { + "colorLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility) for the colors displayed in a tree map." + }, + "colorScale": { + "$ref": "#/types/aws-native:quicksight:TemplateColorScale", + "description": "The color options (gradient color, point of divergence) of a tree map." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The options that determine if visual data labels are displayed." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateTreeMapFieldWells", + "description": "The field wells of the visual." + }, + "groupLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility) of the groups that are displayed in a tree map." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions", + "description": "The legend display setup of the visual." + }, + "sizeLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility) of the sizes that are displayed in a tree map." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateTreeMapSortConfiguration", + "description": "The sort configuration of a tree map." + }, + "tooltip": { + "$ref": "#/types/aws-native:quicksight:TemplateTooltipOptions", + "description": "The tooltip display setup of the visual." + } + } + }, + "aws-native:quicksight:TemplateTreeMapFieldWells": { + "type": "object", + "properties": { + "treeMapAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateTreeMapAggregatedFieldWells", + "description": "The aggregated field wells of a tree map." + } + } + }, + "aws-native:quicksight:TemplateTreeMapSortConfiguration": { + "type": "object", + "properties": { + "treeMapGroupItemsLimitConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of groups that are displayed." + }, + "treeMapSort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of group by fields." + } + } + }, + "aws-native:quicksight:TemplateTreeMapVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateTreeMapConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:TemplateTrendArrowOptions": { + "type": "object", + "properties": { + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the trend arrows." + } + } + }, + "aws-native:quicksight:TemplateUnaggregatedField": { + "type": "object", + "properties": { + "column": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnIdentifier", + "description": "The column that is used in the `UnaggregatedField` ." + }, + "fieldId": { + "type": "string", + "description": "The custom field ID." + }, + "formatConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateFormatConfiguration", + "description": "The format configuration of the field." + } + } + }, + "aws-native:quicksight:TemplateUniqueValuesComputation": { + "type": "object", + "properties": { + "category": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField", + "description": "The category field that is used in a computation." + }, + "computationId": { + "type": "string", + "description": "The ID for a computation." + }, + "name": { + "type": "string", + "description": "The name of a computation." + } + } + }, + "aws-native:quicksight:TemplateUrlTargetConfiguration": { + "type": "string" + }, + "aws-native:quicksight:TemplateValidationStrategy": { + "type": "object", + "properties": { + "mode": { + "$ref": "#/types/aws-native:quicksight:TemplateValidationStrategyMode", + "description": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors." + } + } + }, + "aws-native:quicksight:TemplateValidationStrategyMode": { + "type": "string" + }, + "aws-native:quicksight:TemplateValueWhenUnsetOption": { + "type": "string" + }, + "aws-native:quicksight:TemplateVersion": { + "type": "object", + "properties": { + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe time that this template version was created.\u003c/p\u003e" + }, + "dataSetConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDataSetConfiguration" + }, + "description": "\u003cp\u003eSchema of the dataset identified by the placeholder. Any dashboard created from this\n template should be bound to new datasets matching the same schema described through this\n API operation.\u003c/p\u003e" + }, + "description": { + "type": "string", + "description": "\u003cp\u003eThe description of the template.\u003c/p\u003e" + }, + "errors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateError" + }, + "description": "\u003cp\u003eErrors associated with this template version.\u003c/p\u003e" + }, + "sheets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateSheet" + }, + "description": "\u003cp\u003eA list of the associated sheets with the unique identifier and name of each sheet.\u003c/p\u003e" + }, + "sourceEntityArn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of an analysis or template that was used to create this\n template.\u003c/p\u003e" + }, + "status": { + "$ref": "#/types/aws-native:quicksight:TemplateResourceStatus", + "description": "The status that is associated with the template.\n\n- `CREATION_IN_PROGRESS`\n- `CREATION_SUCCESSFUL`\n- `CREATION_FAILED`\n- `UPDATE_IN_PROGRESS`\n- `UPDATE_SUCCESSFUL`\n- `UPDATE_FAILED`\n- `DELETED`" + }, + "themeArn": { + "type": "string", + "description": "\u003cp\u003eThe ARN of the theme associated with this version of the template.\u003c/p\u003e" + }, + "versionNumber": { + "type": "number", + "description": "\u003cp\u003eThe version number of the template version.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TemplateVersionDefinition": { + "type": "object", + "properties": { + "analysisDefaults": { + "$ref": "#/types/aws-native:quicksight:TemplateAnalysisDefaults" + }, + "calculatedFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateCalculatedField" + }, + "description": "An array of calculated field definitions for the template." + }, + "columnConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnConfiguration" + }, + "description": "An array of template-level column configurations. Column configurations are used to set default formatting for a column that's used throughout a template." + }, + "dataSetConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDataSetConfiguration" + }, + "description": "An array of dataset configurations. These configurations define the required columns for each dataset used within a template." + }, + "filterGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFilterGroup" + }, + "description": "Filter definitions for a template.\n\nFor more information, see [Filtering Data](https://docs.aws.amazon.com/quicksight/latest/user/filtering-visual-data.html) in the *Amazon QuickSight User Guide* ." + }, + "options": { + "$ref": "#/types/aws-native:quicksight:TemplateAssetOptions", + "description": "An array of option definitions for a template." + }, + "parameterDeclarations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateParameterDeclaration" + }, + "description": "An array of parameter declarations for a template.\n\n*Parameters* are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* ." + }, + "sheets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateSheetDefinition" + }, + "description": "An array of sheet definitions for a template." + } + } + }, + "aws-native:quicksight:TemplateVerticalTextAlignment": { + "type": "string" + }, + "aws-native:quicksight:TemplateVisibility": { + "type": "string" + }, + "aws-native:quicksight:TemplateVisibleRangeOptions": { + "type": "object", + "properties": { + "percentRange": { + "$ref": "#/types/aws-native:quicksight:TemplatePercentVisibleRange", + "description": "The percent range in the visible range." + } + } + }, + "aws-native:quicksight:TemplateVisual": { + "type": "object", + "properties": { + "barChartVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateBarChartVisual", + "description": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "boxPlotVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateBoxPlotVisual", + "description": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* ." + }, + "comboChartVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateComboChartVisual", + "description": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "customContentVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomContentVisual", + "description": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* ." + }, + "emptyVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateEmptyVisual", + "description": "An empty visual." + }, + "filledMapVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateFilledMapVisual", + "description": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* ." + }, + "funnelChartVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateFunnelChartVisual", + "description": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* ." + }, + "gaugeChartVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateGaugeChartVisual", + "description": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "geospatialMapVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateGeospatialMapVisual", + "description": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* ." + }, + "heatMapVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateHeatMapVisual", + "description": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* ." + }, + "histogramVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateHistogramVisual", + "description": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "insightVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateInsightVisual", + "description": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* ." + }, + "kpiVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateKpiVisual", + "description": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* ." + }, + "lineChartVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateLineChartVisual", + "description": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* ." + }, + "pieChartVisual": { + "$ref": "#/types/aws-native:quicksight:TemplatePieChartVisual", + "description": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "pivotTableVisual": { + "$ref": "#/types/aws-native:quicksight:TemplatePivotTableVisual", + "description": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* ." + }, + "radarChartVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateRadarChartVisual", + "description": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "sankeyDiagramVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateSankeyDiagramVisual", + "description": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* ." + }, + "scatterPlotVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateScatterPlotVisual", + "description": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* ." + }, + "tableVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateTableVisual", + "description": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* ." + }, + "treeMapVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateTreeMapVisual", + "description": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* ." + }, + "waterfallVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateWaterfallVisual", + "description": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* ." + }, + "wordCloudVisual": { + "$ref": "#/types/aws-native:quicksight:TemplateWordCloudVisual", + "description": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* ." + } + }, + "irreversibleNames": { + "kpiVisual": "KPIVisual" + } + }, + "aws-native:quicksight:TemplateVisualCustomAction": { + "type": "object", + "properties": { + "actionOperations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomActionOperation" + }, + "description": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined." + }, + "customActionId": { + "type": "string", + "description": "The ID of the `VisualCustomAction` ." + }, + "name": { + "type": "string", + "description": "The name of the `VisualCustomAction` ." + }, + "status": { + "$ref": "#/types/aws-native:quicksight:TemplateWidgetStatus", + "description": "The status of the `VisualCustomAction` ." + }, + "trigger": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomActionTrigger", + "description": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu." + } + } + }, + "aws-native:quicksight:TemplateVisualCustomActionOperation": { + "type": "object", + "properties": { + "filterOperation": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomActionFilterOperation", + "description": "The filter operation that filters data included in a visual or in an entire sheet." + }, + "navigationOperation": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomActionNavigationOperation", + "description": "The navigation operation that navigates between different sheets in the same analysis." + }, + "setParametersOperation": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomActionSetParametersOperation", + "description": "The set parameter operation that sets parameters in custom action." + }, + "urlOperation": { + "$ref": "#/types/aws-native:quicksight:TemplateCustomActionUrlOperation", + "description": "The URL operation that opens a link to another webpage." + } + }, + "irreversibleNames": { + "urlOperation": "URLOperation" + } + }, + "aws-native:quicksight:TemplateVisualCustomActionTrigger": { + "type": "string" + }, + "aws-native:quicksight:TemplateVisualPalette": { + "type": "object", + "properties": { + "chartColor": { + "type": "string", + "description": "The chart color options for the visual palette." + }, + "colorMap": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDataPathColor" + }, + "description": "The color map options for the visual palette." + } + } + }, + "aws-native:quicksight:TemplateVisualSubtitleLabelOptions": { + "type": "object", + "properties": { + "formatText": { + "$ref": "#/types/aws-native:quicksight:TemplateLongFormatText", + "description": "The long text format of the subtitle label, such as plain text or rich text." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the subtitle label." + } + } + }, + "aws-native:quicksight:TemplateVisualTitleLabelOptions": { + "type": "object", + "properties": { + "formatText": { + "$ref": "#/types/aws-native:quicksight:TemplateShortFormatText", + "description": "The short text format of the title label, such as plain text or rich text." + }, + "visibility": { + "$ref": "#/types/aws-native:quicksight:TemplateVisibility", + "description": "The visibility of the title label." + } + } + }, + "aws-native:quicksight:TemplateWaterfallChartAggregatedFieldWells": { + "type": "object", + "properties": { + "breakdowns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The breakdown field wells of a waterfall visual." + }, + "categories": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The category field wells of a waterfall visual." + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The value field wells of a waterfall visual." + } + } + }, + "aws-native:quicksight:TemplateWaterfallChartColorConfiguration": { + "type": "object", + "properties": { + "groupColorConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateWaterfallChartGroupColorConfiguration", + "description": "The color configuration for individual groups within a waterfall visual." + } + } + }, + "aws-native:quicksight:TemplateWaterfallChartConfiguration": { + "type": "object", + "properties": { + "categoryAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The options that determine the presentation of the category axis." + }, + "categoryAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The options that determine the presentation of the category axis label." + }, + "colorConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateWaterfallChartColorConfiguration", + "description": "The color configuration of a waterfall visual." + }, + "dataLabels": { + "$ref": "#/types/aws-native:quicksight:TemplateDataLabelOptions", + "description": "The data label configuration of a waterfall visual." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateWaterfallChartFieldWells", + "description": "The field well configuration of a waterfall visual." + }, + "legend": { + "$ref": "#/types/aws-native:quicksight:TemplateLegendOptions", + "description": "The legend configuration of a waterfall visual." + }, + "primaryYAxisDisplayOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateAxisDisplayOptions", + "description": "The options that determine the presentation of the y-axis." + }, + "primaryYAxisLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The options that determine the presentation of the y-axis label." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateWaterfallChartSortConfiguration", + "description": "The sort configuration of a waterfall visual." + }, + "visualPalette": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualPalette", + "description": "The visual palette configuration of a waterfall visual." + }, + "waterfallChartOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateWaterfallChartOptions", + "description": "The options that determine the presentation of a waterfall visual." + } + } + }, + "aws-native:quicksight:TemplateWaterfallChartFieldWells": { + "type": "object", + "properties": { + "waterfallChartAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateWaterfallChartAggregatedFieldWells", + "description": "The field well configuration of a waterfall visual." + } + } + }, + "aws-native:quicksight:TemplateWaterfallChartGroupColorConfiguration": { + "type": "object", + "properties": { + "negativeBarColor": { + "type": "string", + "description": "Defines the color for the negative bars of a waterfall chart." + }, + "positiveBarColor": { + "type": "string", + "description": "Defines the color for the positive bars of a waterfall chart." + }, + "totalBarColor": { + "type": "string", + "description": "Defines the color for the total bars of a waterfall chart." + } + } + }, + "aws-native:quicksight:TemplateWaterfallChartOptions": { + "type": "object", + "properties": { + "totalBarLabel": { + "type": "string", + "description": "This option determines the total bar label of a waterfall visual." + } + } + }, + "aws-native:quicksight:TemplateWaterfallChartSortConfiguration": { + "type": "object", + "properties": { + "breakdownItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of bar groups that are displayed." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of the category fields." + } + } + }, + "aws-native:quicksight:TemplateWaterfallVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateWaterfallChartConfiguration", + "description": "The configuration for a waterfall visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers." + } + } + }, + "aws-native:quicksight:TemplateWhatIfPointScenario": { + "type": "object", + "properties": { + "date": { + "type": "string", + "description": "The date that you need the forecast results for." + }, + "value": { + "type": "number", + "description": "The target value that you want to meet for the provided date." + } + } + }, + "aws-native:quicksight:TemplateWhatIfRangeScenario": { + "type": "object", + "properties": { + "endDate": { + "type": "string", + "description": "The end date in the date range that you need the forecast results for." + }, + "startDate": { + "type": "string", + "description": "The start date in the date range that you need the forecast results for." + }, + "value": { + "type": "number", + "description": "The target value that you want to meet for the provided date range." + } + } + }, + "aws-native:quicksight:TemplateWidgetStatus": { + "type": "string" + }, + "aws-native:quicksight:TemplateWordCloudAggregatedFieldWells": { + "type": "object", + "properties": { + "groupBy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateDimensionField" + }, + "description": "The group by field well of a word cloud. Values are grouped by group by fields." + }, + "size": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateMeasureField" + }, + "description": "The size field well of a word cloud. Values are aggregated based on group by fields." + } + } + }, + "aws-native:quicksight:TemplateWordCloudChartConfiguration": { + "type": "object", + "properties": { + "categoryLabelOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateChartAxisLabelOptions", + "description": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category." + }, + "fieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateWordCloudFieldWells", + "description": "The field wells of the visual." + }, + "sortConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateWordCloudSortConfiguration", + "description": "The sort configuration of a word cloud visual." + }, + "wordCloudOptions": { + "$ref": "#/types/aws-native:quicksight:TemplateWordCloudOptions", + "description": "The options for a word cloud visual." + } + } + }, + "aws-native:quicksight:TemplateWordCloudCloudLayout": { + "type": "string" + }, + "aws-native:quicksight:TemplateWordCloudFieldWells": { + "type": "object", + "properties": { + "wordCloudAggregatedFieldWells": { + "$ref": "#/types/aws-native:quicksight:TemplateWordCloudAggregatedFieldWells", + "description": "The aggregated field wells of a word cloud." + } + } + }, + "aws-native:quicksight:TemplateWordCloudOptions": { + "type": "object", + "properties": { + "cloudLayout": { + "$ref": "#/types/aws-native:quicksight:TemplateWordCloudCloudLayout", + "description": "The cloud layout options (fluid, normal) of a word cloud." + }, + "maximumStringLength": { + "type": "number", + "description": "The length limit of each word from 1-100." + }, + "wordCasing": { + "$ref": "#/types/aws-native:quicksight:TemplateWordCloudWordCasing", + "description": "The word casing options (lower_case, existing_case) for the words in a word cloud." + }, + "wordOrientation": { + "$ref": "#/types/aws-native:quicksight:TemplateWordCloudWordOrientation", + "description": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud." + }, + "wordPadding": { + "$ref": "#/types/aws-native:quicksight:TemplateWordCloudWordPadding", + "description": "The word padding options (none, small, medium, large) for the words in a word cloud." + }, + "wordScaling": { + "$ref": "#/types/aws-native:quicksight:TemplateWordCloudWordScaling", + "description": "The word scaling options (emphasize, normal) for the words in a word cloud." + } + } + }, + "aws-native:quicksight:TemplateWordCloudSortConfiguration": { + "type": "object", + "properties": { + "categoryItemsLimit": { + "$ref": "#/types/aws-native:quicksight:TemplateItemsLimitConfiguration", + "description": "The limit on the number of groups that are displayed in a word cloud." + }, + "categorySort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateFieldSortOptions" + }, + "description": "The sort configuration of group by fields." + } + } + }, + "aws-native:quicksight:TemplateWordCloudVisual": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualCustomAction" + }, + "description": "The list of custom actions that are configured for a visual." + }, + "chartConfiguration": { + "$ref": "#/types/aws-native:quicksight:TemplateWordCloudChartConfiguration", + "description": "The configuration settings of the visual." + }, + "columnHierarchies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TemplateColumnHierarchy" + }, + "description": "The column hierarchy that is used during drill-downs and drill-ups." + }, + "subtitle": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualSubtitleLabelOptions", + "description": "The subtitle that is displayed on the visual." + }, + "title": { + "$ref": "#/types/aws-native:quicksight:TemplateVisualTitleLabelOptions", + "description": "The title that is displayed on the visual." + }, + "visualId": { + "type": "string", + "description": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.." + } + } + }, + "aws-native:quicksight:TemplateWordCloudWordCasing": { + "type": "string" + }, + "aws-native:quicksight:TemplateWordCloudWordOrientation": { + "type": "string" + }, + "aws-native:quicksight:TemplateWordCloudWordPadding": { + "type": "string" + }, + "aws-native:quicksight:TemplateWordCloudWordScaling": { + "type": "string" + }, + "aws-native:quicksight:ThemeBorderStyle": { + "type": "object", + "properties": { + "show": { + "type": "boolean", + "description": "\u003cp\u003eThe option to enable display of borders for visuals.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:ThemeConfiguration": { + "type": "object", + "properties": { + "dataColorPalette": { + "$ref": "#/types/aws-native:quicksight:ThemeDataColorPalette", + "description": "Color properties that apply to chart data colors." + }, + "sheet": { + "$ref": "#/types/aws-native:quicksight:ThemeSheetStyle", + "description": "Display options related to sheets." + }, + "typography": { + "$ref": "#/types/aws-native:quicksight:ThemeTypography" + }, + "uiColorPalette": { + "$ref": "#/types/aws-native:quicksight:ThemeUiColorPalette", + "description": "Color properties that apply to the UI and to charts, excluding the colors that apply to data." + } + }, + "irreversibleNames": { + "uiColorPalette": "UIColorPalette" + } + }, + "aws-native:quicksight:ThemeDataColorPalette": { + "type": "object", + "properties": { + "colors": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe hexadecimal codes for the colors.\u003c/p\u003e" + }, + "emptyFillColor": { + "type": "string", + "description": "\u003cp\u003eThe hexadecimal code of a color that applies to charts where a lack of data is\n highlighted.\u003c/p\u003e" + }, + "minMaxGradient": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe minimum and maximum hexadecimal codes that describe a color gradient. \u003c/p\u003e" + } + } + }, + "aws-native:quicksight:ThemeError": { + "type": "object", + "properties": { + "message": { + "type": "string", + "description": "\u003cp\u003eThe error message.\u003c/p\u003e" + }, + "type": { + "$ref": "#/types/aws-native:quicksight:ThemeErrorType", + "description": "The type of error." + } + } + }, + "aws-native:quicksight:ThemeErrorType": { + "type": "string" + }, + "aws-native:quicksight:ThemeFont": { + "type": "object", + "properties": { + "fontFamily": { + "type": "string", + "description": "Determines the font family settings." + } + } + }, + "aws-native:quicksight:ThemeGutterStyle": { + "type": "object", + "properties": { + "show": { + "type": "boolean", + "description": "\u003cp\u003eThis Boolean value controls whether to display a gutter space between sheet tiles.\n \u003c/p\u003e" + } + } + }, + "aws-native:quicksight:ThemeMarginStyle": { + "type": "object", + "properties": { + "show": { + "type": "boolean", + "description": "\u003cp\u003eThis Boolean value controls whether to display sheet margins.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:ThemeResourcePermission": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "\u003cp\u003eThe IAM action to grant or revoke permissions on.\u003c/p\u003e" + }, + "principal": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the principal. This can be one of the\n following:\u003c/p\u003e\n \u003cul\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\u003c/p\u003e\n \u003c/li\u003e\n \u003cli\u003e\n \u003cp\u003eThe ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight\n ARN. Use this option only to share resources (templates) across Amazon Web Services accounts.\n (This is less common.) \u003c/p\u003e\n \u003c/li\u003e\n \u003c/ul\u003e" + } + } + }, + "aws-native:quicksight:ThemeResourceStatus": { + "type": "string" + }, + "aws-native:quicksight:ThemeSheetStyle": { + "type": "object", + "properties": { + "tile": { + "$ref": "#/types/aws-native:quicksight:ThemeTileStyle", + "description": "The display options for tiles." + }, + "tileLayout": { + "$ref": "#/types/aws-native:quicksight:ThemeTileLayoutStyle", + "description": "The layout options for tiles." + } + } + }, + "aws-native:quicksight:ThemeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eTag key.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eTag value.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:ThemeTileLayoutStyle": { + "type": "object", + "properties": { + "gutter": { + "$ref": "#/types/aws-native:quicksight:ThemeGutterStyle", + "description": "The gutter settings that apply between tiles." + }, + "margin": { + "$ref": "#/types/aws-native:quicksight:ThemeMarginStyle", + "description": "The margin settings that apply around the outside edge of sheets." + } + } + }, + "aws-native:quicksight:ThemeTileStyle": { + "type": "object", + "properties": { + "border": { + "$ref": "#/types/aws-native:quicksight:ThemeBorderStyle", + "description": "The border around a tile." + } + } + }, + "aws-native:quicksight:ThemeType": { + "type": "string" + }, + "aws-native:quicksight:ThemeTypography": { + "type": "object", + "properties": { + "fontFamilies": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:ThemeFont" + }, + "description": "Determines the list of font families." + } + } + }, + "aws-native:quicksight:ThemeUiColorPalette": { + "type": "object", + "properties": { + "accent": { + "type": "string", + "description": "\u003cp\u003eThis color is that applies to selected states and buttons.\u003c/p\u003e" + }, + "accentForeground": { + "type": "string", + "description": "\u003cp\u003eThe foreground color that applies to any text or other elements that appear over the\n accent color.\u003c/p\u003e" + }, + "danger": { + "type": "string", + "description": "\u003cp\u003eThe color that applies to error messages.\u003c/p\u003e" + }, + "dangerForeground": { + "type": "string", + "description": "\u003cp\u003eThe foreground color that applies to any text or other elements that appear over the\n error color.\u003c/p\u003e" + }, + "dimension": { + "type": "string", + "description": "\u003cp\u003eThe color that applies to the names of fields that are identified as\n dimensions.\u003c/p\u003e" + }, + "dimensionForeground": { + "type": "string", + "description": "\u003cp\u003eThe foreground color that applies to any text or other elements that appear over the\n dimension color.\u003c/p\u003e" + }, + "measure": { + "type": "string", + "description": "\u003cp\u003eThe color that applies to the names of fields that are identified as measures.\u003c/p\u003e" + }, + "measureForeground": { + "type": "string", + "description": "\u003cp\u003eThe foreground color that applies to any text or other elements that appear over the\n measure color.\u003c/p\u003e" + }, + "primaryBackground": { + "type": "string", + "description": "\u003cp\u003eThe background color that applies to visuals and other high emphasis UI.\u003c/p\u003e" + }, + "primaryForeground": { + "type": "string", + "description": "\u003cp\u003eThe color of text and other foreground elements that appear over the primary\n background regions, such as grid lines, borders, table banding, icons, and so on.\u003c/p\u003e" + }, + "secondaryBackground": { + "type": "string", + "description": "\u003cp\u003eThe background color that applies to the sheet background and sheet controls.\u003c/p\u003e" + }, + "secondaryForeground": { + "type": "string", + "description": "\u003cp\u003eThe foreground color that applies to any sheet title, sheet control text, or UI that\n appears over the secondary background.\u003c/p\u003e" + }, + "success": { + "type": "string", + "description": "\u003cp\u003eThe color that applies to success messages, for example the check mark for a\n successful download.\u003c/p\u003e" + }, + "successForeground": { + "type": "string", + "description": "\u003cp\u003eThe foreground color that applies to any text or other elements that appear over the\n success color.\u003c/p\u003e" + }, + "warning": { + "type": "string", + "description": "\u003cp\u003eThis color that applies to warning and informational messages.\u003c/p\u003e" + }, + "warningForeground": { + "type": "string", + "description": "\u003cp\u003eThe foreground color that applies to any text or other elements that appear over the\n warning color.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:ThemeVersion": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "\u003cp\u003eThe Amazon Resource Name (ARN) of the resource.\u003c/p\u003e" + }, + "baseThemeId": { + "type": "string", + "description": "\u003cp\u003eThe Amazon QuickSight-defined ID of the theme that a custom theme inherits from. All\n themes initially inherit from a default Amazon QuickSight theme.\u003c/p\u003e" + }, + "configuration": { + "$ref": "#/types/aws-native:quicksight:ThemeConfiguration", + "description": "The theme configuration, which contains all the theme display properties." + }, + "createdTime": { + "type": "string", + "description": "\u003cp\u003eThe date and time that this theme version was created.\u003c/p\u003e" + }, + "description": { + "type": "string", + "description": "\u003cp\u003eThe description of the theme.\u003c/p\u003e" + }, + "errors": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:ThemeError" + }, + "description": "\u003cp\u003eErrors associated with the theme.\u003c/p\u003e" + }, + "status": { + "$ref": "#/types/aws-native:quicksight:ThemeResourceStatus", + "description": "The status of the theme version." + }, + "versionNumber": { + "type": "number", + "description": "\u003cp\u003eThe version number of the theme.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:TopicAuthorSpecifiedAggregation": { + "type": "string" + }, + "aws-native:quicksight:TopicCalculatedField": { + "type": "object", + "properties": { + "aggregation": { + "$ref": "#/types/aws-native:quicksight:TopicDefaultAggregation", + "description": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` ." + }, + "allowedAggregations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicAuthorSpecifiedAggregation" + }, + "description": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` ." + }, + "calculatedFieldDescription": { + "type": "string", + "description": "The calculated field description." + }, + "calculatedFieldName": { + "type": "string", + "description": "The calculated field name." + }, + "calculatedFieldSynonyms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The other names or aliases for the calculated field." + }, + "cellValueSynonyms": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicCellValueSynonym" + }, + "description": "The other names or aliases for the calculated field cell value." + }, + "columnDataRole": { + "$ref": "#/types/aws-native:quicksight:TopicColumnDataRole", + "description": "The column data role for a calculated field. Valid values for this structure are `DIMENSION` and `MEASURE` ." + }, + "comparativeOrder": { + "$ref": "#/types/aws-native:quicksight:TopicComparativeOrder", + "description": "The order in which data is displayed for the calculated field when it's used in a comparative context." + }, + "defaultFormatting": { + "$ref": "#/types/aws-native:quicksight:TopicDefaultFormatting", + "description": "The default formatting definition." + }, + "disableIndexing": { + "type": "boolean", + "description": "A Boolean value that indicates if a calculated field is visible in the autocomplete." + }, + "expression": { + "type": "string", + "description": "The calculated field expression." + }, + "isIncludedInTopic": { + "type": "boolean", + "description": "A boolean value that indicates if a calculated field is included in the topic." + }, + "neverAggregateInFilter": { + "type": "boolean", + "description": "A Boolean value that indicates whether to never aggregate calculated field in filters." + }, + "nonAdditive": { + "type": "boolean", + "description": "The non additive for the table style target." + }, + "notAllowedAggregations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicAuthorSpecifiedAggregation" + }, + "description": "The list of aggregation types that are not allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` ." + }, + "semanticType": { + "$ref": "#/types/aws-native:quicksight:TopicSemanticType", + "description": "The semantic type." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:TopicTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:TopicCategoryFilter": { + "type": "object", + "properties": { + "categoryFilterFunction": { + "$ref": "#/types/aws-native:quicksight:TopicCategoryFilterFunction", + "description": "The category filter function. Valid values for this structure are `EXACT` and `CONTAINS` ." + }, + "categoryFilterType": { + "$ref": "#/types/aws-native:quicksight:TopicCategoryFilterType", + "description": "The category filter type. This element is used to specify whether a filter is a simple category filter or an inverse category filter." + }, + "constant": { + "$ref": "#/types/aws-native:quicksight:TopicCategoryFilterConstant", + "description": "The constant used in a category filter." + }, + "inverse": { + "type": "boolean", + "description": "A Boolean value that indicates if the filter is inverse." + } + } + }, + "aws-native:quicksight:TopicCategoryFilterConstant": { + "type": "object", + "properties": { + "collectiveConstant": { + "$ref": "#/types/aws-native:quicksight:TopicCollectiveConstant", + "description": "A collective constant used in a category filter. This element is used to specify a list of values for the constant." + }, + "constantType": { + "$ref": "#/types/aws-native:quicksight:TopicConstantType", + "description": "The type of category filter constant. This element is used to specify whether a constant is a singular or collective. Valid values are `SINGULAR` and `COLLECTIVE` ." + }, + "singularConstant": { + "type": "string", + "description": "A singular constant used in a category filter. This element is used to specify a single value for the constant." + } + } + }, + "aws-native:quicksight:TopicCategoryFilterFunction": { + "type": "string" + }, + "aws-native:quicksight:TopicCategoryFilterType": { + "type": "string" + }, + "aws-native:quicksight:TopicCellValueSynonym": { + "type": "object", + "properties": { + "cellValue": { + "type": "string", + "description": "The cell value." + }, + "synonyms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Other names or aliases for the cell value." + } + } + }, + "aws-native:quicksight:TopicCollectiveConstant": { + "type": "object", + "properties": { + "valueList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of values for the collective constant." + } + } + }, + "aws-native:quicksight:TopicColumn": { + "type": "object", + "properties": { + "aggregation": { + "$ref": "#/types/aws-native:quicksight:TopicDefaultAggregation", + "description": "The type of aggregation that is performed on the column data when it's queried." + }, + "allowedAggregations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicAuthorSpecifiedAggregation" + }, + "description": "The list of aggregation types that are allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` ." + }, + "cellValueSynonyms": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicCellValueSynonym" + }, + "description": "The other names or aliases for the column cell value." + }, + "columnDataRole": { + "$ref": "#/types/aws-native:quicksight:TopicColumnDataRole", + "description": "The role of the column in the data. Valid values are `DIMENSION` and `MEASURE` ." + }, + "columnDescription": { + "type": "string", + "description": "A description of the column and its contents." + }, + "columnFriendlyName": { + "type": "string", + "description": "A user-friendly name for the column." + }, + "columnName": { + "type": "string", + "description": "The name of the column." + }, + "columnSynonyms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The other names or aliases for the column." + }, + "comparativeOrder": { + "$ref": "#/types/aws-native:quicksight:TopicComparativeOrder", + "description": "The order in which data is displayed for the column when it's used in a comparative context." + }, + "defaultFormatting": { + "$ref": "#/types/aws-native:quicksight:TopicDefaultFormatting", + "description": "The default formatting used for values in the column." + }, + "disableIndexing": { + "type": "boolean", + "description": "A Boolean value that indicates whether the column shows in the autocomplete functionality." + }, + "isIncludedInTopic": { + "type": "boolean", + "description": "A Boolean value that indicates whether the column is included in the query results." + }, + "neverAggregateInFilter": { + "type": "boolean", + "description": "A Boolean value that indicates whether to aggregate the column data when it's used in a filter context." + }, + "nonAdditive": { + "type": "boolean", + "description": "The non additive value for the column." + }, + "notAllowedAggregations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicAuthorSpecifiedAggregation" + }, + "description": "The list of aggregation types that are not allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` ." + }, + "semanticType": { + "$ref": "#/types/aws-native:quicksight:TopicSemanticType", + "description": "The semantic type of data contained in the column." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:TopicTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:TopicColumnDataRole": { + "type": "string" + }, + "aws-native:quicksight:TopicColumnOrderingType": { + "type": "string" + }, + "aws-native:quicksight:TopicComparativeOrder": { + "type": "object", + "properties": { + "specifedOrder": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of columns to be used in the ordering." + }, + "treatUndefinedSpecifiedValues": { + "$ref": "#/types/aws-native:quicksight:TopicUndefinedSpecifiedValueType", + "description": "The treat of undefined specified values. Valid values for this structure are `LEAST` and `MOST` ." + }, + "useOrdering": { + "$ref": "#/types/aws-native:quicksight:TopicColumnOrderingType", + "description": "The ordering type for a column. Valid values for this structure are `GREATER_IS_BETTER` , `LESSER_IS_BETTER` and `SPECIFIED` ." + } + } + }, + "aws-native:quicksight:TopicConstantType": { + "type": "string" + }, + "aws-native:quicksight:TopicDataAggregation": { + "type": "object", + "properties": { + "datasetRowDateGranularity": { + "$ref": "#/types/aws-native:quicksight:TopicTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + }, + "defaultDateColumnName": { + "type": "string", + "description": "The column name for the default date." + } + } + }, + "aws-native:quicksight:TopicDatasetMetadata": { + "type": "object", + "properties": { + "calculatedFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicCalculatedField" + }, + "description": "The list of calculated field definitions." + }, + "columns": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicColumn" + }, + "description": "The list of column definitions." + }, + "dataAggregation": { + "$ref": "#/types/aws-native:quicksight:TopicDataAggregation", + "description": "The definition of a data aggregation." + }, + "datasetArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the dataset." + }, + "datasetDescription": { + "type": "string", + "description": "The description of the dataset." + }, + "datasetName": { + "type": "string", + "description": "The name of the dataset." + }, + "filters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicFilter" + }, + "description": "The list of filter definitions." + }, + "namedEntities": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicNamedEntity" + }, + "description": "The list of named entities definitions." + } + } + }, + "aws-native:quicksight:TopicDateRangeFilter": { + "type": "object", + "properties": { + "constant": { + "$ref": "#/types/aws-native:quicksight:TopicRangeFilterConstant", + "description": "The constant used in a date range filter." + }, + "inclusive": { + "type": "boolean", + "description": "A Boolean value that indicates whether the date range filter should include the boundary values. If set to true, the filter includes the start and end dates. If set to false, the filter excludes them." + } + } + }, + "aws-native:quicksight:TopicDefaultAggregation": { + "type": "string" + }, + "aws-native:quicksight:TopicDefaultFormatting": { + "type": "object", + "properties": { + "displayFormat": { + "$ref": "#/types/aws-native:quicksight:TopicDisplayFormat", + "description": "The display format. Valid values for this structure are `AUTO` , `PERCENT` , `CURRENCY` , `NUMBER` , `DATE` , and `STRING` ." + }, + "displayFormatOptions": { + "$ref": "#/types/aws-native:quicksight:TopicDisplayFormatOptions", + "description": "The additional options for display formatting." + } + } + }, + "aws-native:quicksight:TopicDisplayFormat": { + "type": "string" + }, + "aws-native:quicksight:TopicDisplayFormatOptions": { + "type": "object", + "properties": { + "blankCellFormat": { + "type": "string", + "description": "Determines the blank cell format." + }, + "currencySymbol": { + "type": "string", + "description": "The currency symbol, such as `USD` ." + }, + "dateFormat": { + "type": "string", + "description": "Determines the `DateTime` format." + }, + "decimalSeparator": { + "$ref": "#/types/aws-native:quicksight:TopicNumericSeparatorSymbol", + "description": "Determines the decimal separator." + }, + "fractionDigits": { + "type": "number", + "description": "Determines the number of fraction digits." + }, + "groupingSeparator": { + "type": "string", + "description": "Determines the grouping separator." + }, + "negativeFormat": { + "$ref": "#/types/aws-native:quicksight:TopicNegativeFormat", + "description": "The negative format." + }, + "prefix": { + "type": "string", + "description": "The prefix value for a display format." + }, + "suffix": { + "type": "string", + "description": "The suffix value for a display format." + }, + "unitScaler": { + "$ref": "#/types/aws-native:quicksight:TopicNumberScale", + "description": "The unit scaler. Valid values for this structure are: `NONE` , `AUTO` , `THOUSANDS` , `MILLIONS` , `BILLIONS` , and `TRILLIONS` ." + }, + "useBlankCellFormat": { + "type": "boolean", + "description": "A Boolean value that indicates whether to use blank cell format." + }, + "useGrouping": { + "type": "boolean", + "description": "A Boolean value that indicates whether to use grouping." + } + } + }, + "aws-native:quicksight:TopicFilter": { + "type": "object", + "properties": { + "categoryFilter": { + "$ref": "#/types/aws-native:quicksight:TopicCategoryFilter", + "description": "The category filter that is associated with this filter." + }, + "dateRangeFilter": { + "$ref": "#/types/aws-native:quicksight:TopicDateRangeFilter", + "description": "The date range filter." + }, + "filterClass": { + "$ref": "#/types/aws-native:quicksight:TopicFilterClass", + "description": "The class of the filter. Valid values for this structure are `ENFORCED_VALUE_FILTER` , `CONDITIONAL_VALUE_FILTER` , and `NAMED_VALUE_FILTER` ." + }, + "filterDescription": { + "type": "string", + "description": "A description of the filter used to select items for a topic." + }, + "filterName": { + "type": "string", + "description": "The name of the filter." + }, + "filterSynonyms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The other names or aliases for the filter." + }, + "filterType": { + "$ref": "#/types/aws-native:quicksight:TopicNamedFilterType", + "description": "The type of the filter. Valid values for this structure are `CATEGORY_FILTER` , `NUMERIC_EQUALITY_FILTER` , `NUMERIC_RANGE_FILTER` , `DATE_RANGE_FILTER` , and `RELATIVE_DATE_FILTER` ." + }, + "numericEqualityFilter": { + "$ref": "#/types/aws-native:quicksight:TopicNumericEqualityFilter", + "description": "The numeric equality filter." + }, + "numericRangeFilter": { + "$ref": "#/types/aws-native:quicksight:TopicNumericRangeFilter", + "description": "The numeric range filter." + }, + "operandFieldName": { + "type": "string", + "description": "The name of the field that the filter operates on." + }, + "relativeDateFilter": { + "$ref": "#/types/aws-native:quicksight:TopicRelativeDateFilter", + "description": "The relative date filter." + } + } + }, + "aws-native:quicksight:TopicFilterClass": { + "type": "string" + }, + "aws-native:quicksight:TopicNamedEntity": { + "type": "object", + "properties": { + "definition": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:quicksight:TopicNamedEntityDefinition" + }, + "description": "The definition of a named entity." + }, + "entityDescription": { + "type": "string", + "description": "The description of the named entity." + }, + "entityName": { + "type": "string", + "description": "The name of the named entity." + }, + "entitySynonyms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The other names or aliases for the named entity." + }, + "semanticEntityType": { + "$ref": "#/types/aws-native:quicksight:TopicSemanticEntityType", + "description": "The type of named entity that a topic represents." + } + } + }, + "aws-native:quicksight:TopicNamedEntityAggType": { + "type": "string" + }, + "aws-native:quicksight:TopicNamedEntityDefinition": { + "type": "object", + "properties": { + "fieldName": { + "type": "string", + "description": "The name of the entity." + }, + "metric": { + "$ref": "#/types/aws-native:quicksight:TopicNamedEntityDefinitionMetric", + "description": "The definition of a metric." + }, + "propertyName": { + "type": "string", + "description": "The property name to be used for the named entity." + }, + "propertyRole": { + "$ref": "#/types/aws-native:quicksight:TopicPropertyRole", + "description": "The property role. Valid values for this structure are `PRIMARY` and `ID` ." + }, + "propertyUsage": { + "$ref": "#/types/aws-native:quicksight:TopicPropertyUsage", + "description": "The property usage. Valid values for this structure are `INHERIT` , `DIMENSION` , and `MEASURE` ." + } + } + }, + "aws-native:quicksight:TopicNamedEntityDefinitionMetric": { + "type": "object", + "properties": { + "aggregation": { + "$ref": "#/types/aws-native:quicksight:TopicNamedEntityAggType", + "description": "The aggregation of a named entity. Valid values for this structure are `SUM` , `MIN` , `MAX` , `COUNT` , `AVERAGE` , `DISTINCT_COUNT` , `STDEV` , `STDEVP` , `VAR` , `VARP` , `PERCENTILE` , `MEDIAN` , and `CUSTOM` ." + }, + "aggregationFunctionParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The additional parameters for an aggregation function." + } + } + }, + "aws-native:quicksight:TopicNamedFilterAggType": { + "type": "string" + }, + "aws-native:quicksight:TopicNamedFilterType": { + "type": "string" + }, + "aws-native:quicksight:TopicNegativeFormat": { + "type": "object", + "properties": { + "prefix": { + "type": "string", + "description": "The prefix for a negative format." + }, + "suffix": { + "type": "string", + "description": "The suffix for a negative format." + } + } + }, + "aws-native:quicksight:TopicNumberScale": { + "type": "string" + }, + "aws-native:quicksight:TopicNumericEqualityFilter": { + "type": "object", + "properties": { + "aggregation": { + "$ref": "#/types/aws-native:quicksight:TopicNamedFilterAggType", + "description": "An aggregation function that specifies how to calculate the value of a numeric field for a topic. Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` ." + }, + "constant": { + "$ref": "#/types/aws-native:quicksight:TopicSingularFilterConstant", + "description": "The constant used in a numeric equality filter." + } + } + }, + "aws-native:quicksight:TopicNumericRangeFilter": { + "type": "object", + "properties": { + "aggregation": { + "$ref": "#/types/aws-native:quicksight:TopicNamedFilterAggType", + "description": "An aggregation function that specifies how to calculate the value of a numeric field for a topic, Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` ." + }, + "constant": { + "$ref": "#/types/aws-native:quicksight:TopicRangeFilterConstant", + "description": "The constant used in a numeric range filter." + }, + "inclusive": { + "type": "boolean", + "description": "A Boolean value that indicates whether the endpoints of the numeric range are included in the filter. If set to true, topics whose numeric field value is equal to the endpoint values will be included in the filter. If set to false, topics whose numeric field value is equal to the endpoint values will be excluded from the filter." + } + } + }, + "aws-native:quicksight:TopicNumericSeparatorSymbol": { + "type": "string" + }, + "aws-native:quicksight:TopicPropertyRole": { + "type": "string" + }, + "aws-native:quicksight:TopicPropertyUsage": { + "type": "string" + }, + "aws-native:quicksight:TopicRangeConstant": { + "type": "object", + "properties": { + "maximum": { + "type": "string", + "description": "The maximum value for a range constant." + }, + "minimum": { + "type": "string", + "description": "The minimum value for a range constant." + } + } + }, + "aws-native:quicksight:TopicRangeFilterConstant": { + "type": "object", + "properties": { + "constantType": { + "$ref": "#/types/aws-native:quicksight:TopicConstantType", + "description": "The data type of the constant value that is used in a range filter. Valid values for this structure are `RANGE` ." + }, + "rangeConstant": { + "$ref": "#/types/aws-native:quicksight:TopicRangeConstant", + "description": "The value of the constant that is used to specify the endpoints of a range filter." + } + } + }, + "aws-native:quicksight:TopicRelativeDateFilter": { + "type": "object", + "properties": { + "constant": { + "$ref": "#/types/aws-native:quicksight:TopicSingularFilterConstant", + "description": "The constant used in a relative date filter." + }, + "relativeDateFilterFunction": { + "$ref": "#/types/aws-native:quicksight:TopicRelativeDateFilterFunction", + "description": "The function to be used in a relative date filter to determine the range of dates to include in the results. Valid values for this structure are `BEFORE` , `AFTER` , and `BETWEEN` ." + }, + "timeGranularity": { + "$ref": "#/types/aws-native:quicksight:TopicTimeGranularity", + "description": "The level of time precision that is used to aggregate `DateTime` values." + } + } + }, + "aws-native:quicksight:TopicRelativeDateFilterFunction": { + "type": "string" + }, + "aws-native:quicksight:TopicSemanticEntityType": { + "type": "object", + "properties": { + "subTypeName": { + "type": "string", + "description": "The semantic entity sub type name." + }, + "typeName": { + "type": "string", + "description": "The semantic entity type name." + }, + "typeParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The semantic entity type parameters." + } + } + }, + "aws-native:quicksight:TopicSemanticType": { + "type": "object", + "properties": { + "falseyCellValue": { + "type": "string", + "description": "The semantic type falsey cell value." + }, + "falseyCellValueSynonyms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The other names or aliases for the false cell value." + }, + "subTypeName": { + "type": "string", + "description": "The semantic type sub type name." + }, + "truthyCellValue": { + "type": "string", + "description": "The semantic type truthy cell value." + }, + "truthyCellValueSynonyms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The other names or aliases for the true cell value." + }, + "typeName": { + "type": "string", + "description": "The semantic type name." + }, + "typeParameters": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The semantic type parameters." + } + } + }, + "aws-native:quicksight:TopicSingularFilterConstant": { + "type": "object", + "properties": { + "constantType": { + "$ref": "#/types/aws-native:quicksight:TopicConstantType", + "description": "The type of the singular filter constant. Valid values for this structure are `SINGULAR` ." + }, + "singularConstant": { + "type": "string", + "description": "The value of the singular filter constant." + } + } + }, + "aws-native:quicksight:TopicTimeGranularity": { + "type": "string" + }, + "aws-native:quicksight:TopicUndefinedSpecifiedValueType": { + "type": "string" + }, + "aws-native:quicksight:TopicUserExperienceVersion": { + "type": "string" + }, + "aws-native:quicksight:VpcConnectionNetworkInterface": { + "type": "object", + "properties": { + "availabilityZone": { + "type": "string", + "description": "\u003cp\u003eThe availability zone that the network interface resides in.\u003c/p\u003e" + }, + "errorMessage": { + "type": "string", + "description": "\u003cp\u003eAn error message.\u003c/p\u003e" + }, + "networkInterfaceId": { + "type": "string", + "description": "\u003cp\u003eThe network interface ID.\u003c/p\u003e" + }, + "status": { + "$ref": "#/types/aws-native:quicksight:VpcConnectionNetworkInterfaceStatus", + "description": "The status of the network interface." + }, + "subnetId": { + "type": "string", + "description": "\u003cp\u003eThe subnet ID associated with the network interface.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:VpcConnectionNetworkInterfaceStatus": { + "type": "string" + }, + "aws-native:quicksight:VpcConnectionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "\u003cp\u003eTag key.\u003c/p\u003e" + }, + "value": { + "type": "string", + "description": "\u003cp\u003eTag value.\u003c/p\u003e" + } + } + }, + "aws-native:quicksight:VpcConnectionVpcConnectionAvailabilityStatus": { + "type": "string" + }, + "aws-native:quicksight:VpcConnectionVpcConnectionResourceStatus": { + "type": "string" + }, + "aws-native:ram:PermissionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:rds:CustomDbEngineVersionStatus": { + "type": "string" + }, + "aws-native:rds:CustomDbEngineVersionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:rds:DbClusterDbClusterRole": { + "type": "object", + "properties": { + "featureName": { + "type": "string", + "description": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the ``SupportedFeatureNames`` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference*." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster." + } + } + }, + "aws-native:rds:DbClusterEndpoint": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "Specifies the connection endpoint for the primary instance of the DB cluster." + }, + "port": { + "type": "string", + "description": "Specifies the port that the database engine is listening on." + } + } + }, + "aws-native:rds:DbClusterMasterUserSecret": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The AWS KMS key identifier that is used to encrypt the secret." + }, + "secretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the ``Fn::GetAtt`` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#aws-resource-rds-dbcluster-return-values)." + } + } + }, + "aws-native:rds:DbClusterParameterGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + }, + "value": { + "type": "string", + "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + } + } + }, + "aws-native:rds:DbClusterReadEndpoint": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "The host address of the reader endpoint." + } + } + }, + "aws-native:rds:DbClusterScalingConfiguration": { + "type": "object", + "properties": { + "autoPause": { + "type": "boolean", + "description": "Indicates whether to allow or disallow automatic pause for an Aurora DB cluster in ``serverless`` DB engine mode. A DB cluster can be paused only when it's idle (it has no connections).\n If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it." + }, + "maxCapacity": { + "type": "integer", + "description": "The maximum capacity for an Aurora DB cluster in ``serverless`` DB engine mode.\n For Aurora MySQL, valid capacity values are ``1``, ``2``, ``4``, ``8``, ``16``, ``32``, ``64``, ``128``, and ``256``.\n For Aurora PostgreSQL, valid capacity values are ``2``, ``4``, ``8``, ``16``, ``32``, ``64``, ``192``, and ``384``.\n The maximum capacity must be greater than or equal to the minimum capacity." + }, + "minCapacity": { + "type": "integer", + "description": "The minimum capacity for an Aurora DB cluster in ``serverless`` DB engine mode.\n For Aurora MySQL, valid capacity values are ``1``, ``2``, ``4``, ``8``, ``16``, ``32``, ``64``, ``128``, and ``256``.\n For Aurora PostgreSQL, valid capacity values are ``2``, ``4``, ``8``, ``16``, ``32``, ``64``, ``192``, and ``384``.\n The minimum capacity must be less than or equal to the maximum capacity." + }, + "secondsBeforeTimeout": { + "type": "integer", + "description": "The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The default is 300.\n Specify a value between 60 and 600 seconds." + }, + "secondsUntilAutoPause": { + "type": "integer", + "description": "The time, in seconds, before an Aurora DB cluster in ``serverless`` mode is paused.\n Specify a value between 300 and 86,400 seconds." + }, + "timeoutAction": { + "type": "string", + "description": "The action to take when the timeout is reached, either ``ForceApplyCapacityChange`` or ``RollbackCapacityChange``.\n ``ForceApplyCapacityChange`` sets the capacity to the specified value as soon as possible.\n ``RollbackCapacityChange``, the default, ignores the capacity change if a scaling point isn't found in the timeout period.\n If you specify ``ForceApplyCapacityChange``, connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped.\n For more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide*." + } + } + }, + "aws-native:rds:DbClusterServerlessV2ScalingConfiguration": { + "type": "object", + "properties": { + "maxCapacity": { + "type": "number", + "description": "The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128.\n The maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide*.\n Aurora automatically sets certain parameters for Aurora Serverless V2 DB instances to values that depend on the maximum ACU value in the capacity range. When you update the maximum capacity value, the ``ParameterApplyStatus`` value for the DB instance changes to ``pending-reboot``. You can update the parameter values by rebooting the DB instance after changing the capacity range." + }, + "minCapacity": { + "type": "number", + "description": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. The smallest value that you can use is 0.5." + } + } + }, + "aws-native:rds:DbClusterTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + }, + "value": { + "type": "string", + "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + } + } + }, + "aws-native:rds:DbInstanceCertificateDetails": { + "type": "object", + "properties": { + "caIdentifier": { + "type": "string", + "description": "The CA identifier of the CA certificate used for the DB instance's server certificate." + }, + "validTill": { + "type": "string", + "description": "The expiration date of the DB instance’s server certificate." + } + }, + "irreversibleNames": { + "caIdentifier": "CAIdentifier" + } + }, + "aws-native:rds:DbInstanceDbInstanceRole": { + "type": "object", + "properties": { + "featureName": { + "type": "string", + "description": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the ``SupportedFeatureNames`` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference*." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance." + } + } + }, + "aws-native:rds:DbInstanceEndpoint": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "Specifies the DNS address of the DB instance." + }, + "hostedZoneId": { + "type": "string", + "description": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone." + }, + "port": { + "type": "string", + "description": "Specifies the port that the database engine is listening on." + } + } + }, + "aws-native:rds:DbInstanceMasterUserSecret": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The AWS KMS key identifier that is used to encrypt the secret." + }, + "secretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the ``Fn::GetAtt`` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values)." + } + } + }, + "aws-native:rds:DbInstanceProcessorFeature": { + "type": "object", + "properties": { + "name": { + "$ref": "#/types/aws-native:rds:DbInstanceProcessorFeatureName", + "description": "The name of the processor feature. Valid names are ``coreCount`` and ``threadsPerCore``." + }, + "value": { + "type": "string", + "description": "The value of a processor feature." + } + } + }, + "aws-native:rds:DbInstanceProcessorFeatureName": { + "type": "string" + }, + "aws-native:rds:DbInstanceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + }, + "value": { + "type": "string", + "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + } + } + }, + "aws-native:rds:DbParameterGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + }, + "value": { + "type": "string", + "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + } + } + }, + "aws-native:rds:DbProxyAuthFormat": { + "type": "object", + "properties": { + "authScheme": { + "$ref": "#/types/aws-native:rds:DbProxyAuthFormatAuthScheme", + "description": "The type of authentication that the proxy uses for connections from the proxy to the underlying database. " + }, + "clientPasswordAuthType": { + "$ref": "#/types/aws-native:rds:DbProxyAuthFormatClientPasswordAuthType", + "description": "The type of authentication the proxy uses for connections from clients." + }, + "description": { + "type": "string", + "description": "A user-specified description about the authentication used by a proxy to log in as a specific database user. " + }, + "iamAuth": { + "$ref": "#/types/aws-native:rds:DbProxyAuthFormatIamAuth", + "description": "Whether to require or disallow Amazon Web Services Identity and Access Management (IAM) authentication for connections to the proxy. The ENABLED value is valid only for proxies with RDS for Microsoft SQL Server." + }, + "secretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager. " + } + }, + "irreversibleNames": { + "iamAuth": "IAMAuth" + } + }, + "aws-native:rds:DbProxyAuthFormatAuthScheme": { + "type": "string" + }, + "aws-native:rds:DbProxyAuthFormatClientPasswordAuthType": { + "type": "string" + }, + "aws-native:rds:DbProxyAuthFormatIamAuth": { + "type": "string" + }, + "aws-native:rds:DbProxyEndpointTagFormat": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + }, + "value": { + "type": "string", + "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + } + } + }, + "aws-native:rds:DbProxyEndpointTargetRole": { + "type": "string" + }, + "aws-native:rds:DbProxyEngineFamily": { + "type": "string" + }, + "aws-native:rds:DbProxyTagFormat": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + }, + "value": { + "type": "string", + "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with `aws:` or `rds:` . The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + } + } + }, + "aws-native:rds:DbProxyTargetGroupConnectionPoolConfigurationInfoFormat": { + "type": "object", + "properties": { + "connectionBorrowTimeout": { + "type": "integer", + "description": "The number of seconds for a proxy to wait for a connection to become available in the connection pool." + }, + "initQuery": { + "type": "string", + "description": "One or more SQL statements for the proxy to run when opening each new database connection." + }, + "maxConnectionsPercent": { + "type": "integer", + "description": "The maximum size of the connection pool for each target in a target group." + }, + "maxIdleConnectionsPercent": { + "type": "integer", + "description": "Controls how actively the proxy closes idle database connections in the connection pool." + }, + "sessionPinningFilters": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection." + } + } + }, + "aws-native:rds:DbProxyTargetGroupTargetGroupName": { + "type": "string" + }, + "aws-native:rds:DbSubnetGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + }, + "value": { + "type": "string", + "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + } + } + }, + "aws-native:rds:EventSubscriptionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + }, + "value": { + "type": "string", + "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + } + } + }, + "aws-native:rds:GlobalClusterEngine": { + "type": "string" + }, + "aws-native:rds:IntegrationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + }, + "value": { + "type": "string", + "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + } + } + }, + "aws-native:rds:OptionGroupOptionConfiguration": { + "type": "object", + "properties": { + "dbSecurityGroupMemberships": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of DB security groups used for this option." + }, + "optionName": { + "type": "string", + "description": "The configuration of options to include in a group." + }, + "optionSettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rds:OptionGroupOptionSetting" + }, + "description": "The option settings to include in an option group." + }, + "optionVersion": { + "type": "string", + "description": "The version for the option." + }, + "port": { + "type": "integer", + "description": "The optional port for the option." + }, + "vpcSecurityGroupMemberships": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of VPC security group names used for this option." + } + }, + "irreversibleNames": { + "dbSecurityGroupMemberships": "DBSecurityGroupMemberships" + } + }, + "aws-native:rds:OptionGroupOptionSetting": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the option that has settings that you can set." + }, + "value": { + "type": "string", + "description": "The current value of the option setting." + } + } + }, + "aws-native:rds:OptionGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + }, + "value": { + "type": "string", + "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\")." + } + } + }, + "aws-native:redshift:ClusterEndpoint": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "The DNS address of the cluster. This property is read only." + }, + "port": { + "type": "string", + "description": "The port that the database engine is listening on. This property is read only." + } + } + }, + "aws-native:redshift:ClusterLoggingProperties": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The name of an existing S3 bucket where the log files are to be stored.\n\nConstraints:\n\n- Must be in the same region as the cluster\n- The cluster must have read bucket and put object permissions" + }, + "logDestinationType": { + "type": "string" + }, + "logExports": { + "type": "array", + "items": { + "type": "string" + } + }, + "s3KeyPrefix": { + "type": "string", + "description": "The prefix applied to the log file names.\n\nConstraints:\n\n- Cannot exceed 512 characters\n- Cannot contain spaces( ), double quotes (\"), single quotes ('), a backslash (\\), or control characters. The hexadecimal codes for invalid characters are:\n\n- x00 to x20\n- x22\n- x27\n- x5c\n- x7f or larger" + } + }, + "irreversibleNames": { + "s3KeyPrefix": "S3KeyPrefix" + } + }, + "aws-native:redshift:ClusterParameterGroupParameter": { + "type": "object", + "properties": { + "parameterName": { + "type": "string", + "description": "The name of the parameter." + }, + "parameterValue": { + "type": "string", + "description": "The value of the parameter. If `ParameterName` is `wlm_json_configuration`, then the maximum size of `ParameterValue` is 8000 characters." + } + } + }, + "aws-native:redshift:ClusterParameterGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:redshift:ClusterSubnetGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:redshift:ClusterTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:redshift:EndpointAccessNetworkInterface": { + "type": "object", + "properties": { + "availabilityZone": { + "type": "string", + "description": "The Availability Zone." + }, + "networkInterfaceId": { + "type": "string", + "description": "The network interface identifier." + }, + "privateIpAddress": { + "type": "string", + "description": "The IPv4 address of the network interface within the subnet." + }, + "subnetId": { + "type": "string", + "description": "The subnet identifier." + } + } + }, + "aws-native:redshift:EndpointAccessVpcSecurityGroup": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "The status of the VPC security group." + }, + "vpcSecurityGroupId": { + "type": "string", + "description": "The identifier of the VPC security group." + } + } + }, + "aws-native:redshift:EventSubscriptionEventCategoriesItem": { + "type": "string" + }, + "aws-native:redshift:EventSubscriptionSeverity": { + "type": "string" + }, + "aws-native:redshift:EventSubscriptionSourceType": { + "type": "string" + }, + "aws-native:redshift:EventSubscriptionStatus": { + "type": "string" + }, + "aws-native:redshift:EventSubscriptionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:redshift:ScheduledActionState": { + "type": "string" + }, + "aws-native:redshift:ScheduledActionType": { + "type": "object" + }, + "aws-native:redshift:VpcEndpointProperties": { + "type": "object", + "properties": { + "networkInterfaces": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshift:EndpointAccessNetworkInterface" + }, + "description": "One or more network interfaces of the endpoint. Also known as an interface endpoint." + }, + "vpcEndpointId": { + "type": "string", + "description": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy." + }, + "vpcId": { + "type": "string", + "description": "The VPC identifier that the endpoint is associated." + } + } + }, + "aws-native:redshiftserverless:Namespace": { + "type": "object", + "properties": { + "adminPasswordSecretArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the namespace's admin user credentials secret." + }, + "adminPasswordSecretKmsKeyId": { + "type": "string", + "description": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret." + }, + "adminUsername": { + "type": "string", + "description": "The username of the administrator for the first database created in the namespace." + }, + "creationDate": { + "type": "string", + "description": "The date of when the namespace was created." + }, + "dbName": { + "type": "string", + "description": "The name of the first database created in the namespace." + }, + "defaultIamRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace." + }, + "iamRoles": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of IAM roles to associate with the namespace." + }, + "kmsKeyId": { + "type": "string", + "description": "The ID of the AWS Key Management Service key used to encrypt your data." + }, + "logExports": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshiftserverless:NamespaceLogExport" + }, + "description": "The types of logs the namespace can export. Available export types are User log, Connection log, and User activity log." + }, + "namespaceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) associated with a namespace." + }, + "namespaceId": { + "type": "string", + "description": "The unique identifier of a namespace." + }, + "namespaceName": { + "type": "string", + "description": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide." + }, + "status": { + "$ref": "#/types/aws-native:redshiftserverless:NamespaceStatus", + "description": "The status of the namespace." + } + } + }, + "aws-native:redshiftserverless:NamespaceLogExport": { + "type": "string" + }, + "aws-native:redshiftserverless:NamespaceSnapshotCopyConfiguration": { + "type": "object", + "properties": { + "destinationKmsKeyId": { + "type": "string", + "description": "The ID of the KMS key to use to encrypt your snapshots in the destination AWS Region ." + }, + "destinationRegion": { + "type": "string", + "description": "The destination AWS Region to copy snapshots to." + }, + "snapshotRetentionPeriod": { + "type": "integer", + "description": "The retention period of snapshots that are copied to the destination AWS Region ." + } + } + }, + "aws-native:redshiftserverless:NamespaceStatus": { + "type": "string" + }, + "aws-native:redshiftserverless:NamespaceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key to use in the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:redshiftserverless:Workgroup": { + "type": "object", + "properties": { + "baseCapacity": { + "type": "integer", + "description": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs)." + }, + "configParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshiftserverless:WorkgroupConfigParameter" + }, + "description": "An array of parameters to set for advanced control over a database. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) ." + }, + "creationDate": { + "type": "string", + "description": "The creation date of the workgroup." + }, + "endpoint": { + "$ref": "#/types/aws-native:redshiftserverless:WorkgroupEndpoint", + "description": "The endpoint that is created from the workgroup." + }, + "enhancedVpcRouting": { + "type": "boolean", + "description": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC." + }, + "maxCapacity": { + "type": "integer", + "description": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs." + }, + "namespaceName": { + "type": "string", + "description": "The namespace the workgroup is associated with." + }, + "publiclyAccessible": { + "type": "boolean", + "description": "A value that specifies whether the workgroup can be accessible from a public network." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of security group IDs to associate with the workgroup." + }, + "status": { + "$ref": "#/types/aws-native:redshiftserverless:WorkgroupStatus", + "description": "The status of the workgroup." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of subnet IDs the workgroup is associated with." + }, + "workgroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that links to the workgroup." + }, + "workgroupId": { + "type": "string", + "description": "The unique identifier of the workgroup." + }, + "workgroupName": { + "type": "string", + "description": "The name of the workgroup." + } + } + }, + "aws-native:redshiftserverless:WorkgroupConfigParameter": { + "type": "object", + "properties": { + "parameterKey": { + "type": "string", + "description": "The key of the parameter. The options are `datestyle` , `enable_user_activity_logging` , `query_group` , `search_path` , `max_query_execution_time` , and `require_ssl` ." + }, + "parameterValue": { + "type": "string", + "description": "The value of the parameter to set." + } + } + }, + "aws-native:redshiftserverless:WorkgroupEndpoint": { + "type": "object", + "properties": { + "address": { + "type": "string", + "description": "The DNS address of the VPC endpoint." + }, + "port": { + "type": "integer", + "description": "The port that Amazon Redshift Serverless listens on." + }, + "vpcEndpoints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshiftserverless:WorkgroupVpcEndpoint" + }, + "description": "An array of `VpcEndpoint` objects." + } + } + }, + "aws-native:redshiftserverless:WorkgroupNetworkInterface": { + "type": "object", + "properties": { + "availabilityZone": { + "type": "string", + "description": "The availability Zone." + }, + "networkInterfaceId": { + "type": "string", + "description": "The unique identifier of the network interface." + }, + "privateIpAddress": { + "type": "string", + "description": "The IPv4 address of the network interface within the subnet." + }, + "subnetId": { + "type": "string", + "description": "The unique identifier of the subnet." + } + } + }, + "aws-native:redshiftserverless:WorkgroupStatus": { + "type": "string" + }, + "aws-native:redshiftserverless:WorkgroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key to use in the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:redshiftserverless:WorkgroupVpcEndpoint": { + "type": "object", + "properties": { + "networkInterfaces": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:redshiftserverless:WorkgroupNetworkInterface" + }, + "description": "One or more network interfaces of the endpoint. Also known as an interface endpoint." + }, + "vpcEndpointId": { + "type": "string", + "description": "The connection endpoint ID for connecting to Amazon Redshift Serverless." + }, + "vpcId": { + "type": "string", + "description": "The VPC identifier that the endpoint is associated with." + } + } + }, + "aws-native:refactorspaces:ApplicationApiGatewayEndpointType": { + "type": "string" + }, + "aws-native:refactorspaces:ApplicationApiGatewayProxyInput": { + "type": "object", + "properties": { + "endpointType": { + "$ref": "#/types/aws-native:refactorspaces:ApplicationApiGatewayEndpointType", + "description": "The type of endpoint to use for the API Gateway proxy. If no value is specified in the request, the value is set to `REGIONAL` by default.\n\nIf the value is set to `PRIVATE` in the request, this creates a private API endpoint that is isolated from the public internet. The private endpoint can only be accessed by using Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for the Amazon API Gateway that has been granted access. For more information about creating a private connection with Refactor Spaces and interface endpoint ( AWS PrivateLink ) availability, see [Access Refactor Spaces using an interface endpoint ( AWS PrivateLink )](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/vpc-interface-endpoints.html) ." + }, + "stageName": { + "type": "string", + "description": "The name of the API Gateway stage. The name defaults to `prod` ." + } + } + }, + "aws-native:refactorspaces:ApplicationProxyType": { + "type": "string" + }, + "aws-native:refactorspaces:ApplicationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag" + }, + "value": { + "type": "string", + "description": "A string containing the value for the tag" + } + } + }, + "aws-native:refactorspaces:EnvironmentNetworkFabricType": { + "type": "string" + }, + "aws-native:refactorspaces:EnvironmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag" + }, + "value": { + "type": "string", + "description": "A string containing the value for the tag" + } + } + }, + "aws-native:refactorspaces:RouteActivationState": { + "type": "string" + }, + "aws-native:refactorspaces:RouteDefaultRouteInput": { + "type": "object", + "properties": { + "activationState": { + "$ref": "#/types/aws-native:refactorspaces:RouteActivationState", + "description": "If set to `ACTIVE` , traffic is forwarded to this route’s service after the route is created." + } + } + }, + "aws-native:refactorspaces:RouteMethod": { + "type": "string" + }, + "aws-native:refactorspaces:RouteTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag" + }, + "value": { + "type": "string", + "description": "A string containing the value for the tag" + } + } + }, + "aws-native:refactorspaces:RouteType": { + "type": "string" + }, + "aws-native:refactorspaces:RouteUriPathRouteInput": { + "type": "object", + "properties": { + "activationState": { + "$ref": "#/types/aws-native:refactorspaces:RouteActivationState", + "description": "If set to `ACTIVE` , traffic is forwarded to this route’s service after the route is created." + }, + "appendSourcePath": { + "type": "boolean", + "description": "If set to `true` , this option appends the source path to the service URL endpoint.", + "replaceOnChanges": true + }, + "includeChildPaths": { + "type": "boolean", + "description": "Indicates whether to match all subpaths of the given source path. If this value is `false` , requests must match the source path exactly before they are forwarded to this route's service.", + "replaceOnChanges": true + }, + "methods": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:refactorspaces:RouteMethod" + }, + "description": "A list of HTTP methods to match. An empty list matches all values. If a method is present, only HTTP requests using that method are forwarded to this route’s service.", + "replaceOnChanges": true + }, + "sourcePath": { + "type": "string", + "description": "This is the path that Refactor Spaces uses to match traffic. Paths must start with `/` and are relative to the base of the application. To use path parameters in the source path, add a variable in curly braces. For example, the resource path {user} represents a path parameter called 'user'.", + "replaceOnChanges": true + } + } + }, + "aws-native:refactorspaces:ServiceEndpointType": { + "type": "string" + }, + "aws-native:refactorspaces:ServiceLambdaEndpointInput": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Lambda function or alias." + } + } + }, + "aws-native:refactorspaces:ServiceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string used to identify this tag" + }, + "value": { + "type": "string", + "description": "A string containing the value for the tag" + } + } + }, + "aws-native:refactorspaces:ServiceUrlEndpointInput": { + "type": "object", + "properties": { + "healthUrl": { + "type": "string", + "description": "The health check URL of the URL endpoint type. If the URL is a public endpoint, the `HealthUrl` must also be a public endpoint. If the URL is a private endpoint inside a virtual private cloud (VPC), the health URL must also be a private endpoint, and the host must be the same as the URL." + }, + "url": { + "type": "string", + "description": "The URL to route traffic to. The URL must be an [rfc3986-formatted URL](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc3986) . If the host is a domain name, the name must be resolvable over the public internet. If the scheme is `https` , the top level domain of the host must be listed in the [IANA root zone database](https://docs.aws.amazon.com/https://www.iana.org/domains/root/db) ." + } + } + }, + "aws-native:rekognition:CollectionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:rekognition:StreamProcessorBoundingBox": { + "type": "object", + "properties": { + "height": { + "type": "number", + "description": "Height of the bounding box as a ratio of the overall image height." + }, + "left": { + "type": "number", + "description": "Left coordinate of the bounding box as a ratio of overall image width." + }, + "top": { + "type": "number", + "description": "Top coordinate of the bounding box as a ratio of overall image height." + }, + "width": { + "type": "number", + "description": "Width of the bounding box as a ratio of the overall image width." + } + } + }, + "aws-native:rekognition:StreamProcessorConnectedHomeSettings": { + "type": "object", + "properties": { + "labels": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: \"PERSON\", \"PET\", \"PACKAGE\", and \"ALL\"." + }, + "minConfidence": { + "type": "number", + "description": "Minimum object class match confidence score that must be met to return a result for a recognized object." + } + } + }, + "aws-native:rekognition:StreamProcessorDataSharingPreference": { + "type": "object", + "properties": { + "optIn": { + "type": "boolean", + "description": "Flag to enable data-sharing" + } + } + }, + "aws-native:rekognition:StreamProcessorFaceSearchSettings": { + "type": "object", + "properties": { + "collectionId": { + "type": "string", + "description": "The ID of a collection that contains faces that you want to search for." + }, + "faceMatchThreshold": { + "type": "number", + "description": "Minimum face match confidence score percentage that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted." + } + } + }, + "aws-native:rekognition:StreamProcessorKinesisDataStream": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "ARN of the Kinesis Data Stream stream." + } + } + }, + "aws-native:rekognition:StreamProcessorKinesisVideoStream": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "ARN of the Kinesis Video Stream that streams the source video." + } + } + }, + "aws-native:rekognition:StreamProcessorNotificationChannel": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "ARN of the SNS topic." + } + } + }, + "aws-native:rekognition:StreamProcessorPoint": { + "type": "object", + "properties": { + "x": { + "type": "number", + "description": "The X coordinate of the point." + }, + "y": { + "type": "number", + "description": "The Y coordinate of the point." + } + } + }, + "aws-native:rekognition:StreamProcessorS3Destination": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "Name of the S3 bucket." + }, + "objectKeyPrefix": { + "type": "string", + "description": "The object key prefix path where the results will be stored. Default is no prefix path" + } + } + }, + "aws-native:rekognition:StreamProcessorTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:resiliencehub:AppAssessmentSchedule": { + "type": "string" + }, + "aws-native:resiliencehub:AppDriftStatus": { + "type": "string" + }, + "aws-native:resiliencehub:AppEventSubscription": { + "type": "object", + "properties": { + "eventType": { + "$ref": "#/types/aws-native:resiliencehub:AppEventSubscriptionEventType", + "description": "The type of event you would like to subscribe and get notification for." + }, + "name": { + "type": "string", + "description": "Unique name to identify an event subscription." + }, + "snsTopicArn": { + "type": "string", + "description": "Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic." + } + } + }, + "aws-native:resiliencehub:AppEventSubscriptionEventType": { + "type": "string" + }, + "aws-native:resiliencehub:AppPermissionModel": { + "type": "object", + "properties": { + "crossAccountRoleArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application." + }, + "invokerRoleName": { + "type": "string", + "description": "Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment." + }, + "type": { + "$ref": "#/types/aws-native:resiliencehub:AppPermissionModelType", + "description": "Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user." + } + } + }, + "aws-native:resiliencehub:AppPermissionModelType": { + "type": "string" + }, + "aws-native:resiliencehub:AppPhysicalResourceId": { + "type": "object", + "properties": { + "awsAccountId": { + "type": "string", + "description": "The AWS account that owns the physical resource." + }, + "awsRegion": { + "type": "string", + "description": "The AWS Region that the physical resource is located in." + }, + "identifier": { + "type": "string", + "description": "Identifier of the physical resource." + }, + "type": { + "type": "string", + "description": "Specifies the type of physical resource identifier.\n\n- **Arn** - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources:\n\n- `AWS::ECS::Service`\n- `AWS::EFS::FileSystem`\n- `AWS::ElasticLoadBalancingV2::LoadBalancer`\n- `AWS::Lambda::Function`\n- `AWS::SNS::Topic`\n- **Native** - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources:\n\n- `AWS::ApiGateway::RestApi`\n- `AWS::ApiGatewayV2::Api`\n- `AWS::AutoScaling::AutoScalingGroup`\n- `AWS::DocDB::DBCluster`\n- `AWS::DocDB::DBGlobalCluster`\n- `AWS::DocDB::DBInstance`\n- `AWS::DynamoDB::GlobalTable`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::EC2Fleet`\n- `AWS::EC2::Instance`\n- `AWS::EC2::NatGateway`\n- `AWS::EC2::Volume`\n- `AWS::ElasticLoadBalancing::LoadBalancer`\n- `AWS::RDS::DBCluster`\n- `AWS::RDS::DBInstance`\n- `AWS::RDS::GlobalCluster`\n- `AWS::Route53::RecordSet`\n- `AWS::S3::Bucket`\n- `AWS::SQS::Queue`" + } + } + }, + "aws-native:resiliencehub:AppResourceMapping": { + "type": "object", + "properties": { + "eksSourceName": { + "type": "string", + "description": "Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the `mappingType` is `EKS` .\n\n\u003e This parameter accepts values in \"eks-cluster/namespace\" format." + }, + "logicalStackName": { + "type": "string", + "description": "Name of the AWS CloudFormation stack this resource is mapped to when the `mappingType` is `CfnStack` ." + }, + "mappingType": { + "type": "string", + "description": "Specifies the type of resource mapping." + }, + "physicalResourceId": { + "$ref": "#/types/aws-native:resiliencehub:AppPhysicalResourceId", + "description": "Identifier of the physical resource." + }, + "resourceName": { + "type": "string", + "description": "Name of the resource that this resource is mapped to when the `mappingType` is `Resource` ." + }, + "terraformSourceName": { + "type": "string", + "description": "Name of the Terraform source that this resource is mapped to when the `mappingType` is `Terraform` ." + } + } + }, + "aws-native:resiliencehub:ResiliencyPolicyDataLocationConstraint": { + "type": "string" + }, + "aws-native:resiliencehub:ResiliencyPolicyFailurePolicy": { + "type": "object", + "properties": { + "rpoInSecs": { + "type": "integer", + "description": "RPO in seconds." + }, + "rtoInSecs": { + "type": "integer", + "description": "RTO in seconds." + } + } + }, + "aws-native:resiliencehub:ResiliencyPolicyPolicyMap": { + "type": "object", + "properties": { + "az": { + "$ref": "#/types/aws-native:resiliencehub:ResiliencyPolicyFailurePolicy", + "description": "Defines the RTO and RPO targets for Availability Zone disruption." + }, + "hardware": { + "$ref": "#/types/aws-native:resiliencehub:ResiliencyPolicyFailurePolicy", + "description": "Defines the RTO and RPO targets for hardware disruption." + }, + "region": { + "$ref": "#/types/aws-native:resiliencehub:ResiliencyPolicyFailurePolicy", + "description": "Defines the RTO and RPO targets for Regional disruption." + }, + "software": { + "$ref": "#/types/aws-native:resiliencehub:ResiliencyPolicyFailurePolicy", + "description": "Defines the RTO and RPO targets for software disruption." + } + }, + "irreversibleNames": { + "az": "AZ" + } + }, + "aws-native:resiliencehub:ResiliencyPolicyTier": { + "type": "string" + }, + "aws-native:resourceexplorer2:IndexState": { + "type": "string" + }, + "aws-native:resourceexplorer2:IndexType": { + "type": "string" + }, + "aws-native:resourceexplorer2:ViewIncludedProperty": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the property that is included in this view." + } + } + }, + "aws-native:resourceexplorer2:ViewSearchFilter": { + "type": "object", + "properties": { + "filterString": { + "type": "string", + "description": "The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a Search operation.\n\nFor information about the supported syntax, see [Search query reference](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n\u003e This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` ." + } + } + }, + "aws-native:resourcegroups:GroupConfigurationItem": { + "type": "object", + "properties": { + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:resourcegroups:GroupConfigurationParameter" + } + }, + "type": { + "type": "string" + } + } + }, + "aws-native:resourcegroups:GroupConfigurationParameter": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "values": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:resourcegroups:GroupQuery": { + "type": "object", + "properties": { + "resourceTypeFilters": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies limits to the types of resources that can be included in the resource group. For example, if `ResourceTypeFilters` is `[\"AWS::EC2::Instance\", \"AWS::DynamoDB::Table\"]` , only EC2 instances or DynamoDB tables can be members of this resource group. The default value is `[\"AWS::AllSupported\"]` ." + }, + "stackIdentifier": { + "type": "string", + "description": "Specifies the ARN of a CloudFormation stack. All supported resources of the CloudFormation stack are members of the resource group. If you don't specify an ARN, this parameter defaults to the current stack that you are defining, which means that all the resources of the current stack are grouped.\n\nYou can specify a value for `StackIdentifier` only when the `ResourceQuery.Type` property is `CLOUDFORMATION_STACK_1_0.`" + }, + "tagFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:resourcegroups:GroupTagFilter" + }, + "description": "A list of key-value pair objects that limit which resources can be members of the resource group. This property is required when the `ResourceQuery.Type` property is `TAG_FILTERS_1_0` .\n\nA resource must have a tag that matches every filter that is provided in the `TagFilters` list." + } + } + }, + "aws-native:resourcegroups:GroupResourceQuery": { + "type": "object", + "properties": { + "query": { + "$ref": "#/types/aws-native:resourcegroups:GroupQuery", + "description": "The query that defines the membership of the group. This is a structure with properties that depend on the `Type` .\n\nThe `Query` structure must be included in the following scenarios:\n\n- When the `Type` is `TAG_FILTERS_1_0` , you must specify a `Query` structure that contains a `TagFilters` list of tags. Resources with tags that match those in the `TagFilter` list become members of the resource group.\n- When the `Type` is `CLOUDFORMATION_STACK_1_0` then this field is required only when you must specify a CloudFormation stack other than the one you are defining. To do this, the `Query` structure must contain the `StackIdentifier` property. If you don't specify either a `Query` structure or a `StackIdentifier` within that `Query` , then it defaults to the CloudFormation stack that you're currently constructing." + }, + "type": { + "$ref": "#/types/aws-native:resourcegroups:GroupResourceQueryType", + "description": "Specifies the type of resource query that determines this group's membership. There are two valid query types:\n\n- `TAG_FILTERS_1_0` indicates that the group is a tag-based group. To complete the group membership, you must include the `TagFilters` property to specify the tag filters to use in the query.\n- `CLOUDFORMATION_STACK_1_0` , the default, indicates that the group is a CloudFormation stack-based group. Group membership is based on the CloudFormation stack. You must specify the `StackIdentifier` property in the query to define which stack to associate the group with, or leave it empty to default to the stack where the group is defined." + } + } + }, + "aws-native:resourcegroups:GroupResourceQueryType": { + "type": "string" + }, + "aws-native:resourcegroups:GroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:resourcegroups:GroupTagFilter": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "A string that defines a tag key. Only resources in the account that are tagged with a specified tag key are members of the tag-based resource group.\n\nThis field is required when the `ResourceQuery` structure's `Type` property is `TAG_FILTERS_1_0` . You must specify at least one tag key." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of tag values that can be included in the tag-based resource group. This is optional. If you don't specify a value or values for a key, then an AWS resource with any value for that key is a member." + } + } + }, + "aws-native:robomaker:RobotApplicationRobotSoftwareSuite": { + "type": "object", + "properties": { + "name": { + "$ref": "#/types/aws-native:robomaker:RobotApplicationRobotSoftwareSuiteName", + "description": "The name of robot software suite." + }, + "version": { + "$ref": "#/types/aws-native:robomaker:RobotApplicationRobotSoftwareSuiteVersion", + "description": "The version of robot software suite." + } + } + }, + "aws-native:robomaker:RobotApplicationRobotSoftwareSuiteName": { + "type": "string" + }, + "aws-native:robomaker:RobotApplicationRobotSoftwareSuiteVersion": { + "type": "string" + }, + "aws-native:robomaker:RobotApplicationSourceConfig": { + "type": "object", + "properties": { + "architecture": { + "$ref": "#/types/aws-native:robomaker:RobotApplicationSourceConfigArchitecture", + "description": "The architecture of robot application." + }, + "s3Bucket": { + "type": "string", + "description": "The Arn of the S3Bucket that stores the robot application source." + }, + "s3Key": { + "type": "string", + "description": "The s3 key of robot application source." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3Key": "S3Key" + } + }, + "aws-native:robomaker:RobotApplicationSourceConfigArchitecture": { + "type": "string" + }, + "aws-native:robomaker:RobotArchitecture": { + "type": "string" + }, + "aws-native:robomaker:SimulationApplicationRenderingEngine": { + "type": "object", + "properties": { + "name": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationRenderingEngineName", + "description": "The name of the rendering engine." + }, + "version": { + "type": "string", + "description": "The version of the rendering engine." + } + } + }, + "aws-native:robomaker:SimulationApplicationRenderingEngineName": { + "type": "string" + }, + "aws-native:robomaker:SimulationApplicationRobotSoftwareSuite": { + "type": "object", + "properties": { + "name": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationRobotSoftwareSuiteName", + "description": "The name of the robot software suite." + }, + "version": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationRobotSoftwareSuiteVersion", + "description": "The version of the robot software suite." + } + } + }, + "aws-native:robomaker:SimulationApplicationRobotSoftwareSuiteName": { + "type": "string" + }, + "aws-native:robomaker:SimulationApplicationRobotSoftwareSuiteVersion": { + "type": "string" + }, + "aws-native:robomaker:SimulationApplicationSimulationSoftwareSuite": { + "type": "object", + "properties": { + "name": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationSimulationSoftwareSuiteName", + "description": "The name of the simulation software suite." + }, + "version": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationSimulationSoftwareSuiteVersion", + "description": "The version of the simulation software suite." + } + } + }, + "aws-native:robomaker:SimulationApplicationSimulationSoftwareSuiteName": { + "type": "string" + }, + "aws-native:robomaker:SimulationApplicationSimulationSoftwareSuiteVersion": { + "type": "string" + }, + "aws-native:robomaker:SimulationApplicationSourceConfig": { + "type": "object", + "properties": { + "architecture": { + "$ref": "#/types/aws-native:robomaker:SimulationApplicationSourceConfigArchitecture", + "description": "The target processor architecture for the application." + }, + "s3Bucket": { + "type": "string", + "description": "The Amazon S3 bucket name." + }, + "s3Key": { + "type": "string", + "description": "The s3 object key." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3Key": "S3Key" + } + }, + "aws-native:robomaker:SimulationApplicationSourceConfigArchitecture": { + "type": "string" + }, + "aws-native:rolesanywhere:CrlTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:rolesanywhere:ProfileAttributeMapping": { + "type": "object", + "properties": { + "certificateField": { + "$ref": "#/types/aws-native:rolesanywhere:ProfileCertificateField", + "description": "Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates." + }, + "mappingRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rolesanywhere:ProfileMappingRule" + }, + "description": "A list of mapping entries for every supported specifier or sub-field." + } + } + }, + "aws-native:rolesanywhere:ProfileCertificateField": { + "type": "string" + }, + "aws-native:rolesanywhere:ProfileMappingRule": { + "type": "object", + "properties": { + "specifier": { + "type": "string", + "description": "Specifier within a certificate field, such as CN, OU, or UID from the Subject field." + } + } + }, + "aws-native:rolesanywhere:ProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:rolesanywhere:TrustAnchorNotificationChannel": { + "type": "string" + }, + "aws-native:rolesanywhere:TrustAnchorNotificationEvent": { + "type": "string" + }, + "aws-native:rolesanywhere:TrustAnchorNotificationSetting": { + "type": "object", + "properties": { + "channel": { + "$ref": "#/types/aws-native:rolesanywhere:TrustAnchorNotificationChannel", + "description": "The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge, and AWS Health Dashboard to notify for an event.\n\n\u003e In the absence of a specific channel, IAM Roles Anywhere applies this setting to 'ALL' channels." + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the notification setting is enabled." + }, + "event": { + "$ref": "#/types/aws-native:rolesanywhere:TrustAnchorNotificationEvent", + "description": "The event to which this notification setting is applied." + }, + "threshold": { + "type": "number", + "description": "The number of days before a notification event. This value is required for a notification setting that is enabled." + } + } + }, + "aws-native:rolesanywhere:TrustAnchorSource": { + "type": "object", + "properties": { + "sourceData": { + "oneOf": [ + { + "$ref": "#/types/aws-native:rolesanywhere:TrustAnchorSourceData0Properties" + }, + { + "$ref": "#/types/aws-native:rolesanywhere:TrustAnchorSourceData1Properties" + } + ], + "description": "A union object representing the data field of the TrustAnchor depending on its type" + }, + "sourceType": { + "$ref": "#/types/aws-native:rolesanywhere:TrustAnchorType", + "description": "The type of the TrustAnchor." + } + } + }, + "aws-native:rolesanywhere:TrustAnchorSourceData0Properties": { + "type": "object", + "properties": { + "x509CertificateData": { + "type": "string" + } + }, + "irreversibleNames": { + "x509CertificateData": "X509CertificateData" + } + }, + "aws-native:rolesanywhere:TrustAnchorSourceData1Properties": { + "type": "object", + "properties": { + "acmPcaArn": { + "type": "string" + } + } + }, + "aws-native:rolesanywhere:TrustAnchorTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:rolesanywhere:TrustAnchorType": { + "type": "string" + }, + "aws-native:route53:CidrCollectionLocation": { + "type": "object", + "properties": { + "cidrList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of CIDR blocks." + }, + "locationName": { + "type": "string", + "description": "The name of the location that is associated with the CIDR collection." + } + } + }, + "aws-native:route53:HealthCheckAlarmIdentifier": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy." + }, + "region": { + "type": "string", + "description": "For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in." + } + } + }, + "aws-native:route53:HealthCheckConfigProperties": { + "type": "object", + "properties": { + "alarmIdentifier": { + "$ref": "#/types/aws-native:route53:HealthCheckAlarmIdentifier", + "description": "A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy." + }, + "childHealthChecks": { + "type": "array", + "items": { + "type": "string" + }, + "description": "(CALCULATED Health Checks Only) A complex type that contains one `ChildHealthCheck` element for each health check that you want to associate with a `CALCULATED` health check." + }, + "enableSni": { + "type": "boolean", + "description": "Specify whether you want Amazon Route 53 to send the value of `FullyQualifiedDomainName` to the endpoint in the `client_hello` message during TLS negotiation. This allows the endpoint to respond to `HTTPS` health check requests with the applicable SSL/TLS certificate.\n\nSome endpoints require that `HTTPS` requests include the host name in the `client_hello` message. If you don't enable SNI, the status of the health check will be `SSL alert handshake_failure` . A health check can also have that status for other reasons. If SNI is enabled and you're still getting the error, check the SSL/TLS configuration on your endpoint and confirm that your certificate is valid.\n\nThe SSL/TLS certificate on your endpoint includes a domain name in the `Common Name` field and possibly several more in the `Subject Alternative Names` field. One of the domain names in the certificate should match the value that you specify for `FullyQualifiedDomainName` . If the endpoint responds to the `client_hello` message with a certificate that does not include the domain name that you specified in `FullyQualifiedDomainName` , a health checker will retry the handshake. In the second attempt, the health checker will omit `FullyQualifiedDomainName` from the `client_hello` message." + }, + "failureThreshold": { + "type": "integer", + "description": "The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .\n\nIf you don't specify a value for `FailureThreshold` , the default value is three health checks." + }, + "fullyQualifiedDomainName": { + "type": "string", + "description": "Amazon Route 53 behavior depends on whether you specify a value for `IPAddress` .\n\n*If you specify a value for* `IPAddress` :\n\nAmazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of `FullyQualifiedDomainName` in the `Host` header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.\n\nWhen Route 53 checks the health of an endpoint, here is how it constructs the `Host` header:\n\n- If you specify a value of `80` for `Port` and `HTTP` or `HTTP_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the Host header.\n- If you specify a value of `443` for `Port` and `HTTPS` or `HTTPS_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the `Host` header.\n- If you specify another value for `Port` and any value except `TCP` for `Type` , Route 53 passes `FullyQualifiedDomainName:Port` to the endpoint in the `Host` header.\n\nIf you don't specify a value for `FullyQualifiedDomainName` , Route 53 substitutes the value of `IPAddress` in the `Host` header in each of the preceding cases.\n\n*If you don't specify a value for `IPAddress`* :\n\nRoute 53 sends a DNS request to the domain that you specify for `FullyQualifiedDomainName` at the interval that you specify for `RequestInterval` . Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint.\n\n\u003e If you don't specify a value for `IPAddress` , Route 53 uses only IPv4 to send health checks to the endpoint. If there's no record with a type of A for the name that you specify for `FullyQualifiedDomainName` , the health check fails with a \"DNS resolution failed\" error. \n\nIf you want to check the health of multiple records that have the same name and type, such as multiple weighted records, and if you choose to specify the endpoint only by `FullyQualifiedDomainName` , we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as us-east-2-www.example.com), not the name of the records (www.example.com).\n\n\u003e In this configuration, if you create a health check for which the value of `FullyQualifiedDomainName` matches the name of the records and you then associate the health check with those records, health check results will be unpredictable. \n\nIn addition, if the value that you specify for `Type` is `HTTP` , `HTTPS` , `HTTP_STR_MATCH` , or `HTTPS_STR_MATCH` , Route 53 passes the value of `FullyQualifiedDomainName` in the `Host` header, as it does when you specify a value for `IPAddress` . If the value of `Type` is `TCP` , Route 53 doesn't pass a `Host` header." + }, + "healthThreshold": { + "type": "integer", + "description": "The number of child health checks that are associated with a `CALCULATED` health check that Amazon Route 53 must consider healthy for the `CALCULATED` health check to be considered healthy. To specify the child health checks that you want to associate with a `CALCULATED` health check, use the [ChildHealthChecks](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) element.\n\nNote the following:\n\n- If you specify a number greater than the number of child health checks, Route 53 always considers this health check to be unhealthy.\n- If you specify `0` , Route 53 always considers this health check to be healthy." + }, + "insufficientDataHealthStatus": { + "$ref": "#/types/aws-native:route53:HealthCheckConfigPropertiesInsufficientDataHealthStatus", + "description": "When CloudWatch has insufficient data about the metric to determine the alarm state, the status that you want Amazon Route 53 to assign to the health check:\n\n- `Healthy` : Route 53 considers the health check to be healthy.\n- `Unhealthy` : Route 53 considers the health check to be unhealthy.\n- `LastKnownStatus` : Route 53 uses the status of the health check from the last time that CloudWatch had sufficient data to determine the alarm state. For new health checks that have no last known status, the default status for the health check is healthy." + }, + "inverted": { + "type": "boolean", + "description": "Specify whether you want Amazon Route 53 to invert the status of a health check, for example, to consider a health check unhealthy when it otherwise would be considered healthy." + }, + "ipAddress": { + "type": "string", + "description": "The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 to perform health checks on. If you don't specify a value for `IPAddress` , Route 53 sends a DNS request to resolve the domain name that you specify in `FullyQualifiedDomainName` at the interval that you specify in `RequestInterval` . Using an IP address returned by DNS, Route 53 then checks the health of the endpoint.\n\nUse one of the following formats for the value of `IPAddress` :\n\n- *IPv4 address* : four values between 0 and 255, separated by periods (.), for example, `192.0.2.44` .\n- *IPv6 address* : eight groups of four hexadecimal values, separated by colons (:), for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` . You can also shorten IPv6 addresses as described in RFC 5952, for example, `2001:db8:85a3::abcd:1:2345` .\n\nIf the endpoint is an EC2 instance, we recommend that you create an Elastic IP address, associate it with your EC2 instance, and specify the Elastic IP address for `IPAddress` . This ensures that the IP address of your instance will never change.\n\nFor more information, see [FullyQualifiedDomainName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName) .\n\nConstraints: Route 53 can't check the health of endpoints for which the IP address is in local, private, non-routable, or multicast ranges. For more information about IP addresses for which you can't create health checks, see the following documents:\n\n- [RFC 5735, Special Use IPv4 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5735)\n- [RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6598)\n- [RFC 5156, Special-Use IPv6 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5156)\n\nWhen the value of `Type` is `CALCULATED` or `CLOUDWATCH_METRIC` , omit `IPAddress` ." + }, + "measureLatency": { + "type": "boolean", + "description": "Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console.\n\n\u003e You can't change the value of `MeasureLatency` after you create a health check." + }, + "port": { + "type": "integer", + "description": "The port on the endpoint that you want Amazon Route 53 to perform health checks on.\n\n\u003e Don't specify a value for `Port` when you specify a value for [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-healthcheck-healthcheckconfig.html#cfn-route53-healthcheck-healthcheckconfig-type) of `CLOUDWATCH_METRIC` or `CALCULATED` ." + }, + "regions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A complex type that contains one `Region` element for each region from which you want Amazon Route 53 health checkers to check the specified endpoint.\n\nIf you don't specify any regions, Route 53 health checkers automatically performs checks from all of the regions that are listed under *Valid Values* .\n\nIf you update a health check to remove a region that has been performing health checks, Route 53 will briefly continue to perform checks from that region to ensure that some health checkers are always checking the endpoint (for example, if you replace three regions with four different regions)." + }, + "requestInterval": { + "type": "integer", + "description": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval.\n\n\u003e You can't change the value of `RequestInterval` after you create a health check. \n\nIf you don't specify a value for `RequestInterval` , the default value is `30` seconds." + }, + "resourcePath": { + "type": "string", + "description": "The path, if any, that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, the file /docs/route53-health-check.html. You can also include query string parameters, for example, `/welcome.html?language=jp\u0026login=y` ." + }, + "routingControlArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control.\n\nFor more information about Route 53 Application Recovery Controller, see [Route 53 Application Recovery Controller Developer Guide.](https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html) ." + }, + "searchString": { + "type": "string", + "description": "If the value of Type is `HTTP_STR_MATCH` or `HTTPS_STR_MATCH` , the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the response body, Route 53 considers the resource healthy.\n\nRoute 53 considers case when searching for `SearchString` in the response body." + }, + "type": { + "$ref": "#/types/aws-native:route53:HealthCheckConfigPropertiesType", + "description": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.\n\n\u003e You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n\u003e If you specify `HTTPS` for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *HTTP_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *HTTPS_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an `HTTPS` request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *TCP* : Route 53 tries to establish a TCP connection.\n- *CLOUDWATCH_METRIC* : The health check is associated with a CloudWatch alarm. If the state of the alarm is `OK` , the health check is considered healthy. If the state is `ALARM` , the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is `OK` or `ALARM` , the health check status depends on the setting for `InsufficientDataHealthStatus` : `Healthy` , `Unhealthy` , or `LastKnownStatus` .\n\n\u003e Route 53 supports CloudWatch alarms with the following features:\n\u003e \n\u003e - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n\u003e - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.\n- *CALCULATED* : For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of `HealthThreshold` .\n- *RECOVERY_CONTROL* : The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is `ON` , the health check is considered healthy. If the state is `OFF` , the health check is considered unhealthy.\n\nFor more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* ." + } + }, + "irreversibleNames": { + "enableSni": "EnableSNI", + "ipAddress": "IPAddress" + } + }, + "aws-native:route53:HealthCheckConfigPropertiesInsufficientDataHealthStatus": { + "type": "string" + }, + "aws-native:route53:HealthCheckConfigPropertiesType": { + "type": "string" + }, + "aws-native:route53:HealthCheckTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag." + }, + "value": { + "type": "string", + "description": "The value for the tag." + } + } + }, + "aws-native:route53:HostedZoneConfig": { + "type": "object", + "properties": { + "comment": { + "type": "string", + "description": "Any comments that you want to include about the hosted zone." + } + } + }, + "aws-native:route53:HostedZoneQueryLoggingConfig": { + "type": "object", + "properties": { + "cloudWatchLogsLogGroupArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to." + } + } + }, + "aws-native:route53:HostedZoneTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The value of ``Key`` depends on the operation that you want to perform:\n + *Add a tag to a health check or hosted zone*: ``Key`` is the name that you want to give the new tag.\n + *Edit a tag*: ``Key`` is the name of the tag that you want to change the ``Value`` for.\n + *Delete a key*: ``Key`` is the name of the tag you want to remove.\n + *Give a name to a health check*: Edit the default ``Name`` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check." + }, + "value": { + "type": "string", + "description": "The value of ``Value`` depends on the operation that you want to perform:\n + *Add a tag to a health check or hosted zone*: ``Value`` is the value that you want to give the new tag.\n + *Edit a tag*: ``Value`` is the new value that you want to assign the tag." + } + } + }, + "aws-native:route53:HostedZoneVpc": { + "type": "object", + "properties": { + "vpcId": { + "type": "string", + "description": "*Private hosted zones only:* The ID of an Amazon VPC.\n For public hosted zones, omit ``VPCs``, ``VPCId``, and ``VPCRegion``." + }, + "vpcRegion": { + "type": "string", + "description": "*Private hosted zones only:* The region that an Amazon VPC was created in.\n For public hosted zones, omit ``VPCs``, ``VPCId``, and ``VPCRegion``." + } + }, + "irreversibleNames": { + "vpcId": "VPCId", + "vpcRegion": "VPCRegion" + } + }, + "aws-native:route53:KeySigningKeyStatus": { + "type": "string" + }, + "aws-native:route53profiles:ProfileAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:route53profiles:ProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:route53recoverycontrol:ClusterEndpoint": { + "type": "object", + "properties": { + "endpoint": { + "type": "string", + "description": "A cluster endpoint URL for one of the five redundant clusters that you specify to set or retrieve a routing control state." + }, + "region": { + "type": "string", + "description": "The AWS Region for a cluster endpoint." + } + } + }, + "aws-native:route53recoverycontrol:ClusterStatus": { + "type": "string" + }, + "aws-native:route53recoverycontrol:ClusterTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for a tag." + }, + "value": { + "type": "string", + "description": "The value for a tag." + } + } + }, + "aws-native:route53recoverycontrol:ControlPanelStatus": { + "type": "string" + }, + "aws-native:route53recoverycontrol:ControlPanelTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for a tag." + }, + "value": { + "type": "string", + "description": "The value for a tag." + } + } + }, + "aws-native:route53recoverycontrol:RoutingControlStatus": { + "type": "string" + }, + "aws-native:route53recoverycontrol:SafetyRuleAssertionRule": { + "type": "object", + "properties": { + "assertedControls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions." + }, + "waitPeriodMs": { + "type": "integer", + "description": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent \"flapping\" of state. The wait period is 5000 ms by default, but you can choose a custom value." + } + } + }, + "aws-native:route53recoverycontrol:SafetyRuleGatingRule": { + "type": "object", + "properties": { + "gatingControls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The gating controls for the gating rule. That is, routing controls that are evaluated by the rule configuration that you specify." + }, + "targetControls": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Routing controls that can only be set or unset if the specified RuleConfig evaluates to true for the specified GatingControls. For example, say you have three gating controls, one for each of three AWS Regions. Now you specify AtLeast 2 as your RuleConfig. With these settings, you can only change (set or unset) the routing controls that you have specified as TargetControls if that rule evaluates to true. \nIn other words, your ability to change the routing controls that you have specified as TargetControls is gated by the rule that you set for the routing controls in GatingControls." + }, + "waitPeriodMs": { + "type": "integer", + "description": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent \"flapping\" of state. The wait period is 5000 ms by default, but you can choose a custom value." + } + } + }, + "aws-native:route53recoverycontrol:SafetyRuleRuleConfig": { + "type": "object", + "properties": { + "inverted": { + "type": "boolean", + "description": "Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa." + }, + "threshold": { + "type": "integer", + "description": "The value of N, when you specify an ATLEAST rule type. That is, Threshold is the number of controls that must be set when you specify an ATLEAST type." + }, + "type": { + "$ref": "#/types/aws-native:route53recoverycontrol:SafetyRuleRuleType", + "description": "A rule can be one of the following: `ATLEAST` , `AND` , or `OR` ." + } + } + }, + "aws-native:route53recoverycontrol:SafetyRuleRuleType": { + "type": "string" + }, + "aws-native:route53recoverycontrol:SafetyRuleStatus": { + "type": "string" + }, + "aws-native:route53recoverycontrol:SafetyRuleTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for a tag." + }, + "value": { + "type": "string", + "description": "The value for a tag." + } + } + }, + "aws-native:route53recoveryreadiness:CellTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:route53recoveryreadiness:ReadinessCheckTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:route53recoveryreadiness:RecoveryGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:route53recoveryreadiness:ResourceSetDnsTargetResource": { + "type": "object", + "properties": { + "domainName": { + "type": "string", + "description": "The domain name that acts as an ingress point to a portion of the customer application." + }, + "hostedZoneArn": { + "type": "string", + "description": "The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource." + }, + "recordSetId": { + "type": "string", + "description": "The Route 53 record set ID that will uniquely identify a DNS record, given a name and a type." + }, + "recordType": { + "type": "string", + "description": "The type of DNS record of the target resource." + }, + "targetResource": { + "$ref": "#/types/aws-native:route53recoveryreadiness:ResourceSetTargetResource", + "description": "The target resource that the Route 53 record points to." + } + } + }, + "aws-native:route53recoveryreadiness:ResourceSetNlbResource": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "A Network Load Balancer resource Amazon Resource Name (ARN)." + } + } + }, + "aws-native:route53recoveryreadiness:ResourceSetR53ResourceRecord": { + "type": "object", + "properties": { + "domainName": { + "type": "string", + "description": "The DNS target domain name." + }, + "recordSetId": { + "type": "string", + "description": "The Resource Record set id." + } + } + }, + "aws-native:route53recoveryreadiness:ResourceSetResource": { + "type": "object", + "properties": { + "componentId": { + "type": "string", + "description": "The component identifier of the resource, generated when DNS target resource is used." + }, + "dnsTargetResource": { + "$ref": "#/types/aws-native:route53recoveryreadiness:ResourceSetDnsTargetResource", + "description": "A component for DNS/routing control readiness checks. This is a required setting when `ResourceSet` `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set it for any other `ResourceSetType` setting." + }, + "readinessScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of recovery group Amazon Resource Names (ARNs) and cell ARNs that this resource is contained within." + }, + "resourceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AWS resource." + } + } + }, + "aws-native:route53recoveryreadiness:ResourceSetTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:route53recoveryreadiness:ResourceSetTargetResource": { + "type": "object", + "properties": { + "nlbResource": { + "$ref": "#/types/aws-native:route53recoveryreadiness:ResourceSetNlbResource", + "description": "The Network Load Balancer resource that a DNS target resource points to." + }, + "r53Resource": { + "$ref": "#/types/aws-native:route53recoveryreadiness:ResourceSetR53ResourceRecord", + "description": "The Route 53 resource that a DNS target resource record points to." + } + }, + "irreversibleNames": { + "nlbResource": "NLBResource", + "r53Resource": "R53Resource" + } + }, + "aws-native:route53resolver:FirewallDomainListStatus": { + "type": "string" + }, + "aws-native:route53resolver:FirewallDomainListTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:route53resolver:FirewallRuleGroupAssociationMutationProtection": { + "type": "string" + }, + "aws-native:route53resolver:FirewallRuleGroupAssociationStatus": { + "type": "string" + }, + "aws-native:route53resolver:FirewallRuleGroupAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:route53resolver:FirewallRuleGroupFirewallRule": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:route53resolver:FirewallRuleGroupFirewallRuleAction", + "description": "Rule Action" + }, + "blockOverrideDnsType": { + "$ref": "#/types/aws-native:route53resolver:FirewallRuleGroupFirewallRuleBlockOverrideDnsType", + "description": "BlockOverrideDnsType" + }, + "blockOverrideDomain": { + "type": "string", + "description": "BlockOverrideDomain" + }, + "blockOverrideTtl": { + "type": "integer", + "description": "BlockOverrideTtl" + }, + "blockResponse": { + "$ref": "#/types/aws-native:route53resolver:FirewallRuleGroupFirewallRuleBlockResponse", + "description": "BlockResponse" + }, + "firewallDomainListId": { + "type": "string", + "description": "ResourceId" + }, + "firewallDomainRedirectionAction": { + "$ref": "#/types/aws-native:route53resolver:FirewallRuleGroupFirewallRuleFirewallDomainRedirectionAction", + "description": "FirewallDomainRedirectionAction" + }, + "priority": { + "type": "integer", + "description": "Rule Priority" + }, + "qtype": { + "type": "string", + "description": "Qtype" + } + } + }, + "aws-native:route53resolver:FirewallRuleGroupFirewallRuleAction": { + "type": "string" + }, + "aws-native:route53resolver:FirewallRuleGroupFirewallRuleBlockOverrideDnsType": { + "type": "string" + }, + "aws-native:route53resolver:FirewallRuleGroupFirewallRuleBlockResponse": { + "type": "string" + }, + "aws-native:route53resolver:FirewallRuleGroupFirewallRuleFirewallDomainRedirectionAction": { + "type": "string" + }, + "aws-native:route53resolver:FirewallRuleGroupShareStatus": { + "type": "string" + }, + "aws-native:route53resolver:FirewallRuleGroupStatus": { + "type": "string" + }, + "aws-native:route53resolver:FirewallRuleGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:route53resolver:OutpostResolverStatus": { + "type": "string" + }, + "aws-native:route53resolver:OutpostResolverTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:route53resolver:ResolverConfigAutodefinedReverse": { + "type": "string" + }, + "aws-native:route53resolver:ResolverConfigAutodefinedReverseFlag": { + "type": "string" + }, + "aws-native:route53resolver:ResolverDnssecConfigValidationStatus": { + "type": "string" + }, + "aws-native:route53resolver:ResolverQueryLoggingConfigAssociationError": { + "type": "string" + }, + "aws-native:route53resolver:ResolverQueryLoggingConfigAssociationStatus": { + "type": "string" + }, + "aws-native:route53resolver:ResolverQueryLoggingConfigShareStatus": { + "type": "string" + }, + "aws-native:route53resolver:ResolverQueryLoggingConfigStatus": { + "type": "string" + }, + "aws-native:route53resolver:ResolverRuleRuleType": { + "type": "string" + }, + "aws-native:route53resolver:ResolverRuleTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:route53resolver:ResolverRuleTargetAddress": { + "type": "object", + "properties": { + "ip": { + "type": "string", + "description": "One IP address that you want to forward DNS queries to. You can specify only IPv4 addresses. " + }, + "ipv6": { + "type": "string", + "description": "One IPv6 address that you want to forward DNS queries to. You can specify only IPv6 addresses. " + }, + "port": { + "type": "string", + "description": "The port at Ip that you want to forward DNS queries to. " + }, + "protocol": { + "$ref": "#/types/aws-native:route53resolver:ResolverRuleTargetAddressProtocol", + "description": "The protocol that you want to use to forward DNS queries. " + } + } + }, + "aws-native:route53resolver:ResolverRuleTargetAddressProtocol": { + "type": "string" + }, + "aws-native:rum:AppMonitorConfiguration": { + "type": "object", + "properties": { + "allowCookies": { + "type": "boolean", + "description": "If you set this to true, the RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page." + }, + "enableXRay": { + "type": "boolean", + "description": "If you set this to true, RUM enables xray tracing for the user sessions that RUM samples. RUM adds an xray trace header to allowed HTTP requests. It also records an xray segment for allowed HTTP requests. You can see traces and segments from these user sessions in the xray console and the CW ServiceLens console." + }, + "excludedPages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of URLs in your website or application to exclude from RUM data collection. You can't include both ExcludedPages and IncludedPages in the same operation." + }, + "favoritePages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of pages in the RUM console that are to be displayed with a favorite icon." + }, + "guestRoleArn": { + "type": "string", + "description": "The ARN of the guest IAM role that is attached to the identity pool that is used to authorize the sending of data to RUM." + }, + "identityPoolId": { + "type": "string", + "description": "The ID of the identity pool that is used to authorize the sending of data to RUM." + }, + "includedPages": { + "type": "array", + "items": { + "type": "string" + }, + "description": "If this app monitor is to collect data from only certain pages in your application, this structure lists those pages. You can't include both ExcludedPages and IncludedPages in the same operation." + }, + "metricDestinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rum:AppMonitorMetricDestination" + }, + "description": "An array of structures which define the destinations and the metrics that you want to send." + }, + "sessionSampleRate": { + "type": "number", + "description": "Specifies the percentage of user sessions to use for RUM data collection. Choosing a higher percentage gives you more data but also incurs more costs. The number you specify is the percentage of user sessions that will be used. If you omit this parameter, the default of 10 is used." + }, + "telemetries": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rum:AppMonitorTelemetry" + }, + "description": "An array that lists the types of telemetry data that this app monitor is to collect." + } + } + }, + "aws-native:rum:AppMonitorCustomEvents": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:rum:AppMonitorCustomEventsStatus", + "description": "Indicates whether AppMonitor accepts custom events." + } + } + }, + "aws-native:rum:AppMonitorCustomEventsStatus": { + "type": "string" + }, + "aws-native:rum:AppMonitorMetricDefinition": { + "type": "object", + "properties": { + "dimensionKeys": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Use this field only if you are sending the metric to CloudWatch.\n\nThis field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch. For extended metrics, valid values for the entries in this field are the following:\n\n\"metadata.pageId\": \"PageId\"\n\n\"metadata.browserName\": \"BrowserName\"\n\n\"metadata.deviceType\": \"DeviceType\"\n\n\"metadata.osName\": \"OSName\"\n\n\"metadata.countryCode\": \"CountryCode\"\n\n\"event_details.fileType\": \"FileType\"\n\nAll dimensions listed in this field must also be included in EventPattern." + }, + "eventPattern": { + "type": "string", + "description": "The pattern that defines the metric, specified as a JSON object. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination.\n\nWhen you define extended metrics, the metric definition is not valid if EventPattern is omitted.\n\nExample event patterns:\n\n'{ \"event_type\": [\"com.amazon.rum.js_error_event\"], \"metadata\": { \"browserName\": [ \"Chrome\", \"Safari\" ], } }'\n\n'{ \"event_type\": [\"com.amazon.rum.performance_navigation_event\"], \"metadata\": { \"browserName\": [ \"Chrome\", \"Firefox\" ] }, \"event_details\": { \"duration\": [{ \"numeric\": [ \"\u003c\", 2000 ] }] } }'\n\n'{ \"event_type\": [\"com.amazon.rum.performance_navigation_event\"], \"metadata\": { \"browserName\": [ \"Chrome\", \"Safari\" ], \"countryCode\": [ \"US\" ] }, \"event_details\": { \"duration\": [{ \"numeric\": [ \"\u003e=\", 2000, \"\u003c\", 8000 ] }] } }'\n\nIf the metrics destination' is CloudWatch and the event also matches a value in DimensionKeys, then the metric is published with the specified dimensions." + }, + "name": { + "type": "string", + "description": "The name for the metric that is defined in this structure. For extended metrics, valid values are the following:\n\nPerformanceNavigationDuration\n\nPerformanceResourceDuration\n\nNavigationSatisfiedTransaction\n\nNavigationToleratedTransaction\n\nNavigationFrustratedTransaction\n\nWebVitalsCumulativeLayoutShift\n\nWebVitalsFirstInputDelay\n\nWebVitalsLargestContentfulPaint\n\nJsErrorCount\n\nHttpErrorCount\n\nSessionCount" + }, + "namespace": { + "type": "string", + "description": "The namespace used by CloudWatch Metrics for the metric that is defined in this structure" + }, + "unitLabel": { + "type": "string", + "description": "The CloudWatch metric unit to use for this metric. If you omit this field, the metric is recorded with no unit." + }, + "valueKey": { + "type": "string", + "description": "The field within the event object that the metric value is sourced from.\n\nIf you omit this field, a hardcoded value of 1 is pushed as the metric value. This is useful if you just want to count the number of events that the filter catches.\n\nIf this metric is sent to Evidently, this field will be passed to Evidently raw and Evidently will handle data extraction from the event." + } + } + }, + "aws-native:rum:AppMonitorMetricDestination": { + "type": "object", + "properties": { + "destination": { + "$ref": "#/types/aws-native:rum:AppMonitorMetricDestinationDestination", + "description": "Defines the destination to send the metrics to. Valid values are CloudWatch and Evidently. If you specify Evidently, you must also specify the ARN of the Evidently experiment that is to be the destination and an IAM role that has permission to write to the experiment." + }, + "destinationArn": { + "type": "string", + "description": "Use this parameter only if Destination is Evidently. This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics." + }, + "iamRoleArn": { + "type": "string", + "description": "This parameter is required if Destination is Evidently. If Destination is CloudWatch, do not use this parameter.\n\nThis parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment." + }, + "metricDefinitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:rum:AppMonitorMetricDefinition" + }, + "description": "An array of structures which define the metrics that you want to send." + } + } + }, + "aws-native:rum:AppMonitorMetricDestinationDestination": { + "type": "string" + }, + "aws-native:rum:AppMonitorTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:rum:AppMonitorTelemetry": { + "type": "string" + }, + "aws-native:s3:AccessGrantGrantee": { + "type": "object", + "properties": { + "granteeIdentifier": { + "type": "string", + "description": "The unique identifier of the Grantee" + }, + "granteeType": { + "$ref": "#/types/aws-native:s3:AccessGrantGranteeGranteeType", + "description": "Configures the transfer acceleration state for an Amazon S3 bucket." + } + } + }, + "aws-native:s3:AccessGrantGranteeGranteeType": { + "type": "string" + }, + "aws-native:s3:AccessGrantPermission": { + "type": "string" + }, + "aws-native:s3:AccessGrantS3PrefixType": { + "type": "string" + }, + "aws-native:s3:AccessGrantTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Name of the object key." + }, + "value": { + "type": "string", + "description": "Value of the tag." + } + } + }, + "aws-native:s3:AccessGrantsInstanceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Name of the object key." + }, + "value": { + "type": "string", + "description": "Value of the tag." + } + } + }, + "aws-native:s3:AccessGrantsLocationConfiguration": { + "type": "object", + "properties": { + "s3SubPrefix": { + "type": "string", + "description": "The S3 sub prefix of a registered location in your S3 Access Grants instance" + } + }, + "irreversibleNames": { + "s3SubPrefix": "S3SubPrefix" + } + }, + "aws-native:s3:AccessGrantsLocationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Name of the object key." + }, + "value": { + "type": "string", + "description": "Value of the tag." + } + } + }, + "aws-native:s3:AccessPointNetworkOrigin": { + "type": "string" + }, + "aws-native:s3:AccessPointPublicAccessBlockConfiguration": { + "type": "object", + "properties": { + "blockPublicAcls": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:\n- PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.\n - PUT Object calls fail if the request includes a public ACL.\n. - PUT Bucket calls fail if the request includes a public ACL.\nEnabling this setting doesn't affect existing policies or ACLs." + }, + "blockPublicPolicy": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies." + }, + "ignorePublicAcls": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set." + }, + "restrictPublicBuckets": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy.\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked." + } + } + }, + "aws-native:s3:AccessPointVpcConfiguration": { + "type": "object", + "properties": { + "vpcId": { + "type": "string", + "description": "If this field is specified, this access point will only allow connections from the specified VPC ID." + } + } + }, + "aws-native:s3:BucketAbortIncompleteMultipartUpload": { + "type": "object", + "properties": { + "daysAfterInitiation": { + "type": "integer", + "description": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload." + } + } + }, + "aws-native:s3:BucketAccelerateConfiguration": { + "type": "object", + "properties": { + "accelerationStatus": { + "$ref": "#/types/aws-native:s3:BucketAccelerateConfigurationAccelerationStatus", + "description": "Specifies the transfer acceleration status of the bucket." + } + } + }, + "aws-native:s3:BucketAccelerateConfigurationAccelerationStatus": { + "type": "string" + }, + "aws-native:s3:BucketAccessControl": { + "type": "string" + }, + "aws-native:s3:BucketAccessControlTranslation": { + "type": "object", + "properties": { + "owner": { + "type": "string", + "description": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference*." + } + } + }, + "aws-native:s3:BucketAnalyticsConfiguration": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID that identifies the analytics configuration." + }, + "prefix": { + "type": "string", + "description": "The prefix that an object must have to be included in the analytics results." + }, + "storageClassAnalysis": { + "$ref": "#/types/aws-native:s3:BucketStorageClassAnalysis", + "description": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes." + }, + "tagFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketTagFilter" + }, + "description": "The tags to use when evaluating an analytics filter.\n The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis." + } + } + }, + "aws-native:s3:BucketCorsConfiguration": { + "type": "object", + "properties": { + "corsRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketCorsRule" + }, + "description": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration." + } + } + }, + "aws-native:s3:BucketCorsRule": { + "type": "object", + "properties": { + "allowedHeaders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Headers that are specified in the ``Access-Control-Request-Headers`` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed." + }, + "allowedMethods": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketCorsRuleAllowedMethodsItem" + }, + "description": "An HTTP method that you allow the origin to run.\n *Allowed values*: ``GET`` | ``PUT`` | ``HEAD`` | ``POST`` | ``DELETE``" + }, + "allowedOrigins": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more origins you want customers to be able to access the bucket from." + }, + "exposedHeaders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript ``XMLHttpRequest`` object)." + }, + "id": { + "type": "string", + "description": "A unique identifier for this rule. The value must be no more than 255 characters." + }, + "maxAge": { + "type": "integer", + "description": "The time in seconds that your browser is to cache the preflight response for the specified resource." + } + } + }, + "aws-native:s3:BucketCorsRuleAllowedMethodsItem": { + "type": "string" + }, + "aws-native:s3:BucketDataExport": { + "type": "object", + "properties": { + "destination": { + "$ref": "#/types/aws-native:s3:BucketDestination", + "description": "The place to store the data for an analysis." + }, + "outputSchemaVersion": { + "type": "string", + "description": "The version of the output schema to use when exporting data. Must be ``V_1``." + } + } + }, + "aws-native:s3:BucketDefaultRetention": { + "type": "object", + "properties": { + "days": { + "type": "integer", + "description": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``." + }, + "mode": { + "$ref": "#/types/aws-native:s3:BucketDefaultRetentionMode", + "description": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``." + }, + "years": { + "type": "integer", + "description": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``." + } + } + }, + "aws-native:s3:BucketDefaultRetentionMode": { + "type": "string" + }, + "aws-native:s3:BucketDeleteMarkerReplication": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:s3:BucketDeleteMarkerReplicationStatus", + "description": "Indicates whether to replicate delete markers. Disabled by default." + } + } + }, + "aws-native:s3:BucketDeleteMarkerReplicationStatus": { + "type": "string" + }, + "aws-native:s3:BucketDestination": { + "type": "object", + "properties": { + "bucketAccountId": { + "type": "string", + "description": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes." + }, + "bucketArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the bucket to which data is exported." + }, + "format": { + "$ref": "#/types/aws-native:s3:BucketDestinationFormat", + "description": "Specifies the file format used when exporting data to Amazon S3.\n *Allowed values*: ``CSV`` | ``ORC`` | ``Parquet``" + }, + "prefix": { + "type": "string", + "description": "The prefix to use when exporting data. The prefix is prepended to all results." + } + } + }, + "aws-native:s3:BucketDestinationFormat": { + "type": "string" + }, + "aws-native:s3:BucketEncryption": { + "type": "object", + "properties": { + "serverSideEncryptionConfiguration": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketServerSideEncryptionRule" + }, + "description": "Specifies the default server-side-encryption configuration." + } + } + }, + "aws-native:s3:BucketEncryptionConfiguration": { + "type": "object", + "properties": { + "replicaKmsKeyId": { + "type": "string", + "description": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*." + } + }, + "irreversibleNames": { + "replicaKmsKeyId": "ReplicaKmsKeyID" + } + }, + "aws-native:s3:BucketEventBridgeConfiguration": { + "type": "object", + "properties": { + "eventBridgeEnabled": { + "type": "boolean", + "description": "Enables delivery of events to Amazon EventBridge." + } + } + }, + "aws-native:s3:BucketFilterRule": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*." + }, + "value": { + "type": "string", + "description": "The value that the filter searches for in object key names." + } + } + }, + "aws-native:s3:BucketIntelligentTieringConfiguration": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID used to identify the S3 Intelligent-Tiering configuration." + }, + "prefix": { + "type": "string", + "description": "An object key name prefix that identifies the subset of objects to which the rule applies." + }, + "status": { + "$ref": "#/types/aws-native:s3:BucketIntelligentTieringConfigurationStatus", + "description": "Specifies the status of the configuration." + }, + "tagFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketTagFilter" + }, + "description": "A container for a key-value pair." + }, + "tierings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketTiering" + }, + "description": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ``ARCHIVE_ACCESS`` and ``DEEP_ARCHIVE_ACCESS``.\n You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers." + } + } + }, + "aws-native:s3:BucketIntelligentTieringConfigurationStatus": { + "type": "string" + }, + "aws-native:s3:BucketInventoryConfiguration": { + "type": "object", + "properties": { + "destination": { + "$ref": "#/types/aws-native:s3:BucketDestination", + "description": "Contains information about where to publish the inventory results." + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether the inventory is enabled or disabled. If set to ``True``, an inventory list is generated. If set to ``False``, no inventory list is generated." + }, + "id": { + "type": "string", + "description": "The ID used to identify the inventory configuration." + }, + "includedObjectVersions": { + "$ref": "#/types/aws-native:s3:BucketInventoryConfigurationIncludedObjectVersions", + "description": "Object versions to include in the inventory list. If set to ``All``, the list includes all the object versions, which adds the version-related fields ``VersionId``, ``IsLatest``, and ``DeleteMarker`` to the list. If set to ``Current``, the list does not contain these version-related fields." + }, + "optionalFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketInventoryConfigurationOptionalFieldsItem" + }, + "description": "Contains the optional fields that are included in the inventory results." + }, + "prefix": { + "type": "string", + "description": "Specifies the inventory filter prefix." + }, + "scheduleFrequency": { + "$ref": "#/types/aws-native:s3:BucketInventoryConfigurationScheduleFrequency", + "description": "Specifies the schedule for generating inventory results." + } + } + }, + "aws-native:s3:BucketInventoryConfigurationIncludedObjectVersions": { + "type": "string" + }, + "aws-native:s3:BucketInventoryConfigurationOptionalFieldsItem": { + "type": "string" + }, + "aws-native:s3:BucketInventoryConfigurationScheduleFrequency": { + "type": "string" + }, + "aws-native:s3:BucketLambdaConfiguration": { + "type": "object", + "properties": { + "event": { + "type": "string", + "description": "The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*." + }, + "filter": { + "$ref": "#/types/aws-native:s3:BucketNotificationFilter", + "description": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a ``.jpg`` extension invoke the function when they are added to the Amazon S3 bucket." + }, + "function": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs." + } + } + }, + "aws-native:s3:BucketLifecycleConfiguration": { + "type": "object", + "properties": { + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketRule" + }, + "description": "A lifecycle rule for individual objects in an Amazon S3 bucket." + } + } + }, + "aws-native:s3:BucketLoggingConfiguration": { + "type": "object", + "properties": { + "destinationBucketName": { + "type": "string", + "description": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the ``LoggingConfiguration`` property is defined." + }, + "logFilePrefix": { + "type": "string", + "description": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket." + }, + "targetObjectKeyFormat": { + "$ref": "#/types/aws-native:s3:BucketTargetObjectKeyFormat", + "description": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed." + } + } + }, + "aws-native:s3:BucketMetrics": { + "type": "object", + "properties": { + "eventThreshold": { + "$ref": "#/types/aws-native:s3:BucketReplicationTimeValue", + "description": "A container specifying the time threshold for emitting the ``s3:Replication:OperationMissedThreshold`` event." + }, + "status": { + "$ref": "#/types/aws-native:s3:BucketMetricsStatus", + "description": "Specifies whether the replication metrics are enabled." + } + } + }, + "aws-native:s3:BucketMetricsConfiguration": { + "type": "object", + "properties": { + "accessPointArn": { + "type": "string", + "description": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria." + }, + "id": { + "type": "string", + "description": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration." + }, + "prefix": { + "type": "string", + "description": "The prefix that an object must have to be included in the metrics results." + }, + "tagFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketTagFilter" + }, + "description": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria." + } + } + }, + "aws-native:s3:BucketMetricsStatus": { + "type": "string" + }, + "aws-native:s3:BucketNoncurrentVersionExpiration": { + "type": "object", + "properties": { + "newerNoncurrentVersions": { + "type": "integer", + "description": "Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*." + }, + "noncurrentDays": { + "type": "integer", + "description": "Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*." + } + } + }, + "aws-native:s3:BucketNoncurrentVersionTransition": { + "type": "object", + "properties": { + "newerNoncurrentVersions": { + "type": "integer", + "description": "Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*." + }, + "storageClass": { + "$ref": "#/types/aws-native:s3:BucketNoncurrentVersionTransitionStorageClass", + "description": "The class of storage used to store the object." + }, + "transitionInDays": { + "type": "integer", + "description": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*." + } + } + }, + "aws-native:s3:BucketNoncurrentVersionTransitionStorageClass": { + "type": "string" + }, + "aws-native:s3:BucketNotificationConfiguration": { + "type": "object", + "properties": { + "eventBridgeConfiguration": { + "$ref": "#/types/aws-native:s3:BucketEventBridgeConfiguration", + "description": "Enables delivery of events to Amazon EventBridge." + }, + "lambdaConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketLambdaConfiguration" + }, + "description": "Describes the LAMlong functions to invoke and the events for which to invoke them." + }, + "queueConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketQueueConfiguration" + }, + "description": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages." + }, + "topicConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketTopicConfiguration" + }, + "description": "The topic to which notifications are sent and the events for which notifications are generated." + } + } + }, + "aws-native:s3:BucketNotificationFilter": { + "type": "object", + "properties": { + "s3Key": { + "$ref": "#/types/aws-native:s3:BucketS3KeyFilter", + "description": "A container for object key name prefix and suffix filtering rules." + } + }, + "irreversibleNames": { + "s3Key": "S3Key" + } + }, + "aws-native:s3:BucketObjectLockConfiguration": { + "type": "object", + "properties": { + "objectLockEnabled": { + "type": "string", + "description": "Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket." + }, + "rule": { + "$ref": "#/types/aws-native:s3:BucketObjectLockRule", + "description": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply ``ObjectLockConfiguration`` to a bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html)." + } + } + }, + "aws-native:s3:BucketObjectLockRule": { + "type": "object", + "properties": { + "defaultRetention": { + "$ref": "#/types/aws-native:s3:BucketDefaultRetention", + "description": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html)." + } + } + }, + "aws-native:s3:BucketOwnershipControls": { + "type": "object", + "properties": { + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketOwnershipControlsRule" + }, + "description": "Specifies the container element for Object Ownership rules." + } + } + }, + "aws-native:s3:BucketOwnershipControlsRule": { + "type": "object", + "properties": { + "objectOwnership": { + "$ref": "#/types/aws-native:s3:BucketOwnershipControlsRuleObjectOwnership", + "description": "Specifies an object ownership rule." + } + } + }, + "aws-native:s3:BucketOwnershipControlsRuleObjectOwnership": { + "type": "string" + }, + "aws-native:s3:BucketPublicAccessBlockConfiguration": { + "type": "object", + "properties": { + "blockPublicAcls": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes the following behavior:\n + PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n + PUT Object calls fail if the request includes a public ACL.\n + PUT Bucket calls fail if the request includes a public ACL.\n \n Enabling this setting doesn't affect existing policies or ACLs." + }, + "blockPublicPolicy": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to ``TRUE`` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. \n Enabling this setting doesn't affect existing bucket policies." + }, + "ignorePublicAcls": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set." + }, + "restrictPublicBuckets": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to ``TRUE`` restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy.\n Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked." + } + } + }, + "aws-native:s3:BucketQueueConfiguration": { + "type": "object", + "properties": { + "event": { + "type": "string", + "description": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*." + }, + "filter": { + "$ref": "#/types/aws-native:s3:BucketNotificationFilter", + "description": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*." + }, + "queue": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination." + } + } + }, + "aws-native:s3:BucketRedirectAllRequestsTo": { + "type": "object", + "properties": { + "hostName": { + "type": "string", + "description": "Name of the host where requests are redirected." + }, + "protocol": { + "$ref": "#/types/aws-native:s3:BucketRedirectAllRequestsToProtocol", + "description": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request." + } + } + }, + "aws-native:s3:BucketRedirectAllRequestsToProtocol": { + "type": "string" + }, + "aws-native:s3:BucketRedirectRule": { + "type": "object", + "properties": { + "hostName": { + "type": "string", + "description": "The host name to use in the redirect request." + }, + "httpRedirectCode": { + "type": "string", + "description": "The HTTP redirect code to use on the response. Not required if one of the siblings is present." + }, + "protocol": { + "$ref": "#/types/aws-native:s3:BucketRedirectRuleProtocol", + "description": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request." + }, + "replaceKeyPrefixWith": { + "type": "string", + "description": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix ``docs/`` (objects in the ``docs/`` folder) to ``documents/``, you can set a condition block with ``KeyPrefixEquals`` set to ``docs/`` and in the Redirect set ``ReplaceKeyPrefixWith`` to ``/documents``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyWith`` is not provided.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints)." + }, + "replaceKeyWith": { + "type": "string", + "description": "The specific object key to use in the redirect request. For example, redirect request to ``error.html``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyPrefixWith`` is not provided.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints)." + } + } + }, + "aws-native:s3:BucketRedirectRuleProtocol": { + "type": "string" + }, + "aws-native:s3:BucketReplicaModifications": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:s3:BucketReplicaModificationsStatus", + "description": "Specifies whether Amazon S3 replicates modifications on replicas.\n *Allowed values*: ``Enabled`` | ``Disabled``" + } + } + }, + "aws-native:s3:BucketReplicaModificationsStatus": { + "type": "string" + }, + "aws-native:s3:BucketReplicationConfiguration": { + "type": "object", + "properties": { + "role": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide*." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketReplicationRule" + }, + "description": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules." + } + } + }, + "aws-native:s3:BucketReplicationDestination": { + "type": "object", + "properties": { + "accessControlTranslation": { + "$ref": "#/types/aws-native:s3:BucketAccessControlTranslation", + "description": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object." + }, + "account": { + "type": "string", + "description": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the ``AccessControlTranslation`` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide*.\n If you specify the ``AccessControlTranslation`` property, the ``Account`` property is required." + }, + "bucket": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results." + }, + "encryptionConfiguration": { + "$ref": "#/types/aws-native:s3:BucketEncryptionConfiguration", + "description": "Specifies encryption-related information." + }, + "metrics": { + "$ref": "#/types/aws-native:s3:BucketMetrics", + "description": "A container specifying replication metrics-related settings enabling replication metrics and events." + }, + "replicationTime": { + "$ref": "#/types/aws-native:s3:BucketReplicationTime", + "description": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a ``Metrics`` block." + }, + "storageClass": { + "$ref": "#/types/aws-native:s3:BucketReplicationDestinationStorageClass", + "description": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. \n For valid values, see the ``StorageClass`` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference*." + } + } + }, + "aws-native:s3:BucketReplicationDestinationStorageClass": { + "type": "string" + }, + "aws-native:s3:BucketReplicationRule": { + "type": "object", + "properties": { + "deleteMarkerReplication": { + "$ref": "#/types/aws-native:s3:BucketDeleteMarkerReplication", + "description": "Specifies whether Amazon S3 replicates delete markers. If you specify a ``Filter`` in your replication configuration, you must also include a ``DeleteMarkerReplication`` element. If your ``Filter`` includes a ``Tag`` element, the ``DeleteMarkerReplication`` ``Status`` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config). \n For more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html). \n If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations)." + }, + "destination": { + "$ref": "#/types/aws-native:s3:BucketReplicationDestination", + "description": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC)." + }, + "filter": { + "$ref": "#/types/aws-native:s3:BucketReplicationRuleFilter", + "description": "A filter that identifies the subset of objects to which the replication rule applies. A ``Filter`` must specify exactly one ``Prefix``, ``TagFilter``, or an ``And`` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element." + }, + "id": { + "type": "string", + "description": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\"." + }, + "prefix": { + "type": "string", + "description": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints)." + }, + "priority": { + "type": "integer", + "description": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. \n For more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide*." + }, + "sourceSelectionCriteria": { + "$ref": "#/types/aws-native:s3:BucketSourceSelectionCriteria", + "description": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects." + }, + "status": { + "$ref": "#/types/aws-native:s3:BucketReplicationRuleStatus", + "description": "Specifies whether the rule is enabled." + } + } + }, + "aws-native:s3:BucketReplicationRuleAndOperator": { + "type": "object", + "properties": { + "prefix": { + "type": "string", + "description": "An object key name prefix that identifies the subset of objects to which the rule applies." + }, + "tagFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketTagFilter" + }, + "description": "An array of tags containing key and value pairs." + } + } + }, + "aws-native:s3:BucketReplicationRuleFilter": { + "type": "object", + "properties": { + "and": { + "$ref": "#/types/aws-native:s3:BucketReplicationRuleAndOperator", + "description": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example: \n + If you specify both a ``Prefix`` and a ``TagFilter``, wrap these filters in an ``And`` tag.\n + If you specify a filter based on multiple tags, wrap the ``TagFilter`` elements in an ``And`` tag." + }, + "prefix": { + "type": "string", + "description": "An object key name prefix that identifies the subset of objects to which the rule applies.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints)." + }, + "tagFilter": { + "$ref": "#/types/aws-native:s3:BucketTagFilter", + "description": "A container for specifying a tag key and value. \n The rule applies only to objects that have the tag in their tag set." + } + } + }, + "aws-native:s3:BucketReplicationRuleStatus": { + "type": "string" + }, + "aws-native:s3:BucketReplicationTime": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:s3:BucketReplicationTimeStatus", + "description": "Specifies whether the replication time is enabled." + }, + "time": { + "$ref": "#/types/aws-native:s3:BucketReplicationTimeValue", + "description": "A container specifying the time by which replication should be complete for all objects and operations on objects." + } + } + }, + "aws-native:s3:BucketReplicationTimeStatus": { + "type": "string" + }, + "aws-native:s3:BucketReplicationTimeValue": { + "type": "object", + "properties": { + "minutes": { + "type": "integer", + "description": "Contains an integer specifying time in minutes. \n Valid value: 15" + } + } + }, + "aws-native:s3:BucketRoutingRule": { + "type": "object", + "properties": { + "redirectRule": { + "$ref": "#/types/aws-native:s3:BucketRedirectRule", + "description": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return." + }, + "routingRuleCondition": { + "$ref": "#/types/aws-native:s3:BucketRoutingRuleCondition", + "description": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the ``/docs`` folder, redirect to the ``/documents`` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error." + } + } + }, + "aws-native:s3:BucketRoutingRuleCondition": { + "type": "object", + "properties": { + "httpErrorCodeReturnedEquals": { + "type": "string", + "description": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n Required when parent element ``Condition`` is specified and sibling ``KeyPrefixEquals`` is not specified. If both are specified, then both must be true for the redirect to be applied." + }, + "keyPrefixEquals": { + "type": "string", + "description": "The object key name prefix when the redirect is applied. For example, to redirect requests for ``ExamplePage.html``, the key prefix will be ``ExamplePage.html``. To redirect request for all pages with the prefix ``docs/``, the key prefix will be ``/docs``, which identifies all objects in the docs/ folder.\n Required when the parent element ``Condition`` is specified and sibling ``HttpErrorCodeReturnedEquals`` is not specified. If both conditions are specified, both must be true for the redirect to be applied." + } + } + }, + "aws-native:s3:BucketRule": { + "type": "object", + "properties": { + "abortIncompleteMultipartUpload": { + "$ref": "#/types/aws-native:s3:BucketAbortIncompleteMultipartUpload", + "description": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket." + }, + "expirationDate": { + "type": "string", + "description": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time." + }, + "expirationInDays": { + "type": "integer", + "description": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time." + }, + "expiredObjectDeleteMarker": { + "type": "boolean", + "description": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with ``ExpirationInDays``, ``ExpirationDate``, or ``TagFilters``." + }, + "id": { + "type": "string", + "description": "Unique identifier for the rule. The value can't be longer than 255 characters." + }, + "noncurrentVersionExpiration": { + "$ref": "#/types/aws-native:s3:BucketNoncurrentVersionExpiration", + "description": "Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime." + }, + "noncurrentVersionExpirationInDays": { + "type": "integer", + "description": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time." + }, + "noncurrentVersionTransition": { + "$ref": "#/types/aws-native:s3:BucketNoncurrentVersionTransition", + "description": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property." + }, + "noncurrentVersionTransitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketNoncurrentVersionTransition" + }, + "description": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransition`` property." + }, + "objectSizeGreaterThan": { + "type": "string", + "description": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*." + }, + "objectSizeLessThan": { + "type": "string", + "description": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*." + }, + "prefix": { + "type": "string", + "description": "Object key prefix that identifies one or more objects to which this rule applies.\n Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints)." + }, + "status": { + "$ref": "#/types/aws-native:s3:BucketRuleStatus", + "description": "If ``Enabled``, the rule is currently being applied. If ``Disabled``, the rule is not currently being applied." + }, + "tagFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketTagFilter" + }, + "description": "Tags to use to identify a subset of objects to which the lifecycle rule applies." + }, + "transition": { + "$ref": "#/types/aws-native:s3:BucketTransition", + "description": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transitions`` property." + }, + "transitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketTransition" + }, + "description": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transition`` property." + } + } + }, + "aws-native:s3:BucketRuleStatus": { + "type": "string" + }, + "aws-native:s3:BucketS3KeyFilter": { + "type": "object", + "properties": { + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketFilterRule" + }, + "description": "A list of containers for the key-value pair that defines the criteria for the filter rule." + } + } + }, + "aws-native:s3:BucketServerSideEncryptionByDefault": { + "type": "object", + "properties": { + "kmsMasterKeyId": { + "type": "string", + "description": "AWS Key Management Service (KMS) customer AWS KMS key ID to use for the default encryption. This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``.\n You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key Alias: ``alias/alias-name`` \n \n If you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log. \n If you are using encryption with cross-account or AWS service operations you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).\n Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*." + }, + "sseAlgorithm": { + "$ref": "#/types/aws-native:s3:BucketServerSideEncryptionByDefaultSseAlgorithm", + "description": "Server-side encryption algorithm to use for the default encryption." + } + }, + "irreversibleNames": { + "kmsMasterKeyId": "KMSMasterKeyID", + "sseAlgorithm": "SSEAlgorithm" + } + }, + "aws-native:s3:BucketServerSideEncryptionByDefaultSseAlgorithm": { + "type": "string" + }, + "aws-native:s3:BucketServerSideEncryptionRule": { + "type": "object", + "properties": { + "bucketKeyEnabled": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ``BucketKeyEnabled`` element to ``true`` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n For more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide*." + }, + "serverSideEncryptionByDefault": { + "$ref": "#/types/aws-native:s3:BucketServerSideEncryptionByDefault", + "description": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied." + } + } + }, + "aws-native:s3:BucketSourceSelectionCriteria": { + "type": "object", + "properties": { + "replicaModifications": { + "$ref": "#/types/aws-native:s3:BucketReplicaModifications", + "description": "A filter that you can specify for selection for modifications on replicas." + }, + "sseKmsEncryptedObjects": { + "$ref": "#/types/aws-native:s3:BucketSseKmsEncryptedObjects", + "description": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS." + } + } + }, + "aws-native:s3:BucketSseKmsEncryptedObjects": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:s3:BucketSseKmsEncryptedObjectsStatus", + "description": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service." + } + } + }, + "aws-native:s3:BucketSseKmsEncryptedObjectsStatus": { + "type": "string" + }, + "aws-native:s3:BucketStorageClassAnalysis": { + "type": "object", + "properties": { + "dataExport": { + "$ref": "#/types/aws-native:s3:BucketDataExport", + "description": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported." + } + } + }, + "aws-native:s3:BucketTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Name of the object key." + }, + "value": { + "type": "string", + "description": "Value of the tag." + } + } + }, + "aws-native:s3:BucketTagFilter": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:s3:BucketTargetObjectKeyFormat": { + "type": "object" + }, + "aws-native:s3:BucketTiering": { + "type": "object", + "properties": { + "accessTier": { + "$ref": "#/types/aws-native:s3:BucketTieringAccessTier", + "description": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class." + }, + "days": { + "type": "integer", + "description": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days)." + } + } + }, + "aws-native:s3:BucketTieringAccessTier": { + "type": "string" + }, + "aws-native:s3:BucketTopicConfiguration": { + "type": "object", + "properties": { + "event": { + "type": "string", + "description": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*." + }, + "filter": { + "$ref": "#/types/aws-native:s3:BucketNotificationFilter", + "description": "The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket." + }, + "topic": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type." + } + } + }, + "aws-native:s3:BucketTransition": { + "type": "object", + "properties": { + "storageClass": { + "$ref": "#/types/aws-native:s3:BucketTransitionStorageClass", + "description": "The storage class to which you want the object to transition." + }, + "transitionDate": { + "type": "string", + "description": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC." + }, + "transitionInDays": { + "type": "integer", + "description": "Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer." + } + } + }, + "aws-native:s3:BucketTransitionStorageClass": { + "type": "string" + }, + "aws-native:s3:BucketVersioningConfiguration": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:s3:BucketVersioningConfigurationStatus", + "description": "The versioning state of the bucket." + } + } + }, + "aws-native:s3:BucketVersioningConfigurationStatus": { + "type": "string" + }, + "aws-native:s3:BucketWebsiteConfiguration": { + "type": "object", + "properties": { + "errorDocument": { + "type": "string", + "description": "The name of the error document for the website." + }, + "indexDocument": { + "type": "string", + "description": "The name of the index document for the website." + }, + "redirectAllRequestsTo": { + "$ref": "#/types/aws-native:s3:BucketRedirectAllRequestsTo", + "description": "The redirect behavior for every request to this bucket's website endpoint.\n If you specify this property, you can't specify any other property." + }, + "routingRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:BucketRoutingRule" + }, + "description": "Rules that define when a redirect is applied and the redirect behavior." + } + } + }, + "aws-native:s3:MultiRegionAccessPointPolicyPolicyStatusPropertiesIsPublic": { + "type": "string" + }, + "aws-native:s3:MultiRegionAccessPointPublicAccessBlockConfiguration": { + "type": "object", + "properties": { + "blockPublicAcls": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior:\n- PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.\n - PUT Object calls fail if the request includes a public ACL.\n. - PUT Bucket calls fail if the request includes a public ACL.\nEnabling this setting doesn't affect existing policies or ACLs." + }, + "blockPublicPolicy": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies." + }, + "ignorePublicAcls": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set." + }, + "restrictPublicBuckets": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy.\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked." + } + } + }, + "aws-native:s3:MultiRegionAccessPointRegion": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the associated bucket for the Region." + }, + "bucketAccountId": { + "type": "string", + "description": "The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point." + } + } + }, + "aws-native:s3:PolicyStatusProperties": { + "type": "object", + "properties": { + "isPublic": { + "$ref": "#/types/aws-native:s3:MultiRegionAccessPointPolicyPolicyStatusPropertiesIsPublic", + "description": "Specifies whether the policy is public or not." + } + } + }, + "aws-native:s3:StorageLensAccountLevel": { + "type": "object", + "properties": { + "activityMetrics": { + "$ref": "#/types/aws-native:s3:StorageLensActivityMetrics", + "description": "This property contains the details of account-level activity metrics for S3 Storage Lens." + }, + "advancedCostOptimizationMetrics": { + "$ref": "#/types/aws-native:s3:StorageLensAdvancedCostOptimizationMetrics", + "description": "This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens." + }, + "advancedDataProtectionMetrics": { + "$ref": "#/types/aws-native:s3:StorageLensAdvancedDataProtectionMetrics", + "description": "This property contains the details of account-level advanced data protection metrics for S3 Storage Lens." + }, + "bucketLevel": { + "$ref": "#/types/aws-native:s3:StorageLensBucketLevel", + "description": "This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens." + }, + "detailedStatusCodesMetrics": { + "$ref": "#/types/aws-native:s3:StorageLensDetailedStatusCodesMetrics", + "description": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens." + }, + "storageLensGroupLevel": { + "$ref": "#/types/aws-native:s3:StorageLensGroupLevel", + "description": "This property determines the scope of Storage Lens group data that is displayed in the Storage Lens dashboard." + } + } + }, + "aws-native:s3:StorageLensActivityMetrics": { + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "Specifies whether activity metrics are enabled or disabled." + } + } + }, + "aws-native:s3:StorageLensAdvancedCostOptimizationMetrics": { + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "Specifies whether advanced cost optimization metrics are enabled or disabled." + } + } + }, + "aws-native:s3:StorageLensAdvancedDataProtectionMetrics": { + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "Specifies whether advanced data protection metrics are enabled or disabled." + } + } + }, + "aws-native:s3:StorageLensAwsOrg": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "This resource contains the ARN of the AWS Organization." + } + } + }, + "aws-native:s3:StorageLensBucketLevel": { + "type": "object", + "properties": { + "activityMetrics": { + "$ref": "#/types/aws-native:s3:StorageLensActivityMetrics", + "description": "A property for bucket-level activity metrics for S3 Storage Lens." + }, + "advancedCostOptimizationMetrics": { + "$ref": "#/types/aws-native:s3:StorageLensAdvancedCostOptimizationMetrics", + "description": "A property for bucket-level advanced cost optimization metrics for S3 Storage Lens." + }, + "advancedDataProtectionMetrics": { + "$ref": "#/types/aws-native:s3:StorageLensAdvancedDataProtectionMetrics", + "description": "A property for bucket-level advanced data protection metrics for S3 Storage Lens." + }, + "detailedStatusCodesMetrics": { + "$ref": "#/types/aws-native:s3:StorageLensDetailedStatusCodesMetrics", + "description": "A property for bucket-level detailed status code metrics for S3 Storage Lens." + }, + "prefixLevel": { + "$ref": "#/types/aws-native:s3:StorageLensPrefixLevel", + "description": "A property for bucket-level prefix-level storage metrics for S3 Storage Lens." + } + } + }, + "aws-native:s3:StorageLensBucketsAndRegions": { + "type": "object", + "properties": { + "buckets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This property contains the details of the buckets for the Amazon S3 Storage Lens configuration. This should be the bucket Amazon Resource Name(ARN). For valid values, see [Buckets ARN format here](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_Include.html#API_control_Include_Contents) in the *Amazon S3 API Reference* ." + }, + "regions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This property contains the details of the Regions for the S3 Storage Lens configuration." + } + } + }, + "aws-native:s3:StorageLensCloudWatchMetrics": { + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "Specifies whether CloudWatch metrics are enabled or disabled." + } + } + }, + "aws-native:s3:StorageLensConfiguration": { + "type": "object", + "properties": { + "accountLevel": { + "$ref": "#/types/aws-native:s3:StorageLensAccountLevel", + "description": "This property contains the details of the account-level metrics for Amazon S3 Storage Lens configuration." + }, + "awsOrg": { + "$ref": "#/types/aws-native:s3:StorageLensAwsOrg", + "description": "This property contains the details of the AWS Organization for the S3 Storage Lens configuration." + }, + "dataExport": { + "$ref": "#/types/aws-native:s3:StorageLensDataExport", + "description": "This property contains the details of this S3 Storage Lens configuration's metrics export." + }, + "exclude": { + "$ref": "#/types/aws-native:s3:StorageLensBucketsAndRegions", + "description": "This property contains the details of the bucket and or Regions excluded for Amazon S3 Storage Lens configuration." + }, + "id": { + "type": "string", + "description": "This property contains the details of the ID of the S3 Storage Lens configuration.", + "replaceOnChanges": true + }, + "include": { + "$ref": "#/types/aws-native:s3:StorageLensBucketsAndRegions", + "description": "This property contains the details of the bucket and or Regions included for Amazon S3 Storage Lens configuration." + }, + "isEnabled": { + "type": "boolean", + "description": "Specifies whether the Amazon S3 Storage Lens configuration is enabled or disabled." + }, + "storageLensArn": { + "type": "string", + "description": "The ARN for the Amazon S3 Storage Lens configuration." + } + } + }, + "aws-native:s3:StorageLensDataExport": { + "type": "object", + "properties": { + "cloudWatchMetrics": { + "$ref": "#/types/aws-native:s3:StorageLensCloudWatchMetrics", + "description": "This property enables the Amazon CloudWatch publishing option for S3 Storage Lens metrics." + }, + "s3BucketDestination": { + "$ref": "#/types/aws-native:s3:StorageLensS3BucketDestination", + "description": "This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed." + } + }, + "irreversibleNames": { + "s3BucketDestination": "S3BucketDestination" + } + }, + "aws-native:s3:StorageLensDetailedStatusCodesMetrics": { + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "Specifies whether detailed status codes metrics are enabled or disabled." + } + } + }, + "aws-native:s3:StorageLensEncryption": { + "type": "object" + }, + "aws-native:s3:StorageLensGroupAnd": { + "type": "object", + "properties": { + "matchAnyPrefix": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed." + }, + "matchAnySuffix": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed." + }, + "matchAnyTag": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:StorageLensGroupTag" + }, + "description": "This property contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed." + }, + "matchObjectAge": { + "$ref": "#/types/aws-native:s3:StorageLensGroupMatchObjectAge", + "description": "This property contains `DaysGreaterThan` and `DaysLessThan` properties to define the object age range (minimum and maximum number of days)." + }, + "matchObjectSize": { + "$ref": "#/types/aws-native:s3:StorageLensGroupMatchObjectSize", + "description": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes)." + } + } + }, + "aws-native:s3:StorageLensGroupFilter": { + "type": "object", + "properties": { + "and": { + "$ref": "#/types/aws-native:s3:StorageLensGroupAnd", + "description": "This property contains the `And` logical operator, which allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the `And` logical operator. Only one of each filter condition is allowed." + }, + "matchAnyPrefix": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed." + }, + "matchAnySuffix": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed." + }, + "matchAnyTag": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:StorageLensGroupTag" + }, + "description": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed." + }, + "matchObjectAge": { + "$ref": "#/types/aws-native:s3:StorageLensGroupMatchObjectAge", + "description": "This property contains `DaysGreaterThan` and `DaysLessThan` to define the object age range (minimum and maximum number of days)." + }, + "matchObjectSize": { + "$ref": "#/types/aws-native:s3:StorageLensGroupMatchObjectSize", + "description": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes)." + }, + "or": { + "$ref": "#/types/aws-native:s3:StorageLensGroupOr", + "description": "This property contains the `Or` logical operator, which allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the `Or` logical operator. Only one of each filter condition is allowed." + } + } + }, + "aws-native:s3:StorageLensGroupLevel": { + "type": "object", + "properties": { + "storageLensGroupSelectionCriteria": { + "$ref": "#/types/aws-native:s3:StorageLensGroupSelectionCriteria", + "description": "This property indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected." + } + } + }, + "aws-native:s3:StorageLensGroupMatchObjectAge": { + "type": "object", + "properties": { + "daysGreaterThan": { + "type": "integer", + "description": "Minimum object age to which the rule applies." + }, + "daysLessThan": { + "type": "integer", + "description": "Maximum object age to which the rule applies." + } + } + }, + "aws-native:s3:StorageLensGroupMatchObjectSize": { + "type": "object", + "properties": { + "bytesGreaterThan": { + "type": "integer", + "description": "Minimum object size to which the rule applies." + }, + "bytesLessThan": { + "type": "integer", + "description": "Maximum object size to which the rule applies." + } + } + }, + "aws-native:s3:StorageLensGroupOr": { + "type": "object", + "properties": { + "matchAnyPrefix": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed." + }, + "matchAnySuffix": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This property contains the list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed." + }, + "matchAnyTag": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3:StorageLensGroupTag" + }, + "description": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed." + }, + "matchObjectAge": { + "$ref": "#/types/aws-native:s3:StorageLensGroupMatchObjectAge", + "description": "This property filters objects that match the specified object age range." + }, + "matchObjectSize": { + "$ref": "#/types/aws-native:s3:StorageLensGroupMatchObjectSize", + "description": "This property contains the `BytesGreaterThan` and `BytesLessThan` values to define the object size range (minimum and maximum number of Bytes)." + } + } + }, + "aws-native:s3:StorageLensGroupSelectionCriteria": { + "type": "object", + "properties": { + "exclude": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This property indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation." + }, + "include": { + "type": "array", + "items": { + "type": "string" + }, + "description": "This property indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation." + } + } + }, + "aws-native:s3:StorageLensGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:s3:StorageLensPrefixLevel": { + "type": "object", + "properties": { + "storageMetrics": { + "$ref": "#/types/aws-native:s3:StorageLensPrefixLevelStorageMetrics", + "description": "A property for the prefix-level storage metrics for Amazon S3 Storage Lens." + } + } + }, + "aws-native:s3:StorageLensPrefixLevelStorageMetrics": { + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "Specifies whether prefix-level storage metrics are enabled or disabled." + }, + "selectionCriteria": { + "$ref": "#/types/aws-native:s3:StorageLensSelectionCriteria", + "description": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled." + } + } + }, + "aws-native:s3:StorageLensS3BucketDestination": { + "type": "object", + "properties": { + "accountId": { + "type": "string", + "description": "The AWS account ID that owns the destination S3 bucket." + }, + "arn": { + "type": "string", + "description": "The ARN of the bucket to which Amazon S3 Storage Lens exports will be placed." + }, + "encryption": { + "$ref": "#/types/aws-native:s3:StorageLensEncryption", + "description": "This property contains the details of the encryption of the bucket destination of the Amazon S3 Storage Lens metrics export." + }, + "format": { + "$ref": "#/types/aws-native:s3:StorageLensS3BucketDestinationFormat", + "description": "Specifies the file format to use when exporting Amazon S3 Storage Lens metrics export." + }, + "outputSchemaVersion": { + "$ref": "#/types/aws-native:s3:StorageLensS3BucketDestinationOutputSchemaVersion", + "description": "The version of the output schema to use when exporting Amazon S3 Storage Lens metrics." + }, + "prefix": { + "type": "string", + "description": "The prefix to use for Amazon S3 Storage Lens export." + } + } + }, + "aws-native:s3:StorageLensS3BucketDestinationFormat": { + "type": "string" + }, + "aws-native:s3:StorageLensS3BucketDestinationOutputSchemaVersion": { + "type": "string" + }, + "aws-native:s3:StorageLensSelectionCriteria": { + "type": "object", + "properties": { + "delimiter": { + "type": "string", + "description": "Delimiter to divide S3 key into hierarchy of prefixes." + }, + "maxDepth": { + "type": "integer", + "description": "Max depth of prefixes of S3 key that Amazon S3 Storage Lens will analyze." + }, + "minStorageBytesPercentage": { + "type": "number", + "description": "The minimum storage bytes threshold for the prefixes to be included in the analysis." + } + } + }, + "aws-native:s3:StorageLensTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Name of the object key." + }, + "value": { + "type": "string", + "description": "Value of the tag." + } + } + }, + "aws-native:s3express:DirectoryBucketDataRedundancy": { + "type": "string" + }, + "aws-native:s3objectlambda:AccessPointAlias": { + "type": "object", + "properties": { + "status": { + "type": "string", + "description": "The status of the Object Lambda alias." + }, + "value": { + "type": "string", + "description": "The value of the Object Lambda alias." + } + } + }, + "aws-native:s3objectlambda:AccessPointAwsLambda": { + "type": "object", + "properties": { + "functionArn": { + "type": "string" + }, + "functionPayload": { + "type": "string" + } + } + }, + "aws-native:s3objectlambda:AccessPointObjectLambdaConfiguration": { + "type": "object", + "properties": { + "allowedFeatures": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A container for allowed features. Valid inputs are `GetObject-Range` , `GetObject-PartNumber` , `HeadObject-Range` , and `HeadObject-PartNumber` ." + }, + "cloudWatchMetricsEnabled": { + "type": "boolean", + "description": "A container for whether the CloudWatch metrics configuration is enabled." + }, + "supportingAccessPoint": { + "type": "string", + "description": "Standard access point associated with the Object Lambda Access Point." + }, + "transformationConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3objectlambda:AccessPointTransformationConfiguration" + }, + "description": "A container for transformation configurations for an Object Lambda Access Point." + } + } + }, + "aws-native:s3objectlambda:AccessPointPolicyStatus": { + "type": "object", + "properties": { + "isPublic": { + "type": "boolean", + "description": "Specifies whether the Object lambda Access Point Policy is Public or not. Object lambda Access Points are private by default." + } + } + }, + "aws-native:s3objectlambda:AccessPointPublicAccessBlockConfiguration": { + "type": "object", + "properties": { + "blockPublicAcls": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should block public access control lists (ACLs) to this object lambda access point. Setting this element to TRUE causes the following behavior:\n- PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public.\n - PUT Object calls fail if the request includes a public ACL.\n. - PUT Bucket calls fail if the request includes a public ACL.\nEnabling this setting doesn't affect existing policies or ACLs." + }, + "blockPublicPolicy": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies." + }, + "ignorePublicAcls": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set." + }, + "restrictPublicBuckets": { + "type": "boolean", + "description": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy.\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked." + } + } + }, + "aws-native:s3objectlambda:AccessPointTransformationConfiguration": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` ." + }, + "contentTransformation": { + "$ref": "#/types/aws-native:s3objectlambda:AccessPointTransformationConfigurationContentTransformationProperties", + "description": "A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* ." + } + } + }, + "aws-native:s3objectlambda:AccessPointTransformationConfigurationContentTransformation0Properties": { + "type": "object", + "properties": { + "awsLambda": { + "$ref": "#/types/aws-native:s3objectlambda:AccessPointAwsLambda" + } + } + }, + "aws-native:s3objectlambda:AccessPointTransformationConfigurationContentTransformationProperties": { + "type": "object", + "properties": { + "awsLambda": { + "$ref": "#/types/aws-native:s3objectlambda:AccessPointAwsLambda" + } + } + }, + "aws-native:s3outposts:AccessPointVpcConfiguration": { + "type": "object", + "properties": { + "vpcId": { + "type": "string", + "description": "Virtual Private Cloud (VPC) Id from which AccessPoint will allow requests." + } + } + }, + "aws-native:s3outposts:BucketAbortIncompleteMultipartUpload": { + "type": "object", + "properties": { + "daysAfterInitiation": { + "type": "integer", + "description": "Specifies the number of days after which Amazon S3Outposts aborts an incomplete multipart upload." + } + } + }, + "aws-native:s3outposts:BucketFilterAndOperator0Properties": { + "type": "object", + "properties": { + "prefix": { + "type": "string", + "description": "Prefix identifies one or more objects to which the rule applies." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3outposts:BucketFilterTag" + }, + "description": "All of these tags must exist in the object's tag set in order for the rule to apply." + } + } + }, + "aws-native:s3outposts:BucketFilterAndOperatorProperties": { + "type": "object", + "properties": { + "prefix": { + "type": "string", + "description": "Prefix identifies one or more objects to which the rule applies." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3outposts:BucketFilterTag" + }, + "description": "All of these tags must exist in the object's tag set in order for the rule to apply." + } + } + }, + "aws-native:s3outposts:BucketFilterTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:s3outposts:BucketLifecycleConfiguration": { + "type": "object", + "properties": { + "rules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:s3outposts:BucketRule" + }, + "description": "A list of lifecycle rules for individual objects in an Amazon S3Outposts bucket." + } + } + }, + "aws-native:s3outposts:BucketRule": { + "type": "object", + "properties": { + "abortIncompleteMultipartUpload": { + "$ref": "#/types/aws-native:s3outposts:BucketAbortIncompleteMultipartUpload", + "description": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3Outposts bucket." + }, + "expirationDate": { + "type": "string", + "description": "Indicates when objects are deleted from Amazon S3Outposts. The date value must be in ISO 8601 format. The time is always midnight UTC." + }, + "expirationInDays": { + "type": "integer", + "description": "Indicates the number of days after creation when objects are deleted from Amazon S3Outposts." + }, + "filter": { + "$ref": "#/types/aws-native:s3outposts:BucketRuleFilterProperties", + "description": "The container for the filter of the lifecycle rule." + }, + "id": { + "type": "string", + "description": "Unique identifier for the lifecycle rule. The value can't be longer than 255 characters." + }, + "status": { + "$ref": "#/types/aws-native:s3outposts:BucketRuleStatus", + "description": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied." + } + } + }, + "aws-native:s3outposts:BucketRuleFilterProperties": { + "type": "object", + "properties": { + "andOperator": { + "$ref": "#/types/aws-native:s3outposts:BucketFilterAndOperatorProperties", + "description": "The container for the AND condition for the lifecycle rule. A combination of Prefix and 1 or more Tags OR a minimum of 2 or more tags." + }, + "prefix": { + "type": "string", + "description": "Object key prefix that identifies one or more objects to which this rule applies." + }, + "tag": { + "$ref": "#/types/aws-native:s3outposts:BucketFilterTag", + "description": "Specifies a tag used to identify a subset of objects for an Amazon S3Outposts bucket." + } + } + }, + "aws-native:s3outposts:BucketRuleStatus": { + "type": "string" + }, + "aws-native:s3outposts:BucketTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:s3outposts:EndpointAccessType": { + "type": "string" + }, + "aws-native:s3outposts:EndpointFailedReason": { + "type": "object", + "properties": { + "errorCode": { + "type": "string", + "description": "The failure code, if any, for a create or delete endpoint operation." + }, + "message": { + "type": "string", + "description": "Additional error details describing the endpoint failure and recommended action." + } + } + }, + "aws-native:s3outposts:EndpointNetworkInterface": { + "type": "object", + "properties": { + "networkInterfaceId": { + "type": "string", + "description": "The ID for the network interface." + } + } + }, + "aws-native:s3outposts:EndpointStatus": { + "type": "string" + }, + "aws-native:sagemaker:AppImageConfigCodeEditorAppImageConfig": { + "type": "object", + "properties": { + "containerConfig": { + "$ref": "#/types/aws-native:sagemaker:AppImageConfigContainerConfig", + "description": "The container configuration for a SageMaker image." + } + } + }, + "aws-native:sagemaker:AppImageConfigContainerConfig": { + "type": "object", + "properties": { + "containerArguments": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of arguments to apply to the container." + }, + "containerEntrypoint": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The custom entry point to use on container." + }, + "containerEnvironmentVariables": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:AppImageConfigCustomImageContainerEnvironmentVariable" + }, + "description": "A list of variables to apply to the custom container." + } + } + }, + "aws-native:sagemaker:AppImageConfigCustomImageContainerEnvironmentVariable": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key that identifies a container environment variable." + }, + "value": { + "type": "string", + "description": "The value of the container environment variable." + } + } + }, + "aws-native:sagemaker:AppImageConfigFileSystemConfig": { + "type": "object", + "properties": { + "defaultGid": { + "type": "integer", + "description": "The default POSIX group ID (GID). If not specified, defaults to 100." + }, + "defaultUid": { + "type": "integer", + "description": "The default POSIX user ID (UID). If not specified, defaults to 1000." + }, + "mountPath": { + "type": "string", + "description": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to /home/sagemaker-user." + } + } + }, + "aws-native:sagemaker:AppImageConfigJupyterLabAppImageConfig": { + "type": "object", + "properties": { + "containerConfig": { + "$ref": "#/types/aws-native:sagemaker:AppImageConfigContainerConfig", + "description": "The container configuration for a SageMaker image." + } + } + }, + "aws-native:sagemaker:AppImageConfigKernelGatewayImageConfig": { + "type": "object", + "properties": { + "fileSystemConfig": { + "$ref": "#/types/aws-native:sagemaker:AppImageConfigFileSystemConfig", + "description": "The Amazon Elastic File System (EFS) storage configuration for a SageMaker image." + }, + "kernelSpecs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:AppImageConfigKernelSpec" + }, + "description": "The specification of the Jupyter kernels in the image." + } + } + }, + "aws-native:sagemaker:AppImageConfigKernelSpec": { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "description": "The display name of the kernel." + }, + "name": { + "type": "string", + "description": "The name of the kernel." + } + } + }, + "aws-native:sagemaker:AppImageConfigTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key. Tag keys must be unique per resource." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:sagemaker:AppResourceSpec": { + "type": "object", + "properties": { + "instanceType": { + "$ref": "#/types/aws-native:sagemaker:AppResourceSpecInstanceType", + "description": "The instance type that the image version runs on." + }, + "lifecycleConfigArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration to attach to the Resource." + }, + "sageMakerImageArn": { + "type": "string", + "description": "The ARN of the SageMaker image that the image version belongs to." + }, + "sageMakerImageVersionArn": { + "type": "string", + "description": "The ARN of the image version created on the instance." + } + } + }, + "aws-native:sagemaker:AppResourceSpecInstanceType": { + "type": "string" + }, + "aws-native:sagemaker:AppTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key. Tag keys must be unique per resource." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:sagemaker:AppType": { + "type": "string" + }, + "aws-native:sagemaker:DataQualityJobDefinitionBatchTransformInput": { + "type": "object", + "properties": { + "dataCapturedDestinationS3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Batch Transform Job captures data." + }, + "datasetFormat": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionDatasetFormat", + "description": "The dataset format for your batch transform job." + }, + "excludeFeaturesAttribute": { + "type": "string", + "description": "Indexes or names of the features to be excluded from analysis" + }, + "localPath": { + "type": "string", + "description": "Path to the filesystem where the endpoint data is available to the container." + }, + "s3DataDistributionType": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionBatchTransformInputS3DataDistributionType", + "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated" + }, + "s3InputMode": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionBatchTransformInputS3InputMode", + "description": "Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File." + } + }, + "irreversibleNames": { + "dataCapturedDestinationS3Uri": "DataCapturedDestinationS3Uri", + "s3DataDistributionType": "S3DataDistributionType", + "s3InputMode": "S3InputMode" + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionBatchTransformInputS3DataDistributionType": { + "type": "string" + }, + "aws-native:sagemaker:DataQualityJobDefinitionBatchTransformInputS3InputMode": { + "type": "string" + }, + "aws-native:sagemaker:DataQualityJobDefinitionClusterConfig": { + "type": "object", + "properties": { + "instanceCount": { + "type": "integer", + "description": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1." + }, + "instanceType": { + "type": "string", + "description": "The ML compute instance type for the processing job." + }, + "volumeKmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job." + }, + "volumeSizeInGb": { + "type": "integer", + "description": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario." + } + }, + "irreversibleNames": { + "volumeSizeInGb": "VolumeSizeInGB" + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionConstraintsResource": { + "type": "object", + "properties": { + "s3Uri": { + "type": "string", + "description": "The Amazon S3 URI for baseline constraint file in Amazon S3 that the current monitoring job should validated against." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionCsv": { + "type": "object", + "properties": { + "header": { + "type": "boolean", + "description": "A boolean flag indicating if given CSV has header" + } + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionDataQualityAppSpecification": { + "type": "object", + "properties": { + "containerArguments": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of arguments for the container used to run the monitoring job." + }, + "containerEntrypoint": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the entrypoint for a container used to run the monitoring job." + }, + "environment": { + "$ref": "pulumi.json#/Any", + "description": "Sets the environment variables in the Docker container" + }, + "imageUri": { + "type": "string", + "description": "The container image to be run by the monitoring job." + }, + "postAnalyticsProcessorSourceUri": { + "type": "string", + "description": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers." + }, + "recordPreprocessorSourceUri": { + "type": "string", + "description": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flatted json so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers" + } + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionDataQualityBaselineConfig": { + "type": "object", + "properties": { + "baseliningJobName": { + "type": "string", + "description": "The name of the job that performs baselining for the data quality monitoring job." + }, + "constraintsResource": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionConstraintsResource", + "description": "The constraints resource for a monitoring job." + }, + "statisticsResource": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionStatisticsResource", + "description": "Configuration for monitoring constraints and monitoring statistics. These baseline resources are compared against the results of the current job from the series of jobs scheduled to collect data periodically." + } + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionDataQualityJobInput": { + "type": "object", + "properties": { + "batchTransformInput": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionBatchTransformInput", + "description": "Input object for the batch transform job." + }, + "endpointInput": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionEndpointInput", + "description": "Input object for the endpoint" + } + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionDatasetFormat": { + "type": "object", + "properties": { + "csv": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionCsv" + }, + "json": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionJson" + }, + "parquet": { + "type": "boolean" + } + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionEndpointInput": { + "type": "object", + "properties": { + "endpointName": { + "type": "string", + "description": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled." + }, + "excludeFeaturesAttribute": { + "type": "string", + "description": "Indexes or names of the features to be excluded from analysis" + }, + "localPath": { + "type": "string", + "description": "Path to the filesystem where the endpoint data is available to the container." + }, + "s3DataDistributionType": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionEndpointInputS3DataDistributionType", + "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated" + }, + "s3InputMode": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionEndpointInputS3InputMode", + "description": "Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File." + } + }, + "irreversibleNames": { + "s3DataDistributionType": "S3DataDistributionType", + "s3InputMode": "S3InputMode" + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionEndpointInputS3DataDistributionType": { + "type": "string" + }, + "aws-native:sagemaker:DataQualityJobDefinitionEndpointInputS3InputMode": { + "type": "string" + }, + "aws-native:sagemaker:DataQualityJobDefinitionJson": { + "type": "object", + "properties": { + "line": { + "type": "boolean", + "description": "A boolean flag indicating if it is JSON line format" + } + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionMonitoringOutput": { + "type": "object", + "properties": { + "s3Output": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionS3Output", + "description": "The Amazon S3 storage location where the results of a monitoring job are saved." + } + }, + "irreversibleNames": { + "s3Output": "S3Output" + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionMonitoringOutputConfig": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption." + }, + "monitoringOutputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionMonitoringOutput" + }, + "description": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded." + } + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionMonitoringResources": { + "type": "object", + "properties": { + "clusterConfig": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionClusterConfig", + "description": "The configuration for the cluster resources used to run the processing job." + } + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionNetworkConfig": { + "type": "object", + "properties": { + "enableInterContainerTrafficEncryption": { + "type": "boolean", + "description": "Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer." + }, + "enableNetworkIsolation": { + "type": "boolean", + "description": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionVpcConfig", + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC." + } + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionS3Output": { + "type": "object", + "properties": { + "localPath": { + "type": "string", + "description": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data." + }, + "s3UploadMode": { + "$ref": "#/types/aws-native:sagemaker:DataQualityJobDefinitionS3OutputS3UploadMode", + "description": "Whether to upload the results of the monitoring job continuously or after the job completes." + }, + "s3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job." + } + }, + "irreversibleNames": { + "s3UploadMode": "S3UploadMode", + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionS3OutputS3UploadMode": { + "type": "string" + }, + "aws-native:sagemaker:DataQualityJobDefinitionStatisticsResource": { + "type": "object", + "properties": { + "s3Uri": { + "type": "string", + "description": "The Amazon S3 URI for the baseline statistics file in Amazon S3 that the current monitoring job should be validated against." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionStoppingCondition": { + "type": "object", + "properties": { + "maxRuntimeInSeconds": { + "type": "integer", + "description": "The maximum runtime allowed in seconds." + } + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:DataQualityJobDefinitionVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of the subnets in the VPC to which you want to connect to your monitoring jobs." + } + } + }, + "aws-native:sagemaker:Device": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Description of the device" + }, + "deviceName": { + "type": "string", + "description": "The name of the device", + "replaceOnChanges": true + }, + "iotThingName": { + "type": "string", + "description": "AWS Internet of Things (IoT) object name." + } + } + }, + "aws-native:sagemaker:DeviceFleetEdgeOutputConfig": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The KMS key id used for encryption on the S3 bucket" + }, + "s3OutputLocation": { + "type": "string", + "description": "The Amazon Simple Storage (S3) bucket URI" + } + }, + "irreversibleNames": { + "s3OutputLocation": "S3OutputLocation" + } + }, + "aws-native:sagemaker:DeviceFleetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The key value of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:DeviceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The key value of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:DomainAppNetworkAccessType": { + "type": "string" + }, + "aws-native:sagemaker:DomainAppSecurityGroupManagement": { + "type": "string" + }, + "aws-native:sagemaker:DomainAppType": { + "type": "string" + }, + "aws-native:sagemaker:DomainAuthMode": { + "type": "string" + }, + "aws-native:sagemaker:DomainCodeEditorAppSettings": { + "type": "object", + "properties": { + "customImages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:DomainCustomImage" + }, + "description": "A list of custom images for use for CodeEditor apps." + }, + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:DomainResourceSpec", + "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the CodeEditor app." + }, + "lifecycleConfigArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of LifecycleConfigArns available for use with CodeEditor apps." + } + } + }, + "aws-native:sagemaker:DomainCodeRepository": { + "type": "object", + "properties": { + "repositoryUrl": { + "type": "string", + "description": "A CodeRepository (valid URL) to be used within Jupyter's Git extension." + } + } + }, + "aws-native:sagemaker:DomainCustomFileSystemConfig": { + "type": "object", + "properties": { + "efsFileSystemConfig": { + "$ref": "#/types/aws-native:sagemaker:DomainEfsFileSystemConfig", + "description": "The settings for a custom Amazon EFS file system." + } + }, + "irreversibleNames": { + "efsFileSystemConfig": "EFSFileSystemConfig" + } + }, + "aws-native:sagemaker:DomainCustomImage": { + "type": "object", + "properties": { + "appImageConfigName": { + "type": "string", + "description": "The Name of the AppImageConfig." + }, + "imageName": { + "type": "string", + "description": "The name of the CustomImage. Must be unique to your account." + }, + "imageVersionNumber": { + "type": "integer", + "description": "The version number of the CustomImage." + } + } + }, + "aws-native:sagemaker:DomainCustomPosixUserConfig": { + "type": "object", + "properties": { + "gid": { + "type": "integer", + "description": "The POSIX group ID." + }, + "uid": { + "type": "integer", + "description": "The POSIX user ID." + } + } + }, + "aws-native:sagemaker:DomainDefaultEbsStorageSettings": { + "type": "object", + "properties": { + "defaultEbsVolumeSizeInGb": { + "type": "integer", + "description": "Default size of the Amazon EBS volume in Gb" + }, + "maximumEbsVolumeSizeInGb": { + "type": "integer", + "description": "Maximum size of the Amazon EBS volume in Gb. Must be greater than or equal to the DefaultEbsVolumeSizeInGb." + } + } + }, + "aws-native:sagemaker:DomainDefaultSpaceSettings": { + "type": "object", + "properties": { + "customFileSystemConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:DomainCustomFileSystemConfig" + }, + "description": "The settings for assigning a custom file system to a domain. Permitted users can access this file system in Amazon SageMaker Studio." + }, + "customPosixUserConfig": { + "$ref": "#/types/aws-native:sagemaker:DomainCustomPosixUserConfig", + "description": "The Jupyter lab's custom posix user configurations." + }, + "executionRole": { + "type": "string", + "description": "The execution role for the space." + }, + "jupyterLabAppSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainJupyterLabAppSettings", + "description": "The Jupyter lab's app settings." + }, + "jupyterServerAppSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainJupyterServerAppSettings", + "description": "The Jupyter server's app settings." + }, + "kernelGatewayAppSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainKernelGatewayAppSettings", + "description": "The kernel gateway app settings." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security groups for the Amazon Virtual Private Cloud (VPC) that Studio uses for communication." + }, + "spaceStorageSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainDefaultSpaceStorageSettings", + "description": "The Jupyter lab's space storage settings." + } + } + }, + "aws-native:sagemaker:DomainDefaultSpaceStorageSettings": { + "type": "object", + "properties": { + "defaultEbsStorageSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainDefaultEbsStorageSettings", + "description": "The default EBS storage settings for a space." + } + } + }, + "aws-native:sagemaker:DomainDockerSettings": { + "type": "object", + "properties": { + "enableDockerAccess": { + "$ref": "#/types/aws-native:sagemaker:DomainDockerSettingsEnableDockerAccess", + "description": "The flag to enable/disable docker-proxy server" + }, + "vpcOnlyTrustedAccounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of account id's that would be used to pull images from in VpcOnly mode" + } + } + }, + "aws-native:sagemaker:DomainDockerSettingsEnableDockerAccess": { + "type": "string" + }, + "aws-native:sagemaker:DomainEfsFileSystemConfig": { + "type": "object", + "properties": { + "fileSystemId": { + "type": "string", + "description": "The ID of your Amazon EFS file system." + }, + "fileSystemPath": { + "type": "string", + "description": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below." + } + } + }, + "aws-native:sagemaker:DomainJupyterLabAppSettings": { + "type": "object", + "properties": { + "codeRepositories": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:DomainCodeRepository" + }, + "description": "A list of CodeRepositories available for use with JupyterLab apps." + }, + "customImages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:DomainCustomImage" + }, + "description": "A list of custom images for use for JupyterLab apps." + }, + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:DomainResourceSpec", + "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app." + }, + "lifecycleConfigArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of LifecycleConfigArns available for use with JupyterLab apps." + } + } + }, + "aws-native:sagemaker:DomainJupyterServerAppSettings": { + "type": "object", + "properties": { + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:DomainResourceSpec", + "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app." + }, + "lifecycleConfigArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of LifecycleConfigArns available for use with JupyterServer apps." + } + } + }, + "aws-native:sagemaker:DomainKernelGatewayAppSettings": { + "type": "object", + "properties": { + "customImages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:DomainCustomImage" + }, + "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app." + }, + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:DomainResourceSpec", + "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app." + }, + "lifecycleConfigArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of LifecycleConfigArns available for use with KernelGateway apps." + } + } + }, + "aws-native:sagemaker:DomainMlTools": { + "type": "string" + }, + "aws-native:sagemaker:DomainRSessionAppSettings": { + "type": "object", + "properties": { + "customImages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:DomainCustomImage" + }, + "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app." + }, + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:DomainResourceSpec", + "description": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on." + } + } + }, + "aws-native:sagemaker:DomainRStudioServerProAppSettings": { + "type": "object", + "properties": { + "accessStatus": { + "$ref": "#/types/aws-native:sagemaker:DomainRStudioServerProAppSettingsAccessStatus", + "description": "Indicates whether the current user has access to the RStudioServerPro app." + }, + "userGroup": { + "$ref": "#/types/aws-native:sagemaker:DomainRStudioServerProAppSettingsUserGroup", + "description": "The level of permissions that the user has within the RStudioServerPro app. This value defaults to User. The Admin value allows the user access to the RStudio Administrative Dashboard." + } + } + }, + "aws-native:sagemaker:DomainRStudioServerProAppSettingsAccessStatus": { + "type": "string" + }, + "aws-native:sagemaker:DomainRStudioServerProAppSettingsUserGroup": { + "type": "string" + }, + "aws-native:sagemaker:DomainRStudioServerProDomainSettings": { + "type": "object", + "properties": { + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:DomainResourceSpec", + "description": "A collection that defines the default `InstanceType` , `SageMakerImageArn` , and `SageMakerImageVersionArn` for the Domain.", + "replaceOnChanges": true + }, + "domainExecutionRoleArn": { + "type": "string", + "description": "The ARN of the execution role for the RStudioServerPro Domain-level app." + }, + "rStudioConnectUrl": { + "type": "string", + "description": "A URL pointing to an RStudio Connect server." + }, + "rStudioPackageManagerUrl": { + "type": "string", + "description": "A URL pointing to an RStudio Package Manager server." + } + } + }, + "aws-native:sagemaker:DomainResourceSpec": { + "type": "object", + "properties": { + "instanceType": { + "$ref": "#/types/aws-native:sagemaker:DomainResourceSpecInstanceType", + "description": "The instance type that the image version runs on." + }, + "lifecycleConfigArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration to attach to the Resource." + }, + "sageMakerImageArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the SageMaker image that the image version belongs to." + }, + "sageMakerImageVersionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the image version created on the instance." + } + } + }, + "aws-native:sagemaker:DomainResourceSpecInstanceType": { + "type": "string" + }, + "aws-native:sagemaker:DomainSettings": { + "type": "object", + "properties": { + "dockerSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainDockerSettings", + "description": "A collection of settings that configure the domain's Docker interaction." + }, + "rStudioServerProDomainSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainRStudioServerProDomainSettings", + "description": "A collection of settings that configure the `RStudioServerPro` Domain-level app." + }, + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security groups for the Amazon Virtual Private Cloud that the Domain uses for communication between Domain-level apps and user apps." + } + } + }, + "aws-native:sagemaker:DomainSharingSettings": { + "type": "object", + "properties": { + "notebookOutputOption": { + "$ref": "#/types/aws-native:sagemaker:DomainSharingSettingsNotebookOutputOption", + "description": "Whether to include the notebook cell output when sharing the notebook. The default is Disabled." + }, + "s3KmsKeyId": { + "type": "string", + "description": "When NotebookOutputOption is Allowed, the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket." + }, + "s3OutputPath": { + "type": "string", + "description": "When NotebookOutputOption is Allowed, the Amazon S3 bucket used to store the shared notebook snapshots." + } + }, + "irreversibleNames": { + "s3KmsKeyId": "S3KmsKeyId", + "s3OutputPath": "S3OutputPath" + } + }, + "aws-native:sagemaker:DomainSharingSettingsNotebookOutputOption": { + "type": "string" + }, + "aws-native:sagemaker:DomainStudioWebPortalSettings": { + "type": "object", + "properties": { + "hiddenAppTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:DomainAppType" + }, + "description": "Applications supported in Studio that are hidden from the Studio left navigation pane." + }, + "hiddenMlTools": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:DomainMlTools" + }, + "description": "The machine learning tools that are hidden from the Studio left navigation pane." + } + } + }, + "aws-native:sagemaker:DomainTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key. Tag keys must be unique per resource." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:sagemaker:DomainUserSettings": { + "type": "object", + "properties": { + "codeEditorAppSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainCodeEditorAppSettings", + "description": "The Code Editor application settings." + }, + "customFileSystemConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:DomainCustomFileSystemConfig" + }, + "description": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker Studio." + }, + "customPosixUserConfig": { + "$ref": "#/types/aws-native:sagemaker:DomainCustomPosixUserConfig", + "description": "Details about the POSIX identity that is used for file system operations." + }, + "defaultLandingUri": { + "type": "string", + "description": "Defines which Amazon SageMaker application users are directed to by default." + }, + "executionRole": { + "type": "string", + "description": "The execution role for the user." + }, + "jupyterLabAppSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainJupyterLabAppSettings", + "description": "The settings for the JupyterLab application." + }, + "jupyterServerAppSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainJupyterServerAppSettings", + "description": "The Jupyter server's app settings." + }, + "kernelGatewayAppSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainKernelGatewayAppSettings", + "description": "The kernel gateway app settings." + }, + "rSessionAppSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainRSessionAppSettings", + "description": "A collection of settings that configure the `RSessionGateway` app." + }, + "rStudioServerProAppSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainRStudioServerProAppSettings", + "description": "A collection of settings that configure user interaction with the `RStudioServerPro` app." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security groups for the Amazon Virtual Private Cloud (VPC) that Studio uses for communication." + }, + "sharingSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainSharingSettings", + "description": "The sharing settings." + }, + "spaceStorageSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainDefaultSpaceStorageSettings", + "description": "The storage settings for a space." + }, + "studioWebPortal": { + "$ref": "#/types/aws-native:sagemaker:DomainUserSettingsStudioWebPortal", + "description": "Indicates whether the Studio experience is available to users. If not, users cannot access Studio." + }, + "studioWebPortalSettings": { + "$ref": "#/types/aws-native:sagemaker:DomainStudioWebPortalSettings", + "description": "Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level." + } + } + }, + "aws-native:sagemaker:DomainUserSettingsStudioWebPortal": { + "type": "string" + }, + "aws-native:sagemaker:FeatureGroupDataCatalogConfig": { + "type": "object", + "properties": { + "catalog": { + "type": "string", + "description": "The name of the Glue table catalog." + }, + "database": { + "type": "string", + "description": "The name of the Glue table database." + }, + "tableName": { + "type": "string", + "description": "The name of the Glue table." + } + } + }, + "aws-native:sagemaker:FeatureGroupFeatureDefinition": { + "type": "object", + "properties": { + "featureName": { + "type": "string", + "description": "The name of a feature. The type must be a string. `FeatureName` cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nThe name:\n\n- Must start with an alphanumeric character.\n- Can only include alphanumeric characters, underscores, and hyphens. Spaces are not allowed." + }, + "featureType": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupFeatureDefinitionFeatureType", + "description": "The value type of a feature. Valid values are Integral, Fractional, or String." + } + } + }, + "aws-native:sagemaker:FeatureGroupFeatureDefinitionFeatureType": { + "type": "string" + }, + "aws-native:sagemaker:FeatureGroupOnlineStoreSecurityConfig": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.\n\nThe caller (either user or IAM role) of `CreateFeatureGroup` must have below permissions to the `OnlineStore` `KmsKeyId` :\n\n- `\"kms:Encrypt\"`\n- `\"kms:Decrypt\"`\n- `\"kms:DescribeKey\"`\n- `\"kms:CreateGrant\"`\n- `\"kms:RetireGrant\"`\n- `\"kms:ReEncryptFrom\"`\n- `\"kms:ReEncryptTo\"`\n- `\"kms:GenerateDataKey\"`\n- `\"kms:ListAliases\"`\n- `\"kms:ListGrants\"`\n- `\"kms:RevokeGrant\"`\n\nThe caller (either user or IAM role) to all DataPlane operations ( `PutRecord` , `GetRecord` , `DeleteRecord` ) must have the following permissions to the `KmsKeyId` :\n\n- `\"kms:Decrypt\"`" + } + } + }, + "aws-native:sagemaker:FeatureGroupS3StorageConfig": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (KMS) key ARN of the key used to encrypt any objects written into the `OfflineStore` S3 location.\n\nThe IAM `roleARN` that is passed as a parameter to `CreateFeatureGroup` must have below permissions to the `KmsKeyId` :\n\n- `\"kms:GenerateDataKey\"`" + }, + "s3Uri": { + "type": "string", + "description": "The S3 URI, or location in Amazon S3, of `OfflineStore` .\n\nS3 URIs have a format similar to the following: `s3://example-bucket/prefix/` ." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:FeatureGroupStorageType": { + "type": "string" + }, + "aws-native:sagemaker:FeatureGroupTableFormat": { + "type": "string" + }, + "aws-native:sagemaker:FeatureGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key. Tag keys must be unique per resource." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:sagemaker:FeatureGroupThroughputConfig": { + "type": "object", + "properties": { + "provisionedReadCapacityUnits": { + "type": "integer", + "description": "For provisioned feature groups with online store enabled, this indicates the read throughput you are billed for and can consume without throttling." + }, + "provisionedWriteCapacityUnits": { + "type": "integer", + "description": "For provisioned feature groups, this indicates the write throughput you are billed for and can consume without throttling." + }, + "throughputMode": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupThroughputMode", + "description": "The mode used for your feature group throughput: `ON_DEMAND` or `PROVISIONED` ." + } + } + }, + "aws-native:sagemaker:FeatureGroupThroughputMode": { + "type": "string" + }, + "aws-native:sagemaker:FeatureGroupTtlDuration": { + "type": "object", + "properties": { + "unit": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupUnit", + "description": "`TtlDuration` time unit." + }, + "value": { + "type": "integer", + "description": "`TtlDuration` time value." + } + } + }, + "aws-native:sagemaker:FeatureGroupUnit": { + "type": "string" + }, + "aws-native:sagemaker:ImageTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:ImageVersionJobType": { + "type": "string" + }, + "aws-native:sagemaker:ImageVersionProcessor": { + "type": "string" + }, + "aws-native:sagemaker:ImageVersionVendorGuidance": { + "type": "string" + }, + "aws-native:sagemaker:InferenceComponentComputeResourceRequirements": { + "type": "object", + "properties": { + "maxMemoryRequiredInMb": { + "type": "integer", + "description": "The maximum MB of memory to allocate to run a model that you assign to an inference component." + }, + "minMemoryRequiredInMb": { + "type": "integer", + "description": "The minimum MB of memory to allocate to run a model that you assign to an inference component." + }, + "numberOfAcceleratorDevicesRequired": { + "type": "number", + "description": "The number of accelerators to allocate to run a model that you assign to an inference component. Accelerators include GPUs and AWS Inferentia." + }, + "numberOfCpuCoresRequired": { + "type": "number", + "description": "The number of CPU cores to allocate to run a model that you assign to an inference component." + } + } + }, + "aws-native:sagemaker:InferenceComponentContainerSpecification": { + "type": "object", + "properties": { + "artifactUrl": { + "type": "string", + "description": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix)." + }, + "deployedImage": { + "$ref": "#/types/aws-native:sagemaker:InferenceComponentDeployedImage" + }, + "environment": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The environment variables to set in the Docker container. Each key and value in the Environment string-to-string map can have length of up to 1024. We support up to 16 entries in the map." + }, + "image": { + "type": "string", + "description": "The Amazon Elastic Container Registry (Amazon ECR) path where the Docker image for the model is stored." + } + } + }, + "aws-native:sagemaker:InferenceComponentDeployedImage": { + "type": "object", + "properties": { + "resolutionTime": { + "type": "string", + "description": "The date and time when the image path for the model resolved to the `ResolvedImage`" + }, + "resolvedImage": { + "type": "string", + "description": "The specific digest path of the image hosted in this `ProductionVariant` ." + }, + "specifiedImage": { + "type": "string", + "description": "The image path you specified when you created the model." + } + } + }, + "aws-native:sagemaker:InferenceComponentRuntimeConfig": { + "type": "object", + "properties": { + "copyCount": { + "type": "integer", + "description": "The number of runtime copies of the model container to deploy with the inference component. Each copy can serve inference requests." + }, + "currentCopyCount": { + "type": "integer" + }, + "desiredCopyCount": { + "type": "integer" + } + } + }, + "aws-native:sagemaker:InferenceComponentSpecification": { + "type": "object", + "properties": { + "computeResourceRequirements": { + "$ref": "#/types/aws-native:sagemaker:InferenceComponentComputeResourceRequirements", + "description": "The compute resources allocated to run the model assigned to the inference component." + }, + "container": { + "$ref": "#/types/aws-native:sagemaker:InferenceComponentContainerSpecification", + "description": "Defines a container that provides the runtime environment for a model that you deploy with an inference component." + }, + "modelName": { + "type": "string", + "description": "The name of an existing SageMaker model object in your account that you want to deploy with the inference component." + }, + "startupParameters": { + "$ref": "#/types/aws-native:sagemaker:InferenceComponentStartupParameters", + "description": "Settings that take effect while the model container starts up." + } + } + }, + "aws-native:sagemaker:InferenceComponentStartupParameters": { + "type": "object", + "properties": { + "containerStartupHealthCheckTimeoutInSeconds": { + "type": "integer", + "description": "The timeout value, in seconds, for your inference container to pass health check by Amazon S3 Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) ." + }, + "modelDataDownloadTimeoutInSeconds": { + "type": "integer", + "description": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this inference component." + } + } + }, + "aws-native:sagemaker:InferenceComponentStatus": { + "type": "string" + }, + "aws-native:sagemaker:InferenceComponentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -" + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -" + } + } + }, + "aws-native:sagemaker:InferenceExperimentCaptureContentTypeHeader": { + "type": "object", + "properties": { + "csvContentTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of all content type headers that SageMaker will treat as CSV and capture accordingly." + }, + "jsonContentTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of all content type headers that SageMaker will treat as JSON and capture accordingly." + } + } + }, + "aws-native:sagemaker:InferenceExperimentDataStorageConfig": { + "type": "object", + "properties": { + "contentType": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentCaptureContentTypeHeader", + "description": "Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data." + }, + "destination": { + "type": "string", + "description": "The Amazon S3 bucket where the inference request and response data is stored." + }, + "kmsKey": { + "type": "string", + "description": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption." + } + } + }, + "aws-native:sagemaker:InferenceExperimentDesiredState": { + "type": "string" + }, + "aws-native:sagemaker:InferenceExperimentEndpointMetadata": { + "type": "object", + "properties": { + "endpointConfigName": { + "type": "string", + "description": "The name of the endpoint configuration." + }, + "endpointName": { + "type": "string", + "description": "The name of the endpoint." + }, + "endpointStatus": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentEndpointMetadataEndpointStatus", + "description": "The status of the endpoint. For possible values of the status of an endpoint." + } + } + }, + "aws-native:sagemaker:InferenceExperimentEndpointMetadataEndpointStatus": { + "type": "string" + }, + "aws-native:sagemaker:InferenceExperimentModelInfrastructureConfig": { + "type": "object", + "properties": { + "infrastructureType": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentModelInfrastructureConfigInfrastructureType", + "description": "The type of the inference experiment that you want to run." + }, + "realTimeInferenceConfig": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentRealTimeInferenceConfig", + "description": "The infrastructure configuration for deploying the model to real-time inference." + } + } + }, + "aws-native:sagemaker:InferenceExperimentModelInfrastructureConfigInfrastructureType": { + "type": "string" + }, + "aws-native:sagemaker:InferenceExperimentModelVariantConfig": { + "type": "object", + "properties": { + "infrastructureConfig": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentModelInfrastructureConfig", + "description": "The configuration for the infrastructure that the model will be deployed to." + }, + "modelName": { + "type": "string", + "description": "The name of the Amazon SageMaker Model entity." + }, + "variantName": { + "type": "string", + "description": "The name of the variant." + } + } + }, + "aws-native:sagemaker:InferenceExperimentRealTimeInferenceConfig": { + "type": "object", + "properties": { + "instanceCount": { + "type": "integer", + "description": "The number of instances of the type specified by InstanceType." + }, + "instanceType": { + "type": "string", + "description": "The instance type the model is deployed to." + } + } + }, + "aws-native:sagemaker:InferenceExperimentSchedule": { + "type": "object", + "properties": { + "endTime": { + "type": "string", + "description": "The timestamp at which the inference experiment ended or will end." + }, + "startTime": { + "type": "string", + "description": "The timestamp at which the inference experiment started or will start." + } + } + }, + "aws-native:sagemaker:InferenceExperimentShadowModeConfig": { + "type": "object", + "properties": { + "shadowModelVariants": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:InferenceExperimentShadowModelVariantConfig" + }, + "description": "List of shadow variant configurations." + }, + "sourceModelVariantName": { + "type": "string", + "description": "The name of the production variant, which takes all the inference requests." + } + } + }, + "aws-native:sagemaker:InferenceExperimentShadowModelVariantConfig": { + "type": "object", + "properties": { + "samplingPercentage": { + "type": "integer", + "description": "The percentage of inference requests that Amazon SageMaker replicates from the production variant to the shadow variant." + }, + "shadowModelVariantName": { + "type": "string", + "description": "The name of the shadow variant." + } + } + }, + "aws-native:sagemaker:InferenceExperimentStatus": { + "type": "string" + }, + "aws-native:sagemaker:InferenceExperimentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:InferenceExperimentType": { + "type": "string" + }, + "aws-native:sagemaker:MlflowTrackingServerTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:MlflowTrackingServerTrackingServerSize": { + "type": "string" + }, + "aws-native:sagemaker:ModelBiasJobDefinitionBatchTransformInput": { + "type": "object", + "properties": { + "dataCapturedDestinationS3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Batch Transform Job captures data." + }, + "datasetFormat": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionDatasetFormat", + "description": "The dataset format for your batch transform job." + }, + "endTimeOffset": { + "type": "string", + "description": "Monitoring end time offset, e.g. PT0H" + }, + "featuresAttribute": { + "type": "string", + "description": "JSONpath to locate features in JSONlines dataset" + }, + "inferenceAttribute": { + "type": "string", + "description": "Index or JSONpath to locate predicted label(s)" + }, + "localPath": { + "type": "string", + "description": "Path to the filesystem where the endpoint data is available to the container." + }, + "probabilityAttribute": { + "type": "string", + "description": "Index or JSONpath to locate probabilities" + }, + "probabilityThresholdAttribute": { + "type": "number", + "description": "The threshold for the class probability to be evaluated as a positive result." + }, + "s3DataDistributionType": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionBatchTransformInputS3DataDistributionType", + "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated" + }, + "s3InputMode": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionBatchTransformInputS3InputMode", + "description": "Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File." + }, + "startTimeOffset": { + "type": "string", + "description": "Monitoring start time offset, e.g. -PT1H" + } + }, + "irreversibleNames": { + "dataCapturedDestinationS3Uri": "DataCapturedDestinationS3Uri", + "s3DataDistributionType": "S3DataDistributionType", + "s3InputMode": "S3InputMode" + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionBatchTransformInputS3DataDistributionType": { + "type": "string" + }, + "aws-native:sagemaker:ModelBiasJobDefinitionBatchTransformInputS3InputMode": { + "type": "string" + }, + "aws-native:sagemaker:ModelBiasJobDefinitionClusterConfig": { + "type": "object", + "properties": { + "instanceCount": { + "type": "integer", + "description": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1." + }, + "instanceType": { + "type": "string", + "description": "The ML compute instance type for the processing job." + }, + "volumeKmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job." + }, + "volumeSizeInGb": { + "type": "integer", + "description": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario." + } + }, + "irreversibleNames": { + "volumeSizeInGb": "VolumeSizeInGB" + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionConstraintsResource": { + "type": "object", + "properties": { + "s3Uri": { + "type": "string", + "description": "The Amazon S3 URI for baseline constraint file in Amazon S3 that the current monitoring job should validated against." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionCsv": { + "type": "object", + "properties": { + "header": { + "type": "boolean", + "description": "A boolean flag indicating if given CSV has header" + } + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionDatasetFormat": { + "type": "object", + "properties": { + "csv": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionCsv" + }, + "json": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionJson" + }, + "parquet": { + "type": "boolean" + } + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionEndpointInput": { + "type": "object", + "properties": { + "endTimeOffset": { + "type": "string", + "description": "Monitoring end time offset, e.g. PT0H" + }, + "endpointName": { + "type": "string", + "description": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled." + }, + "featuresAttribute": { + "type": "string", + "description": "JSONpath to locate features in JSONlines dataset" + }, + "inferenceAttribute": { + "type": "string", + "description": "Index or JSONpath to locate predicted label(s)" + }, + "localPath": { + "type": "string", + "description": "Path to the filesystem where the endpoint data is available to the container." + }, + "probabilityAttribute": { + "type": "string", + "description": "Index or JSONpath to locate probabilities" + }, + "probabilityThresholdAttribute": { + "type": "number", + "description": "The threshold for the class probability to be evaluated as a positive result." + }, + "s3DataDistributionType": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionEndpointInputS3DataDistributionType", + "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated" + }, + "s3InputMode": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionEndpointInputS3InputMode", + "description": "Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File." + }, + "startTimeOffset": { + "type": "string", + "description": "Monitoring start time offset, e.g. -PT1H" + } + }, + "irreversibleNames": { + "s3DataDistributionType": "S3DataDistributionType", + "s3InputMode": "S3InputMode" + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionEndpointInputS3DataDistributionType": { + "type": "string" + }, + "aws-native:sagemaker:ModelBiasJobDefinitionEndpointInputS3InputMode": { + "type": "string" + }, + "aws-native:sagemaker:ModelBiasJobDefinitionJson": { + "type": "object", + "properties": { + "line": { + "type": "boolean", + "description": "A boolean flag indicating if it is JSON line format" + } + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionModelBiasAppSpecification": { + "type": "object", + "properties": { + "configUri": { + "type": "string", + "description": "The S3 URI to an analysis configuration file" + }, + "environment": { + "$ref": "pulumi.json#/Any", + "description": "Sets the environment variables in the Docker container" + }, + "imageUri": { + "type": "string", + "description": "The container image to be run by the monitoring job." + } + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionModelBiasBaselineConfig": { + "type": "object", + "properties": { + "baseliningJobName": { + "type": "string", + "description": "The name of the baseline model bias job." + }, + "constraintsResource": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionConstraintsResource", + "description": "The constraints resource for a monitoring job." + } + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionModelBiasJobInput": { + "type": "object", + "properties": { + "batchTransformInput": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionBatchTransformInput", + "description": "Input object for the batch transform job." + }, + "endpointInput": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionEndpointInput", + "description": "Input object for the endpoint" + }, + "groundTruthS3Input": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionMonitoringGroundTruthS3Input", + "description": "Location of ground truth labels to use in model bias job." + } + }, + "irreversibleNames": { + "groundTruthS3Input": "GroundTruthS3Input" + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionMonitoringGroundTruthS3Input": { + "type": "object", + "properties": { + "s3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionMonitoringOutput": { + "type": "object", + "properties": { + "s3Output": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionS3Output", + "description": "The Amazon S3 storage location where the results of a monitoring job are saved." + } + }, + "irreversibleNames": { + "s3Output": "S3Output" + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionMonitoringOutputConfig": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption." + }, + "monitoringOutputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionMonitoringOutput" + }, + "description": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded." + } + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionMonitoringResources": { + "type": "object", + "properties": { + "clusterConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionClusterConfig", + "description": "The configuration for the cluster resources used to run the processing job." + } + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionNetworkConfig": { + "type": "object", + "properties": { + "enableInterContainerTrafficEncryption": { + "type": "boolean", + "description": "Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer." + }, + "enableNetworkIsolation": { + "type": "boolean", + "description": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionVpcConfig", + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC." + } + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionS3Output": { + "type": "object", + "properties": { + "localPath": { + "type": "string", + "description": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data." + }, + "s3UploadMode": { + "$ref": "#/types/aws-native:sagemaker:ModelBiasJobDefinitionS3OutputS3UploadMode", + "description": "Whether to upload the results of the monitoring job continuously or after the job completes." + }, + "s3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job." + } + }, + "irreversibleNames": { + "s3UploadMode": "S3UploadMode", + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionS3OutputS3UploadMode": { + "type": "string" + }, + "aws-native:sagemaker:ModelBiasJobDefinitionStoppingCondition": { + "type": "object", + "properties": { + "maxRuntimeInSeconds": { + "type": "integer", + "description": "The maximum runtime allowed in seconds." + } + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:ModelBiasJobDefinitionVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of the subnets in the VPC to which you want to connect to your monitoring jobs." + } + } + }, + "aws-native:sagemaker:ModelCardAdditionalInformation": { + "type": "object", + "properties": { + "caveatsAndRecommendations": { + "type": "string", + "description": "Caveats and recommendations for people who might use this model in their applications." + }, + "customDetails": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "customer details." + }, + "ethicalConsiderations": { + "type": "string", + "description": "Any ethical considerations that the author wants to provide." + } + } + }, + "aws-native:sagemaker:ModelCardBarChartMetric": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "notes": { + "type": "string" + }, + "type": { + "$ref": "#/types/aws-native:sagemaker:ModelCardBarChartMetricType" + }, + "value": { + "type": "array", + "items": { + "type": "number" + } + }, + "xAxisName": { + "type": "array", + "items": { + "type": "string" + } + }, + "yAxisName": { + "type": "string" + } + } + }, + "aws-native:sagemaker:ModelCardBarChartMetricType": { + "type": "string" + }, + "aws-native:sagemaker:ModelCardBusinessDetails": { + "type": "object", + "properties": { + "businessProblem": { + "type": "string", + "description": "What business problem does the model solve?" + }, + "businessStakeholders": { + "type": "string", + "description": "Business stakeholders." + }, + "lineOfBusiness": { + "type": "string", + "description": "Line of business." + } + } + }, + "aws-native:sagemaker:ModelCardContainer": { + "type": "object", + "properties": { + "image": { + "type": "string", + "description": "Inference environment path. The Amazon EC2 Container Registry (Amazon ECR) path where inference code is stored." + }, + "modelDataUrl": { + "type": "string", + "description": "The Amazon S3 path where the model artifacts, which result from model training, are stored." + }, + "nearestModelName": { + "type": "string", + "description": "The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model." + } + } + }, + "aws-native:sagemaker:ModelCardContent": { + "type": "object", + "properties": { + "additionalInformation": { + "$ref": "#/types/aws-native:sagemaker:ModelCardAdditionalInformation", + "description": "Additional information about the model." + }, + "businessDetails": { + "$ref": "#/types/aws-native:sagemaker:ModelCardBusinessDetails", + "description": "Information about how the model supports business goals." + }, + "evaluationDetails": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelCardEvaluationDetail" + }, + "description": "An overview about the model's evaluation." + }, + "intendedUses": { + "$ref": "#/types/aws-native:sagemaker:ModelCardIntendedUses", + "description": "The intended usage of the model." + }, + "modelOverview": { + "$ref": "#/types/aws-native:sagemaker:ModelCardModelOverview", + "description": "An overview about the model" + }, + "modelPackageDetails": { + "$ref": "#/types/aws-native:sagemaker:ModelCardModelPackageDetails" + }, + "trainingDetails": { + "$ref": "#/types/aws-native:sagemaker:ModelCardTrainingDetails", + "description": "An overview about model training." + } + } + }, + "aws-native:sagemaker:ModelCardEvaluationDetail": { + "type": "object", + "properties": { + "datasets": { + "type": "array", + "items": { + "type": "string" + } + }, + "evaluationJobArn": { + "type": "string" + }, + "evaluationObservation": { + "type": "string" + }, + "metadata": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "additional attributes associated with the evaluation results." + }, + "metricGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelCardMetricGroup" + } + }, + "name": { + "type": "string" + } + } + }, + "aws-native:sagemaker:ModelCardInferenceSpecification": { + "type": "object", + "properties": { + "containers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelCardContainer" + }, + "description": "Contains inference related information which were used to create model package." + } + } + }, + "aws-native:sagemaker:ModelCardIntendedUses": { + "type": "object", + "properties": { + "explanationsForRiskRating": { + "type": "string", + "description": "An explanation of why your organization categorizes the model with its risk rating." + }, + "factorsAffectingModelEfficiency": { + "type": "string", + "description": "Factors affecting model efficacy." + }, + "intendedUses": { + "type": "string", + "description": "intended use cases." + }, + "purposeOfModel": { + "type": "string", + "description": "Why the model was developed?" + }, + "riskRating": { + "$ref": "#/types/aws-native:sagemaker:ModelCardRiskRating", + "description": "Your organization's risk rating. You can specify one the following values as the risk rating:\n\n- High\n- Medium\n- Low\n- Unknown" + } + } + }, + "aws-native:sagemaker:ModelCardLinearGraphMetric": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "notes": { + "type": "string" + }, + "type": { + "$ref": "#/types/aws-native:sagemaker:ModelCardLinearGraphMetricType" + }, + "value": { + "type": "array", + "items": { + "type": "array", + "items": { + "type": "number" + } + } + }, + "xAxisName": { + "type": "string" + }, + "yAxisName": { + "type": "string" + } + } + }, + "aws-native:sagemaker:ModelCardLinearGraphMetricType": { + "type": "string" + }, + "aws-native:sagemaker:ModelCardMatrixMetric": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "notes": { + "type": "string" + }, + "type": { + "$ref": "#/types/aws-native:sagemaker:ModelCardMatrixMetricType" + }, + "value": { + "type": "array", + "items": { + "type": "array", + "items": { + "type": "number" + } + } + }, + "xAxisName": { + "type": "array", + "items": { + "type": "string" + } + }, + "yAxisName": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:sagemaker:ModelCardMatrixMetricType": { + "type": "string" + }, + "aws-native:sagemaker:ModelCardMetricGroup": { + "type": "object", + "properties": { + "metricData": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:sagemaker:ModelCardSimpleMetric" + }, + { + "$ref": "#/types/aws-native:sagemaker:ModelCardLinearGraphMetric" + }, + { + "$ref": "#/types/aws-native:sagemaker:ModelCardBarChartMetric" + }, + { + "$ref": "#/types/aws-native:sagemaker:ModelCardMatrixMetric" + } + ] + } + }, + "name": { + "type": "string" + } + } + }, + "aws-native:sagemaker:ModelCardModelOverview": { + "type": "object", + "properties": { + "algorithmType": { + "type": "string", + "description": "Algorithm used to solve the problem." + }, + "inferenceEnvironment": { + "$ref": "#/types/aws-native:sagemaker:ModelCardModelOverviewInferenceEnvironmentProperties", + "description": "Overview about the inference." + }, + "modelArtifact": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Location of the model artifact." + }, + "modelCreator": { + "type": "string", + "description": "Creator of model." + }, + "modelDescription": { + "type": "string", + "description": "description of model." + }, + "modelId": { + "type": "string", + "description": "SageMaker Model Arn or Non SageMaker Model id." + }, + "modelName": { + "type": "string", + "description": "Name of the model." + }, + "modelOwner": { + "type": "string", + "description": "Owner of model." + }, + "modelVersion": { + "type": "number", + "description": "Version of the model." + }, + "problemType": { + "type": "string", + "description": "Problem being solved with the model." + } + } + }, + "aws-native:sagemaker:ModelCardModelOverviewInferenceEnvironmentProperties": { + "type": "object", + "properties": { + "containerImage": { + "type": "array", + "items": { + "type": "string" + }, + "description": "SageMaker inference image uri." + } + } + }, + "aws-native:sagemaker:ModelCardModelPackageCreator": { + "type": "object", + "properties": { + "userProfileName": { + "type": "string", + "description": "The name of the user's profile in Studio" + } + } + }, + "aws-native:sagemaker:ModelCardModelPackageDetails": { + "type": "object", + "properties": { + "approvalDescription": { + "type": "string", + "description": "A description provided for the model approval" + }, + "createdBy": { + "$ref": "#/types/aws-native:sagemaker:ModelCardModelPackageCreator", + "description": "Information about the user who created model package." + }, + "domain": { + "type": "string", + "description": "The machine learning domain of the model package you specified. Common machine learning domains include computer vision and natural language processing." + }, + "inferenceSpecification": { + "$ref": "#/types/aws-native:sagemaker:ModelCardInferenceSpecification", + "description": "Details about inference jobs that can be run with models based on this model package." + }, + "modelApprovalStatus": { + "$ref": "#/types/aws-native:sagemaker:ModelCardModelPackageDetailsModelApprovalStatus", + "description": "Current approval status of model package" + }, + "modelPackageArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the model package" + }, + "modelPackageDescription": { + "type": "string", + "description": "A brief summary of the model package" + }, + "modelPackageGroupName": { + "type": "string", + "description": "If the model is a versioned model, the name of the model group that the versioned model belongs to." + }, + "modelPackageName": { + "type": "string", + "description": "Name of the model package" + }, + "modelPackageStatus": { + "$ref": "#/types/aws-native:sagemaker:ModelCardModelPackageDetailsModelPackageStatus", + "description": "Current status of model package" + }, + "modelPackageVersion": { + "type": "number", + "description": "Version of the model package" + }, + "sourceAlgorithms": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelCardSourceAlgorithm" + }, + "description": "A list of algorithms that were used to create a model package." + }, + "task": { + "type": "string", + "description": "The machine learning task you specified that your model package accomplishes. Common machine learning tasks include object detection and image classification." + } + } + }, + "aws-native:sagemaker:ModelCardModelPackageDetailsModelApprovalStatus": { + "type": "string" + }, + "aws-native:sagemaker:ModelCardModelPackageDetailsModelPackageStatus": { + "type": "string" + }, + "aws-native:sagemaker:ModelCardObjectiveFunction": { + "type": "object", + "properties": { + "function": { + "$ref": "#/types/aws-native:sagemaker:ModelCardObjectiveFunctionFunctionProperties", + "description": "objective function that training job is optimized for." + }, + "notes": { + "type": "string", + "description": "Notes about the object function, including other considerations for possible objective functions." + } + } + }, + "aws-native:sagemaker:ModelCardObjectiveFunctionFunctionProperties": { + "type": "object", + "properties": { + "condition": { + "type": "string" + }, + "facet": { + "type": "string" + }, + "function": { + "$ref": "#/types/aws-native:sagemaker:ModelCardObjectiveFunctionFunctionPropertiesFunction" + } + } + }, + "aws-native:sagemaker:ModelCardObjectiveFunctionFunctionPropertiesFunction": { + "type": "string" + }, + "aws-native:sagemaker:ModelCardProcessingStatus": { + "type": "string" + }, + "aws-native:sagemaker:ModelCardRiskRating": { + "type": "string" + }, + "aws-native:sagemaker:ModelCardSecurityConfig": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "A Key Management Service key ID to use for encrypting a model card." + } + } + }, + "aws-native:sagemaker:ModelCardSimpleMetric": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "notes": { + "type": "string" + }, + "type": { + "$ref": "#/types/aws-native:sagemaker:ModelCardSimpleMetricType" + }, + "value": { + "oneOf": [ + { + "type": "number" + }, + { + "type": "string" + }, + { + "type": "boolean" + } + ] + }, + "xAxisName": { + "type": "string" + }, + "yAxisName": { + "type": "string" + } + } + }, + "aws-native:sagemaker:ModelCardSimpleMetricType": { + "type": "string" + }, + "aws-native:sagemaker:ModelCardSourceAlgorithm": { + "type": "object", + "properties": { + "algorithmName": { + "type": "string", + "description": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to." + }, + "modelDataUrl": { + "type": "string", + "description": "The Amazon S3 path where the model artifacts, which result from model training, are stored." + } + } + }, + "aws-native:sagemaker:ModelCardStatus": { + "type": "string" + }, + "aws-native:sagemaker:ModelCardTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key. Tag keys must be unique per resource." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:sagemaker:ModelCardTrainingDetails": { + "type": "object", + "properties": { + "objectiveFunction": { + "$ref": "#/types/aws-native:sagemaker:ModelCardObjectiveFunction", + "description": "The function that is optimized during model training." + }, + "trainingJobDetails": { + "$ref": "#/types/aws-native:sagemaker:ModelCardTrainingDetailsTrainingJobDetailsProperties", + "description": "Details about any associated training jobs." + }, + "trainingObservations": { + "type": "string", + "description": "Any observations about training." + } + } + }, + "aws-native:sagemaker:ModelCardTrainingDetailsTrainingJobDetailsProperties": { + "type": "object", + "properties": { + "hyperParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelCardTrainingHyperParameter" + } + }, + "trainingArn": { + "type": "string", + "description": "SageMaker Training job arn." + }, + "trainingDatasets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Location of the model datasets." + }, + "trainingEnvironment": { + "$ref": "#/types/aws-native:sagemaker:ModelCardTrainingDetailsTrainingJobDetailsPropertiesTrainingEnvironmentProperties" + }, + "trainingMetrics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelCardTrainingMetric" + } + }, + "userProvidedHyperParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelCardTrainingHyperParameter" + } + }, + "userProvidedTrainingMetrics": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelCardTrainingMetric" + } + } + } + }, + "aws-native:sagemaker:ModelCardTrainingDetailsTrainingJobDetailsPropertiesTrainingEnvironmentProperties": { + "type": "object", + "properties": { + "containerImage": { + "type": "array", + "items": { + "type": "string" + }, + "description": "SageMaker training image uri." + } + } + }, + "aws-native:sagemaker:ModelCardTrainingHyperParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the hyper parameter." + }, + "value": { + "type": "string", + "description": "The value specified for the hyper parameter." + } + } + }, + "aws-native:sagemaker:ModelCardTrainingMetric": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the result from the SageMaker training job." + }, + "notes": { + "type": "string", + "description": "Any additional notes describing the result of the training job." + }, + "value": { + "type": "number", + "description": "The value of a result from the SageMaker training job." + } + } + }, + "aws-native:sagemaker:ModelCardUserContext": { + "type": "object", + "properties": { + "domainId": { + "type": "string", + "description": "The domain associated with the user." + }, + "userProfileArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the user's profile." + }, + "userProfileName": { + "type": "string", + "description": "The name of the user's profile." + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionBatchTransformInput": { + "type": "object", + "properties": { + "dataCapturedDestinationS3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Batch Transform Job captures data." + }, + "datasetFormat": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionDatasetFormat", + "description": "The dataset format for your batch transform job." + }, + "featuresAttribute": { + "type": "string", + "description": "JSONpath to locate features in JSONlines dataset" + }, + "inferenceAttribute": { + "type": "string", + "description": "Index or JSONpath to locate predicted label(s)" + }, + "localPath": { + "type": "string", + "description": "Path to the filesystem where the endpoint data is available to the container." + }, + "probabilityAttribute": { + "type": "string", + "description": "Index or JSONpath to locate probabilities" + }, + "s3DataDistributionType": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionBatchTransformInputS3DataDistributionType", + "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated" + }, + "s3InputMode": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionBatchTransformInputS3InputMode", + "description": "Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File." + } + }, + "irreversibleNames": { + "dataCapturedDestinationS3Uri": "DataCapturedDestinationS3Uri", + "s3DataDistributionType": "S3DataDistributionType", + "s3InputMode": "S3InputMode" + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionBatchTransformInputS3DataDistributionType": { + "type": "string" + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionBatchTransformInputS3InputMode": { + "type": "string" + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionClusterConfig": { + "type": "object", + "properties": { + "instanceCount": { + "type": "integer", + "description": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1." + }, + "instanceType": { + "type": "string", + "description": "The ML compute instance type for the processing job." + }, + "volumeKmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job." + }, + "volumeSizeInGb": { + "type": "integer", + "description": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario." + } + }, + "irreversibleNames": { + "volumeSizeInGb": "VolumeSizeInGB" + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionConstraintsResource": { + "type": "object", + "properties": { + "s3Uri": { + "type": "string", + "description": "The Amazon S3 URI for baseline constraint file in Amazon S3 that the current monitoring job should validated against." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionCsv": { + "type": "object", + "properties": { + "header": { + "type": "boolean", + "description": "A boolean flag indicating if given CSV has header" + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionDatasetFormat": { + "type": "object", + "properties": { + "csv": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionCsv" + }, + "json": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionJson" + }, + "parquet": { + "type": "boolean" + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionEndpointInput": { + "type": "object", + "properties": { + "endpointName": { + "type": "string", + "description": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled." + }, + "featuresAttribute": { + "type": "string", + "description": "JSONpath to locate features in JSONlines dataset" + }, + "inferenceAttribute": { + "type": "string", + "description": "Index or JSONpath to locate predicted label(s)" + }, + "localPath": { + "type": "string", + "description": "Path to the filesystem where the endpoint data is available to the container." + }, + "probabilityAttribute": { + "type": "string", + "description": "Index or JSONpath to locate probabilities" + }, + "s3DataDistributionType": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionEndpointInputS3DataDistributionType", + "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated" + }, + "s3InputMode": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionEndpointInputS3InputMode", + "description": "Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File." + } + }, + "irreversibleNames": { + "s3DataDistributionType": "S3DataDistributionType", + "s3InputMode": "S3InputMode" + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionEndpointInputS3DataDistributionType": { + "type": "string" + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionEndpointInputS3InputMode": { + "type": "string" + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionJson": { + "type": "object", + "properties": { + "line": { + "type": "boolean", + "description": "A boolean flag indicating if it is JSON line format" + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionModelExplainabilityAppSpecification": { + "type": "object", + "properties": { + "configUri": { + "type": "string", + "description": "The S3 URI to an analysis configuration file" + }, + "environment": { + "$ref": "pulumi.json#/Any", + "description": "Sets the environment variables in the Docker container" + }, + "imageUri": { + "type": "string", + "description": "The container image to be run by the monitoring job." + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionModelExplainabilityBaselineConfig": { + "type": "object", + "properties": { + "baseliningJobName": { + "type": "string", + "description": "The name of the baseline model explainability job." + }, + "constraintsResource": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionConstraintsResource", + "description": "The constraints resource for a model explainability job." + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionModelExplainabilityJobInput": { + "type": "object", + "properties": { + "batchTransformInput": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionBatchTransformInput", + "description": "Input object for the batch transform job." + }, + "endpointInput": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionEndpointInput", + "description": "Input object for the endpoint" + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionMonitoringOutput": { + "type": "object", + "properties": { + "s3Output": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionS3Output", + "description": "The Amazon S3 storage location where the results of a monitoring job are saved." + } + }, + "irreversibleNames": { + "s3Output": "S3Output" + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionMonitoringOutputConfig": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption." + }, + "monitoringOutputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionMonitoringOutput" + }, + "description": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded." + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionMonitoringResources": { + "type": "object", + "properties": { + "clusterConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionClusterConfig", + "description": "The configuration for the cluster resources used to run the processing job." + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionNetworkConfig": { + "type": "object", + "properties": { + "enableInterContainerTrafficEncryption": { + "type": "boolean", + "description": "Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer." + }, + "enableNetworkIsolation": { + "type": "boolean", + "description": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionVpcConfig", + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC." + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionS3Output": { + "type": "object", + "properties": { + "localPath": { + "type": "string", + "description": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data." + }, + "s3UploadMode": { + "$ref": "#/types/aws-native:sagemaker:ModelExplainabilityJobDefinitionS3OutputS3UploadMode", + "description": "Whether to upload the results of the monitoring job continuously or after the job completes." + }, + "s3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job." + } + }, + "irreversibleNames": { + "s3UploadMode": "S3UploadMode", + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionS3OutputS3UploadMode": { + "type": "string" + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionStoppingCondition": { + "type": "object", + "properties": { + "maxRuntimeInSeconds": { + "type": "integer", + "description": "The maximum runtime allowed in seconds." + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:ModelExplainabilityJobDefinitionVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of the subnets in the VPC to which you want to connect to your monitoring jobs." + } + } + }, + "aws-native:sagemaker:ModelPackageAdditionalInferenceSpecificationDefinition": { + "type": "object", + "properties": { + "containers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageContainerDefinition" + }, + "description": "The Amazon ECR registry path of the Docker image that contains the inference code." + }, + "description": { + "type": "string", + "description": "A description of the additional Inference specification." + }, + "name": { + "type": "string", + "description": "A unique name to identify the additional inference specification. The name must be unique within the list of your additional inference specifications for a particular model package." + }, + "supportedContentTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The supported MIME types for the input data." + }, + "supportedRealtimeInferenceInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the instance types that are used to generate inferences in real-time" + }, + "supportedResponseMimeTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The supported MIME types for the output data." + }, + "supportedTransformInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed." + } + }, + "irreversibleNames": { + "supportedResponseMimeTypes": "SupportedResponseMIMETypes" + } + }, + "aws-native:sagemaker:ModelPackageBias": { + "type": "object", + "properties": { + "postTrainingReport": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "The post-training bias report for a model." + }, + "preTrainingReport": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "The pre-training bias report for a model." + }, + "report": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "The bias report for a model" + } + } + }, + "aws-native:sagemaker:ModelPackageContainerDefinition": { + "type": "object", + "properties": { + "containerHostname": { + "type": "string", + "description": "The DNS host name for the Docker container." + }, + "environment": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageEnvironment" + }, + "framework": { + "type": "string", + "description": "The machine learning framework of the model package container image." + }, + "frameworkVersion": { + "type": "string", + "description": "The framework version of the Model Package Container Image." + }, + "image": { + "type": "string", + "description": "The Amazon EC2 Container Registry (Amazon ECR) path where inference code is stored." + }, + "imageDigest": { + "type": "string", + "description": "An MD5 hash of the training algorithm that identifies the Docker image used for training." + }, + "modelDataSource": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageModelDataSource" + }, + "modelDataUrl": { + "type": "string", + "description": "A structure with Model Input details." + }, + "modelInput": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageContainerDefinitionModelInputProperties" + }, + "nearestModelName": { + "type": "string", + "description": "The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model." + } + } + }, + "aws-native:sagemaker:ModelPackageContainerDefinitionModelInputProperties": { + "type": "object", + "properties": { + "dataInputConfig": { + "type": "string", + "description": "The input configuration object for the model." + } + } + }, + "aws-native:sagemaker:ModelPackageCustomerMetadataProperties": { + "type": "object" + }, + "aws-native:sagemaker:ModelPackageDataSource": { + "type": "object", + "properties": { + "s3DataSource": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageS3DataSource", + "description": "The S3 location of the data source that is associated with a channel." + } + }, + "irreversibleNames": { + "s3DataSource": "S3DataSource" + } + }, + "aws-native:sagemaker:ModelPackageDriftCheckBaselines": { + "type": "object", + "properties": { + "bias": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageDriftCheckBias", + "description": "Represents the drift check bias baselines that can be used when the model monitor is set using the model package." + }, + "explainability": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageDriftCheckExplainability", + "description": "Represents the drift check explainability baselines that can be used when the model monitor is set using the model package." + }, + "modelDataQuality": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageDriftCheckModelDataQuality", + "description": "Represents the drift check model data quality baselines that can be used when the model monitor is set using the model package." + }, + "modelQuality": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageDriftCheckModelQuality", + "description": "Represents the drift check model quality baselines that can be used when the model monitor is set using the model package." + } + } + }, + "aws-native:sagemaker:ModelPackageDriftCheckBias": { + "type": "object", + "properties": { + "configFile": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageFileSource", + "description": "The bias config file for a model." + }, + "postTrainingConstraints": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "The post-training constraints." + }, + "preTrainingConstraints": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "The pre-training constraints." + } + } + }, + "aws-native:sagemaker:ModelPackageDriftCheckExplainability": { + "type": "object", + "properties": { + "configFile": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageFileSource", + "description": "The explainability config file for the model." + }, + "constraints": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "The drift check explainability constraints." + } + } + }, + "aws-native:sagemaker:ModelPackageDriftCheckModelDataQuality": { + "type": "object", + "properties": { + "constraints": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "The drift check model data quality constraints." + }, + "statistics": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "The drift check model data quality statistics." + } + } + }, + "aws-native:sagemaker:ModelPackageDriftCheckModelQuality": { + "type": "object", + "properties": { + "constraints": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "The drift check model quality constraints." + }, + "statistics": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "The drift check model quality statistics." + } + } + }, + "aws-native:sagemaker:ModelPackageEnvironment": { + "type": "object" + }, + "aws-native:sagemaker:ModelPackageExplainability": { + "type": "object", + "properties": { + "report": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "The explainability report for a model." + } + } + }, + "aws-native:sagemaker:ModelPackageFileSource": { + "type": "object", + "properties": { + "contentDigest": { + "type": "string", + "description": "The digest of the file source." + }, + "contentType": { + "type": "string", + "description": "The type of content stored in the file source." + }, + "s3Uri": { + "type": "string", + "description": "The Amazon S3 URI for the file source." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelPackageGroupStatus": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:ModelPackageInferenceSpecification": { + "type": "object", + "properties": { + "containers": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageContainerDefinition" + }, + "description": "The Amazon ECR registry path of the Docker image that contains the inference code." + }, + "supportedContentTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The supported MIME types for the input data." + }, + "supportedRealtimeInferenceInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the instance types that are used to generate inferences in real-time" + }, + "supportedResponseMimeTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The supported MIME types for the output data." + }, + "supportedTransformInstanceTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed." + } + }, + "irreversibleNames": { + "supportedResponseMimeTypes": "SupportedResponseMIMETypes" + } + }, + "aws-native:sagemaker:ModelPackageMetadataProperties": { + "type": "object", + "properties": { + "commitId": { + "type": "string", + "description": "The commit ID." + }, + "generatedBy": { + "type": "string", + "description": "The entity this entity was generated by." + }, + "projectId": { + "type": "string", + "description": "The project ID metadata." + }, + "repository": { + "type": "string", + "description": "The repository metadata." + } + } + }, + "aws-native:sagemaker:ModelPackageMetricsSource": { + "type": "object", + "properties": { + "contentDigest": { + "type": "string", + "description": "The digest of the metric source." + }, + "contentType": { + "type": "string", + "description": "The type of content stored in the metric source." + }, + "s3Uri": { + "type": "string", + "description": "The Amazon S3 URI for the metric source." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelPackageModelAccessConfig": { + "type": "object", + "properties": { + "acceptEula": { + "type": "boolean", + "description": "Specifies agreement to the model end-user license agreement (EULA)." + } + } + }, + "aws-native:sagemaker:ModelPackageModelApprovalStatus": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageModelCard": { + "type": "object", + "properties": { + "modelCardContent": { + "type": "string", + "description": "The content of the model card." + }, + "modelCardStatus": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageModelCardModelCardStatus", + "description": "The approval status of the model card within your organization." + } + } + }, + "aws-native:sagemaker:ModelPackageModelCardModelCardStatus": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageModelDataQuality": { + "type": "object", + "properties": { + "constraints": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "Data quality constraints for a model." + }, + "statistics": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "Data quality statistics for a model." + } + } + }, + "aws-native:sagemaker:ModelPackageModelDataSource": { + "type": "object", + "properties": { + "s3DataSource": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageS3ModelDataSource" + } + }, + "irreversibleNames": { + "s3DataSource": "S3DataSource" + } + }, + "aws-native:sagemaker:ModelPackageModelMetrics": { + "type": "object", + "properties": { + "bias": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageBias", + "description": "Metrics that measure bias in a model." + }, + "explainability": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageExplainability", + "description": "Metrics that help explain a model." + }, + "modelDataQuality": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageModelDataQuality", + "description": "Metrics that measure the quality of the input data for a model." + }, + "modelQuality": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageModelQuality", + "description": "Metrics that measure the quality of a model." + } + } + }, + "aws-native:sagemaker:ModelPackageModelQuality": { + "type": "object", + "properties": { + "constraints": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "Model quality constraints." + }, + "statistics": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageMetricsSource", + "description": "Model quality statistics." + } + } + }, + "aws-native:sagemaker:ModelPackageS3DataSource": { + "type": "object", + "properties": { + "s3DataType": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageS3DataSourceS3DataType", + "description": "The S3 Data Source Type" + }, + "s3Uri": { + "type": "string", + "description": "Depending on the value specified for the S3DataType, identifies either a key name prefix or a manifest." + } + }, + "irreversibleNames": { + "s3DataType": "S3DataType", + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelPackageS3DataSourceS3DataType": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageS3ModelDataSource": { + "type": "object", + "properties": { + "compressionType": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageS3ModelDataSourceCompressionType", + "description": "Specifies how the ML model data is prepared." + }, + "modelAccessConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageModelAccessConfig" + }, + "s3DataType": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageS3ModelDataSourceS3DataType", + "description": "Specifies the type of ML model data to deploy." + }, + "s3Uri": { + "type": "string", + "description": "Specifies the S3 path of ML model data to deploy." + } + }, + "irreversibleNames": { + "s3DataType": "S3DataType", + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelPackageS3ModelDataSourceCompressionType": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageS3ModelDataSourceS3DataType": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageSecurityConfig": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The AWS KMS Key ID (KMSKeyId) used for encryption of model package information." + } + } + }, + "aws-native:sagemaker:ModelPackageSkipModelValidation": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageSourceAlgorithm": { + "type": "object", + "properties": { + "algorithmName": { + "type": "string", + "description": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your Amazon SageMaker account or an algorithm in AWS Marketplace that you are subscribed to." + }, + "modelDataUrl": { + "type": "string", + "description": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix)." + } + } + }, + "aws-native:sagemaker:ModelPackageSourceAlgorithmSpecification": { + "type": "object", + "properties": { + "sourceAlgorithms": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageSourceAlgorithm" + }, + "description": "A list of algorithms that were used to create a model package." + } + } + }, + "aws-native:sagemaker:ModelPackageStatus": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageStatusDetails": { + "type": "object", + "properties": { + "validationStatuses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageStatusItem" + }, + "description": "The validation status of the model package." + } + } + }, + "aws-native:sagemaker:ModelPackageStatusItem": { + "type": "object", + "properties": { + "failureReason": { + "type": "string", + "description": "If the overall status is Failed, the reason for the failure." + }, + "name": { + "type": "string", + "description": "The name of the model package for which the overall status is being reported." + }, + "status": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageStatusItemStatus", + "description": "The current status." + } + } + }, + "aws-native:sagemaker:ModelPackageStatusItemStatus": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:sagemaker:ModelPackageTransformInput": { + "type": "object", + "properties": { + "compressionType": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageTransformInputCompressionType", + "description": "If your transform data is compressed, specify the compression type. Amazon SageMaker automatically decompresses the data for the transform job accordingly. The default value is None." + }, + "contentType": { + "type": "string", + "description": "The multipurpose internet mail extension (MIME) type of the data. Amazon SageMaker uses the MIME type with each http call to transfer data to the transform job." + }, + "dataSource": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageDataSource", + "description": "Describes the location of the channel data, which is, the S3 location of the input data that the model can consume." + }, + "splitType": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageTransformInputSplitType", + "description": "The method to use to split the transform job's data files into smaller batches. " + } + } + }, + "aws-native:sagemaker:ModelPackageTransformInputCompressionType": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageTransformInputSplitType": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageTransformJobDefinition": { + "type": "object", + "properties": { + "batchStrategy": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageTransformJobDefinitionBatchStrategy", + "description": "A string that determines the number of records included in a single mini-batch." + }, + "environment": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageEnvironment", + "description": "The environment variables to set in the Docker container. We support up to 16 key and values entries in the map." + }, + "maxConcurrentTransforms": { + "type": "integer", + "description": "The maximum number of parallel requests that can be sent to each instance in a transform job. The default value is 1." + }, + "maxPayloadInMb": { + "type": "integer", + "description": "The maximum payload size allowed, in MB. A payload is the data portion of a record (without metadata)." + }, + "transformInput": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageTransformInput", + "description": "A description of the input source and the way the transform job consumes it." + }, + "transformOutput": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageTransformOutput", + "description": "Identifies the Amazon S3 location where you want Amazon SageMaker to save the results from the transform job." + }, + "transformResources": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageTransformResources", + "description": "Identifies the ML compute instances for the transform job." + } + }, + "irreversibleNames": { + "maxPayloadInMb": "MaxPayloadInMB" + } + }, + "aws-native:sagemaker:ModelPackageTransformJobDefinitionBatchStrategy": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageTransformOutput": { + "type": "object", + "properties": { + "accept": { + "type": "string", + "description": "The MIME type used to specify the output data. Amazon SageMaker uses the MIME type with each http call to transfer data from the transform job." + }, + "assembleWith": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageTransformOutputAssembleWith", + "description": "Defines how to assemble the results of the transform job as a single S3 object." + }, + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption." + }, + "s3OutputPath": { + "type": "string", + "description": "The Amazon S3 path where you want Amazon SageMaker to store the results of the transform job." + } + }, + "irreversibleNames": { + "s3OutputPath": "S3OutputPath" + } + }, + "aws-native:sagemaker:ModelPackageTransformOutputAssembleWith": { + "type": "string" + }, + "aws-native:sagemaker:ModelPackageTransformResources": { + "type": "object", + "properties": { + "instanceCount": { + "type": "integer", + "description": "The number of ML compute instances to use in the transform job. For distributed transform jobs, specify a value greater than 1. The default value is 1." + }, + "instanceType": { + "type": "string", + "description": "The ML compute instance type for the transform job." + }, + "volumeKmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt model data on the storage volume attached to the ML compute instance(s) that run the batch transform job." + } + } + }, + "aws-native:sagemaker:ModelPackageValidationProfile": { + "type": "object", + "properties": { + "profileName": { + "type": "string", + "description": "The name of the profile for the model package." + }, + "transformJobDefinition": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageTransformJobDefinition", + "description": "The `TransformJobDefinition` object that describes the transform job used for the validation of the model package." + } + } + }, + "aws-native:sagemaker:ModelPackageValidationSpecification": { + "type": "object", + "properties": { + "validationProfiles": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelPackageValidationProfile" + }, + "description": "An array of `ModelPackageValidationProfile` objects, each of which specifies a batch transform job that SageMaker runs to validate your model package." + }, + "validationRole": { + "type": "string", + "description": "The IAM roles to be used for the validation of the model package." + } + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionBatchTransformInput": { + "type": "object", + "properties": { + "dataCapturedDestinationS3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Batch Transform Job captures data." + }, + "datasetFormat": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionDatasetFormat", + "description": "The dataset format for your batch transform job." + }, + "endTimeOffset": { + "type": "string", + "description": "Monitoring end time offset, e.g. PT0H" + }, + "inferenceAttribute": { + "type": "string", + "description": "Index or JSONpath to locate predicted label(s)" + }, + "localPath": { + "type": "string", + "description": "Path to the filesystem where the endpoint data is available to the container." + }, + "probabilityAttribute": { + "type": "string", + "description": "Index or JSONpath to locate probabilities" + }, + "probabilityThresholdAttribute": { + "type": "number", + "description": "The threshold for the class probability to be evaluated as a positive result." + }, + "s3DataDistributionType": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionBatchTransformInputS3DataDistributionType", + "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated" + }, + "s3InputMode": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionBatchTransformInputS3InputMode", + "description": "Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File." + }, + "startTimeOffset": { + "type": "string", + "description": "Monitoring start time offset, e.g. -PT1H" + } + }, + "irreversibleNames": { + "dataCapturedDestinationS3Uri": "DataCapturedDestinationS3Uri", + "s3DataDistributionType": "S3DataDistributionType", + "s3InputMode": "S3InputMode" + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionBatchTransformInputS3DataDistributionType": { + "type": "string" + }, + "aws-native:sagemaker:ModelQualityJobDefinitionBatchTransformInputS3InputMode": { + "type": "string" + }, + "aws-native:sagemaker:ModelQualityJobDefinitionClusterConfig": { + "type": "object", + "properties": { + "instanceCount": { + "type": "integer", + "description": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1." + }, + "instanceType": { + "type": "string", + "description": "The ML compute instance type for the processing job." + }, + "volumeKmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job." + }, + "volumeSizeInGb": { + "type": "integer", + "description": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario." + } + }, + "irreversibleNames": { + "volumeSizeInGb": "VolumeSizeInGB" + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionConstraintsResource": { + "type": "object", + "properties": { + "s3Uri": { + "type": "string", + "description": "The Amazon S3 URI for baseline constraint file in Amazon S3 that the current monitoring job should validated against." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionCsv": { + "type": "object", + "properties": { + "header": { + "type": "boolean", + "description": "A boolean flag indicating if given CSV has header" + } + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionDatasetFormat": { + "type": "object", + "properties": { + "csv": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionCsv" + }, + "json": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionJson" + }, + "parquet": { + "type": "boolean" + } + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionEndpointInput": { + "type": "object", + "properties": { + "endTimeOffset": { + "type": "string", + "description": "Monitoring end time offset, e.g. PT0H" + }, + "endpointName": { + "type": "string", + "description": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled." + }, + "inferenceAttribute": { + "type": "string", + "description": "Index or JSONpath to locate predicted label(s)" + }, + "localPath": { + "type": "string", + "description": "Path to the filesystem where the endpoint data is available to the container." + }, + "probabilityAttribute": { + "type": "string", + "description": "Index or JSONpath to locate probabilities" + }, + "probabilityThresholdAttribute": { + "type": "number", + "description": "The threshold for the class probability to be evaluated as a positive result." + }, + "s3DataDistributionType": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionEndpointInputS3DataDistributionType", + "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated" + }, + "s3InputMode": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionEndpointInputS3InputMode", + "description": "Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File." + }, + "startTimeOffset": { + "type": "string", + "description": "Monitoring start time offset, e.g. -PT1H" + } + }, + "irreversibleNames": { + "s3DataDistributionType": "S3DataDistributionType", + "s3InputMode": "S3InputMode" + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionEndpointInputS3DataDistributionType": { + "type": "string" + }, + "aws-native:sagemaker:ModelQualityJobDefinitionEndpointInputS3InputMode": { + "type": "string" + }, + "aws-native:sagemaker:ModelQualityJobDefinitionJson": { + "type": "object", + "properties": { + "line": { + "type": "boolean", + "description": "A boolean flag indicating if it is JSON line format" + } + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionModelQualityAppSpecification": { + "type": "object", + "properties": { + "containerArguments": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of arguments for the container used to run the monitoring job." + }, + "containerEntrypoint": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the entrypoint for a container used to run the monitoring job." + }, + "environment": { + "$ref": "pulumi.json#/Any", + "description": "Sets the environment variables in the Docker container" + }, + "imageUri": { + "type": "string", + "description": "The container image to be run by the monitoring job." + }, + "postAnalyticsProcessorSourceUri": { + "type": "string", + "description": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers." + }, + "problemType": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionProblemType", + "description": "The machine learning problem type of the model that the monitoring job monitors." + }, + "recordPreprocessorSourceUri": { + "type": "string", + "description": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flatted json so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers" + } + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionModelQualityBaselineConfig": { + "type": "object", + "properties": { + "baseliningJobName": { + "type": "string", + "description": "The name of the job that performs baselining for the monitoring job." + }, + "constraintsResource": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionConstraintsResource", + "description": "The constraints resource for a monitoring job." + } + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionModelQualityJobInput": { + "type": "object", + "properties": { + "batchTransformInput": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionBatchTransformInput", + "description": "Input object for the batch transform job." + }, + "endpointInput": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionEndpointInput", + "description": "Input object for the endpoint" + }, + "groundTruthS3Input": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionMonitoringGroundTruthS3Input", + "description": "The ground truth label provided for the model." + } + }, + "irreversibleNames": { + "groundTruthS3Input": "GroundTruthS3Input" + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionMonitoringGroundTruthS3Input": { + "type": "object", + "properties": { + "s3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionMonitoringOutput": { + "type": "object", + "properties": { + "s3Output": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionS3Output", + "description": "The Amazon S3 storage location where the results of a monitoring job are saved." + } + }, + "irreversibleNames": { + "s3Output": "S3Output" + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionMonitoringOutputConfig": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption." + }, + "monitoringOutputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionMonitoringOutput" + }, + "description": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded." + } + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionMonitoringResources": { + "type": "object", + "properties": { + "clusterConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionClusterConfig", + "description": "The configuration for the cluster resources used to run the processing job." + } + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionNetworkConfig": { + "type": "object", + "properties": { + "enableInterContainerTrafficEncryption": { + "type": "boolean", + "description": "Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer." + }, + "enableNetworkIsolation": { + "type": "boolean", + "description": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionVpcConfig", + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC." + } + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionProblemType": { + "type": "string" + }, + "aws-native:sagemaker:ModelQualityJobDefinitionS3Output": { + "type": "object", + "properties": { + "localPath": { + "type": "string", + "description": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data." + }, + "s3UploadMode": { + "$ref": "#/types/aws-native:sagemaker:ModelQualityJobDefinitionS3OutputS3UploadMode", + "description": "Whether to upload the results of the monitoring job continuously or after the job completes." + }, + "s3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job." + } + }, + "irreversibleNames": { + "s3UploadMode": "S3UploadMode", + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionS3OutputS3UploadMode": { + "type": "string" + }, + "aws-native:sagemaker:ModelQualityJobDefinitionStoppingCondition": { + "type": "object", + "properties": { + "maxRuntimeInSeconds": { + "type": "integer", + "description": "The maximum runtime allowed in seconds." + } + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:ModelQualityJobDefinitionVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of the subnets in the VPC to which you want to connect to your monitoring jobs." + } + } + }, + "aws-native:sagemaker:MonitoringScheduleBaselineConfig": { + "type": "object", + "properties": { + "constraintsResource": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleConstraintsResource", + "description": "The Amazon S3 URI for the constraints resource." + }, + "statisticsResource": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleStatisticsResource", + "description": "The baseline statistics file in Amazon S3 that the current monitoring job should be validated against." + } + } + }, + "aws-native:sagemaker:MonitoringScheduleBatchTransformInput": { + "type": "object", + "properties": { + "dataCapturedDestinationS3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Batch Transform Job captures data." + }, + "datasetFormat": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleDatasetFormat" + }, + "excludeFeaturesAttribute": { + "type": "string", + "description": "Indexes or names of the features to be excluded from analysis" + }, + "localPath": { + "type": "string", + "description": "Path to the filesystem where the endpoint data is available to the container." + }, + "s3DataDistributionType": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleBatchTransformInputS3DataDistributionType", + "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated" + }, + "s3InputMode": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleBatchTransformInputS3InputMode", + "description": "Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File." + } + }, + "irreversibleNames": { + "dataCapturedDestinationS3Uri": "DataCapturedDestinationS3Uri", + "s3DataDistributionType": "S3DataDistributionType", + "s3InputMode": "S3InputMode" + } + }, + "aws-native:sagemaker:MonitoringScheduleBatchTransformInputS3DataDistributionType": { + "type": "string" + }, + "aws-native:sagemaker:MonitoringScheduleBatchTransformInputS3InputMode": { + "type": "string" + }, + "aws-native:sagemaker:MonitoringScheduleClusterConfig": { + "type": "object", + "properties": { + "instanceCount": { + "type": "integer", + "description": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1." + }, + "instanceType": { + "type": "string", + "description": "The ML compute instance type for the processing job." + }, + "volumeKmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job." + }, + "volumeSizeInGb": { + "type": "integer", + "description": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario." + } + }, + "irreversibleNames": { + "volumeSizeInGb": "VolumeSizeInGB" + } + }, + "aws-native:sagemaker:MonitoringScheduleConfig": { + "type": "object", + "properties": { + "monitoringJobDefinition": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleMonitoringJobDefinition", + "description": "Defines the monitoring job." + }, + "monitoringJobDefinitionName": { + "type": "string", + "description": "Name of the job definition" + }, + "monitoringType": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleMonitoringType", + "description": "The type of the monitoring job definition to schedule." + }, + "scheduleConfig": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleScheduleConfig", + "description": "Configures the monitoring schedule." + } + } + }, + "aws-native:sagemaker:MonitoringScheduleConstraintsResource": { + "type": "object", + "properties": { + "s3Uri": { + "type": "string", + "description": "The Amazon S3 URI for baseline constraint file in Amazon S3 that the current monitoring job should validated against." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:MonitoringScheduleCsv": { + "type": "object", + "properties": { + "header": { + "type": "boolean", + "description": "A boolean flag indicating if given CSV has header" + } + } + }, + "aws-native:sagemaker:MonitoringScheduleDatasetFormat": { + "type": "object", + "properties": { + "csv": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleCsv" + }, + "json": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleJson" + }, + "parquet": { + "type": "boolean" + } + } + }, + "aws-native:sagemaker:MonitoringScheduleEndpointInput": { + "type": "object", + "properties": { + "endpointName": { + "type": "string" + }, + "excludeFeaturesAttribute": { + "type": "string", + "description": "Indexes or names of the features to be excluded from analysis" + }, + "localPath": { + "type": "string", + "description": "Path to the filesystem where the endpoint data is available to the container." + }, + "s3DataDistributionType": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleEndpointInputS3DataDistributionType", + "description": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated" + }, + "s3InputMode": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleEndpointInputS3InputMode", + "description": "Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File." + } + }, + "irreversibleNames": { + "s3DataDistributionType": "S3DataDistributionType", + "s3InputMode": "S3InputMode" + } + }, + "aws-native:sagemaker:MonitoringScheduleEndpointInputS3DataDistributionType": { + "type": "string" + }, + "aws-native:sagemaker:MonitoringScheduleEndpointInputS3InputMode": { + "type": "string" + }, + "aws-native:sagemaker:MonitoringScheduleJson": { + "type": "object", + "properties": { + "line": { + "type": "boolean", + "description": "A boolean flag indicating if it is JSON line format" + } + } + }, + "aws-native:sagemaker:MonitoringScheduleMonitoringAppSpecification": { + "type": "object", + "properties": { + "containerArguments": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of arguments for the container used to run the monitoring job." + }, + "containerEntrypoint": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the entrypoint for a container used to run the monitoring job." + }, + "imageUri": { + "type": "string", + "description": "The container image to be run by the monitoring job." + }, + "postAnalyticsProcessorSourceUri": { + "type": "string", + "description": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers." + }, + "recordPreprocessorSourceUri": { + "type": "string", + "description": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flatted json so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers" + } + } + }, + "aws-native:sagemaker:MonitoringScheduleMonitoringExecutionSummary": { + "type": "object", + "properties": { + "creationTime": { + "type": "string", + "description": "The time at which the monitoring job was created." + }, + "endpointName": { + "type": "string", + "description": "The name of the endpoint used to run the monitoring job." + }, + "failureReason": { + "type": "string", + "description": "Contains the reason a monitoring job failed, if it failed." + }, + "lastModifiedTime": { + "type": "string", + "description": "A timestamp that indicates the last time the monitoring job was modified." + }, + "monitoringExecutionStatus": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleMonitoringExecutionSummaryMonitoringExecutionStatus", + "description": "The status of the monitoring job." + }, + "monitoringScheduleName": { + "type": "string", + "description": "The name of the monitoring schedule." + }, + "processingJobArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the monitoring job." + }, + "scheduledTime": { + "type": "string", + "description": "The time the monitoring job was scheduled." + } + } + }, + "aws-native:sagemaker:MonitoringScheduleMonitoringExecutionSummaryMonitoringExecutionStatus": { + "type": "string" + }, + "aws-native:sagemaker:MonitoringScheduleMonitoringInput": { + "type": "object", + "properties": { + "batchTransformInput": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleBatchTransformInput" + }, + "endpointInput": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleEndpointInput" + } + } + }, + "aws-native:sagemaker:MonitoringScheduleMonitoringJobDefinition": { + "type": "object", + "properties": { + "baselineConfig": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleBaselineConfig", + "description": "Baseline configuration used to validate that the data conforms to the specified constraints and statistics" + }, + "environment": { + "$ref": "pulumi.json#/Any", + "description": "Sets the environment variables in the Docker container" + }, + "monitoringAppSpecification": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleMonitoringAppSpecification", + "description": "Configures the monitoring job to run a specified Docker container image." + }, + "monitoringInputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleMonitoringInput" + }, + "description": "The array of inputs for the monitoring job. Currently we support monitoring an Amazon SageMaker Endpoint." + }, + "monitoringOutputConfig": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleMonitoringOutputConfig", + "description": "The array of outputs from the monitoring job to be uploaded to Amazon S3." + }, + "monitoringResources": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleMonitoringResources", + "description": "Identifies the resources, ML compute instances, and ML storage volumes to deploy for a monitoring job. In distributed processing, you specify more than one instance." + }, + "networkConfig": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleNetworkConfig", + "description": "Specifies networking options for an monitoring job." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf." + }, + "stoppingCondition": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleStoppingCondition", + "description": "Specifies a time limit for how long the monitoring job is allowed to run." + } + } + }, + "aws-native:sagemaker:MonitoringScheduleMonitoringOutput": { + "type": "object", + "properties": { + "s3Output": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleS3Output", + "description": "The Amazon S3 storage location where the results of a monitoring job are saved." + } + }, + "irreversibleNames": { + "s3Output": "S3Output" + } + }, + "aws-native:sagemaker:MonitoringScheduleMonitoringOutputConfig": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption." + }, + "monitoringOutputs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleMonitoringOutput" + }, + "description": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded." + } + } + }, + "aws-native:sagemaker:MonitoringScheduleMonitoringResources": { + "type": "object", + "properties": { + "clusterConfig": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleClusterConfig", + "description": "The configuration for the cluster resources used to run the processing job." + } + } + }, + "aws-native:sagemaker:MonitoringScheduleMonitoringType": { + "type": "string" + }, + "aws-native:sagemaker:MonitoringScheduleNetworkConfig": { + "type": "object", + "properties": { + "enableInterContainerTrafficEncryption": { + "type": "boolean", + "description": "Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer." + }, + "enableNetworkIsolation": { + "type": "boolean", + "description": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job." + }, + "vpcConfig": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleVpcConfig", + "description": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Training Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html) ." + } + } + }, + "aws-native:sagemaker:MonitoringScheduleS3Output": { + "type": "object", + "properties": { + "localPath": { + "type": "string", + "description": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data." + }, + "s3UploadMode": { + "$ref": "#/types/aws-native:sagemaker:MonitoringScheduleS3OutputS3UploadMode", + "description": "Whether to upload the results of the monitoring job continuously or after the job completes." + }, + "s3Uri": { + "type": "string", + "description": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job." + } + }, + "irreversibleNames": { + "s3UploadMode": "S3UploadMode", + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:MonitoringScheduleS3OutputS3UploadMode": { + "type": "string" + }, + "aws-native:sagemaker:MonitoringScheduleScheduleConfig": { + "type": "object", + "properties": { + "dataAnalysisEndTime": { + "type": "string", + "description": "Data Analysis end time, e.g. PT0H" + }, + "dataAnalysisStartTime": { + "type": "string", + "description": "Data Analysis start time, e.g. -PT1H" + }, + "scheduleExpression": { + "type": "string", + "description": "A cron expression or 'NOW' that describes details about the monitoring schedule." + } + } + }, + "aws-native:sagemaker:MonitoringScheduleStatisticsResource": { + "type": "object", + "properties": { + "s3Uri": { + "type": "string", + "description": "The Amazon S3 URI for the baseline statistics file in Amazon S3 that the current monitoring job should be validated against." + } + }, + "irreversibleNames": { + "s3Uri": "S3Uri" + } + }, + "aws-native:sagemaker:MonitoringScheduleStatus": { + "type": "string" + }, + "aws-native:sagemaker:MonitoringScheduleStoppingCondition": { + "type": "object", + "properties": { + "maxRuntimeInSeconds": { + "type": "integer", + "description": "The maximum runtime allowed in seconds." + } + } + }, + "aws-native:sagemaker:MonitoringScheduleTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:MonitoringScheduleVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The ID of the subnets in the VPC to which you want to connect to your monitoring jobs." + } + } + }, + "aws-native:sagemaker:OfflineStoreConfigProperties": { + "type": "object", + "properties": { + "dataCatalogConfig": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupDataCatalogConfig", + "description": "The meta data of the Glue table that is autogenerated when an `OfflineStore` is created." + }, + "disableGlueTableCreation": { + "type": "boolean", + "description": "Set to `True` to disable the automatic creation of an AWS Glue table when configuring an `OfflineStore` . If set to `False` , Feature Store will name the `OfflineStore` Glue table following [Athena's naming recommendations](https://docs.aws.amazon.com/athena/latest/ug/tables-databases-columns-names.html) .\n\nThe default value is `False` ." + }, + "s3StorageConfig": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupS3StorageConfig", + "description": "The Amazon Simple Storage (Amazon S3) location of `OfflineStore` ." + }, + "tableFormat": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupTableFormat", + "description": "Format for the offline store table. Supported formats are Glue (Default) and [Apache Iceberg](https://docs.aws.amazon.com/https://iceberg.apache.org/) ." + } + }, + "irreversibleNames": { + "s3StorageConfig": "S3StorageConfig" + } + }, + "aws-native:sagemaker:OnlineStoreConfigProperties": { + "type": "object", + "properties": { + "enableOnlineStore": { + "type": "boolean", + "description": "Turn `OnlineStore` off by specifying `False` for the `EnableOnlineStore` flag. Turn `OnlineStore` on by specifying `True` for the `EnableOnlineStore` flag.\n\nThe default value is `False` ." + }, + "securityConfig": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupOnlineStoreSecurityConfig", + "description": "Use to specify KMS Key ID ( `KMSKeyId` ) for at-rest encryption of your `OnlineStore` ." + }, + "storageType": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupStorageType", + "description": "Option for different tiers of low latency storage for real-time data retrieval.\n\n- `Standard` : A managed low latency data store for feature groups.\n- `InMemory` : A managed data store for feature groups that supports very low latency retrieval." + }, + "ttlDuration": { + "$ref": "#/types/aws-native:sagemaker:FeatureGroupTtlDuration", + "description": "Time to live duration, where the record is hard deleted after the expiration time is reached; `ExpiresAt` = `EventTime` + `TtlDuration` . For information on HardDelete, see the [DeleteRecord](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html) API in the Amazon SageMaker API Reference guide." + } + } + }, + "aws-native:sagemaker:ParallelismConfigurationProperties": { + "type": "object", + "properties": { + "maxParallelExecutionSteps": { + "type": "integer", + "description": "Maximum parallel execution steps" + } + } + }, + "aws-native:sagemaker:PipelineDefinition0Properties": { + "type": "object", + "properties": { + "pipelineDefinitionBody": { + "type": "string", + "description": "A specification that defines the pipeline in JSON format." + } + } + }, + "aws-native:sagemaker:PipelineDefinition1Properties": { + "type": "object", + "properties": { + "pipelineDefinitionS3Location": { + "$ref": "#/types/aws-native:sagemaker:PipelineS3Location" + } + }, + "irreversibleNames": { + "pipelineDefinitionS3Location": "PipelineDefinitionS3Location" + } + }, + "aws-native:sagemaker:PipelineS3Location": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the S3 bucket where the PipelineDefinition file is stored." + }, + "eTag": { + "type": "string", + "description": "The Amazon S3 ETag (a file checksum) of the PipelineDefinition file. If you don't specify a value, SageMaker skips ETag validation of your PipelineDefinition file." + }, + "key": { + "type": "string", + "description": "The file name of the PipelineDefinition file (Amazon S3 object name)." + }, + "version": { + "type": "string", + "description": "For versioning-enabled buckets, a specific version of the PipelineDefinition file." + } + } + }, + "aws-native:sagemaker:PipelineTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key. Tag keys must be unique per resource." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:sagemaker:ProjectProvisioningParameter": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The parameter key." + }, + "value": { + "type": "string", + "description": "The parameter value." + } + } + }, + "aws-native:sagemaker:ProjectStatus": { + "type": "string" + }, + "aws-native:sagemaker:ProjectTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:sagemaker:ServiceCatalogProvisionedProductDetailsProperties": { + "type": "object", + "properties": { + "provisionedProductId": { + "type": "string", + "description": "The ID of the provisioned product." + }, + "provisionedProductStatusMessage": { + "type": "string", + "description": "The current status of the product.\n\n- `AVAILABLE` - Stable state, ready to perform any operation. The most recent operation succeeded and completed.\n- `UNDER_CHANGE` - Transitive state. Operations performed might not have valid results. Wait for an AVAILABLE status before performing operations.\n- `TAINTED` - Stable state, ready to perform any operation. The stack has completed the requested operation but is not exactly what was requested. For example, a request to update to a new version failed and the stack rolled back to the current version.\n- `ERROR` - An unexpected error occurred. The provisioned product exists but the stack is not running. For example, CloudFormation received a parameter value that was not valid and could not launch the stack.\n- `PLAN_IN_PROGRESS` - Transitive state. The plan operations were performed to provision a new product, but resources have not yet been created. After reviewing the list of resources to be created, execute the plan. Wait for an AVAILABLE status before performing operations." + } + } + }, + "aws-native:sagemaker:ServiceCatalogProvisioningDetailsProperties": { + "type": "object", + "properties": { + "pathId": { + "type": "string", + "description": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path." + }, + "productId": { + "type": "string", + "description": "The ID of the product to provision." + }, + "provisioningArtifactId": { + "type": "string", + "description": "The ID of the provisioning artifact." + }, + "provisioningParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:ProjectProvisioningParameter" + }, + "description": "Parameters specified by the administrator that are required for provisioning the product." + } + } + }, + "aws-native:sagemaker:SpaceAppType": { + "type": "string" + }, + "aws-native:sagemaker:SpaceCodeEditorAppSettings": { + "type": "object", + "properties": { + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:SpaceResourceSpec", + "description": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on." + } + } + }, + "aws-native:sagemaker:SpaceCodeRepository": { + "type": "object", + "properties": { + "repositoryUrl": { + "type": "string", + "description": "A CodeRepository (valid URL) to be used within Jupyter's Git extension." + } + } + }, + "aws-native:sagemaker:SpaceCustomFileSystem": { + "type": "object", + "properties": { + "efsFileSystem": { + "$ref": "#/types/aws-native:sagemaker:SpaceEfsFileSystem" + } + }, + "irreversibleNames": { + "efsFileSystem": "EFSFileSystem" + } + }, + "aws-native:sagemaker:SpaceCustomImage": { + "type": "object", + "properties": { + "appImageConfigName": { + "type": "string", + "description": "The Name of the AppImageConfig." + }, + "imageName": { + "type": "string", + "description": "The name of the CustomImage. Must be unique to your account." + }, + "imageVersionNumber": { + "type": "integer", + "description": "The version number of the CustomImage." + } + } + }, + "aws-native:sagemaker:SpaceEbsStorageSettings": { + "type": "object", + "properties": { + "ebsVolumeSizeInGb": { + "type": "integer", + "description": "Size of the Amazon EBS volume in Gb" + } + } + }, + "aws-native:sagemaker:SpaceEfsFileSystem": { + "type": "object", + "properties": { + "fileSystemId": { + "type": "string" + } + } + }, + "aws-native:sagemaker:SpaceJupyterLabAppSettings": { + "type": "object", + "properties": { + "codeRepositories": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:SpaceCodeRepository" + }, + "description": "A list of CodeRepositories available for use with JupyterLab apps." + }, + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:SpaceResourceSpec", + "description": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on." + } + } + }, + "aws-native:sagemaker:SpaceJupyterServerAppSettings": { + "type": "object", + "properties": { + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:SpaceResourceSpec", + "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app. If you use the `LifecycleConfigArns` parameter, then this parameter is also required." + }, + "lifecycleConfigArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of LifecycleConfigArns available for use with JupyterServer apps." + } + } + }, + "aws-native:sagemaker:SpaceKernelGatewayAppSettings": { + "type": "object", + "properties": { + "customImages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:SpaceCustomImage" + }, + "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app." + }, + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:SpaceResourceSpec", + "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app." + }, + "lifecycleConfigArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of LifecycleConfigArns available for use with KernelGateway apps." + } + } + }, + "aws-native:sagemaker:SpaceOwnershipSettings": { + "type": "object", + "properties": { + "ownerUserProfileName": { + "type": "string", + "description": "The user profile who is the owner of the space." + } + } + }, + "aws-native:sagemaker:SpaceResourceSpec": { + "type": "object", + "properties": { + "instanceType": { + "$ref": "#/types/aws-native:sagemaker:SpaceResourceSpecInstanceType", + "description": "The instance type that the image version runs on." + }, + "lifecycleConfigArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration to attach to the Resource." + }, + "sageMakerImageArn": { + "type": "string", + "description": "The ARN of the SageMaker image that the image version belongs to." + }, + "sageMakerImageVersionArn": { + "type": "string", + "description": "The ARN of the image version created on the instance." + } + } + }, + "aws-native:sagemaker:SpaceResourceSpecInstanceType": { + "type": "string" + }, + "aws-native:sagemaker:SpaceSettings": { + "type": "object", + "properties": { + "appType": { + "$ref": "#/types/aws-native:sagemaker:SpaceAppType", + "description": "The type of app created within the space." + }, + "codeEditorAppSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceCodeEditorAppSettings", + "description": "The CodeEditor app settings." + }, + "customFileSystems": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:SpaceCustomFileSystem" + }, + "description": "A file system, created by you, that you assign to a space for an Amazon SageMaker Domain. Permitted users can access this file system in Amazon SageMaker Studio." + }, + "jupyterLabAppSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceJupyterLabAppSettings", + "description": "The JupyterLab app settings." + }, + "jupyterServerAppSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceJupyterServerAppSettings", + "description": "The Jupyter server's app settings." + }, + "kernelGatewayAppSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceKernelGatewayAppSettings", + "description": "The kernel gateway app settings." + }, + "spaceStorageSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceStorageSettings", + "description": "Default storage settings for a space." + } + } + }, + "aws-native:sagemaker:SpaceSharingSettings": { + "type": "object", + "properties": { + "sharingType": { + "$ref": "#/types/aws-native:sagemaker:SpaceSharingSettingsSharingType", + "description": "Specifies the sharing type of the space." + } + } + }, + "aws-native:sagemaker:SpaceSharingSettingsSharingType": { + "type": "string" + }, + "aws-native:sagemaker:SpaceStorageSettings": { + "type": "object", + "properties": { + "ebsStorageSettings": { + "$ref": "#/types/aws-native:sagemaker:SpaceEbsStorageSettings", + "description": "A collection of EBS storage settings for a space." + } + } + }, + "aws-native:sagemaker:SpaceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key. Tag keys must be unique per resource." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:sagemaker:StudioLifecycleConfigAppType": { + "type": "string" + }, + "aws-native:sagemaker:StudioLifecycleConfigTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key. Tag keys must be unique per resource." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:sagemaker:UserProfileAppType": { + "type": "string" + }, + "aws-native:sagemaker:UserProfileCodeEditorAppSettings": { + "type": "object", + "properties": { + "customImages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:UserProfileCustomImage" + }, + "description": "A list of custom images for use for CodeEditor apps." + }, + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:UserProfileResourceSpec", + "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the CodeEditor app." + }, + "lifecycleConfigArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of LifecycleConfigArns available for use with CodeEditor apps." + } + } + }, + "aws-native:sagemaker:UserProfileCodeRepository": { + "type": "object", + "properties": { + "repositoryUrl": { + "type": "string", + "description": "A CodeRepository (valid URL) to be used within Jupyter's Git extension." + } + } + }, + "aws-native:sagemaker:UserProfileCustomFileSystemConfig": { + "type": "object", + "properties": { + "efsFileSystemConfig": { + "$ref": "#/types/aws-native:sagemaker:UserProfileEfsFileSystemConfig", + "description": "The settings for a custom Amazon EFS file system." + } + }, + "irreversibleNames": { + "efsFileSystemConfig": "EFSFileSystemConfig" + } + }, + "aws-native:sagemaker:UserProfileCustomImage": { + "type": "object", + "properties": { + "appImageConfigName": { + "type": "string", + "description": "The Name of the AppImageConfig." + }, + "imageName": { + "type": "string", + "description": "The name of the CustomImage. Must be unique to your account." + }, + "imageVersionNumber": { + "type": "integer", + "description": "The version number of the CustomImage." + } + } + }, + "aws-native:sagemaker:UserProfileCustomPosixUserConfig": { + "type": "object", + "properties": { + "gid": { + "type": "integer", + "description": "The POSIX group ID." + }, + "uid": { + "type": "integer", + "description": "The POSIX user ID." + } + } + }, + "aws-native:sagemaker:UserProfileDefaultEbsStorageSettings": { + "type": "object", + "properties": { + "defaultEbsVolumeSizeInGb": { + "type": "integer", + "description": "Default size of the Amazon EBS volume in Gb" + }, + "maximumEbsVolumeSizeInGb": { + "type": "integer", + "description": "Maximum size of the Amazon EBS volume in Gb. Must be greater than or equal to the DefaultEbsVolumeSizeInGb." + } + } + }, + "aws-native:sagemaker:UserProfileDefaultSpaceStorageSettings": { + "type": "object", + "properties": { + "defaultEbsStorageSettings": { + "$ref": "#/types/aws-native:sagemaker:UserProfileDefaultEbsStorageSettings", + "description": "The default EBS storage settings for a space." + } + } + }, + "aws-native:sagemaker:UserProfileEfsFileSystemConfig": { + "type": "object", + "properties": { + "fileSystemId": { + "type": "string", + "description": "The ID of your Amazon EFS file system." + }, + "fileSystemPath": { + "type": "string", + "description": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below." + } + } + }, + "aws-native:sagemaker:UserProfileJupyterLabAppSettings": { + "type": "object", + "properties": { + "codeRepositories": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:UserProfileCodeRepository" + }, + "description": "A list of CodeRepositories available for use with JupyterLab apps." + }, + "customImages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:UserProfileCustomImage" + }, + "description": "A list of custom images available for use for JupyterLab apps" + }, + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:UserProfileResourceSpec", + "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app." + }, + "lifecycleConfigArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of LifecycleConfigArns available for use with JupyterLab apps." + } + } + }, + "aws-native:sagemaker:UserProfileJupyterServerAppSettings": { + "type": "object", + "properties": { + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:UserProfileResourceSpec", + "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app." + }, + "lifecycleConfigArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of LifecycleConfigArns available for use with JupyterServer apps." + } + } + }, + "aws-native:sagemaker:UserProfileKernelGatewayAppSettings": { + "type": "object", + "properties": { + "customImages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:UserProfileCustomImage" + }, + "description": "A list of custom SageMaker images that are configured to run as a KernelGateway app." + }, + "defaultResourceSpec": { + "$ref": "#/types/aws-native:sagemaker:UserProfileResourceSpec", + "description": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app." + }, + "lifecycleConfigArns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of LifecycleConfigArns available for use with KernelGateway apps." + } + } + }, + "aws-native:sagemaker:UserProfileMlTools": { + "type": "string" + }, + "aws-native:sagemaker:UserProfileRStudioServerProAppSettings": { + "type": "object", + "properties": { + "accessStatus": { + "$ref": "#/types/aws-native:sagemaker:UserProfileRStudioServerProAppSettingsAccessStatus", + "description": "Indicates whether the current user has access to the RStudioServerPro app.", + "replaceOnChanges": true + }, + "userGroup": { + "$ref": "#/types/aws-native:sagemaker:UserProfileRStudioServerProAppSettingsUserGroup", + "description": "The level of permissions that the user has within the RStudioServerPro app. This value defaults to User. The Admin value allows the user access to the RStudio Administrative Dashboard.", + "replaceOnChanges": true + } + } + }, + "aws-native:sagemaker:UserProfileRStudioServerProAppSettingsAccessStatus": { + "type": "string" + }, + "aws-native:sagemaker:UserProfileRStudioServerProAppSettingsUserGroup": { + "type": "string" + }, + "aws-native:sagemaker:UserProfileResourceSpec": { + "type": "object", + "properties": { + "instanceType": { + "$ref": "#/types/aws-native:sagemaker:UserProfileResourceSpecInstanceType", + "description": "The instance type that the image version runs on." + }, + "lifecycleConfigArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration to attach to the Resource." + }, + "sageMakerImageArn": { + "type": "string", + "description": "The ARN of the SageMaker image that the image version belongs to." + }, + "sageMakerImageVersionArn": { + "type": "string", + "description": "The ARN of the image version created on the instance." + } + } + }, + "aws-native:sagemaker:UserProfileResourceSpecInstanceType": { + "type": "string" + }, + "aws-native:sagemaker:UserProfileSharingSettings": { + "type": "object", + "properties": { + "notebookOutputOption": { + "$ref": "#/types/aws-native:sagemaker:UserProfileSharingSettingsNotebookOutputOption", + "description": "Whether to include the notebook cell output when sharing the notebook. The default is Disabled." + }, + "s3KmsKeyId": { + "type": "string", + "description": "When NotebookOutputOption is Allowed, the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket." + }, + "s3OutputPath": { + "type": "string", + "description": "When NotebookOutputOption is Allowed, the Amazon S3 bucket used to store the shared notebook snapshots." + } + }, + "irreversibleNames": { + "s3KmsKeyId": "S3KmsKeyId", + "s3OutputPath": "S3OutputPath" + } + }, + "aws-native:sagemaker:UserProfileSharingSettingsNotebookOutputOption": { + "type": "string" + }, + "aws-native:sagemaker:UserProfileStudioWebPortalSettings": { + "type": "object", + "properties": { + "hiddenAppTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:UserProfileAppType" + }, + "description": "Applications supported in Studio that are hidden from the Studio left navigation pane." + }, + "hiddenMlTools": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:UserProfileMlTools" + }, + "description": "The machine learning tools that are hidden from the Studio left navigation pane." + } + } + }, + "aws-native:sagemaker:UserProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key. Tag keys must be unique per resource." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:sagemaker:UserProfileUserSettings": { + "type": "object", + "properties": { + "codeEditorAppSettings": { + "$ref": "#/types/aws-native:sagemaker:UserProfileCodeEditorAppSettings", + "description": "The Code Editor application settings." + }, + "customFileSystemConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sagemaker:UserProfileCustomFileSystemConfig" + }, + "description": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker Studio." + }, + "customPosixUserConfig": { + "$ref": "#/types/aws-native:sagemaker:UserProfileCustomPosixUserConfig", + "description": "Details about the POSIX identity that is used for file system operations." + }, + "defaultLandingUri": { + "type": "string", + "description": "Defines which Amazon SageMaker application users are directed to by default." + }, + "executionRole": { + "type": "string", + "description": "The user profile Amazon Resource Name (ARN)." + }, + "jupyterLabAppSettings": { + "$ref": "#/types/aws-native:sagemaker:UserProfileJupyterLabAppSettings", + "description": "The settings for the JupyterLab application." + }, + "jupyterServerAppSettings": { + "$ref": "#/types/aws-native:sagemaker:UserProfileJupyterServerAppSettings", + "description": "The Jupyter server's app settings." + }, + "kernelGatewayAppSettings": { + "$ref": "#/types/aws-native:sagemaker:UserProfileKernelGatewayAppSettings", + "description": "The kernel gateway app settings." + }, + "rStudioServerProAppSettings": { + "$ref": "#/types/aws-native:sagemaker:UserProfileRStudioServerProAppSettings", + "description": "A collection of settings that configure user interaction with the `RStudioServerPro` app." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The security groups for the Amazon Virtual Private Cloud (VPC) that Studio uses for communication." + }, + "sharingSettings": { + "$ref": "#/types/aws-native:sagemaker:UserProfileSharingSettings", + "description": "The sharing settings." + }, + "spaceStorageSettings": { + "$ref": "#/types/aws-native:sagemaker:UserProfileDefaultSpaceStorageSettings", + "description": "The storage settings for a space." + }, + "studioWebPortal": { + "$ref": "#/types/aws-native:sagemaker:UserProfileUserSettingsStudioWebPortal", + "description": "Indicates whether the Studio experience is available to users. If not, users cannot access Studio." + }, + "studioWebPortalSettings": { + "$ref": "#/types/aws-native:sagemaker:UserProfileStudioWebPortalSettings", + "description": "Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level." + } + } + }, + "aws-native:sagemaker:UserProfileUserSettingsStudioWebPortal": { + "type": "string" + }, + "aws-native:scheduler:ScheduleAssignPublicIp": { + "type": "string" + }, + "aws-native:scheduler:ScheduleAwsVpcConfiguration": { + "type": "object", + "properties": { + "assignPublicIp": { + "$ref": "#/types/aws-native:scheduler:ScheduleAssignPublicIp", + "description": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` ." + }, + "securityGroups": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used." + }, + "subnets": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets." + } + } + }, + "aws-native:scheduler:ScheduleCapacityProviderStrategyItem": { + "type": "object", + "properties": { + "base": { + "type": "number", + "description": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used." + }, + "capacityProvider": { + "type": "string", + "description": "The short name of the capacity provider." + }, + "weight": { + "type": "number", + "description": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied." + } + } + }, + "aws-native:scheduler:ScheduleDeadLetterConfig": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The ARN of the SQS queue specified as the target for the dead-letter queue." + } + } + }, + "aws-native:scheduler:ScheduleEcsParameters": { + "type": "object", + "properties": { + "capacityProviderStrategy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:scheduler:ScheduleCapacityProviderStrategyItem" + }, + "description": "The capacity provider strategy to use for the task." + }, + "enableEcsManagedTags": { + "type": "boolean", + "description": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see Tagging Your Amazon ECS Resources in the Amazon Elastic Container Service Developer Guide." + }, + "enableExecuteCommand": { + "type": "boolean", + "description": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task." + }, + "group": { + "type": "string", + "description": "Specifies an ECS task group for the task. The maximum length is 255 characters." + }, + "launchType": { + "$ref": "#/types/aws-native:scheduler:ScheduleLaunchType", + "description": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html) in the *Amazon ECS Developer Guide* ." + }, + "networkConfiguration": { + "$ref": "#/types/aws-native:scheduler:ScheduleNetworkConfiguration", + "description": "This structure specifies the network configuration for an ECS task." + }, + "placementConstraints": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:scheduler:SchedulePlacementConstraint" + }, + "description": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime)." + }, + "placementStrategy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:scheduler:SchedulePlacementStrategy" + }, + "description": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task." + }, + "platformVersion": { + "type": "string", + "description": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as 1.1.0." + }, + "propagateTags": { + "$ref": "#/types/aws-native:scheduler:SchedulePropagateTags", + "description": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the Amazon ECS [`TagResource`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action." + }, + "referenceId": { + "type": "string", + "description": "The reference ID to use for the task." + }, + "tags": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "description": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see RunTask in the Amazon ECS API Reference." + }, + "taskCount": { + "type": "number", + "description": "The number of tasks to create based on TaskDefinition. The default is 1." + }, + "taskDefinitionArn": { + "type": "string", + "description": "The ARN of the task definition to use if the event target is an Amazon ECS task." + } + }, + "irreversibleNames": { + "enableEcsManagedTags": "EnableECSManagedTags" + } + }, + "aws-native:scheduler:ScheduleEventBridgeParameters": { + "type": "object", + "properties": { + "detailType": { + "type": "string", + "description": "Free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail." + }, + "source": { + "type": "string", + "description": "The source of the event." + } + } + }, + "aws-native:scheduler:ScheduleFlexibleTimeWindow": { + "type": "object", + "properties": { + "maximumWindowInMinutes": { + "type": "number", + "description": "The maximum time window during which a schedule can be invoked." + }, + "mode": { + "$ref": "#/types/aws-native:scheduler:ScheduleFlexibleTimeWindowMode", + "description": "Determines whether the schedule is invoked within a flexible time window. You must use quotation marks when you specify this value in your JSON or YAML template.\n\n*Allowed Values* : `\"OFF\"` | `\"FLEXIBLE\"`" + } + } + }, + "aws-native:scheduler:ScheduleFlexibleTimeWindowMode": { + "type": "string" + }, + "aws-native:scheduler:ScheduleGroupState": { + "type": "string" + }, + "aws-native:scheduler:ScheduleGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Key for the tag" + }, + "value": { + "type": "string", + "description": "Value for the tag" + } + } + }, + "aws-native:scheduler:ScheduleKinesisParameters": { + "type": "object", + "properties": { + "partitionKey": { + "type": "string", + "description": "The custom parameter used as the Kinesis partition key. For more information, see Amazon Kinesis Streams Key Concepts in the Amazon Kinesis Streams Developer Guide." + } + } + }, + "aws-native:scheduler:ScheduleLaunchType": { + "type": "string" + }, + "aws-native:scheduler:ScheduleNetworkConfiguration": { + "type": "object", + "properties": { + "awsvpcConfiguration": { + "$ref": "#/types/aws-native:scheduler:ScheduleAwsVpcConfiguration", + "description": "Specifies the Amazon VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode." + } + } + }, + "aws-native:scheduler:SchedulePlacementConstraint": { + "type": "object", + "properties": { + "expression": { + "type": "string", + "description": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is distinctInstance. To learn more, see Cluster Query Language in the Amazon Elastic Container Service Developer Guide." + }, + "type": { + "$ref": "#/types/aws-native:scheduler:SchedulePlacementConstraintType", + "description": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates." + } + } + }, + "aws-native:scheduler:SchedulePlacementConstraintType": { + "type": "string" + }, + "aws-native:scheduler:SchedulePlacementStrategy": { + "type": "object", + "properties": { + "field": { + "type": "string", + "description": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used." + }, + "type": { + "$ref": "#/types/aws-native:scheduler:SchedulePlacementStrategyType", + "description": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task)." + } + } + }, + "aws-native:scheduler:SchedulePlacementStrategyType": { + "type": "string" + }, + "aws-native:scheduler:SchedulePropagateTags": { + "type": "string" + }, + "aws-native:scheduler:ScheduleRetryPolicy": { + "type": "object", + "properties": { + "maximumEventAgeInSeconds": { + "type": "number", + "description": "The maximum amount of time, in seconds, to continue to make retry attempts." + }, + "maximumRetryAttempts": { + "type": "number", + "description": "The maximum number of retry attempts to make before the request fails. Retry attempts with exponential backoff continue until either the maximum number of attempts is made or until the duration of the MaximumEventAgeInSeconds is reached." + } + } + }, + "aws-native:scheduler:ScheduleSageMakerPipelineParameter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of parameter to start execution of a SageMaker Model Building Pipeline." + }, + "value": { + "type": "string", + "description": "Value of parameter to start execution of a SageMaker Model Building Pipeline." + } + } + }, + "aws-native:scheduler:ScheduleSageMakerPipelineParameters": { + "type": "object", + "properties": { + "pipelineParameterList": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:scheduler:ScheduleSageMakerPipelineParameter" + }, + "description": "List of Parameter names and values for SageMaker Model Building Pipeline execution." + } + } + }, + "aws-native:scheduler:ScheduleSqsParameters": { + "type": "object", + "properties": { + "messageGroupId": { + "type": "string", + "description": "The FIFO message group ID to use as the target." + } + } + }, + "aws-native:scheduler:ScheduleState": { + "type": "string" + }, + "aws-native:scheduler:ScheduleTarget": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the target." + }, + "deadLetterConfig": { + "$ref": "#/types/aws-native:scheduler:ScheduleDeadLetterConfig", + "description": "An object that contains information about an Amazon SQS queue that EventBridge Scheduler uses as a dead-letter queue for your schedule. If specified, EventBridge Scheduler delivers failed events that could not be successfully delivered to a target to the queue." + }, + "ecsParameters": { + "$ref": "#/types/aws-native:scheduler:ScheduleEcsParameters", + "description": "The templated target type for the Amazon ECS [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) API operation." + }, + "eventBridgeParameters": { + "$ref": "#/types/aws-native:scheduler:ScheduleEventBridgeParameters", + "description": "The templated target type for the EventBridge [`PutEvents`](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) API operation." + }, + "input": { + "type": "string", + "description": "The text, or well-formed JSON, passed to the target. If you are configuring a templated Lambda, AWS Step Functions, or Amazon EventBridge target, the input must be a well-formed JSON. For all other target types, a JSON is not required. If you do not specify anything for this field, EventBridge Scheduler delivers a default notification to the target." + }, + "kinesisParameters": { + "$ref": "#/types/aws-native:scheduler:ScheduleKinesisParameters", + "description": "The templated target type for the Amazon Kinesis [`PutRecord`](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html) API operation." + }, + "retryPolicy": { + "$ref": "#/types/aws-native:scheduler:ScheduleRetryPolicy", + "description": "A `RetryPolicy` object that includes information about the retry policy settings, including the maximum age of an event, and the maximum number of times EventBridge Scheduler will try to deliver the event to a target." + }, + "roleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the schedule is triggered." + }, + "sageMakerPipelineParameters": { + "$ref": "#/types/aws-native:scheduler:ScheduleSageMakerPipelineParameters", + "description": "The templated target type for the Amazon SageMaker [`StartPipelineExecution`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html) API operation." + }, + "sqsParameters": { + "$ref": "#/types/aws-native:scheduler:ScheduleSqsParameters", + "description": "The templated target type for the Amazon SQS [`SendMessage`](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html) API operation. Contains the message group ID to use when the target is a FIFO queue. If you specify an Amazon SQS FIFO queue as a target, the queue must have content-based deduplication enabled. For more information, see [Using the Amazon SQS message deduplication ID](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/using-messagededuplicationid-property.html) in the *Amazon SQS Developer Guide* ." + } + } + }, + "aws-native:secretsmanager:SecretGenerateSecretString": { + "type": "object", + "properties": { + "excludeCharacters": { + "type": "string", + "description": "A string of the characters that you don't want in the password." + }, + "excludeLowercase": { + "type": "boolean", + "description": "Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters." + }, + "excludeNumbers": { + "type": "boolean", + "description": "Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers." + }, + "excludePunctuation": { + "type": "boolean", + "description": "Specifies whether to exclude the following punctuation characters from the password: ``! \" # $ % \u0026 ' ( ) * + , - . / : ; \u003c = \u003e ? @ [ \\ ] ^ _ ` { | } ~``. If you don't include this switch, the password can contain punctuation." + }, + "excludeUppercase": { + "type": "boolean", + "description": "Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters." + }, + "generateStringKey": { + "type": "string", + "description": "The JSON key name for the key/value pair, where the value is the generated password. This pair is added to the JSON structure specified by the ``SecretStringTemplate`` parameter. If you specify this parameter, then you must also specify ``SecretStringTemplate``." + }, + "includeSpace": { + "type": "boolean", + "description": "Specifies whether to include the space character. If you include this switch, the password can contain space characters." + }, + "passwordLength": { + "type": "integer", + "description": "The length of the password. If you don't include this parameter, the default length is 32 characters." + }, + "requireEachIncludedType": { + "type": "boolean", + "description": "Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type." + }, + "secretStringTemplate": { + "type": "string", + "description": "A template that the generated string must match. When you make a change to this property, a new secret version is created." + } + } + }, + "aws-native:secretsmanager:SecretReplicaRegion": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't include this field, Secrets Manager uses ``aws/secretsmanager``." + }, + "region": { + "type": "string", + "description": "A string that represents a ``Region``, for example \"us-east-1\"." + } + } + }, + "aws-native:secretsmanager:SecretTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key identifier, or name, of the tag." + }, + "value": { + "type": "string", + "description": "The string value associated with the key of the tag." + } + } + }, + "aws-native:securityhub:AutomationRuleDateFilter": { + "type": "object", + "properties": { + "dateRange": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleDateRange", + "description": "A date range for the date filter." + }, + "end": { + "type": "string", + "description": "A timestamp that provides the end date for the date filter.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )" + }, + "start": { + "type": "string", + "description": "A timestamp that provides the start date for the date filter.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )" + } + } + }, + "aws-native:securityhub:AutomationRuleDateRange": { + "type": "object", + "properties": { + "unit": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleDateRangeUnit", + "description": "A date range unit for the date filter." + }, + "value": { + "type": "number", + "description": "A date range value for the date filter." + } + } + }, + "aws-native:securityhub:AutomationRuleDateRangeUnit": { + "type": "string" + }, + "aws-native:securityhub:AutomationRuleMapFilter": { + "type": "object", + "properties": { + "comparison": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleMapFilterComparison", + "description": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don’t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can’t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can’t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* ." + }, + "key": { + "type": "string", + "description": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field." + }, + "value": { + "type": "string", + "description": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match." + } + } + }, + "aws-native:securityhub:AutomationRuleMapFilterComparison": { + "type": "string" + }, + "aws-native:securityhub:AutomationRuleNoteUpdate": { + "type": "object", + "properties": { + "text": { + "type": "string", + "description": "The updated note text." + }, + "updatedBy": { + "type": "string", + "description": "The principal that updated the note." + } + } + }, + "aws-native:securityhub:AutomationRuleNumberFilter": { + "type": "object", + "properties": { + "eq": { + "type": "number", + "description": "The equal-to condition to be applied to a single field when querying for findings." + }, + "gte": { + "type": "number", + "description": "The greater-than-equal condition to be applied to a single field when querying for findings." + }, + "lte": { + "type": "number", + "description": "The less-than-equal condition to be applied to a single field when querying for findings." + } + } + }, + "aws-native:securityhub:AutomationRuleRelatedFinding": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "productArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the product that generated a related finding." + } + } + }, + "aws-native:securityhub:AutomationRuleRuleStatus": { + "type": "string" + }, + "aws-native:securityhub:AutomationRuleSeverityUpdate": { + "type": "object", + "properties": { + "label": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleSeverityUpdateLabel", + "description": "The severity value of the finding. The allowed values are the following.\n\n- `INFORMATIONAL` - No issue was found.\n- `LOW` - The issue does not require action on its own.\n- `MEDIUM` - The issue must be addressed but not urgently.\n- `HIGH` - The issue must be addressed as a priority.\n- `CRITICAL` - The issue must be remediated immediately to avoid it escalating." + }, + "normalized": { + "type": "integer", + "description": "The normalized severity for the finding. This attribute is to be deprecated in favor of `Label` .\n\nIf you provide `Normalized` and do not provide `Label` , `Label` is set automatically as follows.\n\n- 0 - `INFORMATIONAL`\n- 1–39 - `LOW`\n- 40–69 - `MEDIUM`\n- 70–89 - `HIGH`\n- 90–100 - `CRITICAL`" + }, + "product": { + "type": "number", + "description": "The native severity as defined by the AWS service or integrated partner product that generated the finding." + } + } + }, + "aws-native:securityhub:AutomationRuleSeverityUpdateLabel": { + "type": "string" + }, + "aws-native:securityhub:AutomationRuleStringFilter": { + "type": "object", + "properties": { + "comparison": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilterComparison", + "description": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don’t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can’t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* ." + }, + "value": { + "type": "string", + "description": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match." + } + } + }, + "aws-native:securityhub:AutomationRuleStringFilterComparison": { + "type": "string" + }, + "aws-native:securityhub:AutomationRuleWorkflowUpdate": { + "type": "object", + "properties": { + "status": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleWorkflowUpdateStatus", + "description": "The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the same issue.\n\nThe allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets `WorkFlowStatus` from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- The record state changes from `ARCHIVED` to `ACTIVE` .\n- The compliance status changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n- `SUPPRESSED` - Indicates that you reviewed the finding and do not believe that any action is needed. The finding is no longer updated." + } + } + }, + "aws-native:securityhub:AutomationRuleWorkflowUpdateStatus": { + "type": "string" + }, + "aws-native:securityhub:AutomationRulesAction": { + "type": "object", + "properties": { + "findingFieldsUpdate": { + "$ref": "#/types/aws-native:securityhub:AutomationRulesFindingFieldsUpdate", + "description": "Specifies that the automation rule action is an update to a finding field." + }, + "type": { + "$ref": "#/types/aws-native:securityhub:AutomationRulesActionType", + "description": "Specifies that the rule action should update the `Types` finding field. The `Types` finding field classifies findings in the format of namespace/category/classifier. For more information, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* ." + } + } + }, + "aws-native:securityhub:AutomationRulesActionType": { + "type": "string" + }, + "aws-native:securityhub:AutomationRulesFindingFieldsUpdate": { + "type": "object", + "properties": { + "confidence": { + "type": "integer", + "description": "The rule action updates the `Confidence` field of a finding." + }, + "criticality": { + "type": "integer", + "description": "The rule action updates the `Criticality` field of a finding." + }, + "note": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleNoteUpdate", + "description": "The rule action will update the ``Note`` field of a finding." + }, + "relatedFindings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleRelatedFinding" + }, + "description": "The rule action will update the ``RelatedFindings`` field of a finding." + }, + "severity": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleSeverityUpdate", + "description": "The rule action will update the ``Severity`` field of a finding." + }, + "types": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The rule action updates the `Types` field of a finding." + }, + "userDefinedFields": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The rule action updates the `UserDefinedFields` field of a finding." + }, + "verificationState": { + "$ref": "#/types/aws-native:securityhub:AutomationRulesFindingFieldsUpdateVerificationState", + "description": "The rule action updates the `VerificationState` field of a finding." + }, + "workflow": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleWorkflowUpdate", + "description": "The rule action will update the ``Workflow`` field of a finding." + } + } + }, + "aws-native:securityhub:AutomationRulesFindingFieldsUpdateVerificationState": { + "type": "string" + }, + "aws-native:securityhub:AutomationRulesFindingFilters": { + "type": "object", + "properties": { + "awsAccountId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The AWS account ID in which a finding was generated.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items." + }, + "companyName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The name of the company for the product that generated the finding. For control-based findings, the company is AWS .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "complianceAssociatedStandardsId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "complianceSecurityControlId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The security control ID for which a finding was generated. Security control IDs are the same across standards.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "complianceStatus": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The result of a security check. This field is only used for findings generated from controls.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "confidence": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleNumberFilter" + }, + "description": "The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. `Confidence` is scored on a 0–100 basis using a ratio scale. A value of `0` means 0 percent confidence, and a value of `100` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see [Confidence](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "createdAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleDateFilter" + }, + "description": "A timestamp that indicates when this finding record was created.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "criticality": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleNumberFilter" + }, + "description": "The level of importance that is assigned to the resources that are associated with a finding. `Criticality` is scored on a 0–100 basis, using a ratio scale that supports only full integers. A score of `0` means that the underlying resources have no criticality, and a score of `100` is reserved for the most critical resources. For more information, see [Criticality](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "description": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "A finding's description.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "firstObservedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleDateFilter" + }, + "description": "A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "generatorId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The identifier for the solution-specific component that generated a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items." + }, + "id": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The product-specific identifier for a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "lastObservedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleDateFilter" + }, + "description": "A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "noteText": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The text of a user-defined note that's added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "noteUpdatedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleDateFilter" + }, + "description": "The timestamp of when the note was updated.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "noteUpdatedBy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The principal that created a note.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "productArn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "productName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "recordState": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "Provides the current state of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "relatedFindingsId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "relatedFindingsProductArn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The ARN for the product that generated a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "resourceDetailsOther": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleMapFilter" + }, + "description": "Custom fields and values about the resource that a finding pertains to.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "resourceId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS-service that created the resource. For non- AWS resources, this is a unique identifier that is associated with the resource.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items." + }, + "resourcePartition": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions . Each AWS account is scoped to one partition.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "resourceRegion": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The AWS Region where the resource that a finding pertains to is located.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleMapFilter" + }, + "description": "A list of AWS tags associated with a resource at the time the finding was processed.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "resourceType": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items." + }, + "severityLabel": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "The severity value of the finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "sourceUrl": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "Provides a URL that links to a page about the current finding in the finding product.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "title": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items." + }, + "type": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "updatedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleDateFilter" + }, + "description": "A timestamp that indicates when the finding record was most recently updated.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "userDefinedFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleMapFilter" + }, + "description": "A list of user-defined name and value string pairs added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "verificationState": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "Provides the veracity of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + }, + "workflowStatus": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:AutomationRuleStringFilter" + }, + "description": "Provides information about the status of the investigation into a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items." + } + } + }, + "aws-native:securityhub:ConfigurationPolicyParameterConfiguration": { + "type": "object", + "properties": { + "value": { + "$ref": "#/types/aws-native:securityhub:ConfigurationPolicyParameterValue" + }, + "valueType": { + "$ref": "#/types/aws-native:securityhub:ConfigurationPolicyParameterConfigurationValueType", + "description": "Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior." + } + } + }, + "aws-native:securityhub:ConfigurationPolicyParameterConfigurationValueType": { + "type": "string" + }, + "aws-native:securityhub:ConfigurationPolicyParameterValue": { + "type": "object", + "properties": { + "boolean": { + "type": "boolean", + "description": "A control parameter that is a boolean." + }, + "double": { + "type": "number", + "description": "A control parameter that is a double." + }, + "enum": { + "type": "string", + "description": "A control parameter that is an enum." + }, + "enumList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A control parameter that is a list of enums." + }, + "integer": { + "type": "integer", + "description": "A control parameter that is an integer." + }, + "integerList": { + "type": "array", + "items": { + "type": "integer" + }, + "description": "A control parameter that is a list of integers." + }, + "string": { + "type": "string", + "description": "A control parameter that is a string." + }, + "stringList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A control parameter that is a list of strings." + } + } + }, + "aws-native:securityhub:ConfigurationPolicyPolicy": { + "type": "object", + "properties": { + "securityHub": { + "$ref": "#/types/aws-native:securityhub:ConfigurationPolicySecurityHubPolicy", + "description": "The AWS-service that the configuration policy applies to." + } + } + }, + "aws-native:securityhub:ConfigurationPolicySecurityControlCustomParameter": { + "type": "object", + "properties": { + "parameters": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:securityhub:ConfigurationPolicyParameterConfiguration" + }, + "description": "An object that specifies parameter values for a control in a configuration policy." + }, + "securityControlId": { + "type": "string", + "description": "The ID of the security control." + } + } + }, + "aws-native:securityhub:ConfigurationPolicySecurityControlsConfiguration": { + "type": "object", + "properties": { + "disabledSecurityControlIdentifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security controls that are disabled in the configuration policy" + }, + "enabledSecurityControlIdentifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of security controls that are enabled in the configuration policy." + }, + "securityControlCustomParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:ConfigurationPolicySecurityControlCustomParameter" + }, + "description": "A list of security controls and control parameter values that are included in a configuration policy." + } + } + }, + "aws-native:securityhub:ConfigurationPolicySecurityHubPolicy": { + "type": "object", + "properties": { + "enabledStandardIdentifiers": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list that defines which security standards are enabled in the configuration policy." + }, + "securityControlsConfiguration": { + "$ref": "#/types/aws-native:securityhub:ConfigurationPolicySecurityControlsConfiguration", + "description": "An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account." + }, + "serviceEnabled": { + "type": "boolean", + "description": "Indicates whether Security Hub is enabled in the policy." + } + } + }, + "aws-native:securityhub:DelegatedAdminStatus": { + "type": "string" + }, + "aws-native:securityhub:FindingAggregatorRegionLinkingMode": { + "type": "string" + }, + "aws-native:securityhub:InsightAwsSecurityFindingFilters": { + "type": "object", + "properties": { + "awsAccountId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The AWS account ID in which a finding is generated." + }, + "awsAccountName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The name of the AWS account in which a finding is generated." + }, + "companyName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The name of the findings provider (company) that owns the solution (product) that generates findings." + }, + "complianceAssociatedStandardsId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The unique identifier of a standard in which a control is enabled." + }, + "complianceSecurityControlId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The unique identifier of a control across standards." + }, + "complianceSecurityControlParametersName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The name of a security control parameter." + }, + "complianceSecurityControlParametersValue": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The current value of a security control parameter." + }, + "complianceStatus": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard." + }, + "confidence": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightNumberFilter" + }, + "description": "A finding's confidence." + }, + "createdAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightDateFilter" + }, + "description": "An ISO8601-formatted timestamp that indicates when the security findings provider captured the potential security issue that a finding captured." + }, + "criticality": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightNumberFilter" + }, + "description": "The level of importance assigned to the resources associated with the finding." + }, + "description": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "A finding's description." + }, + "findingProviderFieldsConfidence": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightNumberFilter" + }, + "description": "The finding provider value for the finding confidence." + }, + "findingProviderFieldsCriticality": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightNumberFilter" + }, + "description": "The finding provider value for the level of importance assigned to the resources associated with the findings." + }, + "findingProviderFieldsRelatedFindingsId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The finding identifier of a related finding that is identified by the finding provider." + }, + "findingProviderFieldsRelatedFindingsProductArn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The ARN of the solution that generated a related finding that is identified by the finding provider." + }, + "findingProviderFieldsSeverityLabel": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The finding provider value for the severity label." + }, + "findingProviderFieldsSeverityOriginal": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The finding provider's original value for the severity." + }, + "findingProviderFieldsTypes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "One or more finding types that the finding provider assigned to the finding." + }, + "firstObservedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightDateFilter" + }, + "description": "An ISO8601-formatted timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured." + }, + "generatorId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The identifier for the solution-specific component (a discrete unit of logic) that generated a finding." + }, + "id": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The security findings provider-specific identifier for a finding." + }, + "keyword": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightKeywordFilter" + }, + "description": "A keyword for a finding." + }, + "lastObservedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightDateFilter" + }, + "description": "An ISO8601-formatted timestamp that indicates when the security findings provider most recently observed the potential security issue that a finding captured." + }, + "malwareName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The name of the malware that was observed." + }, + "malwarePath": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The filesystem path of the malware that was observed." + }, + "malwareState": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The state of the malware that was observed." + }, + "malwareType": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The type of the malware that was observed." + }, + "networkDestinationDomain": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The destination domain of network-related information about a finding." + }, + "networkDestinationIpV4": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightIpFilter" + }, + "description": "The destination IPv4 address of network-related information about a finding." + }, + "networkDestinationIpV6": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightIpFilter" + }, + "description": "The destination IPv6 address of network-related information about a finding." + }, + "networkDestinationPort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightNumberFilter" + }, + "description": "The destination port of network-related information about a finding." + }, + "networkDirection": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "Indicates the direction of network traffic associated with a finding." + }, + "networkProtocol": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The protocol of network-related information about a finding." + }, + "networkSourceDomain": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The source domain of network-related information about a finding." + }, + "networkSourceIpV4": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightIpFilter" + }, + "description": "The source IPv4 address of network-related information about a finding." + }, + "networkSourceIpV6": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightIpFilter" + }, + "description": "The source IPv6 address of network-related information about a finding." + }, + "networkSourceMac": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The source media access control (MAC) address of network-related information about a finding." + }, + "networkSourcePort": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightNumberFilter" + }, + "description": "The source port of network-related information about a finding." + }, + "noteText": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The text of a note." + }, + "noteUpdatedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightDateFilter" + }, + "description": "The timestamp of when the note was updated." + }, + "noteUpdatedBy": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The principal that created a note." + }, + "processLaunchedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightDateFilter" + }, + "description": "A timestamp that identifies when the process was launched." + }, + "processName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The name of the process." + }, + "processParentPid": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightNumberFilter" + }, + "description": "The parent process ID." + }, + "processPath": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The path to the process executable." + }, + "processPid": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightNumberFilter" + }, + "description": "The process ID." + }, + "processTerminatedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightDateFilter" + }, + "description": "A timestamp that identifies when the process was terminated." + }, + "productArn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub." + }, + "productFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightMapFilter" + }, + "description": "A data type where security findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format." + }, + "productName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The name of the solution (product) that generates findings." + }, + "recommendationText": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The recommendation of what to do about the issue described in a finding." + }, + "recordState": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The updated record state for the finding." + }, + "region": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The Region from which the finding was generated." + }, + "relatedFindingsId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The solution-generated identifier for a related finding." + }, + "relatedFindingsProductArn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The ARN of the solution that generated a related finding." + }, + "resourceApplicationArn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The ARN of the application that is related to a finding." + }, + "resourceApplicationName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The name of the application that is related to a finding." + }, + "resourceAwsEc2InstanceIamInstanceProfileArn": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The IAM profile ARN of the instance." + }, + "resourceAwsEc2InstanceImageId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The Amazon Machine Image (AMI) ID of the instance." + }, + "resourceAwsEc2InstanceIpV4Addresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightIpFilter" + }, + "description": "The IPv4 addresses associated with the instance." + }, + "resourceAwsEc2InstanceIpV6Addresses": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightIpFilter" + }, + "description": "The IPv6 addresses associated with the instance." + }, + "resourceAwsEc2InstanceKeyName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The key name associated with the instance." + }, + "resourceAwsEc2InstanceLaunchedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightDateFilter" + }, + "description": "The date and time the instance was launched." + }, + "resourceAwsEc2InstanceSubnetId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The identifier of the subnet that the instance was launched in." + }, + "resourceAwsEc2InstanceType": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The instance type of the instance." + }, + "resourceAwsEc2InstanceVpcId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The identifier of the VPC that the instance was launched in." + }, + "resourceAwsIamAccessKeyCreatedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightDateFilter" + }, + "description": "The creation date/time of the IAM access key related to a finding." + }, + "resourceAwsIamAccessKeyPrincipalName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The name of the principal that is associated with an IAM access key." + }, + "resourceAwsIamAccessKeyStatus": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The status of the IAM access key related to a finding." + }, + "resourceAwsIamAccessKeyUserName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The user associated with the IAM access key related to a finding." + }, + "resourceAwsIamUserUserName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The name of an IAM user." + }, + "resourceAwsS3BucketOwnerId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The canonical user ID of the owner of the S3 bucket." + }, + "resourceAwsS3BucketOwnerName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The display name of the owner of the S3 bucket." + }, + "resourceContainerImageId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The identifier of the image related to a finding." + }, + "resourceContainerImageName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The name of the image related to a finding." + }, + "resourceContainerLaunchedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightDateFilter" + }, + "description": "A timestamp that identifies when the container was started." + }, + "resourceContainerName": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The name of the container related to a finding." + }, + "resourceDetailsOther": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightMapFilter" + }, + "description": "The details of a resource that doesn't have a specific subfield for the resource type defined." + }, + "resourceId": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The canonical identifier for the given resource type." + }, + "resourcePartition": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The canonical AWS partition name that the Region is assigned to." + }, + "resourceRegion": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The canonical AWS external Region name where this resource is located." + }, + "resourceTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightMapFilter" + }, + "description": "A list of AWS tags associated with a resource at the time the finding was processed." + }, + "resourceType": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "Specifies the type of the resource that details are provided for." + }, + "sample": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightBooleanFilter" + }, + "description": "Indicates whether or not sample findings are included in the filter results." + }, + "severityLabel": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The label of a finding's severity." + }, + "severityNormalized": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightNumberFilter" + }, + "description": "The normalized severity of a finding." + }, + "severityProduct": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightNumberFilter" + }, + "description": "The native severity as defined by the security findings provider's solution that generated the finding." + }, + "sourceUrl": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "A URL that links to a page about the current finding in the security findings provider's solution." + }, + "threatIntelIndicatorCategory": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The category of a threat intelligence indicator." + }, + "threatIntelIndicatorLastObservedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightDateFilter" + }, + "description": "A timestamp that identifies the last observation of a threat intelligence indicator." + }, + "threatIntelIndicatorSource": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The source of the threat intelligence." + }, + "threatIntelIndicatorSourceUrl": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The URL for more details from the source of the threat intelligence." + }, + "threatIntelIndicatorType": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The type of a threat intelligence indicator." + }, + "threatIntelIndicatorValue": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The value of a threat intelligence indicator." + }, + "title": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "A finding's title." + }, + "type": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "A finding type in the format of namespace/category/classifier that classifies a finding." + }, + "updatedAt": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightDateFilter" + }, + "description": "An ISO8601-formatted timestamp that indicates when the security findings provider last updated the finding record." + }, + "userDefinedFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightMapFilter" + }, + "description": "A list of name/value string pairs associated with the finding." + }, + "verificationState": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The veracity of a finding." + }, + "vulnerabilitiesExploitAvailable": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "Indicates whether a software vulnerability in your environment has a known exploit." + }, + "vulnerabilitiesFixAvailable": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "Indicates whether a vulnerability is fixed in a newer version of the affected software packages." + }, + "workflowState": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The workflow state of a finding." + }, + "workflowStatus": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilter" + }, + "description": "The status of the investigation into a finding." + } + }, + "irreversibleNames": { + "networkDestinationIpV4": "NetworkDestinationIpV4", + "networkDestinationIpV6": "NetworkDestinationIpV6", + "networkSourceIpV4": "NetworkSourceIpV4", + "networkSourceIpV6": "NetworkSourceIpV6", + "resourceAwsEc2InstanceIpV4Addresses": "ResourceAwsEc2InstanceIpV4Addresses", + "resourceAwsEc2InstanceIpV6Addresses": "ResourceAwsEc2InstanceIpV6Addresses", + "resourceAwsS3BucketOwnerId": "ResourceAwsS3BucketOwnerId", + "resourceAwsS3BucketOwnerName": "ResourceAwsS3BucketOwnerName" + } + }, + "aws-native:securityhub:InsightBooleanFilter": { + "type": "object", + "properties": { + "value": { + "type": "boolean", + "description": "The value of the boolean." + } + } + }, + "aws-native:securityhub:InsightDateFilter": { + "type": "object", + "properties": { + "dateRange": { + "$ref": "#/types/aws-native:securityhub:InsightDateRange", + "description": "A date range for the date filter." + }, + "end": { + "type": "string", + "description": "A timestamp that provides the end date for the date filter.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )" + }, + "start": { + "type": "string", + "description": "A timestamp that provides the start date for the date filter.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )" + } + } + }, + "aws-native:securityhub:InsightDateRange": { + "type": "object", + "properties": { + "unit": { + "$ref": "#/types/aws-native:securityhub:InsightDateRangeUnit", + "description": "A date range unit for the date filter." + }, + "value": { + "type": "number", + "description": "A date range value for the date filter." + } + } + }, + "aws-native:securityhub:InsightDateRangeUnit": { + "type": "string" + }, + "aws-native:securityhub:InsightIpFilter": { + "type": "object", + "properties": { + "cidr": { + "type": "string", + "description": "A finding's CIDR value." + } + } + }, + "aws-native:securityhub:InsightKeywordFilter": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "A value for the keyword." + } + } + }, + "aws-native:securityhub:InsightMapFilter": { + "type": "object", + "properties": { + "comparison": { + "$ref": "#/types/aws-native:securityhub:InsightMapFilterComparison", + "description": "The condition to apply to the key value when filtering Security Hub findings with a map filter." + }, + "key": { + "type": "string", + "description": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field." + }, + "value": { + "type": "string", + "description": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match." + } + } + }, + "aws-native:securityhub:InsightMapFilterComparison": { + "type": "string" + }, + "aws-native:securityhub:InsightNumberFilter": { + "type": "object", + "properties": { + "eq": { + "type": "number", + "description": "The equal-to condition to be applied to a single field when querying for findings." + }, + "gte": { + "type": "number", + "description": "The greater-than-equal condition to be applied to a single field when querying for findings." + }, + "lte": { + "type": "number", + "description": "The less-than-equal condition to be applied to a single field when querying for findings." + } + } + }, + "aws-native:securityhub:InsightStringFilter": { + "type": "object", + "properties": { + "comparison": { + "$ref": "#/types/aws-native:securityhub:InsightStringFilterComparison", + "description": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don’t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can’t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* ." + }, + "value": { + "type": "string", + "description": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match." + } + } + }, + "aws-native:securityhub:InsightStringFilterComparison": { + "type": "string" + }, + "aws-native:securityhub:OrganizationConfigurationAutoEnableStandards": { + "type": "string" + }, + "aws-native:securityhub:OrganizationConfigurationConfigurationType": { + "type": "string" + }, + "aws-native:securityhub:OrganizationConfigurationStatus": { + "type": "string" + }, + "aws-native:securityhub:PolicyAssociationAssociationStatus": { + "type": "string" + }, + "aws-native:securityhub:PolicyAssociationAssociationType": { + "type": "string" + }, + "aws-native:securityhub:PolicyAssociationTargetType": { + "type": "string" + }, + "aws-native:securityhub:SecurityControlParameterConfiguration": { + "type": "object", + "properties": { + "value": { + "$ref": "#/types/aws-native:securityhub:SecurityControlParameterValue", + "description": "The current value of a control parameter." + }, + "valueType": { + "$ref": "#/types/aws-native:securityhub:SecurityControlParameterConfigurationValueType", + "description": "Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior.\n\nWhen `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub ignores user-provided input for the `Value` field.\n\nWhen `ValueType` is set equal to `CUSTOM` , the `Value` field can't be empty." + } + } + }, + "aws-native:securityhub:SecurityControlParameterConfigurationValueType": { + "type": "string" + }, + "aws-native:securityhub:SecurityControlParameterValue": { + "type": "object", + "properties": { + "boolean": { + "type": "boolean", + "description": "A control parameter that is a boolean." + }, + "double": { + "type": "number", + "description": "A control parameter that is a double." + }, + "enum": { + "type": "string", + "description": "A control parameter that is a enum." + }, + "enumList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A control parameter that is a list of enums." + }, + "integer": { + "type": "integer", + "description": "A control parameter that is a integer." + }, + "integerList": { + "type": "array", + "items": { + "type": "integer" + }, + "description": "A control parameter that is a list of integers." + }, + "string": { + "type": "string", + "description": "A control parameter that is a string." + }, + "stringList": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A control parameter that is a list of strings." + } + } + }, + "aws-native:securityhub:StandardsControl": { + "type": "object", + "properties": { + "reason": { + "type": "string", + "description": "A user-defined reason for changing a control's enablement status in a specified standard. If you are disabling a control, then this property is required." + }, + "standardsControlArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the control." + } + } + }, + "aws-native:securitylake:DataLakeEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object." + } + } + }, + "aws-native:securitylake:DataLakeExpiration": { + "type": "object", + "properties": { + "days": { + "type": "integer", + "description": "The number of days before data expires in the Amazon Security Lake object." + } + } + }, + "aws-native:securitylake:DataLakeLifecycleConfiguration": { + "type": "object", + "properties": { + "expiration": { + "$ref": "#/types/aws-native:securitylake:DataLakeExpiration", + "description": "Provides data expiration details of the Amazon Security Lake object." + }, + "transitions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:securitylake:DataLakeTransitions" + }, + "description": "Provides data storage transition details of Amazon Security Lake object." + } + } + }, + "aws-native:securitylake:DataLakeReplicationConfiguration": { + "type": "object", + "properties": { + "regions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the `CreateDataLake` or `UpdateDataLake` operations contributes data to the rollup Region or Regions specified in this parameter.\n\nReplication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket." + }, + "roleArn": { + "type": "string", + "description": "Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct." + } + } + }, + "aws-native:securitylake:DataLakeTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_`, `.`, `/`, `=`, `+`, and `-`." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 characters in length." + } + } + }, + "aws-native:securitylake:DataLakeTransitions": { + "type": "object", + "properties": { + "days": { + "type": "integer", + "description": "Number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object." + }, + "storageClass": { + "type": "string", + "description": "The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads." + } + } + }, + "aws-native:securitylake:SubscriberAccessTypesItem": { + "type": "string" + }, + "aws-native:securitylake:SubscriberAwsLogSource": { + "type": "object", + "properties": { + "sourceName": { + "type": "string", + "description": "The name for a AWS source. This must be a Regionally unique value." + }, + "sourceVersion": { + "type": "string", + "description": "The version for a AWS source. This must be a Regionally unique value." + } + } + }, + "aws-native:securitylake:SubscriberCustomLogSource": { + "type": "object", + "properties": { + "sourceName": { + "type": "string", + "description": "The name for a third-party custom source. This must be a Regionally unique value." + }, + "sourceVersion": { + "type": "string", + "description": "The version for a third-party custom source. This must be a Regionally unique value." + } + } + }, + "aws-native:securitylake:SubscriberIdentityProperties": { + "type": "object", + "properties": { + "externalId": { + "type": "string", + "description": "The external ID used to establish trust relationship with the AWS identity." + }, + "principal": { + "type": "string", + "description": "The AWS identity principal." + } + } + }, + "aws-native:securitylake:SubscriberNotificationHttpsNotificationConfiguration": { + "type": "object", + "properties": { + "authorizationApiKeyName": { + "type": "string", + "description": "The key name for the notification subscription." + }, + "authorizationApiKeyValue": { + "type": "string", + "description": "The key value for the notification subscription." + }, + "endpoint": { + "type": "string", + "description": "The subscription endpoint in Security Lake." + }, + "httpMethod": { + "$ref": "#/types/aws-native:securitylake:SubscriberNotificationHttpsNotificationConfigurationHttpMethod", + "description": "The HTTPS method used for the notification subscription." + }, + "targetRoleArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the EventBridge API destinations IAM role that you created." + } + } + }, + "aws-native:securitylake:SubscriberNotificationHttpsNotificationConfigurationHttpMethod": { + "type": "string" + }, + "aws-native:securitylake:SubscriberNotificationNotificationConfiguration": { + "type": "object", + "properties": { + "httpsNotificationConfiguration": { + "$ref": "#/types/aws-native:securitylake:SubscriberNotificationHttpsNotificationConfiguration", + "description": "The configurations used for HTTPS subscriber notification." + }, + "sqsNotificationConfiguration": { + "$ref": "#/types/aws-native:securitylake:SubscriberNotificationSqsNotificationConfiguration", + "description": "The configurations for SQS subscriber notification. The members of this structure are context-dependent." + } + } + }, + "aws-native:securitylake:SubscriberNotificationSqsNotificationConfiguration": { + "type": "object" + }, + "aws-native:securitylake:SubscriberSource": { + "type": "object", + "properties": { + "awsLogSource": { + "$ref": "#/types/aws-native:securitylake:SubscriberAwsLogSource" + }, + "customLogSource": { + "$ref": "#/types/aws-native:securitylake:SubscriberCustomLogSource" + } + } + }, + "aws-native:securitylake:SubscriberTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name of the tag. This is a general label that acts as a category for a more specific tag value (value)." + }, + "value": { + "type": "string", + "description": "The value that is associated with the specified tag key (key). This value acts as a descriptor for the tag key. A tag value cannot be null, but it can be an empty string." + } + } + }, + "aws-native:servicecatalog:CloudFormationProvisionedProductAcceptLanguage": { + "type": "string" + }, + "aws-native:servicecatalog:CloudFormationProvisionedProductProvisioningParameter": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The parameter key." + }, + "value": { + "type": "string", + "description": "The parameter value." + } + } + }, + "aws-native:servicecatalog:CloudFormationProvisionedProductProvisioningPreferences": { + "type": "object", + "properties": { + "stackSetAccounts": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more AWS accounts where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified accounts should be within the list of accounts from the `STACKSET` constraint. To get the list of accounts in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all acounts from the `STACKSET` constraint." + }, + "stackSetFailureToleranceCount": { + "type": "integer", + "description": "The number of accounts, per Region, for which this operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.\n\nThe default value is `0` if no value is specified." + }, + "stackSetFailureTolerancePercentage": { + "type": "integer", + "description": "The percentage of accounts, per Region, for which this stack operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both." + }, + "stackSetMaxConcurrencyCount": { + "type": "integer", + "description": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `StackSetFailureToleranceCount` . `StackSetMaxConcurrentCount` is at most one more than the `StackSetFailureToleranceCount` .\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both." + }, + "stackSetMaxConcurrencyPercentage": { + "type": "integer", + "description": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, AWS Service Catalog sets the number as `1` instead.\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both." + }, + "stackSetOperationType": { + "$ref": "#/types/aws-native:servicecatalog:CloudFormationProvisionedProductProvisioningPreferencesStackSetOperationType", + "description": "Determines what action AWS Service Catalog performs to a stack set or a stack instance represented by the provisioned product. The default value is `UPDATE` if nothing is specified.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\n- **CREATE** - Creates a new stack instance in the stack set represented by the provisioned product. In this case, only new stack instances are created based on accounts and Regions; if new ProductId or ProvisioningArtifactID are passed, they will be ignored.\n- **UPDATE** - Updates the stack set represented by the provisioned product and also its stack instances.\n- **DELETE** - Deletes a stack instance in the stack set represented by the provisioned product." + }, + "stackSetRegions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint." + } + } + }, + "aws-native:servicecatalog:CloudFormationProvisionedProductProvisioningPreferencesStackSetOperationType": { + "type": "string" + }, + "aws-native:servicecatalog:CloudFormationProvisionedProductTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The value for this key." + } + } + }, + "aws-native:servicecatalog:ServiceActionAcceptLanguage": { + "type": "string" + }, + "aws-native:servicecatalog:ServiceActionDefinitionParameter": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The parameter key." + }, + "value": { + "type": "string", + "description": "The value of the parameter." + } + } + }, + "aws-native:servicecatalog:ServiceActionDefinitionType": { + "type": "string" + }, + "aws-native:servicecatalogappregistry:ResourceAssociationResourceType": { + "type": "string" + }, + "aws-native:ses:ConfigurationSetDashboardOptions": { + "type": "object", + "properties": { + "engagementMetrics": { + "type": "string", + "description": "Whether emails sent with this configuration set have engagement tracking enabled." + } + } + }, + "aws-native:ses:ConfigurationSetDeliveryOptions": { + "type": "object", + "properties": { + "sendingPoolName": { + "type": "string", + "description": "The name of the dedicated IP pool to associate with the configuration set." + }, + "tlsPolicy": { + "type": "string", + "description": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is Require , messages are only delivered if a TLS connection can be established. If the value is Optional , messages can be delivered in plain text if a TLS connection can't be established." + } + } + }, + "aws-native:ses:ConfigurationSetEventDestinationCloudWatchDestination": { + "type": "object", + "properties": { + "dimensionConfigurations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ses:ConfigurationSetEventDestinationDimensionConfiguration" + }, + "description": "A list of dimensions upon which to categorize your emails when you publish email sending events to Amazon CloudWatch." + } + } + }, + "aws-native:ses:ConfigurationSetEventDestinationDimensionConfiguration": { + "type": "object", + "properties": { + "defaultDimensionValue": { + "type": "string", + "description": "The default value of the dimension that is published to Amazon CloudWatch if you do not provide the value of the dimension when you send an email." + }, + "dimensionName": { + "type": "string", + "description": "The name of an Amazon CloudWatch dimension associated with an email sending metric." + }, + "dimensionValueSource": { + "type": "string", + "description": "The place where Amazon SES finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an X-SES-MESSAGE-TAGS header or a parameter to the SendEmail/SendRawEmail API, specify messageTag. To use your own email headers, specify emailHeader. To put a custom tag on any link included in your email, specify linkTag." + } + } + }, + "aws-native:ses:ConfigurationSetEventDestinationEventBridgeDestination": { + "type": "object", + "properties": { + "eventBusArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon EventBridge bus to publish email events to. Only the default bus is supported." + } + } + }, + "aws-native:ses:ConfigurationSetEventDestinationEventDestination": { + "type": "object", + "properties": { + "cloudWatchDestination": { + "$ref": "#/types/aws-native:ses:ConfigurationSetEventDestinationCloudWatchDestination", + "description": "An object that contains the names, default values, and sources of the dimensions associated with an Amazon CloudWatch event destination." + }, + "enabled": { + "type": "boolean", + "description": "Sets whether Amazon SES publishes events to this destination when you send an email with the associated configuration set. Set to true to enable publishing to this destination; set to false to prevent publishing to this destination. The default value is false. " + }, + "eventBridgeDestination": { + "$ref": "#/types/aws-native:ses:ConfigurationSetEventDestinationEventBridgeDestination", + "description": "An object that contains Event bus ARN associated with the event bridge destination." + }, + "kinesisFirehoseDestination": { + "$ref": "#/types/aws-native:ses:ConfigurationSetEventDestinationKinesisFirehoseDestination", + "description": "An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination." + }, + "matchingEventTypes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The type of email sending events, send, reject, bounce, complaint, delivery, open, click, renderingFailure, deliveryDelay, and subscription." + }, + "name": { + "type": "string", + "description": "The name of the event destination set." + }, + "snsDestination": { + "$ref": "#/types/aws-native:ses:ConfigurationSetEventDestinationSnsDestination", + "description": "An object that contains SNS topic ARN associated event destination." + } + } + }, + "aws-native:ses:ConfigurationSetEventDestinationKinesisFirehoseDestination": { + "type": "object", + "properties": { + "deliveryStreamArn": { + "type": "string", + "description": "The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to." + }, + "iamRoleArn": { + "type": "string", + "description": "The ARN of the IAM role under which Amazon SES publishes email sending events to the Amazon Kinesis Firehose stream." + } + }, + "irreversibleNames": { + "deliveryStreamArn": "DeliveryStreamARN", + "iamRoleArn": "IAMRoleARN" + } + }, + "aws-native:ses:ConfigurationSetEventDestinationSnsDestination": { + "type": "object", + "properties": { + "topicArn": { + "type": "string", + "description": "The ARN of the Amazon SNS topic for email sending events. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) ." + } + }, + "irreversibleNames": { + "topicArn": "TopicARN" + } + }, + "aws-native:ses:ConfigurationSetGuardianOptions": { + "type": "object", + "properties": { + "optimizedSharedDelivery": { + "type": "string", + "description": "Whether emails sent with this configuration set have optimized delivery algorithm enabled." + } + } + }, + "aws-native:ses:ConfigurationSetReputationOptions": { + "type": "object", + "properties": { + "reputationMetricsEnabled": { + "type": "boolean", + "description": "If true , tracking of reputation metrics is enabled for the configuration set. If false , tracking of reputation metrics is disabled for the configuration set." + } + } + }, + "aws-native:ses:ConfigurationSetSendingOptions": { + "type": "object", + "properties": { + "sendingEnabled": { + "type": "boolean", + "description": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set." + } + } + }, + "aws-native:ses:ConfigurationSetSuppressionOptions": { + "type": "object", + "properties": { + "suppressedReasons": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account." + } + } + }, + "aws-native:ses:ConfigurationSetTrackingOptions": { + "type": "object", + "properties": { + "customRedirectDomain": { + "type": "string", + "description": "The domain to use for tracking open and click events." + } + } + }, + "aws-native:ses:ConfigurationSetVdmOptions": { + "type": "object", + "properties": { + "dashboardOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetDashboardOptions", + "description": "Specifies additional settings for your VDM configuration as applicable to the Dashboard." + }, + "guardianOptions": { + "$ref": "#/types/aws-native:ses:ConfigurationSetGuardianOptions", + "description": "Specifies additional settings for your VDM configuration as applicable to the Guardian." + } + } + }, + "aws-native:ses:ContactListTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character." + }, + "value": { + "type": "string", + "description": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don't want a resource to have a specific tag value, don't specify a value for this parameter. If you don't specify a value, Amazon SES sets the value to an empty string." + } + } + }, + "aws-native:ses:ContactListTopic": { + "type": "object", + "properties": { + "defaultSubscriptionStatus": { + "type": "string", + "description": "The default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic." + }, + "description": { + "type": "string", + "description": "The description of the topic." + }, + "displayName": { + "type": "string", + "description": "The display name of the topic." + }, + "topicName": { + "type": "string", + "description": "The name of the topic." + } + } + }, + "aws-native:ses:EmailIdentityConfigurationSetAttributes": { + "type": "object", + "properties": { + "configurationSetName": { + "type": "string", + "description": "The configuration set to use by default when sending from this identity. Note that any configuration set defined in the email sending request takes precedence." + } + } + }, + "aws-native:ses:EmailIdentityDkimAttributes": { + "type": "object", + "properties": { + "signingEnabled": { + "type": "boolean", + "description": "Sets the DKIM signing configuration for the identity. When you set this value true, then the messages that are sent from the identity are signed using DKIM. If you set this value to false, your messages are sent without DKIM signing." + } + } + }, + "aws-native:ses:EmailIdentityDkimSigningAttributes": { + "type": "object", + "properties": { + "domainSigningPrivateKey": { + "type": "string", + "description": "[Bring Your Own DKIM] A private key that's used to generate a DKIM signature. The private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding." + }, + "domainSigningSelector": { + "type": "string", + "description": "[Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain." + }, + "nextSigningKeyLength": { + "type": "string", + "description": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day." + } + } + }, + "aws-native:ses:EmailIdentityFeedbackAttributes": { + "type": "object", + "properties": { + "emailForwardingEnabled": { + "type": "boolean", + "description": "If the value is true, you receive email notifications when bounce or complaint events occur" + } + } + }, + "aws-native:ses:EmailIdentityMailFromAttributes": { + "type": "object", + "properties": { + "behaviorOnMxFailure": { + "type": "string", + "description": "The action to take if the required MX record isn't found when you send an email. When you set this value to UseDefaultValue , the mail is sent using amazonses.com as the MAIL FROM domain. When you set this value to RejectMessage , the Amazon SES API v2 returns a MailFromDomainNotVerified error, and doesn't attempt to deliver the email." + }, + "mailFromDomain": { + "type": "string", + "description": "The custom MAIL FROM domain that you want the verified identity to use" + } + } + }, + "aws-native:ses:MailManagerAddonInstanceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the key-value tag." + }, + "value": { + "type": "string", + "description": "The value of the key-value tag." + } + } + }, + "aws-native:ses:MailManagerAddonSubscriptionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the key-value tag." + }, + "value": { + "type": "string", + "description": "The value of the key-value tag." + } + } + }, + "aws-native:ses:MailManagerArchiveArchiveRetention0Properties": { + "type": "object", + "properties": { + "retentionPeriod": { + "$ref": "#/types/aws-native:ses:MailManagerArchiveRetentionPeriod" + } + } + }, + "aws-native:ses:MailManagerArchiveArchiveRetentionProperties": { + "type": "object", + "properties": { + "retentionPeriod": { + "$ref": "#/types/aws-native:ses:MailManagerArchiveRetentionPeriod" + } + } + }, + "aws-native:ses:MailManagerArchiveArchiveState": { + "type": "string" + }, + "aws-native:ses:MailManagerArchiveRetentionPeriod": { + "type": "string" + }, + "aws-native:ses:MailManagerArchiveTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the key-value tag." + }, + "value": { + "type": "string", + "description": "The value of the key-value tag." + } + } + }, + "aws-native:ses:MailManagerIngressPointIngressPointConfiguration0Properties": { + "type": "object", + "properties": { + "smtpPassword": { + "type": "string" + } + } + }, + "aws-native:ses:MailManagerIngressPointIngressPointConfiguration1Properties": { + "type": "object", + "properties": { + "secretArn": { + "type": "string" + } + } + }, + "aws-native:ses:MailManagerIngressPointIngressPointStatus": { + "type": "string" + }, + "aws-native:ses:MailManagerIngressPointIngressPointStatusToUpdate": { + "type": "string" + }, + "aws-native:ses:MailManagerIngressPointIngressPointType": { + "type": "string" + }, + "aws-native:ses:MailManagerIngressPointTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the key-value tag." + }, + "value": { + "type": "string", + "description": "The value of the key-value tag." + } + } + }, + "aws-native:ses:MailManagerRelayNoAuthentication": { + "type": "object" + }, + "aws-native:ses:MailManagerRelayRelayAuthentication0Properties": { + "type": "object", + "properties": { + "secretArn": { + "type": "string" + } + } + }, + "aws-native:ses:MailManagerRelayRelayAuthentication1Properties": { + "type": "object", + "properties": { + "noAuthentication": { + "$ref": "#/types/aws-native:ses:MailManagerRelayNoAuthentication" + } + } + }, + "aws-native:ses:MailManagerRelayTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the key-value tag." + }, + "value": { + "type": "string", + "description": "The value of the key-value tag." + } + } + }, + "aws-native:ses:MailManagerRuleSetActionFailurePolicy": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetAddHeaderAction": { + "type": "object", + "properties": { + "headerName": { + "type": "string" + }, + "headerValue": { + "type": "string" + } + } + }, + "aws-native:ses:MailManagerRuleSetAnalysis": { + "type": "object", + "properties": { + "analyzer": { + "type": "string" + }, + "resultField": { + "type": "string" + } + } + }, + "aws-native:ses:MailManagerRuleSetArchiveAction": { + "type": "object", + "properties": { + "actionFailurePolicy": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetActionFailurePolicy" + }, + "targetArchive": { + "type": "string" + } + } + }, + "aws-native:ses:MailManagerRuleSetDeliverToMailboxAction": { + "type": "object", + "properties": { + "actionFailurePolicy": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetActionFailurePolicy" + }, + "mailboxArn": { + "type": "string" + }, + "roleArn": { + "type": "string" + } + } + }, + "aws-native:ses:MailManagerRuleSetDropAction": { + "type": "object" + }, + "aws-native:ses:MailManagerRuleSetMailFrom": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRelayAction": { + "type": "object", + "properties": { + "actionFailurePolicy": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetActionFailurePolicy" + }, + "mailFrom": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetMailFrom" + }, + "relay": { + "type": "string" + } + } + }, + "aws-native:ses:MailManagerRuleSetReplaceRecipientAction": { + "type": "object", + "properties": { + "replaceWith": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:ses:MailManagerRuleSetRule": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleAction0Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleAction1Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleAction2Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleAction3Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleAction4Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleAction5Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleAction6Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleAction7Properties" + } + ] + }, + "description": "The list of actions to execute when the conditions match the incoming email, and none of the \"unless conditions\" match." + }, + "conditions": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition0Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition1Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition2Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition3Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition4Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition5Properties" + } + ] + }, + "description": "The conditions of this rule. All conditions must match the email for the actions to be executed. An empty list of conditions means that all emails match, but are still subject to any \"unless conditions\"" + }, + "name": { + "type": "string", + "description": "The user-friendly name of the rule." + }, + "unless": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition0Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition1Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition2Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition3Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition4Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleCondition5Properties" + } + ] + }, + "description": "The \"unless conditions\" of this rule. None of the conditions can match the email for the actions to be executed. If any of these conditions do match the email, then the actions are not executed." + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleAction0Properties": { + "type": "object", + "properties": { + "drop": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetDropAction" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleAction1Properties": { + "type": "object", + "properties": { + "relay": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRelayAction" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleAction2Properties": { + "type": "object", + "properties": { + "archive": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetArchiveAction" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleAction3Properties": { + "type": "object", + "properties": { + "writeToS3": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetS3Action" + } + }, + "irreversibleNames": { + "writeToS3": "WriteToS3" + } + }, + "aws-native:ses:MailManagerRuleSetRuleAction4Properties": { + "type": "object", + "properties": { + "send": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetSendAction" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleAction5Properties": { + "type": "object", + "properties": { + "addHeader": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetAddHeaderAction" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleAction6Properties": { + "type": "object", + "properties": { + "replaceRecipient": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetReplaceRecipientAction" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleAction7Properties": { + "type": "object", + "properties": { + "deliverToMailbox": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetDeliverToMailboxAction" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleBooleanEmailAttribute": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleBooleanExpression": { + "type": "object", + "properties": { + "evaluate": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleBooleanToEvaluateProperties" + }, + "operator": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleBooleanOperator" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleBooleanOperator": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleBooleanToEvaluate0Properties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleBooleanEmailAttribute" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleBooleanToEvaluateProperties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleBooleanEmailAttribute" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleCondition0Properties": { + "type": "object", + "properties": { + "booleanExpression": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleBooleanExpression" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleCondition1Properties": { + "type": "object", + "properties": { + "stringExpression": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleStringExpression" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleCondition2Properties": { + "type": "object", + "properties": { + "numberExpression": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleNumberExpression" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleCondition3Properties": { + "type": "object", + "properties": { + "ipExpression": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleIpExpression" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleCondition4Properties": { + "type": "object", + "properties": { + "verdictExpression": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleVerdictExpression" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleCondition5Properties": { + "type": "object", + "properties": { + "dmarcExpression": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleDmarcExpression" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleDmarcExpression": { + "type": "object", + "properties": { + "operator": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleDmarcOperator" + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleDmarcPolicy" + } + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleDmarcOperator": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleDmarcPolicy": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleIpEmailAttribute": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleIpExpression": { + "type": "object", + "properties": { + "evaluate": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleIpToEvaluateProperties" + }, + "operator": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleIpOperator" + }, + "values": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleIpOperator": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleIpToEvaluate0Properties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleIpEmailAttribute" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleIpToEvaluateProperties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleIpEmailAttribute" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleNumberEmailAttribute": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleNumberExpression": { + "type": "object", + "properties": { + "evaluate": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleNumberToEvaluateProperties" + }, + "operator": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleNumberOperator" + }, + "value": { + "type": "number" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleNumberOperator": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleNumberToEvaluate0Properties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleNumberEmailAttribute" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleNumberToEvaluateProperties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleNumberEmailAttribute" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleStringEmailAttribute": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleStringExpression": { + "type": "object", + "properties": { + "evaluate": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleStringToEvaluateProperties" + }, + "operator": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleStringOperator" + }, + "values": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleStringOperator": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleStringToEvaluate0Properties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleStringEmailAttribute" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleStringToEvaluateProperties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleStringEmailAttribute" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleVerdict": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleVerdictAttribute": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleVerdictExpression": { + "type": "object", + "properties": { + "evaluate": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleVerdictToEvaluate0Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleVerdictToEvaluate1Properties" + } + ] + }, + "operator": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleVerdictOperator" + }, + "values": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleVerdict" + } + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleVerdictOperator": { + "type": "string" + }, + "aws-native:ses:MailManagerRuleSetRuleVerdictToEvaluate0Properties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetRuleVerdictAttribute" + } + } + }, + "aws-native:ses:MailManagerRuleSetRuleVerdictToEvaluate1Properties": { + "type": "object", + "properties": { + "analysis": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetAnalysis" + } + } + }, + "aws-native:ses:MailManagerRuleSetS3Action": { + "type": "object", + "properties": { + "actionFailurePolicy": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetActionFailurePolicy" + }, + "roleArn": { + "type": "string" + }, + "s3Bucket": { + "type": "string" + }, + "s3Prefix": { + "type": "string" + }, + "s3SseKmsKeyId": { + "type": "string" + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3Prefix": "S3Prefix", + "s3SseKmsKeyId": "S3SseKmsKeyId" + } + }, + "aws-native:ses:MailManagerRuleSetSendAction": { + "type": "object", + "properties": { + "actionFailurePolicy": { + "$ref": "#/types/aws-native:ses:MailManagerRuleSetActionFailurePolicy" + }, + "roleArn": { + "type": "string" + } + } + }, + "aws-native:ses:MailManagerRuleSetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the key-value tag." + }, + "value": { + "type": "string", + "description": "The value of the key-value tag." + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyAcceptAction": { + "type": "string" + }, + "aws-native:ses:MailManagerTrafficPolicyIngressAnalysis": { + "type": "object", + "properties": { + "analyzer": { + "type": "string" + }, + "resultField": { + "type": "string" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressBooleanExpression": { + "type": "object", + "properties": { + "evaluate": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressBooleanToEvaluateProperties" + }, + "operator": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressBooleanOperator" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressBooleanOperator": { + "type": "string" + }, + "aws-native:ses:MailManagerTrafficPolicyIngressBooleanToEvaluate0Properties": { + "type": "object", + "properties": { + "analysis": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressAnalysis" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressBooleanToEvaluateProperties": { + "type": "object", + "properties": { + "analysis": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressAnalysis" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressIpOperator": { + "type": "string" + }, + "aws-native:ses:MailManagerTrafficPolicyIngressIpToEvaluate0Properties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressIpv4Attribute" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressIpToEvaluateProperties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressIpv4Attribute" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressIpv4Attribute": { + "type": "string" + }, + "aws-native:ses:MailManagerTrafficPolicyIngressIpv4Expression": { + "type": "object", + "properties": { + "evaluate": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressIpToEvaluateProperties" + }, + "operator": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressIpOperator" + }, + "values": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressStringEmailAttribute": { + "type": "string" + }, + "aws-native:ses:MailManagerTrafficPolicyIngressStringExpression": { + "type": "object", + "properties": { + "evaluate": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressStringToEvaluateProperties" + }, + "operator": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressStringOperator" + }, + "values": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressStringOperator": { + "type": "string" + }, + "aws-native:ses:MailManagerTrafficPolicyIngressStringToEvaluate0Properties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressStringEmailAttribute" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressStringToEvaluateProperties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressStringEmailAttribute" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressTlsAttribute": { + "type": "string" + }, + "aws-native:ses:MailManagerTrafficPolicyIngressTlsProtocolAttribute": { + "type": "string" + }, + "aws-native:ses:MailManagerTrafficPolicyIngressTlsProtocolExpression": { + "type": "object", + "properties": { + "evaluate": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressTlsProtocolToEvaluateProperties" + }, + "operator": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressTlsProtocolOperator" + }, + "value": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressTlsProtocolAttribute" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressTlsProtocolOperator": { + "type": "string" + }, + "aws-native:ses:MailManagerTrafficPolicyIngressTlsProtocolToEvaluate0Properties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressTlsAttribute" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyIngressTlsProtocolToEvaluateProperties": { + "type": "object", + "properties": { + "attribute": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressTlsAttribute" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyPolicyCondition0Properties": { + "type": "object", + "properties": { + "stringExpression": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressStringExpression" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyPolicyCondition1Properties": { + "type": "object", + "properties": { + "ipExpression": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressIpv4Expression" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyPolicyCondition2Properties": { + "type": "object", + "properties": { + "tlsExpression": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressTlsProtocolExpression" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyPolicyCondition3Properties": { + "type": "object", + "properties": { + "booleanExpression": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyIngressBooleanExpression" + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyPolicyStatement": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyAcceptAction", + "description": "The action that informs a traffic policy resource to either allow or block the email if it matches a condition in the policy statement." + }, + "conditions": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyPolicyCondition0Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyPolicyCondition1Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyPolicyCondition2Properties" + }, + { + "$ref": "#/types/aws-native:ses:MailManagerTrafficPolicyPolicyCondition3Properties" + } + ] + }, + "description": "The list of conditions to apply to incoming messages for filtering email traffic." + } + } + }, + "aws-native:ses:MailManagerTrafficPolicyTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the key-value tag." + }, + "value": { + "type": "string", + "description": "The value of the key-value tag." + } + } + }, + "aws-native:ses:Template": { + "type": "object", + "properties": { + "htmlPart": { + "type": "string", + "description": "The HTML body of the email." + }, + "subjectPart": { + "type": "string", + "description": "The subject line of the email." + }, + "templateName": { + "type": "string", + "description": "The name of the template.", + "replaceOnChanges": true + }, + "textPart": { + "type": "string", + "description": "The email body that is visible to recipients whose email clients do not display HTML content." + } + } + }, + "aws-native:ses:VdmAttributesDashboardAttributes": { + "type": "object", + "properties": { + "engagementMetrics": { + "type": "string", + "description": "Whether emails sent from this account have engagement tracking enabled." + } + } + }, + "aws-native:ses:VdmAttributesGuardianAttributes": { + "type": "object", + "properties": { + "optimizedSharedDelivery": { + "type": "string", + "description": "Whether emails sent from this account have optimized delivery algorithm enabled." + } + } + }, + "aws-native:shield:ProactiveEngagementEmergencyContact": { + "type": "object", + "properties": { + "contactNotes": { + "type": "string", + "description": "Additional notes regarding the contact." + }, + "emailAddress": { + "type": "string", + "description": "The email address for the contact." + }, + "phoneNumber": { + "type": "string", + "description": "The phone number for the contact" + } + } + }, + "aws-native:shield:ProactiveEngagementStatus": { + "type": "string" + }, + "aws-native:shield:ProtectionApplicationLayerAutomaticResponseConfiguration": { + "type": "object", + "properties": { + "action": { + "oneOf": [ + { + "$ref": "#/types/aws-native:shield:ProtectionApplicationLayerAutomaticResponseConfigurationAction0Properties" + }, + { + "$ref": "#/types/aws-native:shield:ProtectionApplicationLayerAutomaticResponseConfigurationAction1Properties" + } + ], + "description": "Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource." + }, + "status": { + "$ref": "#/types/aws-native:shield:ProtectionApplicationLayerAutomaticResponseConfigurationStatus", + "description": "Indicates whether automatic application layer DDoS mitigation is enabled for the protection." + } + } + }, + "aws-native:shield:ProtectionApplicationLayerAutomaticResponseConfigurationAction0Properties": { + "type": "object", + "properties": { + "count": { + "$ref": "pulumi.json#/Any", + "description": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action.\nYou must specify exactly one action, either `Block` or `Count`." + } + } + }, + "aws-native:shield:ProtectionApplicationLayerAutomaticResponseConfigurationAction1Properties": { + "type": "object", + "properties": { + "block": { + "$ref": "pulumi.json#/Any", + "description": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action.\nYou must specify exactly one action, either `Block` or `Count`." + } + } + }, + "aws-native:shield:ProtectionApplicationLayerAutomaticResponseConfigurationStatus": { + "type": "string" + }, + "aws-native:shield:ProtectionGroupAggregation": { + "type": "string" + }, + "aws-native:shield:ProtectionGroupPattern": { + "type": "string" + }, + "aws-native:shield:ProtectionGroupResourceType": { + "type": "string" + }, + "aws-native:shield:ProtectionGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:shield:ProtectionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:signer:SigningProfilePlatformId": { + "type": "string" + }, + "aws-native:signer:SigningProfileSignatureValidityPeriod": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:signer:SigningProfileSignatureValidityPeriodType", + "description": "The time unit for signature validity: DAYS | MONTHS | YEARS." + }, + "value": { + "type": "integer", + "description": "The numerical value of the time unit for signature validity." + } + } + }, + "aws-native:signer:SigningProfileSignatureValidityPeriodType": { + "type": "string" + }, + "aws-native:signer:SigningProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:simspaceweaver:SimulationS3Location": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The Schema S3 bucket name." + }, + "objectKey": { + "type": "string", + "description": "This is the schema S3 object key, which includes the full path of \"folders\" from the bucket root to the schema." + } + } + }, + "aws-native:sns:TopicLoggingConfig": { + "type": "object", + "properties": { + "failureFeedbackRoleArn": { + "type": "string", + "description": "The IAM role ARN to be used when logging failed message deliveries in Amazon CloudWatch." + }, + "protocol": { + "$ref": "#/types/aws-native:sns:TopicLoggingConfigProtocol", + "description": "Indicates one of the supported protocols for the Amazon SNS topic.\n At least one of the other three ``LoggingConfig`` properties is recommend along with ``Protocol``." + }, + "successFeedbackRoleArn": { + "type": "string", + "description": "The IAM role ARN to be used when logging successful message deliveries in Amazon CloudWatch." + }, + "successFeedbackSampleRate": { + "type": "string", + "description": "The percentage of successful message deliveries to be logged in Amazon CloudWatch. Valid percentage values range from 0 to 100." + } + } + }, + "aws-native:sns:TopicLoggingConfigProtocol": { + "type": "string" + }, + "aws-native:sns:TopicSubscription": { + "type": "object", + "properties": { + "endpoint": { + "type": "string", + "description": "The endpoint that receives notifications from the SNS topic. The endpoint value depends on the protocol that you specify. For more information, see the ``Endpoint`` parameter of the ``Subscribe`` action in the *API Reference*." + }, + "protocol": { + "type": "string", + "description": "The subscription's protocol. For more information, see the ``Protocol`` parameter of the ``Subscribe`` action in the *API Reference*." + } + } + }, + "aws-native:sns:TopicTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The required key portion of the tag." + }, + "value": { + "type": "string", + "description": "The optional value portion of the tag." + } + } + }, + "aws-native:sqs:QueueTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:ssm:AssociationComplianceSeverity": { + "type": "string" + }, + "aws-native:ssm:AssociationInstanceAssociationOutputLocation": { + "type": "object", + "properties": { + "s3Location": { + "$ref": "#/types/aws-native:ssm:AssociationS3OutputLocation", + "description": "`S3OutputLocation` is a property of the [InstanceAssociationOutputLocation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html) property that specifies an Amazon S3 bucket where you want to store the results of this request." + } + }, + "irreversibleNames": { + "s3Location": "S3Location" + } + }, + "aws-native:ssm:AssociationS3OutputLocation": { + "type": "object", + "properties": { + "outputS3BucketName": { + "type": "string", + "description": "The name of the S3 bucket." + }, + "outputS3KeyPrefix": { + "type": "string", + "description": "The S3 bucket subfolder." + }, + "outputS3Region": { + "type": "string", + "description": "The AWS Region of the S3 bucket." + } + }, + "irreversibleNames": { + "outputS3BucketName": "OutputS3BucketName", + "outputS3KeyPrefix": "OutputS3KeyPrefix", + "outputS3Region": "OutputS3Region" + } + }, + "aws-native:ssm:AssociationSyncCompliance": { + "type": "string" + }, + "aws-native:ssm:AssociationTarget": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "User-defined criteria for sending commands that target managed nodes that meet the criteria." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50." + } + } + }, + "aws-native:ssm:DocumentAttachmentsSource": { + "type": "object", + "properties": { + "key": { + "$ref": "#/types/aws-native:ssm:DocumentAttachmentsSourceKey", + "description": "The key of a key-value pair that identifies the location of an attachment to a document." + }, + "name": { + "type": "string", + "description": "The name of the document attachment file." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The value of a key-value pair that identifies the location of an attachment to a document. The format for Value depends on the type of key you specify." + } + } + }, + "aws-native:ssm:DocumentAttachmentsSourceKey": { + "type": "string" + }, + "aws-native:ssm:DocumentFormat": { + "type": "string" + }, + "aws-native:ssm:DocumentRequires": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the required SSM document. The name can be an Amazon Resource Name (ARN)." + }, + "version": { + "type": "string", + "description": "The document version required by the current document." + } + } + }, + "aws-native:ssm:DocumentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:ssm:DocumentType": { + "type": "string" + }, + "aws-native:ssm:DocumentUpdateMethod": { + "type": "string" + }, + "aws-native:ssm:ParameterDataType": { + "type": "string" + }, + "aws-native:ssm:ParameterTier": { + "type": "string" + }, + "aws-native:ssm:ParameterType": { + "type": "string" + }, + "aws-native:ssm:PatchBaselineApprovedPatchesComplianceLevel": { + "type": "string" + }, + "aws-native:ssm:PatchBaselineOperatingSystem": { + "type": "string" + }, + "aws-native:ssm:PatchBaselinePatchFilter": { + "type": "object", + "properties": { + "key": { + "$ref": "#/types/aws-native:ssm:PatchBaselinePatchFilterKey", + "description": "The key for the filter.\n\nFor information about valid keys, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* ." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The value for the filter key.\n\nFor information about valid values for each key based on operating system type, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* ." + } + } + }, + "aws-native:ssm:PatchBaselinePatchFilterGroup": { + "type": "object", + "properties": { + "patchFilters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssm:PatchBaselinePatchFilter" + }, + "description": "The set of patch filters that make up the group." + } + } + }, + "aws-native:ssm:PatchBaselinePatchFilterKey": { + "type": "string" + }, + "aws-native:ssm:PatchBaselinePatchSource": { + "type": "object", + "properties": { + "configuration": { + "type": "string", + "description": "The value of the yum repo configuration. For example:\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\n\u003e For information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) ." + }, + "name": { + "type": "string", + "description": "The name specified to identify the patch source." + }, + "products": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The specific operating system versions a patch repository applies to, such as \"Ubuntu16.04\", \"RedhatEnterpriseLinux7.2\" or \"Suse12.7\". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* ." + } + } + }, + "aws-native:ssm:PatchBaselineRejectedPatchesAction": { + "type": "string" + }, + "aws-native:ssm:PatchBaselineRule": { + "type": "object", + "properties": { + "approveAfterDays": { + "type": "integer", + "description": "The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. For example, a value of `7` means that patches are approved seven days after they are released.\n\n\u003e This parameter is marked as not required, but your request must include a value for either `ApproveAfterDays` or `ApproveUntilDate` . \n\nNot supported for Debian Server or Ubuntu Server." + }, + "approveUntilDate": { + "type": "string", + "description": "The cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically.\n\nEnter dates in the format `YYYY-MM-DD` . For example, `2021-12-31` .\n\n\u003e This parameter is marked as not required, but your request must include a value for either `ApproveUntilDate` or `ApproveAfterDays` . \n\nNot supported for Debian Server or Ubuntu Server." + }, + "complianceLevel": { + "$ref": "#/types/aws-native:ssm:PatchBaselineRuleComplianceLevel", + "description": "A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: `UNSPECIFIED` , `CRITICAL` , `HIGH` , `MEDIUM` , `LOW` , and `INFORMATIONAL` ." + }, + "enableNonSecurity": { + "type": "boolean", + "description": "For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is `false` . Applies to Linux managed nodes only." + }, + "patchFilterGroup": { + "$ref": "#/types/aws-native:ssm:PatchBaselinePatchFilterGroup", + "description": "The patch filter group that defines the criteria for the rule." + } + } + }, + "aws-native:ssm:PatchBaselineRuleComplianceLevel": { + "type": "string" + }, + "aws-native:ssm:PatchBaselineRuleGroup": { + "type": "object", + "properties": { + "patchRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssm:PatchBaselineRule" + }, + "description": "The rules that make up the rule group." + } + } + }, + "aws-native:ssm:PatchBaselineTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:ssm:ResourceDataSyncAwsOrganizationsSource": { + "type": "object", + "properties": { + "organizationSourceType": { + "type": "string", + "description": "If an AWS organization is present, this is either `OrganizationalUnits` or `EntireOrganization` . For `OrganizationalUnits` , the data is aggregated from a set of organization units. For `EntireOrganization` , the data is aggregated from the entire AWS organization." + }, + "organizationalUnits": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The AWS Organizations organization units included in the sync." + } + } + }, + "aws-native:ssm:ResourceDataSyncS3Destination": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The name of the S3 bucket where the aggregated data is stored." + }, + "bucketPrefix": { + "type": "string", + "description": "An Amazon S3 prefix for the bucket." + }, + "bucketRegion": { + "type": "string", + "description": "The AWS Region with the S3 bucket targeted by the resource data sync." + }, + "kmsKeyArn": { + "type": "string", + "description": "The ARN of an encryption key for a destination in Amazon S3. Must belong to the same Region as the destination S3 bucket." + }, + "syncFormat": { + "type": "string", + "description": "A supported sync format. The following format is currently supported: JsonSerDe" + } + }, + "irreversibleNames": { + "kmsKeyArn": "KMSKeyArn" + } + }, + "aws-native:ssm:ResourceDataSyncSyncSource": { + "type": "object", + "properties": { + "awsOrganizationsSource": { + "$ref": "#/types/aws-native:ssm:ResourceDataSyncAwsOrganizationsSource", + "description": "Information about the AwsOrganizationsSource resource data sync source. A sync source of this type can synchronize data from AWS Organizations ." + }, + "includeFutureRegions": { + "type": "boolean", + "description": "Whether to automatically synchronize and aggregate data from new AWS Regions when those Regions come online." + }, + "sourceRegions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The `SyncSource` AWS Regions included in the resource data sync." + }, + "sourceType": { + "type": "string", + "description": "The type of data source for the resource data sync. `SourceType` is either `AwsOrganizations` (if an organization is present in AWS Organizations ) or `SingleAccountMultiRegions` ." + } + } + }, + "aws-native:ssmcontacts:ContactChannelChannelType": { + "type": "string" + }, + "aws-native:ssmcontacts:ContactChannelTargetInfo": { + "type": "object", + "properties": { + "channelId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the contact channel." + }, + "retryIntervalInMinutes": { + "type": "integer", + "description": "The number of minutes to wait to retry sending engagement in the case the engagement initially fails." + } + } + }, + "aws-native:ssmcontacts:ContactStage": { + "type": "object", + "properties": { + "durationInMinutes": { + "type": "integer", + "description": "The time to wait until beginning the next stage." + }, + "rotationIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of Rotation Ids to associate with Contact" + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmcontacts:ContactTargets" + }, + "description": "The contacts or contact methods that the escalation plan or engagement plan is engaging." + } + } + }, + "aws-native:ssmcontacts:ContactTargetInfo": { + "type": "object", + "properties": { + "contactId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the contact." + }, + "isEssential": { + "type": "boolean", + "description": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan." + } + } + }, + "aws-native:ssmcontacts:ContactTargets": { + "type": "object", + "properties": { + "channelTargetInfo": { + "$ref": "#/types/aws-native:ssmcontacts:ContactChannelTargetInfo", + "description": "Information about the contact channel that Incident Manager engages." + }, + "contactTargetInfo": { + "$ref": "#/types/aws-native:ssmcontacts:ContactTargetInfo", + "description": "The contact that Incident Manager is engaging during an incident." + } + } + }, + "aws-native:ssmcontacts:ContactType": { + "type": "string" + }, + "aws-native:ssmcontacts:PlanChannelTargetInfo": { + "type": "object", + "properties": { + "channelId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the contact channel." + }, + "retryIntervalInMinutes": { + "type": "integer", + "description": "The number of minutes to wait to retry sending engagement in the case the engagement initially fails." + } + } + }, + "aws-native:ssmcontacts:PlanContactTargetInfo": { + "type": "object", + "properties": { + "contactId": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the contact." + }, + "isEssential": { + "type": "boolean", + "description": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan." + } + } + }, + "aws-native:ssmcontacts:PlanStage": { + "type": "object", + "properties": { + "durationInMinutes": { + "type": "integer", + "description": "The time to wait until beginning the next stage." + }, + "targets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmcontacts:PlanTargets" + }, + "description": "The contacts or contact methods that the escalation plan or engagement plan is engaging." + } + } + }, + "aws-native:ssmcontacts:PlanTargets": { + "type": "object", + "properties": { + "channelTargetInfo": { + "$ref": "#/types/aws-native:ssmcontacts:PlanChannelTargetInfo", + "description": "Information about the contact channel that Incident Manager engages." + }, + "contactTargetInfo": { + "$ref": "#/types/aws-native:ssmcontacts:PlanContactTargetInfo", + "description": "Information about the contact that Incident Manager engages." + } + } + }, + "aws-native:ssmcontacts:RotationCoverageTime": { + "type": "object", + "properties": { + "endTime": { + "type": "string", + "description": "Information about when an on-call rotation shift ends." + }, + "startTime": { + "type": "string", + "description": "Information about when an on-call rotation shift begins." + } + } + }, + "aws-native:ssmcontacts:RotationDayOfWeek": { + "type": "string" + }, + "aws-native:ssmcontacts:RotationMonthlySetting": { + "type": "object", + "properties": { + "dayOfMonth": { + "type": "integer", + "description": "The day of the month when monthly recurring on-call rotations begin." + }, + "handOffTime": { + "type": "string", + "description": "The time of day when a monthly recurring on-call shift rotation begins." + } + } + }, + "aws-native:ssmcontacts:RotationRecurrenceSettings": { + "type": "object", + "properties": { + "dailySettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Information about on-call rotations that recur daily." + }, + "monthlySettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmcontacts:RotationMonthlySetting" + }, + "description": "Information about on-call rotations that recur monthly." + }, + "numberOfOnCalls": { + "type": "integer", + "description": "Number of Oncalls per shift." + }, + "recurrenceMultiplier": { + "type": "integer", + "description": "The number of days, weeks, or months a single rotation lasts." + }, + "shiftCoverages": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmcontacts:RotationShiftCoverage" + }, + "description": "Information about the days of the week included in on-call rotation coverage." + }, + "weeklySettings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmcontacts:RotationWeeklySetting" + }, + "description": "Information about on-call rotations that recur weekly." + } + } + }, + "aws-native:ssmcontacts:RotationShiftCoverage": { + "type": "object", + "properties": { + "coverageTimes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmcontacts:RotationCoverageTime" + }, + "description": "Information about when an on-call shift begins and ends." + }, + "dayOfWeek": { + "$ref": "#/types/aws-native:ssmcontacts:RotationDayOfWeek", + "description": "A list of days on which the schedule is active." + } + } + }, + "aws-native:ssmcontacts:RotationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag" + }, + "value": { + "type": "string", + "description": "The value for the tag." + } + } + }, + "aws-native:ssmcontacts:RotationWeeklySetting": { + "type": "object", + "properties": { + "dayOfWeek": { + "$ref": "#/types/aws-native:ssmcontacts:RotationDayOfWeek", + "description": "The day of the week when weekly recurring on-call shift rotations begins." + }, + "handOffTime": { + "type": "string", + "description": "The time of day when a weekly recurring on-call shift rotation begins." + } + } + }, + "aws-native:ssmincidents:ReplicationSetRegionConfiguration": { + "type": "object", + "properties": { + "sseKmsKeyId": { + "type": "string" + } + } + }, + "aws-native:ssmincidents:ReplicationSetReplicationRegion": { + "type": "object", + "properties": { + "regionConfiguration": { + "$ref": "#/types/aws-native:ssmincidents:ReplicationSetRegionConfiguration" + }, + "regionName": { + "type": "string" + } + } + }, + "aws-native:ssmincidents:ReplicationSetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ssmincidents:ResponsePlanAction": { + "type": "object", + "properties": { + "ssmAutomation": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanSsmAutomation", + "description": "Details about the Systems Manager automation document that will be used as a runbook during an incident." + } + } + }, + "aws-native:ssmincidents:ResponsePlanChatChannel": { + "type": "object", + "properties": { + "chatbotSns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The Amazon SNS targets that AWS Chatbot uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics" + } + } + }, + "aws-native:ssmincidents:ResponsePlanDynamicSsmParameter": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key parameter to use when running the Systems Manager Automation runbook." + }, + "value": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanDynamicSsmParameterValue", + "description": "The dynamic parameter value." + } + } + }, + "aws-native:ssmincidents:ResponsePlanDynamicSsmParameterValue": { + "type": "object", + "properties": { + "variable": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanVariableType", + "description": "Variable dynamic parameters. A parameter value is determined when an incident is created." + } + } + }, + "aws-native:ssmincidents:ResponsePlanIncidentTemplate": { + "type": "object", + "properties": { + "dedupeString": { + "type": "string", + "description": "The deduplication string." + }, + "impact": { + "type": "integer", + "description": "The impact value." + }, + "incidentTags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanTag" + }, + "description": "Tags that get applied to incidents created by the StartIncident API action." + }, + "notificationTargets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanNotificationTargetItem" + }, + "description": "The list of notification targets." + }, + "summary": { + "type": "string", + "description": "The summary string." + }, + "title": { + "type": "string", + "description": "The title string." + } + } + }, + "aws-native:ssmincidents:ResponsePlanIntegration": { + "type": "object", + "properties": { + "pagerDutyConfiguration": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanPagerDutyConfiguration", + "description": "Information about the PagerDuty service where the response plan creates an incident." + } + } + }, + "aws-native:ssmincidents:ResponsePlanNotificationTargetItem": { + "type": "object", + "properties": { + "snsTopicArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the Amazon SNS topic." + } + } + }, + "aws-native:ssmincidents:ResponsePlanPagerDutyConfiguration": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the pagerDuty configuration." + }, + "pagerDutyIncidentConfiguration": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanPagerDutyIncidentConfiguration", + "description": "Details about the PagerDuty service associated with the configuration." + }, + "secretId": { + "type": "string", + "description": "The AWS secrets manager secretId storing the pagerDuty token." + } + } + }, + "aws-native:ssmincidents:ResponsePlanPagerDutyIncidentConfiguration": { + "type": "object", + "properties": { + "serviceId": { + "type": "string", + "description": "The pagerDuty serviceId." + } + } + }, + "aws-native:ssmincidents:ResponsePlanSsmAutomation": { + "type": "object", + "properties": { + "documentName": { + "type": "string", + "description": "The document name to use when starting the SSM automation document." + }, + "documentVersion": { + "type": "string", + "description": "The version of the document to use when starting the SSM automation document." + }, + "dynamicParameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanDynamicSsmParameter" + }, + "description": "The parameters with dynamic values to set when starting the SSM automation document." + }, + "parameters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanSsmParameter" + }, + "description": "The parameters to set when starting the SSM automation document." + }, + "roleArn": { + "type": "string", + "description": "The role ARN to use when starting the SSM automation document." + }, + "targetAccount": { + "$ref": "#/types/aws-native:ssmincidents:ResponsePlanSsmAutomationTargetAccount", + "description": "The account type to use when starting the SSM automation document." + } + } + }, + "aws-native:ssmincidents:ResponsePlanSsmAutomationTargetAccount": { + "type": "string" + }, + "aws-native:ssmincidents:ResponsePlanSsmParameter": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key parameter to use when running the Automation runbook." + }, + "values": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The value parameter to use when running the Automation runbook." + } + } + }, + "aws-native:ssmincidents:ResponsePlanTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:ssmincidents:ResponsePlanVariableType": { + "type": "string" + }, + "aws-native:sso:ApplicationAssignmentPrincipalType": { + "type": "string" + }, + "aws-native:sso:ApplicationPortalOptionsConfiguration": { + "type": "object", + "properties": { + "signInOptions": { + "$ref": "#/types/aws-native:sso:ApplicationSignInOptions", + "description": "A structure that describes the sign-in options for the access portal" + }, + "visibility": { + "$ref": "#/types/aws-native:sso:ApplicationPortalOptionsConfigurationVisibility", + "description": "Indicates whether this application is visible in the access portal" + } + } + }, + "aws-native:sso:ApplicationPortalOptionsConfigurationVisibility": { + "type": "string" + }, + "aws-native:sso:ApplicationSignInOptions": { + "type": "object", + "properties": { + "applicationUrl": { + "type": "string", + "description": "The URL that accepts authentication requests for an application, this is a required parameter if the Origin parameter is APPLICATION" + }, + "origin": { + "$ref": "#/types/aws-native:sso:ApplicationSignInOptionsOrigin", + "description": "This determines how IAM Identity Center navigates the user to the target application" + } + } + }, + "aws-native:sso:ApplicationSignInOptionsOrigin": { + "type": "string" + }, + "aws-native:sso:ApplicationStatus": { + "type": "string" + }, + "aws-native:sso:ApplicationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:sso:AssignmentPrincipalType": { + "type": "string" + }, + "aws-native:sso:AssignmentTargetType": { + "type": "string" + }, + "aws-native:sso:InstanceAccessControlAttributeConfigurationAccessControlAttribute": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "$ref": "#/types/aws-native:sso:InstanceAccessControlAttributeConfigurationAccessControlAttributeValue" + } + } + }, + "aws-native:sso:InstanceAccessControlAttributeConfigurationAccessControlAttributeValue": { + "type": "object", + "properties": { + "source": { + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "aws-native:sso:InstanceAccessControlAttributeConfigurationProperties": { + "type": "object", + "properties": { + "accessControlAttributes": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:sso:InstanceAccessControlAttributeConfigurationAccessControlAttribute" + } + } + } + }, + "aws-native:sso:InstanceStatus": { + "type": "string" + }, + "aws-native:sso:InstanceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:sso:PermissionSetCustomerManagedPolicyReference": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the IAM policy that you have configured in each account where you want to deploy your permission set." + }, + "path": { + "type": "string", + "description": "The path to the IAM policy that you have configured in each account where you want to deploy your permission set. The default is `/` . For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* ." + } + } + }, + "aws-native:sso:PermissionSetPermissionsBoundary": { + "type": "object", + "properties": { + "customerManagedPolicyReference": { + "$ref": "#/types/aws-native:sso:PermissionSetCustomerManagedPolicyReference", + "description": "Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set." + }, + "managedPolicyArn": { + "type": "string", + "description": "The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary." + } + } + }, + "aws-native:sso:PermissionSetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key for the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:stepfunctions:ActivityEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsDataKeyReusePeriodSeconds": { + "type": "integer", + "description": "Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys." + }, + "kmsKeyId": { + "type": "string", + "description": "An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data. To specify a AWS KMS key in a different AWS account, you must use the key ARN or alias ARN." + }, + "type": { + "$ref": "#/types/aws-native:stepfunctions:ActivityEncryptionConfigurationType", + "description": "Encryption option for an activity." + } + } + }, + "aws-native:stepfunctions:ActivityEncryptionConfigurationType": { + "type": "string" + }, + "aws-native:stepfunctions:ActivityTagsEntry": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The `key` for a key-value pair in a tag entry." + }, + "value": { + "type": "string", + "description": "The `value` for a key-value pair in a tag entry." + } + } + }, + "aws-native:stepfunctions:StateMachineAliasDeploymentPreference": { + "type": "object", + "properties": { + "alarms": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of CloudWatch alarm names that will be monitored during the deployment. The deployment will fail and rollback if any alarms go into ALARM state." + }, + "interval": { + "type": "integer", + "description": "The time in minutes between each traffic shifting increment." + }, + "percentage": { + "type": "integer", + "description": "The percentage of traffic to shift to the new version in each increment." + }, + "stateMachineVersionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the [`AWS::StepFunctions::StateMachineVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachineversion.html) resource that will be the final version to which the alias points to when the traffic shifting is complete.\n\nWhile performing gradual deployments, you can only provide a single state machine version ARN. To explicitly set version weights in a CloudFormation template, use `RoutingConfiguration` instead." + }, + "type": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineAliasDeploymentPreferenceType", + "description": "The type of deployment to perform." + } + } + }, + "aws-native:stepfunctions:StateMachineAliasDeploymentPreferenceType": { + "type": "string" + }, + "aws-native:stepfunctions:StateMachineAliasRoutingConfigurationVersion": { + "type": "object", + "properties": { + "stateMachineVersionArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration." + }, + "weight": { + "type": "integer", + "description": "The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100." + } + } + }, + "aws-native:stepfunctions:StateMachineCloudWatchLogsLogGroup": { + "type": "object", + "properties": { + "logGroupArn": { + "type": "string", + "description": "The ARN of the the CloudWatch log group to which you want your logs emitted to. The ARN must end with `:*`" + } + } + }, + "aws-native:stepfunctions:StateMachineDefinition": { + "type": "object" + }, + "aws-native:stepfunctions:StateMachineEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsDataKeyReusePeriodSeconds": { + "type": "integer", + "description": "Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys." + }, + "kmsKeyId": { + "type": "string", + "description": "An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data. To specify a AWS KMS key in a different AWS account, you must use the key ARN or alias ARN." + }, + "type": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineEncryptionConfigurationType", + "description": "Encryption option for a state machine." + } + } + }, + "aws-native:stepfunctions:StateMachineEncryptionConfigurationType": { + "type": "string" + }, + "aws-native:stepfunctions:StateMachineLogDestination": { + "type": "object", + "properties": { + "cloudWatchLogsLogGroup": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineCloudWatchLogsLogGroup", + "description": "An object describing a CloudWatch log group. For more information, see [AWS::Logs::LogGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) in the AWS CloudFormation User Guide." + } + } + }, + "aws-native:stepfunctions:StateMachineLoggingConfiguration": { + "type": "object", + "properties": { + "destinations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineLogDestination" + }, + "description": "An array of objects that describes where your execution history events will be logged. Limited to size 1. Required, if your log level is not set to `OFF` ." + }, + "includeExecutionData": { + "type": "boolean", + "description": "Determines whether execution data is included in your log. When set to `false` , data is excluded." + }, + "level": { + "$ref": "#/types/aws-native:stepfunctions:StateMachineLoggingConfigurationLevel", + "description": "Defines which category of execution history events are logged." + } + } + }, + "aws-native:stepfunctions:StateMachineLoggingConfigurationLevel": { + "type": "string" + }, + "aws-native:stepfunctions:StateMachineS3Location": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "The name of the S3 bucket where the state machine definition JSON or YAML file is stored." + }, + "key": { + "type": "string", + "description": "The name of the state machine definition file (Amazon S3 object name)." + }, + "version": { + "type": "string", + "description": "For versioning-enabled buckets, a specific version of the state machine definition." + } + } + }, + "aws-native:stepfunctions:StateMachineTagsEntry": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The `key` for a key-value pair in a tag entry." + }, + "value": { + "type": "string", + "description": "The `value` for a key-value pair in a tag entry." + } + } + }, + "aws-native:stepfunctions:StateMachineTracingConfiguration": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "When set to `true` , X-Ray tracing is enabled." + } + } + }, + "aws-native:stepfunctions:StateMachineType": { + "type": "string" + }, + "aws-native:supportapp:SlackChannelConfigurationNotifyOnCaseSeverity": { + "type": "string" + }, + "aws-native:synthetics:CanaryArtifactConfig": { + "type": "object", + "properties": { + "s3Encryption": { + "$ref": "#/types/aws-native:synthetics:CanaryS3Encryption", + "description": "Encryption configuration for uploading artifacts to S3" + } + }, + "irreversibleNames": { + "s3Encryption": "S3Encryption" + } + }, + "aws-native:synthetics:CanaryBaseScreenshot": { + "type": "object", + "properties": { + "ignoreCoordinates": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of coordinates of rectangles to be ignored during visual testing" + }, + "screenshotName": { + "type": "string", + "description": "Name of the screenshot to be used as base reference for visual testing" + } + } + }, + "aws-native:synthetics:CanaryCode": { + "type": "object", + "properties": { + "handler": { + "type": "string", + "description": "The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` ." + }, + "s3Bucket": { + "type": "string", + "description": "If your canary script is located in S3, specify the bucket name here. The bucket must already exist." + }, + "s3Key": { + "type": "string", + "description": "The S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) ." + }, + "s3ObjectVersion": { + "type": "string", + "description": "The S3 version ID of your script." + }, + "script": { + "type": "string", + "description": "If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the script in plain text. It can be up to 5 MB." + }, + "sourceLocationArn": { + "type": "string", + "description": "The ARN of the Lambda layer where Synthetics stores the canary script code." + } + }, + "irreversibleNames": { + "s3Bucket": "S3Bucket", + "s3Key": "S3Key", + "s3ObjectVersion": "S3ObjectVersion" + } + }, + "aws-native:synthetics:CanaryRunConfig": { + "type": "object", + "properties": { + "activeTracing": { + "type": "boolean", + "description": "Enable active tracing if set to true" + }, + "environmentVariables": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Environment variable key-value pairs." + }, + "memoryInMb": { + "type": "integer", + "description": "Provide maximum memory available for canary in MB" + }, + "timeoutInSeconds": { + "type": "integer", + "description": "Provide maximum canary timeout per run in seconds" + } + }, + "irreversibleNames": { + "memoryInMb": "MemoryInMB" + } + }, + "aws-native:synthetics:CanaryS3Encryption": { + "type": "object", + "properties": { + "encryptionMode": { + "type": "string", + "description": "Encryption mode for encrypting artifacts when uploading to S3. Valid values: SSE_S3 and SSE_KMS." + }, + "kmsKeyArn": { + "type": "string", + "description": "KMS key Arn for encrypting artifacts when uploading to S3. You must specify KMS key Arn for SSE_KMS encryption mode only." + } + } + }, + "aws-native:synthetics:CanarySchedule": { + "type": "object", + "properties": { + "durationInSeconds": { + "type": "string", + "description": "How long, in seconds, for the canary to continue making regular runs according to the schedule in the `Expression` value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used." + }, + "expression": { + "type": "string", + "description": "A `rate` expression or a `cron` expression that defines how often the canary is to run.\n\nFor a rate expression, The syntax is `rate( *number unit* )` . *unit* can be `minute` , `minutes` , or `hour` .\n\nFor example, `rate(1 minute)` runs the canary once a minute, `rate(10 minutes)` runs it once every 10 minutes, and `rate(1 hour)` runs it once every hour. You can specify a frequency between `rate(1 minute)` and `rate(1 hour)` .\n\nSpecifying `rate(0 minute)` or `rate(0 hour)` is a special value that causes the canary to run only once when it is started.\n\nUse `cron( *expression* )` to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html) ." + } + } + }, + "aws-native:synthetics:CanaryTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:synthetics:CanaryVisualReference": { + "type": "object", + "properties": { + "baseCanaryRunId": { + "type": "string", + "description": "Canary run id to be used as base reference for visual testing" + }, + "baseScreenshots": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:synthetics:CanaryBaseScreenshot" + }, + "description": "List of screenshots used as base reference for visual testing" + } + } + }, + "aws-native:synthetics:CanaryVpcConfig": { + "type": "object", + "properties": { + "securityGroupIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the security groups for this canary." + }, + "subnetIds": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The IDs of the subnets where this canary is to run." + }, + "vpcId": { + "type": "string", + "description": "The ID of the VPC where this canary is to run." + } + } + }, + "aws-native:synthetics:GroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:systemsmanagersap:ApplicationCredential": { + "type": "object", + "properties": { + "credentialType": { + "$ref": "#/types/aws-native:systemsmanagersap:ApplicationCredentialCredentialType", + "description": "The type of the application credentials." + }, + "databaseName": { + "type": "string", + "description": "The name of the SAP HANA database." + }, + "secretId": { + "type": "string", + "description": "The secret ID created in AWS Secrets Manager to store the credentials of the SAP application." + } + } + }, + "aws-native:systemsmanagersap:ApplicationCredentialCredentialType": { + "type": "string" + }, + "aws-native:systemsmanagersap:ApplicationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:systemsmanagersap:ApplicationType": { + "type": "string" + }, + "aws-native:timestream:DatabaseTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag. Tag keys are case sensitive." + }, + "value": { + "type": "string", + "description": "The value of the tag. Tag values are case-sensitive and can be null." + } + } + }, + "aws-native:timestream:InfluxDbInstanceDbInstanceType": { + "type": "string" + }, + "aws-native:timestream:InfluxDbInstanceDbStorageType": { + "type": "string" + }, + "aws-native:timestream:InfluxDbInstanceDeploymentType": { + "type": "string" + }, + "aws-native:timestream:InfluxDbInstanceStatus": { + "type": "string" + }, + "aws-native:timestream:InfluxDbInstanceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. " + } + } + }, + "aws-native:timestream:LogDeliveryConfigurationProperties": { + "type": "object", + "properties": { + "s3Configuration": { + "$ref": "#/types/aws-native:timestream:LogDeliveryConfigurationPropertiesS3ConfigurationProperties", + "description": "S3 configuration for sending logs to customer account from the InfluxDB instance." + } + }, + "irreversibleNames": { + "s3Configuration": "S3Configuration" + } + }, + "aws-native:timestream:LogDeliveryConfigurationPropertiesS3ConfigurationProperties": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The bucket name for logs to be sent from the InfluxDB instance" + }, + "enabled": { + "type": "boolean", + "description": "Specifies whether logging to customer specified bucket is enabled." + } + } + }, + "aws-native:timestream:MagneticStoreWritePropertiesProperties": { + "type": "object", + "properties": { + "enableMagneticStoreWrites": { + "type": "boolean", + "description": "Boolean flag indicating whether magnetic store writes are enabled." + }, + "magneticStoreRejectedDataLocation": { + "$ref": "#/types/aws-native:timestream:MagneticStoreWritePropertiesPropertiesMagneticStoreRejectedDataLocationProperties", + "description": "Location to store information about records that were asynchronously rejected during magnetic store writes." + } + } + }, + "aws-native:timestream:MagneticStoreWritePropertiesPropertiesMagneticStoreRejectedDataLocationProperties": { + "type": "object", + "properties": { + "s3Configuration": { + "$ref": "#/types/aws-native:timestream:MagneticStoreWritePropertiesPropertiesMagneticStoreRejectedDataLocationPropertiesS3ConfigurationProperties", + "description": "S3 configuration for location to store rejections from magnetic store writes" + } + }, + "irreversibleNames": { + "s3Configuration": "S3Configuration" + } + }, + "aws-native:timestream:MagneticStoreWritePropertiesPropertiesMagneticStoreRejectedDataLocationPropertiesS3ConfigurationProperties": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "The bucket name used to store the data." + }, + "encryptionOption": { + "type": "string", + "description": "Either SSE_KMS or SSE_S3." + }, + "kmsKeyId": { + "type": "string", + "description": "Must be provided if SSE_KMS is specified as the encryption option" + }, + "objectKeyPrefix": { + "type": "string", + "description": "String used to prefix all data in the bucket." + } + } + }, + "aws-native:timestream:RetentionPropertiesProperties": { + "type": "object", + "properties": { + "magneticStoreRetentionPeriodInDays": { + "type": "string", + "description": "The duration for which data must be stored in the magnetic store." + }, + "memoryStoreRetentionPeriodInHours": { + "type": "string", + "description": "The duration for which data must be stored in the memory store." + } + } + }, + "aws-native:timestream:ScheduledQueryDimensionMapping": { + "type": "object", + "properties": { + "dimensionValueType": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryDimensionValueType" + }, + "name": { + "type": "string" + } + } + }, + "aws-native:timestream:ScheduledQueryDimensionValueType": { + "type": "string" + }, + "aws-native:timestream:ScheduledQueryEncryptionOption": { + "type": "string" + }, + "aws-native:timestream:ScheduledQueryErrorReportConfiguration": { + "type": "object", + "properties": { + "s3Configuration": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryS3Configuration", + "description": "The S3 configuration for the error reports." + } + }, + "irreversibleNames": { + "s3Configuration": "S3Configuration" + } + }, + "aws-native:timestream:ScheduledQueryMixedMeasureMapping": { + "type": "object", + "properties": { + "measureName": { + "type": "string" + }, + "measureValueType": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryMixedMeasureMappingMeasureValueType" + }, + "multiMeasureAttributeMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryMultiMeasureAttributeMapping" + } + }, + "sourceColumn": { + "type": "string" + }, + "targetMeasureName": { + "type": "string" + } + } + }, + "aws-native:timestream:ScheduledQueryMixedMeasureMappingMeasureValueType": { + "type": "string" + }, + "aws-native:timestream:ScheduledQueryMultiMeasureAttributeMapping": { + "type": "object", + "properties": { + "measureValueType": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryMultiMeasureAttributeMappingMeasureValueType" + }, + "sourceColumn": { + "type": "string" + }, + "targetMultiMeasureAttributeName": { + "type": "string" + } + } + }, + "aws-native:timestream:ScheduledQueryMultiMeasureAttributeMappingMeasureValueType": { + "type": "string" + }, + "aws-native:timestream:ScheduledQueryMultiMeasureMappings": { + "type": "object", + "properties": { + "multiMeasureAttributeMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryMultiMeasureAttributeMapping" + }, + "description": "Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes." + }, + "targetMultiMeasureName": { + "type": "string", + "description": "The name of the target multi-measure name in the derived table. This input is required when measureNameColumn is not provided. If MeasureNameColumn is provided, then value from that column will be used as multi-measure name." + } + } + }, + "aws-native:timestream:ScheduledQueryNotificationConfiguration": { + "type": "object", + "properties": { + "snsConfiguration": { + "$ref": "#/types/aws-native:timestream:ScheduledQuerySnsConfiguration", + "description": "Details on SNS configuration." + } + } + }, + "aws-native:timestream:ScheduledQueryS3Configuration": { + "type": "object", + "properties": { + "bucketName": { + "type": "string", + "description": "Name of the S3 bucket under which error reports will be created." + }, + "encryptionOption": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryEncryptionOption", + "description": "Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default." + }, + "objectKeyPrefix": { + "type": "string", + "description": "Prefix for the error report key. Timestream by default adds the following prefix to the error report path." + } + } + }, + "aws-native:timestream:ScheduledQueryScheduleConfiguration": { + "type": "object", + "properties": { + "scheduleExpression": { + "type": "string", + "description": "An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression." + } + } + }, + "aws-native:timestream:ScheduledQuerySnsConfiguration": { + "type": "object", + "properties": { + "topicArn": { + "type": "string", + "description": "SNS topic ARN that the scheduled query status notifications will be sent to." + } + } + }, + "aws-native:timestream:ScheduledQueryTag": { + "type": "object", + "properties": { + "key": { + "type": "string" + }, + "value": { + "type": "string" + } + } + }, + "aws-native:timestream:ScheduledQueryTargetConfiguration": { + "type": "object", + "properties": { + "timestreamConfiguration": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryTimestreamConfiguration", + "description": "Configuration needed to write data into the Timestream database and table." + } + } + }, + "aws-native:timestream:ScheduledQueryTimestreamConfiguration": { + "type": "object", + "properties": { + "databaseName": { + "type": "string", + "description": "Name of Timestream database to which the query result will be written." + }, + "dimensionMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryDimensionMapping" + }, + "description": "This is to allow mapping column(s) from the query result to the dimension in the destination table." + }, + "measureNameColumn": { + "type": "string", + "description": "Name of the measure column. Also see `MultiMeasureMappings` and `MixedMeasureMappings` for how measure name properties on those relate to `MeasureNameColumn` ." + }, + "mixedMeasureMappings": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryMixedMeasureMapping" + }, + "description": "Specifies how to map measures to multi-measure records." + }, + "multiMeasureMappings": { + "$ref": "#/types/aws-native:timestream:ScheduledQueryMultiMeasureMappings", + "description": "Multi-measure mappings." + }, + "tableName": { + "type": "string", + "description": "Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration." + }, + "timeColumn": { + "type": "string", + "description": "Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP." + } + } + }, + "aws-native:timestream:SchemaProperties": { + "type": "object", + "properties": { + "compositePartitionKey": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:timestream:TablePartitionKey" + }, + "description": "A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed." + } + } + }, + "aws-native:timestream:TablePartitionKey": { + "type": "object", + "properties": { + "enforcementInRecord": { + "$ref": "#/types/aws-native:timestream:TablePartitionKeyEnforcementLevel" + }, + "name": { + "type": "string" + }, + "type": { + "$ref": "#/types/aws-native:timestream:TablePartitionKeyType" + } + } + }, + "aws-native:timestream:TablePartitionKeyEnforcementLevel": { + "type": "string" + }, + "aws-native:timestream:TablePartitionKeyType": { + "type": "string" + }, + "aws-native:timestream:TableTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag. Tag keys are case sensitive." + }, + "value": { + "type": "string", + "description": "The value of the tag. Tag values are case-sensitive and can be null." + } + } + }, + "aws-native:transfer:AgreementStatus": { + "type": "string" + }, + "aws-native:transfer:AgreementTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name assigned to the tag that you create." + }, + "value": { + "type": "string", + "description": "Contains one or more values that you assigned to the key name you create." + } + } + }, + "aws-native:transfer:As2ConfigProperties": { + "type": "object", + "properties": { + "basicAuthSecretId": { + "type": "string", + "description": "ARN or name of the secret in AWS Secrets Manager which contains the credentials for Basic authentication. If empty, Basic authentication is disabled for the AS2 connector" + }, + "compression": { + "$ref": "#/types/aws-native:transfer:ConnectorAs2ConfigPropertiesCompression", + "description": "Compression setting for this AS2 connector configuration." + }, + "encryptionAlgorithm": { + "$ref": "#/types/aws-native:transfer:ConnectorAs2ConfigPropertiesEncryptionAlgorithm", + "description": "Encryption algorithm for this AS2 connector configuration." + }, + "localProfileId": { + "type": "string", + "description": "A unique identifier for the local profile." + }, + "mdnResponse": { + "$ref": "#/types/aws-native:transfer:ConnectorAs2ConfigPropertiesMdnResponse", + "description": "MDN Response setting for this AS2 connector configuration." + }, + "mdnSigningAlgorithm": { + "$ref": "#/types/aws-native:transfer:ConnectorAs2ConfigPropertiesMdnSigningAlgorithm", + "description": "MDN Signing algorithm for this AS2 connector configuration." + }, + "messageSubject": { + "type": "string", + "description": "The message subject for this AS2 connector configuration." + }, + "partnerProfileId": { + "type": "string", + "description": "A unique identifier for the partner profile." + }, + "signingAlgorithm": { + "$ref": "#/types/aws-native:transfer:ConnectorAs2ConfigPropertiesSigningAlgorithm", + "description": "Signing algorithm for this AS2 connector configuration." + } + } + }, + "aws-native:transfer:CertificateStatus": { + "type": "string" + }, + "aws-native:transfer:CertificateTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:transfer:CertificateType": { + "type": "string" + }, + "aws-native:transfer:CertificateUsage": { + "type": "string" + }, + "aws-native:transfer:ConnectorAs2ConfigPropertiesCompression": { + "type": "string" + }, + "aws-native:transfer:ConnectorAs2ConfigPropertiesEncryptionAlgorithm": { + "type": "string" + }, + "aws-native:transfer:ConnectorAs2ConfigPropertiesMdnResponse": { + "type": "string" + }, + "aws-native:transfer:ConnectorAs2ConfigPropertiesMdnSigningAlgorithm": { + "type": "string" + }, + "aws-native:transfer:ConnectorAs2ConfigPropertiesSigningAlgorithm": { + "type": "string" + }, + "aws-native:transfer:ConnectorTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name assigned to the tag that you create." + }, + "value": { + "type": "string", + "description": "Contains one or more values that you assigned to the key name you create." + } + } + }, + "aws-native:transfer:ProfileTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name assigned to the tag that you create." + }, + "value": { + "type": "string", + "description": "Contains one or more values that you assigned to the key name you create." + } + } + }, + "aws-native:transfer:ProfileType": { + "type": "string" + }, + "aws-native:transfer:SftpConfigProperties": { + "type": "object", + "properties": { + "trustedHostKeys": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of public host keys, for the external server to which you are connecting." + }, + "userSecretId": { + "type": "string", + "description": "ARN or name of the secret in AWS Secrets Manager which contains the SFTP user's private keys or passwords." + } + } + }, + "aws-native:transfer:WorkflowEfsInputFileLocation": { + "type": "object", + "properties": { + "fileSystemId": { + "type": "string", + "description": "Specifies the EFS filesystem that contains the file." + }, + "path": { + "type": "string", + "description": "The name assigned to the file when it was created in EFS. You use the object path to retrieve the object." + } + } + }, + "aws-native:transfer:WorkflowInputFileLocation": { + "type": "object", + "properties": { + "efsFileLocation": { + "$ref": "#/types/aws-native:transfer:WorkflowEfsInputFileLocation" + }, + "s3FileLocation": { + "$ref": "#/types/aws-native:transfer:WorkflowS3InputFileLocation" + } + }, + "irreversibleNames": { + "s3FileLocation": "S3FileLocation" + } + }, + "aws-native:transfer:WorkflowS3FileLocation": { + "type": "object", + "properties": { + "s3FileLocation": { + "$ref": "#/types/aws-native:transfer:WorkflowS3InputFileLocation", + "description": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage." + } + }, + "irreversibleNames": { + "s3FileLocation": "S3FileLocation" + } + }, + "aws-native:transfer:WorkflowS3InputFileLocation": { + "type": "object", + "properties": { + "bucket": { + "type": "string", + "description": "Specifies the S3 bucket that contains the file." + }, + "key": { + "type": "string", + "description": "The name assigned to the file when it was created in S3. You use the object key to retrieve the object." + } + } + }, + "aws-native:transfer:WorkflowS3Tag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name assigned to the tag that you create." + }, + "value": { + "type": "string", + "description": "The value that corresponds to the key." + } + } + }, + "aws-native:transfer:WorkflowStep": { + "type": "object", + "properties": { + "copyStepDetails": { + "$ref": "#/types/aws-native:transfer:WorkflowStepCopyStepDetailsProperties", + "description": "Details for a step that performs a file copy." + }, + "customStepDetails": { + "$ref": "#/types/aws-native:transfer:WorkflowStepCustomStepDetailsProperties", + "description": "Details for a step that invokes a lambda function." + }, + "decryptStepDetails": { + "$ref": "#/types/aws-native:transfer:WorkflowStepDecryptStepDetailsProperties", + "description": "Details for a step that performs a file decryption." + }, + "deleteStepDetails": { + "$ref": "#/types/aws-native:transfer:WorkflowStepDeleteStepDetailsProperties", + "description": "Details for a step that deletes the file." + }, + "tagStepDetails": { + "$ref": "#/types/aws-native:transfer:WorkflowStepTagStepDetailsProperties", + "description": "Details for a step that creates one or more tags." + }, + "type": { + "$ref": "#/types/aws-native:transfer:WorkflowStepType" + } + } + }, + "aws-native:transfer:WorkflowStepCopyStepDetailsProperties": { + "type": "object", + "properties": { + "destinationFileLocation": { + "$ref": "#/types/aws-native:transfer:WorkflowS3FileLocation" + }, + "name": { + "type": "string", + "description": "The name of the step, used as an identifier." + }, + "overwriteExisting": { + "$ref": "#/types/aws-native:transfer:WorkflowStepCopyStepDetailsPropertiesOverwriteExisting", + "description": "A flag that indicates whether or not to overwrite an existing file of the same name. The default is FALSE." + }, + "sourceFileLocation": { + "type": "string", + "description": "Specifies which file to use as input to the workflow step." + } + } + }, + "aws-native:transfer:WorkflowStepCopyStepDetailsPropertiesOverwriteExisting": { + "type": "string" + }, + "aws-native:transfer:WorkflowStepCustomStepDetailsProperties": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the step, used as an identifier." + }, + "sourceFileLocation": { + "type": "string", + "description": "Specifies which file to use as input to the workflow step." + }, + "target": { + "type": "string", + "description": "The ARN for the lambda function that is being called." + }, + "timeoutSeconds": { + "type": "integer", + "description": "Timeout, in seconds, for the step." + } + } + }, + "aws-native:transfer:WorkflowStepDecryptStepDetailsProperties": { + "type": "object", + "properties": { + "destinationFileLocation": { + "$ref": "#/types/aws-native:transfer:WorkflowInputFileLocation" + }, + "name": { + "type": "string", + "description": "The name of the step, used as an identifier." + }, + "overwriteExisting": { + "$ref": "#/types/aws-native:transfer:WorkflowStepDecryptStepDetailsPropertiesOverwriteExisting", + "description": "A flag that indicates whether or not to overwrite an existing file of the same name. The default is FALSE." + }, + "sourceFileLocation": { + "type": "string", + "description": "Specifies which file to use as input to the workflow step." + }, + "type": { + "$ref": "#/types/aws-native:transfer:WorkflowStepDecryptStepDetailsPropertiesType", + "description": "Specifies which encryption method to use." + } + } + }, + "aws-native:transfer:WorkflowStepDecryptStepDetailsPropertiesOverwriteExisting": { + "type": "string" + }, + "aws-native:transfer:WorkflowStepDecryptStepDetailsPropertiesType": { + "type": "string" + }, + "aws-native:transfer:WorkflowStepDeleteStepDetailsProperties": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the step, used as an identifier." + }, + "sourceFileLocation": { + "type": "string", + "description": "Specifies which file to use as input to the workflow step." + } + } + }, + "aws-native:transfer:WorkflowStepTagStepDetailsProperties": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the step, used as an identifier." + }, + "sourceFileLocation": { + "type": "string", + "description": "Specifies which file to use as input to the workflow step." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:transfer:WorkflowS3Tag" + }, + "description": "Array that contains from 1 to 10 key/value pairs." + } + } + }, + "aws-native:transfer:WorkflowStepType": { + "type": "string" + }, + "aws-native:transfer:WorkflowTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name assigned to the tag that you create." + }, + "value": { + "type": "string", + "description": "Contains one or more values that you assigned to the key name you create." + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceCognitoGroupConfiguration": { + "type": "object", + "properties": { + "groupEntityType": { + "type": "string" + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceCognitoUserPoolConfiguration": { + "type": "object", + "properties": { + "clientIds": { + "type": "array", + "items": { + "type": "string" + } + }, + "groupConfiguration": { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceCognitoGroupConfiguration" + }, + "userPoolArn": { + "type": "string" + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceConfiguration0Properties": { + "type": "object", + "properties": { + "cognitoUserPoolConfiguration": { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceCognitoUserPoolConfiguration" + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceConfiguration1Properties": { + "type": "object", + "properties": { + "openIdConnectConfiguration": { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceOpenIdConnectConfiguration" + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceDetails": { + "type": "object", + "properties": { + "clientIds": { + "type": "array", + "items": { + "type": "string" + } + }, + "discoveryUrl": { + "type": "string" + }, + "openIdIssuer": { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceOpenIdIssuer" + }, + "userPoolArn": { + "type": "string" + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceOpenIdConnectAccessTokenConfiguration": { + "type": "object", + "properties": { + "audiences": { + "type": "array", + "items": { + "type": "string" + } + }, + "principalIdClaim": { + "type": "string" + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceOpenIdConnectConfiguration": { + "type": "object", + "properties": { + "entityIdPrefix": { + "type": "string" + }, + "groupConfiguration": { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceOpenIdConnectGroupConfiguration" + }, + "issuer": { + "type": "string" + }, + "tokenSelection": { + "oneOf": [ + { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceOpenIdConnectTokenSelection0Properties" + }, + { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceOpenIdConnectTokenSelection1Properties" + } + ] + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceOpenIdConnectGroupConfiguration": { + "type": "object", + "properties": { + "groupClaim": { + "type": "string" + }, + "groupEntityType": { + "type": "string" + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceOpenIdConnectIdentityTokenConfiguration": { + "type": "object", + "properties": { + "clientIds": { + "type": "array", + "items": { + "type": "string" + } + }, + "principalIdClaim": { + "type": "string" + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceOpenIdConnectTokenSelection0Properties": { + "type": "object", + "properties": { + "accessTokenOnly": { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceOpenIdConnectAccessTokenConfiguration" + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceOpenIdConnectTokenSelection1Properties": { + "type": "object", + "properties": { + "identityTokenOnly": { + "$ref": "#/types/aws-native:verifiedpermissions:IdentitySourceOpenIdConnectIdentityTokenConfiguration" + } + } + }, + "aws-native:verifiedpermissions:IdentitySourceOpenIdIssuer": { + "type": "string" + }, + "aws-native:verifiedpermissions:PolicyDefinition0Properties": { + "type": "object", + "properties": { + "static": { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyStaticPolicyDefinition" + } + } + }, + "aws-native:verifiedpermissions:PolicyDefinition1Properties": { + "type": "object", + "properties": { + "templateLinked": { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyTemplateLinkedPolicyDefinition" + } + } + }, + "aws-native:verifiedpermissions:PolicyEntityIdentifier": { + "type": "object", + "properties": { + "entityId": { + "type": "string" + }, + "entityType": { + "type": "string" + } + } + }, + "aws-native:verifiedpermissions:PolicyStaticPolicyDefinition": { + "type": "object", + "properties": { + "description": { + "type": "string" + }, + "statement": { + "type": "string" + } + } + }, + "aws-native:verifiedpermissions:PolicyStoreSchemaDefinition": { + "type": "object", + "properties": { + "cedarJson": { + "type": "string", + "description": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide." + } + } + }, + "aws-native:verifiedpermissions:PolicyStoreValidationMode": { + "type": "string" + }, + "aws-native:verifiedpermissions:PolicyStoreValidationSettings": { + "type": "object", + "properties": { + "mode": { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyStoreValidationMode", + "description": "The validation mode currently configured for this policy store. The valid values are:\n\n- *OFF* – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.\n- *STRICT* – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.\n\n\u003e If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.\n\u003e \n\u003e To submit a static policy or policy template without a schema, you must turn off validation." + } + } + }, + "aws-native:verifiedpermissions:PolicyTemplateLinkedPolicyDefinition": { + "type": "object", + "properties": { + "policyTemplateId": { + "type": "string" + }, + "principal": { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyEntityIdentifier" + }, + "resource": { + "$ref": "#/types/aws-native:verifiedpermissions:PolicyEntityIdentifier" + } + } + }, + "aws-native:verifiedpermissions:PolicyType": { + "type": "string" + }, + "aws-native:voiceid:DomainServerSideEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The identifier of the KMS key to use to encrypt data stored by Voice ID. Voice ID doesn't support asymmetric customer managed keys." + } + } + }, + "aws-native:voiceid:DomainTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The first part of a key:value pair that forms a tag associated with a given resource. For example, in the tag 'Department':'Sales', the key is 'Department'." + }, + "value": { + "type": "string", + "description": "The second part of a key:value pair that forms a tag associated with a given resource. For example, in the tag 'Department':'Sales', the value is 'Sales'." + } + } + }, + "aws-native:vpclattice:AccessLogSubscriptionTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:vpclattice:AuthPolicyState": { + "type": "string" + }, + "aws-native:vpclattice:ListenerDefaultAction": { + "type": "object", + "properties": { + "fixedResponse": { + "$ref": "#/types/aws-native:vpclattice:ListenerFixedResponse", + "description": "Describes an action that returns a custom HTTP response." + }, + "forward": { + "$ref": "#/types/aws-native:vpclattice:ListenerForward", + "description": "Describes a forward action. You can use forward actions to route requests to one or more target groups." + } + } + }, + "aws-native:vpclattice:ListenerFixedResponse": { + "type": "object", + "properties": { + "statusCode": { + "type": "integer", + "description": "The HTTP response code." + } + } + }, + "aws-native:vpclattice:ListenerForward": { + "type": "object", + "properties": { + "targetGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:vpclattice:ListenerWeightedTargetGroup" + }, + "description": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group." + } + } + }, + "aws-native:vpclattice:ListenerProtocol": { + "type": "string" + }, + "aws-native:vpclattice:ListenerTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:vpclattice:ListenerWeightedTargetGroup": { + "type": "object", + "properties": { + "targetGroupIdentifier": { + "type": "string", + "description": "The ID of the target group." + }, + "weight": { + "type": "integer", + "description": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100." + } + } + }, + "aws-native:vpclattice:RuleAction": { + "type": "object", + "properties": { + "fixedResponse": { + "$ref": "#/types/aws-native:vpclattice:RuleFixedResponse", + "description": "The fixed response action. The rule returns a custom HTTP response." + }, + "forward": { + "$ref": "#/types/aws-native:vpclattice:RuleForward", + "description": "The forward action. Traffic that matches the rule is forwarded to the specified target groups." + } + } + }, + "aws-native:vpclattice:RuleFixedResponse": { + "type": "object", + "properties": { + "statusCode": { + "type": "integer", + "description": "The HTTP response code." + } + } + }, + "aws-native:vpclattice:RuleForward": { + "type": "object", + "properties": { + "targetGroups": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:vpclattice:RuleWeightedTargetGroup" + }, + "description": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group." + } + } + }, + "aws-native:vpclattice:RuleHeaderMatch": { + "type": "object", + "properties": { + "caseSensitive": { + "type": "boolean", + "description": "Indicates whether the match is case sensitive." + }, + "match": { + "$ref": "#/types/aws-native:vpclattice:RuleHeaderMatchType", + "description": "The header match type." + }, + "name": { + "type": "string", + "description": "The name of the header." + } + } + }, + "aws-native:vpclattice:RuleHeaderMatchType": { + "type": "object", + "properties": { + "contains": { + "type": "string", + "description": "A contains type match." + }, + "exact": { + "type": "string", + "description": "An exact type match." + }, + "prefix": { + "type": "string", + "description": "A prefix type match. Matches the value with the prefix." + } + } + }, + "aws-native:vpclattice:RuleHttpMatch": { + "type": "object", + "properties": { + "headerMatches": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:vpclattice:RuleHeaderMatch" + }, + "description": "The header matches. Matches incoming requests with rule based on request header value before applying rule action." + }, + "method": { + "$ref": "#/types/aws-native:vpclattice:RuleHttpMatchMethod", + "description": "The HTTP method type." + }, + "pathMatch": { + "$ref": "#/types/aws-native:vpclattice:RulePathMatch", + "description": "The path match." + } + } + }, + "aws-native:vpclattice:RuleHttpMatchMethod": { + "type": "string" + }, + "aws-native:vpclattice:RuleMatch": { + "type": "object", + "properties": { + "httpMatch": { + "$ref": "#/types/aws-native:vpclattice:RuleHttpMatch", + "description": "The HTTP criteria that a rule must match." + } + } + }, + "aws-native:vpclattice:RulePathMatch": { + "type": "object", + "properties": { + "caseSensitive": { + "type": "boolean", + "description": "Indicates whether the match is case sensitive." + }, + "match": { + "$ref": "#/types/aws-native:vpclattice:RulePathMatchType", + "description": "The type of path match." + } + } + }, + "aws-native:vpclattice:RulePathMatchType": { + "type": "object", + "properties": { + "exact": { + "type": "string", + "description": "An exact match of the path." + }, + "prefix": { + "type": "string", + "description": "A prefix match of the path." + } + } + }, + "aws-native:vpclattice:RuleTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:vpclattice:RuleWeightedTargetGroup": { + "type": "object", + "properties": { + "targetGroupIdentifier": { + "type": "string", + "description": "The ID of the target group." + }, + "weight": { + "type": "integer", + "description": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100." + } + } + }, + "aws-native:vpclattice:ServiceAuthType": { + "type": "string" + }, + "aws-native:vpclattice:ServiceDnsEntry": { + "type": "object", + "properties": { + "domainName": { + "type": "string", + "description": "The domain name of the service." + }, + "hostedZoneId": { + "type": "string", + "description": "The ID of the hosted zone." + } + } + }, + "aws-native:vpclattice:ServiceNetworkAuthType": { + "type": "string" + }, + "aws-native:vpclattice:ServiceNetworkServiceAssociationDnsEntry": { + "type": "object", + "properties": { + "domainName": { + "type": "string", + "description": "The domain name of the service." + }, + "hostedZoneId": { + "type": "string", + "description": "The ID of the hosted zone." + } + } + }, + "aws-native:vpclattice:ServiceNetworkServiceAssociationStatus": { + "type": "string" + }, + "aws-native:vpclattice:ServiceNetworkServiceAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:vpclattice:ServiceNetworkTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:vpclattice:ServiceNetworkVpcAssociationStatus": { + "type": "string" + }, + "aws-native:vpclattice:ServiceNetworkVpcAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:vpclattice:ServiceStatus": { + "type": "string" + }, + "aws-native:vpclattice:ServiceTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:vpclattice:TargetGroupConfig": { + "type": "object", + "properties": { + "healthCheck": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupHealthCheckConfig", + "description": "The health check configuration. Not supported if the target group type is `LAMBDA` or `ALB` ." + }, + "ipAddressType": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupConfigIpAddressType", + "description": "The type of IP address used for the target group. Supported only if the target group type is `IP` . The default is `IPV4` .", + "replaceOnChanges": true + }, + "lambdaEventStructureVersion": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupConfigLambdaEventStructureVersion", + "description": "The version of the event structure that your Lambda function receives. Supported only if the target group type is `LAMBDA` . The default is `V1` .", + "replaceOnChanges": true + }, + "port": { + "type": "integer", + "description": "The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is `LAMBDA` .", + "replaceOnChanges": true + }, + "protocol": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupConfigProtocol", + "description": "The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is `LAMBDA` .", + "replaceOnChanges": true + }, + "protocolVersion": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupConfigProtocolVersion", + "description": "The protocol version. The default is `HTTP1` . Not supported if the target group type is `LAMBDA` .", + "replaceOnChanges": true + }, + "vpcIdentifier": { + "type": "string", + "description": "The ID of the VPC. Not supported if the target group type is `LAMBDA` .", + "replaceOnChanges": true + } + } + }, + "aws-native:vpclattice:TargetGroupConfigIpAddressType": { + "type": "string" + }, + "aws-native:vpclattice:TargetGroupConfigLambdaEventStructureVersion": { + "type": "string" + }, + "aws-native:vpclattice:TargetGroupConfigProtocol": { + "type": "string" + }, + "aws-native:vpclattice:TargetGroupConfigProtocolVersion": { + "type": "string" + }, + "aws-native:vpclattice:TargetGroupHealthCheckConfig": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Indicates whether health checking is enabled." + }, + "healthCheckIntervalSeconds": { + "type": "integer", + "description": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5–300 seconds. The default is 30 seconds." + }, + "healthCheckTimeoutSeconds": { + "type": "integer", + "description": "The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1–120 seconds. The default is 5 seconds." + }, + "healthyThresholdCount": { + "type": "integer", + "description": "The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2–10. The default is 5." + }, + "matcher": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupMatcher", + "description": "The codes to use when checking for a successful response from a target." + }, + "path": { + "type": "string", + "description": "The destination for health checks on the targets. If the protocol version is `HTTP/1.1` or `HTTP/2` , specify a valid URI (for example, `/path?query` ). The default path is `/` . Health checks are not supported if the protocol version is `gRPC` , however, you can choose `HTTP/1.1` or `HTTP/2` and specify a valid URI." + }, + "port": { + "type": "integer", + "description": "The port used when performing health checks on targets. The default setting is the port that a target receives traffic on." + }, + "protocol": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupHealthCheckConfigProtocol", + "description": "The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS` . The default is `HTTP` ." + }, + "protocolVersion": { + "$ref": "#/types/aws-native:vpclattice:TargetGroupHealthCheckConfigProtocolVersion", + "description": "The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2` ." + }, + "unhealthyThresholdCount": { + "type": "integer", + "description": "The number of consecutive failed health checks required before considering a target unhealthy. The range is 2–10. The default is 2." + } + } + }, + "aws-native:vpclattice:TargetGroupHealthCheckConfigProtocol": { + "type": "string" + }, + "aws-native:vpclattice:TargetGroupHealthCheckConfigProtocolVersion": { + "type": "string" + }, + "aws-native:vpclattice:TargetGroupMatcher": { + "type": "object", + "properties": { + "httpCode": { + "type": "string", + "description": "The HTTP code to use when checking for a successful response from a target." + } + } + }, + "aws-native:vpclattice:TargetGroupStatus": { + "type": "string" + }, + "aws-native:vpclattice:TargetGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The tag key." + }, + "value": { + "type": "string", + "description": "The tag value." + } + } + }, + "aws-native:vpclattice:TargetGroupTarget": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The ID of the target. If the target group type is `INSTANCE` , this is an instance ID. If the target group type is `IP` , this is an IP address. If the target group type is `LAMBDA` , this is the ARN of a Lambda function. If the target group type is `ALB` , this is the ARN of an Application Load Balancer." + }, + "port": { + "type": "integer", + "description": "The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443." + } + } + }, + "aws-native:vpclattice:TargetGroupType": { + "type": "string" + }, + "aws-native:wafv2:IpSetIpAddressVersion": { + "type": "string" + }, + "aws-native:wafv2:IpSetScope": { + "type": "string" + }, + "aws-native:wafv2:IpSetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:wafv2:LoggingConfigurationCondition": { + "type": "object", + "properties": { + "actionCondition": { + "$ref": "#/types/aws-native:wafv2:LoggingConfigurationConditionActionConditionProperties", + "description": "A single action condition." + }, + "labelNameCondition": { + "$ref": "#/types/aws-native:wafv2:LoggingConfigurationConditionLabelNameConditionProperties", + "description": "A single label name condition." + } + } + }, + "aws-native:wafv2:LoggingConfigurationConditionActionConditionProperties": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:wafv2:LoggingConfigurationConditionActionConditionPropertiesAction", + "description": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition." + } + } + }, + "aws-native:wafv2:LoggingConfigurationConditionActionConditionPropertiesAction": { + "type": "string" + }, + "aws-native:wafv2:LoggingConfigurationConditionLabelNameConditionProperties": { + "type": "object", + "properties": { + "labelName": { + "type": "string", + "description": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. " + } + } + }, + "aws-native:wafv2:LoggingConfigurationFieldToMatch": { + "type": "object", + "properties": { + "method": { + "$ref": "pulumi.json#/Any", + "description": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform. " + }, + "queryString": { + "$ref": "pulumi.json#/Any", + "description": "Inspect the query string. This is the part of a URL that appears after a ? character, if any. " + }, + "singleHeader": { + "$ref": "#/types/aws-native:wafv2:LoggingConfigurationFieldToMatchSingleHeaderProperties", + "description": "Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive." + }, + "uriPath": { + "$ref": "pulumi.json#/Any", + "description": "Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg. " + } + } + }, + "aws-native:wafv2:LoggingConfigurationFieldToMatchSingleHeaderProperties": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the query header to inspect." + } + } + }, + "aws-native:wafv2:LoggingConfigurationFilter": { + "type": "object", + "properties": { + "behavior": { + "$ref": "#/types/aws-native:wafv2:LoggingConfigurationFilterBehavior", + "description": "How to handle logs that satisfy the filter's conditions and requirement. " + }, + "conditions": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:LoggingConfigurationCondition" + }, + "description": "Match conditions for the filter." + }, + "requirement": { + "$ref": "#/types/aws-native:wafv2:LoggingConfigurationFilterRequirement", + "description": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition." + } + } + }, + "aws-native:wafv2:LoggingConfigurationFilterBehavior": { + "type": "string" + }, + "aws-native:wafv2:LoggingConfigurationFilterRequirement": { + "type": "string" + }, + "aws-native:wafv2:LoggingConfigurationLoggingFilterPropertiesDefaultBehavior": { + "type": "string" + }, + "aws-native:wafv2:LoggingFilterProperties": { + "type": "object", + "properties": { + "defaultBehavior": { + "$ref": "#/types/aws-native:wafv2:LoggingConfigurationLoggingFilterPropertiesDefaultBehavior", + "description": "Default handling for logs that don't match any of the specified filtering conditions." + }, + "filters": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:LoggingConfigurationFilter" + }, + "description": "The filters that you want to apply to the logs." + } + } + }, + "aws-native:wafv2:RegexPatternSetScope": { + "type": "string" + }, + "aws-native:wafv2:RegexPatternSetTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:wafv2:RuleGroupAllowAction": { + "type": "object", + "properties": { + "customRequestHandling": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCustomRequestHandling", + "description": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:RuleGroupAndStatement": { + "type": "object", + "properties": { + "statements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupStatement" + }, + "description": "The statements to combine with AND logic. You can use any statements that can be nested." + } + } + }, + "aws-native:wafv2:RuleGroupBlockAction": { + "type": "object", + "properties": { + "customResponse": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCustomResponse", + "description": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:RuleGroupBody": { + "type": "object", + "properties": { + "oversizeHandling": { + "$ref": "#/types/aws-native:wafv2:RuleGroupOversizeHandling", + "description": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`" + } + } + }, + "aws-native:wafv2:RuleGroupBodyParsingFallbackBehavior": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupByteMatchStatement": { + "type": "object", + "properties": { + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:RuleGroupFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "positionalConstraint": { + "$ref": "#/types/aws-native:wafv2:RuleGroupPositionalConstraint", + "description": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request." + }, + "searchString": { + "type": "string", + "description": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` ." + }, + "searchStringBase64": { + "type": "string", + "description": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` ." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + }, + "irreversibleNames": { + "searchStringBase64": "SearchStringBase64" + } + }, + "aws-native:wafv2:RuleGroupCaptchaAction": { + "type": "object", + "properties": { + "customRequestHandling": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCustomRequestHandling", + "description": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:RuleGroupCaptchaConfig": { + "type": "object", + "properties": { + "immunityTimeProperty": { + "$ref": "#/types/aws-native:wafv2:RuleGroupImmunityTimeProperty", + "description": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle." + } + } + }, + "aws-native:wafv2:RuleGroupChallengeAction": { + "type": "object", + "properties": { + "customRequestHandling": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCustomRequestHandling", + "description": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:RuleGroupChallengeConfig": { + "type": "object", + "properties": { + "immunityTimeProperty": { + "$ref": "#/types/aws-native:wafv2:RuleGroupImmunityTimeProperty", + "description": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge." + } + } + }, + "aws-native:wafv2:RuleGroupCookieMatchPattern": { + "type": "object", + "properties": { + "all": { + "$ref": "pulumi.json#/Any", + "description": "Inspect all parts of the web request cookies." + }, + "excludedCookies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Inspect only the cookies whose keys don't match any of the strings specified here." + }, + "includedCookies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Inspect only the cookies that have a key that matches one of the strings specified here." + } + } + }, + "aws-native:wafv2:RuleGroupCookies": { + "type": "object", + "properties": { + "matchPattern": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCookieMatchPattern", + "description": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`" + }, + "matchScope": { + "$ref": "#/types/aws-native:wafv2:RuleGroupMapMatchScope", + "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values." + }, + "oversizeHandling": { + "$ref": "#/types/aws-native:wafv2:RuleGroupOversizeHandling", + "description": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement." + } + } + }, + "aws-native:wafv2:RuleGroupCountAction": { + "type": "object", + "properties": { + "customRequestHandling": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCustomRequestHandling", + "description": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:RuleGroupCustomHttpHeader": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` ." + }, + "value": { + "type": "string", + "description": "The value of the custom header." + } + } + }, + "aws-native:wafv2:RuleGroupCustomRequestHandling": { + "type": "object", + "properties": { + "insertHeaders": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCustomHttpHeader" + }, + "description": "Collection of HTTP headers." + } + } + }, + "aws-native:wafv2:RuleGroupCustomResponse": { + "type": "object", + "properties": { + "customResponseBodyKey": { + "type": "string", + "description": "Custom response body key." + }, + "responseCode": { + "type": "integer", + "description": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* ." + }, + "responseHeaders": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCustomHttpHeader" + }, + "description": "Collection of HTTP headers." + } + } + }, + "aws-native:wafv2:RuleGroupCustomResponseBody": { + "type": "object", + "properties": { + "content": { + "type": "string", + "description": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* ." + }, + "contentType": { + "$ref": "#/types/aws-native:wafv2:RuleGroupResponseContentType", + "description": "The type of content in the payload that you are defining in the `Content` string." + } + } + }, + "aws-native:wafv2:RuleGroupFieldToMatch": { + "type": "object", + "properties": { + "allQueryArguments": { + "$ref": "pulumi.json#/Any", + "description": "All query arguments of a web request." + }, + "body": { + "$ref": "#/types/aws-native:wafv2:RuleGroupBody", + "description": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration." + }, + "cookies": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCookies", + "description": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service." + }, + "headers": { + "$ref": "#/types/aws-native:wafv2:RuleGroupHeaders", + "description": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service." + }, + "ja3Fingerprint": { + "$ref": "#/types/aws-native:wafv2:RuleGroupJa3Fingerprint", + "description": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n\u003e You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration." + }, + "jsonBody": { + "$ref": "#/types/aws-native:wafv2:RuleGroupJsonBody", + "description": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration." + }, + "method": { + "$ref": "pulumi.json#/Any", + "description": "The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform." + }, + "queryString": { + "$ref": "pulumi.json#/Any", + "description": "The query string of a web request. This is the part of a URL that appears after a ? character, if any." + }, + "singleHeader": { + "$ref": "#/types/aws-native:wafv2:RuleGroupFieldToMatchSingleHeaderProperties", + "description": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting." + }, + "singleQueryArgument": { + "$ref": "#/types/aws-native:wafv2:RuleGroupFieldToMatchSingleQueryArgumentProperties", + "description": "One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive." + }, + "uriPath": { + "$ref": "pulumi.json#/Any", + "description": "The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg." + } + }, + "irreversibleNames": { + "ja3Fingerprint": "JA3Fingerprint" + } + }, + "aws-native:wafv2:RuleGroupFieldToMatchSingleHeaderProperties": { + "type": "object", + "properties": { + "name": { + "type": "string" + } + } + }, + "aws-native:wafv2:RuleGroupFieldToMatchSingleQueryArgumentProperties": { + "type": "object", + "properties": { + "name": { + "type": "string" + } + } + }, + "aws-native:wafv2:RuleGroupForwardedIpConfiguration": { + "type": "object", + "properties": { + "fallbackBehavior": { + "$ref": "#/types/aws-native:wafv2:RuleGroupForwardedIpConfigurationFallbackBehavior", + "description": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement." + }, + "headerName": { + "type": "string", + "description": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all." + } + } + }, + "aws-native:wafv2:RuleGroupForwardedIpConfigurationFallbackBehavior": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupGeoMatchStatement": { + "type": "object", + "properties": { + "countryCodes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site." + }, + "forwardedIpConfig": { + "$ref": "#/types/aws-native:wafv2:RuleGroupForwardedIpConfiguration", + "description": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all." + } + }, + "irreversibleNames": { + "forwardedIpConfig": "ForwardedIPConfig" + } + }, + "aws-native:wafv2:RuleGroupHeaderMatchPattern": { + "type": "object", + "properties": { + "all": { + "$ref": "pulumi.json#/Any", + "description": "Inspect all parts of the web request headers." + }, + "excludedHeaders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Inspect only the headers whose keys don't match any of the strings specified here." + }, + "includedHeaders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Inspect only the headers that have a key that matches one of the strings specified here." + } + } + }, + "aws-native:wafv2:RuleGroupHeaders": { + "type": "object", + "properties": { + "matchPattern": { + "$ref": "#/types/aws-native:wafv2:RuleGroupHeaderMatchPattern", + "description": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`" + }, + "matchScope": { + "$ref": "#/types/aws-native:wafv2:RuleGroupMapMatchScope", + "description": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values." + }, + "oversizeHandling": { + "$ref": "#/types/aws-native:wafv2:RuleGroupOversizeHandling", + "description": "What AWS WAF should do if the headers of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement." + } + } + }, + "aws-native:wafv2:RuleGroupImmunityTimeProperty": { + "type": "object", + "properties": { + "immunityTime": { + "type": "integer", + "description": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300." + } + } + }, + "aws-native:wafv2:RuleGroupIpSetForwardedIpConfiguration": { + "type": "object", + "properties": { + "fallbackBehavior": { + "$ref": "#/types/aws-native:wafv2:RuleGroupIpSetForwardedIpConfigurationFallbackBehavior", + "description": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement." + }, + "headerName": { + "type": "string", + "description": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all." + }, + "position": { + "$ref": "#/types/aws-native:wafv2:RuleGroupIpSetForwardedIpConfigurationPosition", + "description": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10." + } + } + }, + "aws-native:wafv2:RuleGroupIpSetForwardedIpConfigurationFallbackBehavior": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupIpSetForwardedIpConfigurationPosition": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupIpSetReferenceStatement": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references." + }, + "ipSetForwardedIpConfig": { + "$ref": "#/types/aws-native:wafv2:RuleGroupIpSetForwardedIpConfiguration", + "description": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all." + } + }, + "irreversibleNames": { + "ipSetForwardedIpConfig": "IPSetForwardedIPConfig" + } + }, + "aws-native:wafv2:RuleGroupJa3Fingerprint": { + "type": "object", + "properties": { + "fallbackBehavior": { + "$ref": "#/types/aws-native:wafv2:RuleGroupJa3FingerprintFallbackBehavior", + "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement." + } + } + }, + "aws-native:wafv2:RuleGroupJa3FingerprintFallbackBehavior": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupJsonBody": { + "type": "object", + "properties": { + "invalidFallbackBehavior": { + "$ref": "#/types/aws-native:wafv2:RuleGroupBodyParsingFallbackBehavior", + "description": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n\u003e AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* ." + }, + "matchPattern": { + "$ref": "#/types/aws-native:wafv2:RuleGroupJsonMatchPattern", + "description": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria." + }, + "matchScope": { + "$ref": "#/types/aws-native:wafv2:RuleGroupJsonMatchScope", + "description": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values." + }, + "oversizeHandling": { + "$ref": "#/types/aws-native:wafv2:RuleGroupOversizeHandling", + "description": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`" + } + } + }, + "aws-native:wafv2:RuleGroupJsonMatchPattern": { + "type": "object", + "properties": { + "all": { + "$ref": "pulumi.json#/Any", + "description": "Inspect all parts of the web request's JSON body." + }, + "includedPaths": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n\u003e Don't use this option to include all paths. Instead, use the `All` setting." + } + } + }, + "aws-native:wafv2:RuleGroupJsonMatchScope": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupLabel": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The label string." + } + } + }, + "aws-native:wafv2:RuleGroupLabelMatchScope": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupLabelMatchStatement": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` ." + }, + "scope": { + "$ref": "#/types/aws-native:wafv2:RuleGroupLabelMatchScope", + "description": "Specify whether you want to match using the label name or just the namespace." + } + } + }, + "aws-native:wafv2:RuleGroupLabelSummary": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "An individual label specification." + } + } + }, + "aws-native:wafv2:RuleGroupMapMatchScope": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupNotStatement": { + "type": "object", + "properties": { + "statement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupStatement", + "description": "The statement to negate. You can use any statement that can be nested." + } + } + }, + "aws-native:wafv2:RuleGroupOrStatement": { + "type": "object", + "properties": { + "statements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupStatement" + }, + "description": "The statements to combine with OR logic. You can use any statements that can be nested." + } + } + }, + "aws-native:wafv2:RuleGroupOversizeHandling": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupPositionalConstraint": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupRateBasedStatement": { + "type": "object", + "properties": { + "aggregateKeyType": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateBasedStatementAggregateKeyType", + "description": "Setting that indicates how to aggregate the request counts.\n\n\u003e Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` ." + }, + "customKeys": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateBasedStatementCustomKey" + }, + "description": "Specifies the aggregate keys to use in a rate-base rule." + }, + "evaluationWindowSec": { + "type": "integer", + "description": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)" + }, + "forwardedIpConfig": { + "$ref": "#/types/aws-native:wafv2:RuleGroupForwardedIpConfiguration", + "description": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings." + }, + "limit": { + "type": "integer", + "description": "The limit on requests per 5-minute period for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair." + }, + "scopeDownStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupStatement", + "description": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement." + } + }, + "irreversibleNames": { + "forwardedIpConfig": "ForwardedIPConfig" + } + }, + "aws-native:wafv2:RuleGroupRateBasedStatementAggregateKeyType": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupRateBasedStatementCustomKey": { + "type": "object", + "properties": { + "cookie": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateLimitCookie", + "description": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance." + }, + "forwardedIp": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateLimitForwardedIp", + "description": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property." + }, + "header": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateLimitHeader", + "description": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance." + }, + "httpMethod": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateLimitHttpMethod", + "description": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance." + }, + "ip": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateLimitIp", + "description": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` ." + }, + "labelNamespace": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateLimitLabelNamespace", + "description": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* ." + }, + "queryArgument": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateLimitQueryArgument", + "description": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance." + }, + "queryString": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateLimitQueryString", + "description": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance." + }, + "uriPath": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateLimitUriPath", + "description": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance." + } + }, + "irreversibleNames": { + "forwardedIp": "ForwardedIP", + "httpMethod": "HTTPMethod", + "ip": "IP" + } + }, + "aws-native:wafv2:RuleGroupRateLimitCookie": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the cookie to use." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents." + } + } + }, + "aws-native:wafv2:RuleGroupRateLimitForwardedIp": { + "type": "object" + }, + "aws-native:wafv2:RuleGroupRateLimitHeader": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the header to use." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents." + } + } + }, + "aws-native:wafv2:RuleGroupRateLimitHttpMethod": { + "type": "object" + }, + "aws-native:wafv2:RuleGroupRateLimitIp": { + "type": "object" + }, + "aws-native:wafv2:RuleGroupRateLimitLabelNamespace": { + "type": "object", + "properties": { + "namespace": { + "type": "string", + "description": "The namespace to use for aggregation." + } + } + }, + "aws-native:wafv2:RuleGroupRateLimitQueryArgument": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the query argument to use." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents." + } + } + }, + "aws-native:wafv2:RuleGroupRateLimitQueryString": { + "type": "object", + "properties": { + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents." + } + } + }, + "aws-native:wafv2:RuleGroupRateLimitUriPath": { + "type": "object", + "properties": { + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents." + } + } + }, + "aws-native:wafv2:RuleGroupRegexMatchStatement": { + "type": "object", + "properties": { + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:RuleGroupFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "regexString": { + "type": "string", + "description": "The string representing the regular expression." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + } + }, + "aws-native:wafv2:RuleGroupRegexPatternSetReferenceStatement": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references." + }, + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:RuleGroupFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + } + }, + "aws-native:wafv2:RuleGroupResponseContentType": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupRule": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRuleAction", + "description": "The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting." + }, + "captchaConfig": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCaptchaConfig", + "description": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL." + }, + "challengeConfig": { + "$ref": "#/types/aws-native:wafv2:RuleGroupChallengeConfig", + "description": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL." + }, + "name": { + "type": "string", + "description": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name." + }, + "priority": { + "type": "integer", + "description": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different." + }, + "ruleLabels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupLabel" + }, + "description": "Collection of Rule Labels." + }, + "statement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupStatement", + "description": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` ." + }, + "visibilityConfig": { + "$ref": "#/types/aws-native:wafv2:RuleGroupVisibilityConfig", + "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name." + } + } + }, + "aws-native:wafv2:RuleGroupRuleAction": { + "type": "object", + "properties": { + "allow": { + "$ref": "#/types/aws-native:wafv2:RuleGroupAllowAction", + "description": "Instructs AWS WAF to allow the web request." + }, + "block": { + "$ref": "#/types/aws-native:wafv2:RuleGroupBlockAction", + "description": "Instructs AWS WAF to block the web request." + }, + "captcha": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCaptchaAction", + "description": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions." + }, + "challenge": { + "$ref": "#/types/aws-native:wafv2:RuleGroupChallengeAction", + "description": "Instructs AWS WAF to run a `Challenge` check against the web request." + }, + "count": { + "$ref": "#/types/aws-native:wafv2:RuleGroupCountAction", + "description": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL." + } + } + }, + "aws-native:wafv2:RuleGroupScope": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupSensitivityLevel": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupSizeConstraintStatement": { + "type": "object", + "properties": { + "comparisonOperator": { + "$ref": "#/types/aws-native:wafv2:RuleGroupSizeConstraintStatementComparisonOperator", + "description": "The operator to use to compare the request part to the size setting." + }, + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:RuleGroupFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "size": { + "type": "number", + "description": "The size, in byte, to compare to the request part, after any transformations." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + } + }, + "aws-native:wafv2:RuleGroupSizeConstraintStatementComparisonOperator": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupSqliMatchStatement": { + "type": "object", + "properties": { + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:RuleGroupFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "sensitivityLevel": { + "$ref": "#/types/aws-native:wafv2:RuleGroupSensitivityLevel", + "description": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`" + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + } + }, + "aws-native:wafv2:RuleGroupStatement": { + "type": "object", + "properties": { + "andStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupAndStatement", + "description": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` ." + }, + "byteMatchStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupByteMatchStatement", + "description": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement." + }, + "geoMatchStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupGeoMatchStatement", + "description": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:\u003cISO country code\u003e-\u003cISO region code\u003e` and `awswaf:clientip:geo:country:\u003cISO country code\u003e` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:\u003cISO country code\u003e-\u003cISO region code\u003e` and `awswaf:forwardedip:geo:country:\u003cISO country code\u003e` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) ." + }, + "ipSetReferenceStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupIpSetReferenceStatement", + "description": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it." + }, + "labelMatchStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupLabelMatchStatement", + "description": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement." + }, + "notStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupNotStatement", + "description": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` ." + }, + "orStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupOrStatement", + "description": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` ." + }, + "rateBasedStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRateBasedStatement", + "description": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n\u003e If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF ." + }, + "regexMatchStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRegexMatchStatement", + "description": "A rule statement used to search web request components for a match against a single regular expression." + }, + "regexPatternSetReferenceStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupRegexPatternSetReferenceStatement", + "description": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it." + }, + "sizeConstraintStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupSizeConstraintStatement", + "description": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (\u003e) or less than (\u003c). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long." + }, + "sqliMatchStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupSqliMatchStatement", + "description": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it." + }, + "xssMatchStatement": { + "$ref": "#/types/aws-native:wafv2:RuleGroupXssMatchStatement", + "description": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers." + } + }, + "irreversibleNames": { + "ipSetReferenceStatement": "IPSetReferenceStatement" + } + }, + "aws-native:wafv2:RuleGroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:wafv2:RuleGroupTextTransformation": { + "type": "object", + "properties": { + "priority": { + "type": "integer", + "description": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different." + }, + "type": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformationType", + "description": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:RuleGroupTextTransformationType": { + "type": "string" + }, + "aws-native:wafv2:RuleGroupVisibilityConfig": { + "type": "object", + "properties": { + "cloudWatchMetricsEnabled": { + "type": "boolean", + "description": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* ." + }, + "metricName": { + "type": "string", + "description": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` ." + }, + "sampledRequestsEnabled": { + "type": "boolean", + "description": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\n\u003e Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. The only way to exclude fields from request sampling is by disabling sampling in the web ACL visibility configuration." + } + } + }, + "aws-native:wafv2:RuleGroupXssMatchStatement": { + "type": "object", + "properties": { + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:RuleGroupFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:RuleGroupTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + } + }, + "aws-native:wafv2:WebAclAllowAction": { + "type": "object", + "properties": { + "customRequestHandling": { + "$ref": "#/types/aws-native:wafv2:WebAclCustomRequestHandling", + "description": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:WebAclAndStatement": { + "type": "object", + "properties": { + "statements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclStatement" + }, + "description": "The statements to combine with AND logic. You can use any statements that can be nested." + } + } + }, + "aws-native:wafv2:WebAclAssociationConfig": { + "type": "object", + "properties": { + "requestBody": { + "type": "object", + "additionalProperties": { + "$ref": "#/types/aws-native:wafv2:WebAclRequestBodyAssociatedResourceTypeConfig" + }, + "description": "Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types.\n\n\u003e You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nExample JSON: `{ \"API_GATEWAY\": \"KB_48\", \"APP_RUNNER_SERVICE\": \"KB_32\" }`\n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes)." + } + } + }, + "aws-native:wafv2:WebAclAwsManagedRulesAcfpRuleSet": { + "type": "object", + "properties": { + "creationPath": { + "type": "string", + "description": "The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept `POST` requests.\n\nFor example, for the URL `https://example.com/web/newaccount` , you would provide the path `/web/newaccount` . Account creation page paths that start with the path that you provide are considered a match. For example `/web/newaccount` matches the account creation paths `/web/newaccount` , `/web/newaccount/` , `/web/newaccountPage` , and `/web/newaccount/thisPage` , but doesn't match the path `/home/web/newaccount` or `/website/newaccount` ." + }, + "enableRegexInPath": { + "type": "boolean", + "description": "Allow the use of regular expressions in the registration page path and the account creation path." + }, + "registrationPagePath": { + "type": "string", + "description": "The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.\n\n\u003e This page must accept `GET` text/html requests. \n\nFor example, for the URL `https://example.com/web/registration` , you would provide the path `/web/registration` . Registration page paths that start with the path that you provide are considered a match. For example `/web/registration` matches the registration paths `/web/registration` , `/web/registration/` , `/web/registrationPage` , and `/web/registration/thisPage` , but doesn't match the path `/home/web/registration` or `/website/registration` ." + }, + "requestInspection": { + "$ref": "#/types/aws-native:wafv2:WebAclRequestInspectionAcfp", + "description": "The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts." + }, + "responseInspection": { + "$ref": "#/types/aws-native:wafv2:WebAclResponseInspection", + "description": "The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.\n\n\u003e Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time." + } + } + }, + "aws-native:wafv2:WebAclAwsManagedRulesAtpRuleSet": { + "type": "object", + "properties": { + "enableRegexInPath": { + "type": "boolean", + "description": "Allow the use of regular expressions in the login page path." + }, + "loginPath": { + "type": "string", + "description": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` . Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login` , `/web/login/` , `/web/loginPage` , and `/web/login/thisPage` , but doesn't match the login path `/home/web/login` or `/website/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint." + }, + "requestInspection": { + "$ref": "#/types/aws-native:wafv2:WebAclRequestInspection", + "description": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage." + }, + "responseInspection": { + "$ref": "#/types/aws-native:wafv2:WebAclResponseInspection", + "description": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\n\u003e Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time." + } + } + }, + "aws-native:wafv2:WebAclAwsManagedRulesBotControlRuleSet": { + "type": "object", + "properties": { + "enableMachineLearning": { + "type": "boolean", + "description": "Applies only to the targeted inspection level.\n\nDetermines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which\ninspect for anomalous behavior that might indicate distributed, coordinated bot activity.\n\nFor more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* .\n\nDefault: `TRUE`" + }, + "inspectionLevel": { + "$ref": "#/types/aws-native:wafv2:WebAclAwsManagedRulesBotControlRuleSetInspectionLevel", + "description": "The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:WebAclAwsManagedRulesBotControlRuleSetInspectionLevel": { + "type": "string" + }, + "aws-native:wafv2:WebAclBlockAction": { + "type": "object", + "properties": { + "customResponse": { + "$ref": "#/types/aws-native:wafv2:WebAclCustomResponse", + "description": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:WebAclBody": { + "type": "object", + "properties": { + "oversizeHandling": { + "$ref": "#/types/aws-native:wafv2:WebAclOversizeHandling", + "description": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`" + } + } + }, + "aws-native:wafv2:WebAclBodyParsingFallbackBehavior": { + "type": "string" + }, + "aws-native:wafv2:WebAclByteMatchStatement": { + "type": "object", + "properties": { + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "positionalConstraint": { + "$ref": "#/types/aws-native:wafv2:WebAclPositionalConstraint", + "description": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request." + }, + "searchString": { + "type": "string", + "description": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` ." + }, + "searchStringBase64": { + "type": "string", + "description": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` ." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + }, + "irreversibleNames": { + "searchStringBase64": "SearchStringBase64" + } + }, + "aws-native:wafv2:WebAclCaptchaAction": { + "type": "object", + "properties": { + "customRequestHandling": { + "$ref": "#/types/aws-native:wafv2:WebAclCustomRequestHandling", + "description": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:WebAclCaptchaConfig": { + "type": "object", + "properties": { + "immunityTimeProperty": { + "$ref": "#/types/aws-native:wafv2:WebAclImmunityTimeProperty", + "description": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle." + } + } + }, + "aws-native:wafv2:WebAclChallengeAction": { + "type": "object", + "properties": { + "customRequestHandling": { + "$ref": "#/types/aws-native:wafv2:WebAclCustomRequestHandling", + "description": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF developer guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) ." + } + } + }, + "aws-native:wafv2:WebAclChallengeConfig": { + "type": "object", + "properties": { + "immunityTimeProperty": { + "$ref": "#/types/aws-native:wafv2:WebAclImmunityTimeProperty", + "description": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge." + } + } + }, + "aws-native:wafv2:WebAclCookieMatchPattern": { + "type": "object", + "properties": { + "all": { + "$ref": "pulumi.json#/Any", + "description": "Inspect all parts of the web request cookies." + }, + "excludedCookies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Inspect only the cookies whose keys don't match any of the strings specified here." + }, + "includedCookies": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Inspect only the cookies that have a key that matches one of the strings specified here." + } + } + }, + "aws-native:wafv2:WebAclCookies": { + "type": "object", + "properties": { + "matchPattern": { + "$ref": "#/types/aws-native:wafv2:WebAclCookieMatchPattern", + "description": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`" + }, + "matchScope": { + "$ref": "#/types/aws-native:wafv2:WebAclMapMatchScope", + "description": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values." + }, + "oversizeHandling": { + "$ref": "#/types/aws-native:wafv2:WebAclOversizeHandling", + "description": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement." + } + } + }, + "aws-native:wafv2:WebAclCountAction": { + "type": "object", + "properties": { + "customRequestHandling": { + "$ref": "#/types/aws-native:wafv2:WebAclCustomRequestHandling", + "description": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:WebAclCustomHttpHeader": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` ." + }, + "value": { + "type": "string", + "description": "The value of the custom header." + } + } + }, + "aws-native:wafv2:WebAclCustomRequestHandling": { + "type": "object", + "properties": { + "insertHeaders": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclCustomHttpHeader" + }, + "description": "Collection of HTTP headers." + } + } + }, + "aws-native:wafv2:WebAclCustomResponse": { + "type": "object", + "properties": { + "customResponseBodyKey": { + "type": "string", + "description": "Custom response body key." + }, + "responseCode": { + "type": "integer", + "description": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* ." + }, + "responseHeaders": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclCustomHttpHeader" + }, + "description": "Collection of HTTP headers." + } + } + }, + "aws-native:wafv2:WebAclCustomResponseBody": { + "type": "object", + "properties": { + "content": { + "type": "string", + "description": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* ." + }, + "contentType": { + "$ref": "#/types/aws-native:wafv2:WebAclResponseContentType", + "description": "The type of content in the payload that you are defining in the `Content` string." + } + } + }, + "aws-native:wafv2:WebAclDefaultAction": { + "type": "object", + "properties": { + "allow": { + "$ref": "#/types/aws-native:wafv2:WebAclAllowAction", + "description": "Specifies that AWS WAF should allow requests by default." + }, + "block": { + "$ref": "#/types/aws-native:wafv2:WebAclBlockAction", + "description": "Specifies that AWS WAF should block requests by default." + } + } + }, + "aws-native:wafv2:WebAclExcludedRule": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the rule whose action you want to override to `Count` ." + } + } + }, + "aws-native:wafv2:WebAclFieldIdentifier": { + "type": "object", + "properties": { + "identifier": { + "type": "string", + "description": "The name of the field.\n\nWhen the `PayloadType` in the request inspection is `JSON` , this identifier must be in JSON pointer syntax. For example `/form/username` . For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nWhen the `PayloadType` is `FORM_ENCODED` , use the HTML form names. For example, `username` .\n\nFor more information, see the descriptions for each field type in the request inspection properties." + } + } + }, + "aws-native:wafv2:WebAclFieldToMatch": { + "type": "object", + "properties": { + "allQueryArguments": { + "$ref": "pulumi.json#/Any", + "description": "All query arguments of a web request." + }, + "body": { + "$ref": "#/types/aws-native:wafv2:WebAclBody", + "description": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration." + }, + "cookies": { + "$ref": "#/types/aws-native:wafv2:WebAclCookies", + "description": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service." + }, + "headers": { + "$ref": "#/types/aws-native:wafv2:WebAclHeaders", + "description": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service." + }, + "ja3Fingerprint": { + "$ref": "#/types/aws-native:wafv2:WebAclJa3Fingerprint", + "description": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n\u003e You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration." + }, + "jsonBody": { + "$ref": "#/types/aws-native:wafv2:WebAclJsonBody", + "description": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration." + }, + "method": { + "$ref": "pulumi.json#/Any", + "description": "The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform." + }, + "queryString": { + "$ref": "pulumi.json#/Any", + "description": "The query string of a web request. This is the part of a URL that appears after a ? character, if any." + }, + "singleHeader": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldToMatchSingleHeaderProperties", + "description": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting." + }, + "singleQueryArgument": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldToMatchSingleQueryArgumentProperties", + "description": "One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive." + }, + "uriPath": { + "$ref": "pulumi.json#/Any", + "description": "The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg." + } + }, + "irreversibleNames": { + "ja3Fingerprint": "JA3Fingerprint" + } + }, + "aws-native:wafv2:WebAclFieldToMatchSingleHeaderProperties": { + "type": "object", + "properties": { + "name": { + "type": "string" + } + } + }, + "aws-native:wafv2:WebAclFieldToMatchSingleQueryArgumentProperties": { + "type": "object", + "properties": { + "name": { + "type": "string" + } + } + }, + "aws-native:wafv2:WebAclForwardedIpConfiguration": { + "type": "object", + "properties": { + "fallbackBehavior": { + "$ref": "#/types/aws-native:wafv2:WebAclForwardedIpConfigurationFallbackBehavior", + "description": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement." + }, + "headerName": { + "type": "string", + "description": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all." + } + } + }, + "aws-native:wafv2:WebAclForwardedIpConfigurationFallbackBehavior": { + "type": "string" + }, + "aws-native:wafv2:WebAclGeoMatchStatement": { + "type": "object", + "properties": { + "countryCodes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site." + }, + "forwardedIpConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclForwardedIpConfiguration", + "description": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all." + } + }, + "irreversibleNames": { + "forwardedIpConfig": "ForwardedIPConfig" + } + }, + "aws-native:wafv2:WebAclHeaderMatchPattern": { + "type": "object", + "properties": { + "all": { + "$ref": "pulumi.json#/Any", + "description": "Inspect all parts of the web request headers." + }, + "excludedHeaders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Inspect only the headers whose keys don't match any of the strings specified here." + }, + "includedHeaders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Inspect only the headers that have a key that matches one of the strings specified here." + } + } + }, + "aws-native:wafv2:WebAclHeaders": { + "type": "object", + "properties": { + "matchPattern": { + "$ref": "#/types/aws-native:wafv2:WebAclHeaderMatchPattern", + "description": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`" + }, + "matchScope": { + "$ref": "#/types/aws-native:wafv2:WebAclMapMatchScope", + "description": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values." + }, + "oversizeHandling": { + "$ref": "#/types/aws-native:wafv2:WebAclOversizeHandling", + "description": "What AWS WAF should do if the headers of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement." + } + } + }, + "aws-native:wafv2:WebAclImmunityTimeProperty": { + "type": "object", + "properties": { + "immunityTime": { + "type": "integer", + "description": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300." + } + } + }, + "aws-native:wafv2:WebAclIpSetForwardedIpConfiguration": { + "type": "object", + "properties": { + "fallbackBehavior": { + "$ref": "#/types/aws-native:wafv2:WebAclIpSetForwardedIpConfigurationFallbackBehavior", + "description": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement." + }, + "headerName": { + "type": "string", + "description": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all." + }, + "position": { + "$ref": "#/types/aws-native:wafv2:WebAclIpSetForwardedIpConfigurationPosition", + "description": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10." + } + } + }, + "aws-native:wafv2:WebAclIpSetForwardedIpConfigurationFallbackBehavior": { + "type": "string" + }, + "aws-native:wafv2:WebAclIpSetForwardedIpConfigurationPosition": { + "type": "string" + }, + "aws-native:wafv2:WebAclIpSetReferenceStatement": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references." + }, + "ipSetForwardedIpConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclIpSetForwardedIpConfiguration", + "description": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all." + } + }, + "irreversibleNames": { + "ipSetForwardedIpConfig": "IPSetForwardedIPConfig" + } + }, + "aws-native:wafv2:WebAclJa3Fingerprint": { + "type": "object", + "properties": { + "fallbackBehavior": { + "$ref": "#/types/aws-native:wafv2:WebAclJa3FingerprintFallbackBehavior", + "description": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement." + } + } + }, + "aws-native:wafv2:WebAclJa3FingerprintFallbackBehavior": { + "type": "string" + }, + "aws-native:wafv2:WebAclJsonBody": { + "type": "object", + "properties": { + "invalidFallbackBehavior": { + "$ref": "#/types/aws-native:wafv2:WebAclBodyParsingFallbackBehavior", + "description": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n\u003e AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* ." + }, + "matchPattern": { + "$ref": "#/types/aws-native:wafv2:WebAclJsonMatchPattern", + "description": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria." + }, + "matchScope": { + "$ref": "#/types/aws-native:wafv2:WebAclJsonMatchScope", + "description": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values." + }, + "oversizeHandling": { + "$ref": "#/types/aws-native:wafv2:WebAclOversizeHandling", + "description": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`" + } + } + }, + "aws-native:wafv2:WebAclJsonMatchPattern": { + "type": "object", + "properties": { + "all": { + "$ref": "pulumi.json#/Any", + "description": "Inspect all parts of the web request's JSON body." + }, + "includedPaths": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n\u003e Don't use this option to include all paths. Instead, use the `All` setting." + } + } + }, + "aws-native:wafv2:WebAclJsonMatchScope": { + "type": "string" + }, + "aws-native:wafv2:WebAclLabel": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The label string." + } + } + }, + "aws-native:wafv2:WebAclLabelMatchScope": { + "type": "string" + }, + "aws-native:wafv2:WebAclLabelMatchStatement": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` ." + }, + "scope": { + "$ref": "#/types/aws-native:wafv2:WebAclLabelMatchScope", + "description": "Specify whether you want to match using the label name or just the namespace." + } + } + }, + "aws-native:wafv2:WebAclManagedRuleGroupConfig": { + "type": "object", + "properties": { + "awsManagedRulesAcfpRuleSet": { + "$ref": "#/types/aws-native:wafv2:WebAclAwsManagedRulesAcfpRuleSet", + "description": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.\n\nFor information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* ." + }, + "awsManagedRulesAtpRuleSet": { + "$ref": "#/types/aws-native:wafv2:WebAclAwsManagedRulesAtpRuleSet", + "description": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* ." + }, + "awsManagedRulesBotControlRuleSet": { + "$ref": "#/types/aws-native:wafv2:WebAclAwsManagedRulesBotControlRuleSet", + "description": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* ." + }, + "loginPath": { + "type": "string", + "description": "\u003e Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` ." + }, + "passwordField": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldIdentifier", + "description": "\u003e Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` ." + }, + "payloadType": { + "$ref": "#/types/aws-native:wafv2:WebAclManagedRuleGroupConfigPayloadType", + "description": "\u003e Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` ." + }, + "usernameField": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldIdentifier", + "description": "\u003e Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` ." + } + }, + "irreversibleNames": { + "awsManagedRulesAcfpRuleSet": "AWSManagedRulesACFPRuleSet", + "awsManagedRulesAtpRuleSet": "AWSManagedRulesATPRuleSet", + "awsManagedRulesBotControlRuleSet": "AWSManagedRulesBotControlRuleSet" + } + }, + "aws-native:wafv2:WebAclManagedRuleGroupConfigPayloadType": { + "type": "string" + }, + "aws-native:wafv2:WebAclManagedRuleGroupStatement": { + "type": "object", + "properties": { + "excludedRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclExcludedRule" + }, + "description": "Rules in the referenced rule group whose actions are set to `Count` .\n\n\u003e Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` ." + }, + "managedRuleGroupConfigs": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclManagedRuleGroupConfig" + }, + "description": "Collection of ManagedRuleGroupConfig." + }, + "name": { + "type": "string", + "description": "The name of the managed rule group. You use this, along with the vendor name, to identify the rule group." + }, + "ruleActionOverrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclRuleActionOverride" + }, + "description": "Action overrides for rules in the rule group." + }, + "scopeDownStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclStatement", + "description": "An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement." + }, + "vendorName": { + "type": "string", + "description": "The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group." + }, + "version": { + "type": "string", + "description": "The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings." + } + } + }, + "aws-native:wafv2:WebAclMapMatchScope": { + "type": "string" + }, + "aws-native:wafv2:WebAclNotStatement": { + "type": "object", + "properties": { + "statement": { + "$ref": "#/types/aws-native:wafv2:WebAclStatement", + "description": "The statement to negate. You can use any statement that can be nested." + } + } + }, + "aws-native:wafv2:WebAclOrStatement": { + "type": "object", + "properties": { + "statements": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclStatement" + }, + "description": "The statements to combine with OR logic. You can use any statements that can be nested." + } + } + }, + "aws-native:wafv2:WebAclOverrideAction": { + "type": "object", + "properties": { + "count": { + "$ref": "pulumi.json#/Any", + "description": "Count traffic towards application." + }, + "none": { + "$ref": "pulumi.json#/Any", + "description": "Keep the RuleGroup or ManagedRuleGroup behavior as is." + } + } + }, + "aws-native:wafv2:WebAclOversizeHandling": { + "type": "string" + }, + "aws-native:wafv2:WebAclPositionalConstraint": { + "type": "string" + }, + "aws-native:wafv2:WebAclRateBasedStatement": { + "type": "object", + "properties": { + "aggregateKeyType": { + "$ref": "#/types/aws-native:wafv2:WebAclRateBasedStatementAggregateKeyType", + "description": "Setting that indicates how to aggregate the request counts.\n\n\u003e Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` ." + }, + "customKeys": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclRateBasedStatementCustomKey" + }, + "description": "Specifies the aggregate keys to use in a rate-base rule." + }, + "evaluationWindowSec": { + "type": "integer", + "description": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)" + }, + "forwardedIpConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclForwardedIpConfiguration", + "description": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n\u003e If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings." + }, + "limit": { + "type": "integer", + "description": "The limit on requests per 5-minute period for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair." + }, + "scopeDownStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclStatement", + "description": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement." + } + }, + "irreversibleNames": { + "forwardedIpConfig": "ForwardedIPConfig" + } + }, + "aws-native:wafv2:WebAclRateBasedStatementAggregateKeyType": { + "type": "string" + }, + "aws-native:wafv2:WebAclRateBasedStatementCustomKey": { + "type": "object", + "properties": { + "cookie": { + "$ref": "#/types/aws-native:wafv2:WebAclRateLimitCookie", + "description": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance." + }, + "forwardedIp": { + "$ref": "#/types/aws-native:wafv2:WebAclRateLimitForwardedIp", + "description": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property." + }, + "header": { + "$ref": "#/types/aws-native:wafv2:WebAclRateLimitHeader", + "description": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance." + }, + "httpMethod": { + "$ref": "#/types/aws-native:wafv2:WebAclRateLimitHttpMethod", + "description": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance." + }, + "ip": { + "$ref": "#/types/aws-native:wafv2:WebAclRateLimitIp", + "description": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` ." + }, + "labelNamespace": { + "$ref": "#/types/aws-native:wafv2:WebAclRateLimitLabelNamespace", + "description": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* ." + }, + "queryArgument": { + "$ref": "#/types/aws-native:wafv2:WebAclRateLimitQueryArgument", + "description": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance." + }, + "queryString": { + "$ref": "#/types/aws-native:wafv2:WebAclRateLimitQueryString", + "description": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance." + }, + "uriPath": { + "$ref": "#/types/aws-native:wafv2:WebAclRateLimitUriPath", + "description": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance." + } + }, + "irreversibleNames": { + "forwardedIp": "ForwardedIP", + "httpMethod": "HTTPMethod", + "ip": "IP" + } + }, + "aws-native:wafv2:WebAclRateLimitCookie": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the cookie to use." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents." + } + } + }, + "aws-native:wafv2:WebAclRateLimitForwardedIp": { + "type": "object" + }, + "aws-native:wafv2:WebAclRateLimitHeader": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the header to use." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents." + } + } + }, + "aws-native:wafv2:WebAclRateLimitHttpMethod": { + "type": "object" + }, + "aws-native:wafv2:WebAclRateLimitIp": { + "type": "object" + }, + "aws-native:wafv2:WebAclRateLimitLabelNamespace": { + "type": "object", + "properties": { + "namespace": { + "type": "string", + "description": "The namespace to use for aggregation." + } + } + }, + "aws-native:wafv2:WebAclRateLimitQueryArgument": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the query argument to use." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents." + } + } + }, + "aws-native:wafv2:WebAclRateLimitQueryString": { + "type": "object", + "properties": { + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents." + } + } + }, + "aws-native:wafv2:WebAclRateLimitUriPath": { + "type": "object", + "properties": { + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents." + } + } + }, + "aws-native:wafv2:WebAclRegexMatchStatement": { + "type": "object", + "properties": { + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "regexString": { + "type": "string", + "description": "The string representing the regular expression." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + } + }, + "aws-native:wafv2:WebAclRegexPatternSetReferenceStatement": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references." + }, + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + } + }, + "aws-native:wafv2:WebAclRequestBodyAssociatedResourceTypeConfig": { + "type": "object", + "properties": { + "defaultSizeInspectionLimit": { + "$ref": "#/types/aws-native:wafv2:WebAclSizeInspectionLimit", + "description": "Specifies the maximum size of the web request body component that an associated CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resource should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body.\n\nDefault: `16 KB (16,384 bytes)`" + } + } + }, + "aws-native:wafv2:WebAclRequestInspection": { + "type": "object", + "properties": { + "passwordField": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldIdentifier", + "description": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` ." + }, + "payloadType": { + "$ref": "#/types/aws-native:wafv2:WebAclRequestInspectionPayloadType", + "description": "The payload type for your login endpoint, either JSON or form encoded." + }, + "usernameField": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldIdentifier", + "description": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`" + } + } + }, + "aws-native:wafv2:WebAclRequestInspectionAcfp": { + "type": "object", + "properties": { + "addressFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldIdentifier" + }, + "description": "The names of the fields in the request payload that contain your customer's primary physical address.\n\nOrder the address fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the address fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }` , the address field idenfiers are `/form/primaryaddressline1` , `/form/primaryaddressline2` , and `/form/primaryaddressline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` , the address fields identifiers are `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` ." + }, + "emailField": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldIdentifier", + "description": "The name of the field in the request payload that contains your customer's email.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"email\": \"THE_EMAIL\" } }` , the email field specification is `/form/email` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `email1` , the email field specification is `email1` ." + }, + "passwordField": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldIdentifier", + "description": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` ." + }, + "payloadType": { + "$ref": "#/types/aws-native:wafv2:WebAclRequestInspectionAcfpPayloadType", + "description": "The payload type for your account creation endpoint, either JSON or form encoded." + }, + "phoneNumberFields": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldIdentifier" + }, + "description": "The names of the fields in the request payload that contain your customer's primary phone number.\n\nOrder the phone number fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the phone number fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }` , the phone number field identifiers are `/form/primaryphoneline1` , `/form/primaryphoneline2` , and `/form/primaryphoneline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` , the phone number field identifiers are `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` ." + }, + "usernameField": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldIdentifier", + "description": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`" + } + } + }, + "aws-native:wafv2:WebAclRequestInspectionAcfpPayloadType": { + "type": "string" + }, + "aws-native:wafv2:WebAclRequestInspectionPayloadType": { + "type": "string" + }, + "aws-native:wafv2:WebAclResponseContentType": { + "type": "string" + }, + "aws-native:wafv2:WebAclResponseInspection": { + "type": "object", + "properties": { + "bodyContains": { + "$ref": "#/types/aws-native:wafv2:WebAclResponseInspectionBodyContains", + "description": "Configures inspection of the response body for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body." + }, + "header": { + "$ref": "#/types/aws-native:wafv2:WebAclResponseInspectionHeader", + "description": "Configures inspection of the response header for success and failure indicators." + }, + "json": { + "$ref": "#/types/aws-native:wafv2:WebAclResponseInspectionJson", + "description": "Configures inspection of the response JSON for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON." + }, + "statusCode": { + "$ref": "#/types/aws-native:wafv2:WebAclResponseInspectionStatusCode", + "description": "Configures inspection of the response status code for success and failure indicators." + } + } + }, + "aws-native:wafv2:WebAclResponseInspectionBodyContains": { + "type": "object", + "properties": { + "failureStrings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"FailureStrings\": [ \"Request failed\" ]`" + }, + "successStrings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON examples: `\"SuccessStrings\": [ \"Login successful\" ]` and `\"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]`" + } + } + }, + "aws-native:wafv2:WebAclResponseInspectionHeader": { + "type": "object", + "properties": { + "failureValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]` and `\"FailureValues\": [ \"AccountCreationFailed\" ]`" + }, + "name": { + "type": "string", + "description": "The name of the header to match against. The name must be an exact match, including case.\n\nJSON example: `\"Name\": [ \"RequestResult\" ]`" + }, + "successValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]` and `\"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]`" + } + } + }, + "aws-native:wafv2:WebAclResponseInspectionJson": { + "type": "object", + "properties": { + "failureValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"False\", \"Failed\" ]`" + }, + "identifier": { + "type": "string", + "description": "The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.\n\nJSON examples: `\"Identifier\": [ \"/login/success\" ]` and `\"Identifier\": [ \"/sign-up/success\" ]`" + }, + "successValues": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"True\", \"Succeeded\" ]`" + } + } + }, + "aws-native:wafv2:WebAclResponseInspectionStatusCode": { + "type": "object", + "properties": { + "failureCodes": { + "type": "array", + "items": { + "type": "integer" + }, + "description": "Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"FailureCodes\": [ 400, 404 ]`" + }, + "successCodes": { + "type": "array", + "items": { + "type": "integer" + }, + "description": "Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"SuccessCodes\": [ 200, 201 ]`" + } + } + }, + "aws-native:wafv2:WebAclRule": { + "type": "object", + "properties": { + "action": { + "$ref": "#/types/aws-native:wafv2:WebAclRuleAction", + "description": "The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the web ACL level can override the rule action setting.\n\nThis is used only for rules whose statements don't reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nYou must set either this `Action` setting or the rule's `OverrideAction` , but not both:\n\n- If the rule statement doesn't reference a rule group, you must set this rule action setting and you must not set the rule's override action setting.\n- If the rule statement references a rule group, you must not set this action setting, because the actions are already set on the rules inside the rule group. You must set the rule's override action setting to indicate specifically whether to override the actions that are set on the rules in the rule group." + }, + "captchaConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclCaptchaConfig", + "description": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL." + }, + "challengeConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclChallengeConfig", + "description": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL." + }, + "name": { + "type": "string", + "description": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name." + }, + "overrideAction": { + "$ref": "#/types/aws-native:wafv2:WebAclOverrideAction", + "description": "The override action to apply to the rules in a rule group, instead of the individual rule action settings. This is used only for rules whose statements reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nSet the override action to none to leave the rule group rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.\n\nYou must set either this `OverrideAction` setting or the `Action` setting, but not both:\n\n- If the rule statement references a rule group, you must set this override action setting and you must not set the rule's action setting.\n- If the rule statement doesn't reference a rule group, you must set the rule action setting and you must not set the rule's override action setting." + }, + "priority": { + "type": "integer", + "description": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different." + }, + "ruleLabels": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclLabel" + }, + "description": "Collection of Rule Labels." + }, + "statement": { + "$ref": "#/types/aws-native:wafv2:WebAclStatement", + "description": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` ." + }, + "visibilityConfig": { + "$ref": "#/types/aws-native:wafv2:WebAclVisibilityConfig", + "description": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name." + } + } + }, + "aws-native:wafv2:WebAclRuleAction": { + "type": "object", + "properties": { + "allow": { + "$ref": "#/types/aws-native:wafv2:WebAclAllowAction", + "description": "Instructs AWS WAF to allow the web request." + }, + "block": { + "$ref": "#/types/aws-native:wafv2:WebAclBlockAction", + "description": "Instructs AWS WAF to block the web request." + }, + "captcha": { + "$ref": "#/types/aws-native:wafv2:WebAclCaptchaAction", + "description": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions." + }, + "challenge": { + "$ref": "#/types/aws-native:wafv2:WebAclChallengeAction", + "description": "Instructs AWS WAF to run a `Challenge` check against the web request." + }, + "count": { + "$ref": "#/types/aws-native:wafv2:WebAclCountAction", + "description": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL." + } + } + }, + "aws-native:wafv2:WebAclRuleActionOverride": { + "type": "object", + "properties": { + "actionToUse": { + "$ref": "#/types/aws-native:wafv2:WebAclRuleAction", + "description": "The override action to use, in place of the configured action of the rule in the rule group." + }, + "name": { + "type": "string", + "description": "The name of the rule to override." + } + } + }, + "aws-native:wafv2:WebAclRuleGroupReferenceStatement": { + "type": "object", + "properties": { + "arn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the entity." + }, + "excludedRules": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclExcludedRule" + }, + "description": "Rules in the referenced rule group whose actions are set to `Count` .\n\n\u003e Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` ." + }, + "ruleActionOverrides": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclRuleActionOverride" + }, + "description": "Action overrides for rules in the rule group." + } + } + }, + "aws-native:wafv2:WebAclScope": { + "type": "string" + }, + "aws-native:wafv2:WebAclSensitivityLevel": { + "type": "string" + }, + "aws-native:wafv2:WebAclSizeConstraintStatement": { + "type": "object", + "properties": { + "comparisonOperator": { + "$ref": "#/types/aws-native:wafv2:WebAclSizeConstraintStatementComparisonOperator", + "description": "The operator to use to compare the request part to the size setting." + }, + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "size": { + "type": "number", + "description": "The size, in byte, to compare to the request part, after any transformations." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + } + }, + "aws-native:wafv2:WebAclSizeConstraintStatementComparisonOperator": { + "type": "string" + }, + "aws-native:wafv2:WebAclSizeInspectionLimit": { + "type": "string" + }, + "aws-native:wafv2:WebAclSqliMatchStatement": { + "type": "object", + "properties": { + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "sensitivityLevel": { + "$ref": "#/types/aws-native:wafv2:WebAclSensitivityLevel", + "description": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`" + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + } + }, + "aws-native:wafv2:WebAclStatement": { + "type": "object", + "properties": { + "andStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclAndStatement", + "description": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` ." + }, + "byteMatchStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclByteMatchStatement", + "description": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement." + }, + "geoMatchStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclGeoMatchStatement", + "description": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:\u003cISO country code\u003e-\u003cISO region code\u003e` and `awswaf:clientip:geo:country:\u003cISO country code\u003e` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:\u003cISO country code\u003e-\u003cISO region code\u003e` and `awswaf:forwardedip:geo:country:\u003cISO country code\u003e` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) ." + }, + "ipSetReferenceStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclIpSetReferenceStatement", + "description": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it." + }, + "labelMatchStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclLabelMatchStatement", + "description": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement." + }, + "managedRuleGroupStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclManagedRuleGroupStatement", + "description": "A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names through the API call `ListAvailableManagedRuleGroups` .\n\nYou cannot nest a `ManagedRuleGroupStatement` , for example for use inside a `NotStatement` or `OrStatement` . It can only be referenced as a top-level statement within a rule.\n\n\u003e You are charged additional fees when you use the AWS WAF Bot Control managed rule group `AWSManagedRulesBotControlRuleSet` , the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group `AWSManagedRulesATPRuleSet` , or the AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group `AWSManagedRulesACFPRuleSet` . For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) ." + }, + "notStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclNotStatement", + "description": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` ." + }, + "orStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclOrStatement", + "description": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` ." + }, + "rateBasedStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclRateBasedStatement", + "description": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n\u003e If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF ." + }, + "regexMatchStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclRegexMatchStatement", + "description": "A rule statement used to search web request components for a match against a single regular expression." + }, + "regexPatternSetReferenceStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclRegexPatternSetReferenceStatement", + "description": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it." + }, + "ruleGroupReferenceStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclRuleGroupReferenceStatement", + "description": "A rule statement used to run the rules that are defined in a `RuleGroup` . To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.\n\nYou cannot nest a `RuleGroupReferenceStatement` , for example for use inside a `NotStatement` or `OrStatement` . You cannot use a rule group reference statement inside another rule group. You can only reference a rule group as a top-level statement within a rule that you define in a web ACL." + }, + "sizeConstraintStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclSizeConstraintStatement", + "description": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (\u003e) or less than (\u003c). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long." + }, + "sqliMatchStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclSqliMatchStatement", + "description": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it." + }, + "xssMatchStatement": { + "$ref": "#/types/aws-native:wafv2:WebAclXssMatchStatement", + "description": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers." + } + }, + "irreversibleNames": { + "ipSetReferenceStatement": "IPSetReferenceStatement" + } + }, + "aws-native:wafv2:WebAclTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive." + }, + "value": { + "type": "string", + "description": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive." + } + } + }, + "aws-native:wafv2:WebAclTextTransformation": { + "type": "object", + "properties": { + "priority": { + "type": "integer", + "description": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different." + }, + "type": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformationType", + "description": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* ." + } + } + }, + "aws-native:wafv2:WebAclTextTransformationType": { + "type": "string" + }, + "aws-native:wafv2:WebAclVisibilityConfig": { + "type": "object", + "properties": { + "cloudWatchMetricsEnabled": { + "type": "boolean", + "description": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* ." + }, + "metricName": { + "type": "string", + "description": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` ." + }, + "sampledRequestsEnabled": { + "type": "boolean", + "description": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\n\u003e Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. The only way to exclude fields from request sampling is by disabling sampling in the web ACL visibility configuration." + } + } + }, + "aws-native:wafv2:WebAclXssMatchStatement": { + "type": "object", + "properties": { + "fieldToMatch": { + "$ref": "#/types/aws-native:wafv2:WebAclFieldToMatch", + "description": "The part of the web request that you want AWS WAF to inspect." + }, + "textTransformations": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:wafv2:WebAclTextTransformation" + }, + "description": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match." + } + } + }, + "aws-native:wisdom:AssistantAssociationAssociationData": { + "type": "object", + "properties": { + "knowledgeBaseId": { + "type": "string", + "description": "The identifier of the knowledge base." + } + } + }, + "aws-native:wisdom:AssistantAssociationAssociationType": { + "type": "string" + }, + "aws-native:wisdom:AssistantAssociationTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key-value string map. The valid character set is `[a-zA-Z+-=._:/]` . The tag key can be up to 128 characters and must not start with `aws:` ." + }, + "value": { + "type": "string", + "description": "The tag value can be up to 256 characters." + } + } + }, + "aws-native:wisdom:AssistantServerSideEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* ." + } + } + }, + "aws-native:wisdom:AssistantTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key-value string map. The valid character set is `[a-zA-Z+-=._:/]` . The tag key can be up to 128 characters and must not start with `aws:` ." + }, + "value": { + "type": "string", + "description": "The tag value can be up to 256 characters." + } + } + }, + "aws-native:wisdom:AssistantType": { + "type": "string" + }, + "aws-native:wisdom:KnowledgeBaseAppIntegrationsConfiguration": { + "type": "object", + "properties": { + "appIntegrationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) of the AppIntegrations DataIntegration to use for ingesting content.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` as source fields.\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` as source fields.\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , your AppIntegrations DataIntegration must have an ObjectConfiguration if `objectFields` is not provided, including at least `id` , `title` , `updated_at` , and `draft` as source fields.\n- For [SharePoint](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/sharepoint-net-server-csom-jsom-and-rest-api-index) , your AppIntegrations DataIntegration must have a FileConfiguration, including only file extensions that are among `docx` , `pdf` , `html` , `htm` , and `txt` .\n- For [Amazon S3](https://docs.aws.amazon.com/https://aws.amazon.com/s3/) , the ObjectConfiguration and FileConfiguration of your AppIntegrations DataIntegration must be null. The `SourceURI` of your DataIntegration must use the following format: `s3://your_s3_bucket_name` .\n\n\u003e The bucket policy of the corresponding S3 bucket must allow the AWS principal `app-integrations.amazonaws.com` to perform `s3:ListBucket` , `s3:GetObject` , and `s3:GetBucketLocation` against the bucket." + }, + "objectFields": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The fields from the source that are made available to your agents in Amazon Q in Connect. Optional if ObjectConfiguration is included in the provided DataIntegration.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , you must include at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` .\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , you must include at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` .\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , you must include at least `id` , `title` , `updated_at` , and `draft` .\n\nMake sure to include additional fields. These fields are indexed and used to source recommendations." + } + } + }, + "aws-native:wisdom:KnowledgeBaseRenderingConfiguration": { + "type": "object", + "properties": { + "templateUri": { + "type": "string", + "description": "A URI template containing exactly one variable in `${variableName}` format. This can only be set for `EXTERNAL` knowledge bases. For Salesforce, ServiceNow, and Zendesk, the variable must be one of the following:\n\n- Salesforce: `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , or `IsDeleted`\n- ServiceNow: `number` , `short_description` , `sys_mod_count` , `workflow_state` , or `active`\n- Zendesk: `id` , `title` , `updated_at` , or `draft`\n\nThe variable is replaced with the actual value for a piece of content when calling [GetContent](https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetContent.html) ." + } + } + }, + "aws-native:wisdom:KnowledgeBaseServerSideEncryptionConfiguration": { + "type": "object", + "properties": { + "kmsKeyId": { + "type": "string", + "description": "The customer managed key used for encryption.\n\nThis customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom.\n\nFor more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) ." + } + } + }, + "aws-native:wisdom:KnowledgeBaseSourceConfiguration": { + "type": "object", + "properties": { + "appIntegrations": { + "$ref": "#/types/aws-native:wisdom:KnowledgeBaseAppIntegrationsConfiguration", + "description": "Configuration information for Amazon AppIntegrations to automatically ingest content." + } + } + }, + "aws-native:wisdom:KnowledgeBaseTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key-value string map. The valid character set is `[a-zA-Z+-=._:/]` . The tag key can be up to 128 characters and must not start with `aws:` ." + }, + "value": { + "type": "string", + "description": "The tag value can be up to 256 characters." + } + } + }, + "aws-native:wisdom:KnowledgeBaseType": { + "type": "string" + }, + "aws-native:workspaces:ConnectionAliasAssociation": { + "type": "object", + "properties": { + "associatedAccountId": { + "type": "string", + "description": "The identifier of the AWS account that associated the connection alias with a directory." + }, + "associationStatus": { + "$ref": "#/types/aws-native:workspaces:ConnectionAliasAssociationAssociationStatus", + "description": "The association status of the connection alias." + }, + "connectionIdentifier": { + "type": "string", + "description": "The identifier of the connection alias association. You use the connection identifier in the DNS TXT record when you're configuring your DNS routing policies." + }, + "resourceId": { + "type": "string", + "description": "The identifier of the directory associated with a connection alias." + } + } + }, + "aws-native:workspaces:ConnectionAliasAssociationAssociationStatus": { + "type": "string" + }, + "aws-native:workspaces:ConnectionAliasState": { + "type": "string" + }, + "aws-native:workspaces:ConnectionAliasTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:workspaces:WorkspacesPoolApplicationSettings": { + "type": "object", + "properties": { + "settingsGroup": { + "type": "string", + "description": "The path prefix for the S3 bucket where users’ persistent application settings are stored." + }, + "status": { + "$ref": "#/types/aws-native:workspaces:WorkspacesPoolApplicationSettingsStatus", + "description": "Enables or disables persistent application settings for users during their pool sessions." + } + } + }, + "aws-native:workspaces:WorkspacesPoolApplicationSettingsStatus": { + "type": "string" + }, + "aws-native:workspaces:WorkspacesPoolCapacity": { + "type": "object", + "properties": { + "desiredUserSessions": { + "type": "integer", + "description": "The desired number of user sessions for the WorkSpaces in the pool." + } + } + }, + "aws-native:workspaces:WorkspacesPoolTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag." + } + } + }, + "aws-native:workspaces:WorkspacesPoolTimeoutSettings": { + "type": "object", + "properties": { + "disconnectTimeoutInSeconds": { + "type": "integer", + "description": "Specifies the amount of time, in seconds, that a streaming session remains active after users disconnect. If users try to reconnect to the streaming session after a disconnection or network interruption within the time set, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance." + }, + "idleDisconnectTimeoutInSeconds": { + "type": "integer", + "description": "The amount of time in seconds a connection will stay active while idle." + }, + "maxUserDurationInSeconds": { + "type": "integer", + "description": "Specifies the maximum amount of time, in seconds, that a streaming session can remain active. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance." + } + } + }, + "aws-native:workspacesthinclient:EnvironmentDayOfWeek": { + "type": "string" + }, + "aws-native:workspacesthinclient:EnvironmentDesktopType": { + "type": "string" + }, + "aws-native:workspacesthinclient:EnvironmentMaintenanceWindow": { + "type": "object", + "properties": { + "applyTimeOf": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentMaintenanceWindowApplyTimeOf", + "description": "The desired time zone maintenance window." + }, + "daysOfTheWeek": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentDayOfWeek" + }, + "description": "The date of maintenance window." + }, + "endTimeHour": { + "type": "integer", + "description": "The hour end time of maintenance window." + }, + "endTimeMinute": { + "type": "integer", + "description": "The minute end time of maintenance window." + }, + "startTimeHour": { + "type": "integer", + "description": "The hour start time of maintenance window." + }, + "startTimeMinute": { + "type": "integer", + "description": "The minute start time of maintenance window." + }, + "type": { + "$ref": "#/types/aws-native:workspacesthinclient:EnvironmentMaintenanceWindowType", + "description": "The type of maintenance window." + } + } + }, + "aws-native:workspacesthinclient:EnvironmentMaintenanceWindowApplyTimeOf": { + "type": "string" + }, + "aws-native:workspacesthinclient:EnvironmentMaintenanceWindowType": { + "type": "string" + }, + "aws-native:workspacesthinclient:EnvironmentSoftwareSetComplianceStatus": { + "type": "string" + }, + "aws-native:workspacesthinclient:EnvironmentSoftwareSetUpdateMode": { + "type": "string" + }, + "aws-native:workspacesthinclient:EnvironmentSoftwareSetUpdateSchedule": { + "type": "string" + }, + "aws-native:workspacesthinclient:EnvironmentTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + }, + "value": { + "type": "string", + "description": "The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -." + } + } + }, + "aws-native:workspacesweb:BrowserSettingsTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag" + } + } + }, + "aws-native:workspacesweb:IdentityProviderType": { + "type": "string" + }, + "aws-native:workspacesweb:IpAccessSettingsIpRule": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The description of the IP rule." + }, + "ipRange": { + "type": "string", + "description": "A single IP address or an IP address range in CIDR notation" + } + } + }, + "aws-native:workspacesweb:IpAccessSettingsTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag" + } + } + }, + "aws-native:workspacesweb:NetworkSettingsTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag" + } + } + }, + "aws-native:workspacesweb:PortalAuthenticationType": { + "type": "string" + }, + "aws-native:workspacesweb:PortalBrowserType": { + "type": "string" + }, + "aws-native:workspacesweb:PortalInstanceType": { + "type": "string" + }, + "aws-native:workspacesweb:PortalRendererType": { + "type": "string" + }, + "aws-native:workspacesweb:PortalStatus": { + "type": "string" + }, + "aws-native:workspacesweb:PortalTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag" + } + } + }, + "aws-native:workspacesweb:TrustStoreTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag" + } + } + }, + "aws-native:workspacesweb:UserAccessLoggingSettingsTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag" + } + } + }, + "aws-native:workspacesweb:UserSettingsCookieSpecification": { + "type": "object", + "properties": { + "domain": { + "type": "string", + "description": "The domain of the cookie." + }, + "name": { + "type": "string", + "description": "The name of the cookie." + }, + "path": { + "type": "string", + "description": "The path of the cookie." + } + } + }, + "aws-native:workspacesweb:UserSettingsCookieSynchronizationConfiguration": { + "type": "object", + "properties": { + "allowlist": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsCookieSpecification" + }, + "description": "The list of cookie specifications that are allowed to be synchronized to the remote browser." + }, + "blocklist": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:workspacesweb:UserSettingsCookieSpecification" + }, + "description": "The list of cookie specifications that are blocked from being synchronized to the remote browser." + } + } + }, + "aws-native:workspacesweb:UserSettingsEnabledType": { + "type": "string" + }, + "aws-native:workspacesweb:UserSettingsTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key of the tag." + }, + "value": { + "type": "string", + "description": "The value of the tag" + } + } + }, + "aws-native:xray:GroupInsightsConfiguration": { + "type": "object", + "properties": { + "insightsEnabled": { + "type": "boolean", + "description": "Set the InsightsEnabled value to true to enable insights or false to disable insights." + }, + "notificationsEnabled": { + "type": "boolean", + "description": "Set the NotificationsEnabled value to true to enable insights notifications. Notifications can only be enabled on a group with InsightsEnabled set to true." + } + } + }, + "aws-native:xray:GroupTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag." + }, + "value": { + "type": "string", + "description": "The value for the tag." + } + } + }, + "aws-native:xray:SamplingRule": { + "type": "object", + "properties": { + "attributes": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Matches attributes derived from the request." + }, + "fixedRate": { + "type": "number", + "description": "The percentage of matching requests to instrument, after the reservoir is exhausted." + }, + "host": { + "type": "string", + "description": "Matches the hostname from a request URL." + }, + "httpMethod": { + "type": "string", + "description": "Matches the HTTP method from a request URL." + }, + "priority": { + "type": "integer", + "description": "The priority of the sampling rule." + }, + "reservoirSize": { + "type": "integer", + "description": "A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively." + }, + "resourceArn": { + "type": "string", + "description": "Matches the ARN of the AWS resource on which the service runs." + }, + "ruleArn": { + "type": "string", + "description": "The ARN of the sampling rule. Specify a rule by either name or ARN, but not both.\n\n\u003e Specifying a sampling rule by name is recommended, as specifying by ARN will be deprecated in future." + }, + "ruleName": { + "type": "string", + "description": "The name of the sampling rule. Specify a rule by either name or ARN, but not both." + }, + "serviceName": { + "type": "string", + "description": "Matches the name that the service uses to identify itself in segments." + }, + "serviceType": { + "type": "string", + "description": "Matches the origin that the service uses to identify its type in segments." + }, + "urlPath": { + "type": "string", + "description": "Matches the path from a request URL." + }, + "version": { + "type": "integer", + "description": "The version of the sampling rule format (1)", + "replaceOnChanges": true + } + }, + "irreversibleNames": { + "httpMethod": "HTTPMethod", + "resourceArn": "ResourceARN", + "ruleArn": "RuleARN", + "urlPath": "URLPath" + } + }, + "aws-native:xray:SamplingRuleRecord": { + "type": "object", + "properties": { + "createdAt": { + "type": "string", + "description": "When the rule was created, in Unix time seconds." + }, + "modifiedAt": { + "type": "string", + "description": "When the rule was modified, in Unix time seconds." + }, + "samplingRule": { + "$ref": "#/types/aws-native:xray:SamplingRule" + } + } + }, + "aws-native:xray:SamplingRuleTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The key name of the tag." + }, + "value": { + "type": "string", + "description": "The value for the tag." + } + } + }, + "aws-native:xray:SamplingRuleUpdate": { + "type": "object", + "properties": { + "attributes": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Matches attributes derived from the request." + }, + "fixedRate": { + "type": "number", + "description": "The percentage of matching requests to instrument, after the reservoir is exhausted." + }, + "host": { + "type": "string", + "description": "Matches the hostname from a request URL." + }, + "httpMethod": { + "type": "string", + "description": "Matches the HTTP method from a request URL." + }, + "priority": { + "type": "integer", + "description": "The priority of the sampling rule." + }, + "reservoirSize": { + "type": "integer", + "description": "A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively." + }, + "resourceArn": { + "type": "string", + "description": "Matches the ARN of the AWS resource on which the service runs." + }, + "ruleArn": { + "type": "string" + }, + "ruleName": { + "type": "string" + }, + "serviceName": { + "type": "string", + "description": "Matches the name that the service uses to identify itself in segments." + }, + "serviceType": { + "type": "string", + "description": "Matches the origin that the service uses to identify its type in segments." + }, + "urlPath": { + "type": "string", + "description": "Matches the path from a request URL." + } + }, + "irreversibleNames": { + "httpMethod": "HTTPMethod", + "resourceArn": "ResourceARN", + "ruleArn": "RuleARN", + "urlPath": "URLPath" + } + } + }, + "functions": { + "aws-native:accessanalyzer:getAnalyzer": { + "cf": "AWS::AccessAnalyzer::Analyzer", + "ids": [ + "arn" + ] + }, + "aws-native:acmpca:getCertificate": { + "cf": "AWS::ACMPCA::Certificate", + "ids": [ + "arn", + "certificateAuthorityArn" + ] + }, + "aws-native:acmpca:getCertificateAuthority": { + "cf": "AWS::ACMPCA::CertificateAuthority", + "ids": [ + "arn" + ] + }, + "aws-native:acmpca:getCertificateAuthorityActivation": { + "cf": "AWS::ACMPCA::CertificateAuthorityActivation", + "ids": [ + "certificateAuthorityArn" + ] + }, + "aws-native:amplify:getApp": { + "cf": "AWS::Amplify::App", + "ids": [ + "arn" + ] + }, + "aws-native:amplify:getBranch": { + "cf": "AWS::Amplify::Branch", + "ids": [ + "arn" + ] + }, + "aws-native:amplify:getDomain": { + "cf": "AWS::Amplify::Domain", + "ids": [ + "arn" + ] + }, + "aws-native:amplifyuibuilder:getComponent": { + "cf": "AWS::AmplifyUIBuilder::Component", + "ids": [ + "appId", + "environmentName", + "id" + ] + }, + "aws-native:amplifyuibuilder:getForm": { + "cf": "AWS::AmplifyUIBuilder::Form", + "ids": [ + "appId", + "environmentName", + "id" + ] + }, + "aws-native:amplifyuibuilder:getTheme": { + "cf": "AWS::AmplifyUIBuilder::Theme", + "ids": [ + "appId", + "environmentName", + "id" + ] + }, + "aws-native:apigateway:getAccount": { + "cf": "AWS::ApiGateway::Account", + "ids": [ + "id" + ] + }, + "aws-native:apigateway:getApiKey": { + "cf": "AWS::ApiGateway::ApiKey", + "ids": [ + "apiKeyId" + ] + }, + "aws-native:apigateway:getAuthorizer": { + "cf": "AWS::ApiGateway::Authorizer", + "ids": [ + "restApiId", + "authorizerId" + ] + }, + "aws-native:apigateway:getBasePathMapping": { + "cf": "AWS::ApiGateway::BasePathMapping", + "ids": [ + "domainName", + "basePath" + ] + }, + "aws-native:apigateway:getClientCertificate": { + "cf": "AWS::ApiGateway::ClientCertificate", + "ids": [ + "clientCertificateId" + ] + }, + "aws-native:apigateway:getDeployment": { + "cf": "AWS::ApiGateway::Deployment", + "ids": [ + "deploymentId", + "restApiId" + ] + }, + "aws-native:apigateway:getDocumentationPart": { + "cf": "AWS::ApiGateway::DocumentationPart", + "ids": [ + "documentationPartId", + "restApiId" + ] + }, + "aws-native:apigateway:getDocumentationVersion": { + "cf": "AWS::ApiGateway::DocumentationVersion", + "ids": [ + "documentationVersion", + "restApiId" + ] + }, + "aws-native:apigateway:getDomainName": { + "cf": "AWS::ApiGateway::DomainName", + "ids": [ + "domainName" + ] + }, + "aws-native:apigateway:getGatewayResponse": { + "cf": "AWS::ApiGateway::GatewayResponse", + "ids": [ + "id" + ] + }, + "aws-native:apigateway:getMethod": { + "cf": "AWS::ApiGateway::Method", + "ids": [ + "restApiId", + "resourceId", + "httpMethod" + ] + }, + "aws-native:apigateway:getModel": { + "cf": "AWS::ApiGateway::Model", + "ids": [ + "restApiId", + "name" + ] + }, + "aws-native:apigateway:getRequestValidator": { + "cf": "AWS::ApiGateway::RequestValidator", + "ids": [ + "restApiId", + "requestValidatorId" + ] + }, + "aws-native:apigateway:getResource": { + "cf": "AWS::ApiGateway::Resource", + "ids": [ + "restApiId", + "resourceId" + ] + }, + "aws-native:apigateway:getRestApi": { + "cf": "AWS::ApiGateway::RestApi", + "ids": [ + "restApiId" + ] + }, + "aws-native:apigateway:getStage": { + "cf": "AWS::ApiGateway::Stage", + "ids": [ + "restApiId", + "stageName" + ] + }, + "aws-native:apigateway:getUsagePlan": { + "cf": "AWS::ApiGateway::UsagePlan", + "ids": [ + "id" + ] + }, + "aws-native:apigateway:getUsagePlanKey": { + "cf": "AWS::ApiGateway::UsagePlanKey", + "ids": [ + "id" + ] + }, + "aws-native:apigateway:getVpcLink": { + "cf": "AWS::ApiGateway::VpcLink", + "ids": [ + "vpcLinkId" + ] + }, + "aws-native:apigatewayv2:getApi": { + "cf": "AWS::ApiGatewayV2::Api", + "ids": [ + "apiId" + ] + }, + "aws-native:apigatewayv2:getApiMapping": { + "cf": "AWS::ApiGatewayV2::ApiMapping", + "ids": [ + "apiMappingId", + "domainName" + ] + }, + "aws-native:apigatewayv2:getAuthorizer": { + "cf": "AWS::ApiGatewayV2::Authorizer", + "ids": [ + "authorizerId", + "apiId" + ] + }, + "aws-native:apigatewayv2:getDeployment": { + "cf": "AWS::ApiGatewayV2::Deployment", + "ids": [ + "apiId", + "deploymentId" + ] + }, + "aws-native:apigatewayv2:getDomainName": { + "cf": "AWS::ApiGatewayV2::DomainName", + "ids": [ + "domainName" + ] + }, + "aws-native:apigatewayv2:getIntegration": { + "cf": "AWS::ApiGatewayV2::Integration", + "ids": [ + "id" + ] + }, + "aws-native:apigatewayv2:getIntegrationResponse": { + "cf": "AWS::ApiGatewayV2::IntegrationResponse", + "ids": [ + "apiId", + "integrationId", + "integrationResponseId" + ] + }, + "aws-native:apigatewayv2:getModel": { + "cf": "AWS::ApiGatewayV2::Model", + "ids": [ + "apiId", + "modelId" + ] + }, + "aws-native:apigatewayv2:getRoute": { + "cf": "AWS::ApiGatewayV2::Route", + "ids": [ + "apiId", + "routeId" + ] + }, + "aws-native:apigatewayv2:getRouteResponse": { + "cf": "AWS::ApiGatewayV2::RouteResponse", + "ids": [ + "apiId", + "routeId", + "routeResponseId" + ] + }, + "aws-native:apigatewayv2:getVpcLink": { + "cf": "AWS::ApiGatewayV2::VpcLink", + "ids": [ + "vpcLinkId" + ] + }, + "aws-native:appconfig:getApplication": { + "cf": "AWS::AppConfig::Application", + "ids": [ + "applicationId" + ] + }, + "aws-native:appconfig:getConfigurationProfile": { + "cf": "AWS::AppConfig::ConfigurationProfile", + "ids": [ + "applicationId", + "configurationProfileId" + ] + }, + "aws-native:appconfig:getEnvironment": { + "cf": "AWS::AppConfig::Environment", + "ids": [ + "applicationId", + "environmentId" + ] + }, + "aws-native:appconfig:getExtension": { + "cf": "AWS::AppConfig::Extension", + "ids": [ + "id" + ] + }, + "aws-native:appconfig:getExtensionAssociation": { + "cf": "AWS::AppConfig::ExtensionAssociation", + "ids": [ + "id" + ] + }, + "aws-native:appconfig:getHostedConfigurationVersion": { + "cf": "AWS::AppConfig::HostedConfigurationVersion", + "ids": [ + "applicationId", + "configurationProfileId", + "versionNumber" + ] + }, + "aws-native:appflow:getConnector": { + "cf": "AWS::AppFlow::Connector", + "ids": [ + "connectorLabel" + ] + }, + "aws-native:appflow:getConnectorProfile": { + "cf": "AWS::AppFlow::ConnectorProfile", + "ids": [ + "connectorProfileName" + ] + }, + "aws-native:appflow:getFlow": { + "cf": "AWS::AppFlow::Flow", + "ids": [ + "flowName" + ] + }, + "aws-native:appintegrations:getApplication": { + "cf": "AWS::AppIntegrations::Application", + "ids": [ + "applicationArn" + ] + }, + "aws-native:appintegrations:getDataIntegration": { + "cf": "AWS::AppIntegrations::DataIntegration", + "ids": [ + "id" + ] + }, + "aws-native:appintegrations:getEventIntegration": { + "cf": "AWS::AppIntegrations::EventIntegration", + "ids": [ + "name" + ] + }, + "aws-native:applicationautoscaling:getScalableTarget": { + "cf": "AWS::ApplicationAutoScaling::ScalableTarget", + "ids": [ + "resourceId", + "scalableDimension", + "serviceNamespace" + ] + }, + "aws-native:applicationautoscaling:getScalingPolicy": { + "cf": "AWS::ApplicationAutoScaling::ScalingPolicy", + "ids": [ + "arn", + "scalableDimension" + ] + }, + "aws-native:applicationinsights:getApplication": { + "cf": "AWS::ApplicationInsights::Application", + "ids": [ + "applicationArn" + ] + }, + "aws-native:applicationsignals:getServiceLevelObjective": { + "cf": "AWS::ApplicationSignals::ServiceLevelObjective", + "ids": [ + "arn" + ] + }, + "aws-native:apprunner:getAutoScalingConfiguration": { + "cf": "AWS::AppRunner::AutoScalingConfiguration", + "ids": [ + "autoScalingConfigurationArn" + ] + }, + "aws-native:apprunner:getObservabilityConfiguration": { + "cf": "AWS::AppRunner::ObservabilityConfiguration", + "ids": [ + "observabilityConfigurationArn" + ] + }, + "aws-native:apprunner:getService": { + "cf": "AWS::AppRunner::Service", + "ids": [ + "serviceArn" + ] + }, + "aws-native:apprunner:getVpcConnector": { + "cf": "AWS::AppRunner::VpcConnector", + "ids": [ + "vpcConnectorArn" + ] + }, + "aws-native:apprunner:getVpcIngressConnection": { + "cf": "AWS::AppRunner::VpcIngressConnection", + "ids": [ + "vpcIngressConnectionArn" + ] + }, + "aws-native:appstream:getAppBlock": { + "cf": "AWS::AppStream::AppBlock", + "ids": [ + "arn" + ] + }, + "aws-native:appstream:getAppBlockBuilder": { + "cf": "AWS::AppStream::AppBlockBuilder", + "ids": [ + "name" + ] + }, + "aws-native:appstream:getApplication": { + "cf": "AWS::AppStream::Application", + "ids": [ + "arn" + ] + }, + "aws-native:appstream:getDirectoryConfig": { + "cf": "AWS::AppStream::DirectoryConfig", + "ids": [ + "directoryName" + ] + }, + "aws-native:appstream:getEntitlement": { + "cf": "AWS::AppStream::Entitlement", + "ids": [ + "stackName", + "name" + ] + }, + "aws-native:appstream:getImageBuilder": { + "cf": "AWS::AppStream::ImageBuilder", + "ids": [ + "name" + ] + }, + "aws-native:appsync:getDomainName": { + "cf": "AWS::AppSync::DomainName", + "ids": [ + "domainName" + ] + }, + "aws-native:appsync:getDomainNameApiAssociation": { + "cf": "AWS::AppSync::DomainNameApiAssociation", + "ids": [ + "apiAssociationIdentifier" + ] + }, + "aws-native:appsync:getFunctionConfiguration": { + "cf": "AWS::AppSync::FunctionConfiguration", + "ids": [ + "functionArn" + ] + }, + "aws-native:appsync:getResolver": { + "cf": "AWS::AppSync::Resolver", + "ids": [ + "resolverArn" + ] + }, + "aws-native:appsync:getSourceApiAssociation": { + "cf": "AWS::AppSync::SourceApiAssociation", + "ids": [ + "associationArn" + ] + }, + "aws-native:aps:getRuleGroupsNamespace": { + "cf": "AWS::APS::RuleGroupsNamespace", + "ids": [ + "arn" + ] + }, + "aws-native:aps:getScraper": { + "cf": "AWS::APS::Scraper", + "ids": [ + "arn" + ] + }, + "aws-native:aps:getWorkspace": { + "cf": "AWS::APS::Workspace", + "ids": [ + "arn" + ] + }, + "aws-native:arczonalshift:getAutoshiftObserverNotificationStatus": { + "cf": "AWS::ARCZonalShift::AutoshiftObserverNotificationStatus", + "ids": [ + "accountId", + "region" + ] + }, + "aws-native:arczonalshift:getZonalAutoshiftConfiguration": { + "cf": "AWS::ARCZonalShift::ZonalAutoshiftConfiguration", + "ids": [ + "resourceIdentifier" + ] + }, + "aws-native:athena:getCapacityReservation": { + "cf": "AWS::Athena::CapacityReservation", + "ids": [ + "arn" + ] + }, + "aws-native:athena:getDataCatalog": { + "cf": "AWS::Athena::DataCatalog", + "ids": [ + "name" + ] + }, + "aws-native:athena:getNamedQuery": { + "cf": "AWS::Athena::NamedQuery", + "ids": [ + "namedQueryId" + ] + }, + "aws-native:athena:getPreparedStatement": { + "cf": "AWS::Athena::PreparedStatement", + "ids": [ + "statementName", + "workGroup" + ] + }, + "aws-native:athena:getWorkGroup": { + "cf": "AWS::Athena::WorkGroup", + "ids": [ + "name" + ] + }, + "aws-native:auditmanager:getAssessment": { + "cf": "AWS::AuditManager::Assessment", + "ids": [ + "assessmentId" + ] + }, + "aws-native:autoscaling:getAutoScalingGroup": { + "cf": "AWS::AutoScaling::AutoScalingGroup", + "ids": [ + "autoScalingGroupName" + ] + }, + "aws-native:autoscaling:getLifecycleHook": { + "cf": "AWS::AutoScaling::LifecycleHook", + "ids": [ + "autoScalingGroupName", + "lifecycleHookName" + ] + }, + "aws-native:autoscaling:getScalingPolicy": { + "cf": "AWS::AutoScaling::ScalingPolicy", + "ids": [ + "arn" + ] + }, + "aws-native:autoscaling:getScheduledAction": { + "cf": "AWS::AutoScaling::ScheduledAction", + "ids": [ + "scheduledActionName", + "autoScalingGroupName" + ] + }, + "aws-native:autoscaling:getWarmPool": { + "cf": "AWS::AutoScaling::WarmPool", + "ids": [ + "autoScalingGroupName" + ] + }, + "aws-native:b2bi:getCapability": { + "cf": "AWS::B2BI::Capability", + "ids": [ + "capabilityId" + ] + }, + "aws-native:b2bi:getPartnership": { + "cf": "AWS::B2BI::Partnership", + "ids": [ + "partnershipId" + ] + }, + "aws-native:b2bi:getProfile": { + "cf": "AWS::B2BI::Profile", + "ids": [ + "profileId" + ] + }, + "aws-native:b2bi:getTransformer": { + "cf": "AWS::B2BI::Transformer", + "ids": [ + "transformerId" + ] + }, + "aws-native:backup:getBackupPlan": { + "cf": "AWS::Backup::BackupPlan", + "ids": [ + "backupPlanId" + ] + }, + "aws-native:backup:getBackupSelection": { + "cf": "AWS::Backup::BackupSelection", + "ids": [ + "id" + ] + }, + "aws-native:backup:getBackupVault": { + "cf": "AWS::Backup::BackupVault", + "ids": [ + "backupVaultName" + ] + }, + "aws-native:backup:getFramework": { + "cf": "AWS::Backup::Framework", + "ids": [ + "frameworkArn" + ] + }, + "aws-native:backup:getReportPlan": { + "cf": "AWS::Backup::ReportPlan", + "ids": [ + "reportPlanArn" + ] + }, + "aws-native:backup:getRestoreTestingPlan": { + "cf": "AWS::Backup::RestoreTestingPlan", + "ids": [ + "restoreTestingPlanName" + ] + }, + "aws-native:backup:getRestoreTestingSelection": { + "cf": "AWS::Backup::RestoreTestingSelection", + "ids": [ + "restoreTestingPlanName", + "restoreTestingSelectionName" + ] + }, + "aws-native:backupgateway:getHypervisor": { + "cf": "AWS::BackupGateway::Hypervisor", + "ids": [ + "hypervisorArn" + ] + }, + "aws-native:batch:getComputeEnvironment": { + "cf": "AWS::Batch::ComputeEnvironment", + "ids": [ + "computeEnvironmentArn" + ] + }, + "aws-native:batch:getJobDefinition": { + "cf": "AWS::Batch::JobDefinition", + "ids": [ + "id" + ] + }, + "aws-native:batch:getJobQueue": { + "cf": "AWS::Batch::JobQueue", + "ids": [ + "jobQueueArn" + ] + }, + "aws-native:batch:getSchedulingPolicy": { + "cf": "AWS::Batch::SchedulingPolicy", + "ids": [ + "arn" + ] + }, + "aws-native:bedrock:getAgent": { + "cf": "AWS::Bedrock::Agent", + "ids": [ + "agentId" + ] + }, + "aws-native:bedrock:getAgentAlias": { + "cf": "AWS::Bedrock::AgentAlias", + "ids": [ + "agentId", + "agentAliasId" + ] + }, + "aws-native:bedrock:getDataSource": { + "cf": "AWS::Bedrock::DataSource", + "ids": [ + "knowledgeBaseId", + "dataSourceId" + ] + }, + "aws-native:bedrock:getFlow": { + "cf": "AWS::Bedrock::Flow", + "ids": [ + "arn" + ] + }, + "aws-native:bedrock:getFlowAlias": { + "cf": "AWS::Bedrock::FlowAlias", + "ids": [ + "arn", + "flowArn" + ] + }, + "aws-native:bedrock:getFlowVersion": { + "cf": "AWS::Bedrock::FlowVersion", + "ids": [ + "flowArn", + "version" + ] + }, + "aws-native:bedrock:getGuardrail": { + "cf": "AWS::Bedrock::Guardrail", + "ids": [ + "guardrailArn" + ] + }, + "aws-native:bedrock:getGuardrailVersion": { + "cf": "AWS::Bedrock::GuardrailVersion", + "ids": [ + "guardrailId", + "version" + ] + }, + "aws-native:bedrock:getKnowledgeBase": { + "cf": "AWS::Bedrock::KnowledgeBase", + "ids": [ + "knowledgeBaseId" + ] + }, + "aws-native:bedrock:getPrompt": { + "cf": "AWS::Bedrock::Prompt", + "ids": [ + "arn" + ] + }, + "aws-native:bedrock:getPromptVersion": { + "cf": "AWS::Bedrock::PromptVersion", + "ids": [ + "arn" + ] + }, + "aws-native:budgets:getBudgetsAction": { + "cf": "AWS::Budgets::BudgetsAction", + "ids": [ + "actionId", + "budgetName" + ] + }, + "aws-native:cassandra:getKeyspace": { + "cf": "AWS::Cassandra::Keyspace", + "ids": [ + "keyspaceName" + ] + }, + "aws-native:cassandra:getTable": { + "cf": "AWS::Cassandra::Table", + "ids": [ + "keyspaceName", + "tableName" + ] + }, + "aws-native:ce:getAnomalyMonitor": { + "cf": "AWS::CE::AnomalyMonitor", + "ids": [ + "monitorArn" + ] + }, + "aws-native:ce:getAnomalySubscription": { + "cf": "AWS::CE::AnomalySubscription", + "ids": [ + "subscriptionArn" + ] + }, + "aws-native:ce:getCostCategory": { + "cf": "AWS::CE::CostCategory", + "ids": [ + "arn" + ] + }, + "aws-native:certificatemanager:getAccount": { + "cf": "AWS::CertificateManager::Account", + "ids": [ + "accountId" + ] + }, + "aws-native:chatbot:getMicrosoftTeamsChannelConfiguration": { + "cf": "AWS::Chatbot::MicrosoftTeamsChannelConfiguration", + "ids": [ + "arn" + ] + }, + "aws-native:chatbot:getSlackChannelConfiguration": { + "cf": "AWS::Chatbot::SlackChannelConfiguration", + "ids": [ + "arn" + ] + }, + "aws-native:cleanrooms:getAnalysisTemplate": { + "cf": "AWS::CleanRooms::AnalysisTemplate", + "ids": [ + "analysisTemplateIdentifier", + "membershipIdentifier" + ] + }, + "aws-native:cleanrooms:getCollaboration": { + "cf": "AWS::CleanRooms::Collaboration", + "ids": [ + "collaborationIdentifier" + ] + }, + "aws-native:cleanrooms:getConfiguredTable": { + "cf": "AWS::CleanRooms::ConfiguredTable", + "ids": [ + "configuredTableIdentifier" + ] + }, + "aws-native:cleanrooms:getConfiguredTableAssociation": { + "cf": "AWS::CleanRooms::ConfiguredTableAssociation", + "ids": [ + "configuredTableAssociationIdentifier", + "membershipIdentifier" + ] + }, + "aws-native:cleanrooms:getIdMappingTable": { + "cf": "AWS::CleanRooms::IdMappingTable", + "ids": [ + "idMappingTableIdentifier", + "membershipIdentifier" + ] + }, + "aws-native:cleanrooms:getIdNamespaceAssociation": { + "cf": "AWS::CleanRooms::IdNamespaceAssociation", + "ids": [ + "idNamespaceAssociationIdentifier", + "membershipIdentifier" + ] + }, + "aws-native:cleanrooms:getMembership": { + "cf": "AWS::CleanRooms::Membership", + "ids": [ + "membershipIdentifier" + ] + }, + "aws-native:cleanrooms:getPrivacyBudgetTemplate": { + "cf": "AWS::CleanRooms::PrivacyBudgetTemplate", + "ids": [ + "privacyBudgetTemplateIdentifier", + "membershipIdentifier" + ] + }, + "aws-native:cleanroomsml:getTrainingDataset": { + "cf": "AWS::CleanRoomsML::TrainingDataset", + "ids": [ + "trainingDatasetArn" + ] + }, + "aws-native:cloudformation:getHookDefaultVersion": { + "cf": "AWS::CloudFormation::HookDefaultVersion", + "ids": [ + "arn" + ] + }, + "aws-native:cloudformation:getHookTypeConfig": { + "cf": "AWS::CloudFormation::HookTypeConfig", + "ids": [ + "configurationArn" + ] + }, + "aws-native:cloudformation:getHookVersion": { + "cf": "AWS::CloudFormation::HookVersion", + "ids": [ + "arn" + ] + }, + "aws-native:cloudformation:getModuleVersion": { + "cf": "AWS::CloudFormation::ModuleVersion", + "ids": [ + "arn" + ] + }, + "aws-native:cloudformation:getPublicTypeVersion": { + "cf": "AWS::CloudFormation::PublicTypeVersion", + "ids": [ + "publicTypeArn" + ] + }, + "aws-native:cloudformation:getPublisher": { + "cf": "AWS::CloudFormation::Publisher", + "ids": [ + "publisherId" + ] + }, + "aws-native:cloudformation:getResourceDefaultVersion": { + "cf": "AWS::CloudFormation::ResourceDefaultVersion", + "ids": [ + "arn" + ] + }, + "aws-native:cloudformation:getResourceVersion": { + "cf": "AWS::CloudFormation::ResourceVersion", + "ids": [ + "arn" + ] + }, + "aws-native:cloudformation:getStack": { + "cf": "AWS::CloudFormation::Stack", + "ids": [ + "stackId" + ] + }, + "aws-native:cloudformation:getStackSet": { + "cf": "AWS::CloudFormation::StackSet", + "ids": [ + "stackSetId" + ] + }, + "aws-native:cloudformation:getTypeActivation": { + "cf": "AWS::CloudFormation::TypeActivation", + "ids": [ + "arn" + ] + }, + "aws-native:cloudfront:getCachePolicy": { + "cf": "AWS::CloudFront::CachePolicy", + "ids": [ + "id" + ] + }, + "aws-native:cloudfront:getCloudFrontOriginAccessIdentity": { + "cf": "AWS::CloudFront::CloudFrontOriginAccessIdentity", + "ids": [ + "id" + ] + }, + "aws-native:cloudfront:getContinuousDeploymentPolicy": { + "cf": "AWS::CloudFront::ContinuousDeploymentPolicy", + "ids": [ + "id" + ] + }, + "aws-native:cloudfront:getDistribution": { + "cf": "AWS::CloudFront::Distribution", + "ids": [ + "id" + ] + }, + "aws-native:cloudfront:getFunction": { + "cf": "AWS::CloudFront::Function", + "ids": [ + "functionArn" + ] + }, + "aws-native:cloudfront:getKeyGroup": { + "cf": "AWS::CloudFront::KeyGroup", + "ids": [ + "id" + ] + }, + "aws-native:cloudfront:getKeyValueStore": { + "cf": "AWS::CloudFront::KeyValueStore", + "ids": [ + "name" + ] + }, + "aws-native:cloudfront:getMonitoringSubscription": { + "cf": "AWS::CloudFront::MonitoringSubscription", + "ids": [ + "distributionId" + ] + }, + "aws-native:cloudfront:getOriginAccessControl": { + "cf": "AWS::CloudFront::OriginAccessControl", + "ids": [ + "id" + ] + }, + "aws-native:cloudfront:getOriginRequestPolicy": { + "cf": "AWS::CloudFront::OriginRequestPolicy", + "ids": [ + "id" + ] + }, + "aws-native:cloudfront:getPublicKey": { + "cf": "AWS::CloudFront::PublicKey", + "ids": [ + "id" + ] + }, + "aws-native:cloudfront:getRealtimeLogConfig": { + "cf": "AWS::CloudFront::RealtimeLogConfig", + "ids": [ + "arn" + ] + }, + "aws-native:cloudfront:getResponseHeadersPolicy": { + "cf": "AWS::CloudFront::ResponseHeadersPolicy", + "ids": [ + "id" + ] + }, + "aws-native:cloudtrail:getChannel": { + "cf": "AWS::CloudTrail::Channel", + "ids": [ + "channelArn" + ] + }, + "aws-native:cloudtrail:getEventDataStore": { + "cf": "AWS::CloudTrail::EventDataStore", + "ids": [ + "eventDataStoreArn" + ] + }, + "aws-native:cloudtrail:getResourcePolicy": { + "cf": "AWS::CloudTrail::ResourcePolicy", + "ids": [ + "resourceArn" + ] + }, + "aws-native:cloudtrail:getTrail": { + "cf": "AWS::CloudTrail::Trail", + "ids": [ + "trailName" + ] + }, + "aws-native:cloudwatch:getAlarm": { + "cf": "AWS::CloudWatch::Alarm", + "ids": [ + "alarmName" + ] + }, + "aws-native:cloudwatch:getCompositeAlarm": { + "cf": "AWS::CloudWatch::CompositeAlarm", + "ids": [ + "alarmName" + ] + }, + "aws-native:cloudwatch:getDashboard": { + "cf": "AWS::CloudWatch::Dashboard", + "ids": [ + "dashboardName" + ] + }, + "aws-native:cloudwatch:getMetricStream": { + "cf": "AWS::CloudWatch::MetricStream", + "ids": [ + "name" + ] + }, + "aws-native:codeartifact:getDomain": { + "cf": "AWS::CodeArtifact::Domain", + "ids": [ + "arn" + ] + }, + "aws-native:codeartifact:getPackageGroup": { + "cf": "AWS::CodeArtifact::PackageGroup", + "ids": [ + "arn" + ] + }, + "aws-native:codeartifact:getRepository": { + "cf": "AWS::CodeArtifact::Repository", + "ids": [ + "arn" + ] + }, + "aws-native:codebuild:getFleet": { + "cf": "AWS::CodeBuild::Fleet", + "ids": [ + "arn" + ] + }, + "aws-native:codeconnections:getConnection": { + "cf": "AWS::CodeConnections::Connection", + "ids": [ + "connectionArn" + ] + }, + "aws-native:codedeploy:getApplication": { + "cf": "AWS::CodeDeploy::Application", + "ids": [ + "applicationName" + ] + }, + "aws-native:codeguruprofiler:getProfilingGroup": { + "cf": "AWS::CodeGuruProfiler::ProfilingGroup", + "ids": [ + "profilingGroupName" + ] + }, + "aws-native:codegurureviewer:getRepositoryAssociation": { + "cf": "AWS::CodeGuruReviewer::RepositoryAssociation", + "ids": [ + "associationArn" + ] + }, + "aws-native:codepipeline:getCustomActionType": { + "cf": "AWS::CodePipeline::CustomActionType", + "ids": [ + "category", + "provider", + "version" + ] + }, + "aws-native:codepipeline:getPipeline": { + "cf": "AWS::CodePipeline::Pipeline", + "ids": [ + "name" + ] + }, + "aws-native:codestarconnections:getConnection": { + "cf": "AWS::CodeStarConnections::Connection", + "ids": [ + "connectionArn" + ] + }, + "aws-native:codestarconnections:getRepositoryLink": { + "cf": "AWS::CodeStarConnections::RepositoryLink", + "ids": [ + "repositoryLinkArn" + ] + }, + "aws-native:codestarconnections:getSyncConfiguration": { + "cf": "AWS::CodeStarConnections::SyncConfiguration", + "ids": [ + "resourceName", + "syncType" + ] + }, + "aws-native:codestarnotifications:getNotificationRule": { + "cf": "AWS::CodeStarNotifications::NotificationRule", + "ids": [ + "arn" + ] + }, + "aws-native:cognito:getIdentityPool": { + "cf": "AWS::Cognito::IdentityPool", + "ids": [ + "id" + ] + }, + "aws-native:cognito:getIdentityPoolPrincipalTag": { + "cf": "AWS::Cognito::IdentityPoolPrincipalTag", + "ids": [ + "identityPoolId", + "identityProviderName" + ] + }, + "aws-native:cognito:getIdentityPoolRoleAttachment": { + "cf": "AWS::Cognito::IdentityPoolRoleAttachment", + "ids": [ + "id" + ] + }, + "aws-native:cognito:getLogDeliveryConfiguration": { + "cf": "AWS::Cognito::LogDeliveryConfiguration", + "ids": [ + "id" + ] + }, + "aws-native:cognito:getUserPool": { + "cf": "AWS::Cognito::UserPool", + "ids": [ + "userPoolId" + ] + }, + "aws-native:cognito:getUserPoolClient": { + "cf": "AWS::Cognito::UserPoolClient", + "ids": [ + "userPoolId", + "clientId" + ] + }, + "aws-native:cognito:getUserPoolDomain": { + "cf": "AWS::Cognito::UserPoolDomain", + "ids": [ + "id" + ] + }, + "aws-native:cognito:getUserPoolGroup": { + "cf": "AWS::Cognito::UserPoolGroup", + "ids": [ + "userPoolId", + "groupName" + ] + }, + "aws-native:cognito:getUserPoolIdentityProvider": { + "cf": "AWS::Cognito::UserPoolIdentityProvider", + "ids": [ + "id" + ] + }, + "aws-native:cognito:getUserPoolResourceServer": { + "cf": "AWS::Cognito::UserPoolResourceServer", + "ids": [ + "userPoolId", + "identifier" + ] + }, + "aws-native:cognito:getUserPoolRiskConfigurationAttachment": { + "cf": "AWS::Cognito::UserPoolRiskConfigurationAttachment", + "ids": [ + "userPoolId", + "clientId" + ] + }, + "aws-native:cognito:getUserPoolUiCustomizationAttachment": { + "cf": "AWS::Cognito::UserPoolUICustomizationAttachment", + "ids": [ + "userPoolId", + "clientId" + ] + }, + "aws-native:comprehend:getDocumentClassifier": { + "cf": "AWS::Comprehend::DocumentClassifier", + "ids": [ + "arn" + ] + }, + "aws-native:comprehend:getFlywheel": { + "cf": "AWS::Comprehend::Flywheel", + "ids": [ + "arn" + ] + }, + "aws-native:configuration:getAggregationAuthorization": { + "cf": "AWS::Config::AggregationAuthorization", + "ids": [ + "authorizedAccountId", + "authorizedAwsRegion" + ] + }, + "aws-native:configuration:getConfigRule": { + "cf": "AWS::Config::ConfigRule", + "ids": [ + "configRuleName" + ] + }, + "aws-native:configuration:getConfigurationAggregator": { + "cf": "AWS::Config::ConfigurationAggregator", + "ids": [ + "configurationAggregatorName" + ] + }, + "aws-native:configuration:getConformancePack": { + "cf": "AWS::Config::ConformancePack", + "ids": [ + "conformancePackName" + ] + }, + "aws-native:configuration:getOrganizationConformancePack": { + "cf": "AWS::Config::OrganizationConformancePack", + "ids": [ + "organizationConformancePackName" + ] + }, + "aws-native:configuration:getStoredQuery": { + "cf": "AWS::Config::StoredQuery", + "ids": [ + "queryName" + ] + }, + "aws-native:connect:getContactFlow": { + "cf": "AWS::Connect::ContactFlow", + "ids": [ + "contactFlowArn" + ] + }, + "aws-native:connect:getContactFlowModule": { + "cf": "AWS::Connect::ContactFlowModule", + "ids": [ + "contactFlowModuleArn" + ] + }, + "aws-native:connect:getEvaluationForm": { + "cf": "AWS::Connect::EvaluationForm", + "ids": [ + "evaluationFormArn" + ] + }, + "aws-native:connect:getHoursOfOperation": { + "cf": "AWS::Connect::HoursOfOperation", + "ids": [ + "hoursOfOperationArn" + ] + }, + "aws-native:connect:getInstance": { + "cf": "AWS::Connect::Instance", + "ids": [ + "arn" + ] + }, + "aws-native:connect:getInstanceStorageConfig": { + "cf": "AWS::Connect::InstanceStorageConfig", + "ids": [ + "instanceArn", + "associationId", + "resourceType" + ] + }, + "aws-native:connect:getIntegrationAssociation": { + "cf": "AWS::Connect::IntegrationAssociation", + "ids": [ + "instanceId", + "integrationType", + "integrationArn" + ] + }, + "aws-native:connect:getPhoneNumber": { + "cf": "AWS::Connect::PhoneNumber", + "ids": [ + "phoneNumberArn" + ] + }, + "aws-native:connect:getPredefinedAttribute": { + "cf": "AWS::Connect::PredefinedAttribute", + "ids": [ + "instanceArn", + "name" + ] + }, + "aws-native:connect:getPrompt": { + "cf": "AWS::Connect::Prompt", + "ids": [ + "promptArn" + ] + }, + "aws-native:connect:getQueue": { + "cf": "AWS::Connect::Queue", + "ids": [ + "queueArn" + ] + }, + "aws-native:connect:getQuickConnect": { + "cf": "AWS::Connect::QuickConnect", + "ids": [ + "quickConnectArn" + ] + }, + "aws-native:connect:getRoutingProfile": { + "cf": "AWS::Connect::RoutingProfile", + "ids": [ + "routingProfileArn" + ] + }, + "aws-native:connect:getRule": { + "cf": "AWS::Connect::Rule", + "ids": [ + "ruleArn" + ] + }, + "aws-native:connect:getSecurityKey": { + "cf": "AWS::Connect::SecurityKey", + "ids": [ + "instanceId", + "associationId" + ] + }, + "aws-native:connect:getSecurityProfile": { + "cf": "AWS::Connect::SecurityProfile", + "ids": [ + "securityProfileArn" + ] + }, + "aws-native:connect:getTaskTemplate": { + "cf": "AWS::Connect::TaskTemplate", + "ids": [ + "arn" + ] + }, + "aws-native:connect:getTrafficDistributionGroup": { + "cf": "AWS::Connect::TrafficDistributionGroup", + "ids": [ + "trafficDistributionGroupArn" + ] + }, + "aws-native:connect:getUser": { + "cf": "AWS::Connect::User", + "ids": [ + "userArn" + ] + }, + "aws-native:connect:getUserHierarchyGroup": { + "cf": "AWS::Connect::UserHierarchyGroup", + "ids": [ + "userHierarchyGroupArn" + ] + }, + "aws-native:connect:getView": { + "cf": "AWS::Connect::View", + "ids": [ + "viewArn" + ] + }, + "aws-native:connect:getViewVersion": { + "cf": "AWS::Connect::ViewVersion", + "ids": [ + "viewVersionArn" + ] + }, + "aws-native:connectcampaigns:getCampaign": { + "cf": "AWS::ConnectCampaigns::Campaign", + "ids": [ + "arn" + ] + }, + "aws-native:controltower:getEnabledBaseline": { + "cf": "AWS::ControlTower::EnabledBaseline", + "ids": [ + "enabledBaselineIdentifier" + ] + }, + "aws-native:controltower:getEnabledControl": { + "cf": "AWS::ControlTower::EnabledControl", + "ids": [ + "targetIdentifier", + "controlIdentifier" + ] + }, + "aws-native:controltower:getLandingZone": { + "cf": "AWS::ControlTower::LandingZone", + "ids": [ + "landingZoneIdentifier" + ] + }, + "aws-native:customerprofiles:getCalculatedAttributeDefinition": { + "cf": "AWS::CustomerProfiles::CalculatedAttributeDefinition", + "ids": [ + "domainName", + "calculatedAttributeName" + ] + }, + "aws-native:customerprofiles:getDomain": { + "cf": "AWS::CustomerProfiles::Domain", + "ids": [ + "domainName" + ] + }, + "aws-native:customerprofiles:getEventStream": { + "cf": "AWS::CustomerProfiles::EventStream", + "ids": [ + "domainName", + "eventStreamName" + ] + }, + "aws-native:customerprofiles:getIntegration": { + "cf": "AWS::CustomerProfiles::Integration", + "ids": [ + "domainName", + "uri" + ] + }, + "aws-native:customerprofiles:getObjectType": { + "cf": "AWS::CustomerProfiles::ObjectType", + "ids": [ + "domainName", + "objectTypeName" + ] + }, + "aws-native:databrew:getDataset": { + "cf": "AWS::DataBrew::Dataset", + "ids": [ + "name" + ] + }, + "aws-native:databrew:getJob": { + "cf": "AWS::DataBrew::Job", + "ids": [ + "name" + ] + }, + "aws-native:databrew:getProject": { + "cf": "AWS::DataBrew::Project", + "ids": [ + "name" + ] + }, + "aws-native:databrew:getRecipe": { + "cf": "AWS::DataBrew::Recipe", + "ids": [ + "name" + ] + }, + "aws-native:databrew:getRuleset": { + "cf": "AWS::DataBrew::Ruleset", + "ids": [ + "name" + ] + }, + "aws-native:databrew:getSchedule": { + "cf": "AWS::DataBrew::Schedule", + "ids": [ + "name" + ] + }, + "aws-native:datapipeline:getPipeline": { + "cf": "AWS::DataPipeline::Pipeline", + "ids": [ + "pipelineId" + ] + }, + "aws-native:datasync:getAgent": { + "cf": "AWS::DataSync::Agent", + "ids": [ + "agentArn" + ] + }, + "aws-native:datasync:getLocationAzureBlob": { + "cf": "AWS::DataSync::LocationAzureBlob", + "ids": [ + "locationArn" + ] + }, + "aws-native:datasync:getLocationEfs": { + "cf": "AWS::DataSync::LocationEFS", + "ids": [ + "locationArn" + ] + }, + "aws-native:datasync:getLocationFSxLustre": { + "cf": "AWS::DataSync::LocationFSxLustre", + "ids": [ + "locationArn" + ] + }, + "aws-native:datasync:getLocationFSxOntap": { + "cf": "AWS::DataSync::LocationFSxONTAP", + "ids": [ + "locationArn" + ] + }, + "aws-native:datasync:getLocationFSxOpenZfs": { + "cf": "AWS::DataSync::LocationFSxOpenZFS", + "ids": [ + "locationArn" + ] + }, + "aws-native:datasync:getLocationFSxWindows": { + "cf": "AWS::DataSync::LocationFSxWindows", + "ids": [ + "locationArn" + ] + }, + "aws-native:datasync:getLocationHdfs": { + "cf": "AWS::DataSync::LocationHDFS", + "ids": [ + "locationArn" + ] + }, + "aws-native:datasync:getLocationNfs": { + "cf": "AWS::DataSync::LocationNFS", + "ids": [ + "locationArn" + ] + }, + "aws-native:datasync:getLocationObjectStorage": { + "cf": "AWS::DataSync::LocationObjectStorage", + "ids": [ + "locationArn" + ] + }, + "aws-native:datasync:getLocationS3": { + "cf": "AWS::DataSync::LocationS3", + "ids": [ + "locationArn" + ] + }, + "aws-native:datasync:getLocationSmb": { + "cf": "AWS::DataSync::LocationSMB", + "ids": [ + "locationArn" + ] + }, + "aws-native:datasync:getStorageSystem": { + "cf": "AWS::DataSync::StorageSystem", + "ids": [ + "storageSystemArn" + ] + }, + "aws-native:datasync:getTask": { + "cf": "AWS::DataSync::Task", + "ids": [ + "taskArn" + ] + }, + "aws-native:datazone:getDataSource": { + "cf": "AWS::DataZone::DataSource", + "ids": [ + "domainId", + "id" + ] + }, + "aws-native:datazone:getDomain": { + "cf": "AWS::DataZone::Domain", + "ids": [ + "id" + ] + }, + "aws-native:datazone:getEnvironment": { + "cf": "AWS::DataZone::Environment", + "ids": [ + "domainId", + "id" + ] + }, + "aws-native:datazone:getEnvironmentBlueprintConfiguration": { + "cf": "AWS::DataZone::EnvironmentBlueprintConfiguration", + "ids": [ + "domainId", + "environmentBlueprintId" + ] + }, + "aws-native:datazone:getEnvironmentProfile": { + "cf": "AWS::DataZone::EnvironmentProfile", + "ids": [ + "domainId", + "id" + ] + }, + "aws-native:datazone:getGroupProfile": { + "cf": "AWS::DataZone::GroupProfile", + "ids": [ + "domainId", + "id" + ] + }, + "aws-native:datazone:getProject": { + "cf": "AWS::DataZone::Project", + "ids": [ + "domainId", + "id" + ] + }, + "aws-native:datazone:getSubscriptionTarget": { + "cf": "AWS::DataZone::SubscriptionTarget", + "ids": [ + "domainId", + "environmentId", + "id" + ] + }, + "aws-native:datazone:getUserProfile": { + "cf": "AWS::DataZone::UserProfile", + "ids": [ + "domainId", + "id" + ] + }, + "aws-native:deadline:getFarm": { + "cf": "AWS::Deadline::Farm", + "ids": [ + "arn" + ] + }, + "aws-native:deadline:getFleet": { + "cf": "AWS::Deadline::Fleet", + "ids": [ + "arn" + ] + }, + "aws-native:deadline:getLicenseEndpoint": { + "cf": "AWS::Deadline::LicenseEndpoint", + "ids": [ + "arn" + ] + }, + "aws-native:deadline:getMeteredProduct": { + "cf": "AWS::Deadline::MeteredProduct", + "ids": [ + "arn" + ] + }, + "aws-native:deadline:getMonitor": { + "cf": "AWS::Deadline::Monitor", + "ids": [ + "arn" + ] + }, + "aws-native:deadline:getQueue": { + "cf": "AWS::Deadline::Queue", + "ids": [ + "arn" + ] + }, + "aws-native:deadline:getQueueEnvironment": { + "cf": "AWS::Deadline::QueueEnvironment", + "ids": [ + "farmId", + "queueId", + "queueEnvironmentId" + ] + }, + "aws-native:deadline:getStorageProfile": { + "cf": "AWS::Deadline::StorageProfile", + "ids": [ + "farmId", + "storageProfileId" + ] + }, + "aws-native:detective:getGraph": { + "cf": "AWS::Detective::Graph", + "ids": [ + "arn" + ] + }, + "aws-native:detective:getMemberInvitation": { + "cf": "AWS::Detective::MemberInvitation", + "ids": [ + "graphArn", + "memberId" + ] + }, + "aws-native:detective:getOrganizationAdmin": { + "cf": "AWS::Detective::OrganizationAdmin", + "ids": [ + "accountId" + ] + }, + "aws-native:devicefarm:getDevicePool": { + "cf": "AWS::DeviceFarm::DevicePool", + "ids": [ + "arn" + ] + }, + "aws-native:devicefarm:getInstanceProfile": { + "cf": "AWS::DeviceFarm::InstanceProfile", + "ids": [ + "arn" + ] + }, + "aws-native:devicefarm:getNetworkProfile": { + "cf": "AWS::DeviceFarm::NetworkProfile", + "ids": [ + "arn" + ] + }, + "aws-native:devicefarm:getProject": { + "cf": "AWS::DeviceFarm::Project", + "ids": [ + "arn" + ] + }, + "aws-native:devicefarm:getTestGridProject": { + "cf": "AWS::DeviceFarm::TestGridProject", + "ids": [ + "arn" + ] + }, + "aws-native:devicefarm:getVpceConfiguration": { + "cf": "AWS::DeviceFarm::VPCEConfiguration", + "ids": [ + "arn" + ] + }, + "aws-native:devopsguru:getLogAnomalyDetectionIntegration": { + "cf": "AWS::DevOpsGuru::LogAnomalyDetectionIntegration", + "ids": [ + "accountId" + ] + }, + "aws-native:devopsguru:getNotificationChannel": { + "cf": "AWS::DevOpsGuru::NotificationChannel", + "ids": [ + "id" + ] + }, + "aws-native:devopsguru:getResourceCollection": { + "cf": "AWS::DevOpsGuru::ResourceCollection", + "ids": [ + "resourceCollectionType" + ] + }, + "aws-native:directoryservice:getSimpleAd": { + "cf": "AWS::DirectoryService::SimpleAD", + "ids": [ + "directoryId" + ] + }, + "aws-native:dms:getDataProvider": { + "cf": "AWS::DMS::DataProvider", + "ids": [ + "dataProviderArn" + ] + }, + "aws-native:dms:getInstanceProfile": { + "cf": "AWS::DMS::InstanceProfile", + "ids": [ + "instanceProfileArn" + ] + }, + "aws-native:dms:getMigrationProject": { + "cf": "AWS::DMS::MigrationProject", + "ids": [ + "migrationProjectArn" + ] + }, + "aws-native:dms:getReplicationConfig": { + "cf": "AWS::DMS::ReplicationConfig", + "ids": [ + "replicationConfigArn" + ] + }, + "aws-native:docdbelastic:getCluster": { + "cf": "AWS::DocDBElastic::Cluster", + "ids": [ + "clusterArn" + ] + }, + "aws-native:dynamodb:getGlobalTable": { + "cf": "AWS::DynamoDB::GlobalTable", + "ids": [ + "tableName" + ] + }, + "aws-native:dynamodb:getTable": { + "cf": "AWS::DynamoDB::Table", + "ids": [ + "tableName" + ] + }, + "aws-native:ec2:getCapacityReservation": { + "cf": "AWS::EC2::CapacityReservation", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getCapacityReservationFleet": { + "cf": "AWS::EC2::CapacityReservationFleet", + "ids": [ + "capacityReservationFleetId" + ] + }, + "aws-native:ec2:getCarrierGateway": { + "cf": "AWS::EC2::CarrierGateway", + "ids": [ + "carrierGatewayId" + ] + }, + "aws-native:ec2:getCustomerGateway": { + "cf": "AWS::EC2::CustomerGateway", + "ids": [ + "customerGatewayId" + ] + }, + "aws-native:ec2:getDhcpOptions": { + "cf": "AWS::EC2::DHCPOptions", + "ids": [ + "dhcpOptionsId" + ] + }, + "aws-native:ec2:getEc2Fleet": { + "cf": "AWS::EC2::EC2Fleet", + "ids": [ + "fleetId" + ] + }, + "aws-native:ec2:getEgressOnlyInternetGateway": { + "cf": "AWS::EC2::EgressOnlyInternetGateway", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getEip": { + "cf": "AWS::EC2::EIP", + "ids": [ + "publicIp", + "allocationId" + ] + }, + "aws-native:ec2:getEipAssociation": { + "cf": "AWS::EC2::EIPAssociation", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getEnclaveCertificateIamRoleAssociation": { + "cf": "AWS::EC2::EnclaveCertificateIamRoleAssociation", + "ids": [ + "certificateArn", + "roleArn" + ] + }, + "aws-native:ec2:getFlowLog": { + "cf": "AWS::EC2::FlowLog", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getGatewayRouteTableAssociation": { + "cf": "AWS::EC2::GatewayRouteTableAssociation", + "ids": [ + "gatewayId" + ] + }, + "aws-native:ec2:getHost": { + "cf": "AWS::EC2::Host", + "ids": [ + "hostId" + ] + }, + "aws-native:ec2:getInstance": { + "cf": "AWS::EC2::Instance", + "ids": [ + "instanceId" + ] + }, + "aws-native:ec2:getInstanceConnectEndpoint": { + "cf": "AWS::EC2::InstanceConnectEndpoint", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getInternetGateway": { + "cf": "AWS::EC2::InternetGateway", + "ids": [ + "internetGatewayId" + ] + }, + "aws-native:ec2:getIpam": { + "cf": "AWS::EC2::IPAM", + "ids": [ + "ipamId" + ] + }, + "aws-native:ec2:getIpamAllocation": { + "cf": "AWS::EC2::IPAMAllocation", + "ids": [ + "ipamPoolId", + "ipamPoolAllocationId", + "cidr" + ] + }, + "aws-native:ec2:getIpamPool": { + "cf": "AWS::EC2::IPAMPool", + "ids": [ + "ipamPoolId" + ] + }, + "aws-native:ec2:getIpamPoolCidr": { + "cf": "AWS::EC2::IPAMPoolCidr", + "ids": [ + "ipamPoolId", + "ipamPoolCidrId" + ] + }, + "aws-native:ec2:getIpamResourceDiscovery": { + "cf": "AWS::EC2::IPAMResourceDiscovery", + "ids": [ + "ipamResourceDiscoveryId" + ] + }, + "aws-native:ec2:getIpamResourceDiscoveryAssociation": { + "cf": "AWS::EC2::IPAMResourceDiscoveryAssociation", + "ids": [ + "ipamResourceDiscoveryAssociationId" + ] + }, + "aws-native:ec2:getIpamScope": { + "cf": "AWS::EC2::IPAMScope", + "ids": [ + "ipamScopeId" + ] + }, + "aws-native:ec2:getKeyPair": { + "cf": "AWS::EC2::KeyPair", + "ids": [ + "keyName" + ] + }, + "aws-native:ec2:getLaunchTemplate": { + "cf": "AWS::EC2::LaunchTemplate", + "ids": [ + "launchTemplateId" + ] + }, + "aws-native:ec2:getLocalGatewayRoute": { + "cf": "AWS::EC2::LocalGatewayRoute", + "ids": [ + "destinationCidrBlock", + "localGatewayRouteTableId" + ] + }, + "aws-native:ec2:getLocalGatewayRouteTable": { + "cf": "AWS::EC2::LocalGatewayRouteTable", + "ids": [ + "localGatewayRouteTableId" + ] + }, + "aws-native:ec2:getLocalGatewayRouteTableVirtualInterfaceGroupAssociation": { + "cf": "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation", + "ids": [ + "localGatewayRouteTableVirtualInterfaceGroupAssociationId" + ] + }, + "aws-native:ec2:getLocalGatewayRouteTableVpcAssociation": { + "cf": "AWS::EC2::LocalGatewayRouteTableVPCAssociation", + "ids": [ + "localGatewayRouteTableVpcAssociationId" + ] + }, + "aws-native:ec2:getNatGateway": { + "cf": "AWS::EC2::NatGateway", + "ids": [ + "natGatewayId" + ] + }, + "aws-native:ec2:getNetworkAcl": { + "cf": "AWS::EC2::NetworkAcl", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getNetworkInsightsAccessScope": { + "cf": "AWS::EC2::NetworkInsightsAccessScope", + "ids": [ + "networkInsightsAccessScopeId" + ] + }, + "aws-native:ec2:getNetworkInsightsAccessScopeAnalysis": { + "cf": "AWS::EC2::NetworkInsightsAccessScopeAnalysis", + "ids": [ + "networkInsightsAccessScopeAnalysisId" + ] + }, + "aws-native:ec2:getNetworkInsightsAnalysis": { + "cf": "AWS::EC2::NetworkInsightsAnalysis", + "ids": [ + "networkInsightsAnalysisId" + ] + }, + "aws-native:ec2:getNetworkInsightsPath": { + "cf": "AWS::EC2::NetworkInsightsPath", + "ids": [ + "networkInsightsPathId" + ] + }, + "aws-native:ec2:getNetworkInterface": { + "cf": "AWS::EC2::NetworkInterface", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getNetworkInterfaceAttachment": { + "cf": "AWS::EC2::NetworkInterfaceAttachment", + "ids": [ + "attachmentId" + ] + }, + "aws-native:ec2:getPlacementGroup": { + "cf": "AWS::EC2::PlacementGroup", + "ids": [ + "groupName" + ] + }, + "aws-native:ec2:getPrefixList": { + "cf": "AWS::EC2::PrefixList", + "ids": [ + "prefixListId" + ] + }, + "aws-native:ec2:getRoute": { + "cf": "AWS::EC2::Route", + "ids": [ + "routeTableId", + "cidrBlock" + ] + }, + "aws-native:ec2:getRouteTable": { + "cf": "AWS::EC2::RouteTable", + "ids": [ + "routeTableId" + ] + }, + "aws-native:ec2:getSecurityGroup": { + "cf": "AWS::EC2::SecurityGroup", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getSecurityGroupEgress": { + "cf": "AWS::EC2::SecurityGroupEgress", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getSecurityGroupIngress": { + "cf": "AWS::EC2::SecurityGroupIngress", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getSnapshotBlockPublicAccess": { + "cf": "AWS::EC2::SnapshotBlockPublicAccess", + "ids": [ + "accountId" + ] + }, + "aws-native:ec2:getSpotFleet": { + "cf": "AWS::EC2::SpotFleet", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getSubnet": { + "cf": "AWS::EC2::Subnet", + "ids": [ + "subnetId" + ] + }, + "aws-native:ec2:getSubnetCidrBlock": { + "cf": "AWS::EC2::SubnetCidrBlock", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getSubnetNetworkAclAssociation": { + "cf": "AWS::EC2::SubnetNetworkAclAssociation", + "ids": [ + "associationId" + ] + }, + "aws-native:ec2:getSubnetRouteTableAssociation": { + "cf": "AWS::EC2::SubnetRouteTableAssociation", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getTransitGateway": { + "cf": "AWS::EC2::TransitGateway", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getTransitGatewayAttachment": { + "cf": "AWS::EC2::TransitGatewayAttachment", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getTransitGatewayConnect": { + "cf": "AWS::EC2::TransitGatewayConnect", + "ids": [ + "transitGatewayAttachmentId" + ] + }, + "aws-native:ec2:getTransitGatewayMulticastDomain": { + "cf": "AWS::EC2::TransitGatewayMulticastDomain", + "ids": [ + "transitGatewayMulticastDomainId" + ] + }, + "aws-native:ec2:getTransitGatewayMulticastDomainAssociation": { + "cf": "AWS::EC2::TransitGatewayMulticastDomainAssociation", + "ids": [ + "transitGatewayMulticastDomainId", + "transitGatewayAttachmentId", + "subnetId" + ] + }, + "aws-native:ec2:getTransitGatewayMulticastGroupMember": { + "cf": "AWS::EC2::TransitGatewayMulticastGroupMember", + "ids": [ + "transitGatewayMulticastDomainId", + "groupIpAddress", + "networkInterfaceId" + ] + }, + "aws-native:ec2:getTransitGatewayMulticastGroupSource": { + "cf": "AWS::EC2::TransitGatewayMulticastGroupSource", + "ids": [ + "transitGatewayMulticastDomainId", + "groupIpAddress", + "networkInterfaceId" + ] + }, + "aws-native:ec2:getTransitGatewayPeeringAttachment": { + "cf": "AWS::EC2::TransitGatewayPeeringAttachment", + "ids": [ + "transitGatewayAttachmentId" + ] + }, + "aws-native:ec2:getTransitGatewayRouteTable": { + "cf": "AWS::EC2::TransitGatewayRouteTable", + "ids": [ + "transitGatewayRouteTableId" + ] + }, + "aws-native:ec2:getTransitGatewayVpcAttachment": { + "cf": "AWS::EC2::TransitGatewayVpcAttachment", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getVerifiedAccessEndpoint": { + "cf": "AWS::EC2::VerifiedAccessEndpoint", + "ids": [ + "verifiedAccessEndpointId" + ] + }, + "aws-native:ec2:getVerifiedAccessGroup": { + "cf": "AWS::EC2::VerifiedAccessGroup", + "ids": [ + "verifiedAccessGroupId" + ] + }, + "aws-native:ec2:getVerifiedAccessInstance": { + "cf": "AWS::EC2::VerifiedAccessInstance", + "ids": [ + "verifiedAccessInstanceId" + ] + }, + "aws-native:ec2:getVerifiedAccessTrustProvider": { + "cf": "AWS::EC2::VerifiedAccessTrustProvider", + "ids": [ + "verifiedAccessTrustProviderId" + ] + }, + "aws-native:ec2:getVolume": { + "cf": "AWS::EC2::Volume", + "ids": [ + "volumeId" + ] + }, + "aws-native:ec2:getVpc": { + "cf": "AWS::EC2::VPC", + "ids": [ + "vpcId" + ] + }, + "aws-native:ec2:getVpcCidrBlock": { + "cf": "AWS::EC2::VPCCidrBlock", + "ids": [ + "id", + "vpcId" + ] + }, + "aws-native:ec2:getVpcEndpoint": { + "cf": "AWS::EC2::VPCEndpoint", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getVpcEndpointConnectionNotification": { + "cf": "AWS::EC2::VPCEndpointConnectionNotification", + "ids": [ + "vpcEndpointConnectionNotificationId" + ] + }, + "aws-native:ec2:getVpcEndpointService": { + "cf": "AWS::EC2::VPCEndpointService", + "ids": [ + "serviceId" + ] + }, + "aws-native:ec2:getVpcEndpointServicePermissions": { + "cf": "AWS::EC2::VPCEndpointServicePermissions", + "ids": [ + "serviceId" + ] + }, + "aws-native:ec2:getVpcGatewayAttachment": { + "cf": "AWS::EC2::VPCGatewayAttachment", + "ids": [ + "attachmentType", + "vpcId" + ] + }, + "aws-native:ec2:getVpcPeeringConnection": { + "cf": "AWS::EC2::VPCPeeringConnection", + "ids": [ + "id" + ] + }, + "aws-native:ec2:getVpnConnection": { + "cf": "AWS::EC2::VPNConnection", + "ids": [ + "vpnConnectionId" + ] + }, + "aws-native:ec2:getVpnGateway": { + "cf": "AWS::EC2::VPNGateway", + "ids": [ + "vpnGatewayId" + ] + }, + "aws-native:ecr:getRegistryPolicy": { + "cf": "AWS::ECR::RegistryPolicy", + "ids": [ + "registryId" + ] + }, + "aws-native:ecr:getReplicationConfiguration": { + "cf": "AWS::ECR::ReplicationConfiguration", + "ids": [ + "registryId" + ] + }, + "aws-native:ecr:getRepository": { + "cf": "AWS::ECR::Repository", + "ids": [ + "repositoryName" + ] + }, + "aws-native:ecr:getRepositoryCreationTemplate": { + "cf": "AWS::ECR::RepositoryCreationTemplate", + "ids": [ + "prefix" + ] + }, + "aws-native:ecs:getCapacityProvider": { + "cf": "AWS::ECS::CapacityProvider", + "ids": [ + "name" + ] + }, + "aws-native:ecs:getCluster": { + "cf": "AWS::ECS::Cluster", + "ids": [ + "clusterName" + ] + }, + "aws-native:ecs:getClusterCapacityProviderAssociations": { + "cf": "AWS::ECS::ClusterCapacityProviderAssociations", + "ids": [ + "cluster" + ] + }, + "aws-native:ecs:getPrimaryTaskSet": { + "cf": "AWS::ECS::PrimaryTaskSet", + "ids": [ + "cluster", + "service" + ] + }, + "aws-native:ecs:getService": { + "cf": "AWS::ECS::Service", + "ids": [ + "serviceArn", + "cluster" + ] + }, + "aws-native:ecs:getTaskDefinition": { + "cf": "AWS::ECS::TaskDefinition", + "ids": [ + "taskDefinitionArn" + ] + }, + "aws-native:ecs:getTaskSet": { + "cf": "AWS::ECS::TaskSet", + "ids": [ + "cluster", + "service", + "id" + ] + }, + "aws-native:efs:getAccessPoint": { + "cf": "AWS::EFS::AccessPoint", + "ids": [ + "accessPointId" + ] + }, + "aws-native:efs:getFileSystem": { + "cf": "AWS::EFS::FileSystem", + "ids": [ + "fileSystemId" + ] + }, + "aws-native:efs:getMountTarget": { + "cf": "AWS::EFS::MountTarget", + "ids": [ + "id" + ] + }, + "aws-native:eks:getAccessEntry": { + "cf": "AWS::EKS::AccessEntry", + "ids": [ + "principalArn", + "clusterName" + ] + }, + "aws-native:eks:getAddon": { + "cf": "AWS::EKS::Addon", + "ids": [ + "clusterName", + "addonName" + ] + }, + "aws-native:eks:getCluster": { + "cf": "AWS::EKS::Cluster", + "ids": [ + "name" + ] + }, + "aws-native:eks:getFargateProfile": { + "cf": "AWS::EKS::FargateProfile", + "ids": [ + "clusterName", + "fargateProfileName" + ] + }, + "aws-native:eks:getIdentityProviderConfig": { + "cf": "AWS::EKS::IdentityProviderConfig", + "ids": [ + "identityProviderConfigName", + "clusterName", + "type" + ] + }, + "aws-native:eks:getNodegroup": { + "cf": "AWS::EKS::Nodegroup", + "ids": [ + "id" + ] + }, + "aws-native:eks:getPodIdentityAssociation": { + "cf": "AWS::EKS::PodIdentityAssociation", + "ids": [ + "associationArn" + ] + }, + "aws-native:elasticache:getGlobalReplicationGroup": { + "cf": "AWS::ElastiCache::GlobalReplicationGroup", + "ids": [ + "globalReplicationGroupId" + ] + }, + "aws-native:elasticache:getParameterGroup": { + "cf": "AWS::ElastiCache::ParameterGroup", + "ids": [ + "cacheParameterGroupName" + ] + }, + "aws-native:elasticache:getServerlessCache": { + "cf": "AWS::ElastiCache::ServerlessCache", + "ids": [ + "serverlessCacheName" + ] + }, + "aws-native:elasticache:getSubnetGroup": { + "cf": "AWS::ElastiCache::SubnetGroup", + "ids": [ + "cacheSubnetGroupName" + ] + }, + "aws-native:elasticache:getUser": { + "cf": "AWS::ElastiCache::User", + "ids": [ + "userId" + ] + }, + "aws-native:elasticache:getUserGroup": { + "cf": "AWS::ElastiCache::UserGroup", + "ids": [ + "userGroupId" + ] + }, + "aws-native:elasticbeanstalk:getApplication": { + "cf": "AWS::ElasticBeanstalk::Application", + "ids": [ + "applicationName" + ] + }, + "aws-native:elasticbeanstalk:getApplicationVersion": { + "cf": "AWS::ElasticBeanstalk::ApplicationVersion", + "ids": [ + "applicationName", + "id" + ] + }, + "aws-native:elasticbeanstalk:getConfigurationTemplate": { + "cf": "AWS::ElasticBeanstalk::ConfigurationTemplate", + "ids": [ + "applicationName", + "templateName" + ] + }, + "aws-native:elasticbeanstalk:getEnvironment": { + "cf": "AWS::ElasticBeanstalk::Environment", + "ids": [ + "environmentName" + ] + }, + "aws-native:elasticloadbalancingv2:getListener": { + "cf": "AWS::ElasticLoadBalancingV2::Listener", + "ids": [ + "listenerArn" + ] + }, + "aws-native:elasticloadbalancingv2:getListenerRule": { + "cf": "AWS::ElasticLoadBalancingV2::ListenerRule", + "ids": [ + "ruleArn" + ] + }, + "aws-native:elasticloadbalancingv2:getLoadBalancer": { + "cf": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "ids": [ + "loadBalancerArn" + ] + }, + "aws-native:elasticloadbalancingv2:getTargetGroup": { + "cf": "AWS::ElasticLoadBalancingV2::TargetGroup", + "ids": [ + "targetGroupArn" + ] + }, + "aws-native:elasticloadbalancingv2:getTrustStore": { + "cf": "AWS::ElasticLoadBalancingV2::TrustStore", + "ids": [ + "trustStoreArn" + ] + }, + "aws-native:elasticloadbalancingv2:getTrustStoreRevocation": { + "cf": "AWS::ElasticLoadBalancingV2::TrustStoreRevocation", + "ids": [ + "revocationId", + "trustStoreArn" + ] + }, + "aws-native:emr:getStudio": { + "cf": "AWS::EMR::Studio", + "ids": [ + "studioId" + ] + }, + "aws-native:emr:getStudioSessionMapping": { + "cf": "AWS::EMR::StudioSessionMapping", + "ids": [ + "studioId", + "identityType", + "identityName" + ] + }, + "aws-native:emr:getWalWorkspace": { + "cf": "AWS::EMR::WALWorkspace", + "ids": [ + "walWorkspaceName" + ] + }, + "aws-native:emrcontainers:getVirtualCluster": { + "cf": "AWS::EMRContainers::VirtualCluster", + "ids": [ + "id" + ] + }, + "aws-native:emrserverless:getApplication": { + "cf": "AWS::EMRServerless::Application", + "ids": [ + "applicationId" + ] + }, + "aws-native:entityresolution:getIdMappingWorkflow": { + "cf": "AWS::EntityResolution::IdMappingWorkflow", + "ids": [ + "workflowName" + ] + }, + "aws-native:entityresolution:getIdNamespace": { + "cf": "AWS::EntityResolution::IdNamespace", + "ids": [ + "idNamespaceName" + ] + }, + "aws-native:entityresolution:getMatchingWorkflow": { + "cf": "AWS::EntityResolution::MatchingWorkflow", + "ids": [ + "workflowName" + ] + }, + "aws-native:entityresolution:getPolicyStatement": { + "cf": "AWS::EntityResolution::PolicyStatement", + "ids": [ + "arn", + "statementId" + ] + }, + "aws-native:entityresolution:getSchemaMapping": { + "cf": "AWS::EntityResolution::SchemaMapping", + "ids": [ + "schemaName" + ] + }, + "aws-native:events:getApiDestination": { + "cf": "AWS::Events::ApiDestination", + "ids": [ + "name" + ] + }, + "aws-native:events:getArchive": { + "cf": "AWS::Events::Archive", + "ids": [ + "archiveName" + ] + }, + "aws-native:events:getConnection": { + "cf": "AWS::Events::Connection", + "ids": [ + "name" + ] + }, + "aws-native:events:getEndpoint": { + "cf": "AWS::Events::Endpoint", + "ids": [ + "name" + ] + }, + "aws-native:events:getEventBus": { + "cf": "AWS::Events::EventBus", + "ids": [ + "name" + ] + }, + "aws-native:events:getRule": { + "cf": "AWS::Events::Rule", + "ids": [ + "arn" + ] + }, + "aws-native:eventschemas:getDiscoverer": { + "cf": "AWS::EventSchemas::Discoverer", + "ids": [ + "discovererArn" + ] + }, + "aws-native:eventschemas:getRegistry": { + "cf": "AWS::EventSchemas::Registry", + "ids": [ + "registryArn" + ] + }, + "aws-native:eventschemas:getRegistryPolicy": { + "cf": "AWS::EventSchemas::RegistryPolicy", + "ids": [ + "id" + ] + }, + "aws-native:eventschemas:getSchema": { + "cf": "AWS::EventSchemas::Schema", + "ids": [ + "schemaArn" + ] + }, + "aws-native:evidently:getExperiment": { + "cf": "AWS::Evidently::Experiment", + "ids": [ + "arn" + ] + }, + "aws-native:evidently:getFeature": { + "cf": "AWS::Evidently::Feature", + "ids": [ + "arn" + ] + }, + "aws-native:evidently:getLaunch": { + "cf": "AWS::Evidently::Launch", + "ids": [ + "arn" + ] + }, + "aws-native:evidently:getProject": { + "cf": "AWS::Evidently::Project", + "ids": [ + "arn" + ] + }, + "aws-native:evidently:getSegment": { + "cf": "AWS::Evidently::Segment", + "ids": [ + "arn" + ] + }, + "aws-native:finspace:getEnvironment": { + "cf": "AWS::FinSpace::Environment", + "ids": [ + "environmentId" + ] + }, + "aws-native:fis:getExperimentTemplate": { + "cf": "AWS::FIS::ExperimentTemplate", + "ids": [ + "id" + ] + }, + "aws-native:fis:getTargetAccountConfiguration": { + "cf": "AWS::FIS::TargetAccountConfiguration", + "ids": [ + "experimentTemplateId", + "accountId" + ] + }, + "aws-native:fms:getNotificationChannel": { + "cf": "AWS::FMS::NotificationChannel", + "ids": [ + "snsTopicArn" + ] + }, + "aws-native:fms:getPolicy": { + "cf": "AWS::FMS::Policy", + "ids": [ + "id" + ] + }, + "aws-native:fms:getResourceSet": { + "cf": "AWS::FMS::ResourceSet", + "ids": [ + "id" + ] + }, + "aws-native:forecast:getDataset": { + "cf": "AWS::Forecast::Dataset", + "ids": [ + "arn" + ] + }, + "aws-native:forecast:getDatasetGroup": { + "cf": "AWS::Forecast::DatasetGroup", + "ids": [ + "datasetGroupArn" + ] + }, + "aws-native:frauddetector:getDetector": { + "cf": "AWS::FraudDetector::Detector", + "ids": [ + "arn" + ] + }, + "aws-native:frauddetector:getEntityType": { + "cf": "AWS::FraudDetector::EntityType", + "ids": [ + "arn" + ] + }, + "aws-native:frauddetector:getEventType": { + "cf": "AWS::FraudDetector::EventType", + "ids": [ + "arn" + ] + }, + "aws-native:frauddetector:getLabel": { + "cf": "AWS::FraudDetector::Label", + "ids": [ + "arn" + ] + }, + "aws-native:frauddetector:getList": { + "cf": "AWS::FraudDetector::List", + "ids": [ + "arn" + ] + }, + "aws-native:frauddetector:getOutcome": { + "cf": "AWS::FraudDetector::Outcome", + "ids": [ + "arn" + ] + }, + "aws-native:frauddetector:getVariable": { + "cf": "AWS::FraudDetector::Variable", + "ids": [ + "arn" + ] + }, + "aws-native:fsx:getDataRepositoryAssociation": { + "cf": "AWS::FSx::DataRepositoryAssociation", + "ids": [ + "associationId" + ] + }, + "aws-native:gamelift:getAlias": { + "cf": "AWS::GameLift::Alias", + "ids": [ + "aliasId" + ] + }, + "aws-native:gamelift:getBuild": { + "cf": "AWS::GameLift::Build", + "ids": [ + "buildId" + ] + }, + "aws-native:gamelift:getContainerGroupDefinition": { + "cf": "AWS::GameLift::ContainerGroupDefinition", + "ids": [ + "name" + ] + }, + "aws-native:gamelift:getFleet": { + "cf": "AWS::GameLift::Fleet", + "ids": [ + "fleetId" + ] + }, + "aws-native:gamelift:getGameServerGroup": { + "cf": "AWS::GameLift::GameServerGroup", + "ids": [ + "gameServerGroupArn" + ] + }, + "aws-native:gamelift:getGameSessionQueue": { + "cf": "AWS::GameLift::GameSessionQueue", + "ids": [ + "name" + ] + }, + "aws-native:gamelift:getLocation": { + "cf": "AWS::GameLift::Location", + "ids": [ + "locationName" + ] + }, + "aws-native:gamelift:getMatchmakingConfiguration": { + "cf": "AWS::GameLift::MatchmakingConfiguration", + "ids": [ + "name" + ] + }, + "aws-native:gamelift:getMatchmakingRuleSet": { + "cf": "AWS::GameLift::MatchmakingRuleSet", + "ids": [ + "name" + ] + }, + "aws-native:gamelift:getScript": { + "cf": "AWS::GameLift::Script", + "ids": [ + "id" + ] + }, + "aws-native:globalaccelerator:getAccelerator": { + "cf": "AWS::GlobalAccelerator::Accelerator", + "ids": [ + "acceleratorArn" + ] + }, + "aws-native:globalaccelerator:getCrossAccountAttachment": { + "cf": "AWS::GlobalAccelerator::CrossAccountAttachment", + "ids": [ + "attachmentArn" + ] + }, + "aws-native:globalaccelerator:getEndpointGroup": { + "cf": "AWS::GlobalAccelerator::EndpointGroup", + "ids": [ + "endpointGroupArn" + ] + }, + "aws-native:globalaccelerator:getListener": { + "cf": "AWS::GlobalAccelerator::Listener", + "ids": [ + "listenerArn" + ] + }, + "aws-native:glue:getRegistry": { + "cf": "AWS::Glue::Registry", + "ids": [ + "arn" + ] + }, + "aws-native:glue:getSchema": { + "cf": "AWS::Glue::Schema", + "ids": [ + "arn" + ] + }, + "aws-native:glue:getSchemaVersion": { + "cf": "AWS::Glue::SchemaVersion", + "ids": [ + "versionId" + ] + }, + "aws-native:glue:getTrigger": { + "cf": "AWS::Glue::Trigger", + "ids": [ + "name" + ] + }, + "aws-native:grafana:getWorkspace": { + "cf": "AWS::Grafana::Workspace", + "ids": [ + "id" + ] + }, + "aws-native:greengrassv2:getComponentVersion": { + "cf": "AWS::GreengrassV2::ComponentVersion", + "ids": [ + "arn" + ] + }, + "aws-native:greengrassv2:getDeployment": { + "cf": "AWS::GreengrassV2::Deployment", + "ids": [ + "deploymentId" + ] + }, + "aws-native:groundstation:getConfig": { + "cf": "AWS::GroundStation::Config", + "ids": [ + "arn" + ] + }, + "aws-native:groundstation:getDataflowEndpointGroup": { + "cf": "AWS::GroundStation::DataflowEndpointGroup", + "ids": [ + "id" + ] + }, + "aws-native:groundstation:getMissionProfile": { + "cf": "AWS::GroundStation::MissionProfile", + "ids": [ + "id", + "arn" + ] + }, + "aws-native:guardduty:getDetector": { + "cf": "AWS::GuardDuty::Detector", + "ids": [ + "id" + ] + }, + "aws-native:guardduty:getFilter": { + "cf": "AWS::GuardDuty::Filter", + "ids": [ + "detectorId", + "name" + ] + }, + "aws-native:guardduty:getIpSet": { + "cf": "AWS::GuardDuty::IPSet", + "ids": [ + "id", + "detectorId" + ] + }, + "aws-native:guardduty:getMalwareProtectionPlan": { + "cf": "AWS::GuardDuty::MalwareProtectionPlan", + "ids": [ + "malwareProtectionPlanId" + ] + }, + "aws-native:guardduty:getMember": { + "cf": "AWS::GuardDuty::Member", + "ids": [ + "detectorId", + "memberId" + ] + }, + "aws-native:guardduty:getThreatIntelSet": { + "cf": "AWS::GuardDuty::ThreatIntelSet", + "ids": [ + "id", + "detectorId" + ] + }, + "aws-native:healthimaging:getDatastore": { + "cf": "AWS::HealthImaging::Datastore", + "ids": [ + "datastoreId" + ] + }, + "aws-native:healthlake:getFhirDatastore": { + "cf": "AWS::HealthLake::FHIRDatastore", + "ids": [ + "datastoreId" + ] + }, + "aws-native:iam:getGroup": { + "cf": "AWS::IAM::Group", + "ids": [ + "groupName" + ] + }, + "aws-native:iam:getGroupPolicy": { + "cf": "AWS::IAM::GroupPolicy", + "ids": [ + "policyName", + "groupName" + ] + }, + "aws-native:iam:getInstanceProfile": { + "cf": "AWS::IAM::InstanceProfile", + "ids": [ + "instanceProfileName" + ] + }, + "aws-native:iam:getManagedPolicy": { + "cf": "AWS::IAM::ManagedPolicy", + "ids": [ + "policyArn" + ] + }, + "aws-native:iam:getOidcProvider": { + "cf": "AWS::IAM::OIDCProvider", + "ids": [ + "arn" + ] + }, + "aws-native:iam:getRole": { + "cf": "AWS::IAM::Role", + "ids": [ + "roleName" + ] + }, + "aws-native:iam:getRolePolicy": { + "cf": "AWS::IAM::RolePolicy", + "ids": [ + "policyName", + "roleName" + ] + }, + "aws-native:iam:getSamlProvider": { + "cf": "AWS::IAM::SAMLProvider", + "ids": [ + "arn" + ] + }, + "aws-native:iam:getServerCertificate": { + "cf": "AWS::IAM::ServerCertificate", + "ids": [ + "serverCertificateName" + ] + }, + "aws-native:iam:getServiceLinkedRole": { + "cf": "AWS::IAM::ServiceLinkedRole", + "ids": [ + "roleName" + ] + }, + "aws-native:iam:getUser": { + "cf": "AWS::IAM::User", + "ids": [ + "userName" + ] + }, + "aws-native:iam:getUserPolicy": { + "cf": "AWS::IAM::UserPolicy", + "ids": [ + "policyName", + "userName" + ] + }, + "aws-native:iam:getVirtualMfaDevice": { + "cf": "AWS::IAM::VirtualMFADevice", + "ids": [ + "serialNumber" + ] + }, + "aws-native:identitystore:getGroup": { + "cf": "AWS::IdentityStore::Group", + "ids": [ + "groupId", + "identityStoreId" + ] + }, + "aws-native:identitystore:getGroupMembership": { + "cf": "AWS::IdentityStore::GroupMembership", + "ids": [ + "membershipId", + "identityStoreId" + ] + }, + "aws-native:imagebuilder:getComponent": { + "cf": "AWS::ImageBuilder::Component", + "ids": [ + "arn" + ] + }, + "aws-native:imagebuilder:getContainerRecipe": { + "cf": "AWS::ImageBuilder::ContainerRecipe", + "ids": [ + "arn" + ] + }, + "aws-native:imagebuilder:getDistributionConfiguration": { + "cf": "AWS::ImageBuilder::DistributionConfiguration", + "ids": [ + "arn" + ] + }, + "aws-native:imagebuilder:getImage": { + "cf": "AWS::ImageBuilder::Image", + "ids": [ + "arn" + ] + }, + "aws-native:imagebuilder:getImagePipeline": { + "cf": "AWS::ImageBuilder::ImagePipeline", + "ids": [ + "arn" + ] + }, + "aws-native:imagebuilder:getImageRecipe": { + "cf": "AWS::ImageBuilder::ImageRecipe", + "ids": [ + "arn" + ] + }, + "aws-native:imagebuilder:getInfrastructureConfiguration": { + "cf": "AWS::ImageBuilder::InfrastructureConfiguration", + "ids": [ + "arn" + ] + }, + "aws-native:imagebuilder:getLifecyclePolicy": { + "cf": "AWS::ImageBuilder::LifecyclePolicy", + "ids": [ + "arn" + ] + }, + "aws-native:imagebuilder:getWorkflow": { + "cf": "AWS::ImageBuilder::Workflow", + "ids": [ + "arn" + ] + }, + "aws-native:inspector:getAssessmentTarget": { + "cf": "AWS::Inspector::AssessmentTarget", + "ids": [ + "arn" + ] + }, + "aws-native:inspector:getAssessmentTemplate": { + "cf": "AWS::Inspector::AssessmentTemplate", + "ids": [ + "arn" + ] + }, + "aws-native:inspector:getResourceGroup": { + "cf": "AWS::Inspector::ResourceGroup", + "ids": [ + "arn" + ] + }, + "aws-native:inspectorv2:getCisScanConfiguration": { + "cf": "AWS::InspectorV2::CisScanConfiguration", + "ids": [ + "arn" + ] + }, + "aws-native:inspectorv2:getFilter": { + "cf": "AWS::InspectorV2::Filter", + "ids": [ + "arn" + ] + }, + "aws-native:internetmonitor:getMonitor": { + "cf": "AWS::InternetMonitor::Monitor", + "ids": [ + "monitorName" + ] + }, + "aws-native:iot:getAccountAuditConfiguration": { + "cf": "AWS::IoT::AccountAuditConfiguration", + "ids": [ + "accountId" + ] + }, + "aws-native:iot:getAuthorizer": { + "cf": "AWS::IoT::Authorizer", + "ids": [ + "authorizerName" + ] + }, + "aws-native:iot:getBillingGroup": { + "cf": "AWS::IoT::BillingGroup", + "ids": [ + "billingGroupName" + ] + }, + "aws-native:iot:getCaCertificate": { + "cf": "AWS::IoT::CACertificate", + "ids": [ + "id" + ] + }, + "aws-native:iot:getCertificate": { + "cf": "AWS::IoT::Certificate", + "ids": [ + "id" + ] + }, + "aws-native:iot:getCertificateProvider": { + "cf": "AWS::IoT::CertificateProvider", + "ids": [ + "certificateProviderName" + ] + }, + "aws-native:iot:getCustomMetric": { + "cf": "AWS::IoT::CustomMetric", + "ids": [ + "metricName" + ] + }, + "aws-native:iot:getDimension": { + "cf": "AWS::IoT::Dimension", + "ids": [ + "name" + ] + }, + "aws-native:iot:getDomainConfiguration": { + "cf": "AWS::IoT::DomainConfiguration", + "ids": [ + "domainConfigurationName" + ] + }, + "aws-native:iot:getFleetMetric": { + "cf": "AWS::IoT::FleetMetric", + "ids": [ + "metricName" + ] + }, + "aws-native:iot:getJobTemplate": { + "cf": "AWS::IoT::JobTemplate", + "ids": [ + "jobTemplateId" + ] + }, + "aws-native:iot:getLogging": { + "cf": "AWS::IoT::Logging", + "ids": [ + "accountId" + ] + }, + "aws-native:iot:getMitigationAction": { + "cf": "AWS::IoT::MitigationAction", + "ids": [ + "actionName" + ] + }, + "aws-native:iot:getPolicy": { + "cf": "AWS::IoT::Policy", + "ids": [ + "id" + ] + }, + "aws-native:iot:getProvisioningTemplate": { + "cf": "AWS::IoT::ProvisioningTemplate", + "ids": [ + "templateName" + ] + }, + "aws-native:iot:getResourceSpecificLogging": { + "cf": "AWS::IoT::ResourceSpecificLogging", + "ids": [ + "targetId" + ] + }, + "aws-native:iot:getRoleAlias": { + "cf": "AWS::IoT::RoleAlias", + "ids": [ + "roleAlias" + ] + }, + "aws-native:iot:getScheduledAudit": { + "cf": "AWS::IoT::ScheduledAudit", + "ids": [ + "scheduledAuditName" + ] + }, + "aws-native:iot:getSecurityProfile": { + "cf": "AWS::IoT::SecurityProfile", + "ids": [ + "securityProfileName" + ] + }, + "aws-native:iot:getSoftwarePackage": { + "cf": "AWS::IoT::SoftwarePackage", + "ids": [ + "packageName" + ] + }, + "aws-native:iot:getSoftwarePackageVersion": { + "cf": "AWS::IoT::SoftwarePackageVersion", + "ids": [ + "packageName", + "versionName" + ] + }, + "aws-native:iot:getThing": { + "cf": "AWS::IoT::Thing", + "ids": [ + "thingName" + ] + }, + "aws-native:iot:getThingGroup": { + "cf": "AWS::IoT::ThingGroup", + "ids": [ + "thingGroupName" + ] + }, + "aws-native:iot:getThingType": { + "cf": "AWS::IoT::ThingType", + "ids": [ + "thingTypeName" + ] + }, + "aws-native:iot:getTopicRule": { + "cf": "AWS::IoT::TopicRule", + "ids": [ + "ruleName" + ] + }, + "aws-native:iot:getTopicRuleDestination": { + "cf": "AWS::IoT::TopicRuleDestination", + "ids": [ + "arn" + ] + }, + "aws-native:iotanalytics:getChannel": { + "cf": "AWS::IoTAnalytics::Channel", + "ids": [ + "channelName" + ] + }, + "aws-native:iotanalytics:getDataset": { + "cf": "AWS::IoTAnalytics::Dataset", + "ids": [ + "datasetName" + ] + }, + "aws-native:iotanalytics:getDatastore": { + "cf": "AWS::IoTAnalytics::Datastore", + "ids": [ + "datastoreName" + ] + }, + "aws-native:iotanalytics:getPipeline": { + "cf": "AWS::IoTAnalytics::Pipeline", + "ids": [ + "pipelineName" + ] + }, + "aws-native:iotcoredeviceadvisor:getSuiteDefinition": { + "cf": "AWS::IoTCoreDeviceAdvisor::SuiteDefinition", + "ids": [ + "suiteDefinitionId" + ] + }, + "aws-native:iotevents:getAlarmModel": { + "cf": "AWS::IoTEvents::AlarmModel", + "ids": [ + "alarmModelName" + ] + }, + "aws-native:iotevents:getDetectorModel": { + "cf": "AWS::IoTEvents::DetectorModel", + "ids": [ + "detectorModelName" + ] + }, + "aws-native:iotevents:getInput": { + "cf": "AWS::IoTEvents::Input", + "ids": [ + "inputName" + ] + }, + "aws-native:iotfleethub:getApplication": { + "cf": "AWS::IoTFleetHub::Application", + "ids": [ + "applicationId" + ] + }, + "aws-native:iotsitewise:getAccessPolicy": { + "cf": "AWS::IoTSiteWise::AccessPolicy", + "ids": [ + "accessPolicyId" + ] + }, + "aws-native:iotsitewise:getAsset": { + "cf": "AWS::IoTSiteWise::Asset", + "ids": [ + "assetId" + ] + }, + "aws-native:iotsitewise:getAssetModel": { + "cf": "AWS::IoTSiteWise::AssetModel", + "ids": [ + "assetModelId" + ] + }, + "aws-native:iotsitewise:getDashboard": { + "cf": "AWS::IoTSiteWise::Dashboard", + "ids": [ + "dashboardId" + ] + }, + "aws-native:iotsitewise:getGateway": { + "cf": "AWS::IoTSiteWise::Gateway", + "ids": [ + "gatewayId" + ] + }, + "aws-native:iotsitewise:getPortal": { + "cf": "AWS::IoTSiteWise::Portal", + "ids": [ + "portalId" + ] + }, + "aws-native:iotsitewise:getProject": { + "cf": "AWS::IoTSiteWise::Project", + "ids": [ + "projectId" + ] + }, + "aws-native:iottwinmaker:getComponentType": { + "cf": "AWS::IoTTwinMaker::ComponentType", + "ids": [ + "workspaceId", + "componentTypeId" + ] + }, + "aws-native:iottwinmaker:getEntity": { + "cf": "AWS::IoTTwinMaker::Entity", + "ids": [ + "workspaceId", + "entityId" + ] + }, + "aws-native:iottwinmaker:getScene": { + "cf": "AWS::IoTTwinMaker::Scene", + "ids": [ + "workspaceId", + "sceneId" + ] + }, + "aws-native:iottwinmaker:getSyncJob": { + "cf": "AWS::IoTTwinMaker::SyncJob", + "ids": [ + "workspaceId", + "syncSource" + ] + }, + "aws-native:iottwinmaker:getWorkspace": { + "cf": "AWS::IoTTwinMaker::Workspace", + "ids": [ + "workspaceId" + ] + }, + "aws-native:iotwireless:getDestination": { + "cf": "AWS::IoTWireless::Destination", + "ids": [ + "name" + ] + }, + "aws-native:iotwireless:getDeviceProfile": { + "cf": "AWS::IoTWireless::DeviceProfile", + "ids": [ + "id" + ] + }, + "aws-native:iotwireless:getFuotaTask": { + "cf": "AWS::IoTWireless::FuotaTask", + "ids": [ + "id" + ] + }, + "aws-native:iotwireless:getMulticastGroup": { + "cf": "AWS::IoTWireless::MulticastGroup", + "ids": [ + "id" + ] + }, + "aws-native:iotwireless:getNetworkAnalyzerConfiguration": { + "cf": "AWS::IoTWireless::NetworkAnalyzerConfiguration", + "ids": [ + "name" + ] + }, + "aws-native:iotwireless:getServiceProfile": { + "cf": "AWS::IoTWireless::ServiceProfile", + "ids": [ + "id" + ] + }, + "aws-native:iotwireless:getTaskDefinition": { + "cf": "AWS::IoTWireless::TaskDefinition", + "ids": [ + "id" + ] + }, + "aws-native:iotwireless:getWirelessDevice": { + "cf": "AWS::IoTWireless::WirelessDevice", + "ids": [ + "id" + ] + }, + "aws-native:iotwireless:getWirelessGateway": { + "cf": "AWS::IoTWireless::WirelessGateway", + "ids": [ + "id" + ] + }, + "aws-native:ivs:getChannel": { + "cf": "AWS::IVS::Channel", + "ids": [ + "arn" + ] + }, + "aws-native:ivs:getEncoderConfiguration": { + "cf": "AWS::IVS::EncoderConfiguration", + "ids": [ + "arn" + ] + }, + "aws-native:ivs:getPlaybackKeyPair": { + "cf": "AWS::IVS::PlaybackKeyPair", + "ids": [ + "arn" + ] + }, + "aws-native:ivs:getPlaybackRestrictionPolicy": { + "cf": "AWS::IVS::PlaybackRestrictionPolicy", + "ids": [ + "arn" + ] + }, + "aws-native:ivs:getRecordingConfiguration": { + "cf": "AWS::IVS::RecordingConfiguration", + "ids": [ + "arn" + ] + }, + "aws-native:ivs:getStage": { + "cf": "AWS::IVS::Stage", + "ids": [ + "arn" + ] + }, + "aws-native:ivs:getStorageConfiguration": { + "cf": "AWS::IVS::StorageConfiguration", + "ids": [ + "arn" + ] + }, + "aws-native:ivs:getStreamKey": { + "cf": "AWS::IVS::StreamKey", + "ids": [ + "arn" + ] + }, + "aws-native:ivschat:getLoggingConfiguration": { + "cf": "AWS::IVSChat::LoggingConfiguration", + "ids": [ + "arn" + ] + }, + "aws-native:ivschat:getRoom": { + "cf": "AWS::IVSChat::Room", + "ids": [ + "arn" + ] + }, + "aws-native:kafkaconnect:getConnector": { + "cf": "AWS::KafkaConnect::Connector", + "ids": [ + "connectorArn" + ] + }, + "aws-native:kafkaconnect:getCustomPlugin": { + "cf": "AWS::KafkaConnect::CustomPlugin", + "ids": [ + "customPluginArn" + ] + }, + "aws-native:kafkaconnect:getWorkerConfiguration": { + "cf": "AWS::KafkaConnect::WorkerConfiguration", + "ids": [ + "workerConfigurationArn" + ] + }, + "aws-native:kendra:getDataSource": { + "cf": "AWS::Kendra::DataSource", + "ids": [ + "id", + "indexId" + ] + }, + "aws-native:kendra:getFaq": { + "cf": "AWS::Kendra::Faq", + "ids": [ + "id", + "indexId" + ] + }, + "aws-native:kendra:getIndex": { + "cf": "AWS::Kendra::Index", + "ids": [ + "id" + ] + }, + "aws-native:kendraranking:getExecutionPlan": { + "cf": "AWS::KendraRanking::ExecutionPlan", + "ids": [ + "id" + ] + }, + "aws-native:kinesis:getStream": { + "cf": "AWS::Kinesis::Stream", + "ids": [ + "name" + ] + }, + "aws-native:kinesisanalyticsv2:getApplication": { + "cf": "AWS::KinesisAnalyticsV2::Application", + "ids": [ + "applicationName" + ] + }, + "aws-native:kinesisfirehose:getDeliveryStream": { + "cf": "AWS::KinesisFirehose::DeliveryStream", + "ids": [ + "deliveryStreamName" + ] + }, + "aws-native:kinesisvideo:getSignalingChannel": { + "cf": "AWS::KinesisVideo::SignalingChannel", + "ids": [ + "name" + ] + }, + "aws-native:kinesisvideo:getStream": { + "cf": "AWS::KinesisVideo::Stream", + "ids": [ + "name" + ] + }, + "aws-native:kms:getAlias": { + "cf": "AWS::KMS::Alias", + "ids": [ + "aliasName" + ] + }, + "aws-native:kms:getKey": { + "cf": "AWS::KMS::Key", + "ids": [ + "keyId" + ] + }, + "aws-native:kms:getReplicaKey": { + "cf": "AWS::KMS::ReplicaKey", + "ids": [ + "keyId" + ] + }, + "aws-native:lakeformation:getPrincipalPermissions": { + "cf": "AWS::LakeFormation::PrincipalPermissions", + "ids": [ + "principalIdentifier", + "resourceIdentifier" + ] + }, + "aws-native:lakeformation:getTag": { + "cf": "AWS::LakeFormation::Tag", + "ids": [ + "tagKey" + ] + }, + "aws-native:lakeformation:getTagAssociation": { + "cf": "AWS::LakeFormation::TagAssociation", + "ids": [ + "resourceIdentifier", + "tagsIdentifier" + ] + }, + "aws-native:lambda:getAlias": { + "cf": "AWS::Lambda::Alias", + "ids": [ + "aliasArn" + ] + }, + "aws-native:lambda:getCodeSigningConfig": { + "cf": "AWS::Lambda::CodeSigningConfig", + "ids": [ + "codeSigningConfigArn" + ] + }, + "aws-native:lambda:getEventInvokeConfig": { + "cf": "AWS::Lambda::EventInvokeConfig", + "ids": [ + "functionName", + "qualifier" + ] + }, + "aws-native:lambda:getEventSourceMapping": { + "cf": "AWS::Lambda::EventSourceMapping", + "ids": [ + "id" + ] + }, + "aws-native:lambda:getFunction": { + "cf": "AWS::Lambda::Function", + "ids": [ + "functionName" + ] + }, + "aws-native:lambda:getLayerVersion": { + "cf": "AWS::Lambda::LayerVersion", + "ids": [ + "layerVersionArn" + ] + }, + "aws-native:lambda:getLayerVersionPermission": { + "cf": "AWS::Lambda::LayerVersionPermission", + "ids": [ + "id" + ] + }, + "aws-native:lambda:getPermission": { + "cf": "AWS::Lambda::Permission", + "ids": [ + "functionName", + "id" + ] + }, + "aws-native:lambda:getUrl": { + "cf": "AWS::Lambda::Url", + "ids": [ + "functionArn" + ] + }, + "aws-native:lambda:getVersion": { + "cf": "AWS::Lambda::Version", + "ids": [ + "functionArn" + ] + }, + "aws-native:launchwizard:getDeployment": { + "cf": "AWS::LaunchWizard::Deployment", + "ids": [ + "arn" + ] + }, + "aws-native:lex:getBot": { + "cf": "AWS::Lex::Bot", + "ids": [ + "id" + ] + }, + "aws-native:lex:getBotAlias": { + "cf": "AWS::Lex::BotAlias", + "ids": [ + "botAliasId", + "botId" + ] + }, + "aws-native:lex:getBotVersion": { + "cf": "AWS::Lex::BotVersion", + "ids": [ + "botId", + "botVersion" + ] + }, + "aws-native:lex:getResourcePolicy": { + "cf": "AWS::Lex::ResourcePolicy", + "ids": [ + "id" + ] + }, + "aws-native:licensemanager:getGrant": { + "cf": "AWS::LicenseManager::Grant", + "ids": [ + "grantArn" + ] + }, + "aws-native:licensemanager:getLicense": { + "cf": "AWS::LicenseManager::License", + "ids": [ + "licenseArn" + ] + }, + "aws-native:lightsail:getAlarm": { + "cf": "AWS::Lightsail::Alarm", + "ids": [ + "alarmName" + ] + }, + "aws-native:lightsail:getBucket": { + "cf": "AWS::Lightsail::Bucket", + "ids": [ + "bucketName" + ] + }, + "aws-native:lightsail:getCertificate": { + "cf": "AWS::Lightsail::Certificate", + "ids": [ + "certificateName" + ] + }, + "aws-native:lightsail:getContainer": { + "cf": "AWS::Lightsail::Container", + "ids": [ + "serviceName" + ] + }, + "aws-native:lightsail:getDatabase": { + "cf": "AWS::Lightsail::Database", + "ids": [ + "relationalDatabaseName" + ] + }, + "aws-native:lightsail:getDisk": { + "cf": "AWS::Lightsail::Disk", + "ids": [ + "diskName" + ] + }, + "aws-native:lightsail:getInstance": { + "cf": "AWS::Lightsail::Instance", + "ids": [ + "instanceName" + ] + }, + "aws-native:lightsail:getLoadBalancer": { + "cf": "AWS::Lightsail::LoadBalancer", + "ids": [ + "loadBalancerName" + ] + }, + "aws-native:lightsail:getLoadBalancerTlsCertificate": { + "cf": "AWS::Lightsail::LoadBalancerTlsCertificate", + "ids": [ + "certificateName", + "loadBalancerName" + ] + }, + "aws-native:lightsail:getStaticIp": { + "cf": "AWS::Lightsail::StaticIp", + "ids": [ + "staticIpName" + ] + }, + "aws-native:location:getApiKey": { + "cf": "AWS::Location::APIKey", + "ids": [ + "keyName" + ] + }, + "aws-native:location:getGeofenceCollection": { + "cf": "AWS::Location::GeofenceCollection", + "ids": [ + "collectionName" + ] + }, + "aws-native:location:getMap": { + "cf": "AWS::Location::Map", + "ids": [ + "mapName" + ] + }, + "aws-native:location:getPlaceIndex": { + "cf": "AWS::Location::PlaceIndex", + "ids": [ + "indexName" + ] + }, + "aws-native:location:getRouteCalculator": { + "cf": "AWS::Location::RouteCalculator", + "ids": [ + "calculatorName" + ] + }, + "aws-native:location:getTracker": { + "cf": "AWS::Location::Tracker", + "ids": [ + "trackerName" + ] + }, + "aws-native:logs:getAccountPolicy": { + "cf": "AWS::Logs::AccountPolicy", + "ids": [ + "accountId", + "policyType", + "policyName" + ] + }, + "aws-native:logs:getDelivery": { + "cf": "AWS::Logs::Delivery", + "ids": [ + "deliveryId" + ] + }, + "aws-native:logs:getDeliveryDestination": { + "cf": "AWS::Logs::DeliveryDestination", + "ids": [ + "name" + ] + }, + "aws-native:logs:getDeliverySource": { + "cf": "AWS::Logs::DeliverySource", + "ids": [ + "name" + ] + }, + "aws-native:logs:getDestination": { + "cf": "AWS::Logs::Destination", + "ids": [ + "destinationName" + ] + }, + "aws-native:logs:getLogAnomalyDetector": { + "cf": "AWS::Logs::LogAnomalyDetector", + "ids": [ + "anomalyDetectorArn" + ] + }, + "aws-native:logs:getLogGroup": { + "cf": "AWS::Logs::LogGroup", + "ids": [ + "logGroupName" + ] + }, + "aws-native:logs:getMetricFilter": { + "cf": "AWS::Logs::MetricFilter", + "ids": [ + "logGroupName", + "filterName" + ] + }, + "aws-native:logs:getQueryDefinition": { + "cf": "AWS::Logs::QueryDefinition", + "ids": [ + "queryDefinitionId" + ] + }, + "aws-native:logs:getResourcePolicy": { + "cf": "AWS::Logs::ResourcePolicy", + "ids": [ + "policyName" + ] + }, + "aws-native:logs:getSubscriptionFilter": { + "cf": "AWS::Logs::SubscriptionFilter", + "ids": [ + "filterName", + "logGroupName" + ] + }, + "aws-native:lookoutmetrics:getAlert": { + "cf": "AWS::LookoutMetrics::Alert", + "ids": [ + "arn" + ] + }, + "aws-native:lookoutmetrics:getAnomalyDetector": { + "cf": "AWS::LookoutMetrics::AnomalyDetector", + "ids": [ + "arn" + ] + }, + "aws-native:lookoutvision:getProject": { + "cf": "AWS::LookoutVision::Project", + "ids": [ + "projectName" + ] + }, + "aws-native:m2:getApplication": { + "cf": "AWS::M2::Application", + "ids": [ + "applicationArn" + ] + }, + "aws-native:m2:getEnvironment": { + "cf": "AWS::M2::Environment", + "ids": [ + "environmentArn" + ] + }, + "aws-native:macie:getAllowList": { + "cf": "AWS::Macie::AllowList", + "ids": [ + "id" + ] + }, + "aws-native:macie:getCustomDataIdentifier": { + "cf": "AWS::Macie::CustomDataIdentifier", + "ids": [ + "id" + ] + }, + "aws-native:macie:getFindingsFilter": { + "cf": "AWS::Macie::FindingsFilter", + "ids": [ + "id" + ] + }, + "aws-native:macie:getSession": { + "cf": "AWS::Macie::Session", + "ids": [ + "awsAccountId" + ] + }, + "aws-native:mediaconnect:getBridge": { + "cf": "AWS::MediaConnect::Bridge", + "ids": [ + "bridgeArn" + ] + }, + "aws-native:mediaconnect:getBridgeOutputResource": { + "cf": "AWS::MediaConnect::BridgeOutput", + "ids": [ + "bridgeArn", + "name" + ] + }, + "aws-native:mediaconnect:getBridgeSource": { + "cf": "AWS::MediaConnect::BridgeSource", + "ids": [ + "bridgeArn", + "name" + ] + }, + "aws-native:mediaconnect:getFlow": { + "cf": "AWS::MediaConnect::Flow", + "ids": [ + "flowArn" + ] + }, + "aws-native:mediaconnect:getFlowEntitlement": { + "cf": "AWS::MediaConnect::FlowEntitlement", + "ids": [ + "entitlementArn" + ] + }, + "aws-native:mediaconnect:getFlowSource": { + "cf": "AWS::MediaConnect::FlowSource", + "ids": [ + "sourceArn" + ] + }, + "aws-native:mediaconnect:getFlowVpcInterface": { + "cf": "AWS::MediaConnect::FlowVpcInterface", + "ids": [ + "flowArn", + "name" + ] + }, + "aws-native:mediaconnect:getGateway": { + "cf": "AWS::MediaConnect::Gateway", + "ids": [ + "gatewayArn" + ] + }, + "aws-native:medialive:getMultiplex": { + "cf": "AWS::MediaLive::Multiplex", + "ids": [ + "id" + ] + }, + "aws-native:medialive:getMultiplexprogram": { + "cf": "AWS::MediaLive::Multiplexprogram", + "ids": [ + "programName", + "multiplexId" + ] + }, + "aws-native:mediapackage:getAsset": { + "cf": "AWS::MediaPackage::Asset", + "ids": [ + "id" + ] + }, + "aws-native:mediapackage:getChannel": { + "cf": "AWS::MediaPackage::Channel", + "ids": [ + "id" + ] + }, + "aws-native:mediapackage:getOriginEndpoint": { + "cf": "AWS::MediaPackage::OriginEndpoint", + "ids": [ + "id" + ] + }, + "aws-native:mediapackage:getPackagingConfiguration": { + "cf": "AWS::MediaPackage::PackagingConfiguration", + "ids": [ + "id" + ] + }, + "aws-native:mediapackage:getPackagingGroup": { + "cf": "AWS::MediaPackage::PackagingGroup", + "ids": [ + "id" + ] + }, + "aws-native:mediapackagev2:getChannel": { + "cf": "AWS::MediaPackageV2::Channel", + "ids": [ + "arn" + ] + }, + "aws-native:mediapackagev2:getChannelGroup": { + "cf": "AWS::MediaPackageV2::ChannelGroup", + "ids": [ + "arn" + ] + }, + "aws-native:mediapackagev2:getChannelPolicy": { + "cf": "AWS::MediaPackageV2::ChannelPolicy", + "ids": [ + "channelGroupName", + "channelName" + ] + }, + "aws-native:mediapackagev2:getOriginEndpoint": { + "cf": "AWS::MediaPackageV2::OriginEndpoint", + "ids": [ + "arn" + ] + }, + "aws-native:mediapackagev2:getOriginEndpointPolicy": { + "cf": "AWS::MediaPackageV2::OriginEndpointPolicy", + "ids": [ + "channelGroupName", + "channelName", + "originEndpointName" + ] + }, + "aws-native:mediatailor:getChannel": { + "cf": "AWS::MediaTailor::Channel", + "ids": [ + "channelName" + ] + }, + "aws-native:mediatailor:getChannelPolicy": { + "cf": "AWS::MediaTailor::ChannelPolicy", + "ids": [ + "channelName" + ] + }, + "aws-native:mediatailor:getLiveSource": { + "cf": "AWS::MediaTailor::LiveSource", + "ids": [ + "liveSourceName", + "sourceLocationName" + ] + }, + "aws-native:mediatailor:getPlaybackConfiguration": { + "cf": "AWS::MediaTailor::PlaybackConfiguration", + "ids": [ + "name" + ] + }, + "aws-native:mediatailor:getSourceLocation": { + "cf": "AWS::MediaTailor::SourceLocation", + "ids": [ + "sourceLocationName" + ] + }, + "aws-native:mediatailor:getVodSource": { + "cf": "AWS::MediaTailor::VodSource", + "ids": [ + "sourceLocationName", + "vodSourceName" + ] + }, + "aws-native:memorydb:getAcl": { + "cf": "AWS::MemoryDB::ACL", + "ids": [ + "aclName" + ] + }, + "aws-native:memorydb:getCluster": { + "cf": "AWS::MemoryDB::Cluster", + "ids": [ + "clusterName" + ] + }, + "aws-native:memorydb:getParameterGroup": { + "cf": "AWS::MemoryDB::ParameterGroup", + "ids": [ + "parameterGroupName" + ] + }, + "aws-native:memorydb:getSubnetGroup": { + "cf": "AWS::MemoryDB::SubnetGroup", + "ids": [ + "subnetGroupName" + ] + }, + "aws-native:memorydb:getUser": { + "cf": "AWS::MemoryDB::User", + "ids": [ + "userName" + ] + }, + "aws-native:msk:getBatchScramSecret": { + "cf": "AWS::MSK::BatchScramSecret", + "ids": [ + "clusterArn" + ] + }, + "aws-native:msk:getCluster": { + "cf": "AWS::MSK::Cluster", + "ids": [ + "arn" + ] + }, + "aws-native:msk:getClusterPolicy": { + "cf": "AWS::MSK::ClusterPolicy", + "ids": [ + "clusterArn" + ] + }, + "aws-native:msk:getConfiguration": { + "cf": "AWS::MSK::Configuration", + "ids": [ + "arn" + ] + }, + "aws-native:msk:getReplicator": { + "cf": "AWS::MSK::Replicator", + "ids": [ + "replicatorArn" + ] + }, + "aws-native:msk:getServerlessCluster": { + "cf": "AWS::MSK::ServerlessCluster", + "ids": [ + "arn" + ] + }, + "aws-native:msk:getVpcConnection": { + "cf": "AWS::MSK::VpcConnection", + "ids": [ + "arn" + ] + }, + "aws-native:mwaa:getEnvironment": { + "cf": "AWS::MWAA::Environment", + "ids": [ + "name" + ] + }, + "aws-native:neptune:getDbCluster": { + "cf": "AWS::Neptune::DBCluster", + "ids": [ + "dbClusterIdentifier" + ] + }, + "aws-native:neptunegraph:getGraph": { + "cf": "AWS::NeptuneGraph::Graph", + "ids": [ + "graphId" + ] + }, + "aws-native:neptunegraph:getPrivateGraphEndpoint": { + "cf": "AWS::NeptuneGraph::PrivateGraphEndpoint", + "ids": [ + "privateGraphEndpointIdentifier" + ] + }, + "aws-native:networkfirewall:getFirewall": { + "cf": "AWS::NetworkFirewall::Firewall", + "ids": [ + "firewallArn" + ] + }, + "aws-native:networkfirewall:getFirewallPolicy": { + "cf": "AWS::NetworkFirewall::FirewallPolicy", + "ids": [ + "firewallPolicyArn" + ] + }, + "aws-native:networkfirewall:getLoggingConfiguration": { + "cf": "AWS::NetworkFirewall::LoggingConfiguration", + "ids": [ + "firewallArn" + ] + }, + "aws-native:networkfirewall:getRuleGroup": { + "cf": "AWS::NetworkFirewall::RuleGroup", + "ids": [ + "ruleGroupArn" + ] + }, + "aws-native:networkfirewall:getTlsInspectionConfiguration": { + "cf": "AWS::NetworkFirewall::TLSInspectionConfiguration", + "ids": [ + "tlsInspectionConfigurationArn" + ] + }, + "aws-native:networkmanager:getConnectAttachment": { + "cf": "AWS::NetworkManager::ConnectAttachment", + "ids": [ + "attachmentId" + ] + }, + "aws-native:networkmanager:getConnectPeer": { + "cf": "AWS::NetworkManager::ConnectPeer", + "ids": [ + "connectPeerId" + ] + }, + "aws-native:networkmanager:getCoreNetwork": { + "cf": "AWS::NetworkManager::CoreNetwork", + "ids": [ + "coreNetworkId" + ] + }, + "aws-native:networkmanager:getDevice": { + "cf": "AWS::NetworkManager::Device", + "ids": [ + "globalNetworkId", + "deviceId" + ] + }, + "aws-native:networkmanager:getGlobalNetwork": { + "cf": "AWS::NetworkManager::GlobalNetwork", + "ids": [ + "id" + ] + }, + "aws-native:networkmanager:getLink": { + "cf": "AWS::NetworkManager::Link", + "ids": [ + "globalNetworkId", + "linkId" + ] + }, + "aws-native:networkmanager:getSite": { + "cf": "AWS::NetworkManager::Site", + "ids": [ + "globalNetworkId", + "siteId" + ] + }, + "aws-native:networkmanager:getSiteToSiteVpnAttachment": { + "cf": "AWS::NetworkManager::SiteToSiteVpnAttachment", + "ids": [ + "attachmentId" + ] + }, + "aws-native:networkmanager:getTransitGatewayPeering": { + "cf": "AWS::NetworkManager::TransitGatewayPeering", + "ids": [ + "peeringId" + ] + }, + "aws-native:networkmanager:getTransitGatewayRouteTableAttachment": { + "cf": "AWS::NetworkManager::TransitGatewayRouteTableAttachment", + "ids": [ + "attachmentId" + ] + }, + "aws-native:networkmanager:getVpcAttachment": { + "cf": "AWS::NetworkManager::VpcAttachment", + "ids": [ + "attachmentId" + ] + }, + "aws-native:nimblestudio:getLaunchProfile": { + "cf": "AWS::NimbleStudio::LaunchProfile", + "ids": [ + "launchProfileId", + "studioId" + ] + }, + "aws-native:nimblestudio:getStreamingImage": { + "cf": "AWS::NimbleStudio::StreamingImage", + "ids": [ + "studioId", + "streamingImageId" + ] + }, + "aws-native:nimblestudio:getStudio": { + "cf": "AWS::NimbleStudio::Studio", + "ids": [ + "studioId" + ] + }, + "aws-native:nimblestudio:getStudioComponent": { + "cf": "AWS::NimbleStudio::StudioComponent", + "ids": [ + "studioComponentId", + "studioId" + ] + }, + "aws-native:oam:getLink": { + "cf": "AWS::Oam::Link", + "ids": [ + "arn" + ] + }, + "aws-native:oam:getSink": { + "cf": "AWS::Oam::Sink", + "ids": [ + "arn" + ] + }, + "aws-native:omics:getAnnotationStore": { + "cf": "AWS::Omics::AnnotationStore", + "ids": [ + "name" + ] + }, + "aws-native:omics:getReferenceStore": { + "cf": "AWS::Omics::ReferenceStore", + "ids": [ + "referenceStoreId" + ] + }, + "aws-native:omics:getRunGroup": { + "cf": "AWS::Omics::RunGroup", + "ids": [ + "id" + ] + }, + "aws-native:omics:getSequenceStore": { + "cf": "AWS::Omics::SequenceStore", + "ids": [ + "sequenceStoreId" + ] + }, + "aws-native:omics:getVariantStore": { + "cf": "AWS::Omics::VariantStore", + "ids": [ + "name" + ] + }, + "aws-native:omics:getWorkflow": { + "cf": "AWS::Omics::Workflow", + "ids": [ + "id" + ] + }, + "aws-native:opensearchserverless:getAccessPolicy": { + "cf": "AWS::OpenSearchServerless::AccessPolicy", + "ids": [ + "type", + "name" + ] + }, + "aws-native:opensearchserverless:getCollection": { + "cf": "AWS::OpenSearchServerless::Collection", + "ids": [ + "id" + ] + }, + "aws-native:opensearchserverless:getLifecyclePolicy": { + "cf": "AWS::OpenSearchServerless::LifecyclePolicy", + "ids": [ + "type", + "name" + ] + }, + "aws-native:opensearchserverless:getSecurityConfig": { + "cf": "AWS::OpenSearchServerless::SecurityConfig", + "ids": [ + "id" + ] + }, + "aws-native:opensearchserverless:getSecurityPolicy": { + "cf": "AWS::OpenSearchServerless::SecurityPolicy", + "ids": [ + "type", + "name" + ] + }, + "aws-native:opensearchserverless:getVpcEndpoint": { + "cf": "AWS::OpenSearchServerless::VpcEndpoint", + "ids": [ + "id" + ] + }, + "aws-native:opensearchservice:getDomain": { + "cf": "AWS::OpenSearchService::Domain", + "ids": [ + "domainName" + ] + }, + "aws-native:opsworkscm:getServer": { + "cf": "AWS::OpsWorksCM::Server", + "ids": [ + "serverName" + ] + }, + "aws-native:organizations:getAccount": { + "cf": "AWS::Organizations::Account", + "ids": [ + "accountId" + ] + }, + "aws-native:organizations:getOrganization": { + "cf": "AWS::Organizations::Organization", + "ids": [ + "id" + ] + }, + "aws-native:organizations:getOrganizationalUnit": { + "cf": "AWS::Organizations::OrganizationalUnit", + "ids": [ + "id" + ] + }, + "aws-native:organizations:getPolicy": { + "cf": "AWS::Organizations::Policy", + "ids": [ + "id" + ] + }, + "aws-native:organizations:getResourcePolicy": { + "cf": "AWS::Organizations::ResourcePolicy", + "ids": [ + "id" + ] + }, + "aws-native:osis:getPipeline": { + "cf": "AWS::OSIS::Pipeline", + "ids": [ + "pipelineArn" + ] + }, + "aws-native:panorama:getApplicationInstance": { + "cf": "AWS::Panorama::ApplicationInstance", + "ids": [ + "applicationInstanceId" + ] + }, + "aws-native:panorama:getPackage": { + "cf": "AWS::Panorama::Package", + "ids": [ + "packageId" + ] + }, + "aws-native:panorama:getPackageVersion": { + "cf": "AWS::Panorama::PackageVersion", + "ids": [ + "packageId", + "packageVersion", + "patchVersion" + ] + }, + "aws-native:paymentcryptography:getAlias": { + "cf": "AWS::PaymentCryptography::Alias", + "ids": [ + "aliasName" + ] + }, + "aws-native:paymentcryptography:getKey": { + "cf": "AWS::PaymentCryptography::Key", + "ids": [ + "keyIdentifier" + ] + }, + "aws-native:pcaconnectorad:getConnector": { + "cf": "AWS::PCAConnectorAD::Connector", + "ids": [ + "connectorArn" + ] + }, + "aws-native:pcaconnectorad:getDirectoryRegistration": { + "cf": "AWS::PCAConnectorAD::DirectoryRegistration", + "ids": [ + "directoryRegistrationArn" + ] + }, + "aws-native:pcaconnectorad:getTemplate": { + "cf": "AWS::PCAConnectorAD::Template", + "ids": [ + "templateArn" + ] + }, + "aws-native:personalize:getDataset": { + "cf": "AWS::Personalize::Dataset", + "ids": [ + "datasetArn" + ] + }, + "aws-native:personalize:getDatasetGroup": { + "cf": "AWS::Personalize::DatasetGroup", + "ids": [ + "datasetGroupArn" + ] + }, + "aws-native:personalize:getSchema": { + "cf": "AWS::Personalize::Schema", + "ids": [ + "schemaArn" + ] + }, + "aws-native:personalize:getSolution": { + "cf": "AWS::Personalize::Solution", + "ids": [ + "solutionArn" + ] + }, + "aws-native:pinpoint:getInAppTemplate": { + "cf": "AWS::Pinpoint::InAppTemplate", + "ids": [ + "templateName" + ] + }, + "aws-native:pipes:getPipe": { + "cf": "AWS::Pipes::Pipe", + "ids": [ + "name" + ] + }, + "aws-native:proton:getEnvironmentAccountConnection": { + "cf": "AWS::Proton::EnvironmentAccountConnection", + "ids": [ + "arn" + ] + }, + "aws-native:proton:getEnvironmentTemplate": { + "cf": "AWS::Proton::EnvironmentTemplate", + "ids": [ + "arn" + ] + }, + "aws-native:proton:getServiceTemplate": { + "cf": "AWS::Proton::ServiceTemplate", + "ids": [ + "arn" + ] + }, + "aws-native:qbusiness:getApplication": { + "cf": "AWS::QBusiness::Application", + "ids": [ + "applicationId" + ] + }, + "aws-native:qbusiness:getDataSource": { + "cf": "AWS::QBusiness::DataSource", + "ids": [ + "applicationId", + "dataSourceId", + "indexId" + ] + }, + "aws-native:qbusiness:getIndex": { + "cf": "AWS::QBusiness::Index", + "ids": [ + "applicationId", + "indexId" + ] + }, + "aws-native:qbusiness:getPlugin": { + "cf": "AWS::QBusiness::Plugin", + "ids": [ + "applicationId", + "pluginId" + ] + }, + "aws-native:qbusiness:getRetriever": { + "cf": "AWS::QBusiness::Retriever", + "ids": [ + "applicationId", + "retrieverId" + ] + }, + "aws-native:qbusiness:getWebExperience": { + "cf": "AWS::QBusiness::WebExperience", + "ids": [ + "applicationId", + "webExperienceId" + ] + }, + "aws-native:qldb:getStream": { + "cf": "AWS::QLDB::Stream", + "ids": [ + "ledgerName", + "id" + ] + }, + "aws-native:quicksight:getAnalysis": { + "cf": "AWS::QuickSight::Analysis", + "ids": [ + "analysisId", + "awsAccountId" + ] + }, + "aws-native:quicksight:getDashboard": { + "cf": "AWS::QuickSight::Dashboard", + "ids": [ + "awsAccountId", + "dashboardId" + ] + }, + "aws-native:quicksight:getDataSet": { + "cf": "AWS::QuickSight::DataSet", + "ids": [ + "awsAccountId", + "dataSetId" + ] + }, + "aws-native:quicksight:getDataSource": { + "cf": "AWS::QuickSight::DataSource", + "ids": [ + "awsAccountId", + "dataSourceId" + ] + }, + "aws-native:quicksight:getTemplate": { + "cf": "AWS::QuickSight::Template", + "ids": [ + "awsAccountId", + "templateId" + ] + }, + "aws-native:quicksight:getTheme": { + "cf": "AWS::QuickSight::Theme", + "ids": [ + "themeId", + "awsAccountId" + ] + }, + "aws-native:quicksight:getTopic": { + "cf": "AWS::QuickSight::Topic", + "ids": [ + "awsAccountId", + "topicId" + ] + }, + "aws-native:quicksight:getVpcConnection": { + "cf": "AWS::QuickSight::VPCConnection", + "ids": [ + "awsAccountId", + "vpcConnectionId" + ] + }, + "aws-native:ram:getPermission": { + "cf": "AWS::RAM::Permission", + "ids": [ + "arn" + ] + }, + "aws-native:rds:getCustomDbEngineVersion": { + "cf": "AWS::RDS::CustomDBEngineVersion", + "ids": [ + "engine", + "engineVersion" + ] + }, + "aws-native:rds:getDbCluster": { + "cf": "AWS::RDS::DBCluster", + "ids": [ + "dbClusterIdentifier" + ] + }, + "aws-native:rds:getDbClusterParameterGroup": { + "cf": "AWS::RDS::DBClusterParameterGroup", + "ids": [ + "dbClusterParameterGroupName" + ] + }, + "aws-native:rds:getDbInstance": { + "cf": "AWS::RDS::DBInstance", + "ids": [ + "dbInstanceIdentifier" + ] + }, + "aws-native:rds:getDbParameterGroup": { + "cf": "AWS::RDS::DBParameterGroup", + "ids": [ + "dbParameterGroupName" + ] + }, + "aws-native:rds:getDbProxy": { + "cf": "AWS::RDS::DBProxy", + "ids": [ + "dbProxyName" + ] + }, + "aws-native:rds:getDbProxyEndpoint": { + "cf": "AWS::RDS::DBProxyEndpoint", + "ids": [ + "dbProxyEndpointName" + ] + }, + "aws-native:rds:getDbProxyTargetGroup": { + "cf": "AWS::RDS::DBProxyTargetGroup", + "ids": [ + "targetGroupArn" + ] + }, + "aws-native:rds:getDbSubnetGroup": { + "cf": "AWS::RDS::DBSubnetGroup", + "ids": [ + "dbSubnetGroupName" + ] + }, + "aws-native:rds:getEventSubscription": { + "cf": "AWS::RDS::EventSubscription", + "ids": [ + "subscriptionName" + ] + }, + "aws-native:rds:getGlobalCluster": { + "cf": "AWS::RDS::GlobalCluster", + "ids": [ + "globalClusterIdentifier" + ] + }, + "aws-native:rds:getIntegration": { + "cf": "AWS::RDS::Integration", + "ids": [ + "integrationArn" + ] + }, + "aws-native:rds:getOptionGroup": { + "cf": "AWS::RDS::OptionGroup", + "ids": [ + "optionGroupName" + ] + }, + "aws-native:redshift:getCluster": { + "cf": "AWS::Redshift::Cluster", + "ids": [ + "clusterIdentifier" + ] + }, + "aws-native:redshift:getClusterParameterGroup": { + "cf": "AWS::Redshift::ClusterParameterGroup", + "ids": [ + "parameterGroupName" + ] + }, + "aws-native:redshift:getClusterSubnetGroup": { + "cf": "AWS::Redshift::ClusterSubnetGroup", + "ids": [ + "clusterSubnetGroupName" + ] + }, + "aws-native:redshift:getEndpointAccess": { + "cf": "AWS::Redshift::EndpointAccess", + "ids": [ + "endpointName" + ] + }, + "aws-native:redshift:getEndpointAuthorization": { + "cf": "AWS::Redshift::EndpointAuthorization", + "ids": [ + "clusterIdentifier", + "account" + ] + }, + "aws-native:redshift:getEventSubscription": { + "cf": "AWS::Redshift::EventSubscription", + "ids": [ + "subscriptionName" + ] + }, + "aws-native:redshift:getScheduledAction": { + "cf": "AWS::Redshift::ScheduledAction", + "ids": [ + "scheduledActionName" + ] + }, + "aws-native:redshiftserverless:getNamespace": { + "cf": "AWS::RedshiftServerless::Namespace", + "ids": [ + "namespaceName" + ] + }, + "aws-native:redshiftserverless:getWorkgroup": { + "cf": "AWS::RedshiftServerless::Workgroup", + "ids": [ + "workgroupName" + ] + }, + "aws-native:refactorspaces:getApplication": { + "cf": "AWS::RefactorSpaces::Application", + "ids": [ + "environmentIdentifier", + "applicationIdentifier" + ] + }, + "aws-native:refactorspaces:getEnvironment": { + "cf": "AWS::RefactorSpaces::Environment", + "ids": [ + "environmentIdentifier" + ] + }, + "aws-native:refactorspaces:getRoute": { + "cf": "AWS::RefactorSpaces::Route", + "ids": [ + "environmentIdentifier", + "applicationIdentifier", + "routeIdentifier" + ] + }, + "aws-native:refactorspaces:getService": { + "cf": "AWS::RefactorSpaces::Service", + "ids": [ + "environmentIdentifier", + "applicationIdentifier", + "serviceIdentifier" + ] + }, + "aws-native:rekognition:getCollection": { + "cf": "AWS::Rekognition::Collection", + "ids": [ + "collectionId" + ] + }, + "aws-native:rekognition:getProject": { + "cf": "AWS::Rekognition::Project", + "ids": [ + "projectName" + ] + }, + "aws-native:rekognition:getStreamProcessor": { + "cf": "AWS::Rekognition::StreamProcessor", + "ids": [ + "name" + ] + }, + "aws-native:resiliencehub:getApp": { + "cf": "AWS::ResilienceHub::App", + "ids": [ + "appArn" + ] + }, + "aws-native:resiliencehub:getResiliencyPolicy": { + "cf": "AWS::ResilienceHub::ResiliencyPolicy", + "ids": [ + "policyArn" + ] + }, + "aws-native:resourceexplorer2:getDefaultViewAssociation": { + "cf": "AWS::ResourceExplorer2::DefaultViewAssociation", + "ids": [ + "associatedAwsPrincipal" + ] + }, + "aws-native:resourceexplorer2:getIndex": { + "cf": "AWS::ResourceExplorer2::Index", + "ids": [ + "arn" + ] + }, + "aws-native:resourceexplorer2:getView": { + "cf": "AWS::ResourceExplorer2::View", + "ids": [ + "viewArn" + ] + }, + "aws-native:resourcegroups:getGroup": { + "cf": "AWS::ResourceGroups::Group", + "ids": [ + "name" + ] + }, + "aws-native:robomaker:getFleet": { + "cf": "AWS::RoboMaker::Fleet", + "ids": [ + "arn" + ] + }, + "aws-native:robomaker:getRobot": { + "cf": "AWS::RoboMaker::Robot", + "ids": [ + "arn" + ] + }, + "aws-native:robomaker:getRobotApplication": { + "cf": "AWS::RoboMaker::RobotApplication", + "ids": [ + "arn" + ] + }, + "aws-native:robomaker:getRobotApplicationVersion": { + "cf": "AWS::RoboMaker::RobotApplicationVersion", + "ids": [ + "arn" + ] + }, + "aws-native:robomaker:getSimulationApplication": { + "cf": "AWS::RoboMaker::SimulationApplication", + "ids": [ + "arn" + ] + }, + "aws-native:robomaker:getSimulationApplicationVersion": { + "cf": "AWS::RoboMaker::SimulationApplicationVersion", + "ids": [ + "arn" + ] + }, + "aws-native:rolesanywhere:getCrl": { + "cf": "AWS::RolesAnywhere::CRL", + "ids": [ + "crlId" + ] + }, + "aws-native:rolesanywhere:getProfile": { + "cf": "AWS::RolesAnywhere::Profile", + "ids": [ + "profileId" + ] + }, + "aws-native:rolesanywhere:getTrustAnchor": { + "cf": "AWS::RolesAnywhere::TrustAnchor", + "ids": [ + "trustAnchorId" + ] + }, + "aws-native:route53:getCidrCollection": { + "cf": "AWS::Route53::CidrCollection", + "ids": [ + "id" + ] + }, + "aws-native:route53:getHealthCheck": { + "cf": "AWS::Route53::HealthCheck", + "ids": [ + "healthCheckId" + ] + }, + "aws-native:route53:getHostedZone": { + "cf": "AWS::Route53::HostedZone", + "ids": [ + "id" + ] + }, + "aws-native:route53:getKeySigningKey": { + "cf": "AWS::Route53::KeySigningKey", + "ids": [ + "hostedZoneId", + "name" + ] + }, + "aws-native:route53profiles:getProfile": { + "cf": "AWS::Route53Profiles::Profile", + "ids": [ + "id" + ] + }, + "aws-native:route53profiles:getProfileAssociation": { + "cf": "AWS::Route53Profiles::ProfileAssociation", + "ids": [ + "id" + ] + }, + "aws-native:route53profiles:getProfileResourceAssociation": { + "cf": "AWS::Route53Profiles::ProfileResourceAssociation", + "ids": [ + "id" + ] + }, + "aws-native:route53recoverycontrol:getCluster": { + "cf": "AWS::Route53RecoveryControl::Cluster", + "ids": [ + "clusterArn" + ] + }, + "aws-native:route53recoverycontrol:getControlPanel": { + "cf": "AWS::Route53RecoveryControl::ControlPanel", + "ids": [ + "controlPanelArn" + ] + }, + "aws-native:route53recoverycontrol:getRoutingControl": { + "cf": "AWS::Route53RecoveryControl::RoutingControl", + "ids": [ + "routingControlArn" + ] + }, + "aws-native:route53recoverycontrol:getSafetyRule": { + "cf": "AWS::Route53RecoveryControl::SafetyRule", + "ids": [ + "safetyRuleArn" + ] + }, + "aws-native:route53recoveryreadiness:getCell": { + "cf": "AWS::Route53RecoveryReadiness::Cell", + "ids": [ + "cellName" + ] + }, + "aws-native:route53recoveryreadiness:getReadinessCheck": { + "cf": "AWS::Route53RecoveryReadiness::ReadinessCheck", + "ids": [ + "readinessCheckName" + ] + }, + "aws-native:route53recoveryreadiness:getRecoveryGroup": { + "cf": "AWS::Route53RecoveryReadiness::RecoveryGroup", + "ids": [ + "recoveryGroupName" + ] + }, + "aws-native:route53recoveryreadiness:getResourceSet": { + "cf": "AWS::Route53RecoveryReadiness::ResourceSet", + "ids": [ + "resourceSetName" + ] + }, + "aws-native:route53resolver:getFirewallDomainList": { + "cf": "AWS::Route53Resolver::FirewallDomainList", + "ids": [ + "id" + ] + }, + "aws-native:route53resolver:getFirewallRuleGroup": { + "cf": "AWS::Route53Resolver::FirewallRuleGroup", + "ids": [ + "id" + ] + }, + "aws-native:route53resolver:getFirewallRuleGroupAssociation": { + "cf": "AWS::Route53Resolver::FirewallRuleGroupAssociation", + "ids": [ + "id" + ] + }, + "aws-native:route53resolver:getOutpostResolver": { + "cf": "AWS::Route53Resolver::OutpostResolver", + "ids": [ + "id" + ] + }, + "aws-native:route53resolver:getResolverConfig": { + "cf": "AWS::Route53Resolver::ResolverConfig", + "ids": [ + "resourceId" + ] + }, + "aws-native:route53resolver:getResolverDnssecConfig": { + "cf": "AWS::Route53Resolver::ResolverDNSSECConfig", + "ids": [ + "id" + ] + }, + "aws-native:route53resolver:getResolverQueryLoggingConfig": { + "cf": "AWS::Route53Resolver::ResolverQueryLoggingConfig", + "ids": [ + "id" + ] + }, + "aws-native:route53resolver:getResolverQueryLoggingConfigAssociation": { + "cf": "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation", + "ids": [ + "id" + ] + }, + "aws-native:route53resolver:getResolverRule": { + "cf": "AWS::Route53Resolver::ResolverRule", + "ids": [ + "resolverRuleId" + ] + }, + "aws-native:route53resolver:getResolverRuleAssociation": { + "cf": "AWS::Route53Resolver::ResolverRuleAssociation", + "ids": [ + "resolverRuleAssociationId" + ] + }, + "aws-native:rum:getAppMonitor": { + "cf": "AWS::RUM::AppMonitor", + "ids": [ + "name" + ] + }, + "aws-native:s3:getAccessGrant": { + "cf": "AWS::S3::AccessGrant", + "ids": [ + "accessGrantId" + ] + }, + "aws-native:s3:getAccessGrantsInstance": { + "cf": "AWS::S3::AccessGrantsInstance", + "ids": [ + "accessGrantsInstanceArn" + ] + }, + "aws-native:s3:getAccessGrantsLocation": { + "cf": "AWS::S3::AccessGrantsLocation", + "ids": [ + "accessGrantsLocationId" + ] + }, + "aws-native:s3:getAccessPoint": { + "cf": "AWS::S3::AccessPoint", + "ids": [ + "name" + ] + }, + "aws-native:s3:getBucket": { + "cf": "AWS::S3::Bucket", + "ids": [ + "bucketName" + ] + }, + "aws-native:s3:getBucketPolicy": { + "cf": "AWS::S3::BucketPolicy", + "ids": [ + "bucket" + ] + }, + "aws-native:s3:getMultiRegionAccessPoint": { + "cf": "AWS::S3::MultiRegionAccessPoint", + "ids": [ + "name" + ] + }, + "aws-native:s3:getMultiRegionAccessPointPolicy": { + "cf": "AWS::S3::MultiRegionAccessPointPolicy", + "ids": [ + "mrapName" + ] + }, + "aws-native:s3:getStorageLensGroup": { + "cf": "AWS::S3::StorageLensGroup", + "ids": [ + "name" + ] + }, + "aws-native:s3express:getBucketPolicy": { + "cf": "AWS::S3Express::BucketPolicy", + "ids": [ + "bucket" + ] + }, + "aws-native:s3express:getDirectoryBucket": { + "cf": "AWS::S3Express::DirectoryBucket", + "ids": [ + "bucketName" + ] + }, + "aws-native:s3objectlambda:getAccessPoint": { + "cf": "AWS::S3ObjectLambda::AccessPoint", + "ids": [ + "name" + ] + }, + "aws-native:s3objectlambda:getAccessPointPolicy": { + "cf": "AWS::S3ObjectLambda::AccessPointPolicy", + "ids": [ + "objectLambdaAccessPoint" + ] + }, + "aws-native:s3outposts:getAccessPoint": { + "cf": "AWS::S3Outposts::AccessPoint", + "ids": [ + "arn" + ] + }, + "aws-native:s3outposts:getBucket": { + "cf": "AWS::S3Outposts::Bucket", + "ids": [ + "arn" + ] + }, + "aws-native:s3outposts:getBucketPolicy": { + "cf": "AWS::S3Outposts::BucketPolicy", + "ids": [ + "bucket" + ] + }, + "aws-native:s3outposts:getEndpoint": { + "cf": "AWS::S3Outposts::Endpoint", + "ids": [ + "arn" + ] + }, + "aws-native:sagemaker:getApp": { + "cf": "AWS::SageMaker::App", + "ids": [ + "appName", + "appType", + "domainId", + "userProfileName" + ] + }, + "aws-native:sagemaker:getAppImageConfig": { + "cf": "AWS::SageMaker::AppImageConfig", + "ids": [ + "appImageConfigName" + ] + }, + "aws-native:sagemaker:getDataQualityJobDefinition": { + "cf": "AWS::SageMaker::DataQualityJobDefinition", + "ids": [ + "jobDefinitionArn" + ] + }, + "aws-native:sagemaker:getDeviceFleet": { + "cf": "AWS::SageMaker::DeviceFleet", + "ids": [ + "deviceFleetName" + ] + }, + "aws-native:sagemaker:getDomain": { + "cf": "AWS::SageMaker::Domain", + "ids": [ + "domainId" + ] + }, + "aws-native:sagemaker:getFeatureGroup": { + "cf": "AWS::SageMaker::FeatureGroup", + "ids": [ + "featureGroupName" + ] + }, + "aws-native:sagemaker:getImage": { + "cf": "AWS::SageMaker::Image", + "ids": [ + "imageArn" + ] + }, + "aws-native:sagemaker:getImageVersion": { + "cf": "AWS::SageMaker::ImageVersion", + "ids": [ + "imageVersionArn" + ] + }, + "aws-native:sagemaker:getInferenceComponent": { + "cf": "AWS::SageMaker::InferenceComponent", + "ids": [ + "inferenceComponentArn" + ] + }, + "aws-native:sagemaker:getInferenceExperiment": { + "cf": "AWS::SageMaker::InferenceExperiment", + "ids": [ + "name" + ] + }, + "aws-native:sagemaker:getMlflowTrackingServer": { + "cf": "AWS::SageMaker::MlflowTrackingServer", + "ids": [ + "trackingServerName" + ] + }, + "aws-native:sagemaker:getModelBiasJobDefinition": { + "cf": "AWS::SageMaker::ModelBiasJobDefinition", + "ids": [ + "jobDefinitionArn" + ] + }, + "aws-native:sagemaker:getModelCard": { + "cf": "AWS::SageMaker::ModelCard", + "ids": [ + "modelCardName" + ] + }, + "aws-native:sagemaker:getModelExplainabilityJobDefinition": { + "cf": "AWS::SageMaker::ModelExplainabilityJobDefinition", + "ids": [ + "jobDefinitionArn" + ] + }, + "aws-native:sagemaker:getModelPackage": { + "cf": "AWS::SageMaker::ModelPackage", + "ids": [ + "modelPackageArn" + ] + }, + "aws-native:sagemaker:getModelPackageGroup": { + "cf": "AWS::SageMaker::ModelPackageGroup", + "ids": [ + "modelPackageGroupArn" + ] + }, + "aws-native:sagemaker:getModelQualityJobDefinition": { + "cf": "AWS::SageMaker::ModelQualityJobDefinition", + "ids": [ + "jobDefinitionArn" + ] + }, + "aws-native:sagemaker:getMonitoringSchedule": { + "cf": "AWS::SageMaker::MonitoringSchedule", + "ids": [ + "monitoringScheduleArn" + ] + }, + "aws-native:sagemaker:getPipeline": { + "cf": "AWS::SageMaker::Pipeline", + "ids": [ + "pipelineName" + ] + }, + "aws-native:sagemaker:getProject": { + "cf": "AWS::SageMaker::Project", + "ids": [ + "projectArn" + ] + }, + "aws-native:sagemaker:getSpace": { + "cf": "AWS::SageMaker::Space", + "ids": [ + "domainId", + "spaceName" + ] + }, + "aws-native:sagemaker:getStudioLifecycleConfig": { + "cf": "AWS::SageMaker::StudioLifecycleConfig", + "ids": [ + "studioLifecycleConfigName" + ] + }, + "aws-native:sagemaker:getUserProfile": { + "cf": "AWS::SageMaker::UserProfile", + "ids": [ + "userProfileName", + "domainId" + ] + }, + "aws-native:scheduler:getSchedule": { + "cf": "AWS::Scheduler::Schedule", + "ids": [ + "name" + ] + }, + "aws-native:scheduler:getScheduleGroup": { + "cf": "AWS::Scheduler::ScheduleGroup", + "ids": [ + "name" + ] + }, + "aws-native:secretsmanager:getResourcePolicy": { + "cf": "AWS::SecretsManager::ResourcePolicy", + "ids": [ + "id" + ] + }, + "aws-native:secretsmanager:getSecret": { + "cf": "AWS::SecretsManager::Secret", + "ids": [ + "id" + ] + }, + "aws-native:securityhub:getAutomationRule": { + "cf": "AWS::SecurityHub::AutomationRule", + "ids": [ + "ruleArn" + ] + }, + "aws-native:securityhub:getConfigurationPolicy": { + "cf": "AWS::SecurityHub::ConfigurationPolicy", + "ids": [ + "arn" + ] + }, + "aws-native:securityhub:getDelegatedAdmin": { + "cf": "AWS::SecurityHub::DelegatedAdmin", + "ids": [ + "delegatedAdminIdentifier" + ] + }, + "aws-native:securityhub:getFindingAggregator": { + "cf": "AWS::SecurityHub::FindingAggregator", + "ids": [ + "findingAggregatorArn" + ] + }, + "aws-native:securityhub:getHub": { + "cf": "AWS::SecurityHub::Hub", + "ids": [ + "arn" + ] + }, + "aws-native:securityhub:getInsight": { + "cf": "AWS::SecurityHub::Insight", + "ids": [ + "insightArn" + ] + }, + "aws-native:securityhub:getOrganizationConfiguration": { + "cf": "AWS::SecurityHub::OrganizationConfiguration", + "ids": [ + "organizationConfigurationIdentifier" + ] + }, + "aws-native:securityhub:getPolicyAssociation": { + "cf": "AWS::SecurityHub::PolicyAssociation", + "ids": [ + "associationIdentifier" + ] + }, + "aws-native:securityhub:getProductSubscription": { + "cf": "AWS::SecurityHub::ProductSubscription", + "ids": [ + "productSubscriptionArn" + ] + }, + "aws-native:securityhub:getSecurityControl": { + "cf": "AWS::SecurityHub::SecurityControl", + "ids": [ + "securityControlId" + ] + }, + "aws-native:securityhub:getStandard": { + "cf": "AWS::SecurityHub::Standard", + "ids": [ + "standardsSubscriptionArn" + ] + }, + "aws-native:securitylake:getAwsLogSource": { + "cf": "AWS::SecurityLake::AwsLogSource", + "ids": [ + "sourceName", + "sourceVersion" + ] + }, + "aws-native:securitylake:getDataLake": { + "cf": "AWS::SecurityLake::DataLake", + "ids": [ + "arn" + ] + }, + "aws-native:securitylake:getSubscriber": { + "cf": "AWS::SecurityLake::Subscriber", + "ids": [ + "subscriberArn" + ] + }, + "aws-native:securitylake:getSubscriberNotification": { + "cf": "AWS::SecurityLake::SubscriberNotification", + "ids": [ + "subscriberArn" + ] + }, + "aws-native:servicecatalog:getCloudFormationProvisionedProduct": { + "cf": "AWS::ServiceCatalog::CloudFormationProvisionedProduct", + "ids": [ + "provisionedProductId" + ] + }, + "aws-native:servicecatalog:getServiceAction": { + "cf": "AWS::ServiceCatalog::ServiceAction", + "ids": [ + "id" + ] + }, + "aws-native:servicecatalogappregistry:getApplication": { + "cf": "AWS::ServiceCatalogAppRegistry::Application", + "ids": [ + "id" + ] + }, + "aws-native:servicecatalogappregistry:getAttributeGroup": { + "cf": "AWS::ServiceCatalogAppRegistry::AttributeGroup", + "ids": [ + "id" + ] + }, + "aws-native:servicecatalogappregistry:getAttributeGroupAssociation": { + "cf": "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation", + "ids": [ + "applicationArn", + "attributeGroupArn" + ] + }, + "aws-native:servicecatalogappregistry:getResourceAssociation": { + "cf": "AWS::ServiceCatalogAppRegistry::ResourceAssociation", + "ids": [ + "applicationArn", + "resourceArn", + "resourceType" + ] + }, + "aws-native:ses:getConfigurationSet": { + "cf": "AWS::SES::ConfigurationSet", + "ids": [ + "name" + ] + }, + "aws-native:ses:getConfigurationSetEventDestination": { + "cf": "AWS::SES::ConfigurationSetEventDestination", + "ids": [ + "id" + ] + }, + "aws-native:ses:getContactList": { + "cf": "AWS::SES::ContactList", + "ids": [ + "contactListName" + ] + }, + "aws-native:ses:getDedicatedIpPool": { + "cf": "AWS::SES::DedicatedIpPool", + "ids": [ + "poolName" + ] + }, + "aws-native:ses:getEmailIdentity": { + "cf": "AWS::SES::EmailIdentity", + "ids": [ + "emailIdentity" + ] + }, + "aws-native:ses:getMailManagerAddonInstance": { + "cf": "AWS::SES::MailManagerAddonInstance", + "ids": [ + "addonInstanceId" + ] + }, + "aws-native:ses:getMailManagerAddonSubscription": { + "cf": "AWS::SES::MailManagerAddonSubscription", + "ids": [ + "addonSubscriptionId" + ] + }, + "aws-native:ses:getMailManagerArchive": { + "cf": "AWS::SES::MailManagerArchive", + "ids": [ + "archiveId" + ] + }, + "aws-native:ses:getMailManagerIngressPoint": { + "cf": "AWS::SES::MailManagerIngressPoint", + "ids": [ + "ingressPointId" + ] + }, + "aws-native:ses:getMailManagerRelay": { + "cf": "AWS::SES::MailManagerRelay", + "ids": [ + "relayId" + ] + }, + "aws-native:ses:getMailManagerRuleSet": { + "cf": "AWS::SES::MailManagerRuleSet", + "ids": [ + "ruleSetId" + ] + }, + "aws-native:ses:getMailManagerTrafficPolicy": { + "cf": "AWS::SES::MailManagerTrafficPolicy", + "ids": [ + "trafficPolicyId" + ] + }, + "aws-native:ses:getTemplate": { + "cf": "AWS::SES::Template", + "ids": [ + "id" + ] + }, + "aws-native:ses:getVdmAttributes": { + "cf": "AWS::SES::VdmAttributes", + "ids": [ + "vdmAttributesResourceId" + ] + }, + "aws-native:shield:getDrtAccess": { + "cf": "AWS::Shield::DRTAccess", + "ids": [ + "accountId" + ] + }, + "aws-native:shield:getProactiveEngagement": { + "cf": "AWS::Shield::ProactiveEngagement", + "ids": [ + "accountId" + ] + }, + "aws-native:shield:getProtection": { + "cf": "AWS::Shield::Protection", + "ids": [ + "protectionArn" + ] + }, + "aws-native:shield:getProtectionGroup": { + "cf": "AWS::Shield::ProtectionGroup", + "ids": [ + "protectionGroupArn" + ] + }, + "aws-native:signer:getSigningProfile": { + "cf": "AWS::Signer::SigningProfile", + "ids": [ + "arn" + ] + }, + "aws-native:simspaceweaver:getSimulation": { + "cf": "AWS::SimSpaceWeaver::Simulation", + "ids": [ + "name" + ] + }, + "aws-native:sns:getTopic": { + "cf": "AWS::SNS::Topic", + "ids": [ + "topicArn" + ] + }, + "aws-native:sns:getTopicInlinePolicy": { + "cf": "AWS::SNS::TopicInlinePolicy", + "ids": [ + "topicArn" + ] + }, + "aws-native:sns:getTopicPolicy": { + "cf": "AWS::SNS::TopicPolicy", + "ids": [ + "id" + ] + }, + "aws-native:sqs:getQueue": { + "cf": "AWS::SQS::Queue", + "ids": [ + "queueUrl" + ] + }, + "aws-native:sqs:getQueueInlinePolicy": { + "cf": "AWS::SQS::QueueInlinePolicy", + "ids": [ + "queue" + ] + }, + "aws-native:ssm:getAssociation": { + "cf": "AWS::SSM::Association", + "ids": [ + "associationId" + ] + }, + "aws-native:ssm:getDocument": { + "cf": "AWS::SSM::Document", + "ids": [ + "name" + ] + }, + "aws-native:ssm:getParameter": { + "cf": "AWS::SSM::Parameter", + "ids": [ + "name" + ] + }, + "aws-native:ssm:getPatchBaseline": { + "cf": "AWS::SSM::PatchBaseline", + "ids": [ + "id" + ] + }, + "aws-native:ssm:getResourceDataSync": { + "cf": "AWS::SSM::ResourceDataSync", + "ids": [ + "syncName" + ] + }, + "aws-native:ssm:getResourcePolicy": { + "cf": "AWS::SSM::ResourcePolicy", + "ids": [ + "policyId", + "resourceArn" + ] + }, + "aws-native:ssmcontacts:getContact": { + "cf": "AWS::SSMContacts::Contact", + "ids": [ + "arn" + ] + }, + "aws-native:ssmcontacts:getContactChannel": { + "cf": "AWS::SSMContacts::ContactChannel", + "ids": [ + "arn" + ] + }, + "aws-native:ssmcontacts:getPlan": { + "cf": "AWS::SSMContacts::Plan", + "ids": [ + "arn" + ] + }, + "aws-native:ssmcontacts:getRotation": { + "cf": "AWS::SSMContacts::Rotation", + "ids": [ + "arn" + ] + }, + "aws-native:ssmincidents:getReplicationSet": { + "cf": "AWS::SSMIncidents::ReplicationSet", + "ids": [ + "arn" + ] + }, + "aws-native:ssmincidents:getResponsePlan": { + "cf": "AWS::SSMIncidents::ResponsePlan", + "ids": [ + "arn" + ] + }, + "aws-native:sso:getApplication": { + "cf": "AWS::SSO::Application", + "ids": [ + "applicationArn" + ] + }, + "aws-native:sso:getInstance": { + "cf": "AWS::SSO::Instance", + "ids": [ + "instanceArn" + ] + }, + "aws-native:sso:getInstanceAccessControlAttributeConfiguration": { + "cf": "AWS::SSO::InstanceAccessControlAttributeConfiguration", + "ids": [ + "instanceArn" + ] + }, + "aws-native:sso:getPermissionSet": { + "cf": "AWS::SSO::PermissionSet", + "ids": [ + "instanceArn", + "permissionSetArn" + ] + }, + "aws-native:stepfunctions:getActivity": { + "cf": "AWS::StepFunctions::Activity", + "ids": [ + "arn" + ] + }, + "aws-native:stepfunctions:getStateMachine": { + "cf": "AWS::StepFunctions::StateMachine", + "ids": [ + "arn" + ] + }, + "aws-native:stepfunctions:getStateMachineAlias": { + "cf": "AWS::StepFunctions::StateMachineAlias", + "ids": [ + "arn" + ] + }, + "aws-native:stepfunctions:getStateMachineVersion": { + "cf": "AWS::StepFunctions::StateMachineVersion", + "ids": [ + "arn" + ] + }, + "aws-native:supportapp:getAccountAlias": { + "cf": "AWS::SupportApp::AccountAlias", + "ids": [ + "accountAliasResourceId" + ] + }, + "aws-native:supportapp:getSlackChannelConfiguration": { + "cf": "AWS::SupportApp::SlackChannelConfiguration", + "ids": [ + "teamId", + "channelId" + ] + }, + "aws-native:synthetics:getCanary": { + "cf": "AWS::Synthetics::Canary", + "ids": [ + "name" + ] + }, + "aws-native:synthetics:getGroup": { + "cf": "AWS::Synthetics::Group", + "ids": [ + "name" + ] + }, + "aws-native:systemsmanagersap:getApplication": { + "cf": "AWS::SystemsManagerSAP::Application", + "ids": [ + "arn" + ] + }, + "aws-native:timestream:getDatabase": { + "cf": "AWS::Timestream::Database", + "ids": [ + "databaseName" + ] + }, + "aws-native:timestream:getInfluxDbInstance": { + "cf": "AWS::Timestream::InfluxDBInstance", + "ids": [ + "id" + ] + }, + "aws-native:timestream:getScheduledQuery": { + "cf": "AWS::Timestream::ScheduledQuery", + "ids": [ + "arn" + ] + }, + "aws-native:timestream:getTable": { + "cf": "AWS::Timestream::Table", + "ids": [ + "databaseName", + "tableName" + ] + }, + "aws-native:transfer:getAgreement": { + "cf": "AWS::Transfer::Agreement", + "ids": [ + "agreementId", + "serverId" + ] + }, + "aws-native:transfer:getCertificate": { + "cf": "AWS::Transfer::Certificate", + "ids": [ + "certificateId" + ] + }, + "aws-native:transfer:getConnector": { + "cf": "AWS::Transfer::Connector", + "ids": [ + "connectorId" + ] + }, + "aws-native:transfer:getProfile": { + "cf": "AWS::Transfer::Profile", + "ids": [ + "profileId" + ] + }, + "aws-native:transfer:getWorkflow": { + "cf": "AWS::Transfer::Workflow", + "ids": [ + "workflowId" + ] + }, + "aws-native:verifiedpermissions:getIdentitySource": { + "cf": "AWS::VerifiedPermissions::IdentitySource", + "ids": [ + "identitySourceId", + "policyStoreId" + ] + }, + "aws-native:verifiedpermissions:getPolicy": { + "cf": "AWS::VerifiedPermissions::Policy", + "ids": [ + "policyId", + "policyStoreId" + ] + }, + "aws-native:verifiedpermissions:getPolicyStore": { + "cf": "AWS::VerifiedPermissions::PolicyStore", + "ids": [ + "policyStoreId" + ] + }, + "aws-native:verifiedpermissions:getPolicyTemplate": { + "cf": "AWS::VerifiedPermissions::PolicyTemplate", + "ids": [ + "policyStoreId", + "policyTemplateId" + ] + }, + "aws-native:voiceid:getDomain": { + "cf": "AWS::VoiceID::Domain", + "ids": [ + "domainId" + ] + }, + "aws-native:vpclattice:getAccessLogSubscription": { + "cf": "AWS::VpcLattice::AccessLogSubscription", + "ids": [ + "arn" + ] + }, + "aws-native:vpclattice:getAuthPolicy": { + "cf": "AWS::VpcLattice::AuthPolicy", + "ids": [ + "resourceIdentifier" + ] + }, + "aws-native:vpclattice:getListener": { + "cf": "AWS::VpcLattice::Listener", + "ids": [ + "arn" + ] + }, + "aws-native:vpclattice:getResourcePolicy": { + "cf": "AWS::VpcLattice::ResourcePolicy", + "ids": [ + "resourceArn" + ] + }, + "aws-native:vpclattice:getRule": { + "cf": "AWS::VpcLattice::Rule", + "ids": [ + "arn" + ] + }, + "aws-native:vpclattice:getService": { + "cf": "AWS::VpcLattice::Service", + "ids": [ + "arn" + ] + }, + "aws-native:vpclattice:getServiceNetwork": { + "cf": "AWS::VpcLattice::ServiceNetwork", + "ids": [ + "arn" + ] + }, + "aws-native:vpclattice:getServiceNetworkServiceAssociation": { + "cf": "AWS::VpcLattice::ServiceNetworkServiceAssociation", + "ids": [ + "arn" + ] + }, + "aws-native:vpclattice:getServiceNetworkVpcAssociation": { + "cf": "AWS::VpcLattice::ServiceNetworkVpcAssociation", + "ids": [ + "arn" + ] + }, + "aws-native:vpclattice:getTargetGroup": { + "cf": "AWS::VpcLattice::TargetGroup", + "ids": [ + "arn" + ] + }, + "aws-native:wafv2:getIpSet": { + "cf": "AWS::WAFv2::IPSet", + "ids": [ + "name", + "id", + "scope" + ] + }, + "aws-native:wafv2:getLoggingConfiguration": { + "cf": "AWS::WAFv2::LoggingConfiguration", + "ids": [ + "resourceArn" + ] + }, + "aws-native:wafv2:getRegexPatternSet": { + "cf": "AWS::WAFv2::RegexPatternSet", + "ids": [ + "name", + "id", + "scope" + ] + }, + "aws-native:wafv2:getRuleGroup": { + "cf": "AWS::WAFv2::RuleGroup", + "ids": [ + "name", + "id", + "scope" + ] + }, + "aws-native:wafv2:getWebAcl": { + "cf": "AWS::WAFv2::WebACL", + "ids": [ + "name", + "id", + "scope" + ] + }, + "aws-native:wisdom:getAssistant": { + "cf": "AWS::Wisdom::Assistant", + "ids": [ + "assistantId" + ] + }, + "aws-native:wisdom:getAssistantAssociation": { + "cf": "AWS::Wisdom::AssistantAssociation", + "ids": [ + "assistantAssociationId", + "assistantId" + ] + }, + "aws-native:wisdom:getKnowledgeBase": { + "cf": "AWS::Wisdom::KnowledgeBase", + "ids": [ + "knowledgeBaseId" + ] + }, + "aws-native:workspaces:getConnectionAlias": { + "cf": "AWS::WorkSpaces::ConnectionAlias", + "ids": [ + "aliasId" + ] + }, + "aws-native:workspaces:getWorkspacesPool": { + "cf": "AWS::WorkSpaces::WorkspacesPool", + "ids": [ + "poolId" + ] + }, + "aws-native:workspacesthinclient:getEnvironment": { + "cf": "AWS::WorkSpacesThinClient::Environment", + "ids": [ + "id" + ] + }, + "aws-native:workspacesweb:getBrowserSettings": { + "cf": "AWS::WorkSpacesWeb::BrowserSettings", + "ids": [ + "browserSettingsArn" + ] + }, + "aws-native:workspacesweb:getIdentityProvider": { + "cf": "AWS::WorkSpacesWeb::IdentityProvider", + "ids": [ + "identityProviderArn" + ] + }, + "aws-native:workspacesweb:getIpAccessSettings": { + "cf": "AWS::WorkSpacesWeb::IpAccessSettings", + "ids": [ + "ipAccessSettingsArn" + ] + }, + "aws-native:workspacesweb:getNetworkSettings": { + "cf": "AWS::WorkSpacesWeb::NetworkSettings", + "ids": [ + "networkSettingsArn" + ] + }, + "aws-native:workspacesweb:getPortal": { + "cf": "AWS::WorkSpacesWeb::Portal", + "ids": [ + "portalArn" + ] + }, + "aws-native:workspacesweb:getTrustStore": { + "cf": "AWS::WorkSpacesWeb::TrustStore", + "ids": [ + "trustStoreArn" + ] + }, + "aws-native:workspacesweb:getUserAccessLoggingSettings": { + "cf": "AWS::WorkSpacesWeb::UserAccessLoggingSettings", + "ids": [ + "userAccessLoggingSettingsArn" + ] + }, + "aws-native:workspacesweb:getUserSettings": { + "cf": "AWS::WorkSpacesWeb::UserSettings", + "ids": [ + "userSettingsArn" + ] + }, + "aws-native:xray:getGroup": { + "cf": "AWS::XRay::Group", + "ids": [ + "groupArn" + ] + }, + "aws-native:xray:getResourcePolicy": { + "cf": "AWS::XRay::ResourcePolicy", + "ids": [ + "policyName" + ] + }, + "aws-native:xray:getSamplingRule": { + "cf": "AWS::XRay::SamplingRule", + "ids": [ + "ruleArn" + ] + } + } +} \ No newline at end of file diff --git a/src/aws-resource-mappings.ts b/src/aws-resource-mappings.ts index 7ad37358..d485ee8c 100644 --- a/src/aws-resource-mappings.ts +++ b/src/aws-resource-mappings.ts @@ -49,7 +49,7 @@ export function mapToAwsResource( rawProps: any, options: pulumi.ResourceOptions, ): ResourceMapping | undefined { - const props = normalize(rawProps); + const props = normalize(typeName, rawProps); switch (typeName) { // ApiGatewayV2 case 'AWS::ApiGatewayV2::Integration': diff --git a/src/cfn-resource-mappings.ts b/src/cfn-resource-mappings.ts index 75968bb3..259495f3 100644 --- a/src/cfn-resource-mappings.ts +++ b/src/cfn-resource-mappings.ts @@ -13,7 +13,7 @@ // limitations under the License. import * as pulumi from '@pulumi/pulumi'; -import { iam, lambda, s3, s3objectlambda } from '@pulumi/aws-native'; +import { s3 } from '@pulumi/aws-native'; import { CfnElement, Token, Reference, Tokenization } from 'aws-cdk-lib'; import { CfnResource, ResourceMapping, normalize } from './interop'; import { debug } from '@pulumi/pulumi/log'; @@ -26,84 +26,13 @@ export function mapToCfnResource( rawProps: any, options: pulumi.ResourceOptions, ): ResourceMapping { - const props = normalize(rawProps); + const props = normalize(typeName, rawProps); debug(`mapToCfnResource typeName: ${typeName} props: ${JSON.stringify(props)}`); switch (typeName) { - case 'AWS::IAM::Role': { - // policyDocument and assumeRolePolicyDocument are both Json types - // so we need the raw names - return new iam.Role( - logicalId, - { - ...props, - policies: - rawProps.Policies === undefined - ? undefined - : rawProps.Policies.flatMap((policy: any) => { - return { - policyName: policy.PolicyName, - policyDocument: policy.PolicyDocument, - }; - }), - assumeRolePolicyDocument: rawProps.AssumeRolePolicyDocument, - }, - options, - ); - } - case 'AWS::Lambda::Function': - // The Environment.Variables property is a Json type so we need - // the raw names - return new lambda.Function( - logicalId, - { - ...props, - environment: - rawProps.Environment === undefined ? undefined : { variables: rawProps.Environment.Variables }, - }, - options, - ); - case 'AWS::S3::AccessPoint': - // the policy property is a Json type so we need the raw names - return new s3.AccessPoint( - logicalId, - { - ...props, - policy: rawProps.Policy, - }, - options, - ); case 'AWS::S3::Bucket': // Lowercase the bucket name to comply with the Bucket resource's naming constraints, which only allow // lowercase letters. return new s3.Bucket(logicalId.toLowerCase(), props, options); - case 'AWS::S3ObjectLambda::AccessPoint': { - const transformations = rawProps.ObjectLambdaConfiguration.TransformationConfigurations; - return new s3objectlambda.AccessPoint( - logicalId, - { - name: props.name, - objectLambdaConfiguration: { - allowedFeatures: props.objectLambdaConfiguration.allowedFeatures, - cloudWatchMetricsEnabled: props.objectLambdaConfiguration.cloudWatchMetricsEnabled, - supportingAccessPoint: props.objectLambdaConfiguration.supportingAccessPoint, - transformationConfigurations: - transformations === undefined - ? undefined - : transformations.map((config: any) => ({ - actions: config.Actions, - contentTransformation: { - awsLambda: { - functionArn: config.ContentTransformation.AwsLambda.FunctionArn, - // functionPayload is a Json type so we need the raw value - functionPayload: config.ContentTransformation.AwsLambda.FunctionPayload, - }, - }, - })), - }, - }, - options, - ); - } default: { // Scrape the attributes off of the construct. // diff --git a/src/interop.ts b/src/interop.ts index 7a62676a..29b6a9e2 100644 --- a/src/interop.ts +++ b/src/interop.ts @@ -12,11 +12,14 @@ // See the License for the specific language governing permissions and // limitations under the License. -import * as cdk from 'aws-cdk-lib'; import * as pulumi from '@pulumi/pulumi'; import { debug } from '@pulumi/pulumi/log'; import { IConstruct } from 'constructs'; import { toSdkName, typeToken } from './naming'; +import * as path from 'path'; +import * as fs from 'fs'; + +const glob = global as any; export function firstToLower(str: string) { return str.replace(/\w\S*/g, function (txt) { @@ -24,13 +27,251 @@ export function firstToLower(str: string) { }); } -export function normalize(value: any): any { +class UnknownCfnType extends Error { + constructor() { + super("CfnType doesn't exist as a native type"); + } +} + +export class Metadata { + public static instance(): Metadata { + if (glob.__pulumiMetadata == undefined) { + glob.__pulumiMetadata = new Metadata(); + } + return glob.__pulumiMetadata; + } + private readonly pulumiMetadata: PulumiMetadata; + constructor() { + this.pulumiMetadata = readMetadata(); + } + + /** + * Finds a specific resource in the metadata. Throws an UnknownCfnType error + * if one is not found (probably means it is a classic type). + * + * @param cfnType The CloudFormation type i.e. AWS::S3::Bucket + * @param metadata The PulumiMetadata to search + * @returns The PulumiResource + * @throws UnknownCfnType if the resource is not found + */ + public findResource(cfnType: string): PulumiResource { + const pType = typeToken(cfnType); + if (pType in this.pulumiMetadata.resources) { + return this.pulumiMetadata.resources[pType]; + } + throw new UnknownCfnType(); + } + + public types(): { [key: string]: PulumiType } { + return this.pulumiMetadata.types; + } +} + +/** + * If a property is a JSON type then we need provide + * the value as is, without further processing. + */ +enum NativeType { + /** + * The type is a json type and should be left as is + */ + JSON = 'JSON', + /** + * The type is not a json type and should be processed + */ + NON_JSON = 'NON_JSON', +} + +/** + * Pulumi metadata.json schema. The real schema is a lot more detailed, + * but we only need pieces of the schema for our purposes + */ +export interface PulumiMetadata { + /** + * The Pulumi resource schemas + */ + resources: { [key: string]: PulumiResource }; + + /** + * The Pulumi types + */ + types: { [key: string]: PulumiType }; +} + +/** + * The Pulumi types. The type schema has a lot more attributes, + * but for our purposes we only need the properties + */ +interface PulumiType { + /** + * The properties of a type + */ + properties: { [key: string]: PulumiProperty }; +} + +/** + * The schema for the array items property + */ +interface PulumiPropertyItems { + /** + * A reference to another type + */ + $ref?: string; + + /** + * The simple type (i.e. string, number, etc) + */ + type?: string; +} + +/** + * The schema for an individual property on a resource + */ +interface PulumiProperty extends PulumiPropertyItems { + /** + * If the property is an array then it will have an items property + */ + items?: PulumiPropertyItems; +} + +interface PulumiResource { + inputs: { [key: string]: PulumiProperty }; +} + +/** + * Read the aws-native metadata.json file + * + * @returns the PulumiMetadata + */ +function readMetadata(): PulumiMetadata { + const contents = fs.readFileSync(path.join(__dirname, '../schemas/metadata.json'), { encoding: 'utf-8' }); + const metadata: PulumiMetadata = JSON.parse(contents); + return metadata; +} + +/** + * Process an individual metadata property. + * Either return the concrete type or the referenced type + * We always just fallback to NON_JSON which will cause `normalize` to just process + * the property without any special logic + * + * @param lastProp whether the property is the final key being processed (for nested properties) + * @param property The property to process + * @param types The pulumi metadata types + * @returns either the NativeType if found or the nested property type + */ +function processMetadataProperty( + lastProp: boolean, + property: PulumiProperty, + types: { [key: string]: PulumiType }, +): { + nativeType?: NativeType; + meta?: { [key: string]: PulumiProperty }; +} { + switch (true) { + case property.type !== undefined && property.$ref === undefined: + if (property.type === 'object') { + return { nativeType: NativeType.JSON }; + } + if (property.type === 'array') { + return processMetadataProperty(lastProp, property.items!, types); + } + return { nativeType: NativeType.NON_JSON }; + case property.$ref === 'pulumi.json#/Any': + return { nativeType: NativeType.JSON }; + case property.$ref?.startsWith('pulumi.'): + return { nativeType: NativeType.NON_JSON }; + case lastProp: + return { nativeType: NativeType.NON_JSON }; + case property.$ref?.startsWith('#/types/aws-native:'): { + const ref = property.$ref!.slice(8); + if (ref && ref in types) { + return { meta: types[ref].properties }; + } + } + } + return { nativeType: NativeType.NON_JSON }; +} + +/** + * Determines whether or not the property in question is a JSON type of not. + * If the property is a nested property then the `propName` will contain all the parent + * properties so that the correct nested type can be found + * + * @param properties The resource properties + * @param propName the property name as a list containing parent property names + * @param types The pulumi types + * @returns true if the property is a JSON type and should not be normalized + */ +function isJsonType( + propName: string[], + properties: { [key: string]: PulumiProperty }, + types: { [key: string]: PulumiType }, +): boolean { + let props = properties; + for (let i = 0; i < propName.length; i++) { + const prop = toSdkName(propName[i]); + if (prop in props) { + const metaProp = props[prop]; + const { nativeType, meta } = processMetadataProperty(i + 1 === propName.length, metaProp, types); + if (nativeType === NativeType.JSON) { + return true; + } + props = meta!; + } + } + return false; +} + +/** + * Recursively normalizes object types, with special handling for JSON types (which should not be normalized) + * + * @param cfnType The CloudFormation resource type being normalized (e.g. AWS::S3::Bucket) + * @param key the property key as a list (including parent property names for nested properties) + * @param value the value to normalize + * @returns the normalized property value + */ +function normalizeObject(cfnType: string, key: string[], value: any): any { + if (!value) return value; + if (Array.isArray(value)) { + const result: any[] = []; + for (let i = 0; i < value.length; i++) { + result[i] = normalizeObject(cfnType, key, value[i]); + } + return result; + } + + if (typeof value !== 'object' || pulumi.Output.isInstance(value) || value instanceof Promise) { + return value; + } + + const result: any = {}; + try { + const resource = Metadata.instance().findResource(cfnType); + if (isJsonType(key, resource.inputs, Metadata.instance().types())) { + return value; + } + + Object.entries(value).forEach(([k, v]) => { + result[toSdkName(k)] = normalizeObject(cfnType, [...key, k], v); + }); + return result; + } catch (e) { + // if there is an error just fall back to original processing + Object.entries(value).forEach(([k, v]) => { + result[toSdkName(k)] = normalizeObject(cfnType, [...key, k], v); + }); + return result; + } +} + +export function normalize(cfnType: string, value: any): any { if (!value) return value; if (Array.isArray(value)) { const result: any[] = []; for (let i = 0; i < value.length; i++) { - result[i] = normalize(value[i]); + result[i] = normalize(cfnType, value[i]); } return result; } @@ -41,7 +282,7 @@ export function normalize(value: any): any { const result: any = {}; Object.entries(value).forEach(([k, v]) => { - result[toSdkName(k)] = normalize(v); + result[toSdkName(k)] = normalizeObject(cfnType, [k], v); }); return result; } @@ -95,26 +336,3 @@ export class CdkConstruct extends pulumi.ComponentResource { this.registerOutputs({}); } } - -export class CdkComponent extends pulumi.ComponentResource { - constructor(name: string, args: (stack: cdk.Stack) => void, opts?: pulumi.CustomResourceOptions) { - super('cdk:index:Component', name, args, opts); - - const app = new cdk.App(); - const stack = new cdk.Stack(app); - args(stack); - - //debugger; - const template = app.synth().getStackByName(stack.stackName).template; - console.debug(`template: ${JSON.stringify(template)}`); - const resources = template.Resources; - - Object.entries(resources).forEach(([key, value]) => { - const typeName = (value as any).Type; - const sourceProps = (value as any).Properties; - console.debug(`resource[${key}] Type:${typeName} props: ${sourceProps}`); - opts = opts || { parent: this }; - new CfnResource(key, typeName, normalize(sourceProps), [], opts); - }); - } -} diff --git a/tests/cfn-resource-mappings.test.ts b/tests/cfn-resource-mappings.test.ts index 6bf32106..cb1f1e1a 100644 --- a/tests/cfn-resource-mappings.test.ts +++ b/tests/cfn-resource-mappings.test.ts @@ -82,9 +82,7 @@ describe('Cfn Resource Mappings', () => { ContentTransformation: { AwsLambda: { FunctionArn: 'arn', - FunctionPayload: { - Key: 'value', - }, + FunctionPayload: '{ "Key": "value" }', }, }, }, @@ -103,23 +101,18 @@ describe('Cfn Resource Mappings', () => { {}, ); // THEN - expect(aws.s3objectlambda.AccessPoint).toHaveBeenCalledWith( + expect(CustomResource).toHaveBeenCalledWith( + 'aws-native:s3objectlambda:AccessPoint', logicalId, { - name: undefined, objectLambdaConfiguration: { - allowedFeatures: undefined, - cloudWatchMetricsEnabled: undefined, - supportingAccessPoint: undefined, transformationConfigurations: [ { actions: ['abc'], contentTransformation: { awsLambda: { functionArn: 'arn', - functionPayload: { - Key: 'value', - }, + functionPayload: '{ "Key": "value" }', }, }, }, @@ -153,7 +146,8 @@ describe('Cfn Resource Mappings', () => { {}, ); // THEN - expect(aws.lambda.Function).toHaveBeenCalledWith( + expect(CustomResource).toHaveBeenCalledWith( + 'aws-native:lambda:Function', logicalId, { environment: { @@ -214,7 +208,8 @@ describe('Cfn Resource Mappings', () => { {}, ); // THEN - expect(aws.iam.Role).toHaveBeenCalledWith( + expect(CustomResource).toHaveBeenCalledWith( + 'aws-native:iam:Role', logicalId, { description: 'desc', @@ -283,7 +278,8 @@ describe('Cfn Resource Mappings', () => { {}, ); // THEN - expect(aws.s3.AccessPoint).toHaveBeenCalledWith( + expect(CustomResource).toHaveBeenCalledWith( + 'aws-native:s3:AccessPoint', logicalId, { policy: { diff --git a/tests/naming.test.ts b/tests/naming.test.ts index 5fb5182c..051df455 100644 --- a/tests/naming.test.ts +++ b/tests/naming.test.ts @@ -35,7 +35,7 @@ describe('Naming tests', () => { ]; for (const c of cases) { - expect(normalize(c.in)).toMatchObject(c.out); + expect(normalize('', c.in)).toMatchObject(c.out); } }); test('typeToken', () => { @@ -219,4 +219,20 @@ describe('Naming tests', () => { expect(e).toEqual(c.expectedEnd); } }); + test('json string', () => { + const val = { + SomeProp: 'value', + SomeOtherProp: '{"SomeKey":"SomeVal"}', + }; + const newVal = Object.entries(val).reduce( + (result, [k, v]) => ({ + ...result, + [k]: v, + }), + {}, + ); + expect(typeof newVal['SomeOtherProp']).toEqual('string'); + const actual = normalize('', '{"SomeKey":"SomeValue"}'); + expect(actual).toEqual('{"SomeKey":"SomeValue"}'); + }); });